#include "build.h"
#include "dbus-common.h"
#include "install.h"
+#include "selinux-access.h"
#include "watchdog.h"
#include "hwclock.h"
#include "path-util.h"
+#include "dbus-unit.h"
+#include "virt.h"
+#include "env-util.h"
#define BUS_MANAGER_INTERFACE_BEGIN \
" <interface name=\"org.freedesktop.systemd1.Manager\">\n"
" <method name=\"KillUnit\">\n" \
" <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
" <arg name=\"who\" type=\"s\" direction=\"in\"/>\n" \
- " <arg name=\"mode\" type=\"s\" direction=\"in\"/>\n" \
" <arg name=\"signal\" type=\"i\" direction=\"in\"/>\n" \
" </method>\n" \
" <method name=\"ResetFailedUnit\">\n" \
" <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
" </method>\n" \
+ " <method name=\"SetUnitControlGroup\">\n" \
+ " <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"group\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"mode\" type=\"s\" direction=\"in\"/>\n" \
+ " </method>\n" \
+ " <method name=\"UnsetUnitControlGroup\">\n" \
+ " <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"group\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"mode\" type=\"s\" direction=\"in\"\n/>" \
+ " </method>\n" \
+ " <method name=\"GetUnitControlGroupAttribute\">\n" \
+ " <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"attribute\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"values\" type=\"as\" direction=\"out\"/>\n" \
+ " </method>\n" \
+ " <method name=\"SetUnitControlGroupAttribute\">\n" \
+ " <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"attribute\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"values\" type=\"as\" direction=\"in\"/>\n" \
+ " <arg name=\"mode\" type=\"s\" direction=\"in\"\n/>" \
+ " </method>\n" \
+ " <method name=\"UnsetUnitControlGroupAttributes\">\n" \
+ " <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"attribute\" type=\"s\" direction=\"in\"/>\n" \
+ " <arg name=\"mode\" type=\"s\" direction=\"in\"/>\n" \
+ " </method>\n" \
" <method name=\"GetJob\">\n" \
" <arg name=\"id\" type=\"u\" direction=\"in\"/>\n" \
" <arg name=\"job\" type=\"o\" direction=\"out\"/>\n" \
" </method>\n" \
+ " <method name=\"CancelJob\">\n" \
+ " <arg name=\"id\" type=\"u\" direction=\"in\"/>\n" \
+ " </method>\n" \
" <method name=\"ClearJobs\"/>\n" \
" <method name=\"ResetFailed\"/>\n" \
" <method name=\"ListUnits\">\n" \
" </method>\n" \
" <method name=\"Subscribe\"/>\n" \
" <method name=\"Unsubscribe\"/>\n" \
- " <method name=\"Dump\"/>\n" \
+ " <method name=\"Dump\">\n" \
+ " <arg name=\"dump\" type=\"s\" direction=\"out\"/>\n" \
+ " </method>\n" \
" <method name=\"CreateSnapshot\">\n" \
" <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
" <arg name=\"cleanup\" type=\"b\" direction=\"in\"/>\n" \
" <arg name=\"unit\" type=\"o\" direction=\"out\"/>\n" \
" </method>\n" \
+ " <method name=\"RemoveSnapshot\">\n" \
+ " <arg name=\"name\" type=\"s\" direction=\"in\"/>\n" \
+ " </method>\n" \
" <method name=\"Reload\"/>\n" \
" <method name=\"Reexecute\"/>\n" \
" <method name=\"Exit\"/>\n" \
" <arg name=\"set\" type=\"as\" direction=\"in\"/>\n" \
" </method>\n" \
" <method name=\"ListUnitFiles\">\n" \
- " <arg name=\"changes\" type=\"a(ss)\" direction=\"out\"/>\n" \
+ " <arg name=\"files\" type=\"a(ss)\" direction=\"out\"/>\n" \
" </method>\n" \
" <method name=\"GetUnitFileState\">\n" \
" <arg name=\"file\" type=\"s\" direction=\"in\"/>\n" \
" <arg name=\"result\" type=\"s\"/>\n" \
" </signal>" \
" <signal name=\"StartupFinished\">\n" \
+ " <arg name=\"firmware\" type=\"t\"/>\n" \
+ " <arg name=\"loader\" type=\"t\"/>\n" \
" <arg name=\"kernel\" type=\"t\"/>\n" \
" <arg name=\"initrd\" type=\"t\"/>\n" \
" <arg name=\"userspace\" type=\"t\"/>\n" \
#define BUS_MANAGER_INTERFACE_PROPERTIES_GENERAL \
" <property name=\"Version\" type=\"s\" access=\"read\"/>\n" \
- " <property name=\"Distribution\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"Features\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"Tainted\" type=\"s\" access=\"read\"/>\n" \
- " <property name=\"RunningAs\" type=\"s\" access=\"read\"/>\n" \
+ " <property name=\"FirmwareTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"FirmwareTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"LoaderTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"LoaderTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"KernelTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"KernelTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"InitRDTimestamp\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"InitRDTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
