#include "build.h"
#include "dbus-common.h"
#include "install.h"
+#include "selinux-access.h"
#include "watchdog.h"
#include "hwclock.h"
#include "path-util.h"
+#include "dbus-unit.h"
#define BUS_MANAGER_INTERFACE_BEGIN \
" <interface name=\"org.freedesktop.systemd1.Manager\">\n"
" <arg name=\"result\" type=\"s\"/>\n" \
" </signal>" \
" <signal name=\"StartupFinished\">\n" \
+ " <arg name=\"firmware\" type=\"t\"/>\n" \
+ " <arg name=\"loader\" type=\"t\"/>\n" \
" <arg name=\"kernel\" type=\"t\"/>\n" \
" <arg name=\"initrd\" type=\"t\"/>\n" \
" <arg name=\"userspace\" type=\"t\"/>\n" \
" <property name=\"Distribution\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"Features\" type=\"s\" access=\"read\"/>\n" \
" <property name=\"Tainted\" type=\"s\" access=\"read\"/>\n" \
+ " <property name=\"FirmwareTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"FirmwareTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"LoaderTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"LoaderTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"KernelTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"KernelTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"InitRDTimestamp\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"InitRDTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
- " <property name=\"StartupTimestamp\" type=\"t\" access=\"read\"/>\n" \
- " <property name=\"StartupTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"UserspaceTimestamp\" type=\"t\" access=\"read\"/>\n" \
+ " <property name=\"UserspaceTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"FinishTimestamp\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"FinishTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
" <property name=\"LogLevel\" type=\"s\" access=\"readwrite\"/>\n" \
return 0;
}
-static const char *message_get_sender_with_fallback(DBusMessage *m) {
- const char *s;
-
- assert(m);
-
- if ((s = dbus_message_get_sender(m)))
- return s;
-
- /* When the message came in from a direct connection the
- * message will have no sender. We fix that here. */
-
- return ":no-sender";
-}
-
static DBusMessage *message_from_file_changes(
DBusMessage *m,
UnitFileChange *changes,
static const BusProperty bus_manager_properties[] = {
{ "Tainted", bus_manager_append_tainted, "s", 0 },
+ { "FirmwareTimestamp", bus_property_append_uint64, "t", offsetof(Manager, firmware_timestamp.realtime) },
+ { "FirmwareTimestampMonotonic", bus_property_append_uint64,"t", offsetof(Manager, firmware_timestamp.monotonic)},
+ { "LoaderTimestamp", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.realtime) },
+ { "LoaderTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.monotonic) },
+ { "KernelTimestamp", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.realtime) },
+ { "KernelTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.monotonic) },
{ "InitRDTimestamp", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.realtime) },
{ "InitRDTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.monotonic) },
- { "StartupTimestamp", bus_property_append_uint64, "t", offsetof(Manager, startup_timestamp.realtime) },
- { "StartupTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, startup_timestamp.monotonic) },
+ { "UserspaceTimestamp", bus_property_append_uint64, "t", offsetof(Manager, userspace_timestamp.realtime)},
+ { "UserspaceTimestampMonotonic", bus_property_append_uint64,"t",offsetof(Manager, userspace_timestamp.monotonic)},
{ "FinishTimestamp", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.realtime) },
{ "FinishTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.monotonic) },
{ "LogLevel", bus_manager_append_log_level, "s", 0, false, bus_manager_set_log_level },
};
static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, DBusMessage *message, void *data) {
+ _cleanup_dbus_message_unref_ DBusMessage *reply = NULL;
+ _cleanup_free_ char * path = NULL;
Manager *m = data;
-
int r;
DBusError error;
- DBusMessage *reply = NULL;
- char * path = NULL;
JobType job_type = _JOB_TYPE_INVALID;
bool reload_if_possible = false;
const char *member;
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = manager_get_unit(m, name))) {
+ u = manager_get_unit(m, name);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(u)))
+ path = unit_dbus_path(u);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = cgroup_unit_by_pid(m, (pid_t) pid))) {
+ u = cgroup_unit_by_pid(m, (pid_t) pid);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "No unit for PID %lu is loaded.", (unsigned long) pid);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(u)))
+ path = unit_dbus_path(u);
+ if (!reply)
goto oom;
