picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src/test
History
Lennart Poettering d3dcf4e3b9 fileio: beef up READ_FULL_FILE_CONNECT_SOCKET to allow setting sender socket name 
This beefs up the READ_FULL_FILE_CONNECT_SOCKET logic of
read_full_file_full() a bit: when used a sender socket name may be
specified. If specified as NULL behaviour is as before: the client
socket name is picked by the kernel. But if specified as non-NULL the
client can pick a socket name to use when connecting. This is useful to
communicate a minimal amount of metainformation from client to server,
outside of the transport payload.

Specifically, these beefs up the service credential logic to pass an
abstract AF_UNIX socket name as client socket name when connecting via
READ_FULL_FILE_CONNECT_SOCKET, that includes the requesting unit name
and the eventual credential name. This allows servers implementing the
trivial credential socket logic to distinguish clients: via a simple
getpeername() it can be determined which unit is requesting a
credential, and which credential specifically.

Example: with this patch in place, in a unit file "waldo.service" a
configuration line like the following:

    LoadCredential=foo:/run/quux/creds.sock

will result in a connection to the AF_UNIX socket /run/quux/creds.sock,
originating from an abstract namespace AF_UNIX socket:

    @$RANDOM/unit/waldo.service/foo

(The $RANDOM is replaced by some randomized string. This is included in
the socket name order to avoid namespace squatting issues: the abstract
socket namespace is open to unprivileged users after all, and care needs
to be taken not to use guessable names)

The services listening on the /run/quux/creds.sock socket may thus
easily retrieve the name of the unit the credential is requested for
plus the credential name, via a simpler getpeername(), discarding the
random preifx and the /unit/ string.

This logic uses "/" as separator between the fields, since both unit
names and credential names appear in the file system, and thus are
designed to use "/" as outer separators. Given that it's a good safe
choice to use as separators here, too avoid any conflicts.

