]>
Commit | Line | Data |
---|---|---|
bcf3295d LP |
1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2013 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU Lesser General Public License as published by | |
10 | the Free Software Foundation; either version 2.1 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | Lesser General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU Lesser General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
07630cea LP |
22 | #include "sd-login.h" |
23 | ||
24 | #include "bus-internal.h" | |
b1d4f8e1 | 25 | #include "bus-xml-policy.h" |
07630cea | 26 | #include "conf-files.h" |
bcf3295d | 27 | #include "fileio.h" |
07630cea | 28 | #include "formats-util.h" |
7447362c | 29 | #include "set.h" |
07630cea LP |
30 | #include "string-util.h" |
31 | #include "strv.h" | |
b1d4f8e1 | 32 | #include "user-util.h" |
07630cea | 33 | #include "xml.h" |
bcf3295d LP |
34 | |
35 | static void policy_item_free(PolicyItem *i) { | |
36 | assert(i); | |
37 | ||
38 | free(i->interface); | |
39 | free(i->member); | |
40 | free(i->error); | |
41 | free(i->name); | |
42 | free(i->path); | |
43 | free(i); | |
44 | } | |
45 | ||
46 | DEFINE_TRIVIAL_CLEANUP_FUNC(PolicyItem*, policy_item_free); | |
47 | ||
e7eb49db DM |
48 | static void item_append(PolicyItem *i, PolicyItem **list) { |
49 | ||
50 | PolicyItem *tail; | |
51 | ||
52 | LIST_FIND_TAIL(items, *list, tail); | |
53 | LIST_INSERT_AFTER(items, *list, tail, i); | |
54 | } | |
55 | ||
bcf3295d LP |
56 | static int file_load(Policy *p, const char *path) { |
57 | ||
58 | _cleanup_free_ char *c = NULL, *policy_user = NULL, *policy_group = NULL; | |
59 | _cleanup_(policy_item_freep) PolicyItem *i = NULL; | |
60 | void *xml_state = NULL; | |
61 | unsigned n_other = 0; | |
62 | const char *q; | |
63 | int r; | |
64 | ||
65 | enum { | |
66 | STATE_OUTSIDE, | |
67 | STATE_BUSCONFIG, | |
68 | STATE_POLICY, | |
69 | STATE_POLICY_CONTEXT, | |
87b93496 | 70 | STATE_POLICY_CONSOLE, |
bcf3295d LP |
71 | STATE_POLICY_USER, |
72 | STATE_POLICY_GROUP, | |
73 | STATE_POLICY_OTHER_ATTRIBUTE, | |
74 | STATE_ALLOW_DENY, | |
75 | STATE_ALLOW_DENY_INTERFACE, | |
76 | STATE_ALLOW_DENY_MEMBER, | |
77 | STATE_ALLOW_DENY_ERROR, | |
78 | STATE_ALLOW_DENY_PATH, | |
79 | STATE_ALLOW_DENY_MESSAGE_TYPE, | |
80 | STATE_ALLOW_DENY_NAME, | |
81 | STATE_ALLOW_DENY_OTHER_ATTRIBUTE, | |
82 | STATE_OTHER, | |
83 | } state = STATE_OUTSIDE; | |
84 | ||
85 | enum { | |
86 | POLICY_CATEGORY_NONE, | |
87 | POLICY_CATEGORY_DEFAULT, | |
88 | POLICY_CATEGORY_MANDATORY, | |
87b93496 DH |
89 | POLICY_CATEGORY_ON_CONSOLE, |
90 | POLICY_CATEGORY_NO_CONSOLE, | |
bcf3295d LP |
91 | POLICY_CATEGORY_USER, |
92 | POLICY_CATEGORY_GROUP | |
93 | } policy_category = POLICY_CATEGORY_NONE; | |
94 | ||
95 | unsigned line = 0; | |
96 | ||
97 | assert(p); | |
98 | ||
99 | r = read_full_file(path, &c, NULL); | |
100 | if (r < 0) { | |
101 | if (r == -ENOENT) | |
102 | return 0; | |
2e2b3608 LP |
103 | if (r == -EISDIR) |
104 | return r; | |
bcf3295d | 105 | |
23bbb0de | 106 | return log_error_errno(r, "Failed to load %s: %m", path); |
bcf3295d LP |
107 | } |
108 | ||
109 | q = c; | |
110 | for (;;) { | |
111 | _cleanup_free_ char *name = NULL; | |
112 | int t; | |
113 | ||
114 | t = xml_tokenize(&q, &name, &xml_state, &line); | |
23bbb0de MS |
115 | if (t < 0) |
116 | return log_error_errno(t, "XML parse failure in %s: %m", path); | |
bcf3295d LP |
117 | |
118 | switch (state) { | |
119 | ||
120 | case STATE_OUTSIDE: | |
121 | ||
122 | if (t == XML_TAG_OPEN) { | |
123 | if (streq(name, "busconfig")) | |
124 | state = STATE_BUSCONFIG; | |
125 | else { | |
126 | log_error("Unexpected tag %s at %s:%u.", name, path, line); | |
127 | return -EINVAL; | |
128 | } | |
129 | ||
130 | } else if (t == XML_END) | |
131 | return 0; | |
132 | else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) { | |
133 | log_error("Unexpected token (1) at %s:%u.", path, line); | |
134 | return -EINVAL; | |
135 | } | |
136 | ||
137 | break; | |
138 | ||
139 | case STATE_BUSCONFIG: | |
140 | ||
141 | if (t == XML_TAG_OPEN) { | |
142 | if (streq(name, "policy")) { | |
143 | state = STATE_POLICY; | |
144 | policy_category = POLICY_CATEGORY_NONE; | |
145 | free(policy_user); | |
146 | free(policy_group); | |
147 | policy_user = policy_group = NULL; | |
