logind-acl.c revision b26fa1a2fbcfee7d03b0c8fd15ec3aa64ae70b9f
/***
This file is part of systemd.
Copyright 2011 Lennart Poettering
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
#include <string.h>
#include "acl-util.h"
#include "alloc-util.h"
#include "dirent-util.h"
#include "escape.h"
#include "fd-util.h"
#include "formats-util.h"
#include "logind-acl.h"
#include "set.h"
#include "string-util.h"
#include "udev-util.h"
#include "util.h"
acl_entry_t i;
int found;
bool changed = false;
found > 0;
if (acl_get_tag_type(i, &tag) < 0)
return -errno;
continue;
if (acl_delete_entry(acl, i) < 0)
return -errno;
changed = true;
}
if (found < 0)
return -errno;
return changed;
}
int devnode_acl(const char *path,
bool flush,
int r = 0;
bool changed = false;
if (!acl)
return -errno;
if (flush) {
if (r < 0)
goto finish;
if (r > 0)
changed = true;
if (r < 0)
goto finish;
if (r > 0) {
r = -errno;
goto finish;
}
changed = true;
}
}
if (r < 0)
goto finish;
if (r == 0) {
r = -errno;
goto finish;
}
r = -errno;
goto finish;
}
}
r = -errno;
goto finish;
}
if (rd < 0) {
r = -errno;
goto finish;
}
if (wt < 0) {
r = -errno;
goto finish;
}
r = -errno;
goto finish;
}
changed = true;
}
}
if (!changed)
goto finish;
if (acl_calc_mask(&acl) < 0) {
r = -errno;
goto finish;
}
r = -errno;
goto finish;
}
r = 0;
return r;
}
const char *seat,
bool flush,
Iterator i;
char *n;
int r;
if (!nodes)
return -ENOMEM;
e = udev_enumerate_new(udev);
if (!e)
return -ENOMEM;
seat = "seat0";
/* We can only match by one tag in libudev. We choose
* "uaccess" for that. If we could match for two tags here we
* could add the seat name as second match tag, but this would
* be hardly optimizable in libudev, and hence checking the
* second tag manually in our loop is a good solution. */
r = udev_enumerate_add_match_tag(e, "uaccess");
if (r < 0)
return r;
if (r < 0)
return r;
r = udev_enumerate_scan_devices(e);
if (r < 0)
return r;
if (!d)
return -ENOMEM;
sn = "seat0";
continue;
node = udev_device_get_devnode(d);
/* In case people mistag devices with nodes, we need to ignore this */
if (!node)
continue;
if (!n)
return -ENOMEM;
r = set_consume(nodes, n);
if (r < 0)
return r;
}
/* udev exports "dead" device nodes to allow module on-demand loading,
* these devices are not known to the kernel at this moment */
if (dir) {
return -ENOMEM;
if (!n)
return -ENOMEM;
r = set_consume(nodes, n);
if (r == -EEXIST)
continue;
if (r < 0)
return r;
}
}
r = 0;
SET_FOREACH(n, nodes, i) {
int k;
if (k == -ENOENT)
log_debug("Device %s disappeared while setting ACLs", n);
else if (k < 0 && r == 0)
r = k;
}
return r;
}