selinux: add bus service access control

[elogind.git] / src / core / dbus-manager.c
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c

index 6ad198436ad89af5b9074eafd8d595728ab2e0f4..ae885460731c3e4c5e6880f8d683992533112c81 100644 (file)
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -30,6 +30,7 @@
  #include "build.h"
  #include "dbus-common.h"
  #include "install.h"
  #include "build.h"
  #include "dbus-common.h"
  #include "install.h"
+#include "selinux-access.h"
  #include "watchdog.h"
  #include "hwclock.h"
  #include "path-util.h"
  #include "watchdog.h"
  #include "hwclock.h"
  #include "path-util.h"
@@ -94,7 +95,6 @@
          "  <method name=\"KillUnit\">\n"                                \
          "   <arg name=\"name\" type=\"s\" direction=\"in\"/>\n"         \
          "   <arg name=\"who\" type=\"s\" direction=\"in\"/>\n"          \
          "  <method name=\"KillUnit\">\n"                                \
          "   <arg name=\"name\" type=\"s\" direction=\"in\"/>\n"         \
          "   <arg name=\"who\" type=\"s\" direction=\"in\"/>\n"          \
-        "   <arg name=\"mode\" type=\"s\" direction=\"in\"/>\n"         \
          "   <arg name=\"signal\" type=\"i\" direction=\"in\"/>\n"       \
          "  </method>\n"                                                 \
          "  <method name=\"ResetFailedUnit\">\n"                         \
          "   <arg name=\"signal\" type=\"i\" direction=\"in\"/>\n"       \
          "  </method>\n"                                                 \
          "  <method name=\"ResetFailedUnit\">\n"                         \
@@ -114,7 +114,9 @@
          "  </method>\n"                                                 \
          "  <method name=\"Subscribe\"/>\n"                              \
          "  <method name=\"Unsubscribe\"/>\n"                            \
          "  </method>\n"                                                 \
          "  <method name=\"Subscribe\"/>\n"                              \
          "  <method name=\"Unsubscribe\"/>\n"                            \
-        "  <method name=\"Dump\"/>\n"                                   \
+        "  <method name=\"Dump\">\n"                                    \
+        "   <arg name=\"dump\" type=\"s\" direction=\"out\"/>\n"        \
+        "  </method>\n"                                                 \
          "  <method name=\"CreateSnapshot\">\n"                          \
          "   <arg name=\"name\" type=\"s\" direction=\"in\"/>\n"         \
          "   <arg name=\"cleanup\" type=\"b\" direction=\"in\"/>\n"      \
          "  <method name=\"CreateSnapshot\">\n"                          \
          "   <arg name=\"name\" type=\"s\" direction=\"in\"/>\n"         \
          "   <arg name=\"cleanup\" type=\"b\" direction=\"in\"/>\n"      \
@@ -142,7 +144,7 @@
          "   <arg name=\"set\" type=\"as\" direction=\"in\"/>\n"         \
          "  </method>\n"                                                 \
          "  <method name=\"ListUnitFiles\">\n"                            \
          "   <arg name=\"set\" type=\"as\" direction=\"in\"/>\n"         \
          "  </method>\n"                                                 \
          "  <method name=\"ListUnitFiles\">\n"                            \
-        "   <arg name=\"changes\" type=\"a(ss)\" direction=\"out\"/>\n" \
+        "   <arg name=\"files\" type=\"a(ss)\" direction=\"out\"/>\n" \
          "  </method>\n"                                                 \
          "  <method name=\"GetUnitFileState\">\n"                        \
          "   <arg name=\"file\" type=\"s\" direction=\"in\"/>\n"         \
          "  </method>\n"                                                 \
          "  <method name=\"GetUnitFileState\">\n"                        \
          "   <arg name=\"file\" type=\"s\" direction=\"in\"/>\n"         \
@@ -213,6 +215,8 @@
          "   <arg name=\"result\" type=\"s\"/>\n"                        \
          "  </signal>"                                                   \
          "  <signal name=\"StartupFinished\">\n"                         \
          "   <arg name=\"result\" type=\"s\"/>\n"                        \
          "  </signal>"                                                   \
          "  <signal name=\"StartupFinished\">\n"                         \
+        "   <arg name=\"firmware\" type=\"t\"/>\n"                      \
