automatic import of systemdopeneuler24.03_LTS

1 files changed, 164 insertions, 0 deletions

diff --git a/backport-core-escape-spaces-in-paths-during-serialization.patch b/backport-core-escape-spaces-in-paths-during-serialization.patch
new file mode 100644
index 0000000..59313fa
--- /dev/null
+++ b/backport-core-escape-spaces-in-paths-during-serialization.patch
@@ -0,0 +1,164 @@
+From d7942fe5fc197d1eb77986b5c73b5c36d82e141e Mon Sep 17 00:00:00 2001
+From: Frantisek Sumsal <frantisek@sumsal.cz>
+Date: Fri, 5 Jan 2024 20:39:40 +0100
+Subject: [PATCH] core: escape spaces in paths during serialization
+
+Otherwise we split them incorrectly when deserializing them.
+
+Resolves: #30747
+
+Conflict:NA
+Reference:https://github.com/systemd/systemd/commit/d7942fe5fc197d1eb77986b5c73b5c36d82e141e
+
+---
+ src/core/execute-serialize.c            | 17 ++++++------
+ test/units/testsuite-07.exec-context.sh | 36 ++++++++++++++++---------
+ 2 files changed, 32 insertions(+), 21 deletions(-)
+
+diff --git a/src/core/execute-serialize.c b/src/core/execute-serialize.c
+index 55d24094f7..dd48ad3f65 100644
+--- a/src/core/execute-serialize.c
++++ b/src/core/execute-serialize.c
+@@ -1930,7 +1930,7 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
+                 FOREACH_ARRAY(i, c->directories[dt].items, c->directories[dt].n_items) {
+                         _cleanup_free_ char *path_escaped = NULL;
+ 
+-                        path_escaped = shell_escape(i->path, ":");
++                        path_escaped = shell_escape(i->path, ":" WHITESPACE);
+                         if (!path_escaped)
+                                 return log_oom_debug();
+ 
+@@ -1943,7 +1943,7 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
+                         STRV_FOREACH(d, i->symlinks) {
+                                 _cleanup_free_ char *link_escaped = NULL;
+ 
+-                                link_escaped = shell_escape(*d, ":");
++                                link_escaped = shell_escape(*d, ":" WHITESPACE);
+                                 if (!link_escaped)
+                                         return log_oom_debug();
+ 
+@@ -2264,11 +2264,11 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
+         FOREACH_ARRAY(mount, c->bind_mounts, c->n_bind_mounts) {
+                 _cleanup_free_ char *src_escaped = NULL, *dst_escaped = NULL;
+ 
+-                src_escaped = shell_escape(mount->source, ":");
++                src_escaped = shell_escape(mount->source, ":" WHITESPACE);
+                 if (!src_escaped)
+                         return log_oom_debug();
+ 
+-                dst_escaped = shell_escape(mount->destination, ":");
++                dst_escaped = shell_escape(mount->destination, ":" WHITESPACE);
+                 if (!dst_escaped)
+                         return log_oom_debug();
+ 
+@@ -2455,11 +2455,11 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
+         FOREACH_ARRAY(mount, c->mount_images, c->n_mount_images) {
+                 _cleanup_free_ char *s = NULL, *source_escaped = NULL, *dest_escaped = NULL;
+ 
+-                source_escaped = shell_escape(mount->source, " ");
++                source_escaped = shell_escape(mount->source, WHITESPACE);
+                 if (!source_escaped)
+                         return log_oom_debug();
+ 
+-                dest_escaped = shell_escape(mount->destination, " ");
++                dest_escaped = shell_escape(mount->destination, WHITESPACE);
+                 if (!dest_escaped)
+                         return log_oom_debug();
+ 
+@@ -2496,7 +2496,7 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
+         FOREACH_ARRAY(mount, c->extension_images, c->n_extension_images) {
+                 _cleanup_free_ char *s = NULL, *source_escaped = NULL;
+ 
+-                source_escaped = shell_escape(mount->source, ":");
++                source_escaped = shell_escape(mount->source, ":" WHITESPACE);
+                 if (!source_escaped)
+                         return log_oom_debug();
+ 
+@@ -2847,7 +2847,8 @@ static int exec_context_deserialize(ExecContext *c, FILE *f) {
+                                 _cleanup_free_ char *tuple = NULL, *path = NULL, *only_create = NULL;
+                                 const char *p;
+ 
+-                                r = extract_first_word(&val, &tuple, WHITESPACE, EXTRACT_RETAIN_ESCAPE);
++                                /* Use EXTRACT_UNESCAPE_RELAX here, as we unescape the colons in subsequent calls */
++                                r = extract_first_word(&val, &tuple, WHITESPACE, EXTRACT_UNESCAPE_SEPARATORS|EXTRACT_UNESCAPE_RELAX);
+                                 if (r < 0)
+                                         return r;
