Re: [PATCH] libproc: make Psystem_daemon() detect modern systemd properly

[Kris Van Hees <kris.van.hees@oracle.com>]

On Fri, Jun 13, 2025 at 05:46:37PM +0100, Nick Alcock wrote:
> Psystem_daemon() is used when carrying out shortlived grabs to detect
> whether a process is too risky to carry out invasive grabs of (you wouldn't
> usually want to stop syslogd or, God forbid, try to ptrace PID 1, unless
> explicitly requested via -p: the process just coming up in routine probe
> firing is not enough).
> 
> This has two code paths: a reliable one for systemd systems (which checks to
> see if the process is in the system slice, which contains precisely and only
> system daemons), and an unreliable one for other systems (which does the old
> Unix approach of consdering anything in the user uid range or with a TTY or
> with open standard FDs to TTYs to be not system daemons, and everything else
> to possibly be one).
> 
> We were checking to see if a system was systemd by looking for the systemd
> cgroup hierarchy name in any of the victim process's cgroups.  This was
> reliable back in the days of cgroups v1, but alas in v2 where systemd runs
> all the cgroups if it runs any and there are no longer multiple hierarchies,
> systemd no longer names its cgroups this way and the test fails, causing us
> to fall back to the unreliable pre-systemd approach.
> 
> Use a more reliable approach to detect systemd, the same approach used by
> sd_booted() in libsystemd; check for the existence of the
> /run/systemd/system directory.  Fix slice detection to work in the absence
> of a systemd hierarchy name, and everything else works unchanged.

Is /run/systems/system guaranteed to always be the correct path or is that
configurable in systemd and thus could change depending on distro etc?

> 
> Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
> ---
>  libproc/Pcontrol.c | 33 +++++++++++++++++++++++----------
>  1 file changed, 23 insertions(+), 10 deletions(-)
> 
> diff --git a/libproc/Pcontrol.c b/libproc/Pcontrol.c
> index 7d9b5055f8201..02da472553d99 100644
> --- a/libproc/Pcontrol.c
> +++ b/libproc/Pcontrol.c
> @@ -2927,10 +2927,24 @@ Psystem_daemon(pid_t pid, uid_t useruid, const char *sysslice)
>  	int fd;
>  
>  	/*
> -	 * If this is a system running systemd, or we don't know yet, dig out
> -	 * the systemd cgroup line from /proc/$pid/cgroup.
> +	 * If we don't know if this systemd is running systemd, find out.
>  	 */
> -	if (systemd_system != 0) {
> +	if (systemd_system < 0) {
> +		struct stat st;
> +
> +		if (stat("/run/systemd/system", &st) < 0 ||
> +		    !S_ISDIR(st.st_mode))
> +			systemd_system = 0;
> +		else
> +			systemd_system = 1;
> +		_dprintf("systemd system.\n");
> +	}
> +
> +	/*
> +	 * If this is a system running systemd, dig out the systemd cgroup line
> +	 * from /proc/$pid/cgroup.
> +	 */
> +	if (systemd_system) {
>  		snprintf(procname, sizeof(procname), "%s/%d/cgroup",
>  		    procfs_path, pid);
>  
> @@ -2941,20 +2955,19 @@ Psystem_daemon(pid_t pid, uid_t useruid, const char *sysslice)
>  		}
>  
>  		while (getline(&buf, &n, fp) >= 0) {
> -			if (strstr(buf, ":name=systemd:") != NULL) {
> -				systemd_system = 1;
> +			if (strstr(buf, ".slice/") != NULL) {
>  				break;
>  			}
>  		}
>  		fclose(fp);
>  		if (systemd_system < 0)
>  			systemd_system = 0;
> -	}
>  
> -	/*
> -	 * We have the systemd cgroup line in buf.  Look at our slice name.
> -	 */
> -	if (systemd_system) {
> +		/*
> +		 * We have our slice's cgroup line in buf.  Extract the slice
> +		 * name, skipping over the hierarchy number and controller
> +		 * fields.
> +		 */
>  		char *colon = strchr(buf, ':');
>  		if (colon)
>  			colon = strchr(colon + 1, ':');
> 
> base-commit: aa63660a7cfcdeb1daf4fb63f1c15f75a1693064
> prerequisite-patch-id: fb67028e06b7f26c5cab857477a44609f50a1706
> prerequisite-patch-id: f663cbb68f1b30be83e8327ff098fff812ba85e6
> prerequisite-patch-id: 7f3cf0adb87fb636276334b0002338ec656f86f7
> prerequisite-patch-id: f4716e3bf14ed8233d49d2f7f07bda796f2f2ba7
> prerequisite-patch-id: 66c5402691e142580c92584b2eaa4e793146b1a1
> prerequisite-patch-id: f96954068cbbaca32084ca999daa825d6668ddd4
> prerequisite-patch-id: 6e71861d033f5658a807814dce1161465cc600c5
> prerequisite-patch-id: 7e219f03f4634783ebd0550542fa8dbe33e70fa3
> prerequisite-patch-id: e7dad794aa72e6d48edc277370f8cca25292d3ba
> prerequisite-patch-id: 9288cd08c77af53d45e9eef5828bca8bddd22258
> prerequisite-patch-id: 994fc434d3e5684814f090acd558aa1d29e737b6
> prerequisite-patch-id: 0b84e67ab3948f9edcf987ddbf9ce38df5656ed3
> prerequisite-patch-id: cb433110beec8b9e5745acb05930c06b890f4788
> prerequisite-patch-id: 71925afd1991d6b1800e0767e5c1420f5b8b43ed
> prerequisite-patch-id: 67fc0d710b58d6205a6877c4e89b531147b61b51
> prerequisite-patch-id: 5b2284dbf7638adacab912d64ccfa775a00632be
> -- 
> 2.48.1.283.g18c60a128c
>