diff options
| author | Theodore Ts'o <tytso@mit.edu> | 2024-03-28 14:39:24 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2024-03-28 14:39:24 -0400 |
| commit | 6176b32d7fc244885909cdf5caf10889342218c5 (patch) | |
| tree | 7353e25aea6dd2ce1a89bcc0decf41ff2208336c | |
| parent | d656357241b50b2bd54c7099b6f2b987b58150df (diff) | |
| parent | a7950660ca798744482e43d409c83215fbb3b98a (diff) | |
| download | e2fsprogs-6176b32d7fc244885909cdf5caf10889342218c5.tar.gz | |
Merge branch 'e2scrub-fixes' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/e2fsprogs into next
| -rw-r--r-- | scrub/Makefile.in | 12 | ||||
| -rw-r--r-- | scrub/e2scrub@.service.in | 4 | ||||
| -rw-r--r-- | scrub/e2scrub_all.in | 20 | ||||
| -rw-r--r-- | scrub/e2scrub_fail.in | 10 | ||||
| -rw-r--r-- | scrub/e2scrub_fail@.service.in | 4 | ||||
| -rw-r--r-- | scrub/ext4.rules.in | 13 |
6 files changed, 36 insertions, 27 deletions
diff --git a/scrub/Makefile.in b/scrub/Makefile.in index 387f6504a..d0c5c11bc 100644 --- a/scrub/Makefile.in +++ b/scrub/Makefile.in @@ -18,6 +18,7 @@ CONFFILES= e2scrub.conf ifeq ($(HAVE_UDEV),yes) UDEV_RULES = e2scrub.rules +UDISKS_RULES = ext4.rules INSTALLDIRS_TGT += installdirs-udev INSTALL_TGT += install-udev UNINSTALL_TGT += uninstall-udev @@ -39,7 +40,7 @@ INSTALL_TGT += install-systemd install-libprogs UNINSTALL_TGT += uninstall-systemd uninstall-libprogs endif -all:: $(PROGS) $(MANPAGES) $(CONFFILES) $(UDEV_RULES) $(SERVICE_FILES) $(CRONTABS) $(LIBPROGS) +all:: $(PROGS) $(MANPAGES) $(CONFFILES) $(UDEV_RULES) $(UDISKS_RULES) $(SERVICE_FILES) $(CRONTABS) $(LIBPROGS) e2scrub: $(DEP_SUBSTITUTE) e2scrub.in $(E) " SUBST $@" @@ -111,6 +112,10 @@ install-udev: installdirs-udev $(ES) " INSTALL $(UDEV_RULES_DIR)/$$i"; \ $(INSTALL_DATA) $$i $(DESTDIR)$(UDEV_RULES_DIR)/96-$$i; \ done + $(Q) for i in $(UDISKS_RULES); do \ + $(ES) " INSTALL $(UDEV_RULES_DIR)/$$i"; \ + $(INSTALL_DATA) $$i $(DESTDIR)$(UDEV_RULES_DIR)/64-$$i; \ + done install-crond: installdirs-crond $(Q) if test -n "$(CRONTABS)" ; then \ @@ -153,6 +158,9 @@ uninstall-udev: for i in $(UDEV_RULES); do \ $(RM) -f $(DESTDIR)$(UDEV_RULES_DIR)/96-$$i; \ done + for i in $(UDISKS_RULES); do \ + $(RM) -f $(DESTDIR)$(UDEV_RULES_DIR)/64-$$i; \ + done uninstall-crond: if test -n "$(CRONTABS)" ; then \ @@ -181,7 +189,7 @@ uninstall: $(UNINSTALL_TGT) done clean:: - $(RM) -f $(PROGS) $(MANPAGES) $(CONFFILES) $(UDEV_RULES) $(SERVICE_FILES) $(CRONTABS) $(LIBPROGS) + $(RM) -f $(PROGS) $(MANPAGES) $(CONFFILES) $(UDEV_RULES) $(UDISKS_RULES) $(SERVICE_FILES) $(CRONTABS) $(LIBPROGS) mostlyclean: clean distclean: clean diff --git a/scrub/e2scrub@.service.in b/scrub/e2scrub@.service.in index 496f89483..6425263c2 100644 --- a/scrub/e2scrub@.service.in +++ b/scrub/e2scrub@.service.in @@ -1,5 +1,5 @@ [Unit] -Description=Online ext4 Metadata Check for %I +Description=Online ext4 Metadata Check for %f OnFailure=e2scrub_fail@%i.service Documentation=man:e2scrub(8) @@ -16,5 +16,5 @@ User=root IOSchedulingClass=idle CPUSchedulingPolicy=idle Environment=SERVICE_MODE=1 -ExecStart=@root_sbindir@/e2scrub -t %I +ExecStart=@root_sbindir@/e2scrub -t %f SyslogIdentifier=%N diff --git a/scrub/e2scrub_all.in b/scrub/e2scrub_all.in index 4288b9698..437f6cc2f 100644 --- a/scrub/e2scrub_all.in +++ b/scrub/e2scrub_all.in @@ -146,22 +146,10 @@ ls_targets() { fi } -# systemd doesn't know to do path escaping on the instance variable we pass -# to the e2scrub service, which breaks things if there is a dash in the path -# name. Therefore, do the path escaping ourselves if