148 | } else { | |
149 | state = STATE_OTHER; | |
150 | n_other = 0; | |
151 | } | |
152 | } else if (t == XML_TAG_CLOSE_EMPTY || | |
153 | (t == XML_TAG_CLOSE && streq(name, "busconfig"))) | |
154 | state = STATE_OUTSIDE; | |
155 | else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) { | |
156 | log_error("Unexpected token (2) at %s:%u.", path, line); | |
157 | return -EINVAL; | |
158 | } | |
159 | ||
160 | break; | |
161 | ||
162 | case STATE_POLICY: | |
163 | ||
164 | if (t == XML_ATTRIBUTE_NAME) { | |
165 | if (streq(name, "context")) | |
166 | state = STATE_POLICY_CONTEXT; | |
87b93496 DH |
167 | else if (streq(name, "at_console")) |
168 | state = STATE_POLICY_CONSOLE; | |
bcf3295d LP |
169 | else if (streq(name, "user")) |
170 | state = STATE_POLICY_USER; | |
171 | else if (streq(name, "group")) | |
172 | state = STATE_POLICY_GROUP; | |
173 | else { | |
87b93496 | 174 | log_warning("Attribute %s of <policy> tag unknown at %s:%u, ignoring.", name, path, line); |
bcf3295d LP |
175 | state = STATE_POLICY_OTHER_ATTRIBUTE; |
176 | } | |
177 | } else if (t == XML_TAG_CLOSE_EMPTY || | |
178 | (t == XML_TAG_CLOSE && streq(name, "policy"))) | |
179 | state = STATE_BUSCONFIG; | |
180 | else if (t == XML_TAG_OPEN) { | |
181 | PolicyItemType it; | |
182 | ||
183 | if (streq(name, "allow")) | |
184 | it = POLICY_ITEM_ALLOW; | |
185 | else if (streq(name, "deny")) | |
186 | it = POLICY_ITEM_DENY; | |
187 | else { | |
188 | log_warning("Unknown tag %s in <policy> %s:%u.", name, path, line); | |
189 | return -EINVAL; | |
190 | } | |
191 | ||
192 | assert(!i); | |
193 | i = new0(PolicyItem, 1); | |
194 | if (!i) | |
195 | return log_oom(); | |
196 | ||
197 | i->type = it; | |
198 | state = STATE_ALLOW_DENY; | |
199 | ||
200 | } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) { | |
201 | log_error("Unexpected token (3) at %s:%u.", path, line); | |
202 | return -EINVAL; | |
203 | } | |
204 | ||
205 | break; | |
206 | ||
207 | case STATE_POLICY_CONTEXT: | |
208 | ||
209 | if (t == XML_ATTRIBUTE_VALUE) { | |
210 | if (streq(name, "default")) { | |
211 | policy_category = POLICY_CATEGORY_DEFAULT; | |
212 | state = STATE_POLICY; | |
213 | } else if (streq(name, "mandatory")) { | |
214 | policy_category = POLICY_CATEGORY_MANDATORY; | |
215 | state = STATE_POLICY; | |
216 | } else { | |
217 | log_error("context= parameter %s unknown for <policy> at %s:%u.", name, path, line); | |
218 | return -EINVAL; | |
219 | } | |
220 | } else { | |
221 | log_error("Unexpected token (4) at %s:%u.", path, line); | |
222 | return -EINVAL; | |
223 | } | |
224 | ||
225 | break; | |
226 | ||
87b93496 DH |
227 | case STATE_POLICY_CONSOLE: |
228 | ||
229 | if (t == XML_ATTRIBUTE_VALUE) { | |
230 | if (streq(name, "true")) { | |
231 | policy_category = POLICY_CATEGORY_ON_CONSOLE; | |
232 | state = STATE_POLICY; | |
233 | } else if (streq(name, "false")) { | |
234 | policy_category = POLICY_CATEGORY_NO_CONSOLE; | |
235 | state = STATE_POLICY; | |
236 | } else { | |
237 | log_error("at_console= parameter %s unknown for <policy> at %s:%u.", name, path, line); | |
238 | return -EINVAL; | |
239 | } | |
240 | } else { | |
241 | log_error("Unexpected token (4.1) at %s:%u.", path, line); | |
242 | return -EINVAL; | |
243 | } | |
244 | ||
245 | break; | |
246 | ||
bcf3295d LP |
247 | case STATE_POLICY_USER: |
248 | ||
249 | if (t == XML_ATTRIBUTE_VALUE) { | |
250 | free(policy_user); | |
251 | policy_user = name; | |
252 | name = NULL; | |
44574303 | 253 | policy_category = POLICY_CATEGORY_USER; |
bcf3295d LP |
254 | state = STATE_POLICY; |
255 | } else { | |
256 | log_error("Unexpected token (5) in %s:%u.", path, line); | |
257 | return -EINVAL; | |
258 | } | |
259 | ||
260 | break; | |
261 | ||
262 | case STATE_POLICY_GROUP: | |
263 | ||
264 | if (t == XML_ATTRIBUTE_VALUE) { | |
265 | free(policy_group); | |
266 | policy_group = name; | |
267 | name = NULL; | |
44574303 | 268 | policy_category = POLICY_CATEGORY_GROUP; |
bcf3295d LP |
269 | state = STATE_POLICY; |
270 | } else { | |
271 | log_error("Unexpected token (6) at %s:%u.", path, line); | |
272 | return -EINVAL; | |
273 | } | |
274 | ||
275 | break; | |
276 | ||
277 | case STATE_POLICY_OTHER_ATTRIBUTE: | |
278 | ||
279 | if (t == XML_ATTRIBUTE_VALUE) | |
280 | state = STATE_POLICY; | |
281 | else { | |