This is a minimal patch only: the new logic is used only for the unit
file credential logic. For other places where we use
READ_FULL_FILE_CONNECT_SOCKET it is probably a good idea to use this
scheme too, but this should be done carefully in later patches, since
the socket names become API that way, and we should determine the right
amount of info to pass over.
2020-11-03 09:48:04 +01:00
..
generate-sym-test.py journal: properly mark two definitions that are deprecated with GCC attributes for that 2020-01-31 15:02:00 +01:00
meson.build Merge pull request #17399 from afq984/udev-escaped-string 2020-10-30 09:52:45 +09:00
test-acl-util.c test-acl-util: skip test if /tmp doesn't do ACLs 2020-09-12 08:12:36 +02:00
test-af-list.c tree-wide: drop string.h when string-util.h or friends are included 2019-11-04 00:30:32 +09:00
test-alloc-util.c Fix clang-11 issues 2020-07-26 11:32:06 +02:00
test-architecture.c
test-arphrd-list.c basic/arphrd: stop discriminating against NETROM and CISCO 2019-09-25 12:17:51 +02:00
test-ask-password-api.c shared/ask-password-api: show "(press TAB for no echo)" 2020-02-06 10:51:24 +01:00
test-async.c headers: remove unneeded includes from util.h 2019-03-27 11:53:12 +01:00
test-barrier.c headers: remove unneeded includes from util.h 2019-03-27 11:53:12 +01:00
test-bitmap.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-boot-timestamps.c test: Skip test-boot-timestamps on permission denied 2020-05-06 22:01:50 +02:00
test-bpf-devices.c tree-wide: avoid some loaded terms 2020-06-25 09:00:19 +02:00
test-bpf-firewall.c tests: move unit files to units/ subdirectory 2020-03-19 16:23:27 +01:00
test-btrfs.c tree-wide: fix spelling of lookup and setup verbs 2020-03-03 15:02:53 +01:00
test-bus-util.c
test-calendarspec.c basic/time-util: add function to format timestamps with different styles 2020-08-19 15:30:13 +01:00
test-cap-list.c basic/cap-list: reduce scope of variables 2020-07-10 16:55:24 +02:00
test-capability.c basic/missing_capability: clean up our defines and check that our fallback is up-to-date 2020-08-27 20:20:23 +02:00
test-cgroup-cpu.c
test-cgroup-mask.c cgroup: Reduce unit_get_ancestor_disable_mask use 2020-08-19 11:41:53 +02:00
test-cgroup-setup.c tests: various small fixes for strict systems 2020-04-26 20:18:48 +02:00
test-cgroup-unit-default.c tests: Fix description of test units 2020-06-02 18:59:47 +02:00
test-cgroup-util.c test-cgroup-util: Handle result=NULL as empty string 2020-07-29 15:36:38 +02:00
test-cgroup.c test-cgroup: skip if /sys/fs/cgroup unknown fs 2020-04-25 10:00:43 +02:00
test-chase-symlinks.c log: introduce log_parse_environment_cli() and log_setup_cli() 2020-06-24 16:49:26 +02:00
test-chown-rec.c core: drop suid/sgid bit of files/dirs when doing recursive chown 2019-03-26 08:29:37 +01:00
test-clock.c Fix clang-11 issues 2020-07-26 11:32:06 +02:00
test-condition.c Move {uid,gid}_is_*() from basic to shared 2020-09-25 17:18:56 +02:00
test-conf-files.c basic/conf-files: make conf_files_list() take just a single directory 2019-09-16 09:15:05 +02:00
test-conf-parser.c conf-parser: return mtime in config_parse() and friends 2020-06-02 19:32:20 +02:00
test-copy.c copy: optionally, reproduce hardlinks from source in destination 2020-09-09 20:21:29 +02:00
test-coredump-util.c Add parser and printer for coredump filter mask 2020-04-09 12:51:41 +02:00
test-cpu-set-util.c core: add support for setting CPUAffinity= to special "numa" value 2020-03-16 08:57:28 +01:00
test-daemon.c headers: remove unneeded includes from util.h 2019-03-27 11:53:12 +01:00
test-date.c basic/time-util: add function to format timestamps with different styles 2020-08-19 15:30:13 +01:00
test-dev-setup.c nspawn,pid1: pass "inaccessible" nodes from cntr mgr to pid1 payload via /run/host 2020-08-20 10:17:52 +02:00
test-device-nodes.c
test-dlopen.c
test-dns-domain.c dns-domain: add helper that checks whether domain is dot suffixed 2020-09-29 12:09:16 +02:00
test-ellipsize.c
test-emergency-action.c
test-engine.c tests: move unit files to units/ subdirectory 2020-03-19 16:23:27 +01:00
test-env-file.c test: use pclose() for popen() 2020-09-14 22:32:52 +02:00
test-env-util.c Revert "basic/env-util: (mostly) follow POSIX for what variable names are allowed" 2020-10-23 15:07:07 +02:00
test-escape.c shared/escape: add new escape style with \n\t escaped 2020-04-09 09:58:10 +02:00
test-exec-util.c tests: various small fixes for strict systems 2020-04-26 20:18:48 +02:00
