#include <sys/socket.h>
#include <sys/capability.h>
+#include "systemd/sd-daemon.h"
+
#include "util.h"
#include "strv.h"
#include "macro.h"
if (r == -EBUSY)
continue;
+ /* Fallback for dbus1 connections: we
+ * unregister the name and wait for the
+ * response to come through for it */
if (r == -ENOTSUP) {
- /* Fallback for dbus1 connections: we
- * unregister the name and wait for
- * the response to come through for
- * it */
+
+ /* Inform the service manager that we
+ * are going down, so that it will
+ * queue all further start requests,
+ * instead of assuming we are already
+ * running. */
+ sd_notify(false, "STOPPING=1");
r = bus_async_unregister_and_exit(e, bus, name);
if (r < 0)
}
int bus_verify_polkit(
- sd_bus *bus,
- sd_bus_message *m,
+ sd_bus_message *call,
+ int capability,
const char *action,
bool interactive,
bool *_challenge,
sd_bus_error *e) {
- _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
- uid_t uid;
int r;
- assert(bus);
- assert(m);
+ assert(call);
assert(action);
- r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_UID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_uid(creds, &uid);
+ r = sd_bus_query_sender_privilege(call, capability);
if (r < 0)
return r;
-
- if (uid == 0)
+ else if (r > 0)
return 1;
-
#ifdef ENABLE_POLKIT
else {
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
- int authorized = false, challenge = false;
+ int authorized = false, challenge = false, c;
const char *sender;
- sender = sd_bus_message_get_sender(m);
+ sender = sd_bus_message_get_sender(call);
if (!sender)
return -EBADMSG;
+ c = sd_bus_message_get_allow_interactive_authorization(call);
+ if (c < 0)
+ return c;
+ if (c > 0)
+ interactive = true;
+
r = sd_bus_call_method(
- bus,
+ call->bus,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority",
"org.freedesktop.PolicyKit1.Authority",
"system-bus-name", 1, "name", "s", sender,
action,
0,
- interactive ? 1 : 0,
+ !!interactive,
"");
if (r < 0) {
#endif
int bus_verify_polkit_async(
- sd_bus *bus,
- Hashmap **registry,
- sd_bus_message *m,
+ sd_bus_message *call,
+ int capability,
const char *action,
bool interactive,
- sd_bus_error *error,
- sd_bus_message_handler_t callback,
- void *userdata) {
+ Hashmap **registry,
+ sd_bus_error *error) {
#ifdef ENABLE_POLKIT
_cleanup_bus_message_unref_ sd_bus_message *pk = NULL;
AsyncPolkitQuery *q;
const char *sender;
+ sd_bus_message_handler_t callback;
+ void *userdata;
+ int c;
#endif
- _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
- uid_t uid;
int r;
- assert(bus);
- assert(registry);
- assert(m);
+ assert(call);
assert(action);
+ assert(registry);
#ifdef ENABLE_POLKIT
- q = hashmap_get(*registry, m);
+ q = hashmap_get(*registry, call);
if (q) {
int authorized, challenge;
if (authorized)
return 1;
+ if (challenge)
+ return sd_bus_error_set(error, SD_BUS_ERROR_INTERACTIVE_AUTHORIZATION_REQUIRED, "Interactive authentication required.");
+
return -EACCES;
}
#endif
- r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_UID, &creds);
+ r = sd_bus_query_sender_privilege(call, capability);
if (r < 0)
return r;
-
- r = sd_bus_creds_get_uid(creds, &uid);
- if (r < 0)
- return r;
-
- if (uid == 0)
+ else if (r > 0)
return 1;
#ifdef ENABLE_POLKIT
- sender = sd_bus_message_get_sender(m);
+ if (sd_bus_get_current_message(call->bus) != call)
+ return -EINVAL;
+
+ callback = sd_bus_get_current_handler(call->bus);
+ if (!callback)
+ return -EINVAL;
+
+ userdata = sd_bus_get_current_userdata(call->bus);
+
+ sender = sd_bus_message_get_sender(call);
if (!sender)
return -EBADMSG;
- r = hashmap_ensure_allocated(registry, trivial_hash_func, trivial_compare_func);
+ c = sd_bus_message_get_allow_interactive_authorization(call);
+ if (c < 0)
+ return c;
+ if (c > 0)
+ interactive = true;
+
