Skip to content

Commit 55c8f9e

Browse files
poetteringpoettering
authored
Merge pull request systemd#22754 from mrc0mmand/creds_dir_specifier
core: add %d specifier for the $CREDENTIALS_DIRECTORY
2 parents ad337e5 + 43b9b20 commit 55c8f9e

File tree

5 files changed

+36
-1
lines changed

5 files changed

+36
-1
lines changed

man/systemd.unit.xml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1975,6 +1975,11 @@
19751975
<entry>Cache directory root</entry>
19761976
<entry>This is either <filename>/var/cache</filename> (for the system manager) or the path <literal>$XDG_CACHE_HOME</literal> resolves to (for user managers).</entry>
19771977
</row>
1978+
<row>
1979+
<entry><literal>%d</literal></entry>
1980+
<entry>Credentials directory</entry>
1981+
<entry>This is the value of the <literal>$CREDENTIALS_DIRECTORY</literal> environment variable if available. See section "Credentials" in <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
1982+
</row>
19781983
<row>
19791984
<entry><literal>%E</literal></entry>
19801985
<entry>Configuration directory root</entry>

src/core/unit-printf.c

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -138,7 +138,7 @@ static int specifier_cgroup_slice(char specifier, const void *data, const char *
138138

139139
static int specifier_special_directory(char specifier, const void *data, const char *root, const void *userdata, char **ret) {
140140
const Unit *u = ASSERT_PTR(userdata);
141-
char *n = NULL;
141+
char *n;
142142

143143
n = strdup(u->manager->prefix[PTR_TO_UINT(data)]);
144144
if (!n)
@@ -148,6 +148,20 @@ static int specifier_special_directory(char specifier, const void *data, const c
148148
return 0;
149149
}
150150

151+
static int specifier_credentials_dir(char specifier, const void *data, const char *root, const void *userdata, char **ret) {
152+
const Unit *u = ASSERT_PTR(userdata);
153+
char *d;
154+
155+
assert(ret);
156+
157+
d = strjoin(u->manager->prefix[EXEC_DIRECTORY_RUNTIME], "/credentials/", u->id);
158+
if (!d)
159+
return -ENOMEM;
160+
161+
*ret = d;
162+
return 0;
163+
}
164+
151165
int unit_name_printf(const Unit *u, const char* format, char **ret) {
152166
/*
153167
* This will use the passed string as format string and replace the following specifiers (which should all be
@@ -191,6 +205,7 @@ int unit_full_printf_full(const Unit *u, const char *format, size_t max_length,
191205
* %R: the root of this systemd's instance tree (deprecated)
192206
*
193207
* %C: the cache directory root (e.g. /var/cache or $XDG_CACHE_HOME)
208+
* %d: the credentials directory ($CREDENTIALS_DIRECTORY)
194209
* %E: the configuration directory root (e.g. /etc or $XDG_CONFIG_HOME)
195210
* %L: the log directory root (e.g. /var/log or $XDG_CONFIG_HOME/log)
196211
* %S: the state directory root (e.g. /var/lib or $XDG_CONFIG_HOME)
@@ -227,6 +242,7 @@ int unit_full_printf_full(const Unit *u, const char *format, size_t max_length,
227242
{ 'R', specifier_cgroup_root, NULL },
228243

229244
{ 'C', specifier_special_directory, UINT_TO_PTR(EXEC_DIRECTORY_CACHE) },
245+
{ 'd', specifier_credentials_dir, NULL },
230246
{ 'E', specifier_special_directory, UINT_TO_PTR(EXEC_DIRECTORY_CONFIGURATION) },
231247
{ 'L', specifier_special_directory, UINT_TO_PTR(EXEC_DIRECTORY_LOGS) },
232248
{ 'S', specifier_special_directory, UINT_TO_PTR(EXEC_DIRECTORY_STATE) },

src/test/test-execute.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1086,6 +1086,7 @@ static void test_exec_specifier(Manager *m) {
10861086
test(m, "exec-specifier.service", 0, CLD_EXITED);
10871087
test(m, "exec-specifier@foo-bar.service", 0, CLD_EXITED);
10881088
test(m, "exec-specifier-interpolation.service", 0, CLD_EXITED);
1089+
test(m, "exec-specifier-credentials-dir.service", 0, CLD_EXITED);
10891090
}
10901091

10911092
static void test_exec_standardinput(Manager *m) {

test/test-execute/exec-specifier-credentials-dir.service

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
# SPDX-License-Identifier: LGPL-2.1-or-later
2+
[Unit]
3+
Description=Test for specifiers
4+
5+
[Service]
6+
Type=oneshot
7+
Environment=TOP_SECRET=%d/very_top_secret
8+
# Test if the specifier is resolved correctly both before and after LoadCredential=
9+
ExecStart=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
10+
LoadCredential=very_top_secret
11+
ExecStart=test %d/very_top_secret = "${CREDENTIALS_DIRECTORY}/very_top_secret"
12+
ExecStart=sh -c 'test %d/very_top_secret = "$TOP_SECRET"'

test/test-execute/exec-specifier.service

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ ExecStart=test %L = /var/log
2020
ExecStart=test %E = /etc
2121
ExecStart=test %T = /tmp
2222
ExecStart=test %V = /var/tmp
23+
ExecStart=test %d = %t/credentials/%n
2324
ExecStart=sh -c 'test %u = $$(id -un)'
2425
ExecStart=sh -c 'test %U = $$(id -u)'
2526
ExecStart=sh -c 'test %g = $$(id -gn)'

0 commit comments

Comments
 (0)