test-execute.c tests: add helper function to autodetect CI environments 2020-10-22 13:16:26 +02:00
test-exit-status.c tree-wide: various code-formatting improvements 2019-09-22 07:17:27 +02:00
test-extract-word.c test-string-util,test-extract-word: add log headers 2020-09-04 12:59:25 +02:00
test-fd-util.c test-fd-util: add test case for close_all_fd() 2020-10-14 10:40:32 +02:00
test-fdset.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-fileio.c fileio: beef up READ_FULL_FILE_CONNECT_SOCKET to allow setting sender socket name 2020-11-03 09:48:04 +01:00
test-firewall-util.c
test-format-table.c format-table: add TABLE_STRV_WRAPPED 2020-10-22 13:20:40 +02:00
test-format-util.c test: fix argument type of test_format_bytes_one() 2019-06-27 10:31:55 +09:00
test-fs-util.c fs-util: drop chmod_and_chown_unsafe() which is unused now 2020-09-23 18:00:19 +02:00
test-fstab-util.c fstab,crypttab: allow escaping of commas 2020-09-25 13:36:34 +02:00
test-gcrypt-util.c
test-glob-util.c tree-wide: drop glob.h when glob-util.h is included 2019-11-04 00:30:32 +09:00
test-hash.c
test-hashmap-ordered.awk
test-hashmap-plain.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-hashmap.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-hexdecoct.c
test-hostname-util.c Add %l as specifier for the hostname without any domain component 2020-05-07 17:36:44 +02:00
test-hostname.c
test-id128.c id128: introduce ID128_UUID_STRING_MAX for sizing UUID buffers 2019-12-10 11:56:18 +01:00
test-in-addr-util.c test-in-addr-util: add log headers 2020-09-10 00:46:44 +02:00
test-install-root.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-install.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-io-util.c
test-ip-protocol-list.c
test-ipcrm.c test-ipcrm: modernize, skip test on permission errors 2020-10-20 18:06:28 +02:00
test-job-type.c core: add helper function to check job status 2019-10-01 15:05:27 +02:00
test-journal-importer.c tests: move unit files to units/ subdirectory 2020-03-19 16:23:27 +01:00
test-json.c test-json: add function headers 2020-09-01 16:48:40 +02:00
test-libcrypt-util.c test-libcrypt-util: before doing anything check what methods are available 2020-09-15 11:52:30 +02:00
test-libmount.c Add helper function for mnt_table_parse_{stream,mtab} 2019-04-23 23:29:29 +02:00
test-libudev.c tree-wide: assorted coccinelle fixes 2020-10-09 15:02:23 +02:00
test-list.c basic/list: add LIST_JOIN helper 2020-07-29 17:12:45 +01:00
test-load-fragment.c Revert "basic/env-util: (mostly) follow POSIX for what variable names are allowed" 2020-10-23 15:07:07 +02:00
test-local-addresses.c netlink: move local-addresses.[ch] to src/shared 2019-07-24 09:06:50 +02:00
test-locale-util.c locale-util: add support for touch emoji 2020-07-01 11:17:27 +02:00
test-log.c basic/log: add a define for path relative to source root 2019-07-04 10:27:19 +02:00
test-loop-block.c test: add heavy load loopback block device test 2020-10-22 15:10:03 +02:00
test-loopback.c
test-mount-util.c
test-mountpoint-util.c test-mountpoint-util: run test in private mount namespace 2020-10-21 09:18:35 +02:00
test-namespace.c tree-wide: coccinelle fixes 2020-10-04 12:32:21 +02:00
test-netlink-manual.c tree-wide: drop libkmod.h when module-util.h is included 2019-11-04 00:30:32 +09:00
test-ns.c core: hide /run/credentials whenever namespacing is requested 2020-08-25 19:45:38 +02:00
test-nscd-flush.c
test-nss.c test-nss: do not assume all symbols are defined 2020-08-05 10:49:46 +02:00
test-offline-passwd.c Move offline-password.[ch] to shared and add test-offline-passwd 2020-07-18 14:14:19 +02:00
test-ordered-set.c test-ordered-set: add a case where we get 0 for duplicate entries 2020-07-23 15:47:21 +02:00
test-os-util.c
test-parse-util.c parse-util: add parse_loadavg_fixed_point 2020-10-07 16:17:24 -07:00
test-path-lookup.c test: Add test for setting generator paths via environment 2020-03-04 11:25:14 +01:00
test-path-util.c basic/path-util: enhance find_executable() for the fixed path case 2020-09-18 15:28:48 +02:00
test-path.c test-path: relax test in "ci" and "release" modes 2020-10-22 13:16:26 +02:00
test-pretty-print.c codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
test-prioq.c tree-wide: use _cleanup_set_free_ where appropriate 2020-05-06 17:08:17 +02:00
test-proc-cmdline.c tests: various small fixes for strict systems 2020-04-26 20:18:48 +02:00
test-process-util.c tree-wide: more repeated words 2020-07-07 12:08:22 +02:00
