bus-proxyd.c revision 52cfc0379a9d63f99cdb3d9f63c839bbc8889b4c
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen This file is part of systemd.
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen Copyright 2010 Lennart Poettering
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen Copyright 2013 Daniel Mack
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen Copyright 2014 Kay Sievers
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen systemd is free software; you can redistribute it and/or modify it
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen under the terms of the GNU Lesser General Public License as published by
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen the Free Software Foundation; either version 2.1 of the License, or
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen (at your option) any later version.
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen systemd is distributed in the hope that it will be useful, but
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen WITHOUT ANY WARRANTY; without even the implied warranty of
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen Lesser General Public License for more details.
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen You should have received a copy of the GNU Lesser General Public License
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen along with systemd; If not, see <http://www.gnu.org/licenses/>.
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic bool arg_drop_privileges = false;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int help(void) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "Connect STDIO or a socket to a given bus address.\n\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " -h --help Show this help\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " --version Show package version\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " --drop-privileges Drop privileges\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " --configuration=PATH Configuration file or directory\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " --machine=MACHINE Connect to specified machine\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " --address=ADDRESS Connect to the bus specified by ADDRESS\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int parse_argv(int argc, char *argv[]) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen { "version", no_argument, NULL, ARG_VERSION },
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen { "address", required_argument, NULL, ARG_ADDRESS },
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen { "drop-privileges", no_argument, NULL, ARG_DROP_PRIVILEGES },
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen { "configuration", required_argument, NULL, ARG_CONFIGURATION },
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen { "machine", required_argument, NULL, ARG_MACHINE },
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen a = strjoin("x-container-kernel:machine=", e, ";x-container-unix:machine=", e, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen a = strjoin("x-container-unix:machine=", e, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* If the first command line argument is only "x" characters
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * we'll write who we are talking to into it, so that "ps" is
08232a020bd2571088d3ee06dda07732c5e963d1Tom Gundersen * explanatory */
08232a020bd2571088d3ee06dda07732c5e963d1Tom Gundersen if (argc > optind + 1 || (arg_command_line_buffer && !in_charset(arg_command_line_buffer, "x"))) {
08232a020bd2571088d3ee06dda07732c5e963d1Tom Gundersen arg_address = strdup(DEFAULT_SYSTEM_BUS_PATH);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int rename_service(sd_bus *a, sd_bus *b) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
52d629010db73a9466c359201916494bd55186d1Tom Gundersen r = sd_bus_get_owner_creds(b, SD_BUS_CREDS_UID|SD_BUS_CREDS_PID|SD_BUS_CREDS_CMDLINE|SD_BUS_CREDS_COMM, &creds);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_creds_get_cmdline(creds, &cmdline);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* The status string gets the full command line ... */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "STATUS=Processing requests from client PID "PID_FMT" (%s); UID "UID_FMT" (%s)",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* ... and the argv line only the short comm */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_debug("Running on behalf of PID "PID_FMT" (%s), UID "UID_FMT" (%s), %s",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int synthesize_name_acquired(sd_bus *a, sd_bus *b, sd_bus_message *m) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *n = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* If we get NameOwnerChanged for our own name, we need to
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * synthesize NameLost/NameAcquired, since socket clients need
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * that, even though it is obsoleted on kdbus */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (!sd_bus_message_is_signal(m, "org.freedesktop.DBus", "NameOwnerChanged") ||
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen !streq_ptr(m->path, "/org/freedesktop/DBus") ||
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen !streq_ptr(m->sender, "org.freedesktop.DBus"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_read(m, "sss", &name, &old_owner, &new_owner);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "org.freedesktop.DBus",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (streq(new_owner, a->unique_name)) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "org.freedesktop.DBus",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "NameAcquired");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = bus_message_append_sender(n, "org.freedesktop.DBus");
08232a020bd2571088d3ee06dda07732c5e963d1Tom Gundersenstatic int synthetic_driver_send(sd_bus *b, sd_bus_message *m) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = bus_message_append_sender(m, "org.freedesktop.DBus");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int synthetic_reply_method_error(sd_bus_message *call, const sd_bus_error *e) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_new_method_error(call, &m, e);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int synthetic_reply_method_errno(sd_bus_message *call, int error, const sd_bus_error *p) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error berror = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(call, &berror);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int synthetic_reply_method_return(sd_bus_message *call, const char *types, ...) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_new_method_return(call, &m);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int synthetic_reply_return_strv(sd_bus_message *call, char **l) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_new_method_return(call, &m);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(call, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(call, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int get_creds_by_name(sd_bus *bus, const char *name, uint64_t mask, sd_bus_creds **_creds, sd_bus_error *error) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *c = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_get_name_creds(bus, name, mask, &c);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", name);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int get_creds_by_message(sd_bus *bus, sd_bus_message *m, uint64_t mask, sd_bus_creds **_creds, sd_bus_error *error) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return get_creds_by_name(bus, name, mask, _creds, error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *policy, const struct ucred *ucred, Set *owned_names) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (!streq_ptr(sd_bus_message_get_destination(m), "org.freedesktop.DBus"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* The "Hello()" call is is handled in process_hello() */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus.Introspectable", "Introspect")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "<!DOCTYPE node PUBLIC \"-//freedesktop//DTD D-BUS Object Introspection 1.0//EN\" "
