#include "strv.h"
#include "def.h"
#include "capability.h"
+#include "bus-policy.h"
-static const char *arg_address = DEFAULT_SYSTEM_BUS_PATH;
+static char *arg_address = NULL;
static char *arg_command_line_buffer = NULL;
static bool arg_drop_privileges = false;
+static char **arg_configuration = NULL;
static int help(void) {
printf("%s [OPTIONS...]\n\n"
"Connect STDIO or a socket to a given bus address.\n\n"
- " -h --help Show this help\n"
- " --version Show package version\n"
- " --drop-privileges Drop privileges\n"
- " --address=ADDRESS Connect to the bus specified by ADDRESS\n"
- " (default: " DEFAULT_SYSTEM_BUS_PATH ")\n",
+ " -h --help Show this help\n"
+ " --version Show package version\n"
+ " --drop-privileges Drop privileges\n"
+ " --configuration=PATH Configuration file or directory\n"
+ " --machine=MACHINE Connect to specified machine\n"
+ " --address=ADDRESS Connect to the bus specified by ADDRESS\n"
+ " (default: " DEFAULT_SYSTEM_BUS_PATH ")\n",
program_invocation_short_name);
return 0;
ARG_VERSION = 0x100,
ARG_ADDRESS,
ARG_DROP_PRIVILEGES,
+ ARG_CONFIGURATION,
+ ARG_MACHINE,
};
static const struct option options[] = {
{ "version", no_argument, NULL, ARG_VERSION },
{ "address", required_argument, NULL, ARG_ADDRESS },
{ "drop-privileges", no_argument, NULL, ARG_DROP_PRIVILEGES },
- { NULL, 0, NULL, 0 },
+ { "configuration", required_argument, NULL, ARG_CONFIGURATION },
+ { "machine", required_argument, NULL, ARG_MACHINE },
+ {},
};
- int c;
+ int c, r;
assert(argc >= 0);
assert(argv);
puts(SYSTEMD_FEATURES);
return 0;
- case ARG_ADDRESS:
- arg_address = optarg;
+ case ARG_ADDRESS: {
+ char *a;
+
+ a = strdup(optarg);
+ if (!a)
+ return log_oom();
+
+ free(arg_address);
+ arg_address = a;
break;
+ }
case ARG_DROP_PRIVILEGES:
arg_drop_privileges = true;
break;
+ case ARG_CONFIGURATION:
+ r = strv_extend(&arg_configuration, optarg);
+ if (r < 0)
+ return log_oom();
+ break;
+
+ case ARG_MACHINE: {
+ _cleanup_free_ char *e = NULL;
+ char *a;
+
+ e = bus_address_escape(optarg);
+ if (!e)
+ return log_oom();
+
+#ifdef ENABLE_KDBUS
+ a = strjoin("x-container-kernel:machine=", e, ";x-container-unix:machine=", e, NULL);
+#else
+ a = strjoin("x-container-unix:machine=", e, NULL);
+#endif
+ if (!a)
+ return log_oom();
+
+ free(arg_address);
+ arg_address = a;
+
+ break;
+ }
+
case '?':
return -EINVAL;
* we'll write who we are talking to into it, so that "ps" is
* explanatory */
arg_command_line_buffer = argv[optind];
- if (argc > optind + 1 ||
- (arg_command_line_buffer && arg_command_line_buffer[strspn(arg_command_line_buffer, "x")] != 0)) {
+ if (argc > optind + 1 || (arg_command_line_buffer && !in_charset(arg_command_line_buffer, "x"))) {
log_error("Too many arguments");
return -EINVAL;
}
+ if (!arg_address) {
+ arg_address = strdup(DEFAULT_SYSTEM_BUS_PATH);
+ if (!arg_address)
+ return log_oom();
+ }
+
return 1;
}
assert(b);
assert(m);
+ if (!a->is_kernel)
+ return 0;
+
if (!sd_bus_message_is_method_call(m, "org.freedesktop.DBus.Properties", "GetAll"))
return 0;
assert(b);
assert(m);
+ if (!a->is_kernel)
+ return 0;
+
if (!streq_ptr(sd_bus_message_get_destination(m), "org.freedesktop.DBus"))
return 0;
bool is_unix;
struct ucred ucred = {};
_cleanup_free_ char *peersec = NULL;
+ Policy policy = {};
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_parse_environment();
if (r <= 0)
goto finish;
+ r = policy_load(&policy, arg_configuration);
+ if (r < 0) {
+ log_error("Failed to load policy: %s", strerror(-r));
+ goto finish;
+ }
+
+ /* policy_dump(&policy); */
+
r = sd_listen_fds(0);
if (r == 0) {
in_fd = STDIN_FILENO;
finish:
sd_bus_flush(a);
sd_bus_flush(b);
+ sd_bus_close(a);
+ sd_bus_close(b);
+
+ policy_free(&policy);
+ strv_free(arg_configuration);
+ free(arg_address);
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}