Bug Summary

File:build-scan/../src/core/machine-id-setup.c
Warning:line 213, column 9
Value stored to 'fd' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name machine-id-setup.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model static -mframe-pointer=all -relaxed-aliasing -menable-no-infs -menable-no-nans -menable-unsafe-fp-math -fno-signed-zeros -mreassociate -freciprocal-math -fdenormal-fp-math=preserve-sign,preserve-sign -ffp-contract=fast -fno-rounding-math -ffast-math -ffinite-math-only -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib64/clang/12.0.0 -include config.h -I systemd-machine-id-setup.p -I . -I .. -I src/basic -I ../src/basic -I src/shared -I ../src/shared -I src/systemd -I ../src/systemd -I src/journal -I ../src/journal -I src/journal-remote -I ../src/journal-remote -I src/nspawn -I ../src/nspawn -I src/resolve -I ../src/resolve -I src/timesync -I ../src/timesync -I ../src/time-wait-sync -I src/login -I ../src/login -I src/udev -I ../src/udev -I src/libudev -I ../src/libudev -I src/core -I ../src/core -I ../src/libsystemd/sd-bus -I ../src/libsystemd/sd-device -I ../src/libsystemd/sd-hwdb -I ../src/libsystemd/sd-id128 -I ../src/libsystemd/sd-netlink -I ../src/libsystemd/sd-network -I src/libsystemd-network -I ../src/libsystemd-network -D _FILE_OFFSET_BITS=64 -internal-isystem /usr/local/include -internal-isystem /usr/lib64/clang/12.0.0/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -Wwrite-strings -Wno-unused-parameter -Wno-missing-field-initializers -Wno-unused-result -Wno-format-signedness -Wno-error=nonnull -std=gnu99 -fconst-strings -fdebug-compilation-dir /home/mrc0mmand/repos/@redhat-plumbers/systemd-rhel8/build-scan -ferror-limit 19 -fvisibility hidden -stack-protector 2 -fgnuc-version=4.2.1 -fcolor-diagnostics -analyzer-output=html -faddrsig -o /tmp/scan-build-2021-07-16-221226-1465241-1 -x c ../src/core/machine-id-setup.c
1/* SPDX-License-Identifier: LGPL-2.1+ */
2
3#include <fcntl.h>
4#include <sched.h>
5#include <sys/mount.h>
6#include <unistd.h>
7
8#include "sd-id128.h"
9
10#include "alloc-util.h"
11#include "fd-util.h"
12#include "fs-util.h"
13#include "id128-util.h"
14#include "log.h"
15#include "machine-id-setup.h"
16#include "macro.h"
17#include "mkdir.h"
18#include "mount-util.h"
19#include "path-util.h"
20#include "process-util.h"
21#include "stat-util.h"
22#include "string-util.h"
23#include "umask-util.h"
24#include "util.h"
25#include "virt.h"
26
27static int generate_machine_id(const char *root, sd_id128_t *ret) {
28 const char *dbus_machine_id;
29 _cleanup_close___attribute__((cleanup(closep))) int fd = -1;
30 int r;
31
32 assert(ret)do { if ((__builtin_expect(!!(!(ret)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("ret"), "../src/core/machine-id-setup.c"
, 32, __PRETTY_FUNCTION__); } while (0);
33
34 /* First, try reading the D-Bus machine id, unless it is a symlink */
35 dbus_machine_id = prefix_roota(root, "/var/lib/dbus/machine-id")({ const char* _path = ("/var/lib/dbus/machine-id"), *_root =
(root), *_ret; char *_p, *_n; size_t _l; while (_path[0] == '/'
&& _path[1] == '/') _path ++; if (empty_or_root(_root
)) _ret = _path; else { _l = strlen(_root) + 1 + strlen(_path
) + 1; _n = __builtin_alloca (_l); _p = stpcpy(_n, _root); while
(_p > _n && _p[-1] == '/') _p--; if (_path[0] != '/'
) *(_p++) = '/'; strcpy(_p, _path); _ret = _n; } _ret; });
36 fd = open(dbus_machine_id, O_RDONLY00|O_CLOEXEC02000000|O_NOCTTY0400|O_NOFOLLOW0400000);
37 if (fd >= 0) {
38 if (id128_read_fd(fd, ID128_PLAIN, ret) >= 0) {
39 log_info("Initializing machine ID from D-Bus machine ID.")({ int _level = (((6))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 39, __func__, "Initializing machine ID from D-Bus machine ID."