282 | log_error("Unexpected token (7) in %s:%u.", path, line); | |
283 | return -EINVAL; | |
284 | } | |
285 | ||
286 | break; | |
287 | ||
288 | case STATE_ALLOW_DENY: | |
289 | ||
290 | assert(i); | |
291 | ||
292 | if (t == XML_ATTRIBUTE_NAME) { | |
293 | PolicyItemClass ic; | |
294 | ||
295 | if (startswith(name, "send_")) | |
296 | ic = POLICY_ITEM_SEND; | |
297 | else if (startswith(name, "receive_")) | |
298 | ic = POLICY_ITEM_RECV; | |
299 | else if (streq(name, "own")) | |
300 | ic = POLICY_ITEM_OWN; | |
301 | else if (streq(name, "own_prefix")) | |
302 | ic = POLICY_ITEM_OWN_PREFIX; | |
303 | else if (streq(name, "user")) | |
304 | ic = POLICY_ITEM_USER; | |
305 | else if (streq(name, "group")) | |
306 | ic = POLICY_ITEM_GROUP; | |
b9191d7a | 307 | else if (STR_IN_SET(name, "eavesdrop", "log")) { |
ba98e746 | 308 | log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line); |
ba98e746 | 309 | state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE; |
a2be9e04 | 310 | break; |
ba98e746 | 311 | } else { |
bcf3295d LP |
312 | log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line); |
313 | state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE; | |
314 | break; | |
315 | } | |
316 | ||
317 | if (i->class != _POLICY_ITEM_CLASS_UNSET && ic != i->class) { | |
fe21f167 | 318 | log_error("send_, receive_/eavesdrop fields mixed on same tag at %s:%u.", path, line); |
bcf3295d LP |
319 | return -EINVAL; |
320 | } | |
321 | ||
322 | i->class = ic; | |
323 | ||
324 | if (ic == POLICY_ITEM_SEND || ic == POLICY_ITEM_RECV) { | |
325 | const char *u; | |
326 | ||
327 | u = strchr(name, '_'); | |
328 | assert(u); | |
329 | ||
330 | u++; | |
331 | ||
332 | if (streq(u, "interface")) | |
333 | state = STATE_ALLOW_DENY_INTERFACE; | |
334 | else if (streq(u, "member")) | |
335 | state = STATE_ALLOW_DENY_MEMBER; | |
336 | else if (streq(u, "error")) | |
337 | state = STATE_ALLOW_DENY_ERROR; | |
338 | else if (streq(u, "path")) | |
339 | state = STATE_ALLOW_DENY_PATH; | |
340 | else if (streq(u, "type")) | |
341 | state = STATE_ALLOW_DENY_MESSAGE_TYPE; | |
342 | else if ((streq(u, "destination") && ic == POLICY_ITEM_SEND) || | |
343 | (streq(u, "sender") && ic == POLICY_ITEM_RECV)) | |
344 | state = STATE_ALLOW_DENY_NAME; | |
345 | else { | |
ba98e746 KS |
346 | if (streq(u, "requested_reply")) |
347 | log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line); | |
348 | else | |
349 | log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line); | |
bcf3295d LP |
350 | state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE; |
351 | break; | |
352 | } | |
353 | } else | |
354 | state = STATE_ALLOW_DENY_NAME; | |
355 | ||
356 | } else if (t == XML_TAG_CLOSE_EMPTY || | |
357 | (t == XML_TAG_CLOSE && streq(name, i->type == POLICY_ITEM_ALLOW ? "allow" : "deny"))) { | |
358 | ||
a2be9e04 KS |
359 | /* If the tag is fully empty so far, we consider it a recv */ |
360 | if (i->class == _POLICY_ITEM_CLASS_UNSET) | |
361 | i->class = POLICY_ITEM_RECV; | |
bcf3295d LP |
362 | |
363 | if (policy_category == POLICY_CATEGORY_DEFAULT) | |
e7eb49db | 364 | item_append(i, &p->default_items); |
bcf3295d | 365 | else if (policy_category == POLICY_CATEGORY_MANDATORY) |
e7eb49db | 366 | item_append(i, &p->mandatory_items); |
87b93496 DH |
367 | else if (policy_category == POLICY_CATEGORY_ON_CONSOLE) |
368 | item_append(i, &p->on_console_items); | |
369 | else if (policy_category == POLICY_CATEGORY_NO_CONSOLE) | |
370 | item_append(i, &p->no_console_items); | |
bcf3295d | 371 | else if (policy_category == POLICY_CATEGORY_USER) { |
13f8b8cb | 372 | const char *u = policy_user; |
bcf3295d LP |
373 | |
374 | assert_cc(sizeof(uid_t) == sizeof(uint32_t)); | |
375 | ||
d5099efc | 376 | r = hashmap_ensure_allocated(&p->user_items, NULL); |
bcf3295d LP |
377 | if (r < 0) |
378 | return log_oom(); | |
379 | ||
13f8b8cb LP |
380 | if (!u) { |
381 | log_error("User policy without name"); | |
382 | return -EINVAL; | |
383 | } | |
bcf3295d | 384 | |
13f8b8cb | 385 | r = get_user_creds(&u, &i->uid, NULL, NULL, NULL); |
bcf3295d | 386 | if (r < 0) { |
da927ba9 | 387 | log_error_errno(r, "Failed to resolve user %s, ignoring policy: %m", u); |
13f8b8cb LP |
388 | free(i); |
389 | } else { | |
390 | PolicyItem *first; | |
391 | ||
392 | first = hashmap_get(p->user_items, UINT32_TO_PTR(i->uid)); | |
