#include <string.h>
#include <unistd.h>
#include <pwd.h>
+#include <sys/capability.h>
#include "sd-id128.h"
#include "sd-messages.h"
return r;
if (pid == 0) {
- r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid);
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_pid(creds, &pid);
if (r < 0)
return r;
}
return r;
if (pid == 0) {
- r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid);
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_pid(creds, &pid);
if (r < 0)
return r;
}
if (v <= 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Cannot determine VT number from virtual console TTY %s", tty);
- if (vtnr <= 0)
+ if (!vtnr)
vtnr = (uint32_t) v;
else if (vtnr != (uint32_t) v)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Specified TTY and VT number do not match");
if (seat) {
if (seat_has_vts(seat)) {
- if (vtnr > 63)
+ if (!vtnr || vtnr > 63)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "VT number out of range");
} else {
if (vtnr != 0)
}
if (leader <= 0) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+ if (r < 0)
+ return r;
+
assert_cc(sizeof(uint32_t) == sizeof(pid_t));
- r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), (pid_t*) &leader);
+ r = sd_bus_creds_get_pid(creds, (pid_t*) &leader);
if (r < 0)
return r;
}
* count, and non-login sessions do not count either. */
HASHMAP_FOREACH(session, m->sessions, i)
if (session->class == SESSION_USER &&
- !session->closing &&
session->user->uid != uid)
return true;
sd_bus_message_handler_t method,
sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
bool multiple_sessions, blocked;
int interactive, r;
uid_t uid;
return sd_bus_error_setf(error, BUS_ERROR_SLEEP_VERB_NOT_SUPPORTED, "Sleep verb not supported");
}
- r = sd_bus_get_owner_uid(m->bus, sd_bus_message_get_sender(message), &uid);
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
const char *sleep_verb,
sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
bool multiple_sessions, challenge, blocked;
const char *result = NULL;
uid_t uid;
return sd_bus_reply_method_return(message, "s", "na");
}
- r = sd_bus_get_owner_uid(m->bus, sd_bus_message_get_sender(message), &uid);
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
}
static int method_inhibit(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
const char *who, *why, *what, *mode;
_cleanup_free_ char *id = NULL;
_cleanup_close_ int fifo_fd = -1;
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
- r = sd_bus_get_owner_uid(m->bus, sd_bus_message_get_sender(message), &uid);
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_UID|SD_BUS_CREDS_PID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_uid(creds, &uid);
if (r < 0)
return r;
- r = sd_bus_get_owner_pid(m->bus, sd_bus_message_get_sender(message), &pid);
+ r = sd_bus_creds_get_pid(creds, &pid);
if (r < 0)
return r;
SD_BUS_PROPERTY("PreparingForShutdown", "b", property_get_preparing, 0, 0),
SD_BUS_PROPERTY("PreparingForSleep", "b", property_get_preparing, 0, 0),
- SD_BUS_METHOD("GetSession", "s", "o", method_get_session, 0),
- SD_BUS_METHOD("GetSessionByPID", "u", "o", method_get_session_by_pid, 0),
- SD_BUS_METHOD("GetUser", "u", "o", method_get_user, 0),
- SD_BUS_METHOD("GetUserByPID", "u", "o", method_get_user_by_pid, 0),
- SD_BUS_METHOD("GetSeat", "s", "o", method_get_seat, 0),
- SD_BUS_METHOD("ListSessions", NULL, "a(susso)", method_list_sessions, 0),
- SD_BUS_METHOD("ListUsers", NULL, "a(uso)", method_list_users, 0),
- SD_BUS_METHOD("ListSeats", NULL, "a(so)", method_list_seats, 0),
- SD_BUS_METHOD("ListInhibitors", NULL, "a(ssssuu)", method_list_inhibitors, 0),
+ SD_BUS_METHOD("GetSession", "s", "o", method_get_session, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("GetSessionByPID", "u", "o", method_get_session_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("GetUser", "u", "o", method_get_user, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("GetUserByPID", "u", "o", method_get_user_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("GetSeat", "s", "o", method_get_seat, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ListSessions", NULL, "a(susso)", method_list_sessions, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ListUsers", NULL, "a(uso)", method_list_users, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ListSeats", NULL, "a(so)", method_list_seats, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ListInhibitors", NULL, "a(ssssuu)", method_list_inhibitors, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("CreateSession", "uussssussbssa(sv)", "soshusub", method_create_session, 0),
SD_BUS_METHOD("ReleaseSession", "s", NULL, method_release_session, 0),
- SD_BUS_METHOD("ActivateSession", "s", NULL, method_activate_session, 0),
- SD_BUS_METHOD("ActivateSessionOnSeat", "ss", NULL, method_activate_session_on_seat, 0),
+ SD_BUS_METHOD("ActivateSession", "s", NULL, method_activate_session, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ActivateSessionOnSeat", "ss", NULL, method_activate_session_on_seat, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("LockSession", "s", NULL, method_lock_session, 0),
SD_BUS_METHOD("UnlockSession", "s", NULL, method_lock_session, 0),
SD_BUS_METHOD("LockSessions", NULL, NULL, method_lock_sessions, 0),
SD_BUS_METHOD("UnlockSessions", NULL, NULL, method_lock_sessions, 0),
- SD_BUS_METHOD("KillSession", "ssi", NULL, method_kill_session, 0),
- SD_BUS_METHOD("KillUser", "ui", NULL, method_kill_user, 0),
- SD_BUS_METHOD("TerminateSession", "s", NULL, method_terminate_session, 0),
- SD_BUS_METHOD("TerminateUser", "u", NULL, method_terminate_user, 0),
- SD_BUS_METHOD("TerminateSeat", "s", NULL, method_terminate_seat, 0),
- SD_BUS_METHOD("SetUserLinger", "ubb", NULL, method_set_user_linger, 0),
- SD_BUS_METHOD("AttachDevice", "ssb", NULL, method_attach_device, 0),
- SD_BUS_METHOD("FlushDevices", "b", NULL, method_flush_devices, 0),
- SD_BUS_METHOD("PowerOff", "b", NULL, method_poweroff, 0),
- SD_BUS_METHOD("Reboot", "b", NULL, method_reboot, 0),
- SD_BUS_METHOD("Suspend", "b", NULL, method_suspend, 0),
- SD_BUS_METHOD("Hibernate", "b", NULL, method_hibernate, 0),
- SD_BUS_METHOD("HybridSleep", "b", NULL, method_hybrid_sleep, 0),
- SD_BUS_METHOD("CanPowerOff", NULL, "s", method_can_poweroff, 0),
- SD_BUS_METHOD("CanReboot", NULL, "s", method_can_reboot, 0),
- SD_BUS_METHOD("CanSuspend", NULL, "s", method_can_suspend, 0),
- SD_BUS_METHOD("CanHibernate", NULL, "s", method_can_hibernate, 0),
- SD_BUS_METHOD("CanHybridSleep", NULL, "s", method_can_hybrid_sleep, 0),
- SD_BUS_METHOD("Inhibit", "ssss", "h", method_inhibit, 0),
+ SD_BUS_METHOD("KillSession", "ssi", NULL, method_kill_session, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("KillUser", "ui", NULL, method_kill_user, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("TerminateSession", "s", NULL, method_terminate_session, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("TerminateUser", "u", NULL, method_terminate_user, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("TerminateSeat", "s", NULL, method_terminate_seat, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("SetUserLinger", "ubb", NULL, method_set_user_linger, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("AttachDevice", "ssb", NULL, method_attach_device, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("FlushDevices", "b", NULL, method_flush_devices, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("PowerOff", "b", NULL, method_poweroff, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("Reboot", "b", NULL, method_reboot, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("Suspend", "b", NULL, method_suspend, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("Hibernate", "b", NULL, method_hibernate, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("HybridSleep", "b", NULL, method_hybrid_sleep, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("CanPowerOff", NULL, "s", method_can_poweroff, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("CanReboot", NULL, "s", method_can_reboot, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("CanSuspend", NULL, "s", method_can_suspend, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("CanHibernate", NULL, "s", method_can_hibernate, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("CanHybridSleep", NULL, "s", method_can_hybrid_sleep, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("Inhibit", "ssss", "h", method_inhibit, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_SIGNAL("SessionNew", "so", 0),
SD_BUS_SIGNAL("SessionRemoved", "so", 0),