) : -abs(_e); });
40 return 0;
41 }
42
43 fd = safe_close(fd);
44 }
45
46 if (isempty(root)) {
47 /* If that didn't work, see if we are running in a container,
48 * and a machine ID was passed in via $container_uuid the way
49 * libvirt/LXC does it */
50
51 if (detect_container() > 0) {
52 _cleanup_free___attribute__((cleanup(freep))) char *e = NULL((void*)0);
53
54 if (getenv_for_pid(1, "container_uuid", &e) > 0 &&
55 sd_id128_from_string(e, ret) >= 0) {
56 log_info("Initializing machine ID from container UUID.")({ int _level = (((6))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 56, __func__, "Initializing machine ID from container UUID."
) : -abs(_e); });
57 return 0;
58 }
59
60 } else if (detect_vm() == VIRTUALIZATION_KVM) {
61
62 /* If we are not running in a container, see if we are
63 * running in qemu/kvm and a machine ID was passed in
64 * via -uuid on the qemu/kvm command line */
65
66 if (id128_read("/sys/class/dmi/id/product_uuid", ID128_UUID, ret) >= 0) {
67 log_info("Initializing machine ID from KVM UUID.")({ int _level = (((6))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 67, __func__, "Initializing machine ID from KVM UUID."
) : -abs(_e); });
68 return 0;
69 }
70 }
71 }
72
73 /* If that didn't work, generate a random machine id */
74 r = sd_id128_randomize(ret);
75 if (r < 0)
76 return log_error_errno(r, "Failed to generate randomized : %m")({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 76, __func__, "Failed to generate randomized : %m"
) : -abs(_e); });
77
78 log_info("Initializing machine ID from random generator.")({ int _level = (((6))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 78, __func__, "Initializing machine ID from random generator."
) : -abs(_e); });
79 return 0;
80}
81
82int machine_id_setup(const char *root, sd_id128_t machine_id, sd_id128_t *ret) {
83 const char *etc_machine_id, *run_machine_id;
84 _cleanup_close___attribute__((cleanup(closep))) int fd = -1;
85 bool_Bool writable;
86 int r;
87
88 etc_machine_id = prefix_roota(root, "/etc/machine-id")({ const char* _path = ("/etc/machine-id"), *_root = (root), *
_ret; char *_p, *_n; size_t _l; while (_path[0] == '/' &&
_path[1] == '/') _path ++; if (empty_or_root(_root)) _ret = _path
; else { _l = strlen(_root) + 1 + strlen(_path) + 1; _n = __builtin_alloca
(_l); _p = stpcpy(_n, _root); while (_p > _n && _p
[-1] == '/') _p--; if (_path[0] != '/') *(_p++) = '/'; strcpy
(_p, _path); _ret = _n; } _ret; });
89
90 RUN_WITH_UMASK(0000)for (__attribute__((cleanup(_reset_umask_))) struct _umask_struct_
_saved_umask_ = { umask(0000), 0 }; !_saved_umask_.quit ; _saved_umask_
.quit = 1) {
91 /* We create this 0444, to indicate that this isn't really
92 * something you should ever modify. Of course, since the file
93 * will be owned by root it doesn't matter much, but maybe
94 * people look. */
95
96 (void) mkdir_parents(etc_machine_id, 0755);
97 fd = open(etc_machine_id, O_RDWR02|O_CREAT0100|O_CLOEXEC02000000|O_NOCTTY0400, 0444);
98 if (fd < 0) {
99 int old_errno = errno(*__errno_location ());
100
101 fd = open(etc_machine_id, O_RDONLY00|O_CLOEXEC02000000|O_NOCTTY0400);
102 if (fd < 0) {
103 if (old_errno == EROFS30 && errno(*__errno_location ()) == ENOENT2)
104 return log_error_errno(errno,({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 109, __func__
, "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
"Booting up is supported only when:\n" "1) /etc/machine-id exists and is populated.\n"
"2) /etc/machine-id exists and is empty.\n" "3) /etc/machine-id is missing and /etc is writable.\n"
) : -abs(_e); })
105 "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 109, __func__
, "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
"Booting up is supported only when:\n" "1) /etc/machine-id exists and is populated.\n"
"2) /etc/machine-id exists and is empty.\n" "3) /etc/machine-id is missing and /etc is writable.\n"
) : -abs(_e); })
106 "Booting up is supported only when:\n"({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 109, __func__
, "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
"Booting up is supported only when:\n" "1) /etc/machine-id exists and is populated.\n"
"2) /etc/machine-id exists and is empty.\n" "3) /etc/machine-id is missing and /etc is writable.\n"