test-procfs-util.c tests: various small fixes for strict systems 2020-04-26 20:18:48 +02:00
test-psi-util.c shared: helpers to read pressure stats from cgroups 2020-10-07 16:17:24 -07:00
test-qrcode-util.c test: add a simple test for the qr printing code 2020-10-27 18:33:29 +01:00
test-random-util.c random-util: make use of GRND_INSECURE when it is defined 2020-05-10 11:15:16 +02:00
test-ratelimit.c Drop RATELIMIT macros 2019-09-20 16:05:53 +02:00
test-replace-var.c headers: remove unneeded includes from util.h 2019-03-27 11:53:12 +01:00
test-rlimit-util.c tree-wide: drop missing.h 2019-10-31 17:57:03 +09:00
test-rm-rf.c rm-rf: add new flag REMOVE_CHMOD 2020-08-25 18:39:45 +02:00
test-sched-prio.c tests: move unit files to units/ subdirectory 2020-03-19 16:23:27 +01:00
test-sd-hwdb.c tree-wide: use the usual SPDX header for our own files 2020-10-29 10:47:20 +01:00
test-sd-path.c sd-path: handle case of missing runtime dir in test 2020-03-27 20:12:45 +01:00
test-seccomp.c test-seccomp: accept ENOSYS from sysctl(2) too 2020-09-24 17:02:20 +02:00
test-selinux.c
test-serialize.c
test-set-disable-mempool.c
test-set.c basic/set: add set_ensure_consume() 2020-06-24 10:38:15 +02:00
test-sigbus.c
test-signal-util.c tree-wide: drop signal.h when signal-util.h is included 2019-11-04 00:30:32 +09:00
test-siphash24.c
test-sizeof.c test-sizeof: print pointer sizes 2020-09-04 18:45:44 +02:00
test-sleep.c test-sleep: add more logging, show secure boot mode 2020-07-29 11:12:13 +02:00
test-socket-netlink.c Use sockaddr_un_set_path() in socket_address_parse() 2020-09-10 00:46:44 +02:00
test-socket-util.c basic: convert ifname_valid_full() to take flags and allow numeric interfaces 2020-09-10 00:46:44 +02:00
test-specifier.c test-specifier: add a simple test which prints "global" specifiers 2020-05-07 17:36:44 +02:00
test-stat-util.c test: accept that char device 0/0 can now be created witout privileges 2020-08-17 19:28:32 +02:00
test-static-destruct.c
test-strbuf.c tree-wide: drop string.h when string-util.h or friends are included 2019-11-04 00:30:32 +09:00
test-string-util.c test-string-util: stop testing FOREACH_WORD 2020-09-09 09:34:55 +02:00
test-strip-tab-ansi.c shared/logs-show: strip trailing carriage returns at EOL/EOF 2019-10-29 10:54:45 +01:00
test-strv.c basic/strv: allow escaping the separator in strv_join() 2020-09-25 13:36:34 +02:00
test-strxcpyx.c tree-wide: drop string.h when string-util.h or friends are included 2019-11-04 00:30:32 +09:00
test-sysctl-util.c shared/sysctl-util: normalize repeated slashes or dots to a single value 2020-01-30 10:48:27 +01:00
test-systemd-tmpfiles.py codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
test-tables.c core: add ManagedOOM*= properties to configure systemd-oomd on the unit 2020-10-07 16:17:23 -07:00
test-terminal-util.c basic/terminal-util: rename our replacement highlight-yellow and test both the original and replacement 2020-07-30 14:43:02 +02:00
test-time-util.c basic/time-util: add function to format timestamps with different styles 2020-08-19 15:30:13 +01:00
test-tmpfiles.c
test-udev-util.c udev: test udev_rule_parse_value() 2020-10-29 20:19:29 +08:00
test-udev.c mount-util: switch most mount_verbose() code over to not follow symlinks 2020-09-23 18:57:36 +02:00
test-uid-range.c
test-umask-util.c tests: add test for umask-util.h 2019-04-30 09:53:09 +02:00
test-umount.c tests: various small fixes for strict systems 2020-04-26 20:18:48 +02:00
test-unaligned.c
test-unit-file.c tree-wide: define iterator inside of the macro 2020-09-08 12:14:05 +02:00
test-unit-name.c unit-name: fix a potential memory leak 2020-07-06 17:13:37 +02:00
test-user-record.c sysusers: look at login.defs when setting the default range to allocate users 2020-10-01 19:53:45 +02:00
test-user-util.c user-util: add mangle_gecos() call for turning strings into fields suitable as GECOS fields 2020-08-07 17:36:11 +02:00
test-utf8.c shared/utf8: add utf8_is_valid_n() 2020-09-01 16:48:40 +02:00
test-util.c test: add test that validates that PTR_TO_INT(INT_TO_PTR()) covers whole int range 2020-10-07 09:40:09 +02:00
test-varlink.c tests: add varlink test 2019-05-09 14:14:20 -04:00
test-verbs.c headers: remove unneeded includes from util.h 2019-03-27 11:53:12 +01:00
test-watch-pid.c tests: move unit files to units/ subdirectory 2020-03-19 16:23:27 +01:00
test-watchdog.c
test-web-util.c
test-xattr-util.c
test-xdg-autostart.c xdg-autostart: ignore all empty entries in multi-string entries 2020-07-07 14:02:16 +02:00
test-xml.c