#include <errno.h>
#include <string.h>
+#include <sys/capability.h>
#include "util.h"
#include "strv.h"
}
static int method_set_idle_hint(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
Session *s = userdata;
uid_t uid;
int r, b;
if (r < 0)
return r;
- r = sd_bus_get_owner_uid(bus, sd_bus_message_get_sender(message), &uid);
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
}
static int method_take_control(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
Session *s = userdata;
int r, force;
uid_t uid;
if (r < 0)
return r;
- r = sd_bus_get_owner_uid(bus, sd_bus_message_get_sender(message), &uid);
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
SD_BUS_PROPERTY("IdleSinceHint", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
SD_BUS_PROPERTY("IdleSinceHintMonotonic", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_METHOD("Terminate", NULL, NULL, method_terminate, 0),
- SD_BUS_METHOD("Activate", NULL, NULL, method_activate, 0),
+ SD_BUS_METHOD("Terminate", NULL, NULL, method_terminate, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("Activate", NULL, NULL, method_activate, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("Lock", NULL, NULL, method_lock, 0),
SD_BUS_METHOD("Unlock", NULL, NULL, method_lock, 0),
- SD_BUS_METHOD("SetIdleHint", "b", NULL, method_set_idle_hint, 0),
- SD_BUS_METHOD("Kill", "si", NULL, method_kill, 0),
- SD_BUS_METHOD("TakeControl", "b", NULL, method_take_control, 0),
- SD_BUS_METHOD("ReleaseControl", NULL, NULL, method_release_control, 0),
- SD_BUS_METHOD("TakeDevice", "uu", "hb", method_take_device, 0),
- SD_BUS_METHOD("ReleaseDevice", "uu", NULL, method_release_device, 0),
- SD_BUS_METHOD("PauseDeviceComplete", "uu", NULL, method_pause_device_complete, 0),
+ SD_BUS_METHOD("SetIdleHint", "b", NULL, method_set_idle_hint, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("Kill", "si", NULL, method_kill, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("TakeControl", "b", NULL, method_take_control, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ReleaseControl", NULL, NULL, method_release_control, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("TakeDevice", "uu", "hb", method_take_device, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ReleaseDevice", "uu", NULL, method_release_device, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("PauseDeviceComplete", "uu", NULL, method_pause_device_complete, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_SIGNAL("PauseDevice", "uus", 0),
SD_BUS_SIGNAL("ResumeDevice", "uuh", 0),
assert(m);
if (streq(path, "/org/freedesktop/login1/session/self")) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
sd_bus_message *message;
pid_t pid;
if (!message)
return 0;
- r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid);
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
if (r < 0)
- return 0;
+ return r;
+
+ r = sd_bus_creds_get_pid(creds, &pid);
+ if (r < 0)
+ return r;
r = manager_get_session_by_pid(m, pid, &session);
if (r <= 0)