Unverified Commit 045fbc38 authored by Mikael Voss's avatar Mikael Voss
Browse files

nixos/tmpfiles: properly escape argument option 

The systemd.tmpfiles.settings.<name>.<path>.<type>.argument option may
contain arbitrary strings. This could allow intentional or unintentional
introduction of new configuration lines.

The argument field cannot be quoted, C‐style \xNN escape sequences are
however permitted. By escaping whitespace and newline characters, the
issue can be mitigated.
parent b179a7a0

nixos/modules/system/boot/systemd/tmpfiles.nix

+28 −2
Original line number Diff line number Diff line
@@ -18,6 +18,14 @@ let 
      inherit elemType placeholder;

    };



  escapeArgument = lib.strings.escapeC [

    "\t"

    "\n"

    "\r"

    " "

    "\\"

  ];



  settingsOption = {

    description = ''

      Declare systemd-tmpfiles rules to create, delete, and clean up volatile
@@ -126,7 +134,7 @@ let 


  # generates a single entry for a tmpfiles.d rule

  settingsEntryToRule = path: entry: ''

    '${entry.type}' '${path}' '${entry.mode}' '${entry.user}' '${entry.group}' '${entry.age}' ${entry.argument}

    '${entry.type}' '${path}' '${entry.mode}' '${entry.user}' '${entry.group}' '${entry.age}' ${escapeArgument entry.argument}

  '';



  # generates a list of tmpfiles.d rules from the attrs (paths) under tmpfiles.settings.<name>
@@ -199,7 +207,25 @@ in 
          "boot.initrd.systemd.storePaths will lead to errors in the future."

          "Found these problematic files: ${lib.concatStringsSep ", " paths}"

        ]

      );

      )

      ++ (lib.flatten (

        lib.mapAttrsToList (

          name: paths:

          lib.mapAttrsToList (

            path: entries:

            lib.mapAttrsToList (

              type': entry:

              lib.optional (lib.match ''.*\\([nrt]|x[0-9A-Fa-f]{2}).*'' entry.argument != null) (

                lib.concatStringsSep " " [

                  "The argument option of ${name}.${type'}.${path} appears to"

                  "contain escape sequences, which will be escaped again."

                  "Unescape them if this is not intended: \"${entry.argument}\""

                ]

              )

            ) entries

          ) paths

        ) cfg.settings

      ));



    systemd.additionalUpstreamSystemUnits = [

      "systemd-tmpfiles-clean.service"