) : -abs(_e); })
107 "1) /etc/machine-id exists and is populated.\n"({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 109, __func__
, "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
"Booting up is supported only when:\n" "1) /etc/machine-id exists and is populated.\n"
"2) /etc/machine-id exists and is empty.\n" "3) /etc/machine-id is missing and /etc is writable.\n"
) : -abs(_e); })
108 "2) /etc/machine-id exists and is empty.\n"({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 109, __func__
, "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
"Booting up is supported only when:\n" "1) /etc/machine-id exists and is populated.\n"
"2) /etc/machine-id exists and is empty.\n" "3) /etc/machine-id is missing and /etc is writable.\n"
) : -abs(_e); })
109 "3) /etc/machine-id is missing and /etc is writable.\n")({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 109, __func__
, "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
"Booting up is supported only when:\n" "1) /etc/machine-id exists and is populated.\n"
"2) /etc/machine-id exists and is empty.\n" "3) /etc/machine-id is missing and /etc is writable.\n"
) : -abs(_e); });
110 else
111 return log_error_errno(errno,({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 112, __func__
, "Cannot open %s: %m", etc_machine_id) : -abs(_e); })
112 "Cannot open %s: %m", etc_machine_id)({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 112, __func__
, "Cannot open %s: %m", etc_machine_id) : -abs(_e); });
113 }
114
115 writable = false0;
116 } else
117 writable = true1;
118 }
119
120 /* A we got a valid machine ID argument, that's what counts */
121 if (sd_id128_is_null(machine_id)) {
122
123 /* Try to read any existing machine ID */
124 if (id128_read_fd(fd, ID128_PLAIN, ret) >= 0)
125 return 0;
126
127 /* Hmm, so, the id currently stored is not useful, then let's generate one */
128 r = generate_machine_id(root, &machine_id);
129 if (r < 0)
130 return r;
131 }
132
133 if (writable) {
134 if (lseek(fd, 0, SEEK_SET0) == (off_t) -1)
135 return log_error_errno(errno, "Failed to seek %s: %m", etc_machine_id)({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 135, __func__
, "Failed to seek %s: %m", etc_machine_id) : -abs(_e); });
136
137 if (ftruncate(fd, 0) < 0)
138 return log_error_errno(errno, "Failed to truncate %s: %m", etc_machine_id)({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 138, __func__
, "Failed to truncate %s: %m", etc_machine_id) : -abs(_e); });
139
140 if (id128_write_fd(fd, ID128_PLAIN, machine_id, true1) >= 0)
141 goto finish;
142 }
143
144 fd = safe_close(fd);
145
146 /* Hmm, we couldn't write it? So let's write it to /run/machine-id as a replacement */
147
148 run_machine_id = prefix_roota(root, "/run/machine-id")({ const char* _path = ("/run/machine-id"), *_root = (root), *
_ret; char *_p, *_n; size_t _l; while (_path[0] == '/' &&
_path[1] == '/') _path ++; if (empty_or_root(_root)) _ret = _path
; else { _l = strlen(_root) + 1 + strlen(_path) + 1; _n = __builtin_alloca
(_l); _p = stpcpy(_n, _root); while (_p > _n && _p
[-1] == '/') _p--; if (_path[0] != '/') *(_p++) = '/'; strcpy
(_p, _path); _ret = _n; } _ret; });
149
150 RUN_WITH_UMASK(0022)for (__attribute__((cleanup(_reset_umask_))) struct _umask_struct_
_saved_umask_ = { umask(0022), 0 }; !_saved_umask_.quit ; _saved_umask_
.quit = 1)
151 r = id128_write(run_machine_id, ID128_PLAIN, machine_id, false0);
152 if (r < 0) {
153 (void) unlink(run_machine_id);
154 return log_error_errno(r, "Cannot write %s: %m", run_machine_id)({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 154, __func__, "Cannot write %s: %m"
, run_machine_id) : -abs(_e); });
155 }
156
157 /* And now, let's mount it over */
158 if (mount(run_machine_id, etc_machine_id, NULL((void*)0), MS_BINDMS_BIND, NULL((void*)0)) < 0) {
159 (void) unlink_noerrno(run_machine_id);
160 return log_error_errno(errno, "Failed to mount %s: %m", etc_machine_id)({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 160, __func__
, "Failed to mount %s: %m", etc_machine_id) : -abs(_e); });
161 }
162
163 log_info("Installed transient %s file.", etc_machine_id)({ int _level = (((6))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 163, __func__, "Installed transient %s file."
