X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fdbus-manager.c;h=8f4bbc59b786231d04efc368072623a3a6515b3d;hp=b1b90787a9c352957aedcd8e318bc23889d2fd78;hb=fea7838e7e0b2724f5e0bc028121a08b42995045;hpb=cad45ba11ec3572296361f53f5852ffb97a97fa3 diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index b1b90787a..8f4bbc59b 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -35,6 +35,8 @@ #include "hwclock.h" #include "path-util.h" #include "dbus-unit.h" +#include "virt.h" +#include "env-util.h" #define BUS_MANAGER_INTERFACE_BEGIN \ " \n" @@ -101,10 +103,39 @@ " \n" \ " \n" \ " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " " \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " " \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ " \n" \ " \n" \ " \n" \ " \n" \ + " \n" \ + " \n" \ + " \n" \ " \n" \ " \n" \ " \n" \ @@ -123,6 +154,9 @@ " \n" \ " \n" \ " \n" \ + " \n" \ + " \n" \ + " \n" \ " \n" \ " \n" \ " \n" \ @@ -227,7 +261,6 @@ #define BUS_MANAGER_INTERFACE_PROPERTIES_GENERAL \ " \n" \ - " \n" \ " \n" \ " \n" \ " \n" \ @@ -258,7 +291,8 @@ " \n" \ " \n" \ " \n" \ - " \n" + " \n" \ + " \n" #define BUS_MANAGER_INTERFACE_END \ " \n" @@ -350,17 +384,21 @@ static int bus_manager_set_log_target(DBusMessageIter *i, const char *property, } static int bus_manager_append_log_level(DBusMessageIter *i, const char *property, void *data) { - const char *t; + char *t; + int r; assert(i); assert(property); - t = log_level_to_string(log_get_max_level()); + r = log_level_to_string_alloc(log_get_max_level(), &t); + if (r < 0) + return r; if (!dbus_message_iter_append_basic(i, DBUS_TYPE_STRING, &t)) - return -ENOMEM; + r = -ENOMEM; - return 0; + free(t); + return r; } static int bus_manager_set_log_level(DBusMessageIter *i, const char *property, void *data) { @@ -425,6 +463,22 @@ static int bus_manager_append_progress(DBusMessageIter *i, const char *property, return 0; } +static int bus_manager_append_virt(DBusMessageIter *i, const char *property, void *data) { + Manager *m = data; + const char *id = ""; + + assert(i); + assert(property); + assert(m); + + detect_virtualization(&id); + + if (!dbus_message_iter_append_basic(i, DBUS_TYPE_STRING, &id)) + return -ENOMEM; + + return 0; +} + static DBusMessage *message_from_file_changes( DBusMessage *m, UnitFileChange *changes, @@ -504,47 +558,46 @@ static int bus_manager_set_runtime_watchdog_usec(DBusMessageIter *i, const char static const char systemd_property_string[] = PACKAGE_STRING "\0" - DISTRIBUTION "\0" SYSTEMD_FEATURES; static const BusProperty bus_systemd_properties[] = { - { "Version", bus_property_append_string, "s", 0 }, - { "Distribution", bus_property_append_string, "s", sizeof(PACKAGE_STRING) }, - { "Features", bus_property_append_string, "s", sizeof(PACKAGE_STRING) + sizeof(DISTRIBUTION) }, + { "Version", bus_property_append_string, "s", 0 }, + { "Features", bus_property_append_string, "s", sizeof(PACKAGE_STRING) }, { NULL, } }; static const BusProperty bus_manager_properties[] = { - { "Tainted", bus_manager_append_tainted, "s", 0 }, - { "FirmwareTimestamp", bus_property_append_uint64, "t", offsetof(Manager, firmware_timestamp.realtime) }, - { "FirmwareTimestampMonotonic", bus_property_append_uint64,"t", offsetof(Manager, firmware_timestamp.monotonic)}, - { "LoaderTimestamp", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.realtime) }, - { "LoaderTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.monotonic) }, - { "KernelTimestamp", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.realtime) }, - { "KernelTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.monotonic) }, - { "InitRDTimestamp", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.realtime) }, - { "InitRDTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.monotonic) }, - { "UserspaceTimestamp", bus_property_append_uint64, "t", offsetof(Manager, userspace_timestamp.realtime)}, - { "UserspaceTimestampMonotonic", bus_property_append_uint64,"t",offsetof(Manager, userspace_timestamp.monotonic)}, - { "FinishTimestamp", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.realtime) }, - { "FinishTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.monotonic) }, - { "LogLevel", bus_manager_append_log_level, "s", 0, false, bus_manager_set_log_level }, - { "LogTarget", bus_manager_append_log_target, "s", 0, false, bus_manager_set_log_target }, - { "NNames", bus_manager_append_n_names, "u", 0 }, - { "NJobs", bus_manager_append_n_jobs, "u", 0 }, - { "NInstalledJobs",bus_property_append_uint32, "u", offsetof(Manager, n_installed_jobs) }, - { "NFailedJobs", bus_property_append_uint32, "u", offsetof(Manager, n_failed_jobs) }, - { "Progress", bus_manager_append_progress, "d", 0 }, - { "Environment", bus_property_append_strv, "as", offsetof(Manager, environment), true }, - { "ConfirmSpawn", bus_property_append_bool, "b", offsetof(Manager, confirm_spawn) }, - { "ShowStatus", bus_property_append_bool, "b", offsetof(Manager, show_status) }, - { "UnitPath", bus_property_append_strv, "as", offsetof(Manager, lookup_paths.unit_path), true }, - { "ControlGroupHierarchy", bus_property_append_string, "s", offsetof(Manager, cgroup_hierarchy), true }, - { "DefaultControllers", bus_property_append_strv, "as", offsetof(Manager, default_controllers), true }, - { "DefaultStandardOutput", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_output) }, - { "DefaultStandardError", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_error) }, - { "RuntimeWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, runtime_watchdog), false, bus_manager_set_runtime_watchdog_usec }, - { "ShutdownWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, shutdown_watchdog), false, bus_property_set_usec }, + { "Tainted", bus_manager_append_tainted, "s", 0 }, + { "FirmwareTimestamp", bus_property_append_uint64, "t", offsetof(Manager, firmware_timestamp.realtime) }, + { "FirmwareTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, firmware_timestamp.monotonic) }, + { "LoaderTimestamp", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.realtime) }, + { "LoaderTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, loader_timestamp.monotonic) }, + { "KernelTimestamp", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.realtime) }, + { "KernelTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, kernel_timestamp.monotonic) }, + { "InitRDTimestamp", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.realtime) }, + { "InitRDTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, initrd_timestamp.monotonic) }, + { "UserspaceTimestamp", bus_property_append_uint64, "t", offsetof(Manager, userspace_timestamp.realtime) }, + { "UserspaceTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, userspace_timestamp.monotonic) }, + { "FinishTimestamp", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.realtime) }, + { "FinishTimestampMonotonic", bus_property_append_uint64, "t", offsetof(Manager, finish_timestamp.monotonic) }, + { "LogLevel", bus_manager_append_log_level, "s", 0, false, bus_manager_set_log_level }, + { "LogTarget", bus_manager_append_log_target, "s", 0, false, bus_manager_set_log_target }, + { "NNames", bus_manager_append_n_names, "u", 0 }, + { "NJobs", bus_manager_append_n_jobs, "u", 0 }, + { "NInstalledJobs", bus_property_append_uint32, "u", offsetof(Manager, n_installed_jobs) }, + { "NFailedJobs", bus_property_append_uint32, "u", offsetof(Manager, n_failed_jobs) }, + { "Progress", bus_manager_append_progress, "d", 0 }, + { "Environment", bus_property_append_strv, "as", offsetof(Manager, environment), true }, + { "ConfirmSpawn", bus_property_append_bool, "b", offsetof(Manager, confirm_spawn) }, + { "ShowStatus", bus_property_append_bool, "b", offsetof(Manager, show_status) }, + { "UnitPath", bus_property_append_strv, "as", offsetof(Manager, lookup_paths.unit_path), true }, + { "ControlGroupHierarchy", bus_property_append_string, "s", offsetof(Manager, cgroup_hierarchy), true }, + { "DefaultControllers", bus_property_append_strv, "as", offsetof(Manager, default_controllers), true }, + { "DefaultStandardOutput", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_output) }, + { "DefaultStandardError", bus_manager_append_exec_output, "s", offsetof(Manager, default_std_error) }, + { "RuntimeWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, runtime_watchdog), false, bus_manager_set_runtime_watchdog_usec }, + { "ShutdownWatchdogUSec", bus_property_append_usec, "t", offsetof(Manager, shutdown_watchdog), false, bus_property_set_usec }, + { "Virtualization", bus_manager_append_virt, "s", 0, }, { NULL, } }; @@ -622,7 +675,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, goto oom; path = unit_dbus_path(u); - if (!reply) + if (!path) goto oom; if (!dbus_message_append_args( @@ -717,7 +770,8 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, if (r < 0) return bus_send_error_reply(connection, message, &error, r); - if (!