conf-parser: restrict .include usage

Disallow recursive .include, and make it unavailable in anything but
unit files.

TODO

@@ -100,10 +100,6 @@ Features:
      /lib/modules/$(uname -r)/modules.devname
   and apply ACLs to them if they have TAG=="uaccess" in udev rules.
 
-* matching against units is currently broken in journalctl. We really
-  need another AND level in the expressions,
-  i.e. sd_journal_add_conjunction().
-
 * add ConditionArchitecture= or so
 
 * teach ConditionKernelCommandLine= globs or regexes (in order to match foobar={no,0,off})
@@ -125,8 +121,6 @@ Features:
 
 * man: remove .include documentation, and instead push people to use .d/*.conf
 
-* disallow .include from included files
-
 * safe_atod() is too naive, as it is vulnerable to locale parameters, should be locale independent.
 
 * think about requeuing jobs when daemon-reload is issued? usecase:

src/bootchart/bootchart.c

@@ -124,7 +124,7 @@ static void parse_conf(void) {
                 return;
 
         r = config_parse(NULL, BOOTCHART_CONF, f,
-                         NULL, config_item_table_lookup, (void*) items, true, NULL);
+                         NULL, config_item_table_lookup, (void*) items, true, false, NULL);
         if (r < 0)
                 log_warning("Failed to parse configuration file: %s", strerror(-r));
 

src/core/load-dropin.c

@@ -200,7 +200,7 @@ int unit_load_dropin(Unit *u) {
         STRV_FOREACH(f, u->dropin_paths) {
                 r = config_parse(u->id, *f, NULL,
                                  UNIT_VTABLE(u)->sections, config_item_perf_lookup,
-                                 (void*) load_fragment_gperf_lookup, false, u);
+                                 (void*) load_fragment_gperf_lookup, false, false, u);
                 if (r < 0)
                         return r;
         }

src/core/load-fragment.c

@@ -2270,7 +2270,7 @@ static int load_from_path(Unit *u, const char *path) {
                 /* Now, parse the file contents */
                 r = config_parse(u->id, filename, f, UNIT_VTABLE(u)->sections,
                                  config_item_perf_lookup,
-                                 (void*) load_fragment_gperf_lookup, false, u);
+                                 (void*) load_fragment_gperf_lookup, false, true, u);
                 if (r < 0)
                         goto finish;
 

src/core/main.c

@@ -677,7 +677,7 @@ static int parse_config_file(void) {
                 return 0;
         }
 
-        r = config_parse(NULL, fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, NULL);
+        r = config_parse(NULL, fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, false, NULL);
         if (r < 0)
                 log_warning("Failed to parse configuration file: %s", strerror(-r));
 

src/journal/journald-server.c

@@ -1271,7 +1271,7 @@ static int server_parse_proc_cmdline(Server *s) {
 }
 
 static int server_parse_config_file(Server *s) {
-        static const char *fn = "/etc/systemd/journald.conf";
+        static const char fn[] = "/etc/systemd/journald.conf";
         _cleanup_fclose_ FILE *f = NULL;
         int r;
 
@@ -1287,7 +1287,7 @@ static int server_parse_config_file(Server *s) {
         }
 
         r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
-                         (void*) journald_gperf_lookup, false, s);
+                         (void*) journald_gperf_lookup, false, false, s);
         if (r < 0)
                 log_warning("Failed to parse configuration file: %s", strerror(-r));
 

src/login/logind.c

@@ -1683,13 +1683,12 @@ int manager_run(Manager *m) {
 }
 
 static int manager_parse_config_file(Manager *m) {
-        FILE *f;
-        const char *fn;
+        static const char fn[] = "/etc/systemd/logind.conf";
+        _cleanup_fclose_ FILE *f = NULL;
         int r;
 
         assert(m);
 
-        fn = "/etc/systemd/logind.conf";
         f = fopen(fn, "re");
         if (!f) {
                 if (errno == ENOENT)
@@ -1699,12 +1698,11 @@ static int manager_parse_config_file(Manager *m) {
                 return -errno;
         }
 
-        r = config_parse(NULL, fn, f, "Login\0", config_item_perf_lookup, (void*) logind_gperf_lookup, false, m);
+        r = config_parse(NULL, fn, f, "Login\0", config_item_perf_lookup,
+                         (void*) logind_gperf_lookup, false, false, m);
         if (r < 0)
                 log_warning("Failed to parse configuration file: %s", strerror(-r));
 
-        fclose(f);
-
         return r;
 }
 

src/shared/conf-parser.c

@@ -70,7 +70,7 @@ int log_syntax_internal(const char *unit, int level,
                                         "ERRNO=%d", error > 0 ? error : EINVAL,
                                         "MESSAGE=[%s:%u] %s", config_file, config_line, msg,
                                         NULL);
-        log_info("logged here: '%s': %d", msg, r);
+
         return r;
 }
 
@@ -199,6 +199,7 @@ static int parse_line(const char* unit,
                       ConfigItemLookup lookup,
                       void *table,
                       bool relaxed,
+                      bool allow_include,
                       char **section,
                       char *l,
                       void *userdata) {
@@ -219,13 +220,19 @@ static int parse_line(const char* unit,
                 return 0;
 
         if (startswith(l, ".include ")) {
-                _cleanup_free_ char *fn;
+                _cleanup_free_ char *fn = NULL;
+
+                if (!allow_include) {
+                        log_syntax(unit, LOG_ERR, filename, line, EBADMSG,
+                                   ".include not allowed here. Ignoring.");
+                        return 0;
+                }
 
                 fn = file_in_same_dir(filename, strstrip(l+9));
                 if (!fn)
                         return -ENOMEM;
 
-                return config_parse(unit, fn, NULL, sections, lookup, table, relaxed, userdata);
+                return config_parse(unit, fn, NULL, sections, lookup, table, relaxed, false, userdata);
         }
 
         if (*l == '[') {
@@ -299,11 +306,12 @@ int config_parse(const char *unit,
                  ConfigItemLookup lookup,
                  void *table,
                  bool relaxed,
+                 bool allow_include,
                  void *userdata) {
 
-        unsigned line = 0;
         _cleanup_free_ char *section = NULL, *continuation = NULL;
         _cleanup_fclose_ FILE *ours = NULL;
+        unsigned line = 0;
         int r;
 
         assert(filename);
@@ -370,6 +378,7 @@ int config_parse(const char *unit,
                                lookup,
                                table,
                                relaxed,
+                               allow_include,
                                &section,
                                p,
                                userdata);

src/shared/conf-parser.h

@@ -87,6 +87,7 @@ int config_parse(const char *unit,
                  ConfigItemLookup lookup,
                  void *table,
                  bool relaxed,
+                 bool allow_include,
                  void *userdata);
 
 /* Generic parsers */

src/shared/install.c

@@ -1015,7 +1015,7 @@ static int unit_file_load(
         }
 
         r = config_parse(NULL, path, f, NULL,
-                         config_item_table_lookup, (void*) items, true, info);
+                         config_item_table_lookup, (void*) items, true, true, info);
         if (r < 0)
                 return r;
 

src/tty-ask-password-agent/tty-ask-password-agent.c

@@ -275,7 +275,7 @@ static int parse_password(const char *filename, char **wall) {
                 return -errno;
         }
 
-        r = config_parse(NULL, filename, f, NULL, config_item_table_lookup, (void*) items, true, NULL);
+        r = config_parse(NULL, filename, f, NULL, config_item_table_lookup, (void*) items, true, false, NULL);
         if (r < 0) {
                 log_error("Failed to parse password file %s: %s", filename, strerror(-r));
                 goto finish;