#include "dbus-common.h"
#include "polkit.h"
#include "def.h"
+#include "env-util.h"
+#include "fileio.h"
+#include "fileio-label.h"
+#include "label.h"
#define INTERFACE \
" <interface name=\"org.freedesktop.locale1\">\n" \
return 0;
}
- r = write_env_file("/etc/locale.conf", l);
+ r = write_env_file_label("/etc/locale.conf", l);
strv_free(l);
return r;
return 0;
}
- r = write_env_file("/etc/vconsole.conf", l);
+ r = write_env_file_label("/etc/vconsole.conf", l);
strv_free(l);
return r;
return 0;
}
- mkdir_parents_label("/etc/X11/xorg.conf.d", 0755);
+ mkdir_p_label("/etc/X11/xorg.conf.d", 0755);
r = fopen_temporary("/etc/X11/xorg.conf.d/00-keyboard.conf", &f, &temp_path);
if (r < 0)
* layout stripped off. */
if (x > 0 &&
strlen(a[1]) == x &&
- strncmp(state.x11_layout, a[1], x) == 0)
+ strneq(state.x11_layout, a[1], x))
matching = 5;
else {
size_t w;
size_t k;
k = strlen(names[p]);
- if (startswith(*i, names[p]) && (*i)[k] == '=') {
+ if (startswith(*i, names[p]) &&
+ (*i)[k] == '=' &&
+ string_is_safe((*i) + k + 1)) {
valid = true;
passed[p] = true;
if (!streq_ptr(keymap, state.vc_keymap) ||
!streq_ptr(keymap_toggle, state.vc_keymap_toggle)) {
+ if ((keymap && (!filename_is_safe(keymap) || !string_is_safe(keymap))) ||
+ (keymap_toggle && (!filename_is_safe(keymap_toggle) || !string_is_safe(keymap_toggle))))
+ return bus_send_error_reply(connection, message, NULL, -EINVAL);
+
r = verify_polkit(connection, message, "org.freedesktop.locale1.set-keyboard", interactive, NULL, &error);
if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
!streq_ptr(variant, state.x11_variant) ||
!streq_ptr(options, state.x11_options)) {
+ if ((layout && !string_is_safe(layout)) ||
+ (model && !string_is_safe(model)) ||
+ (variant && !string_is_safe(variant)) ||
+ (options && !string_is_safe(options)))
+ return bus_send_error_reply(connection, message, NULL, -EINVAL);
+
r = verify_polkit(connection, message, "org.freedesktop.locale1.set-keyboard", interactive, NULL, &error);
if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
log_set_target(LOG_TARGET_AUTO);
log_parse_environment();
log_open();
-
+ label_init("/etc");
umask(0022);
if (argc == 2 && streq(argv[1], "--introspect")) {