(reply = dbus_message_new_method_return(message))) + reply = dbus_message_new_method_return(message); + if (!reply) goto oom; } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "GetJob")) { @@ -753,10 +807,33 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, DBUS_TYPE_INVALID)) goto oom; - } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ClearJobs")) { + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "CancelJob")) { + uint32_t id; + Job *j; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + if (!dbus_message_get_args( + message, + &error, + DBUS_TYPE_UINT32, &id, + DBUS_TYPE_INVALID)) + return bus_send_error_reply(connection, message, &error, -EINVAL); + + j = manager_get_job(m, id); + if (!j) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(j->unit, connection, message, "stop"); + job_finish_and_invalidate(j, JOB_CANCELED, true); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ClearJobs")) { + SELINUX_ACCESS_CHECK(connection, message, "reboot"); manager_clear_jobs(m); reply = dbus_message_new_method_return(message); @@ -765,7 +842,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ResetFailed")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reload"); + SELINUX_ACCESS_CHECK(connection, message, "reload"); manager_reset_failed(m); @@ -798,13 +875,158 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, if (!reply) goto oom; + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetUnitControlGroup")) { + const char *name; + Unit *u; + DBusMessageIter iter; + + if (!dbus_message_iter_init(message, &iter)) + goto oom; + + r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + u = manager_get_unit(m, name); + if (!u) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "start"); + + r = bus_unit_cgroup_set(u, &iter); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetUnitControlGroup")) { + const char *name; + Unit *u; + DBusMessageIter iter; + + if (!dbus_message_iter_init(message, &iter)) + goto oom; + + r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + u = manager_get_unit(m, name); + if (!u) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop"); + + r = bus_unit_cgroup_unset(u, &iter); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetUnitControlGroupAttribute")) { + const char *name; + Unit *u; + DBusMessageIter iter; + + if (!dbus_message_iter_init(message, &iter)) + goto oom; + + r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + u = manager_get_unit(m, name); + if (!u) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "start"); + + r = bus_unit_cgroup_attribute_set(u, &iter); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetUnitControlGroupAttribute")) { + const char *name; + Unit *u; + DBusMessageIter iter; + + if (!dbus_message_iter_init(message, &iter)) + goto oom; + + r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + u = manager_get_unit(m, name); + if (!u) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop"); + + r = bus_unit_cgroup_attribute_unset(u, &iter); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "GetUnitControlGroupAttribute")) { + const char *name; + Unit *u; + DBusMessageIter iter; + _cleanup_strv_free_ char **list = NULL; + + if (!dbus_message_iter_init(message, &iter)) + goto oom; + + r = bus_iter_get_basic_and_next(&iter, DBUS_TYPE_STRING, &name, true); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + u = manager_get_unit(m, name); + if (!u) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "status"); + + r = bus_unit_cgroup_attribute_get(u, &iter, &list); + if (r < 0) + return bus_send_error_reply(connection, message, NULL, r); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + dbus_message_iter_init_append(reply, &iter); + if (bus_append_strv_iter(&iter, list) < 0) + goto oom; + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "ListUnits")) { DBusMessageIter iter, sub; Iterator i; Unit *u; const char *k; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); reply = dbus_message_new_method_return(message); if (!reply) @@ -887,7 +1109,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, Iterator i; Job *j; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); reply = dbus_message_new_method_return(message); if (!reply) @@ -946,7 +1168,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, char *client; Set *s; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); s = BUS_CONNECTION_SUBSCRIBED(m, connection); if (!s) { @@ -977,7 +1199,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Unsubscribe")) { char *client; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); client = set_remove(BUS_CONNECTION_SUBSCRIBED(m, connection), (char*) bus_message_get_sender_with_fallback(message)); if (!client) { @@ -996,7 +1218,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, char *dump = NULL; size_t size; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); reply = dbus_message_new_method_return(message); if (!reply) @@ -1028,7 +1250,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, dbus_bool_t cleanup; Snapshot *s; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "start"); + SELINUX_ACCESS_CHECK(connection, message, "start"); if (!dbus_message_get_args( message, @@ -1059,6 +1281,35 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, DBUS_TYPE_INVALID)) goto oom; + } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "RemoveSnapshot")) { + const char *name; + Unit *u; + + if (!dbus_message_get_args( + message, + &error, + DBUS_TYPE_STRING, &name, + DBUS_TYPE_INVALID)) + return bus_send_error_reply(connection, message, &error, -EINVAL); + + u = manager_get_unit(m, name); + if (!u) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s does not exist.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + if (u->type != UNIT_SNAPSHOT) { + dbus_set_error(&error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not a snapshot.", name); + return bus_send_error_reply(connection, message, &error, -ENOENT); + } + + SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop"); + snapshot_remove(SNAPSHOT(u)); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + } else if (dbus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", "Introspect")) { char *introspection = NULL; FILE *f; @@ -1068,7 +1319,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, const char *k; size_t size; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); reply = dbus_message_new_method_return(message); if (!reply) @@ -1127,7 +1378,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reload")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reload"); + SELINUX_ACCESS_CHECK(connection, message, "reload"); assert(!m->queued_message); @@ -1145,7 +1396,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reexecute")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reload"); + SELINUX_ACCESS_CHECK(connection, message, "reload"); /* We don't send a reply back here, the client should * just wait for us disconnecting. */ @@ -1154,7 +1405,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Exit")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "halt"); + SELINUX_ACCESS_CHECK(connection, message, "halt"); if (m->running_as == SYSTEMD_SYSTEM) { dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Exit is only supported for user service managers."); @@ -1169,7 +1420,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Reboot")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + SELINUX_ACCESS_CHECK(connection, message, "reboot"); if (m->running_as != SYSTEMD_SYSTEM) { dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Reboot is only supported for system managers."); @@ -1184,7 +1435,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "PowerOff")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "halt"); + SELINUX_ACCESS_CHECK(connection, message, "halt"); if (m->running_as != SYSTEMD_SYSTEM) { dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Powering off is only supported for system managers."); @@ -1199,7 +1450,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "Halt")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "halt"); + SELINUX_ACCESS_CHECK(connection, message, "halt"); if (m->running_as != SYSTEMD_SYSTEM) { dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "Halting is only supported for system managers."); @@ -1214,7 +1465,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "KExec")) { - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + SELINUX_ACCESS_CHECK(connection, message, "reboot"); if (m->running_as != SYSTEMD_SYSTEM) { dbus_set_error(&error, BUS_ERROR_NOT_SUPPORTED, "kexec is only supported for system managers."); @@ -1232,7 +1483,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, char *u, *v; int k; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + SELINUX_ACCESS_CHECK(connection, message, "reboot"); if (!dbus_message_get_args( message, @@ -1294,18 +1545,20 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, m->exit_code = MANAGER_SWITCH_ROOT; } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "SetEnvironment")) { - char **l = NULL, **e = NULL; + _cleanup_strv_free_ char **l = NULL; + char **e = NULL; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + SELINUX_ACCESS_CHECK(connection, message, "reboot"); r = bus_parse_strv(message, &l); if (r == -ENOMEM) goto oom; if (r < 0) return