machine-dbus.c revision 2eec67acbb00593e414549a7e5b35eb7dd776b1b
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
/***
This file is part of systemd.
Copyright 2011 Lennart Poettering
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include <errno.h>
#include <string.h>
/* When we include libgen.h because we need dirname() we immediately
* undefine basename() since libgen.h defines it as a macro to the XDG
* version which is really broken. */
#include <libgen.h>
#include "bus-util.h"
#include "bus-label.h"
#include "strv.h"
#include "bus-common-errors.h"
#include "copy.h"
#include "fileio.h"
#include "in-addr-util.h"
#include "local-addresses.h"
#include "path-util.h"
#include "mkdir.h"
#include "bus-internal.h"
#include "machine.h"
#include "machine-dbus.h"
static int property_get_id(
const char *path,
const char *interface,
const char *property,
void *userdata,
sd_bus_error *error) {
int r;
assert(m);
if (r < 0)
return r;
return 1;
}
static int property_get_state(
const char *path,
const char *interface,
const char *property,
void *userdata,
sd_bus_error *error) {
const char *state;
int r;
assert(m);
if (r < 0)
return r;
return 1;
}
static int property_get_netif(
const char *path,
const char *interface,
const char *property,
void *userdata,
sd_bus_error *error) {
int r;
assert(m);
if (r < 0)
return r;
return 1;
}
int bus_machine_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
int r;
assert(m);
"org.freedesktop.machine1.manage-machines",
false,
&m->manager->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
r = machine_stop(m);
if (r < 0)
return r;
}
int bus_machine_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *swho;
int r;
assert(m);
if (r < 0)
return r;
else {
if (who < 0)
}
"org.freedesktop.machine1.manage-machines",
false,
&m->manager->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
if (r < 0)
return r;
}
int bus_machine_method_get_addresses(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *p;
int r;
assert(m);
if (m->class != MACHINE_CONTAINER)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Requesting IP address data is only supported on container machines.");
if (r < 0)
return r;
r = readlink_malloc(p, &them);
if (r < 0)
return r;
return sd_bus_error_setf(error, BUS_ERROR_NO_PRIVATE_NETWORKING, "Machine %s does not use private networking", m->name);
if (r < 0)
return r;
return -errno;
if (child < 0)
if (child == 0) {
struct local_address *a;
int i, n;
if (r < 0)
if (n < 0)
for (a = addresses, i = 0; i < n; a++, i++) {
};
if (r < 0)
}
}
if (r < 0)
return r;
if (r < 0)
return r;
for (;;) {
int family;
ssize_t n;
union in_addr_union in_addr;
.msg_iovlen = 2,
};
if (n < 0)
return -errno;
break;
if (r < 0)
return r;
if (r < 0)
return r;
switch (family) {
case AF_INET:
return -EIO;
break;
case AF_INET6:
return -EIO;
break;
}
if (r < 0)
return r;
if (r < 0)
return r;
}
if (r < 0)
if (r < 0)
return r;
}
int bus_machine_method_get_os_release(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
_cleanup_strv_free_ char **l = NULL;
char **k, **v;
int r;
assert(m);
if (m->class != MACHINE_CONTAINER)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Requesting OS release data is only supported on container machines.");
if (r < 0)
return r;
return -errno;
if (child < 0)
if (child == 0) {
if (r < 0)
if (fd < 0) {
if (fd < 0)
}
if (r < 0)
}
if (!f)
return -errno;
pair[0] = -1;
if (r < 0)
return r;
if (r < 0)
if (r < 0)
return r;
if (r < 0)
return r;
STRV_FOREACH_PAIR(k, v, l) {
if (r < 0)
return r;
}
if (r < 0)
return r;
}
int bus_machine_method_open_pty(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
int r;
assert(m);
if (m->class != MACHINE_CONTAINER)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Opening pseudo TTYs is only supported on container machines.");
if (master < 0)
return master;
if (r < 0)
return r;
if (r < 0)
return r;
if (r < 0)
return r;
}