+        "   <arg name=\"loader\" type=\"t\"/>\n"                        \
          "   <arg name=\"kernel\" type=\"t\"/>\n"                        \
          "   <arg name=\"initrd\" type=\"t\"/>\n"                        \
          "   <arg name=\"userspace\" type=\"t\"/>\n"                     \
          "   <arg name=\"kernel\" type=\"t\"/>\n"                        \
          "   <arg name=\"initrd\" type=\"t\"/>\n"                        \
          "   <arg name=\"userspace\" type=\"t\"/>\n"                     \
@@ -225,11 +229,16 @@
          "  <property name=\"Distribution\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"Features\" type=\"s\" access=\"read\"/>\n"  \
          "  <property name=\"Tainted\" type=\"s\" access=\"read\"/>\n"   \
          "  <property name=\"Distribution\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"Features\" type=\"s\" access=\"read\"/>\n"  \
          "  <property name=\"Tainted\" type=\"s\" access=\"read\"/>\n"   \
-        "  <property name=\"RunningAs\" type=\"s\" access=\"read\"/>\n" \
+        "  <property name=\"FirmwareTimestamp\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"FirmwareTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"LoaderTimestamp\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"LoaderTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"KernelTimestamp\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"KernelTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"InitRDTimestamp\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"InitRDTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"InitRDTimestamp\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"InitRDTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
-        "  <property name=\"StartupTimestamp\" type=\"t\" access=\"read\"/>\n" \
-        "  <property name=\"StartupTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"UserspaceTimestamp\" type=\"t\" access=\"read\"/>\n" \
+        "  <property name=\"UserspaceTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"FinishTimestamp\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"FinishTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"LogLevel\" type=\"s\" access=\"readwrite\"/>\n"  \
          "  <property name=\"FinishTimestamp\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"FinishTimestampMonotonic\" type=\"t\" access=\"read\"/>\n" \
          "  <property name=\"LogLevel\" type=\"s\" access=\"readwrite\"/>\n"  \
@@ -243,23 +252,12 @@
          "  <property name=\"ConfirmSpawn\" type=\"b\" access=\"read\"/>\n" \
          "  <property name=\"ShowStatus\" type=\"b\" access=\"read\"/>\n" \
          "  <property name=\"UnitPath\" type=\"as\" access=\"read\"/>\n" \
          "  <property name=\"ConfirmSpawn\" type=\"b\" access=\"read\"/>\n" \
          "  <property name=\"ShowStatus\" type=\"b\" access=\"read\"/>\n" \
          "  <property name=\"UnitPath\" type=\"as\" access=\"read\"/>\n" \
-        "  <property name=\"NotifySocket\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"ControlGroupHierarchy\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"DefaultControllers\" type=\"as\" access=\"read\"/>\n" \
          "  <property name=\"DefaultStandardOutput\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"DefaultStandardError\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"RuntimeWatchdogUSec\" type=\"s\" access=\"readwrite\"/>\n" \
          "  <property name=\"ControlGroupHierarchy\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"DefaultControllers\" type=\"as\" access=\"read\"/>\n" \
          "  <property name=\"DefaultStandardOutput\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"DefaultStandardError\" type=\"s\" access=\"read\"/>\n" \
          "  <property name=\"RuntimeWatchdogUSec\" type=\"s\" access=\"readwrite\"/>\n" \
-        "  <property name=\"ShutdownWatchdogUSec\" type=\"s\" access=\"readwrite\"/>\n" \
-        "  <property name=\"HaveWatchdog\" type=\"b\" access=\"read\"/>\n"
-
-#ifdef HAVE_SYSV_COMPAT
-#define BUS_MANAGER_INTERFACE_PROPERTIES_SYSV                           \
-        "  <property name=\"SysVConsole\" type=\"b\" access=\"read\"/>\n" \
-        "  <property name=\"SysVInitPath\" type=\"as\" access=\"read\"/>\n" \
-        "  <property name=\"SysVRcndPath\" type=\"as\" access=\"read\"/>\n"
-#else
-#define BUS_MANAGER_INTERFACE_PROPERTIES_SYSV
-#endif
+        "  <property name=\"ShutdownWatchdogUSec\" type=\"s\" access=\"readwrite\"/>\n"
  