- " <property name=\"StartupTimestamp\" type=\"t\" access=\"read\"/>\n" \
- " <property name=\"StartupTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"UserspaceTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"UserspaceTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"FinishTimestamp\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"FinishTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"LogLevel\" type=\"s\" access=\"readwrite\"/>\n" \
" <property name=\"ConfirmSpawn\" type=\"b\" access=\"read\"/>\n" \
" <property name=\"ShowStatus\" type=\"b\" access=\"read\"/>\n" \
" <property name=\"UnitPath\" type=\"as\" access=\"read\"/>\n" \
- " <property name=\"NotifySocket\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"ControlGroupHierarchy\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"DefaultControllers\" type=\"as\" access=\"read\"/>\n" \
" <property name=\"DefaultStandardOutput\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"DefaultStandardError\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"RuntimeWatchdogUSec\" type=\"s\" access=\"readwrite\"/>\n" \
" <property name=\"ShutdownWatchdogUSec\" type=\"s\" access=\"readwrite\"/>\n" \
- " <property name=\"HaveWatchdog\" type=\"b\" access=\"read\"/>\n"
-
-#ifdef HAVE_SYSV_COMPAT
-#define BUS_MANAGER_INTERFACE_PROPERTIES_SYSV \
- " <property name=\"SysVConsole\" type=\"b\" access=\"read\"/>\n" \
- " <property name=\"SysVInitPath\" type=\"as\" access=\"read\"/>\n" \
- " <property name=\"SysVRcndPath\" type=\"as\" access=\"read\"/>\n"
-#else
-#define BUS_MANAGER_INTERFACE_PROPERTIES_SYSV
-#endif
+ " <property name=\"Virtualization\" type=\"s\" access=\"read\"/>\n"
#define BUS_MANAGER_INTERFACE_END \
" </interface>\n"
BUS_MANAGER_INTERFACE_METHODS \
BUS_MANAGER_INTERFACE_SIGNALS \
BUS_MANAGER_INTERFACE_PROPERTIES_GENERAL \
- BUS_MANAGER_INTERFACE_PROPERTIES_SYSV \
BUS_MANAGER_INTERFACE_END
#define INTROSPECTION_BEGIN \
const char bus_manager_interface[] _introspect_("Manager") = BUS_MANAGER_INTERFACE;
-static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_manager_append_running_as, manager_running_as, ManagerRunningAs);
static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_manager_append_exec_output, exec_output, ExecOutput);
static int bus_manager_append_tainted(DBusMessageIter *i, const char *property, void *data) {
}
static int bus_manager_append_log_level(DBusMessageIter *i, const char *property, void *data) {
- const char *t;
+ char *t;
+ int r;
assert(i);
assert(property);
- t = log_level_to_string(log_get_max_level());
+ r = log_level_to_string_alloc(log_get_max_level(), &t);
+ if (r < 0)
+ return r;
if (!dbus_message_iter_append_basic(i, DBUS_TYPE_STRING, &t))
- return -ENOMEM;
+ r = -ENOMEM;
- return 0;
+ free(t);
+ return r;
}
static int bus_manager_set_log_level(DBusMessageIter *i, const char *property, void *data) {
return 0;
}
-static const char *message_get_sender_with_fallback(DBusMessage *m) {
- const char *s;
+static int bus_manager_append_virt(DBusMessageIter *i, const char *property, void *data) {
+ Manager *m = data;
+ const char *id = "";
+ assert(i);
+ assert(property);
assert(m);
- if ((s = dbus_message_get_sender(m)))
- return s;
+ detect_virtualization(&id);
- /* When the message came in from a direct connection the
- * message will have no sender. We fix that here. */
+ if (!dbus_message_iter_append_basic(i, DBUS_TYPE_STRING, &id))
+ return -ENOMEM;
- return ":no-sender";
+ return 0;
}
static DBusMessage *message_from_file_changes(
return r;
}
-static int bus_manager_append_have_watchdog(DBusMessageIter *i, const char *property, void *data) {
- dbus_bool_t b;
-
- assert(i);
- assert(property);
-
- b = access("/dev/watchdog", F_OK) >= 0;
-
- if (!dbus_message_iter_append_basic(i, DBUS_TYPE_BOOLEAN, &b))
- return -ENOMEM;
-
- return 0;
-}
-
static int bus_manager_set_runtime_watchdog_usec(DBusMessageIter *i, const char *property, void *data) {
uint64_t *t = data;
static const char systemd_property_string[] =
PACKAGE_STRING "\0"
- DISTRIBUTION "\0"
SYSTEMD_FEATURES;
static const BusProperty bus_systemd_properties[] = {
- { "Version", bus_property_append_string, "s", 0 },
- { "Distribution", bus_property_append_string, "s", sizeof(PACKAGE_STRING) },
- { "Features", bus_property_append_string, "s", sizeof(PACKAGE_STRING) + sizeof(DISTRIBUTION) },
+ { "Version", bus_property_append_string, "s", 0 },
