X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fmachine%2Fmachined-dbus.c;h=1087a1bc4f1552a939dc5b9a2ccd76822fb03b24;hb=ca7b42c81652c342288a3e0a10abd885c66ac5b2;hp=eda582ae830acf84e13ad0488b4cbfa7fed1b067;hpb=ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602;p=elogind.git

diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c
index eda582ae8..1087a1bc4 100644
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@@ -23,6 +23,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <pwd.h>
+#include <sys/capability.h>
 
 #include "sd-id128.h"
 #include "sd-messages.h"
@@ -102,7 +103,13 @@ static int method_get_machine_by_pid(sd_bus *bus, sd_bus_message *message, void
                 return r;
 
         if (pid == 0) {
-                r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid);
+                _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+                r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+                if (r < 0)
+                        return r;
+
+                r = sd_bus_creds_get_pid(creds, &pid);
                 if (r < 0)
                         return r;
         }
@@ -216,9 +223,15 @@ static int method_create_machine(sd_bus *bus, sd_bus_message *message, void *use
                 return r;
 
         if (leader == 0) {
+                _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+                r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+                if (r < 0)
+                        return r;
+
                 assert_cc(sizeof(uint32_t) == sizeof(pid_t));
 
-                r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), (pid_t*) &leader);
+                r = sd_bus_creds_get_pid(creds, (pid_t*) &leader);
                 if (r < 0)
                         return r;
         }
@@ -330,12 +343,12 @@ static int method_kill_machine(sd_bus *bus, sd_bus_message *message, void *userd
 
 const sd_bus_vtable manager_vtable[] = {
         SD_BUS_VTABLE_START(0),
-        SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, 0),
-        SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, 0),
-        SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, 0),
+        SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, SD_BUS_VTABLE_UNPRIVILEGED),
         SD_BUS_METHOD("CreateMachine", "sayssusa(sv)", "o", method_create_machine, 0),
-        SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, 0),
-        SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, 0),
+        SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+        SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
         SD_BUS_SIGNAL("MachineNew", "so", 0),
         SD_BUS_SIGNAL("MachineRemoved", "so", 0),
         SD_BUS_VTABLE_END
@@ -527,6 +540,10 @@ int manager_start_scope(
         if (r < 0)
                 return r;
 
+        r = sd_bus_message_append(m, "a(sa(sv))", 0);
+        if (r < 0)
+                return r;
+
         r = sd_bus_call(manager->bus, m, 0, error, &reply);
         if (r < 0)
                 return r;