  #define BUS_MANAGER_INTERFACE_END                                       \
          " </interface>\n"
  
  #define BUS_MANAGER_INTERFACE_END                                       \
          " </interface>\n"
@@ -269,7 +267,6 @@
          BUS_MANAGER_INTERFACE_METHODS                                   \
          BUS_MANAGER_INTERFACE_SIGNALS                                   \
          BUS_MANAGER_INTERFACE_PROPERTIES_GENERAL                        \
          BUS_MANAGER_INTERFACE_METHODS                                   \
          BUS_MANAGER_INTERFACE_SIGNALS                                   \
          BUS_MANAGER_INTERFACE_PROPERTIES_GENERAL                        \
-        BUS_MANAGER_INTERFACE_PROPERTIES_SYSV                           \
          BUS_MANAGER_INTERFACE_END
  
  #define INTROSPECTION_BEGIN                                             \
          BUS_MANAGER_INTERFACE_END
  
  #define INTROSPECTION_BEGIN                                             \
@@ -289,7 +286,6 @@
  
  const char bus_manager_interface[] _introspect_("Manager") = BUS_MANAGER_INTERFACE;
  
  
  const char bus_manager_interface[] _introspect_("Manager") = BUS_MANAGER_INTERFACE;
  
-static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_manager_append_running_as, manager_running_as, ManagerRunningAs);
  static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_manager_append_exec_output, exec_output, ExecOutput);
  
  static int bus_manager_append_tainted(DBusMessageIter *i, const char *property, void *data) {
  static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_manager_append_exec_output, exec_output, ExecOutput);
  
  static int bus_manager_append_tainted(DBusMessageIter *i, const char *property, void *data) {
@@ -508,20 +504,6 @@ static int bus_manager_send_unit_files_changed(Manager *m) {
          return r;
  }
  
          return r;
  }
  
-static int bus_manager_append_have_watchdog(DBusMessageIter *i, const char *property, void *data) {
-        dbus_bool_t b;
-
-        assert(i);
-        assert(property);
-
-        b = access("/dev/watchdog", F_OK) >= 0;
-
-        if (!dbus_message_iter_append_basic(i, DBUS_TYPE_BOOLEAN, &b))
-                return -ENOMEM;
-
-        return 0;
-}
-
  static int bus_manager_set_runtime_watchdog_usec(DBusMessageIter *i, const char *property, void *data) {
          uint64_t *t = data;
  
  static int bus_manager_set_runtime_watchdog_usec(DBusMessageIter *i, const char *property, void *data) {
          uint64_t *t = data;
  
@@ -546,12 +528,17 @@ static const BusProperty bus_systemd_properties[] = {
  };
  
  static const BusProperty bus_manager_properties[] = {
  };
  