e7eb49db | 393 | item_append(i, &first); |
c3502b59 | 394 | i->uid_valid = true; |
13f8b8cb LP |
395 | |
396 | r = hashmap_replace(p->user_items, UINT32_TO_PTR(i->uid), first); | |
397 | if (r < 0) { | |
398 | LIST_REMOVE(items, first, i); | |
399 | return log_oom(); | |
400 | } | |
bcf3295d | 401 | } |
13f8b8cb | 402 | |
bcf3295d | 403 | } else if (policy_category == POLICY_CATEGORY_GROUP) { |
13f8b8cb | 404 | const char *g = policy_group; |
bcf3295d LP |
405 | |
406 | assert_cc(sizeof(gid_t) == sizeof(uint32_t)); | |
407 | ||
d5099efc | 408 | r = hashmap_ensure_allocated(&p->group_items, NULL); |
bcf3295d LP |
409 | if (r < 0) |
410 | return log_oom(); | |
411 | ||
13f8b8cb LP |
412 | if (!g) { |
413 | log_error("Group policy without name"); | |
414 | return -EINVAL; | |
415 | } | |
bcf3295d | 416 | |
13f8b8cb | 417 | r = get_group_creds(&g, &i->gid); |
bcf3295d | 418 | if (r < 0) { |
da927ba9 | 419 | log_error_errno(r, "Failed to resolve group %s, ignoring policy: %m", g); |
13f8b8cb LP |
420 | free(i); |
421 | } else { | |
422 | PolicyItem *first; | |
423 | ||
424 | first = hashmap_get(p->group_items, UINT32_TO_PTR(i->gid)); | |
e7eb49db | 425 | item_append(i, &first); |
c3502b59 | 426 | i->gid_valid = true; |
13f8b8cb LP |
427 | |
428 | r = hashmap_replace(p->group_items, UINT32_TO_PTR(i->gid), first); | |
429 | if (r < 0) { | |
430 | LIST_REMOVE(items, first, i); | |
431 | return log_oom(); | |
432 | } | |
bcf3295d LP |
433 | } |
434 | } | |
435 | ||
436 | state = STATE_POLICY; | |
437 | i = NULL; | |
438 | ||
439 | } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) { | |
440 | log_error("Unexpected token (8) at %s:%u.", path, line); | |
441 | return -EINVAL; | |
442 | } | |
443 | ||
444 | break; | |
445 | ||
446 | case STATE_ALLOW_DENY_INTERFACE: | |
447 | ||
448 | if (t == XML_ATTRIBUTE_VALUE) { | |
449 | assert(i); | |
450 | if (i->interface) { | |
451 | log_error("Duplicate interface at %s:%u.", path, line); | |
452 | return -EINVAL; | |
453 | } | |
454 | ||
585b46db LP |
455 | if (!streq(name, "*")) { |
456 | i->interface = name; | |
457 | name = NULL; | |
458 | } | |
bcf3295d LP |
459 | state = STATE_ALLOW_DENY; |
460 | } else { | |
461 | log_error("Unexpected token (9) at %s:%u.", path, line); | |
462 | return -EINVAL; | |
463 | } | |
464 | ||
465 | break; | |
466 | ||
467 | case STATE_ALLOW_DENY_MEMBER: | |
468 | ||
469 | if (t == XML_ATTRIBUTE_VALUE) { | |
470 | assert(i); | |
471 | if (i->member) { | |
472 | log_error("Duplicate member in %s:%u.", path, line); | |
473 | return -EINVAL; | |
474 | } | |
475 | ||
585b46db LP |
476 | if (!streq(name, "*")) { |
477 | i->member = name; | |
478 | name = NULL; | |
479 | } | |
bcf3295d LP |
480 | state = STATE_ALLOW_DENY; |
481 | } else { | |
482 | log_error("Unexpected token (10) in %s:%u.", path, line); | |
483 | return -EINVAL; | |
484 | } | |
485 | ||
486 | break; | |
487 | ||
488 | case STATE_ALLOW_DENY_ERROR: | |
489 | ||
490 | if (t == XML_ATTRIBUTE_VALUE) { | |
491 | assert(i); | |
492 | if (i->error) { | |
493 | log_error("Duplicate error in %s:%u.", path, line); | |
494 | return -EINVAL; | |
495 | } | |
496 | ||
585b46db LP |
497 | if (!streq(name, "*")) { |
498 | i->error = name; | |
499 | name = NULL; | |
500 | } | |
bcf3295d LP |
501 | state = STATE_ALLOW_DENY; |
502 | } else { | |
503 | log_error("Unexpected token (11) in %s:%u.", path, line); | |
504 | return -EINVAL; | |
505 | } | |
506 | ||
507 | break; | |
508 | ||
509 | case STATE_ALLOW_DENY_PATH: | |
510 | ||
511 | if (t == XML_ATTRIBUTE_VALUE) { | |
512 | assert(i); | |
513 | if (i->path) { | |
514 | log_error("Duplicate path in %s:%u.", path, line); | |
515 | return -EINVAL; | |
516 | } | |
517 | ||
585b46db LP |
518 | if (!streq(name, "*")) { |
519 | i->path = name; | |
520 | name = NULL; | |
521 | } | |
bcf3295d LP |
522 | state = STATE_ALLOW_DENY; |
523 | } else { | |
524 | log_error("Unexpected token (12) in %s:%u.", path, line); | |
525 | return -EINVAL; | |
526 | } | |
527 | ||
528 | break; | |
529 | ||
530 | case STATE_ALLOW_DENY_MESSAGE_TYPE: | |
531 | ||
532 | if (t == XML_ATTRIBUTE_VALUE) { | |
533 | assert(i); | |
534 | ||
535 | if (i->message_type != 0) { | |
536 | log_error("Duplicate message type in %s:%u.", path, line); | |
537 | return -EINVAL; | |
538 | } | |
539 | ||
585b46db LP |
540 | if (!streq(name, "*")) { |
