Skip to content

Commit e2d6762

Browse files
keszybzYHNdnzj
authored and
bluca
committed
run: do not pass the pty slave fd to transient service in a machine
Follow-up for 28459ba The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: systemd/systemd#33216 (comment) Replaces #33216 Co-authored-by: Mike Yuan <[email protected]> (cherry picked from commit ddef3ec) (cherry picked from commit 639c922)
1 parent 2dee004 commit e2d6762

File tree

1 file changed

+31
-17
lines changed

1 file changed

+31
-17
lines changed

src/run/run.c

Lines changed: 31 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -744,7 +744,7 @@ static int transient_kill_set_properties(sd_bus_message *m) {
744744
return 0;
745745
}
746746

747-
static int transient_service_set_properties(sd_bus_message *m, const char *pty_path) {
747+
static int transient_service_set_properties(sd_bus_message *m, const char *pty_path, int pty_fd) {
748748
bool send_term = false;
749749
int r;
750750

@@ -754,6 +754,7 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
754754
bool use_ex_prop = arg_expand_environment == 0;
755755

756756
assert(m);
757+
assert(pty_path || pty_fd < 0);
757758

758759
r = transient_unit_set_properties(m, UNIT_SERVICE, arg_property);
759760
if (r < 0)
@@ -804,18 +805,22 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
804805
}
805806

806807
if (pty_path) {
807-
_cleanup_close_ int pty_slave = -EBADF;
808-
809-
pty_slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
810-
if (pty_slave < 0)
811-
return pty_slave;
808+
r = sd_bus_message_append(m, "(sv)", "TTYPath", "s", pty_path);
809+
if (r < 0)
810+
return bus_log_create_error(r);
812811

813-
r = sd_bus_message_append(m,
814-
"(sv)(sv)(sv)(sv)",
815-
"StandardInputFileDescriptor", "h", pty_slave,
816-
"StandardOutputFileDescriptor", "h", pty_slave,
817-
"StandardErrorFileDescriptor", "h", pty_slave,
818-
"TTYPath", "s", pty_path);
812+
if (pty_fd >= 0)
813+
r = sd_bus_message_append(m,
814+
"(sv)(sv)(sv)",
815+
"StandardInputFileDescriptor", "h", pty_fd,
816+
"StandardOutputFileDescriptor", "h", pty_fd,
817+
"StandardErrorFileDescriptor", "h", pty_fd);
818+
else
819+
r = sd_bus_message_append(m,
820+
"(sv)(sv)(sv)",
821+
"StandardInput", "s", "tty",
822+
"StandardOutput", "s", "tty",
823+
"StandardError", "s", "tty");
819824
if (r < 0)
820825
return bus_log_create_error(r);
821826

@@ -1166,7 +1171,8 @@ static int make_transient_service_unit(
11661171
sd_bus *bus,
11671172
sd_bus_message **message,
11681173
const char *service,
1169-
const char *pty_path) {
1174+
const char *pty_path,
1175+
int pty_fd) {
11701176

11711177
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
11721178
int r;
@@ -1193,7 +1199,7 @@ static int make_transient_service_unit(
11931199
if (r < 0)
11941200
return bus_log_create_error(r);
11951201

1196-
r = transient_service_set_properties(m, pty_path);
1202+
r = transient_service_set_properties(m, pty_path, pty_fd);
11971203
if (r < 0)
11981204
return r;
11991205

@@ -1238,7 +1244,7 @@ static int start_transient_service(sd_bus *bus) {
12381244
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
12391245
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
12401246
_cleanup_free_ char *service = NULL, *pty_path = NULL;
1241-
_cleanup_close_ int master = -EBADF;
1247+
_cleanup_close_ int master = -EBADF, slave = -EBADF;
12421248
int r;
12431249

12441250
assert(bus);
@@ -1257,6 +1263,10 @@ static int start_transient_service(sd_bus *bus) {
12571263
if (unlockpt(master) < 0)
12581264
return log_error_errno(errno, "Failed to unlock tty: %m");
12591265

1266+
slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
1267+
if (slave < 0)
1268+
return log_error_errno(slave, "Failed to open pty slave: %m");
1269+
12601270
} else if (arg_transport == BUS_TRANSPORT_MACHINE) {
12611271
_cleanup_(sd_bus_unrefp) sd_bus *system_bus = NULL;
12621272
_cleanup_(sd_bus_message_unrefp) sd_bus_message *pty_reply = NULL;
@@ -1286,6 +1296,9 @@ static int start_transient_service(sd_bus *bus) {
12861296
pty_path = strdup(s);
12871297
if (!pty_path)
12881298
return log_oom();
1299+
1300+
// FIXME: Introduce OpenMachinePTYEx() that accepts ownership/permission as param
1301+
// and additionally returns the pty fd, for #33216 and #32999
12891302
} else
12901303
assert_not_reached();
12911304
}
@@ -1312,9 +1325,10 @@ static int start_transient_service(sd_bus *bus) {
13121325
return r;
13131326
}
13141327

1315-
r = make_transient_service_unit(bus, &m, service, pty_path);
1328+
r = make_transient_service_unit(bus, &m, service, pty_path, slave);
13161329
if (r < 0)
13171330
return r;
1331+
slave = safe_close(slave);
13181332

13191333
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
13201334

@@ -1731,7 +1745,7 @@ static int make_transient_trigger_unit(
17311745
if (r < 0)
17321746
return bus_log_create_error(r);
17331747

1734-
r = transient_service_set_properties(m, NULL);
1748+
r = transient_service_set_properties(m, /* pty_path = */ NULL, /* pty_fd = */ -EBADF);
17351749
if (r < 0)
17361750
return r;
17371751

0 commit comments

Comments
 (0)