  static const BusProperty bus_manager_properties[] = {
-        { "RunningAs",     bus_manager_append_running_as,          "s", offsetof(Manager, running_as)                  },
          { "Tainted",       bus_manager_append_tainted,             "s", 0                                              },
          { "Tainted",       bus_manager_append_tainted,             "s", 0                                              },
+        { "FirmwareTimestamp", bus_property_append_uint64,         "t", offsetof(Manager, firmware_timestamp.realtime) },
+        { "FirmwareTimestampMonotonic", bus_property_append_uint64,"t", offsetof(Manager, firmware_timestamp.monotonic)},
+        { "LoaderTimestamp", bus_property_append_uint64,           "t", offsetof(Manager, loader_timestamp.realtime)   },
+        { "LoaderTimestampMonotonic", bus_property_append_uint64,  "t", offsetof(Manager, loader_timestamp.monotonic)  },
+        { "KernelTimestamp", bus_property_append_uint64,           "t", offsetof(Manager, kernel_timestamp.realtime)   },
+        { "KernelTimestampMonotonic", bus_property_append_uint64,  "t", offsetof(Manager, kernel_timestamp.monotonic)  },
          { "InitRDTimestamp", bus_property_append_uint64,           "t", offsetof(Manager, initrd_timestamp.realtime)   },
          { "InitRDTimestampMonotonic", bus_property_append_uint64,  "t", offsetof(Manager, initrd_timestamp.monotonic)  },
          { "InitRDTimestamp", bus_property_append_uint64,           "t", offsetof(Manager, initrd_timestamp.realtime)   },
          { "InitRDTimestampMonotonic", bus_property_append_uint64,  "t", offsetof(Manager, initrd_timestamp.monotonic)  },
-        { "StartupTimestamp", bus_property_append_uint64,          "t", offsetof(Manager, startup_timestamp.realtime)  },
-        { "StartupTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, startup_timestamp.monotonic) },
+        { "UserspaceTimestamp", bus_property_append_uint64,        "t", offsetof(Manager, userspace_timestamp.realtime)},
+        { "UserspaceTimestampMonotonic", bus_property_append_uint64,"t",offsetof(Manager, userspace_timestamp.monotonic)},
          { "FinishTimestamp", bus_property_append_uint64,           "t", offsetof(Manager, finish_timestamp.realtime)   },
          { "FinishTimestampMonotonic", bus_property_append_uint64,  "t", offsetof(Manager, finish_timestamp.monotonic)  },
          { "LogLevel",      bus_manager_append_log_level,           "s", 0,                                             false, bus_manager_set_log_level },
          { "FinishTimestamp", bus_property_append_uint64,           "t", offsetof(Manager, finish_timestamp.realtime)   },
          { "FinishTimestampMonotonic", bus_property_append_uint64,  "t", offsetof(Manager, finish_timestamp.monotonic)  },
          { "LogLevel",      bus_manager_append_log_level,           "s", 0,                                             false, bus_manager_set_log_level },
@@ -565,19 +552,12 @@ static const BusProperty bus_manager_properties[] = {
          { "ConfirmSpawn",  bus_property_append_bool,               "b", offsetof(Manager, confirm_spawn)               },
          { "ShowStatus",    bus_property_append_bool,               "b", offsetof(Manager, show_status)                 },
          { "UnitPath",      bus_property_append_strv,              "as", offsetof(Manager, lookup_paths.unit_path),     true },
          { "ConfirmSpawn",  bus_property_append_bool,               "b", offsetof(Manager, confirm_spawn)               },
          { "ShowStatus",    bus_property_append_bool,               "b", offsetof(Manager, show_status)                 },
          { "UnitPath",      bus_property_append_strv,              "as", offsetof(Manager, lookup_paths.unit_path),     true },
-        { "NotifySocket",  bus_property_append_string,             "s", offsetof(Manager, notify_socket),              true },
          { "ControlGroupHierarchy", bus_property_append_string,     "s", offsetof(Manager, cgroup_hierarchy),           true },
          { "DefaultControllers", bus_property_append_strv,         "as", offsetof(Manager, default_controllers),        true },
          { "DefaultStandardOutput", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_output)          },
          { "DefaultStandardError",  bus_manager_append_exec_output, "s", offsetof(Manager, default_std_error)           },
          { "RuntimeWatchdogUSec", bus_property_append_usec,         "t", offsetof(Manager, runtime_watchdog),           false, bus_manager_set_runtime_watchdog_usec },
          { "ShutdownWatchdogUSec", bus_property_append_usec,        "t", offsetof(Manager, shutdown_watchdog),          false, bus_property_set_usec },
          { "ControlGroupHierarchy", bus_property_append_string,     "s", offsetof(Manager, cgroup_hierarchy),           true },
          { "DefaultControllers", bus_property_append_strv,         "as", offsetof(Manager, default_controllers),        true },
          { "DefaultStandardOutput", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_output)          },
          { "DefaultStandardError",  bus_manager_append_exec_output, "s", offsetof(Manager, default_std_error)           },
          { "RuntimeWatchdogUSec", bus_property_append_usec,         "t", offsetof(Manager, runtime_watchdog),           false, bus_manager_set_runtime_watchdog_usec },
          { "ShutdownWatchdogUSec", bus_property_append_usec,        "t", offsetof(Manager, shutdown_watchdog),          false, bus_property_set_usec },
-        { "HaveWatchdog",  bus_manager_append_have_watchdog,       "b", 0                                              },
-#ifdef HAVE_SYSV_COMPAT
-        { "SysVConsole",   bus_property_append_bool,               "b", offsetof(Manager, sysv_console)                },
-        { "SysVInitPath",  bus_property_append_strv,              "as", offsetof(Manager, lookup_paths.sysvinit_path), true },
-        { "SysVRcndPath",  bus_property_append_strv,              "as", offsetof(Manager, lookup_paths.sysvrcnd_path), true },
-#endif
          { NULL, }
  };
  
