X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Flogin%2Flogind-dbus.c;h=d8f4d89474642ef93fdac075508f66d17635838e;hp=a50db630a0f42db5077cc2d2d189febde26e768e;hb=55efac6cbcea0d8edda9c6820620ceb390009e7a;hpb=cae5846b2cbb5091267f59f4c7f941ce767a1f8f diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index a50db630a..d8f4d8947 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -62,6 +62,7 @@ " \n" \ " \n" \ " \n" \ + " \n" \ " \n" \ " \n" \ " \n" \ @@ -129,6 +130,12 @@ " \n" \ " \n" \ " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ + " \n" \ " \n" \ " \n" \ " \n" \ @@ -216,11 +223,12 @@ static int bus_manager_append_idle_hint_since(DBusMessageIter *i, const char *pr static int bus_manager_create_session(Manager *m, DBusMessage *message, DBusMessage **_reply) { Session *session = NULL; User *user = NULL; - const char *type, *seat, *tty, *display, *remote_user, *remote_host, *service; + const char *type, *class, *seat, *tty, *display, *remote_user, *remote_host, *service; uint32_t uid, leader, audit_id = 0; dbus_bool_t remote, kill_processes; char **controllers = NULL, **reset_controllers = NULL; SessionType t; + SessionClass c; Seat *s; DBusMessageIter iter; int r; @@ -265,6 +273,17 @@ static int bus_manager_create_session(Manager *m, DBusMessage *message, DBusMess dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_STRING) return -EINVAL; + dbus_message_iter_get_basic(&iter, &class); + if (isempty(class)) + c = SESSION_USER; + else + c = session_class_from_string(class); + + if (c < 0 || + !dbus_message_iter_next(&iter) || + dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_STRING) + return -EINVAL; + dbus_message_iter_get_basic(&iter, &seat); if (isempty(seat)) @@ -461,6 +480,7 @@ static int bus_manager_create_session(Manager *m, DBusMessage *message, DBusMess session->leader = leader; session->audit_id = audit_id; session->type = t; + session->class = c; session->remote = remote; session->controllers = controllers; session->reset_controllers = reset_controllers; @@ -714,6 +734,37 @@ static int flush_devices(Manager *m) { return trigger_device(m, NULL); } +static int have_multiple_sessions( + DBusConnection *connection, + Manager *m, + DBusMessage *message, + DBusError *error) { + + Session *s; + + assert(m); + + if (hashmap_size(m->sessions) > 1) + return true; + + /* Hmm, there's only one session, but let's make sure it + * actually belongs to the user who is asking. If not, better + * be safe than sorry. */ + + s = hashmap_first(m->sessions); + if (s) { + unsigned long ul; + + ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), error); + if (ul == (unsigned long) -1) + return -EIO; + + return s->user->uid != ul; + } + + return false; +} + static const BusProperty bus_login_manager_properties[] = { { "ControlGroupHierarchy", bus_property_append_string, "s", offsetof(Manager, cgroup_path), true }, { "Controllers", bus_property_append_strv, "as", offsetof(Manager, controllers), true }, @@ -1261,7 +1312,7 @@ static DBusHandlerResult manager_message_handler( if (!pw) return bus_send_error_reply(connection, message, NULL, errno ? -errno : -EINVAL); - r = verify_polkit(connection, message, "org.freedesktop.login1.set-user-linger", interactive, &error); + r = verify_polkit(connection, message, "org.freedesktop.login1.set-user-linger", interactive, NULL, &error); if (r < 0) return bus_send_error_reply(connection, message, &error, r); @@ -1321,7 +1372,7 @@ static DBusHandlerResult manager_message_handler( if (!path_startswith(sysfs, "/sys") || !seat_name_is_valid(seat)) return bus_send_error_reply(connection, message, NULL, -EINVAL); - r = verify_polkit(connection, message, "org.freedesktop.login1.attach-device", interactive, &error); + r = verify_polkit(connection, message, "org.freedesktop.login1.attach-device", interactive, NULL, &error); if (r < 0) return bus_send_error_reply(connection, message, &error, r); @@ -1344,7 +1395,7 @@ static DBusHandlerResult manager_message_handler( DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); - r = verify_polkit(connection, message, "org.freedesktop.login1.flush-devices", interactive, &error); + r = verify_polkit(connection, message, "org.freedesktop.login1.flush-devices", interactive, NULL, &error); if (r < 0) return bus_send_error_reply(connection, message, &error, r); @@ -1372,27 +1423,11 @@ static DBusHandlerResult manager_message_handler( DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); - multiple_sessions = hashmap_size(m->sessions) > 1; - - if (!multiple_sessions) { - Session *s; - - /* Hmm, there's only one session, but let's - * make sure it actually belongs to the user - * who is asking. If not, better be safe than - * sorry. */ - - s = hashmap_first(m->sessions); - if (s) { - unsigned long ul; + r = have_multiple_sessions(connection, m, message, &error); + if (r < 0) + return bus_send_error_reply(connection, message, &error, r); - ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), &error); - if (ul == (unsigned long) -1) - return bus_send_error_reply(connection, message, &error, -EIO); - - multiple_sessions = s->user->uid != ul; - } - } + multiple_sessions = r > 0; if (streq(dbus_message_get_member(message), "PowerOff")) { if (multiple_sessions) @@ -1410,7 +1445,7 @@ static DBusHandlerResult manager_message_handler( name = SPECIAL_REBOOT_TARGET; } - r = verify_polkit(connection, message, action, interactive, &error); + r = verify_polkit(connection, message, action, interactive, NULL, &error); if (r < 0) return bus_send_error_reply(connection, message, &error, r); @@ -1442,6 +1477,50 @@ static DBusHandlerResult manager_message_handler( if (!reply) goto oom; + } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Manager", "CanPowerOff") || + dbus_message_is_method_call(message, "org.freedesktop.login1.Manager", "CanReboot")) { + + bool multiple_sessions, challenge, b; + const char *t, *action; + + r = have_multiple_sessions(connection, m, message, &error); + if (r < 0) + return bus_send_error_reply(connection, message, &error, r); + + multiple_sessions = r > 0; + + if (streq(dbus_message_get_member(message), "CanPowerOff")) { + if (multiple_sessions) + action = "org.freedesktop.login1.power-off-multiple-sessions"; + else + action = "org.freedesktop.login1.power-off"; + + } else { + if (multiple_sessions) + action = "org.freedesktop.login1.reboot-multiple-sessions"; + else + action = "org.freedesktop.login1.reboot"; + } + + r = verify_polkit(connection, message, action, false, &challenge, &error); + if (r < 0) + return bus_send_error_reply(connection, message, &error, r); + + reply = dbus_message_new_method_return(message); + if (!reply) + goto oom; + + t = r > 0 ? "yes" : + challenge ? "challenge" : + "no"; + + b = dbus_message_append_args( + reply, + DBUS_TYPE_STRING, &t, + DBUS_TYPE_INVALID); + if (!b) + goto oom; + } else if (dbus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", "Introspect")) { char *introspection = NULL; FILE *f;