541 | r = bus_message_type_from_string(name, &i->message_type); | |
542 | if (r < 0) { | |
543 | log_error("Invalid message type in %s:%u.", path, line); | |
544 | return -EINVAL; | |
545 | } | |
bcf3295d LP |
546 | } |
547 | ||
548 | state = STATE_ALLOW_DENY; | |
549 | } else { | |
550 | log_error("Unexpected token (13) in %s:%u.", path, line); | |
551 | return -EINVAL; | |
552 | } | |
553 | ||
554 | break; | |
555 | ||
556 | case STATE_ALLOW_DENY_NAME: | |
557 | ||
558 | if (t == XML_ATTRIBUTE_VALUE) { | |
559 | assert(i); | |
560 | if (i->name) { | |
561 | log_error("Duplicate name in %s:%u.", path, line); | |
562 | return -EINVAL; | |
563 | } | |
564 | ||
9eacea6b DM |
565 | switch (i->class) { |
566 | case POLICY_ITEM_USER: | |
567 | if (!streq(name, "*")) { | |
568 | const char *u = name; | |
569 | ||
570 | r = get_user_creds(&u, &i->uid, NULL, NULL, NULL); | |
571 | if (r < 0) | |
da927ba9 | 572 | log_error_errno(r, "Failed to resolve user %s: %m", name); |
9eacea6b DM |
573 | else |
574 | i->uid_valid = true; | |
575 | } | |
576 | break; | |
577 | case POLICY_ITEM_GROUP: | |
578 | if (!streq(name, "*")) { | |
579 | const char *g = name; | |
580 | ||
581 | r = get_group_creds(&g, &i->gid); | |
582 | if (r < 0) | |
da927ba9 | 583 | log_error_errno(r, "Failed to resolve group %s: %m", name); |
9eacea6b DM |
584 | else |
585 | i->gid_valid = true; | |
586 | } | |
587 | break; | |
585b46db LP |
588 | |
589 | case POLICY_ITEM_SEND: | |
590 | case POLICY_ITEM_RECV: | |
591 | ||
97b11eed DH |
592 | if (streq(name, "*")) |
593 | name = mfree(name); | |
585b46db LP |
594 | break; |
595 | ||
596 | ||
9eacea6b DM |
597 | default: |
598 | break; | |
599 | } | |
600 | ||
bcf3295d LP |
601 | i->name = name; |
602 | name = NULL; | |
9eacea6b | 603 | |
bcf3295d LP |
604 | state = STATE_ALLOW_DENY; |
605 | } else { | |
606 | log_error("Unexpected token (14) in %s:%u.", path, line); | |
607 | return -EINVAL; | |
608 | } | |
609 | ||
610 | break; | |
611 | ||
612 | case STATE_ALLOW_DENY_OTHER_ATTRIBUTE: | |
613 | ||
614 | if (t == XML_ATTRIBUTE_VALUE) | |
615 | state = STATE_ALLOW_DENY; | |
616 | else { | |
617 | log_error("Unexpected token (15) in %s:%u.", path, line); | |
618 | return -EINVAL; | |
619 | } | |
620 | ||
621 | break; | |
622 | ||
623 | case STATE_OTHER: | |
624 | ||
625 | if (t == XML_TAG_OPEN) | |
626 | n_other++; | |
627 | else if (t == XML_TAG_CLOSE || t == XML_TAG_CLOSE_EMPTY) { | |
628 | ||
629 | if (n_other == 0) | |
630 | state = STATE_BUSCONFIG; | |
631 | else | |
632 | n_other--; | |
633 | } | |
634 | ||
635 | break; | |
636 | } | |
637 | } | |
638 | } | |
639 | ||
38349552 | 640 | enum { |
78f9b196 | 641 | DENY, |
38349552 DM |
642 | ALLOW, |
643 | DUNNO, | |
38349552 DM |
644 | }; |
645 | ||
78f9b196 LP |
646 | static const char *verdict_to_string(int v) { |
647 | switch (v) { | |
648 | ||
649 | case DENY: | |
650 | return "DENY"; | |
651 | case ALLOW: | |
652 | return "ALLOW"; | |
653 | case DUNNO: | |
654 | return "DUNNO"; | |
655 | } | |
656 | ||
657 | return NULL; | |
658 | } | |
659 | ||
078ef7b8 | 660 | struct policy_check_filter { |
3a9cca11 | 661 | PolicyItemClass class; |
78f9b196 LP |
662 | uid_t uid; |
663 | gid_t gid; | |
078ef7b8 | 664 | int message_type; |
d46fbfb4 | 665 | const char *name; |
078ef7b8 DM |
666 | const char *interface; |
667 | const char *path; | |
d46fbfb4 | 668 | const char *member; |
078ef7b8 DM |
669 | }; |
670 | ||
38349552 DM |
671 | static int is_permissive(PolicyItem *i) { |
672 | ||
94a2c2f6 TG |
673 | assert(i); |
674 | ||
38349552 DM |
675 | return (i->type == POLICY_ITEM_ALLOW) ? ALLOW : DENY; |
676 | } | |
677 | ||
078ef7b8 | 678 | static int check_policy_item(PolicyItem *i, const struct policy_check_filter *filter) { |
38349552 | 679 | |
94a2c2f6 TG |
680 | assert(i); |
681 | assert(filter); | |
682 | ||
38349552 DM |
683 | switch (i->class) { |
684 | case POLICY_ITEM_SEND: | |
38349552 | 685 | case POLICY_ITEM_RECV: |
078ef7b8 | 686 | |
d46fbfb4 DM |
687 | if (i->name && !streq_ptr(i->name, filter->name)) |
688 | break; | |
078ef7b8 | 689 | |
278ebf8d | 690 | if ((i->message_type != 0) && (i->message_type != filter->message_type)) |
078ef7b8 DM |
691 | break; |
692 | ||
693 | if (i->path && !streq_ptr(i->path, filter->path)) | |
694 | break; | |
695 | ||
