diff options
Diffstat (limited to 'src/shared/condition.c')
-rw-r--r-- | src/shared/condition.c | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/src/shared/condition.c b/src/shared/condition.c index 2969a89b4e..fb77966264 100644 --- a/src/shared/condition.c +++ b/src/shared/condition.c @@ -30,7 +30,8 @@ #include "ima-util.h" #include "list.h" #include "macro.h" -#include "mount-util.h" +#include "mountpoint-util.h" +#include "env-file.h" #include "parse-util.h" #include "path-util.h" #include "proc-cmdline.h" @@ -219,7 +220,7 @@ static int condition_test_user(Condition *c) { return streq(c->parameter, "root"); u = c->parameter; - r = get_user_creds(&u, &id, NULL, NULL, NULL); + r = get_user_creds(&u, &id, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING); if (r < 0) return 0; @@ -384,10 +385,9 @@ static int condition_test_security(Condition *c) { } static int condition_test_capability(Condition *c) { + unsigned long long capabilities = (unsigned long long) -1; _cleanup_fclose_ FILE *f = NULL; - int value; - char line[LINE_MAX]; - unsigned long long capabilities = -1; + int value, r; assert(c); assert(c->parameter); @@ -405,11 +405,21 @@ static int condition_test_capability(Condition *c) { if (!f) return -errno; - while (fgets(line, sizeof(line), f)) { - truncate_nl(line); + for (;;) { + _cleanup_free_ char *line = NULL; + const char *p; + + r = read_line(f, LONG_LINE_MAX, &line); + if (r < 0) + return r; + if (r == 0) + break; + + p = startswith(line, "CapBnd:"); + if (p) { + if (sscanf(line+7, "%llx", &capabilities) != 1) + return -EIO; - if (startswith(line, "CapBnd:")) { - (void) sscanf(line+7, "%llx", &capabilities); break; } } @@ -462,7 +472,7 @@ static int condition_test_needs_update(Condition *c) { uint64_t timestamp; int r; - r = parse_env_file(NULL, p, NULL, "TIMESTAMP_NSEC", ×tamp_str, NULL); + r = parse_env_file(NULL, p, "TIMESTAMP_NSEC", ×tamp_str); if (r < 0) { log_error_errno(r, "Failed to parse timestamp file '%s', using mtime: %m", p); return true; |