int bus_machine_method_open_login(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *p;
int r;
if (m->class != MACHINE_CONTAINER)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Opening logins is only supported on container machines.");
"org.freedesktop.machine1.login",
false,
&m->manager->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
if (master < 0)
return master;
if (r < 0)
return r;
if (!p)
return -errno;
r = sd_bus_new(&container_bus);
if (r < 0)
return r;
#ifdef ENABLE_KDBUS
asprintf(&container_bus->address, "x-machine-kernel:pid=" PID_FMT ";x-machine-unix:pid=" PID_FMT, m->leader, m->leader);
#else
#endif
if (!container_bus->address)
return log_oom();
container_bus->bus_client = true;
container_bus->trusted = false;
container_bus->is_system = true;
r = sd_bus_start(container_bus);
if (r < 0)
return r;
if (!getty)
return log_oom();
r = sd_bus_call_method(
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
"StartUnit",
if (r < 0)
return r;
if (r < 0)
return r;
if (r < 0)
return r;
}
int bus_machine_method_bind_mount(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
bool mount_slave_created = false, mount_slave_mounted = false,
mount_tmp_created = false, mount_tmp_mounted = false,
mount_outside_created = false, mount_outside_mounted = false;
int read_only, make_directory;
int r;
if (m->class != MACHINE_CONTAINER)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Bind mounting is only supported on container machines.");
if (r < 0)
return r;
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path must be absolute and not contain ../.");
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Destination path must be absolute and not contain ../.");
"org.freedesktop.machine1.manage-machines",
false,
&m->manager->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
* namespace boundaries we should rework this logic to make
* use of it... */
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Container does not allow propagation of mount points.");
/* Our goal is to install a new bind mount into the container,
possibly read-only. This is irritatingly complex
unfortunately, currently.
First, we start by creating a private playground in /tmp,
that we can mount MS_SLAVE. (Which is necessary, since
MS_MOUNT cannot be applied to mounts with MS_SHARED parent
mounts.) */
if (!mkdtemp(mount_slave))
mount_slave_created = true;
goto finish;
}
mount_slave_mounted = true;
goto finish;
}
/* Second, we mount the source directory to a directory inside
of our MS_SLAVE playground. */
r = sd_bus_error_set_errnof(error, errno, "Failed to create temporary mount point %s: %m", mount_tmp);
goto finish;
}
mount_tmp_created = true;
goto finish;
}
mount_tmp_mounted = true;
/* Third, we remount the new bind mount read-only if requested. */
if (read_only)
goto finish;
}
/* Fourth, we move the new bind mount into the propagation
* directory. This way it will appear there read-only
* right-away. */
if (!mkdtemp(mount_outside)) {
r = sd_bus_error_set_errnof(error, errno, "Cannot create propagation directory %s: %m", mount_outside);
goto finish;
}
mount_outside_created = true;
goto finish;
}
mount_outside_mounted = true;
mount_tmp_mounted = false;
mount_tmp_created = false;
(void) umount(mount_slave);
mount_slave_mounted = false;
(void) rmdir(mount_slave);
mount_slave_created = false;
goto finish;
}
if (child < 0) {
goto finish;
}
if (child == 0) {
const char *mount_inside;
int mntfd;
const char *q;
if (mntfd < 0) {
goto child_fail;
}
goto child_fail;
}
if (make_directory)
/* Fifth, move the mount to the right place inside */
goto child_fail;
}
}
if (r < 0) {
goto finish;
}
goto finish;
}
if (read(errno_pipe_fd[0], &r, sizeof(r)) == sizeof(r))
else
goto finish;
}
if (mount_tmp_mounted)
if (mount_tmp_created)
if (mount_slave_mounted)
if (mount_slave_created)
return r;
}
MachineOperation *o = userdata;
int r;
assert(o);
o->pid = 0;
