X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fmachine%2Fmachined-dbus.c;h=4a75c34dd0e702fc2d132711b2acf6345ced87ff;hp=34cd61d667edfc357060cbbe3901c1e11dfd9e41;hb=c305c32580a1d7689a401e8cf673ec7936c12bbe;hpb=86b8d289717bad2800342efca0a5023aa8374e9c diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c index 34cd61d66..4a75c34dd 100644 --- a/src/machine/machined-dbus.c +++ b/src/machine/machined-dbus.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "sd-id128.h" #include "sd-messages.h" @@ -102,7 +103,13 @@ static int method_get_machine_by_pid(sd_bus *bus, sd_bus_message *message, void return r; if (pid == 0) { - r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), &pid); + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; + + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds); + if (r < 0) + return r; + + r = sd_bus_creds_get_pid(creds, &pid); if (r < 0) return r; } @@ -162,9 +169,8 @@ static int method_list_machines(sd_bus *bus, sd_bus_message *message, void *user return sd_bus_send(bus, reply, NULL); } -static int method_create_machine(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +static int method_create_or_register_machine(Manager *manager, sd_bus_message *message, Machine **_m, sd_bus_error *error) { const char *name, *service, *class, *root_directory; - Manager *manager = userdata; MachineClass c; uint32_t leader; sd_id128_t id; @@ -173,9 +179,9 @@ static int method_create_machine(sd_bus *bus, sd_bus_message *message, void *use size_t n; int r; - assert(bus); - assert(message); assert(manager); + assert(message); + assert(_m); r = sd_bus_message_read(message, "s", &name); if (r < 0) @@ -211,14 +217,16 @@ static int method_create_machine(sd_bus *bus, sd_bus_message *message, void *use if (!isempty(root_directory) && !path_is_absolute(root_directory)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Root directory must be empty or an absolute path"); - r = sd_bus_message_enter_container(message, 'a', "(sv)"); - if (r < 0) - return r; - if (leader == 0) { + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; + + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds); + if (r < 0) + return r; + assert_cc(sizeof(uint32_t) == sizeof(pid_t)); - r = sd_bus_get_owner_pid(bus, sd_bus_message_get_sender(message), (pid_t*) &leader); + r = sd_bus_creds_get_pid(creds, (pid_t*) &leader); if (r < 0) return r; } @@ -250,17 +258,70 @@ static int method_create_machine(sd_bus *bus, sd_bus_message *message, void *use } } + *_m = m; + + return 1; + +fail: + machine_add_to_gc_queue(m); + return r; +} + +static int method_create_machine(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { + Manager *manager = userdata; + Machine *m = NULL; + int r; + + r = method_create_or_register_machine(manager, message, &m, error); + if (r < 0) + return r; + + r = sd_bus_message_enter_container(message, 'a', "(sv)"); + if (r < 0) + goto fail; + r = machine_start(m, message, error); if (r < 0) goto fail; m->create_message = sd_bus_message_ref(message); - return 1; fail: machine_add_to_gc_queue(m); + return r; +} + +static int method_register_machine(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { + Manager *manager = userdata; + _cleanup_free_ char *p = NULL; + Machine *m = NULL; + int r; + + r = method_create_or_register_machine(manager, message, &m, error); + if (r < 0) + return r; + r = cg_pid_get_unit(m->leader, &m->unit); + if (r < 0) { + r = sd_bus_error_set_errnof(error, r, "Failed to determine unit of process "PID_FMT" : %s", m->leader, strerror(-r)); + goto fail; + } + + r = machine_start(m, NULL, error); + if (r < 0) + goto fail; + + p = machine_bus_path(m); + if (!p) { + r = -ENOMEM; + goto fail; + } + + return sd_bus_reply_method_return(message, "o", p); + +fail: + machine_add_to_gc_queue(m); return r; } @@ -330,12 +391,13 @@ static int method_kill_machine(sd_bus *bus, sd_bus_message *message, void *userd const sd_bus_vtable manager_vtable[] = { SD_BUS_VTABLE_START(0), - SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, 0), - SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, 0), - SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, 0), + SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("CreateMachine", "sayssusa(sv)", "o", method_create_machine, 0), - SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, 0), - SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, 0), + SD_BUS_METHOD("RegisterMachine", "sayssus", "o", method_register_machine, 0), + SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), + SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), SD_BUS_SIGNAL("MachineNew", "so", 0), SD_BUS_SIGNAL("MachineRemoved", "so", 0), SD_BUS_VTABLE_END @@ -505,14 +567,6 @@ int manager_start_scope( return r; } - /* cgroup empty notification is not available in containers - * currently. To make this less problematic, let's shorten the - * stop timeout for machines, so that we don't wait - * forever. */ - r = sd_bus_message_append(m, "(sv)", "TimeoutStopUSec", "t", 500 * USEC_PER_MSEC); - if (r < 0) - return r; - r = sd_bus_message_append(m, "(sv)", "PIDs", "au", 1, pid); if (r < 0) return r;