, etc_machine_id) : -abs(_e); });
164
165 /* Mark the mount read-only */
166 if (mount(NULL((void*)0), etc_machine_id, NULL((void*)0), MS_BINDMS_BIND|MS_RDONLYMS_RDONLY|MS_REMOUNTMS_REMOUNT, NULL((void*)0)) < 0)
167 log_warning_errno(errno, "Failed to make transient %s read-only, ignoring: %m", etc_machine_id)({ int _level = ((4)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 167, __func__
, "Failed to make transient %s read-only, ignoring: %m", etc_machine_id
) : -abs(_e); });
168
169finish:
170 if (ret)
171 *ret = machine_id;
172
173 return 0;
174}
175
176int machine_id_commit(const char *root) {
177 _cleanup_close___attribute__((cleanup(closep))) int fd = -1, initial_mntns_fd = -1;
178 const char *etc_machine_id;
179 sd_id128_t id;
180 int r;
181
182 /* Replaces a tmpfs bind mount of /etc/machine-id by a proper file, atomically. For this, the umount is removed
183 * in a mount namespace, a new file is created at the right place. Afterwards the mount is also removed in the
184 * original mount namespace, thus revealing the file that was just created. */
185
186 etc_machine_id = prefix_roota(root, "/etc/machine-id")({ const char* _path = ("/etc/machine-id"), *_root = (root), *
_ret; char *_p, *_n; size_t _l; while (_path[0] == '/' &&
_path[1] == '/') _path ++; if (empty_or_root(_root)) _ret = _path
; else { _l = strlen(_root) + 1 + strlen(_path) + 1; _n = __builtin_alloca
(_l); _p = stpcpy(_n, _root); while (_p > _n && _p
[-1] == '/') _p--; if (_path[0] != '/') *(_p++) = '/'; strcpy
(_p, _path); _ret = _n; } _ret; });
187
188 r = path_is_mount_point(etc_machine_id, NULL((void*)0), 0);
189 if (r < 0)
190 return log_error_errno(r, "Failed to determine whether %s is a mount point: %m", etc_machine_id)({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 190, __func__, "Failed to determine whether %s is a mount point: %m"
, etc_machine_id) : -abs(_e); });
191 if (r == 0) {
192 log_debug("%s is not a mount point. Nothing to do.", etc_machine_id)({ int _level = (((7))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 192, __func__, "%s is not a mount point. Nothing to do."
, etc_machine_id) : -abs(_e); });
193 return 0;
194 }
195
196 /* Read existing machine-id */
197 fd = open(etc_machine_id, O_RDONLY00|O_CLOEXEC02000000|O_NOCTTY0400);
198 if (fd < 0)
199 return log_error_errno(errno, "Cannot open %s: %m", etc_machine_id)({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 199, __func__
, "Cannot open %s: %m", etc_machine_id) : -abs(_e); });
200
201 r = fd_is_temporary_fs(fd);
202 if (r < 0)
203 return log_error_errno(r, "Failed to determine whether %s is on a temporary file system: %m", etc_machine_id)({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 203, __func__, "Failed to determine whether %s is on a temporary file system: %m"
, etc_machine_id) : -abs(_e); });
204 if (r == 0) {
205 log_error("%s is not on a temporary file system.", etc_machine_id)({ int _level = (((3))), _e = ((0)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 205, __func__, "%s is not on a temporary file system."
, etc_machine_id) : -abs(_e); });
206 return -EROFS30;
207 }
208
209 r = id128_read_fd(fd, ID128_PLAIN, &id);
210 if (r < 0)
211 return log_error_errno(r, "We didn't find a valid machine ID in %s.", etc_machine_id)({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 211, __func__, "We didn't find a valid machine ID in %s."
, etc_machine_id) : -abs(_e); });
212
213 fd = safe_close(fd);
Value stored to 'fd' is never read
214
215 /* Store current mount namespace */
216 r = namespace_open(0, NULL((void*)0), &initial_mntns_fd, NULL((void*)0), NULL((void*)0), NULL((void*)0));
217 if (r < 0)
218 return log_error_errno(r, "Can't fetch current mount namespace: %m")({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 218, __func__, "Can't fetch current mount namespace: %m"
) : -abs(_e); });
219
220 /* Switch to a new mount namespace, isolate ourself and unmount etc_machine_id in our new namespace */
221 if (unshare(CLONE_NEWNS0x00020000) < 0)
222 return log_error_errno(errno, "Failed to enter new namespace: %m")({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 222, __func__
, "Failed to enter new namespace: %m") : -abs(_e); });
223
224 if (mount(NULL((void*)0), "/", NULL((void*)0), MS_SLAVEMS_SLAVE | MS_RECMS_REC, NULL((void*)0)) < 0)
225 return log_error_errno(errno, "Couldn't make-rslave / mountpoint in our private namespace: %m")({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 225, __func__
, "Couldn't make-rslave / mountpoint in our private namespace: %m"
) : -abs(_e); });
226
227 if (umount(etc_machine_id) < 0)
228 return log_error_errno(errno, "Failed to unmount transient %s file in our private namespace: %m", etc_machine_id)({ int _level = ((3)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 228, __func__
, "Failed to unmount transient %s file in our private namespace: %m"
, etc_machine_id) : -abs(_e); });
229
230 /* Update a persistent version of etc_machine_id */
231 r = id128_write(etc_machine_id, ID128_PLAIN, id, true1);
232 if (r < 0)
233 return log_error_errno(r, "Cannot write %s. This is mandatory to get a persistent machine ID: %m", etc_machine_id)({ int _level = ((3)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 233, __func__, "Cannot write %s. This is mandatory to get a persistent machine ID: %m"
, etc_machine_id) : -abs(_e); });
234
235 /* Return to initial namespace and proceed a lazy tmpfs unmount */
236 r = namespace_enter(-1, initial_mntns_fd, -1, -1, -1);
237 if (r < 0)
238 return log_warning_errno(r, "Failed to switch back to initial mount namespace: %m.\nWe'll keep transient %s file until next reboot.", etc_machine_id)({ int _level = ((4)), _e = ((r)), _realm = (LOG_REALM_SYSTEMD
); (log_get_max_level_realm(_realm) >= ((_level) & 0x07
)) ? log_internal_realm(((_realm) << 10 | (_level)), _e
, "../src/core/machine-id-setup.c", 238, __func__, "Failed to switch back to initial mount namespace: %m.\nWe'll keep transient %s file until next reboot."
, etc_machine_id) : -abs(_e); });
239
240 if (umount2(etc_machine_id, MNT_DETACHMNT_DETACH) < 0)
241 return log_warning_errno(errno, "Failed to unmount transient %s file: %m.\nWe keep that mount until next reboot.", etc_machine_id)({ int _level = ((4)), _e = (((*__errno_location ()))), _realm
= (LOG_REALM_SYSTEMD); (log_get_max_level_realm(_realm) >=
((_level) & 0x07)) ? log_internal_realm(((_realm) <<
10 | (_level)), _e, "../src/core/machine-id-setup.c", 241, __func__
, "Failed to unmount transient %s file: %m.\nWe keep that mount until next reboot."
, etc_machine_id) : -abs(_e); });
242
243 return 0;
244}