mirror of
https://github.com/token2/snapd.git
synced 2026-03-13 11:15:47 -07:00
c679f43577
* systemd: add function that implements "systemd-escape" in addition to already existing "systemd-escape --path" * s/cgroup: escape created unit name in CreateTransientScopeForTracking With the addition of component hooks, we'll have unit names that include a '+', like 'snap.snapname+comp.hook.install'. This causes systemd to complain that the unit isn't properly escaped. On the command line, systemd-run will properly escape this for you (with a warning), but the dbus API doesn't do that. * s/naming: teach ParseSecurityTag to handle tags from component hooks * Revert "systemd: add function that implements "systemd-escape" in addition to already existing "systemd-escape --path"" This reverts commit 0521600ec8fa785b69d2b7a85fa8da9be4938a5a. * systemd: add functions for escaping security tags to valid systemd unit names We must at least partially escape unit names that are created from security tags, since they may potentially contain '+' characters from snap components. Since we already use unit names with '-' in them, we cannot simply use a reimplementation of systemd-escape. This is because '-' is escaped by systemd-escape. Note that '-' is a valid character is a unit name, since it is used as the replacement for the '/' character by systemd-escapes. Thus, we have our own functions for converting a security tag to a unit name, and the inverse. These functions only escape the '+' character that appears in security tags. * s/cgroup: use new conversions from security tags to unit names, and the inverse * systemd: update doc comment on UnitNameFromSecurityTag Co-authored-by: Maciej Borzecki <maciek.borzecki@gmail.com> * s/naming: add ComponentName method to HookSecurityTag interface * systemd: split tests for UnitNameFromSecurityTag and SecurityTagFromUnitName * s/naming: add test for invalid snap instance that is a part of a component * s/naming: refactor ParseSecurityTag to clarify that components cannot have apps yet * systemd, s/cgroup: rename security tag and unit name conversion functions for clarity --------- Co-authored-by: Maciej Borzecki <maciek.borzecki@gmail.com>