if (!dbus_message_append_args(
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if ((r = manager_load_unit(m, name, NULL, &error, &u)) < 0)
+ r = manager_load_unit(m, name, NULL, &error, &u);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(u)))
+ path = unit_dbus_path(u);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop");
+
r = unit_kill(u, who, signo, &error);
if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(j = manager_get_job(m, id))) {
+ j = manager_get_job(m, id);
+ if (!j) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_UNIT_ACCESS_CHECK(j->unit, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = job_dbus_path(j)))
+ path = job_dbus_path(j);
+ if (!path)
goto oom;
if (!dbus_message_append_args(
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ClearJobs")) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+
manager_clear_jobs(m);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ResetFailed")) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reload");
+
manager_reset_failed(m);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ResetFailedUnit")) {
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (!(u = manager_get_unit(m, name))) {
+ u = manager_get_unit(m, name);
+ if (!u) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
+ SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "reload");
+
unit_reset_failed(u);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ListUnits")) {
Unit *u;
const char *k;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
dbus_message_iter_init_append(reply, &iter);
f = unit_following(u);
following = f ? f->id : "";
- if (!(u_path = unit_dbus_path(u)))
+ u_path = unit_dbus_path(u);
+ if (!u_path)
goto oom;
if (u->job) {
Iterator i;
Job *j;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
dbus_message_iter_init_append(reply, &iter);
state = job_state_to_string(j->state);
type = job_type_to_string(j->type);
- if (!(j_path = job_dbus_path(j)))
+ j_path = job_dbus_path(j);
+ if (!j_path)
goto oom;
- if (!(u_path = unit_dbus_path(j->unit))) {
+ u_path = unit_dbus_path(j->unit);
+ if (!u_path) {
free(j_path);
goto oom;
}
char *client;
Set *s;
- if (!(s = BUS_CONNECTION_SUBSCRIBED(m, connection))) {
- if (!(s = set_new(string_hash_func, string_compare_func)))
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
+ s = BUS_CONNECTION_SUBSCRIBED(m, connection);
+ if (!s) {
+ s = set_new(string_hash_func, string_compare_func);
+ if (!s)
goto oom;
- if (!(dbus_connection_set_data(connection, m->subscribed_data_slot, s, NULL))) {
+ if (!dbus_connection_set_data(connection, m->subscribed_data_slot, s, NULL)) {
set_free(s);
goto oom;
}
}
- if (!(client = strdup(message_get_sender_with_fallback(message))))
+ client = strdup(bus_message_get_sender_with_fallback(message));
+ if (!client)
goto oom;
- if ((r = set_put(s, client)) < 0) {
+ r = set_put(s, client);
+ if (r < 0) {
free(client);
return bus_send_error_reply(connection, message, NULL, r);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Unsubscribe")) {
char *client;
- if (!(client = set_remove(BUS_CONNECTION_SUBSCRIBED(m, connection), (char*) message_get_sender_with_fallback(message)))) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
+ client = set_remove(BUS_CONNECTION_SUBSCRIBED(m, connection), (char*) bus_message_get_sender_with_fallback(message));
+ if (!client) {
dbus_set_error(&error, BUS_ERROR_NOT_SUBSCRIBED, "Client is not subscribed.");
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
free(client);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Dump")) {
char *dump = NULL;
size_t size;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(f = open_memstream(&dump, &size)))
+ f = open_memstream(&dump, &size);
+ if (!f)
goto oom;
manager_dump_units(m, f, NULL);
dbus_bool_t cleanup;
Snapshot *s;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "start");
+
if (!dbus_message_get_args(
message,
&error,
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (name && name[0] == 0)
+ if (isempty(name))
name = NULL;
- if ((r = snapshot_create(m, name, cleanup, &error, &s)) < 0)
+ r = snapshot_create(m, name, cleanup, &error, &s);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
- if (!(path = unit_dbus_path(UNIT(s))))
+ path = unit_dbus_path(UNIT(s));
+ if (!path)
goto oom;
if (!dbus_message_append_args(
const char *k;
size_t size;
- if (!(reply = dbus_message_new_method_return(message)))
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
/* We roll our own introspection code here, instead of
* need to generate our introspection string
* dynamically. */
- if (!(f = open_memstream(&introspection, &size)))
+ f = open_memstream(&introspection, &size);
