Currently, systemd can only ignore files specified by their path, during
tmpdir cleanup. This patch adds the feature to give usernames as argument.
During cleanup the file ownership is checked and files that match the specified
usernames are ignored.
For example, you could give:
X /tmp/* - - - - testuser3,testuser2
in order to prevent all files belonging to testuser2 and testuser3 from being
deleted in /tmp.
This feature has been available in SystemV systems.
Would be good to also have it in systemd systems.
Regards
Thomas Blume
--
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip
Upmanyu, Graham Norton, HRB 21284 (AG Nürnberg)
Maxfeldstr. 5 / D-90409 Nürnberg / Phone: +49-911-740 53 - 0 / VOIP: 3919
GPG 2048R/2CD4D3E8 9A50 048F 1C73 59AA 4D2E 424E B3C6 3FD9 2CD4 D3E8
From 2bb01362597b6a872919edf3940eda79c3203efb Mon Sep 17 00:00:00 2001
From: Thomas Blume <thomas.bl...@suse.com>
Date: Thu, 8 Jan 2015 12:17:15 +0100
Subject: [PATCH] Add usernames as arguments to tmpfiles ignore directives.
Currently, systemd can only ignore files, specified by their path, during
tmpdir cleanup. This patch adds the feature to give usernames as argument.
During cleanup the file ownership is checked and files that match the
specified usernames are ignored.
For example, you could give:
X /tmp/* - - - - testuser3,testuser2
in order to prevent all files belonging to testuser2 and testuser3 from being deleted in /tmp.
---
man/tmpfiles.d.xml | 8 ++++++--
src/tmpfiles/tmpfiles.c | 41 +++++++++++++++++++++++++++++++++++++----
2 files changed, 43 insertions(+), 6 deletions(-)
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
index 1b14d69..c5b2148 100644
--- a/man/tmpfiles.d.xml
+++ b/man/tmpfiles.d.xml
@@ -527,8 +527,12 @@ r! /tmp/.X[0-9]*-lock</programlisting>
specify a short string that is written to the
file, suffixed by a newline. For
<varname>C</varname>, specifies the source file
- or directory. Ignored for all other
- lines.</para>
+ or directory.
+ For <varname>x</varname>, <varname>X</varname>
+ a comma separated list of usernames. If given,
+ only paths belonging to these users will be
+ excluded during directory cleanup.
+ Ignored for all other lines.</para>
</refsect2>
</refsect1>
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index d60c577..bcc1e87 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -275,6 +275,7 @@ static int dir_cleanup(
struct timespec times[2];
bool deleted = false;
int r = 0;
+ Item *found = NULL;
while ((dent = readdir(d))) {
struct stat s;
@@ -319,11 +320,43 @@ static int dir_cleanup(
}
/* Is there an item configured for this path? */
- if (hashmap_get(items, sub_path))
- continue;
+ found = hashmap_get(items, sub_path);
- if (find_glob(globs, sub_path))
- continue;
+ if (!found)
+ found = find_glob(globs, sub_path);
+
+ if (found) {
+ /* evaluate username arguments in ignore statements */
+ if (found->type == IGNORE_PATH || found->type == IGNORE_DIRECTORY_PATH) {
+ if (!found->argument)
+ continue;
+ else {
+ struct passwd *pw;
+ char *userfound = NULL, *args = strdup(found->argument);
+ bool match = false;
+ int uid = -1;
+
+ while ((userfound = strsep(&args, ","))) {
+ pw = getpwnam(userfound);
+
+ if (!pw)
+ log_error("Unknown user '%s' in ignore statement.", userfound);
+ else {
+ uid = pw->pw_uid;
+ if (s.st_uid == uid) {
+ match = true;
+ break;
+ }
+ }
+ }
+ if (match) {
+ found = NULL;
+ continue;
+ }
+ }
+ } else
+ continue;
+ }
if (S_ISDIR(s.st_mode)) {
--
2.1.2
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel