#include <string.h>
#include <unistd.h>
#include <pwd.h>
+#include <sys/capability.h>
#include "sd-id128.h"
#include "sd-messages.h"
return r;
if (pid == 0) {
- r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid);
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_creds_get_pid(creds, &pid);
if (r < 0)
return r;
}
return r;
if (leader == 0) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+
+ r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
+ if (r < 0)
+ return r;
+
assert_cc(sizeof(uint32_t) == sizeof(pid_t));
- r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), (pid_t*) &leader);
+ r = sd_bus_creds_get_pid(creds, (pid_t*) &leader);
if (r < 0)
return r;
}
const sd_bus_vtable manager_vtable[] = {
SD_BUS_VTABLE_START(0),
- SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, 0),
- SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, 0),
- SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, 0),
+ SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("CreateMachine", "sayssusa(sv)", "o", method_create_machine, 0),
- SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, 0),
- SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, 0),
+ SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
+ SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
SD_BUS_SIGNAL("MachineNew", "so", 0),
SD_BUS_SIGNAL("MachineRemoved", "so", 0),
SD_BUS_VTABLE_END