+ { "Features", bus_property_append_string, "s", sizeof(PACKAGE_STRING) },
{ NULL, }
};
static const BusProperty bus_manager_properties[] = {
- { "RunningAs", bus_manager_append_running_as, "s", offsetof(Manager, running_as) },
- { "Tainted", bus_manager_append_tainted, "s", 0 },
- { "InitRDTimestamp", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.realtime) },
- { "InitRDTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.monotonic) },
- { "StartupTimestamp", bus_property_append_uint64, "t", offsetof(Manager, startup_timestamp.realtime) },
- { "StartupTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, startup_timestamp.monotonic) },
- { "FinishTimestamp", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.realtime) },
- { "FinishTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.monotonic) },
- { "LogLevel", bus_manager_append_log_level, "s", 0, false, bus_manager_set_log_level },
- { "LogTarget", bus_manager_append_log_target, "s", 0, false, bus_manager_set_log_target },
- { "NNames", bus_manager_append_n_names, "u", 0 },
- { "NJobs", bus_manager_append_n_jobs, "u", 0 },
- { "NInstalledJobs",bus_property_append_uint32, "u", offsetof(Manager, n_installed_jobs) },
- { "NFailedJobs", bus_property_append_uint32, "u", offsetof(Manager, n_failed_jobs) },
- { "Progress", bus_manager_append_progress, "d", 0 },
- { "Environment", bus_property_append_strv, "as", offsetof(Manager, environment), true },
- { "ConfirmSpawn", bus_property_append_bool, "b", offsetof(Manager, confirm_spawn) },
- { "ShowStatus", bus_property_append_bool, "b", offsetof(Manager, show_status) },
- { "UnitPath", bus_property_append_strv, "as", offsetof(Manager, lookup_paths.unit_path), true },
- { "NotifySocket", bus_property_append_string, "s", offsetof(Manager, notify_socket), true },
- { "ControlGroupHierarchy", bus_property_append_string, "s", offsetof(Manager, cgroup_hierarchy), true },
- { "DefaultControllers", bus_property_append_strv, "as", offsetof(Manager, default_controllers), true },
- { "DefaultStandardOutput", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_output) },
- { "DefaultStandardError", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_error) },
- { "RuntimeWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, runtime_watchdog), false, bus_manager_set_runtime_watchdog_usec },
- { "ShutdownWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, shutdown_watchdog), false, bus_property_set_usec },
- { "HaveWatchdog", bus_manager_append_have_watchdog, "b", 0 },
-#ifdef HAVE_SYSV_COMPAT
- { "SysVConsole", bus_property_append_bool, "b", offsetof(Manager, sysv_console) },
- { "SysVInitPath", bus_property_append_strv, "as", offsetof(Manager, lookup_paths.sysvinit_path), true },
- { "SysVRcndPath", bus_property_append_strv, "as", offsetof(Manager, lookup_paths.sysvrcnd_path), true },
-#endif
+ { "Tainted", bus_manager_append_tainted, "s", 0 },
+ { "FirmwareTimestamp", bus_property_append_uint64, "t", offsetof(Manager, firmware_timestamp.realtime) },
+ { "FirmwareTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, firmware_timestamp.monotonic) },
+ { "LoaderTimestamp", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.realtime) },
+ { "LoaderTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.monotonic) },
+ { "KernelTimestamp", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.realtime) },
+ { "KernelTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.monotonic) },
+ { "InitRDTimestamp", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.realtime) },
+ { "InitRDTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.monotonic) },
+ { "UserspaceTimestamp", bus_property_append_uint64, "t", offsetof(Manager, userspace_timestamp.realtime) },
+ { "UserspaceTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, userspace_timestamp.monotonic) },
+ { "FinishTimestamp", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.realtime) },
+ { "FinishTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.monotonic) },
+ { "LogLevel", bus_manager_append_log_level, "s", 0, false, bus_manager_set_log_level },
+ { "LogTarget", bus_manager_append_log_target, "s", 0, false, bus_manager_set_log_target },
+ { "NNames", bus_manager_append_n_names, "u", 0 },
+ { "NJobs", bus_manager_append_n_jobs, "u", 0 },
+ { "NInstalledJobs", bus_property_append_uint32, "u", offsetof(Manager, n_installed_jobs) },
+ { "NFailedJobs", bus_property_append_uint32, "u", offsetof(Manager, n_failed_jobs) },