+ r = hashmap_ensure_allocated(registry, NULL);
if (r < 0)
return r;
r = sd_bus_message_new_method_call(
- bus,
+ call->bus,
&pk,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority",
"system-bus-name", 1, "name", "s", sender,
action,
0,
- interactive ? 1 : 0,
+ !!interactive,
NULL);
if (r < 0)
return r;
if (!q)
return -ENOMEM;
- q->request = sd_bus_message_ref(m);
+ q->request = sd_bus_message_ref(call);
q->callback = callback;
q->userdata = userdata;
- r = hashmap_put(*registry, m, q);
+ r = hashmap_put(*registry, call, q);
if (r < 0) {
async_polkit_query_free(q);
return r;
q->registry = *registry;
- r = sd_bus_call_async(bus, &q->slot, pk, async_polkit_callback, q, 0);
+ r = sd_bus_call_async(call->bus, &q->slot, pk, async_polkit_callback, q, 0);
if (r < 0) {
async_polkit_query_free(q);
return r;
return -EACCES;
}
-void bus_verify_polkit_async_registry_free(sd_bus *bus, Hashmap *registry) {
+void bus_verify_polkit_async_registry_free(Hashmap *registry) {
#ifdef ENABLE_POLKIT
AsyncPolkitQuery *q;
if (r < 0)
return r;
- if (all || !isempty(s))
- printf("%s=%s\n", name, s);
+ if (all || !isempty(s)) {
+ _cleanup_free_ char *escaped = NULL;
+
+ escaped = xescape(s, "\n");
+ if (!escaped)
+ return -ENOMEM;
+
+ printf("%s=%s\n", name, escaped);
+ }
return 1;
}
case SD_BUS_TYPE_BOOLEAN: {
- bool b;
+ int b;
r = sd_bus_message_read_basic(property, type, &b);
if (r < 0)
return r;
while((r = sd_bus_message_read_basic(property, SD_BUS_TYPE_STRING, &str)) > 0) {
+ _cleanup_free_ char *escaped = NULL;
+
if (first)
printf("%s=", name);
- printf("%s%s", first ? "" : " ", str);
+ escaped = xescape(str, "\n ");
+ if (!escaped)
+ return -ENOMEM;
+
+ printf("%s%s", first ? "" : " ", escaped);
first = false;
}
return r;
}
-int bus_map_all_properties(sd_bus *bus,
- const char *destination,
- const char *path,
- const struct bus_properties_map *map,
- void *userdata) {
- _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
+int bus_message_map_all_properties(sd_bus *bus,
+ sd_bus_message *m,
+ const struct bus_properties_map *map,
+ void *userdata) {
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
int r;
assert(bus);
- assert(destination);
- assert(path);
+ assert(m);
assert(map);
- r = sd_bus_call_method(
- bus,
- destination,
- path,
- "org.freedesktop.DBus.Properties",
- "GetAll",
- &error,
- &m,
- "s", "");
- if (r < 0)
- return r;
-
r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, "{sv}");
if (r < 0)
return r;
return r;
}
- return r;
+ return sd_bus_message_exit_container(m);
+}
+
+int bus_message_map_properties_changed(sd_bus *bus,
+ sd_bus_message *m,
+ const struct bus_properties_map *map,
+ void *userdata) {
+ const char *member;
+ int r, invalidated, i;
+
+ assert(bus);
+ assert(m);
+ assert(map);
+
+ r = bus_message_map_all_properties(bus, m, map, userdata);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, "s");
+ if (r < 0)
+ return r;
+
+ invalidated = 0;
+ while ((r = sd_bus_message_read_basic(m, SD_BUS_TYPE_STRING, &member)) > 0)
+ for (i = 0; map[i].member; i++)
+ if (streq(map[i].member, member)) {
+ ++invalidated;
+ break;
+ }
+
+ r = sd_bus_message_exit_container(m);
+ if (r < 0)
+ return r;
+
+ return invalidated;
+}
+
+int bus_map_all_properties(sd_bus *bus,
+ const char *destination,
+ const char *path,
+ const struct bus_properties_map *map,
+ void *userdata) {
+ _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
+ int r;
+
+ assert(bus);
+ assert(destination);
+ assert(path);
+ assert(map);
+
+ r = sd_bus_call_method(
+ bus,
+ destination,
+ path,
+ "org.freedesktop.DBus.Properties",
+ "GetAll",
+ &error,
+ &m,
+ "s", "");
+ if (r < 0)
+ return r;
+
+ return bus_message_map_all_properties(bus, m, map, userdata);
}
int bus_open_transport(BusTransport transport, const char *host, bool user, sd_bus **bus) {