bus-util.c revision 9bcbce4201afada1c0ad8ada0cbfbbf58a52a6a7
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
/***
This file is part of systemd.
Copyright 2013 Lennart Poettering
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include "sd-event.h"
#include "sd-bus.h"
#include "util.h"
#include "macro.h"
#include "def.h"
#include "bus-util.h"
assert(m);
assert(e);
return 1;
}
int r;
assert(e);
r = asprintf(&match, "type='signal',sender='org.freedesktop.DBus',interface='org.freedesktop.DBus',member='NameLost',arg0='%s'", name);
if (r < 0)
return r;
if (r < 0)
return r;
if (r < 0)
return r;
if (r != SD_BUS_NAME_RELEASED)
return -EIO;
return 0;
}
bool exiting = false;
int r;
assert(e);
for (;;) {
r = sd_event_get_state(e);
if (r < 0)
return r;
if (r == SD_EVENT_FINISHED)
break;
if (r < 0)
return r;
if (r == 0 && !exiting) {
if (r < 0)
return r;
exiting = true;
}
}
return 0;
}
const char *path,
const char *interface,
const char *property,
void *userdata) {
int r;
if (r < 0)
return r;
return 1;
}
int bus_verify_polkit(
sd_bus_message *m,
const char *action,
bool interactive,
bool *_challenge,
sd_bus_error *e) {
const char *sender;
int r;
assert(m);
if (!sender)
return -EBADMSG;
if (r < 0)
return r;
if (uid == 0)
return 1;
#ifdef ENABLE_POLKIT
else {
unsigned authorized = false, challenge = false;
r = sd_bus_call_method(
bus,
"org.freedesktop.PolicyKit1",
"org.freedesktop.PolicyKit1.Authority",
"CheckAuthorization",
e,
&reply,
"(sa{sv})sa{ss}us",
0,
interactive ? 1 : 0,
"");
if (r < 0) {
/* Treat no PK available as access denied */
return -EACCES;
}
return r;
}
if (r < 0)
return r;
if (authorized)
return 1;
if (_challenge) {
*_challenge = challenge;
return 0;
}
}
#endif
return -EACCES;
}
#ifdef ENABLE_POLKIT
typedef struct AsyncPolkitQuery {
void *userdata;
AsyncPolkitQuery *q = userdata;
int r;
assert(q);
q->serial = 0;
m = sd_bus_message_ref(q->request);
r = sd_bus_message_rewind(m, true);
if (r < 0)
return r;
if (r < 0)
return r;
return 1;
}
if (!q)
return;
if (q->serial > 0 && b)
sd_bus_send_with_reply_cancel(b, q->serial);
free(q);
}
#endif
sd_bus_message *m,
const char *action,
bool interactive,
void *userdata) {
#ifdef ENABLE_POLKIT
AsyncPolkitQuery *q;
#endif
const char *sender;
int r;
assert(m);
#ifdef ENABLE_POLKIT
q = hashmap_remove(*registry, m);
if (q) {
unsigned authorized, challenge;
/* This is the second invocation of this function, and
* there's already a response from polkit, let's
* process it */
const sd_bus_error *e;
/* Treat no PK available as access denied */
return -EACCES;
}
e = sd_bus_message_get_error(q->reply);
sd_bus_error_copy(error, e);
r = sd_bus_error_get_errno(e);
return r;
}
if (r >= 0)
if (r < 0)
return r;
if (authorized)
return 1;
return -EACCES;
}
#endif
if (!sender)
return -EBADMSG;
if (r < 0)
return r;
if (uid == 0)
return 1;
#ifdef ENABLE_POLKIT
if (r < 0)
return r;
bus,
"org.freedesktop.PolicyKit1",
"org.freedesktop.PolicyKit1.Authority",
"CheckAuthorization",
&pk);
if (r < 0)
return r;
pk,
"(sa{sv})sa{ss}us",
0,
interactive ? 1 : 0,
"");
if (r < 0)
return r;
if (!q)
return -ENOMEM;
q->request = sd_bus_message_ref(m);
r = hashmap_put(*registry, m, q);
if (r < 0) {
return r;
}
if (r < 0)
return r;
return 0;
#endif
return -EACCES;
}
#ifdef ENABLE_POLKIT
AsyncPolkitQuery *q;
while ((q = hashmap_steal_first(registry)))
#endif
}
static int bus_check_peercred(sd_bus *c) {
int fd;
socklen_t l;
assert(c);
fd = sd_bus_get_fd(c);
l = sizeof(struct ucred);
log_error("SO_PEERCRED failed: %m");
return -errno;
}
if (l != sizeof(struct ucred)) {
log_error("SO_PEERCRED returned wrong size.");
return -E2BIG;
}
return -EPERM;
return 1;
}
int r;
bool private = true;
if (geteuid() == 0) {
/* If we are root, then let's talk directly to the
* system instance, instead of going via the bus */
r = sd_bus_new(&bus);
if (r < 0)
return r;
if (r < 0)
return r;
r = sd_bus_start(bus);
if (r < 0)
return r;
} else {
r = sd_bus_open_system(&bus);
if (r < 0)
return r;
private = false;
}
if (private) {
r = bus_check_peercred(bus);
if (r < 0) {
return -EACCES;
}
}
return 0;
}