696 | if (i->member && !streq_ptr(i->member, filter->member)) | |
697 | break; | |
698 | ||
699 | if (i->interface && !streq_ptr(i->interface, filter->interface)) | |
700 | break; | |
701 | ||
702 | return is_permissive(i); | |
38349552 DM |
703 | |
704 | case POLICY_ITEM_OWN: | |
d46fbfb4 | 705 | assert(filter->name); |
94a2c2f6 | 706 | |
e91c8c20 | 707 | if (streq(i->name, "*") || streq(i->name, filter->name)) |
38349552 DM |
708 | return is_permissive(i); |
709 | break; | |
710 | ||
711 | case POLICY_ITEM_OWN_PREFIX: | |
d46fbfb4 | 712 | assert(filter->name); |
94a2c2f6 | 713 | |
3a9cca11 | 714 | if (streq(i->name, "*") || service_name_startswith(filter->name, i->name)) |
38349552 DM |
715 | return is_permissive(i); |
716 | break; | |
717 | ||
718 | case POLICY_ITEM_USER: | |
fed1e721 | 719 | if (filter->uid != UID_INVALID) |
78f9b196 LP |
720 | if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->uid))) |
721 | return is_permissive(i); | |
38349552 DM |
722 | break; |
723 | ||
724 | case POLICY_ITEM_GROUP: | |
fed1e721 | 725 | if (filter->gid != GID_INVALID) |
78f9b196 LP |
726 | if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->gid))) |
727 | return is_permissive(i); | |
38349552 DM |
728 | break; |
729 | ||
730 | case POLICY_ITEM_IGNORE: | |
731 | default: | |
732 | break; | |
733 | } | |
734 | ||
735 | return DUNNO; | |
736 | } | |
737 | ||
078ef7b8 | 738 | static int check_policy_items(PolicyItem *items, const struct policy_check_filter *filter) { |
38349552 DM |
739 | |
740 | PolicyItem *i; | |
78f9b196 | 741 | int verdict = DUNNO; |
38349552 | 742 | |
94a2c2f6 TG |
743 | assert(filter); |
744 | ||
38349552 DM |
745 | /* Check all policies in a set - a broader one might be followed by a more specific one, |
746 | * and the order of rules in policy definitions matters */ | |
747 | LIST_FOREACH(items, i, items) { | |
78f9b196 LP |
748 | int v; |
749 | ||
3a9cca11 | 750 | if (i->class != filter->class && |
278ebf8d | 751 | !(i->class == POLICY_ITEM_OWN_PREFIX && filter->class == POLICY_ITEM_OWN)) |
078ef7b8 DM |
752 | continue; |
753 | ||
78f9b196 LP |
754 | v = check_policy_item(i, filter); |
755 | if (v != DUNNO) | |
756 | verdict = v; | |
38349552 DM |
757 | } |
758 | ||
78f9b196 | 759 | return verdict; |
38349552 DM |
760 | } |
761 | ||
078ef7b8 | 762 | static int policy_check(Policy *p, const struct policy_check_filter *filter) { |
38349552 DM |
763 | |
764 | PolicyItem *items; | |
78f9b196 | 765 | int verdict, v; |
38349552 | 766 | |
94a2c2f6 TG |
767 | assert(p); |
768 | assert(filter); | |
769 | ||
278ebf8d LP |
770 | assert(IN_SET(filter->class, POLICY_ITEM_SEND, POLICY_ITEM_RECV, POLICY_ITEM_OWN, POLICY_ITEM_USER, POLICY_ITEM_GROUP)); |
771 | ||
38349552 DM |
772 | /* |
773 | * The policy check is implemented by the following logic: | |
774 | * | |
78f9b196 LP |
775 | * 1. Check default items |
776 | * 2. Check group items | |
777 | * 3. Check user items | |
87b93496 DH |
778 | * 4. Check on/no_console items |
779 | * 5. Check mandatory items | |
78f9b196 LP |
780 | * |
781 | * Later rules override earlier rules. | |
38349552 DM |
782 | */ |
783 | ||
78f9b196 | 784 | verdict = check_policy_items(p->default_items, filter); |
38349552 | 785 | |
fed1e721 | 786 | if (filter->gid != GID_INVALID) { |
78f9b196 | 787 | items = hashmap_get(p->group_items, UINT32_TO_PTR(filter->gid)); |
38349552 | 788 | if (items) { |
78f9b196 LP |
789 | v = check_policy_items(items, filter); |
790 | if (v != DUNNO) | |
791 | verdict = v; | |
38349552 | 792 | } |
78f9b196 | 793 | } |
38349552 | 794 | |
fed1e721 | 795 | if (filter->uid != UID_INVALID) { |
78f9b196 | 796 | items = hashmap_get(p->user_items, UINT32_TO_PTR(filter->uid)); |
38349552 | 797 | if (items) { |
78f9b196 LP |
798 | v = check_policy_items(items, filter); |
799 | if (v != DUNNO) | |
800 | verdict = v; | |
38349552 DM |
801 | } |
802 | } | |
803 | ||
87b93496 DH |
804 | if (filter->uid != UID_INVALID && sd_uid_get_seats(filter->uid, -1, NULL) > 0) |
805 | v = check_policy_items(p->on_console_items, filter); | |
806 | else | |
807 | v = check_policy_items(p->no_console_items, filter); | |
808 | if (v != DUNNO) | |
809 | verdict = v; | |
810 | ||
78f9b196 LP |
811 | v = check_policy_items(p->mandatory_items, filter); |
812 | if (v != DUNNO) | |
813 | verdict = v; | |
814 | ||
815 | return verdict; | |