needed. -# -# systemd path escaping also drops the initial slash so we add that back in so -# that log messages from the service units preserve the full path and users can -# look up log messages using full paths. However, for "/" the escaping rules -# do /not/ drop the initial slash, so we have to special-case that here. +# Turn our mount path into a service name that systemd will recognize escape_path_for_systemd() { local path="$1" - - if [ "${path}" != "/" ]; then - echo "-$(systemd-escape --path "${path}")" - else - echo "-" - fi + systemd-escape --template 'e2scrub@.service' --path "${path}" } # Scrub any mounted fs on lvm by creating a snapshot and fscking that. @@ -170,8 +158,8 @@ for tgt in "${targets[@]}"; do # If we're not reaping and systemd is present, try invoking the # systemd service. if [ "${reap}" -ne 1 ] && type systemctl > /dev/null 2>&1; then - tgt_esc="$(escape_path_for_systemd "${tgt}")" - ${DBG} systemctl start "e2scrub@${tgt_esc}" 2> /dev/null + svcname="$(escape_path_for_systemd "${tgt}")" + ${DBG} systemctl start "${svcname}" 2> /dev/null res=$? if [ "${res}" -eq 0 ] || [ "${res}" -eq 1 ]; then continue; diff --git a/scrub/e2scrub_fail.in b/scrub/e2scrub_fail.in index 2c0754a99..6899c47c6 100644 --- a/scrub/e2scrub_fail.in +++ b/scrub/e2scrub_fail.in @@ -2,8 +2,8 @@ # Email logs of failed e2scrub unit runs when the systemd service fails. -device="$1" -test -z "${device}" && exit 0 +mntpoint="$1" +test -z "${mntpoint}" && exit 0 if ! type sendmail > /dev/null 2>&1; then echo "$0: sendmail program not found." @@ -16,7 +16,7 @@ fi hostname="$(hostname -f 2>/dev/null)" test -z "${hostname}" && hostname="${HOSTNAME}" -service_name="e2scrub@$(systemd-escape ${device})" +service_name="$(systemd-escape --template "e2scrub@.service" --path "${mntpoint}")" if test -z "${recipient}" ; then recipient="root" @@ -29,9 +29,9 @@ fi (cat << ENDL To: ${recipient} From: ${sender} -Subject: e2scrub failure on ${device} +Subject: e2scrub failure on ${mntpoint} -So sorry, the automatic e2scrub of ${device} on ${hostname} failed. +So sorry, the automatic e2scrub of ${mntpoint} on ${hostname} failed. A log of what happened follows: ENDL diff --git a/scrub/e2scrub_fail@.service.in b/scrub/e2scrub_fail@.service.in index 4bad311bb..ae65a1da3 100644 --- a/scrub/e2scrub_fail@.service.in +++ b/scrub/e2scrub_fail@.service.in @@ -1,10 +1,10 @@ [Unit] -Description=Online ext4 Metadata Check Failure Reporting for %I +Description=Online ext4 Metadata Check Failure Reporting for %f Documentation=man:e2scrub(8) [Service] Type=oneshot -ExecStart=@pkglibdir@/e2scrub_fail "%I" +ExecStart=@pkglibdir@/e2scrub_fail "%f" User=mail Group=mail SupplementaryGroups=systemd-journal diff --git a/scrub/ext4.rules.in b/scrub/ext4.rules.in new file mode 100644 index 000000000..6fe5a7a83 --- /dev/null +++ b/scrub/ext4.rules.in @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: GPL-2.0-or-later +# +# Copyright (C) 2023 Oracle. All rights reserved. +# Author: Darrick J. Wong <djwong@kernel.org> +# +# Don't let udisks automount ext4 filesystems without even asking a user. +# This doesn't eliminate filesystems as an attack surface; it only prevents +# evil maid attacks when all sessions are locked. +# +# According to http://storaged.org/doc/udisks2-api/latest/udisks.8.html, +# supplying UDISKS_AUTO=0 here changes the HintAuto property of the block +# device abstraction to mean "do not automatically start" (e.g. mount). +SUBSYSTEM=="block", ENV{ID_FS_TYPE}=="ext2|ext3|ext4|ext4dev|jbd", ENV{UDISKS_AUTO}="0" |