X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fdbus.c;h=580bdf3f71ca811c8ae0228d138d05822d2ff7ed;hp=35d185a601a950be0100350422ead136c264836b;hb=6d99330e26977a9970e33fd83085c8c8c9de660f;hpb=718db96199eb307751264e4163555662c9a389fa diff --git a/src/core/dbus.c b/src/core/dbus.c index 35d185a60..580bdf3f7 100644 --- a/src/core/dbus.c +++ b/src/core/dbus.c @@ -42,6 +42,8 @@ #include "bus-errors.h" #include "strxcpyx.h" #include "dbus-client-track.h" +#include "bus-internal.h" +#include "selinux-access.h" #define CONNECTIONS_MAX 512 @@ -71,7 +73,7 @@ int bus_send_queued_message(Manager *m) { return 0; } -static int signal_agent_released(sd_bus *bus, sd_bus_message *message, void *userdata) { +static int signal_agent_released(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Manager *m = userdata; const char *cgroup; int r; @@ -100,7 +102,7 @@ static int signal_agent_released(sd_bus *bus, sd_bus_message *message, void *use return 0; } -static int signal_disconnected(sd_bus *bus, sd_bus_message *message, void *userdata) { +static int signal_disconnected(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Manager *m = userdata; assert(bus); @@ -119,7 +121,7 @@ static int signal_disconnected(sd_bus *bus, sd_bus_message *message, void *userd return 0; } -static int signal_name_owner_changed(sd_bus *bus, sd_bus_message *message, void *userdata) { +static int signal_name_owner_changed(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { const char *name, *old_owner, *new_owner; Manager *m = userdata; int r; @@ -142,7 +144,7 @@ static int signal_name_owner_changed(sd_bus *bus, sd_bus_message *message, void return 0; } -static int signal_activation_request(sd_bus *bus, sd_bus_message *message, void *userdata) { +static int signal_activation_request(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *ret_error) { _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_bus_message_unref_ sd_bus_message *reply = NULL; Manager *m = userdata; @@ -194,7 +196,7 @@ failed: return 0; } - r = sd_bus_message_append(reply, "sss", error.name, error.message); + r = sd_bus_message_append(reply, "sss", name, error.name, error.message); if (r < 0) { bus_log_create_error(r); return 0; @@ -209,7 +211,73 @@ failed: return 0; } -static int bus_job_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int selinux_filter(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { + Manager *m = userdata; + const char *verb, *path; + Unit *u = NULL; + Job *j; + int r; + + assert(bus); + assert(message); + + /* Our own method calls are all protected individually with + * selinux checks, but the built-in interfaces need to be + * protected too. */ + + if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", "Set")) + verb = "reload"; + else if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", NULL) || + sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", NULL) || + sd_bus_message_is_method_call(message, "org.freedesktop.DBus.ObjectManager", NULL) || + sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Peer", NULL)) + verb = "status"; + else + return 0; + + path = sd_bus_message_get_path(message); + + if (object_path_startswith("/org/freedesktop/systemd1", path)) { + + r = selinux_access_check(bus, message, verb, error); + if (r < 0) + return r; + + return 0; + } + + if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) { + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; + pid_t pid; + + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds); + if (r < 0) + return 0; + + r = sd_bus_creds_get_pid(creds, &pid); + if (r < 0) + return 0; + + u = manager_get_unit_by_pid(m, pid); + } else { + r = manager_get_job_from_dbus_path(m, path, &j); + if (r >= 0) + u = j->unit; + else + manager_load_unit_from_dbus_path(m, path, NULL, &u); + } + + if (!u) + return 0; + + r = selinux_unit_access_check(u, bus, message, verb, error); + if (r < 0) + return r; + + return 0; +} + +static int