078ef7b8 DM |
816 | } |
817 | ||
78f9b196 | 818 | bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name) { |
078ef7b8 DM |
819 | |
820 | struct policy_check_filter filter = { | |
e91c8c20 | 821 | .class = POLICY_ITEM_OWN, |
78f9b196 LP |
822 | .uid = uid, |
823 | .gid = gid, | |
e91c8c20 | 824 | .name = name, |
078ef7b8 DM |
825 | }; |
826 | ||
78f9b196 LP |
827 | int verdict; |
828 | ||
829 | assert(p); | |
830 | assert(name); | |
831 | ||
832 | verdict = policy_check(p, &filter); | |
833 | ||
834 | log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG), | |
835 | "Ownership permission check for uid=" UID_FMT " gid=" GID_FMT" name=%s: %s", | |
836 | uid, gid, strna(name), strna(verdict_to_string(verdict))); | |
837 | ||
838 | return verdict == ALLOW; | |
078ef7b8 DM |
839 | } |
840 | ||
78f9b196 | 841 | bool policy_check_hello(Policy *p, uid_t uid, gid_t gid) { |
078ef7b8 DM |
842 | |
843 | struct policy_check_filter filter = { | |
78f9b196 LP |
844 | .uid = uid, |
845 | .gid = gid, | |
078ef7b8 | 846 | }; |
78f9b196 LP |
847 | int verdict; |
848 | ||
849 | assert(p); | |
078ef7b8 | 850 | |
e91c8c20 | 851 | filter.class = POLICY_ITEM_USER; |
78f9b196 LP |
852 | verdict = policy_check(p, &filter); |
853 | ||
854 | if (verdict != DENY) { | |
855 | int v; | |
078ef7b8 | 856 | |
78f9b196 LP |
857 | filter.class = POLICY_ITEM_GROUP; |
858 | v = policy_check(p, &filter); | |
859 | if (v != DUNNO) | |
860 | verdict = v; | |
861 | } | |
078ef7b8 | 862 | |
78f9b196 LP |
863 | log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG), |
864 | "Hello permission check for uid=" UID_FMT " gid=" GID_FMT": %s", | |
865 | uid, gid, strna(verdict_to_string(verdict))); | |
866 | ||
867 | return verdict == ALLOW; | |
078ef7b8 DM |
868 | } |
869 | ||
7447362c DH |
870 | bool policy_check_one_recv(Policy *p, |
871 | uid_t uid, | |
872 | gid_t gid, | |
873 | int message_type, | |
874 | const char *name, | |
875 | const char *path, | |
876 | const char *interface, | |
877 | const char *member) { | |
078ef7b8 DM |
878 | |
879 | struct policy_check_filter filter = { | |
880 | .class = POLICY_ITEM_RECV, | |
78f9b196 LP |
881 | .uid = uid, |
882 | .gid = gid, | |
078ef7b8 | 883 | .message_type = message_type, |
d46fbfb4 | 884 | .name = name, |
078ef7b8 DM |
885 | .interface = interface, |
886 | .path = path, | |
887 | .member = member, | |
888 | }; | |
889 | ||
78f9b196 LP |
890 | assert(p); |
891 | ||
7447362c | 892 | return policy_check(p, &filter) == ALLOW; |
078ef7b8 | 893 | } |
38349552 | 894 | |
7447362c | 895 | bool policy_check_recv(Policy *p, |
78f9b196 LP |
896 | uid_t uid, |
897 | gid_t gid, | |
078ef7b8 | 898 | int message_type, |
7447362c DH |
899 | Set *names, |
900 | char **namesv, | |
078ef7b8 DM |
901 | const char *path, |
902 | const char *interface, | |
b49c7806 DH |
903 | const char *member, |
904 | bool dbus_to_kernel) { | |
078ef7b8 | 905 | |
7447362c DH |
906 | char *n, **nv, *last = NULL; |
907 | bool allow = false; | |
908 | Iterator i; | |
909 | ||
910 | assert(p); | |
911 | ||
912 | if (set_isempty(names) && strv_isempty(namesv)) { | |
913 | allow = policy_check_one_recv(p, uid, gid, message_type, NULL, path, interface, member); | |
914 | } else { | |
915 | SET_FOREACH(n, names, i) { | |
916 | last = n; | |
917 | allow = policy_check_one_recv(p, uid, gid, message_type, n, path, interface, member); | |
918 | if (allow) | |
919 | break; | |
920 | } | |
921 | if (!allow) { | |
922 | STRV_FOREACH(nv, namesv) { | |
923 | last = *nv; | |
924 | allow = policy_check_one_recv(p, uid, gid, message_type, *nv, path, interface, member); | |
925 | if (allow) | |
926 | break; | |
927 | } | |
928 | } | |
929 | } | |
930 | ||
931 | log_full(LOG_AUTH | (!allow ? LOG_WARNING : LOG_DEBUG), | |
932 | "Receive permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s", | |
933 | dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(last), | |
934 | strna(path), strna(interface), strna(member), allow ? "ALLOW" : "DENY"); | |
935 | ||
936 | return allow; | |
937 | } | |
938 | ||
939 | bool policy_check_one_send(Policy *p, | |
940 | uid_t uid, | |
941 | gid_t gid, | |
942 | int message_type, | |
943 | const char *name, | |
944 | const char *path, | |
945 | const char *interface, | |
946 | const char *member) { | |
947 | ||
078ef7b8 DM |
948 | struct policy_check_filter filter = { |
