X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fdbus-unit.c;h=8fe83aefec62fdf9a7ca53e6616a6ccfa4535f39;hb=5482192e5774f52f2af0665a3b58539295e9c0a4;hp=07e7f20e6b185a7f92e8d45b779a3e6d565eb412;hpb=fe7f06f142cf42928e419d8578afd75bf1439672;p=elogind.git

diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c
index 07e7f20e6..8fe83aefe 100644
--- a/src/core/dbus-unit.c
+++ b/src/core/dbus-unit.c
@@ -421,6 +421,12 @@ int bus_unit_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, s
         assert(message);
         assert(u);
 
+        r = bus_verify_manage_unit_async_for_kill(u->manager, message, error);
+        if (r < 0)
+                return r;
+        if (r == 0)
+                return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+
         r = sd_bus_message_read(message, "si", &swho, &signo);
         if (r < 0)
                 return r;
@@ -436,7 +442,7 @@ int bus_unit_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, s
         if (signo <= 0 || signo >= _NSIG)
                 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
 
-        r = selinux_unit_access_check(u, bus, message, "stop", error);
+        r = selinux_unit_access_check(u, message, "stop", error);
         if (r < 0)
                 return r;
 
@@ -455,7 +461,13 @@ int bus_unit_method_reset_failed(sd_bus *bus, sd_bus_message *message, void *use
         assert(message);
         assert(u);
 
-        r = selinux_unit_access_check(u, bus, message, "reload", error);
+        r = bus_verify_manage_unit_async(u->manager, message, error);
+        if (r < 0)
+                return r;
+        if (r == 0)
+                return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+
+        r = selinux_unit_access_check(u, message, "reload", error);
         if (r < 0)
                 return r;
 
@@ -472,11 +484,17 @@ int bus_unit_method_set_properties(sd_bus *bus, sd_bus_message *message, void *u
         assert(message);
         assert(u);
 
+        r = bus_verify_manage_unit_async(u->manager, message, error);
+        if (r < 0)
+                return r;
+        if (r == 0)
+                return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+
         r = sd_bus_message_read(message, "b", &runtime);
         if (r < 0)
                 return r;
 
-        r = selinux_unit_access_check(u, bus, message, "start", error);
+        r = selinux_unit_access_check(u, message, "start", error);
         if (r < 0)
                 return r;
 
@@ -737,7 +755,7 @@ int bus_unit_queue_job(
         }
 
         r = selinux_unit_access_check(
-                        u, bus, message,
+                        u, message,
                         (type == JOB_START || type == JOB_RESTART || type == JOB_TRY_RESTART) ? "start" :
                         type == JOB_STOP ? "stop" : "reload", error);
         if (r < 0)
@@ -758,13 +776,13 @@ int bus_unit_queue_job(
                 return r;
 
         if (bus == u->manager->api_bus) {
-                if (!j->subscribed) {
-                        r = sd_bus_track_new(bus, &j->subscribed, NULL, NULL);
+                if (!j->clients) {
+                        r = sd_bus_track_new(bus, &j->clients, NULL, NULL);
                         if (r < 0)
                                 return r;
                 }
 
-                r = sd_bus_track_add_sender(j->subscribed, message);
+                r = sd_bus_track_add_sender(j->clients, message);
                 if (r < 0)
                         return r;
         }