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "\"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <interface name=\"org.freedesktop.DBus.Introspectable\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"Introspect\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg name=\"data\" type=\"s\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </interface>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <interface name=\"org.freedesktop.DBus\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"AddMatch\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"RemoveMatch\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"GetConnectionSELinuxSecurityContext\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"ay\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"GetConnectionUnixProcessID\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"u\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"GetConnectionUnixUser\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"u\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"GetId\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"GetNameOwner\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"Hello\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"ListActivatableNames\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"as\" direction=\"out\"/>\n"
7141e4f62c3f220872df3114c42d9e4b9525e43eTom Gundersen " </method>\n"
7141e4f62c3f220872df3114c42d9e4b9525e43eTom Gundersen " <method name=\"ListNames\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"as\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"ListQueuedOwners\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"as\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"NameHasOwner\">\n"
bba061662b0f759abb43bad60c9733305c191045Tom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
bba061662b0f759abb43bad60c9733305c191045Tom Gundersen " <arg type=\"b\" direction=\"out\"/>\n"
bba061662b0f759abb43bad60c9733305c191045Tom Gundersen " </method>\n"
2a2137401b3aef20618308d2b2694e21b0124f89Tom Gundersen " <method name=\"ReleaseName\">\n"
2a2137401b3aef20618308d2b2694e21b0124f89Tom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
2a2137401b3aef20618308d2b2694e21b0124f89Tom Gundersen " <arg type=\"u\" direction=\"out\"/>\n"
bba061662b0f759abb43bad60c9733305c191045Tom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"ReloadConfig\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"RequestName\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"u\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"u\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"StartServiceByName\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"u\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"u\" direction=\"out\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <method name=\"UpdateActivationEnvironment\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"a{ss}\" direction=\"in\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </method>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <signal name=\"NameAcquired\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </signal>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <signal name=\"NameLost\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </signal>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <signal name=\"NameOwnerChanged\">\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " <arg type=\"s\"/>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </signal>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen " </interface>\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "</node>\n");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "AddMatch")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_add_match(a, NULL, match, NULL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "RemoveMatch")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = bus_remove_match_by_string(a, match, NULL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_MATCH_RULE_NOT_FOUND, "Match rule not found"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionSELinuxSecurityContext")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = get_creds_by_message(a, m, SD_BUS_CREDS_SELINUX_CONTEXT, &creds, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "y", creds->label, strlen(creds->label));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionUnixProcessID")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = get_creds_by_message(a, m, SD_BUS_CREDS_PID, &creds, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", (uint32_t) creds->pid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionUnixUser")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = get_creds_by_message(a, m, SD_BUS_CREDS_UID, &creds, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", (uint32_t) creds->uid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetId")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "s", sd_id128_to_string(server_id, buf));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetNameOwner")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "s", "org.freedesktop.DBus");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = get_creds_by_name(a, name, SD_BUS_CREDS_UNIQUE_NAME, &creds, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "s", creds->unique_name);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ListActivatableNames")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Let's sort the names list to make it stable */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ListNames")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = strv_extend(&names, "org.freedesktop.DBus");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Let's sort the names list to make it stable */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ListQueuedOwners")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen sd_bus_error_setf(&error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Could not get owners of name '%s': no such name.", arg0);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
08232a020bd2571088d3ee06dda07732c5e963d1Tom Gundersen r = ioctl(a->input_fd, KDBUS_CMD_NAME_LIST, &cmd);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, -errno, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen name_list = (struct kdbus_name_list *) ((uint8_t *) a->kdbus_buffer + cmd.offset);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (asprintf(&n, ":1.%llu", (unsigned long long) name->owner_id) < 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, err, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_return_strv(m, owners);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "NameHasOwner")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "b", true);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "b", r >= 0);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ReleaseName")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_NON_EXISTENT);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_NOT_OWNER);
5a917c064b23c1b8a12d6abd2f9f31c575ddebc6Tom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_RELEASED);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ReloadConfig")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_error_setf(&error, SD_BUS_ERROR_NOT_SUPPORTED, "%s() is not supported", sd_bus_message_get_member(m));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "RequestName")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_read(m, "su", &name, &flags);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, -EPERM, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if ((flags & ~(BUS_NAME_ALLOW_REPLACEMENT|BUS_NAME_REPLACE_EXISTING|BUS_NAME_DO_NOT_QUEUE)) != 0)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, -EINVAL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_ALREADY_OWNER);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_EXISTS);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_IN_QUEUE);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_NAME_PRIMARY_OWNER);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "StartServiceByName")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *msg = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_read(m, "su", &name, &flags);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, -EINVAL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (r >= 0 || streq(name, "org.freedesktop.DBus"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_START_REPLY_ALREADY_RUNNING);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "org.freedesktop.DBus.Peer",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, "u", BUS_START_REPLY_SUCCESS);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "UpdateActivationEnvironment")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *msg = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (!sd_bus_message_has_signature(m, "a{ss}"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, "{ss}");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen while ((r = sd_bus_message_enter_container(m, SD_BUS_TYPE_DICT_ENTRY, "ss")) > 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen const char *key;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_read(m, "ss", &key, &value);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, -ENOMEM, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, -EINVAL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "org.freedesktop.systemd1.Manager",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "SetEnvironment");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_return(m, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_error_setf(&error, SD_BUS_ERROR_UNKNOWN_METHOD, "Unknown method '%s'.", m->member);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return synthetic_reply_method_errno(m, r, &error);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int process_policy(sd_bus *from, sd_bus *to, sd_bus_message *m, Policy *policy, const struct ucred *our_ucred, Set *owned_names) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen bool granted = false;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Driver messages are always OK */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (streq_ptr(m->sender, "org.freedesktop.DBus"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* The message came from the kernel, and is sent to our legacy client. */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_creds_get_well_known_names(&m->creds, &sender_names);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen (void) sd_bus_creds_get_uid(&m->creds, &sender_uid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen (void) sd_bus_creds_get_gid(&m->creds, &sender_gid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* First check whether the sender can send the message to our name */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_send(policy, sender_uid, sender_gid, m->header->type, NULL, m->path, m->interface, m->member))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_send(policy, sender_uid, sender_gid, m->header->type, n, m->path, m->interface, m->member)) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Then check whether us, the recipient can recieve from the sender's name */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_recv(policy, our_ucred->uid, our_ucred->gid, m->header->type, NULL, m->path, m->interface, m->member))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_recv(policy, our_ucred->uid, our_ucred->gid, m->header->type, *n, m->path, m->interface, m->member))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Return an error back to the caller */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_ACCESS_DENIED, "Access prohibited by XML receiver policy.");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Return 1, indicating that the message shall not be processed any further */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *destination_creds = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen bool granted = false;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Driver messages are always OK */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (streq_ptr(m->destination, "org.freedesktop.DBus"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* The message came from the legacy client, and is sent to kdbus. */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen SD_BUS_CREDS_WELL_KNOWN_NAMES|SD_BUS_CREDS_UNIQUE_NAME|
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen SD_BUS_CREDS_UID|SD_BUS_CREDS_GID|SD_BUS_CREDS_PID, &destination_creds);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_creds_get_well_known_names(destination_creds, &destination_names);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_creds_get_unique_name(destination_creds, &destination_unique);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen (void) sd_bus_creds_get_uid(destination_creds, &destination_uid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen (void) sd_bus_creds_get_gid(destination_creds, &destination_gid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* First check if we, the sender can send to this name */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_send(policy, our_ucred->uid, our_ucred->gid, m->header->type, NULL, m->path, m->interface, m->member))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_send(policy, our_ucred->uid, our_ucred->gid, m->header->type, *n, m->path, m->interface, m->member)) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* If we made a receiver decision,
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen then remember which name's policy
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen we used, and to which unique ID it
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen mapped when we made the
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen decision. Then, let's pass this to
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen the kernel when sending the
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen message, so that it refuses the
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen operation should the name and
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen unique ID not map to each other
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = bus_kernel_parse_unique_name(destination_unique, &m->verify_destination_id);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Then check if the recipient can receive from our name */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, NULL, m->path, m->interface, m->member))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, n, m->path, m->interface, m->member))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Return an error back to the caller */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_ACCESS_DENIED, "Access prohibited by XML sender policy.");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Return 1, indicating that the message shall not be processed any further */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int process_hello(sd_bus *a, sd_bus *b, sd_bus_message *m, bool *got_hello) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *n = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* As reaction to hello we need to respond with two messages:
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * the callback reply and the NameAcquired for the unique
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * name, since hello is otherwise obsolete on kdbus. */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "Hello") &&
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen streq_ptr(m->destination, "org.freedesktop.DBus");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error("First packet isn't hello (it's %s.%s), aborting.", m->interface, m->member);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to generate HELLO reply: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_append(n, "s", a->unique_name);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to append unique name to HELLO reply: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = bus_message_append_sender(n, "org.freedesktop.DBus");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to append sender to HELLO reply: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to seal HELLO reply: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to send HELLO reply: %m");
4189708ad0cde8e211e38d27de943579772f8869Tom Gundersen "org.freedesktop.DBus",