+ { "Progress", bus_manager_append_progress, "d", 0 },
+ { "Environment", bus_property_append_strv, "as", offsetof(Manager, environment), true },
+ { "ConfirmSpawn", bus_property_append_bool, "b", offsetof(Manager, confirm_spawn) },
+ { "ShowStatus", bus_property_append_bool, "b", offsetof(Manager, show_status) },
+ { "UnitPath", bus_property_append_strv, "as", offsetof(Manager, lookup_paths.unit_path), true },
+ { "ControlGroupHierarchy", bus_property_append_string, "s", offsetof(Manager, cgroup_hierarchy), true },
+ { "DefaultControllers", bus_property_append_strv, "as", offsetof(Manager, default_controllers), true },
+ { "DefaultStandardOutput", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_output) },
+ { "DefaultStandardError", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_error) },
+ { "RuntimeWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, runtime_watchdog), false, bus_manager_set_runtime_watchdog_usec },
+ { "ShutdownWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, shutdown_watchdog), false, bus_property_set_usec },
+ { "Virtualization", bus_manager_append_virt, "s", 0, },
{ NULL, }
};
static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, DBusMessage *message, void *data) {
+ _cleanup_dbus_message_unref_ DBusMessage *reply = NULL;
+ _cleanup_free_ char * path = NULL;
Manager *m = data;
-
int r;
DBusError error;
- DBusMessage *reply = NULL;
- char * path = NULL;
JobType job_type = _JOB_TYPE_INVALID;
bool reload_if_possible = false;
const char *member;
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = manager_get_unit(m, name))) {
+ u = manager_get_unit(m, name);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(u)))
+ path = unit_dbus_path(u);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = cgroup_unit_by_pid(m, (pid_t) pid))) {
+ u = cgroup_unit_by_pid(m, (pid_t) pid);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "No unit for PID %lu is loaded.", (unsigned long) pid);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(u)))
+ path = unit_dbus_path(u);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if ((r = manager_load_unit(m, name, NULL, &error, &u)) < 0)
+ r = manager_load_unit(m, name, NULL, &error, &u);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(u)))
+ path = unit_dbus_path(u);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
reload_if_possible = true;
job_type = JOB_TRY_RESTART;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "KillUnit")) {
- const char *name, *swho, *smode;
+ const char *name, *swho;
int32_t signo;
Unit *u;
- KillMode mode;
KillWho who;
if (!dbus_message_get_args(
&error,
DBUS_TYPE_STRING, &name,
DBUS_TYPE_STRING, &swho,
- DBUS_TYPE_STRING, &smode,
DBUS_TYPE_INT32, &signo,
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
return bus_send_error_reply(connection, message, &error, -EINVAL);
}
- if (isempty(smode))
- mode = KILL_CONTROL_GROUP;
- else {
- mode = kill_mode_from_string(smode);
- if (mode < 0)
- return bus_send_error_reply(connection, message, &error, -EINVAL);
- }
-
if (signo <= 0 || signo >= _NSIG)
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = manager_get_unit(m, name))) {
+ u = manager_get_unit(m, name);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if ((r = unit_kill(u, who, mode, signo, &error)) < 0)
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop");
+
+ r = unit_kill(u, who, signo, &error);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "GetJob")) {
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(j = manager_get_job(m, id))) {
+ j = manager_get_job(m, id);
+ if (!j) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(j->unit, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = job_dbus_path(j)))
+ path = job_dbus_path(j);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
DBUS_TYPE_INVALID))
goto oom;
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "CancelJob")) {
+ uint32_t id;
+ Job *j;
+
+ if (!dbus_message_get_args(
+ message,
+ &error,
+ DBUS_TYPE_UINT32, &id,
+ DBUS_TYPE_INVALID))
+ return bus_send_error_reply(connection, message, &error, -EINVAL);
+
+ j = manager_get_job(m, id);
+ if (!j) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(j->unit, connection, message, "stop");
+ job_finish_and_invalidate(j, JOB_CANCELED, true);
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ClearJobs")) {
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
manager_clear_jobs(m);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ResetFailed")) {
