picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #12508 from keszybz/no-root-checks

Browse source 
Drop many root checks
This commit is contained in:
Yu Watanabe 2019-06-06 21:31:19 +09:00 committed by GitHub
parent c0d11245d2 97afc0351a
commit 042526868a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 33 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/boot/bless-boot.c
View file

@ -480,13 +480,12 @@ exists:
}
static int run(int argc, char *argv[]) {
static const Verb verbs[] = {
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "good", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_set },
{ "bad", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_set },
{ "indeterminate", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_set },
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "good", VERB_ANY, 1, 0, verb_set },
{ "bad", VERB_ANY, 1, 0, verb_set },
{ "indeterminate", VERB_ANY, 1, 0, verb_set },
{}
};

17
src/boot/bootctl.c
View file

@ -1435,16 +1435,15 @@ static int verb_set_default(int argc, char *argv[], void *userdata) {
}
static int bootctl_main(int argc, char *argv[]) {
static const Verb verbs[] = {
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "install", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
{ "update", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
{ "remove", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_remove },
{ "list", VERB_ANY, 1, 0, verb_list },
{ "set-default", 2, 2, VERB_MUST_BE_ROOT, verb_set_default },
{ "set-oneshot", 2, 2, VERB_MUST_BE_ROOT, verb_set_default },
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
{ "install", VERB_ANY, 1, 0, verb_install },
{ "update", VERB_ANY, 1, 0, verb_install },
{ "remove", VERB_ANY, 1, 0, verb_remove },
{ "list", VERB_ANY, 1, 0, verb_list },
{ "set-default", 2, 2, 0, verb_set_default },
{ "set-oneshot", 2, 2, 0, verb_set_default },
{}
};

8
src/shared/verbs.c
View file

@ -50,7 +50,7 @@ int dispatch_verb(int argc, char *argv[], const Verb verbs[], void *userdata) {
const Verb *verb;
const char *name;
unsigned i;
int left, r;
int left;
assert(verbs);
assert(verbs[0].dispatch);
@ -109,12 +109,6 @@ int dispatch_verb(int argc, char *argv[], const Verb verbs[], void *userdata) {
return 0;
}
if (verb->flags & VERB_MUST_BE_ROOT) {
r = must_be_root();
if (r < 0)
return r;
}
if (name)
return verb->dispatch(left, argv, userdata);
else {

1
src/shared/verbs.h
View file

@ -8,7 +8,6 @@
typedef enum VerbFlags {
VERB_DEFAULT = 1 << 0,
VERB_ONLINE_ONLY = 1 << 1,
VERB_MUST_BE_ROOT = 1 << 2,
} VerbFlags;
typedef struct {

18
src/systemctl/systemctl.c
View file

@ -1942,6 +1942,7 @@ static void output_machines_list(struct machine_info *machine_infos, unsigned n)
statelen = STRLEN("STATE"),
failedlen = STRLEN("FAILED"),
jobslen = STRLEN("JOBS");
bool state_missing;
assert(machine_infos || n == 0);
@ -1952,7 +1953,7 @@ static void output_machines_list(struct machine_info *machine_infos, unsigned n)
failedlen = MAX(failedlen, DECIMAL_STR_WIDTH(m->n_failed_units));
jobslen = MAX(jobslen, DECIMAL_STR_WIDTH(m->n_jobs));
if (!arg_plain && !streq_ptr(m->state, "running"))
if (!arg_plain && m->state && !streq(m->state, "running"))
circle_len = 2;
}
@ -1991,9 +1992,12 @@ static void output_machines_list(struct machine_info *machine_infos, unsigned n)
if (circle_len > 0)
printf("%s%s%s ", on_state, circle ? special_glyph(SPECIAL_GLYPH_BLACK_CIRCLE) : " ", off_state);
if (!m->state)
state_missing = true;
if (m->is_host)
printf("%-*s (host) %s%-*s%s %s%*" PRIu32 "%s %*" PRIu32 "\n",
(int) (namelen - (STRLEN(" (host)"))),
(int) (namelen - strlen(" (host)")),
strna(m->name),
on_state, statelen, strna(m->state), off_state,
on_failed, failedlen, m->n_failed_units, off_failed,
@ -2006,8 +2010,12 @@ static void output_machines_list(struct machine_info *machine_infos, unsigned n)
jobslen, m->n_jobs);
}
if (!arg_no_legend)
printf("\n%u machines listed.\n", n);
if (!arg_no_legend) {
printf("\n");
if (state_missing && geteuid() != 0)
printf("Notice: some information only available to privileged users was not shown.\n");
printf("%u machines listed.\n", n);
}
}
static int list_machines(int argc, char *argv[], void *userdata) {
@ -8876,7 +8884,7 @@ static int systemctl_main(int argc, char *argv[]) {
{ "list-sockets", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_sockets },
{ "list-timers", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_timers },
{ "list-jobs", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_jobs },
{ "list-machines", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY|VERB_MUST_BE_ROOT, list_machines },
{ "list-machines", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, list_machines },
{ "clear-jobs", VERB_ANY, 1, VERB_ONLINE_ONLY, trivial_method },
{ "cancel", VERB_ANY, VERB_ANY, VERB_ONLINE_ONLY, cancel_job },
{ "start", 2, VERB_ANY, VERB_ONLINE_ONLY, start_unit },

4
src/udev/udevadm-control.c
View file

@ -73,10 +73,6 @@ int control_main(int argc, char *argv[], void *userdata) {
{}
};
r = must_be_root();
if (r < 0)
return r;
if (running_in_chroot() > 0) {
log_info("Running in chroot, ignoring request.");
return 0;

15
src/udev/udevadm-trigger.c
View file

@ -25,7 +25,7 @@ static bool arg_dry_run = false;
static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_set) {
sd_device *d;
int r;
int r, ret = 0;
FOREACH_DEVICE_AND_SUBSYSTEM(e, d) {
_cleanup_free_ char *filename = NULL;
@ -45,7 +45,10 @@ static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_se
r = write_string_file(filename, action, WRITE_STRING_FILE_DISABLE_BUFFER);
if (r < 0) {
log_debug_errno(r, "Failed to write '%s' to '%s', ignoring: %m", action, filename);
log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r,
"Failed to write '%s' to '%s': %m", action, filename);
if (ret == 0 && r != -ENOENT)
ret = r;
continue;
}
@ -56,7 +59,7 @@ static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_se
}
}
return 0;
return ret;
}
static int device_monitor_handler(sd_device_monitor *m, sd_device *dev, void *userdata) {
@ -301,12 +304,6 @@ int trigger_main(int argc, char *argv[], void *userdata) {
}
}
if (!arg_dry_run || ping) {
r = must_be_root();
if (r < 0)
return r;
}
if (ping) {
_cleanup_(udev_ctrl_unrefp) struct udev_ctrl *uctrl = NULL;