+ if (!f)
goto oom;
fputs(INTROSPECTION_BEGIN, f);
if (k != u->id)
continue;
- if (!(p = bus_path_escape(k))) {
+ p = bus_path_escape(k);
+ if (!p) {
fclose(f);
free(introspection);
goto oom;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reload")) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reload");
+
assert(!m->queued_message);
/* Instead of sending the reply back right away, we
* after the reload is finished. That way the caller
* knows when the reload finished. */
- if (!(m->queued_message = dbus_message_new_method_return(message)))
+ m->queued_message = dbus_message_new_method_return(message);
+ if (!m->queued_message)
goto oom;
m->queued_message_connection = connection;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reexecute")) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reload");
+
/* We don't send a reply back here, the client should
* just wait for us disconnecting. */
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Exit")) {
- if (m->running_as == MANAGER_SYSTEM) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "halt");
+
+ if (m->running_as == SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Exit is only supported for user service managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_EXIT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reboot")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Reboot is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_REBOOT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "PowerOff")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "halt");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Powering off is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_POWEROFF;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Halt")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "halt");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Halting is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_HALT;
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "KExec")) {
- if (m->running_as != MANAGER_SYSTEM) {
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "kexec is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
- if (!(reply = dbus_message_new_method_return(message)))
+ reply = dbus_message_new_method_return(message);
+ if (!reply)
goto oom;
m->exit_code = MANAGER_KEXEC;
char *u, *v;
int k;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+
if (!dbus_message_get_args(
message,
&error,
if (!isempty(switch_root_init) && !path_is_absolute(switch_root_init))
return bus_send_error_reply(connection, message, NULL, -EINVAL);
- if (m->running_as != MANAGER_SYSTEM) {
+ if (m->running_as != SYSTEMD_SYSTEM) {
dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Switching root is only supported for system managers.");
return bus_send_error_reply(connection, message, &error, -ENOTSUP);
}
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetEnvironment")) {
char **l = NULL, **e = NULL;
- if ((r = bus_parse_strv(message, &l)) < 0) {
- if (r == -ENOMEM)
- goto oom;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+ r = bus_parse_strv(message, &l);
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
e = strv_env_merge(2, m->environment, l);
strv_free(l);
-
if (!e)
goto oom;
- if (!(reply = dbus_message_new_method_return(message))) {
+ reply = dbus_message_new_method_return(message);
+ if (!reply) {
strv_free(e);
goto oom;
}
} else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetEnvironment")) {
char **l = NULL, **e = NULL;
- if ((r = bus_parse_strv(message, &l)) < 0) {
- if (r == -ENOMEM)
- goto oom;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+ r = bus_parse_strv(message, &l);
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
e = strv_env_delete(m->environment, 1, l);
strv_free(l);
char **l_set = NULL, **l_unset = NULL, **e = NULL, **f = NULL;
DBusMessageIter iter;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot");
+
if (!dbus_message_iter_init(message, &iter))
goto oom;
r = bus_parse_strv_iter(&iter, &l_unset);
- if (r < 0) {
- if (r == -ENOMEM)
- goto oom;
-
+ if (r == -ENOMEM)
+ goto oom;
+ if (r < 0)
return bus_send_error_reply(connection, message, NULL, r);
- }
if (!dbus_message_iter_next(&iter)) {
strv_free(l_unset);
Iterator i;
UnitFileList *item;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
reply = dbus_message_new_method_return(message);
if (!reply)
goto oom;
if (!h)
goto oom;
- r = unit_file_get_list(m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, h);
+ r = unit_file_get_list(m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, h);
if (r < 0) {
unit_file_list_free(h);
dbus_message_unref(reply);