+ SELINUX_ACCESS_CHECK(connection, message, "reload");
+
manager_reset_failed(m);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ResetFailedUnit")) {
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = manager_get_unit(m, name))) {
+ u = manager_get_unit(m, name);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "reload");
+
unit_reset_failed(u);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetUnitControlGroup")) {
+ const char *name;
+ Unit *u;
+ DBusMessageIter iter;
+
+ if (!dbus_message_iter_init(message, &iter))
+ goto oom;
+
+ r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ u = manager_get_unit(m, name);
+ if (!u) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "start");
+
+ r = bus_unit_cgroup_set(u, &iter);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetUnitControlGroup")) {
+ const char *name;
+ Unit *u;
+ DBusMessageIter iter;
+
+ if (!dbus_message_iter_init(message, &iter))
+ goto oom;
+
+ r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ u = manager_get_unit(m, name);
+ if (!u) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop");
+
+ r = bus_unit_cgroup_unset(u, &iter);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetUnitControlGroupAttribute")) {
+ const char *name;
+ Unit *u;
+ DBusMessageIter iter;
+
+ if (!dbus_message_iter_init(message, &iter))
+ goto oom;
+
+ r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ u = manager_get_unit(m, name);
+ if (!u) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "start");
+
+ r = bus_unit_cgroup_attribute_set(u, &iter);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetUnitControlGroupAttribute")) {
+ const char *name;
+ Unit *u;
+ DBusMessageIter iter;
+
+ if (!dbus_message_iter_init(message, &iter))
+ goto oom;
+
+ r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ u = manager_get_unit(m, name);
+ if (!u) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop");
+
+ r = bus_unit_cgroup_attribute_unset(u, &iter);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "GetUnitControlGroupAttribute")) {
+ const char *name;
+ Unit *u;
+ DBusMessageIter iter;
+ _cleanup_strv_free_ char **list = NULL;
+
+ if (!dbus_message_iter_init(message, &iter))
+ goto oom;
+
+ r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ u = manager_get_unit(m, name);
+ if (!u) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ r = bus_unit_cgroup_attribute_get(u, &iter, &list);
+ if (r < 0)
+ return bus_send_error_reply(connection, message, NULL, r);
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
+ dbus_message_iter_init_append(reply, &iter);
+ if (bus_append_strv_iter(&iter, list) < 0)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ListUnits")) {
Unit *u;
const char *k;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
dbus_message_iter_init_append(reply, &iter);
f = unit_following(u);
following = f ? f->id : "";
- if (!(u_path = unit_dbus_path(u)))
+ u_path = unit_dbus_path(u);
+ if (!u_path)
goto oom;
if (u->job) {
Iterator i;
Job *j;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
dbus_message_iter_init_append(reply, &iter);
state = job_state_to_string(j->state);
type = job_type_to_string(j->type);
- if (!(j_path = job_dbus_path(j)))
+ j_path = job_dbus_path(j);
+ if (!j_path)
goto oom;
- if (!(u_path = unit_dbus_path(j->unit))) {
+ u_path = unit_dbus_path(j->unit);
+ if (!u_path) {
free(j_path);
goto oom;
}
char *client;
Set *s;
- if (!(s = BUS_CONNECTION_SUBSCRIBED(m, connection))) {
- if (!(s = set_new(string_hash_func, string_compare_func)))
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
+ s = BUS_CONNECTION_SUBSCRIBED(m, connection);
+ if (!s) {
+ s = set_new(string_hash_func, string_compare_func);
+ if (!s)
goto oom;
- if (!(dbus_connection_set_data(connection, m->subscribed_data_slot, s, NULL))) {
+ if (!dbus_connection_set_data(connection, m->subscribed_data_slot, s, NULL)) {
set_free(s);
goto oom;
}
}
- if (!(client = strdup(message_get_sender_with_fallback(message))))
+ client = strdup(bus_message_get_sender_with_fallback(message));
+ if (!client)
goto oom;
- if ((r = set_put(s, client)) < 0) {
+ r = set_put(s, client);
+ if (r < 0) {
free(client);
return bus_send_error_reply(connection, message, NULL, r);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Unsubscribe")) {
char *client;
- if (!(client = set_remove(BUS_CONNECTION_SUBSCRIBED(m, connection), (char*) message_get_sender_with_fallback(message)))) {
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