bus_job_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; Job *j; int r; @@ -228,7 +296,7 @@ static int bus_job_find(sd_bus *bus, const char *path, const char *interface, vo return 1; } -static Unit *find_unit(Manager *m, sd_bus *bus, const char *path) { +static int find_unit(Manager *m, sd_bus *bus, const char *path, Unit **unit, sd_bus_error *error) { Unit *u; int r; @@ -237,30 +305,38 @@ static Unit *find_unit(Manager *m, sd_bus *bus, const char *path) { assert(path); if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) { + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; sd_bus_message *message; pid_t pid; message = sd_bus_get_current(bus); if (!message) - return NULL; + return 0; - r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid); + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds); if (r < 0) - return NULL; + return r; + + r = sd_bus_creds_get_pid(creds, &pid); + if (r < 0) + return r; u = manager_get_unit_by_pid(m, pid); } else { - r = manager_load_unit_from_dbus_path(m, path, NULL, &u); + r = manager_load_unit_from_dbus_path(m, path, error, &u); if (r < 0) - return NULL; + return 0; } - return u; + if (!u) + return 0; + + *unit = u; + return 1; } -static int bus_unit_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int bus_unit_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; - Unit *u; assert(bus); assert(path); @@ -268,17 +344,13 @@ static int bus_unit_find(sd_bus *bus, const char *path, const char *interface, v assert(found); assert(m); - u = find_unit(m, bus, path); - if (!u) - return 0; - - *found = u; - return 1; + return find_unit(m, bus, path, (Unit**) found, error); } -static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; Unit *u; + int r; assert(bus); assert(path); @@ -286,9 +358,9 @@ static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *in assert(found); assert(m); - u = find_unit(m, bus, path); - if (!u) - return 0; + r = find_unit(m, bus, path, &u, error); + if (r <= 0) + return r; if (!streq_ptr(interface, UNIT_VTABLE(u)->bus_interface)) return 0; @@ -297,9 +369,10 @@ static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *in return 1; } -static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; Unit *u; + int r; assert(bus); assert(path); @@ -307,9 +380,9 @@ static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *inter assert(found); assert(m); - u = find_unit(m, bus, path); - if (!u) - return 0; + r = find_unit(m, bus, path, &u, error); + if (r <= 0) + return r; if (!streq_ptr(interface, UNIT_VTABLE(u)->bus_interface)) return 0; @@ -321,10 +394,11 @@ static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *inter return 1; } -static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; CGroupContext *c; Unit *u; + int r; assert(bus); assert(path); @@ -332,9 +406,9 @@ static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *in assert(found); assert(m); - u = find_unit(m, bus, path); - if (!u) - return 0; + r = find_unit(m, bus, path, &u, error); + if (r <= 0) + return r; if (!streq_ptr(interface, UNIT_VTABLE(u)->bus_interface)) return 0; @@ -347,10 +421,11 @@ static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *in return 1; } -static int bus_exec_context_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int bus_exec_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; ExecContext *c; Unit *u; + int r; assert(bus); assert(path); @@ -358,9 +433,9 @@ static int bus_exec_context_find(sd_bus *bus, const char *path, const char *inte assert(found); assert(m); - u = find_unit(m, bus, path); - if (!u) - return 0; + r = find_unit(m, bus, path, &u, error); + if (r <= 0) + return r; if (!streq_ptr(interface, UNIT_VTABLE(u)->bus_interface)) return 0; @@ -373,10 +448,11 @@ static int bus_exec_context_find(sd_bus *bus, const char *path, const char *inte return 1; } -static int bus_kill_context_find(sd_bus *bus, const char *path, const char *interface, void **found, void *userdata) { +static int bus_kill_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { Manager *m = userdata; KillContext *c; Unit *u; + int r; assert(bus); assert(path); @@ -384,9 +460,9 @@ static int bus_kill_context_find(sd_bus *bus, const char *path, const char *inte assert(found); assert(m); - u = find_unit(m, bus, path); - if (!u) - return 0; + r = find_unit(m, bus, path, &u, error); + if (r <= 0) + return r; if (!streq_ptr(interface, UNIT_VTABLE(u)->bus_interface)) return 0; @@ -399,7 +475,7 @@ static int bus_kill_context_find(sd_bus *bus, const char *path, const char *inte return 1; } -static int bus_job_enumerate(sd_bus *bus, const char *path, char ***nodes, void *userdata) { +static int bus_job_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) { _cleanup_free_ char **l = NULL; Manager *m = userdata; unsigned k = 0; @@ -426,7 +502,7 @@ static int bus_job_enumerate(sd_bus *bus, const char *path, char ***nodes, void return k; } -static int bus_unit_enumerate(sd_bus *bus, const char *path, char ***nodes, void *userdata) { +static int bus_unit_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) { _cleanup_free_ char **l = NULL; Manager *m = userdata; unsigned k = 0; @@ -458,6 +534,12 @@ static int bus_setup_api_vtables(Manager *m, sd_bus *bus) { assert(m); assert(bus); + r = sd_bus_add_filter(bus, selinux_filter, m); + if (r < 0) { + log_error("Failed to add SELinux access filter: %s", strerror(-r)); + return r; + } + r = sd_bus_add_object_vtable(bus, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", bus_manager_vtable, m); if (r < 0) { log_error("Failed to register Manager vtable: %s", strerror(-r)); @@ -660,42 +742,24 @@ static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void } static int bus_list_names(Manager *m, sd_bus *bus) { - _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - _cleanup_bus_message_unref_ sd_bus_message *reply = NULL; - const char *name; + _cleanup_strv_free_ char **names = NULL; + char **i; int r; assert(m); assert(bus); - r = sd_bus_call_method( - bus, - "org.freedesktop.DBus", - "/org/freedesktop/DBus", - "org.freedesktop.DBus", - "ListNames", - &error, &reply, - NULL); + r = sd_bus_list_names(bus, &names, NULL); if (r < 0) { - log_error("Failed to get initial list of names: %s", bus_error_message(&error, r)); + log_error("Failed to get initial list of names: %s", strerror(-r)); return r; } - r = sd_bus_message_enter_container(reply, 'a', "s"); - if (r < 0) - return bus_log_parse_error(r); - /* This is a bit hacky, we say the owner of the name is the * name itself, because we don't want the extra traffic to * figure out the real owner. */ - while ((r = sd_bus_message_read(reply, "s", &name)) > 0) - manager_dispatch_bus_name_owner_changed(m, name, NULL, name); - if (r < 0) - return bus_log_parse_error(r); - - r = sd_bus_message_exit_container(reply); - if (r < 0) - return bus_log_parse_error(r); + STRV_FOREACH(i, names) + manager_dispatch_bus_name_owner_changed(m, *i, NULL, *i); return 0; } @@ -737,17 +801,12 @@ static int bus_setup_api(Manager *m, sd_bus *bus) { * after the new connection is set up and the name installed * to allow clients to synchronously wait for reexecution to * finish */ - r = sd_bus_request_name(bus,"org.freedesktop.systemd1", SD_BUS_NAME_ALLOW_REPLACEMENT|SD_BUS_NAME_REPLACE_EXISTING); + r = sd_bus_request_name(bus,"org.freedesktop.systemd1", SD_BUS_NAME_REPLACE_EXISTING|SD_BUS_NAME_DO_NOT_QUEUE|SD_BUS_NAME_ALLOW_REPLACEMENT); if (r < 0) { log_error("Failed to register name: %s", strerror(-r)); return r; } - if (r != SD_BUS_NAME_PRIMARY_OWNER) { - log_error("Failed to acquire name."); - return -EEXIST; - } - bus_list_names(m, bus); log_debug("Successfully connected to API bus."); @@ -879,6 +938,10 @@ static int bus_init_private(Manager *m) { if (m->private_listen_fd >= 0) return 0; + /* We don't need the private socket if we have kdbus */ + if (m->kdbus_fd >= 0) + return 0; + if (m->running_as == SYSTEMD_SYSTEM) { /* We want the private bus only when running as init */