+                                 if (r == 0)
+diff --git a/test/units/testsuite-07.exec-context.sh b/test/units/testsuite-07.exec-context.sh
+index c84974f1de..dd63163008 100755
+--- a/test/units/testsuite-07.exec-context.sh
++++ b/test/units/testsuite-07.exec-context.sh
+@@ -93,6 +93,13 @@ systemd-run --wait --pipe -p BindPaths="/etc /home:/mnt:norbind -/foo/bar/baz:/u
+     bash -xec "mountpoint /etc; test -d /etc/systemd; mountpoint /mnt; ! mountpoint /usr"
+ systemd-run --wait --pipe -p BindReadOnlyPaths="/etc /home:/mnt:norbind -/foo/bar/baz:/usr:rbind" \
+     bash -xec "test ! -w /etc; test ! -w /mnt; ! mountpoint /usr"
++# Make sure we properly serialize/deserialize paths with spaces
++# See: https://github.com/systemd/systemd/issues/30747
++touch "/tmp/test file with spaces"
++systemd-run --wait --pipe -p TemporaryFileSystem="/tmp" -p BindPaths="/etc /home:/mnt:norbind /tmp/test\ file\ with\ spaces" \
++    bash -xec "mountpoint /etc; test -d /etc/systemd; mountpoint /mnt; stat '/tmp/test file with spaces'"
++systemd-run --wait --pipe -p TemporaryFileSystem="/tmp" -p BindPaths="/etc /home:/mnt:norbind /tmp/test\ file\ with\ spaces:/tmp/destination\ wi\:th\ spaces" \
++    bash -xec "mountpoint /etc; test -d /etc/systemd; mountpoint /mnt; stat '/tmp/destination wi:th spaces'"
+ 
+ # Check if we correctly serialize, deserialize, and set directives that
+ # have more complex internal handling
+@@ -206,18 +213,20 @@ fi
+ 
+ # {Cache,Configuration,Logs,Runtime,State}Directory=
+ ARGUMENTS=(
+-    -p CacheDirectory="foo/bar/baz"
++    -p CacheDirectory="foo/bar/baz also\ with\ spaces"
+     -p CacheDirectory="foo"
+     -p CacheDirectory="context"
+     -p CacheDirectoryMode="0123"
+     -p CacheDirectoryMode="0666"
+-    -p ConfigurationDirectory="context/foo also_context/bar context/nested/baz"
++    -p ConfigurationDirectory="context/foo also_context/bar context/nested/baz context/semi\:colon"
+     -p ConfigurationDirectoryMode="0400"
+     -p LogsDirectory="context/foo"
+     -p LogsDirectory=""
+     -p LogsDirectory="context/a/very/nested/logs/dir"
+-    -p RuntimeDirectory="context"
+-    -p RuntimeDirectory="also_context"
++    -p RuntimeDirectory="context/with\ spaces"
++    # Note: {Runtime,State,Cache,Logs}Directory= directives support the directory:symlink syntax, which
++    #       requires an additional level of escaping for the colon character
++    -p RuntimeDirectory="also_context:a\ symlink\ with\ \\\:\ col\\\:ons\ and\ \ spaces"
+     -p RuntimeDirectoryPreserve=yes
+     -p StateDirectory="context"
+     -p StateDirectory="./././././././context context context"
+@@ -226,21 +235,22 @@ ARGUMENTS=(
+ 
+ rm -rf /run/context
+ systemd-run --wait --pipe "${ARGUMENTS[@]}" \
+-    bash -xec '[[ $CACHE_DIRECTORY == /var/cache/context:/var/cache/foo:/var/cache/foo/bar/baz ]];
+-               [[ $(stat -c "%a" ${CACHE_DIRECTORY##*:}) == 666 ]]'
++    bash -xec '[[ $CACHE_DIRECTORY == "/var/cache/also with spaces:/var/cache/context:/var/cache/foo:/var/cache/foo/bar/baz" ]];
++               [[ $(stat -c "%a" "${CACHE_DIRECTORY##*:}") == 666 ]]'
+ systemd-run --wait --pipe "${ARGUMENTS[@]}" \
+-    bash -xec '[[ $CONFIGURATION_DIRECTORY == /etc/also_context/bar:/etc/context/foo:/etc/context/nested/baz ]];
+-               [[ $(stat -c "%a" ${CONFIGURATION_DIRECTORY##*:}) == 400 ]]'
++    bash -xec '[[ $CONFIGURATION_DIRECTORY == /etc/also_context/bar:/etc/context/foo:/etc/context/nested/baz:/etc/context/semi:colon ]];
++               [[ $(stat -c "%a" "${CONFIGURATION_DIRECTORY%%:*}") == 400 ]]'
+ systemd-run --wait --pipe "${ARGUMENTS[@]}" \
+     bash -xec '[[ $LOGS_DIRECTORY == /var/log/context/a/very/nested/logs/dir:/var/log/context/foo ]];
+-               [[ $(stat -c "%a" ${LOGS_DIRECTORY##*:}) == 755 ]]'
++               [[ $(stat -c "%a" "${LOGS_DIRECTORY##*:}") == 755 ]]'
+ systemd-run --wait --pipe "${ARGUMENTS[@]}" \
+-    bash -xec '[[ $RUNTIME_DIRECTORY == /run/also_context:/run/context ]];
+-               [[ $(stat -c "%a" ${RUNTIME_DIRECTORY##*:}) == 755 ]];
+-               [[ $(stat -c "%a" ${RUNTIME_DIRECTORY%%:*}) == 755 ]]'
++    bash -xec '[[ $RUNTIME_DIRECTORY == "/run/also_context:/run/context/with spaces" ]];
++               [[ $(stat -c "%a" "${RUNTIME_DIRECTORY##*:}") == 755 ]];
++               [[ $(stat -c "%a" "${RUNTIME_DIRECTORY%%:*}") == 755 ]]'
+ systemd-run --wait --pipe "${ARGUMENTS[@]}" \
+     bash -xec '[[ $STATE_DIRECTORY == /var/lib/context ]]; [[ $(stat -c "%a" $STATE_DIRECTORY) == 0 ]]'
+-test -d /run/context
++test -d "/run/context/with spaces"
++test -s "/run/a symlink with : col:ons and  spaces"
+ rm -rf /var/{cache,lib,log}/context /etc/{also_,}context
+ 
+ # Limit*=
+-- 
+2.43.0
+