+ client = set_remove(BUS_CONNECTION_SUBSCRIBED(m, connection), (char*) bus_message_get_sender_with_fallback(message));
+ if (!client) {
dbus_set_error(&error, BUS_ERROR_NOT_SUBSCRIBED, "Client is not subscribed.");
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
free(client);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Dump")) {
char *dump = NULL;
size_t size;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(f = open_memstream(&dump, &size)))
+ f = open_memstream(&dump, &size);
+ if (!f)
goto oom;
manager_dump_units(m, f, NULL);
dbus_bool_t cleanup;
Snapshot *s;
+ SELINUX_ACCESS_CHECK(connection, message, "start");
+
if (!dbus_message_get_args(
message,
&error,
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (name && name[0] == 0)
+ if (isempty(name))
name = NULL;
- if ((r = snapshot_create(m, name, cleanup, &error, &s)) < 0)
+ r = snapshot_create(m, name, cleanup, &error, &s);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(UNIT(s))))
+ path = unit_dbus_path(UNIT(s));
+ if (!path)
goto oom;
if (!dbus_message_append_args(
DBUS_TYPE_INVALID))
goto oom;
+ } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "RemoveSnapshot")) {
+ const char *name;
+ Unit *u;
+
+ if (!dbus_message_get_args(
+ message,
+ &error,
+ DBUS_TYPE_STRING, &name,
+ DBUS_TYPE_INVALID))
+ return bus_send_error_reply(connection, message, &error, -EINVAL);
+
+ u = manager_get_unit(m, name);
+ if (!u) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s does not exist.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ if (u->type != UNIT_SNAPSHOT) {
+ dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not a snapshot.", name);
+ return bus_send_error_reply(connection, message, &error, -ENOENT);
+ }
+
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop");
+ snapshot_remove(SNAPSHOT(u));
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
+ goto oom;
+
} else if (dbus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", "Introspect")) {
char *introspection = NULL;
FILE *f;
const char *k;
size_t size;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
/* We roll our own introspection code here, instead of
* need to generate our introspection string
* dynamically. */
- if (!(f = open_memstream(&introspection, &size)))
+ f = open_memstream(&introspection, &size);
+ if (!f)
goto oom;
fputs(INTROSPECTION_BEGIN, f);
if (k != u->id)
continue;
- if (!(p = bus_path_escape(k))) {
+ p = bus_path_escape(k);
+ if (!p) {
fclose(f);
free(introspection);
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reload")) {
+ SELINUX_ACCESS_CHECK(connection, message, "reload");
+
assert(!m->queued_message);
/* Instead of sending the reply back right away, we
* after the reload is finished. That way the caller
* knows when the reload finished. */
- if (!(m->queued_message = dbus_message_new_method_return(message)))
+ m->queued_message = dbus_message_new_method_return(message);
+ if (!m->queued_message)
goto oom;
m->queued_message_connection = connection;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reexecute")) {
+ SELINUX_ACCESS_CHECK(connection, message, "reload");
+
/* We don't send a reply back here, the client should
* just wait for us disconnecting. */
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Exit")) {
- if (m->running_as == MANAGER_SYSTEM) {
+ SELINUX_ACCESS_CHECK(connection, message, "halt");
+
+ if (m->running_as == SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Exit is only supported for user service managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_EXIT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reboot")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Reboot is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_REBOOT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "PowerOff")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_ACCESS_CHECK(connection, message, "halt");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Powering off is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_POWEROFF;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Halt")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_ACCESS_CHECK(connection, message, "halt");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Halting is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_HALT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "KExec")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "kexec is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_KEXEC;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SwitchRoot")) {