          { NULL, }
  };
  
@@ -599,6 +579,9 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
          dbus_error_init(&error);
  
          member = dbus_message_get_member(message);
          dbus_error_init(&error);
  
          member = dbus_message_get_member(message);
+        r = selinux_manager_access_check(connection, message, m, &error);
+        if (r)
+                return bus_send_error_reply(connection, message, &error, r);
  
          if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "GetUnit")) {
                  const char *name;
  
          if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "GetUnit")) {
                  const char *name;
@@ -699,10 +682,9 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
                  reload_if_possible = true;
                  job_type = JOB_TRY_RESTART;
          } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "KillUnit")) {
                  reload_if_possible = true;
                  job_type = JOB_TRY_RESTART;
          } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "KillUnit")) {
-                const char *name, *swho, *smode;
+                const char *name, *swho;
                  int32_t signo;
                  Unit *u;
                  int32_t signo;
                  Unit *u;
-                KillMode mode;
                  KillWho who;
  
                  if (!dbus_message_get_args(
                  KillWho who;
  
                  if (!dbus_message_get_args(
@@ -710,7 +692,6 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
                                      &error,
                                      DBUS_TYPE_STRING, &name,
                                      DBUS_TYPE_STRING, &swho,
                                      &error,
                                      DBUS_TYPE_STRING, &name,
                                      DBUS_TYPE_STRING, &swho,
-                                    DBUS_TYPE_STRING, &smode,
                                      DBUS_TYPE_INT32, &signo,
                                      DBUS_TYPE_INVALID))
                          return bus_send_error_reply(connection, message, &error, -EINVAL);
                                      DBUS_TYPE_INT32, &signo,
                                      DBUS_TYPE_INVALID))
                          return bus_send_error_reply(connection, message, &error, -EINVAL);
@@ -723,23 +704,17 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
                                  return bus_send_error_reply(connection, message, &error, -EINVAL);
                  }
  
                                  return bus_send_error_reply(connection, message, &error, -EINVAL);
                  }
  
-                if (isempty(smode))
-                        mode = KILL_CONTROL_GROUP;
-                else {
-                        mode = kill_mode_from_string(smode);
-                        if (mode < 0)
-                                return bus_send_error_reply(connection, message, &error, -EINVAL);
-                }
-
                  if (signo <= 0 || signo >= _NSIG)
                          return bus_send_error_reply(connection, message, &error, -EINVAL);
  
                  if (signo <= 0 || signo >= _NSIG)
                          return bus_send_error_reply(connection, message, &error, -EINVAL);
  