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "NameAcquired");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to allocate initial NameAcquired message: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_message_append(n, "s", a->unique_name);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to append unique name to NameAcquired message: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = bus_message_append_sender(n, "org.freedesktop.DBus");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to append sender to NameAcquired message: %m");
4189708ad0cde8e211e38d27de943579772f8869Tom Gundersen log_error_errno(r, "Failed to seal NameAcquired message: %m");
53fae771bcf1623cd28791c48fa60d9d5e5086e4Zbigniew Jędrzejewski-Szmek log_error_errno(r, "Failed to send NameAcquired message: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersenstatic int patch_sender(sd_bus *a, sd_bus_message *m) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* We will change the sender of messages from the bus driver
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * so that they originate from the bus driver. This is a
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * speciality originating from dbus1, where the bus driver did
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * not have a unique id, but only the well-known name. */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_creds_get_well_known_names(c, &well_known);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (strv_contains(well_known, "org.freedesktop.DBus"))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_close_unref_ sd_bus *a = NULL, *b = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_set_free_free_ Set *owned_names = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (r == 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (r == 1) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error("Illegal number of file descriptors passed");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = get_user_creds(&user, &uid, &gid, NULL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Cannot resolve user name %s: %m", user);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = drop_privileges(uid, gid, 1ULL << CAP_IPC_OWNER);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to allocate bus: %m");
107f2e2526d476c6cc9b81a690391c111027d641Tom Gundersen log_error_errno(r, "Failed to set bus name: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set address to connect to: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set FD negotiation: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_negotiate_creds(a, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_PID|SD_BUS_CREDS_GID|SD_BUS_CREDS_SELINUX_CONTEXT);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set credential negotiation: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to start bus client: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get server ID: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_creds_unref_ sd_bus_creds *bus_creds = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_get_owner_creds(a, SD_BUS_CREDS_UID, &bus_creds);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get bus creds: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_creds_get_uid(bus_creds, &bus_uid);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get bus owner UID: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* We only enforce the old XML policy on
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen * kernel busses owned by root users. */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = policy_load(&policy_buffer, arg_configuration);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to load policy: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (!policy_check_hello(&policy_buffer, ucred.uid, ucred.gid)) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to allocate bus: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set server mode: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set FD negotiation: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_negotiate_creds(b, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_PID|SD_BUS_CREDS_GID|SD_BUS_CREDS_SELINUX_CONTEXT);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set credential negotiation: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to set anonymous authentication: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to start bus client: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_debug_errno(r, "Failed to rename process: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get unique name: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "sender='org.freedesktop.DBus',"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "interface='org.freedesktop.DBus',"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "member='NameOwnerChanged',"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_add_match(a, NULL, match, NULL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to add match for NameLost: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "sender='org.freedesktop.DBus',"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "interface='org.freedesktop.DBus',"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "member='NameOwnerChanged',"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen r = sd_bus_add_match(a, NULL, match, NULL, NULL);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to add match for NameAcquired: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Read messages from bus, to pass them on to our client */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* treat 'connection reset by peer' as clean exit condition */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to process bus a: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* We officially got EOF, let's quit */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (sd_bus_message_is_signal(m, "org.freedesktop.DBus.Local", "Disconnected")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to synthesize message: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen k = process_policy(a, b, m, policy, &ucred, owned_names);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to process policy: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (k > 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to send message to client: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* Read messages from our client, to pass them on to the bus */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* treat 'connection reset by peer' as clean exit condition */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to process bus b: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* We officially got EOF, let's quit */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (sd_bus_message_is_signal(m, "org.freedesktop.DBus.Local", "Disconnected")) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to process HELLO: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (k > 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen k = process_driver(a, b, m, policy, &ucred, owned_names);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to process driver calls: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (k > 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen k = process_policy(b, a, m, policy, &ucred, owned_names);
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to process policy: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen } else if (k > 0) {
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen /* The name database changed since the policy check, hence let's check again */
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen else if (k == -ECONNRESET)
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to send message to bus: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get events mask: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get timeout: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get events mask: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen log_error_errno(r, "Failed to get timeout: %m");
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen if (t == (uint64_t) -1 || (timeout_b != (uint64_t) -1 && timeout_b < timeout_a))
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen {.fd = out_fd, .events = events_b & POLLOUT, }
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "STOPPING=1\n"
57fa1d094cd2c5ac68970526ad0a0754c548e75dTom Gundersen "STATUS=Shutting down.");