const char *switch_root, *switch_root_init;
char *u, *v;
+ int k;
+
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
if (!dbus_message_get_args(
message,
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (path_equal(switch_root, "/") || !is_path(switch_root))
+ if (path_equal(switch_root, "/") || !path_is_absolute(switch_root))
return bus_send_error_reply(connection, message, NULL, -EINVAL);
- if (!isempty(switch_root_init) && !is_path(switch_root_init))
+ if (!isempty(switch_root_init) && !path_is_absolute(switch_root_init))
return bus_send_error_reply(connection, message, NULL, -EINVAL);
- if (m->running_as != MANAGER_SYSTEM) {
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Switching root is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
+ /* Safety check */
+ if (isempty(switch_root_init))
+ k = access(switch_root, F_OK);
+ else {
+ char *p;
+
+ p = strjoin(switch_root, "/", switch_root_init, NULL);
+ if (!p)
+ goto oom;
+
+ k = access(p, X_OK);
+ free(p);
+ }
+ if (k < 0)
+ return bus_send_error_reply(connection, message, NULL, -errno);
+
u = strdup(switch_root);
if (!u)
goto oom;
m->exit_code = MANAGER_SWITCH_ROOT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetEnvironment")) {
- char **l = NULL, **e = NULL;
+ _cleanup_strv_free_ char **l = NULL;
+ char **e = NULL;
- if ((r = bus_parse_strv(message, &l)) < 0) {
- if (r == -ENOMEM)
- goto oom;
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
+ r = bus_parse_strv(message, &l);
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
+ if (!strv_env_is_valid(l))
+ return bus_send_error_reply(connection, message, NULL, -EINVAL);
e = strv_env_merge(2, m->environment, l);
- strv_free(l);
-
if (!e)
goto oom;
- if (!(reply = dbus_message_new_method_return(message))) {
+ reply = dbus_message_new_method_return(message);
+ if (!reply) {
strv_free(e);
goto oom;
}
m->environment = e;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetEnvironment")) {
- char **l = NULL, **e = NULL;
+ _cleanup_strv_free_ char **l = NULL;
+ char **e = NULL;
- if ((r = bus_parse_strv(message, &l)) < 0) {
- if (r == -ENOMEM)
- goto oom;
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
+ r = bus_parse_strv(message, &l);
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
+ if (!strv_env_name_or_assignment_is_valid(l))
+ return bus_send_error_reply(connection, message, NULL, -EINVAL);
e = strv_env_delete(m->environment, 1, l);
- strv_free(l);
-
if (!e)
goto oom;
- if (!(reply = dbus_message_new_method_return(message))) {
+ reply = dbus_message_new_method_return(message);
+ if (!reply) {
strv_free(e);
goto oom;
}
m->environment = e;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetAndSetEnvironment")) {
- char **l_set = NULL, **l_unset = NULL, **e = NULL, **f = NULL;
+ _cleanup_strv_free_ char **l_set = NULL, **l_unset = NULL, **e = NULL;
+ char **f = NULL;
DBusMessageIter iter;
+ SELINUX_ACCESS_CHECK(connection, message, "reboot");
+
if (!dbus_message_iter_init(message, &iter))
goto oom;
r = bus_parse_strv_iter(&iter, &l_unset);
- if (r < 0) {
- if (r == -ENOMEM)
- goto oom;
-
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
+ if (!strv_env_name_or_assignment_is_valid(l_unset))
+ return bus_send_error_reply(connection, message, NULL, -EINVAL);
- if (!dbus_message_iter_next(&iter)) {
- strv_free(l_unset);
+ if (!dbus_message_iter_next(&iter))
return bus_send_error_reply(connection, message, NULL, -EINVAL);
- }
r = bus_parse_strv_iter(&iter, &l_set);
- if (r < 0) {
- strv_free(l_unset);
- if (r == -ENOMEM)
- goto oom;
-
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
+ if (!strv_env_is_valid(l_set))
+ return bus_send_error_reply(connection, message, NULL, -EINVAL);
e = strv_env_delete(m->environment, 1, l_unset);
- strv_free(l_unset);
-
- if (!e) {
- strv_free(l_set);
+ if (!e)
goto oom;
- }
f = strv_env_merge(2, e, l_set);
- strv_free(l_set);
- strv_free(e);
-
if (!f)
goto oom;
- if (!(reply = dbus_message_new_method_return(message))) {
+ reply = dbus_message_new_method_return(message);
+ if (!reply) {
strv_free(f);
goto oom;
}
Iterator i;
UnitFileList *item;
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
reply = dbus_message_new_method_return(message);
if (!reply)
goto oom;
if (!h)
goto oom;
- r = unit_file_get_list(m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, h);
+ r = unit_file_get_list(m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, h);
if (r < 0) {