UnitFileState state;
const char *s;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
if (!dbus_message_get_args(
message,
&error,
DBUS_TYPE_INVALID))
return bus_send_error_reply(connection, message, &error, -EINVAL);
- state = unit_file_get_state(m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, name);
+ state = unit_file_get_state(m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, name);
if (state < 0)
return bus_send_error_reply(connection, message, NULL, state);
char **l = NULL;
DBusMessageIter iter;
- UnitFileScope scope = m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
+ UnitFileScope scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
UnitFileChange *changes = NULL;
unsigned n_changes = 0;
dbus_bool_t runtime, force;
int carries_install_info = -1;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, streq(member, "MaskUnitFiles") ? "disable" : "enable");
+
if (!dbus_message_iter_init(message, &iter))
goto oom;
char **l = NULL;
DBusMessageIter iter;
- UnitFileScope scope = m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
+ UnitFileScope scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
UnitFileChange *changes = NULL;
unsigned n_changes = 0;
dbus_bool_t runtime;
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, streq(member, "UnmaskUnitFiles") ? "enable" : "disable");
+
if (!dbus_message_iter_init(message, &iter))
goto oom;
{ "org.freedesktop.systemd1.Manager", bus_manager_properties, m },
{ NULL, }
};
+
+ SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status");
+
return bus_default_message_handler(connection, message, NULL, INTERFACES_LIST, bps);
}
if (job_type != _JOB_TYPE_INVALID) {
const char *name, *smode, *old_name = NULL;
JobMode mode;
- Job *j;
- JobBusClient *cl;
Unit *u;
- bool b;
+ dbus_bool_t b;
if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "StartUnitReplace"))
b = dbus_message_get_args(
DBUS_TYPE_STRING, &name,
DBUS_TYPE_STRING, &smode,
DBUS_TYPE_INVALID);
-
if (!b)
return bus_send_error_reply(connection, message, &error, -EINVAL);
- if (old_name)
- if (!(u = manager_get_unit(m, old_name)) ||
- !u->job ||
- u->job->type != JOB_START) {
+ if (old_name) {
+ u = manager_get_unit(m, old_name);
+ if (!u || !u->job || u->job->type != JOB_START) {
dbus_set_error(&error, BUS_ERROR_NO_SUCH_JOB, "No job queued for unit %s", old_name);
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
+ }
-
- if ((mode = job_mode_from_string(smode)) == _JOB_MODE_INVALID) {
+ mode = job_mode_from_string(smode);
+ if (mode < 0) {
dbus_set_error(&error, BUS_ERROR_INVALID_JOB_MODE, "Job mode %s is invalid.", smode);
return bus_send_error_reply(connection, message, &error, -EINVAL);
}
- if ((r = manager_load_unit(m, name, NULL, &error, &u)) < 0)
- return bus_send_error_reply(connection, message, &error, r);
-
- if (reload_if_possible && unit_can_reload(u)) {
- if (job_type == JOB_RESTART)
- job_type = JOB_RELOAD_OR_START;
- else if (job_type == JOB_TRY_RESTART)
- job_type = JOB_RELOAD;
- }
-
- if (job_type == JOB_STOP && u->load_state == UNIT_ERROR && unit_active_state(u) == UNIT_INACTIVE) {
- dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", name);
- return bus_send_error_reply(connection, message, &error, -EPERM);
- }
-
- if ((job_type == JOB_START && u->refuse_manual_start) ||
- (job_type == JOB_STOP && u->refuse_manual_stop) ||
- ((job_type == JOB_RESTART || job_type == JOB_TRY_RESTART) &&
- (u->refuse_manual_start || u->refuse_manual_stop))) {
- dbus_set_error(&error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, may be requested by dependency only.");
- return bus_send_error_reply(connection, message, &error, -EPERM);
- }
-
- if ((r = manager_add_job(m, job_type, u, mode, true, &error, &j)) < 0)
+ r = manager_load_unit(m, name, NULL, &error, &u);
+ if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- cl = job_bus_client_new(connection, message_get_sender_with_fallback(message));
- if (!cl)
- goto oom;
-
- LIST_PREPEND(JobBusClient, client, j->bus_client_list, cl);
-
- if (!(reply = dbus_message_new_method_return(message)))
- goto oom;
-
- if (!(path = job_dbus_path(j)))
- goto oom;
-
- if (!dbus_message_append_args(
- reply,
- DBUS_TYPE_OBJECT_PATH, &path,
- DBUS_TYPE_INVALID))
- goto oom;
+ return bus_unit_queue_job(connection, message, u, job_type, mode, reload_if_possible);
}
- if (reply) {
+ if (reply)
if (!dbus_connection_send(connection, reply, NULL))
goto oom;
- dbus_message_unref(reply);
- }
-
- free(path);
-
return DBUS_HANDLER_RESULT_HANDLED;
oom:
- free(path);
-
- if (reply)
- dbus_message_unref(reply);
-
dbus_error_free(&error);
return DBUS_HANDLER_RESULT_NEED_MEMORY;
~ianmdlvl / elogind.git / blobdiff