-                if (!(u = manager_get_unit(m, name))) {
+                u = manager_get_unit(m, name);
+                if (!u) {
                          dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
                          return bus_send_error_reply(connection, message, &error, -ENOENT);
                  }
  
                          dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
                          return bus_send_error_reply(connection, message, &error, -ENOENT);
                  }
  
-                if ((r = unit_kill(u, who, mode, signo, &error)) < 0)
+                r = unit_kill(u, who, signo, &error);
+                if (r < 0)
                          return bus_send_error_reply(connection, message, &error, r);
  
                  if (!(reply = dbus_message_new_method_return(message)))
                          return bus_send_error_reply(connection, message, &error, r);
  
                  if (!(reply = dbus_message_new_method_return(message)))
@@ -1186,6 +1161,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
          } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SwitchRoot")) {
                  const char *switch_root, *switch_root_init;
                  char *u, *v;
          } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SwitchRoot")) {
                  const char *switch_root, *switch_root_init;
                  char *u, *v;
+                int k;
  
                  if (!dbus_message_get_args(
                                      message,
  
                  if (!dbus_message_get_args(
                                      message,
@@ -1195,10 +1171,10 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
                                      DBUS_TYPE_INVALID))
                          return bus_send_error_reply(connection, message, &error, -EINVAL);
  
                                      DBUS_TYPE_INVALID))
                          return bus_send_error_reply(connection, message, &error, -EINVAL);
  
-                if (path_equal(switch_root, "/") || !is_path(switch_root))
+                if (path_equal(switch_root, "/") || !path_is_absolute(switch_root))
                          return bus_send_error_reply(connection, message, NULL, -EINVAL);
  
                          return bus_send_error_reply(connection, message, NULL, -EINVAL);
  
-                if (!isempty(switch_root_init) && !is_path(switch_root_init))
+                if (!isempty(switch_root_init) && !path_is_absolute(switch_root_init))
                          return bus_send_error_reply(connection, message, NULL, -EINVAL);
  
                  if (m->running_as != MANAGER_SYSTEM) {
                          return bus_send_error_reply(connection, message, NULL, -EINVAL);
  
                  if (m->running_as != MANAGER_SYSTEM) {
@@ -1206,6 +1182,22 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
                          return bus_send_error_reply(connection, message, &error, -ENOTSUP);
                  }
  
                          return bus_send_error_reply(connection, message, &error, -ENOTSUP);
                  }
  
+                /* Safety check */
+                if (isempty(switch_root_init))
+                        k = access(switch_root, F_OK);
+                else {
+                        char *p;
+
+                        p = strjoin(switch_root, "/", switch_root_init, NULL);
+                        if (!p)
+                                goto oom;
+
+                        k = access(p, X_OK);
+                        free(p);
+                }
+                if (k < 0)
+                        return bus_send_error_reply(connection, message, NULL, -errno);
+
                  u = strdup(switch_root);
                  if (!u)
                          goto oom;
                  u = strdup(switch_root);
                  if (!u)
                          goto oom;
@@ -1575,6 +1567,11 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
                                  job_type = JOB_RELOAD;
                  }
  
                                  job_type = JOB_RELOAD;
                  }
  
+                if (job_type == JOB_STOP && u->load_state == UNIT_ERROR && unit_active_state(u) == UNIT_INACTIVE) {
+                        dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", name);
+                        return bus_send_error_reply(connection, message, &error, -EPERM);
+                }
+
                  if ((job_type == JOB_START && u->refuse_manual_start) ||
                      (job_type == JOB_STOP && u->refuse_manual_stop) ||
                      ((job_type == JOB_RESTART || job_type == JOB_TRY_RESTART) &&
                  if ((job_type == JOB_START && u->refuse_manual_start) ||
                      (job_type == JOB_STOP && u->refuse_manual_stop) ||
                      ((job_type == JOB_RESTART || job_type == JOB_TRY_RESTART) &&