bus_send_error_reply(connection, message, NULL, r); + if (!strv_env_is_valid(l)) + return bus_send_error_reply(connection, message, NULL, -EINVAL); e = strv_env_merge(2, m->environment, l); - strv_free(l); if (!e) goto oom; @@ -1319,23 +1572,25 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, m->environment = e; } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetEnvironment")) { - char **l = NULL, **e = NULL; + _cleanup_strv_free_ char **l = NULL; + char **e = NULL; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + SELINUX_ACCESS_CHECK(connection, message, "reboot"); r = bus_parse_strv(message, &l); if (r == -ENOMEM) goto oom; if (r < 0) return bus_send_error_reply(connection, message, NULL, r); + if (!strv_env_name_or_assignment_is_valid(l)) + return bus_send_error_reply(connection, message, NULL, -EINVAL); e = strv_env_delete(m->environment, 1, l); - strv_free(l); - if (!e) goto oom; - if (!(reply = dbus_message_new_method_return(message))) { + reply = dbus_message_new_method_return(message); + if (!reply) { strv_free(e); goto oom; } @@ -1344,10 +1599,11 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, m->environment = e; } else if (dbus_message_is_method_call(message, "org.freedesktop.systemd1.Manager", "UnsetAndSetEnvironment")) { - char **l_set = NULL, **l_unset = NULL, **e = NULL, **f = NULL; + _cleanup_strv_free_ char **l_set = NULL, **l_unset = NULL, **e = NULL; + char **f = NULL; DBusMessageIter iter; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "reboot"); + SELINUX_ACCESS_CHECK(connection, message, "reboot"); if (!dbus_message_iter_init(message, &iter)) goto oom; @@ -1357,37 +1613,30 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, goto oom; if (r < 0) return bus_send_error_reply(connection, message, NULL, r); + if (!strv_env_name_or_assignment_is_valid(l_unset)) + return bus_send_error_reply(connection, message, NULL, -EINVAL); - if (!dbus_message_iter_next(&iter)) { - strv_free(l_unset); + if (!dbus_message_iter_next(&iter)) return bus_send_error_reply(connection, message, NULL, -EINVAL); - } r = bus_parse_strv_iter(&iter, &l_set); - if (r < 0) { - strv_free(l_unset); - if (r == -ENOMEM) - goto oom; - + if (r == -ENOMEM) + goto oom; + if (r < 0) return bus_send_error_reply(connection, message, NULL, r); - } + if (!strv_env_is_valid(l_set)) + return bus_send_error_reply(connection, message, NULL, -EINVAL); e = strv_env_delete(m->environment, 1, l_unset); - strv_free(l_unset); - - if (!e) { - strv_free(l_set); + if (!e) goto oom; - } f = strv_env_merge(2, e, l_set); - strv_free(l_set); - strv_free(e); - if (!f) goto oom; - if (!(reply = dbus_message_new_method_return(message))) { + reply = dbus_message_new_method_return(message); + if (!reply) { strv_free(f); goto oom; } @@ -1400,7 +1649,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, Iterator i; UnitFileList *item; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); reply = dbus_message_new_method_return(message); if (!reply) @@ -1413,7 +1662,6 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, r = unit_file_get_list(m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, NULL, h); if (r < 0) { unit_file_list_free(h); - dbus_message_unref(reply); return bus_send_error_reply(connection, message, NULL, r); } @@ -1449,7 +1697,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, UnitFileState state; const char *s; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); if (!dbus_message_get_args( message, @@ -1488,7 +1736,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, dbus_bool_t runtime, force; int carries_install_info = -1; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, streq(member, "MaskUnitFiles") ? "disable" : "enable"); + SELINUX_ACCESS_CHECK(connection, message, streq(member, "MaskUnitFiles") ? "disable" : "enable"); if (!dbus_message_iter_init(message, &iter)) goto oom; @@ -1548,7 +1796,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, unsigned n_changes = 0; dbus_bool_t runtime; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, streq(member, "UnmaskUnitFiles") ? "enable" : "disable"); + SELINUX_ACCESS_CHECK(connection, message, streq(member, "UnmaskUnitFiles") ? "enable" : "disable"); if (!dbus_message_iter_init(message, &iter)) goto oom; @@ -1595,7 +1843,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection, { NULL, } }; - SELINUX_MANAGER_ACCESS_CHECK(m, connection, message, "status"); + SELINUX_ACCESS_CHECK(connection, message, "status"); return bus_default_message_handler(connection, message, NULL, INTERFACES_LIST, bps); }