goto fail;
}
else
goto fail;
}
if (r < 0)
log_error_errno(r, "Failed to reply to message: %m");
return 0;
fail:
if (r < 0)
log_error_errno(r, "Failed to reply to message: %m");
return 0;
}
int bus_machine_method_copy(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *src, *dest, *host_path, *container_path, *host_basename, *host_dirname, *container_basename, *container_dirname;
MachineOperation *o;
bool copy_from;
char *t;
int r;
if (m->n_operations >= MACHINE_OPERATIONS_MAX)
if (m->class != MACHINE_CONTAINER)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Copying files is only supported on container machines.");
if (r < 0)
return r;
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path must be absolute and not contain ../.");
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Destination path must be absolute and not contain ../.");
"org.freedesktop.machine1.manage-machines",
false,
&m->manager->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
if (copy_from) {
} else {
}
host_dirname = dirname(t);
t = strdupa(container_path);
container_dirname = dirname(t);
if (r < 0)
if (child < 0)
if (child == 0) {
int containerfd;
const char *q;
int mntfd;
if (mntfd < 0) {
goto child_fail;
}
goto child_fail;
}
if (containerfd < 0) {
goto child_fail;
}
if (copy_from)
else
if (r < 0) {
r = log_error_errno(r, "Failed to copy tree: %m");
goto child_fail;
}
}
/* Copying might take a while, hence install a watch the
* child, and return */
if (!o)
return log_oom();
o->errno_fd = errno_pipe_fd[0];
errno_pipe_fd[0] = -1;
r = sd_event_add_child(m->manager->event, &o->event_source, child, WEXITED, machine_operation_done, o);
if (r < 0) {
return log_oom();
}
m->n_operations++;
o->machine = m;
return 1;
}
const sd_bus_vtable machine_vtable[] = {
BUS_PROPERTY_DUAL_TIMESTAMP("Timestamp", offsetof(Machine, timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("Scope", "s", NULL, offsetof(Machine, unit), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
SD_BUS_PROPERTY("Class", "s", property_get_class, offsetof(Machine, class), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("RootDirectory", "s", NULL, offsetof(Machine, root_directory), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_METHOD("GetAddresses", NULL, "a(iay)", bus_machine_method_get_addresses, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_machine_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("BindMount", "ssbb", NULL, bus_machine_method_bind_mount, SD_BUS_VTABLE_UNPRIVILEGED),
};
int machine_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
int r;
assert(m);
if (!message)
return 0;
if (r < 0)
return r;
if (r < 0)
return r;
if (r <= 0)
return 0;
} else {
_cleanup_free_ char *e = NULL;
const char *p;
if (!p)
return 0;
e = bus_label_unescape(p);
if (!e)
return -ENOMEM;
if (!machine)
return 0;
}
return 1;
}
char *machine_bus_path(Machine *m) {
_cleanup_free_ char *e = NULL;
assert(m);
e = bus_label_escape(m->name);
if (!e)
return NULL;
return strappend("/org/freedesktop/machine1/machine/", e);
}
int machine_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
_cleanup_strv_free_ char **l = NULL;
Iterator i;
int r;
char *p;
p = machine_bus_path(machine);
if (!p)
return -ENOMEM;
r = strv_consume(&l, p);
if (r < 0)
return r;
}
*nodes = l;
l = NULL;
return 1;
}
_cleanup_free_ char *p = NULL;
assert(m);
p = machine_bus_path(m);
if (!p)
return -ENOMEM;
return sd_bus_emit_signal(
"/org/freedesktop/machine1",
"org.freedesktop.machine1.Manager",
"so", m->name, p);
}
_cleanup_free_ char *p = NULL;
assert(m);
if (!m->create_message)
return 0;
c = m->create_message;
m->create_message = NULL;
if (error)
return sd_bus_reply_method_error(c, error);
/* Update the machine state file before we notify the client
* about the result. */
machine_save(m);
p = machine_bus_path(m);
if (!p)
return -ENOMEM;
return sd_bus_reply_method_return(c, "o", p);
}