Skip to content

Commit 639c922

Browse files
keszybzYHNdnzj
authored and
bluca
committed
run: do not pass the pty slave fd to transient service in a machine
Follow-up for 28459ba The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: systemd/systemd#33216 (comment) Replaces #33216 Co-authored-by: Mike Yuan <[email protected]> (cherry picked from commit ddef3ec)
1 parent cce7df4 commit 639c922

File tree

1 file changed

+31
-17
lines changed

1 file changed

+31
-17
lines changed

src/run/run.c

Lines changed: 31 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -748,7 +748,7 @@ static int transient_kill_set_properties(sd_bus_message *m) {
748748
return 0;
749749
}
750750

751-
static int transient_service_set_properties(sd_bus_message *m, const char *pty_path) {
751+
static int transient_service_set_properties(sd_bus_message *m, const char *pty_path, int pty_fd) {
752752
bool send_term = false;
753753
int r;
754754

@@ -758,6 +758,7 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
758758
bool use_ex_prop = arg_expand_environment == 0;
759759

760760
assert(m);
761+
assert(pty_path || pty_fd < 0);
761762

762763
r = transient_unit_set_properties(m, UNIT_SERVICE, arg_property);
763764
if (r < 0)
@@ -808,18 +809,22 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
808809
}
809810

810811
if (pty_path) {
811-
_cleanup_close_ int pty_slave = -EBADF;
812-
813-
pty_slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
814-
if (pty_slave < 0)
815-
return pty_slave;
812+
r = sd_bus_message_append(m, "(sv)", "TTYPath", "s", pty_path);
813+
if (r < 0)
814+
return bus_log_create_error(r);
816815

817-
r = sd_bus_message_append(m,
818-
"(sv)(sv)(sv)(sv)",
819-
"StandardInputFileDescriptor", "h", pty_slave,
820-
"StandardOutputFileDescriptor", "h", pty_slave,
821-
"StandardErrorFileDescriptor", "h", pty_slave,
822-
"TTYPath", "s", pty_path);
816+
if (pty_fd >= 0)
817+
r = sd_bus_message_append(m,
818+
"(sv)(sv)(sv)",
819+
"StandardInputFileDescriptor", "h", pty_fd,
820+
"StandardOutputFileDescriptor", "h", pty_fd,
821+
"StandardErrorFileDescriptor", "h", pty_fd);
822+
else
823+
r = sd_bus_message_append(m,
824+
"(sv)(sv)(sv)",
825+
"StandardInput", "s", "tty",
826+
"StandardOutput", "s", "tty",
827+
"StandardError", "s", "tty");
823828
if (r < 0)
824829
return bus_log_create_error(r);
825830

@@ -1185,7 +1190,8 @@ static int make_transient_service_unit(
11851190
sd_bus *bus,
11861191
sd_bus_message **message,
11871192
const char *service,
1188-
const char *pty_path) {
1193+
const char *pty_path,
1194+
int pty_fd) {
11891195

11901196
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
11911197
int r;
@@ -1212,7 +1218,7 @@ static int make_transient_service_unit(
12121218
if (r < 0)
12131219
return bus_log_create_error(r);
12141220

1215-
r = transient_service_set_properties(m, pty_path);
1221+
r = transient_service_set_properties(m, pty_path, pty_fd);
12161222
if (r < 0)
12171223
return r;
12181224

@@ -1301,7 +1307,7 @@ static int start_transient_service(sd_bus *bus) {
13011307
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
13021308
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
13031309
_cleanup_free_ char *service = NULL, *pty_path = NULL;
1304-
_cleanup_close_ int master = -EBADF;
1310+
_cleanup_close_ int master = -EBADF, slave = -EBADF;
13051311
int r;
13061312

13071313
assert(bus);
@@ -1320,6 +1326,10 @@ static int start_transient_service(sd_bus *bus) {
13201326
if (unlockpt(master) < 0)
13211327
return log_error_errno(errno, "Failed to unlock tty: %m");
13221328

1329+
slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
1330+
if (slave < 0)
1331+
return log_error_errno(slave, "Failed to open pty slave: %m");
1332+
13231333
} else if (arg_transport == BUS_TRANSPORT_MACHINE) {
13241334
_cleanup_(sd_bus_unrefp) sd_bus *system_bus = NULL;
13251335
_cleanup_(sd_bus_message_unrefp) sd_bus_message *pty_reply = NULL;
@@ -1349,6 +1359,9 @@ static int start_transient_service(sd_bus *bus) {
13491359
pty_path = strdup(s);
13501360
if (!pty_path)
13511361
return log_oom();
1362+
1363+
// FIXME: Introduce OpenMachinePTYEx() that accepts ownership/permission as param
1364+
// and additionally returns the pty fd, for #33216 and #32999
13521365
} else
13531366
assert_not_reached();
13541367
}
@@ -1375,9 +1388,10 @@ static int start_transient_service(sd_bus *bus) {
13751388
return r;
13761389
}
13771390

1378-
r = make_transient_service_unit(bus, &m, service, pty_path);
1391+
r = make_transient_service_unit(bus, &m, service, pty_path, slave);
13791392
if (r < 0)
13801393
return r;
1394+
slave = safe_close(slave);
13811395

13821396
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
13831397

@@ -1802,7 +1816,7 @@ static int make_transient_trigger_unit(
18021816
if (r < 0)
18031817
return bus_log_create_error(r);
18041818

1805-
r = transient_service_set_properties(m, NULL);
1819+
r = transient_service_set_properties(m, /* pty_path = */ NULL, /* pty_fd = */ -EBADF);
18061820
if (r < 0)
18071821
return r;
18081822

0 commit comments

Comments
 (0)