***/
#include <sys/socket.h>
+#include <sys/capability.h>
#include "util.h"
#include "strv.h"
if (r < 0)
return r;
- if (r != SD_BUS_NAME_RELEASED)
+ if (r != BUS_NAME_RELEASED)
return -EIO;
return 0;
bool *_challenge,
sd_bus_error *e) {
- const char *sender;
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
uid_t uid;
int r;
assert(m);
assert(action);
- sender = sd_bus_message_get_sender(m);
- if (!sender)
- return -EBADMSG;
+ r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
- r = sd_bus_get_owner_uid(bus, sender, &uid);
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
else {
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
int authorized = false, challenge = false;
+ const char *sender;
+
+ sender = sd_bus_message_get_sender(m);
+ if (!sender)
+ return -EBADMSG;
r = sd_bus_call_method(
bus,
#ifdef ENABLE_POLKIT
_cleanup_bus_message_unref_ sd_bus_message *pk = NULL;
AsyncPolkitQuery *q;
-#endif
const char *sender;
+#endif
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
uid_t uid;
int r;
}
#endif
- sender = sd_bus_message_get_sender(m);
- if (!sender)
- return -EBADMSG;
+ r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
- r = sd_bus_get_owner_uid(bus, sender, &uid);
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
if (uid == 0)
return 1;
+
#ifdef ENABLE_POLKIT
+ sender = sd_bus_message_get_sender(m);
+ if (!sender)
+ return -EBADMSG;
r = hashmap_ensure_allocated(registry, trivial_hash_func, trivial_compare_func);
if (r < 0)
if (geteuid() != 0)
return sd_bus_open_system(_bus);
- /* If we are root, then let's talk directly to the system
- * instance, instead of going via the bus */
+ /* If we are root and kdbus is not available, then let's talk
+ * directly to the system instance, instead of going via the
+ * bus */
+#ifdef ENABLE_KDBUS
r = sd_bus_new(&bus);
if (r < 0)
return r;
- r = sd_bus_set_address(bus, "unix:path=/run/systemd/private");
+ r = sd_bus_set_address(bus, "kernel:path=/dev/kdbus/0-system/bus");
if (r < 0)
return r;
+ bus->bus_client = true;
+
r = sd_bus_start(bus);
+ if (r >= 0) {
+ *_bus = bus;
+ bus = NULL;
+ return 0;
+ }
+
+ bus = sd_bus_unref(bus);
+#endif
+
+ r = sd_bus_new(&bus);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_set_address(bus, "unix:path=/run/systemd/private");
if (r < 0)
return r;
+ r = sd_bus_start(bus);
+ if (r < 0)
+ return sd_bus_open_system(_bus);
+
r = bus_check_peercred(bus);
if (r < 0)
return r;
int bus_open_user_systemd(sd_bus **_bus) {
_cleanup_bus_unref_ sd_bus *bus = NULL;
- _cleanup_free_ char *p = NULL;
+ _cleanup_free_ char *ee = NULL;
const char *e;
int r;
- /* If we are supposed to talk to the instance, try via
- * XDG_RUNTIME_DIR first, then fallback to normal bus
- * access */
+ /* Try via kdbus first, and then directly */
assert(_bus);
- e = secure_getenv("XDG_RUNTIME_DIR");
- if (e) {
- if (asprintf(&p, "unix:path=%s/systemd/private", e) < 0)
- return -ENOMEM;
- }
-
+#ifdef ENABLE_KDBUS
r = sd_bus_new(&bus);
if (r < 0)
return r;
- r = sd_bus_set_address(bus, p);
+ if (asprintf(&bus->address, "kernel:path=/dev/kdbus/%lu-user/bus", (unsigned long) getuid()) < 0)
+ return -ENOMEM;
+
+ bus->bus_client = true;
+
+ r = sd_bus_start(bus);
+ if (r >= 0) {
+ *_bus = bus;
+ bus = NULL;
+ return 0;
+ }
+
+ bus = sd_bus_unref(bus);
+#endif
+
+ e = secure_getenv("XDG_RUNTIME_DIR");
+ if (!e)
+ return sd_bus_open_system(_bus);
+
+ ee = bus_address_escape(e);
+ if (!ee)
+ return -ENOMEM;
+
+ r = sd_bus_new(&bus);
if (r < 0)
return r;
+ bus->address = strjoin("unix:path=", ee, "/systemd/private", NULL);
+ if (!bus->address)
+ return -ENOMEM;
+
r = sd_bus_start(bus);
if (r < 0)
- return r;
+ return sd_bus_open_system(_bus);
r = bus_check_peercred(bus);
if (r < 0)