unit_file_list_free(h);
- dbus_message_unref(reply);
return bus_send_error_reply(connection, message, NULL, r);
}
UnitFileState state;
const char *s;
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
if (!dbus_message_get_args(
message,
&error,
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- state = unit_file_get_state(m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, name);
+ state = unit_file_get_state(m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, name);
if (state < 0)
return bus_send_error_reply(connection, message, NULL, state);
char **l = NULL;
DBusMessageIter iter;
- UnitFileScope scope = m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
+ UnitFileScope scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
UnitFileChange *changes = NULL;
unsigned n_changes = 0;
dbus_bool_t runtime, force;
int carries_install_info = -1;
+ SELINUX_ACCESS_CHECK(connection, message, streq(member, "MaskUnitFiles") ? "disable" : "enable");
+
if (!dbus_message_iter_init(message, &iter))
goto oom;
char **l = NULL;
DBusMessageIter iter;
- UnitFileScope scope = m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
+ UnitFileScope scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
UnitFileChange *changes = NULL;
unsigned n_changes = 0;
dbus_bool_t runtime;
+ SELINUX_ACCESS_CHECK(connection, message, streq(member, "UnmaskUnitFiles") ? "enable" : "disable");
+
if (!dbus_message_iter_init(message, &iter))
goto oom;
{ "org.freedesktop.systemd1.Manager", bus_manager_properties, m },
{ NULL, }
};
+
+ SELINUX_ACCESS_CHECK(connection, message, "status");
+
return bus_default_message_handler(connection, message, NULL, INTERFACES_LIST, bps);
}
if (job_type != _JOB_TYPE_INVALID) {
const char *name, *smode, *old_name = NULL;
JobMode mode;
- Job *j;
- JobBusClient *cl;
Unit *u;
- bool b;
+ dbus_bool_t b;
if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "StartUnitReplace"))
b = dbus_message_get_args(
DBUS_TYPE_STRING, &name,
DBUS_TYPE_STRING, &smode,
DBUS_TYPE_INVALID);
-
if (!b)
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (old_name)
- if (!(u = manager_get_unit(m, old_name)) ||
- !u->job ||
- u->job->type != JOB_START) {
+ if (old_name) {
+ u = manager_get_unit(m, old_name);
+ if (!u || !u->job || u->job->type != JOB_START) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_JOB, "No job queued for unit %s", old_name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
+ }
-
- if ((mode = job_mode_from_string(smode)) == _JOB_MODE_INVALID) {
+ mode = job_mode_from_string(smode);
+ if (mode < 0) {
dbus_set_error(&error, BUS_ERROR_INVALID_JOB_MODE, "Job mode %s is invalid.", smode);
return bus_send_error_reply(connection, message, &error, -EINVAL);
}
- if ((r = manager_load_unit(m, name, NULL, &error, &u)) < 0)
+ r = manager_load_unit(m, name, NULL, &error, &u);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- if (reload_if_possible && unit_can_reload(u)) {
- if (job_type == JOB_RESTART)
- job_type = JOB_RELOAD_OR_START;
- else if (job_type == JOB_TRY_RESTART)
- job_type = JOB_RELOAD;
- }
-
- if ((job_type == JOB_START && u->refuse_manual_start) ||
- (job_type == JOB_STOP && u->refuse_manual_stop) ||
- ((job_type == JOB_RESTART || job_type == JOB_TRY_RESTART) &&
- (u->refuse_manual_start || u->refuse_manual_stop))) {
- dbus_set_error(&error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, may be requested by dependency only.");
- return bus_send_error_reply(connection, message, &error, -EPERM);
- }
-
- if ((r = manager_add_job(m, job_type, u, mode, true, &error, &j)) < 0)
- return bus_send_error_reply(connection, message, &error, r);
-
- cl = job_bus_client_new(connection, message_get_sender_with_fallback(message));
- if (!cl)
- goto oom;
-
- LIST_PREPEND(JobBusClient, client, j->bus_client_list, cl);
-
- if (!(reply = dbus_message_new_method_return(message)))
- goto oom;
-
- if (!(path = job_dbus_path(j)))
- goto oom;
-
- if (!dbus_message_append_args(
- reply,
- DBUS_TYPE_OBJECT_PATH, &path,
- DBUS_TYPE_INVALID))
- goto oom;
+ return bus_unit_queue_job(connection, message, u, job_type, mode, reload_if_possible);
}
- if (reply) {
- if (!dbus_connection_send(connection, reply, NULL))
+ if (reply)
+ if (!bus_maybe_send_reply(connection, message, reply))
goto oom;
- dbus_message_unref(reply);
- }
-
- free(path);
-
return DBUS_HANDLER_RESULT_HANDLED;
oom:
- free(path);
-
- if (reply)
- dbus_message_unref(reply);
-
dbus_error_free(&error);
return DBUS_HANDLER_RESULT_NEED_MEMORY;