949 | .class = POLICY_ITEM_SEND, | |
78f9b196 LP |
950 | .uid = uid, |
951 | .gid = gid, | |
078ef7b8 | 952 | .message_type = message_type, |
d46fbfb4 | 953 | .name = name, |
078ef7b8 DM |
954 | .interface = interface, |
955 | .path = path, | |
956 | .member = member, | |
957 | }; | |
958 | ||
7447362c DH |
959 | assert(p); |
960 | ||
961 | return policy_check(p, &filter) == ALLOW; | |
962 | } | |
963 | ||
964 | bool policy_check_send(Policy *p, | |
965 | uid_t uid, | |
966 | gid_t gid, | |
967 | int message_type, | |
968 | Set *names, | |
969 | char **namesv, | |
970 | const char *path, | |
971 | const char *interface, | |
972 | const char *member, | |
973 | bool dbus_to_kernel, | |
974 | char **out_used_name) { | |
975 | ||
976 | char *n, **nv, *last = NULL; | |
977 | bool allow = false; | |
978 | Iterator i; | |
78f9b196 LP |
979 | |
980 | assert(p); | |
981 | ||
7447362c DH |
982 | if (set_isempty(names) && strv_isempty(namesv)) { |
983 | allow = policy_check_one_send(p, uid, gid, message_type, NULL, path, interface, member); | |
984 | } else { | |
985 | SET_FOREACH(n, names, i) { | |
986 | last = n; | |
987 | allow = policy_check_one_send(p, uid, gid, message_type, n, path, interface, member); | |
988 | if (allow) | |
989 | break; | |
990 | } | |
991 | if (!allow) { | |
992 | STRV_FOREACH(nv, namesv) { | |
993 | last = *nv; | |
994 | allow = policy_check_one_send(p, uid, gid, message_type, *nv, path, interface, member); | |
995 | if (allow) | |
996 | break; | |
997 | } | |
998 | } | |
999 | } | |
78f9b196 | 1000 | |
7447362c DH |
1001 | if (out_used_name) |
1002 | *out_used_name = last; | |
1003 | ||
1004 | log_full(LOG_AUTH | (!allow ? LOG_WARNING : LOG_DEBUG), | |
b49c7806 | 1005 | "Send permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s", |
7447362c DH |
1006 | dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(last), |
1007 | strna(path), strna(interface), strna(member), allow ? "ALLOW" : "DENY"); | |
78f9b196 | 1008 | |
7447362c | 1009 | return allow; |
38349552 DM |
1010 | } |
1011 | ||
2e2b3608 | 1012 | int policy_load(Policy *p, char **files) { |
bcf3295d LP |
1013 | char **i; |
1014 | int r; | |
1015 | ||
1016 | assert(p); | |
1017 | ||
2e2b3608 | 1018 | STRV_FOREACH(i, files) { |
bcf3295d | 1019 | |
2e2b3608 LP |
1020 | r = file_load(p, *i); |
1021 | if (r == -EISDIR) { | |
1022 | _cleanup_strv_free_ char **l = NULL; | |
1023 | char **j; | |
1024 | ||
1025 | r = conf_files_list(&l, ".conf", NULL, *i, NULL); | |
23bbb0de MS |
1026 | if (r < 0) |
1027 | return log_error_errno(r, "Failed to get configuration file list: %m"); | |
2e2b3608 LP |
1028 | |
1029 | STRV_FOREACH(j, l) | |
1030 | file_load(p, *j); | |
1031 | } | |
bcf3295d | 1032 | |
2e2b3608 LP |
1033 | /* We ignore all errors but EISDIR, and just proceed. */ |
1034 | } | |
bcf3295d LP |
1035 | |
1036 | return 0; | |
1037 | } | |
1038 | ||
1039 | void policy_free(Policy *p) { | |
1040 | PolicyItem *i, *first; | |
1041 | ||
1042 | if (!p) | |
1043 | return; | |
1044 | ||
1045 | while ((i = p->default_items)) { | |
1046 | LIST_REMOVE(items, p->default_items, i); | |
1047 | policy_item_free(i); | |
1048 | } | |
1049 | ||
1050 | while ((i = p->mandatory_items)) { | |
1051 | LIST_REMOVE(items, p->mandatory_items, i); | |
1052 | policy_item_free(i); | |
1053 | } | |
1054 | ||
87b93496 DH |
1055 | while ((i = p->on_console_items)) { |
1056 | LIST_REMOVE(items, p->on_console_items, i); | |
1057 | policy_item_free(i); | |
1058 | } | |
1059 | ||
1060 | while ((i = p->no_console_items)) { | |
1061 | LIST_REMOVE(items, p->no_console_items, i); | |
1062 | policy_item_free(i); | |
1063 | } | |
1064 | ||
bcf3295d LP |
1065 | while ((first = hashmap_steal_first(p->user_items))) { |
1066 | ||
1067 | while ((i = first)) { | |
1068 | LIST_REMOVE(items, first, i); | |
1069 | policy_item_free(i); | |
1070 | } | |
bcf3295d LP |
1071 | } |
1072 | ||
1073 | while ((first = hashmap_steal_first(p->group_items))) { | |
1074 | ||
1075 | while ((i = first)) { | |
1076 | LIST_REMOVE(items, first, i); | |
1077 | policy_item_free(i); | |
1078 | } | |
bcf3295d LP |
1079 | } |
1080 | ||
1081 | hashmap_free(p->user_items); | |
1082 | hashmap_free(p->group_items); | |
1083 | ||
1084 | p->user_items = p->group_items = NULL; | |
1085 | } | |
1086 | ||
080edb34 | 1087 | static void dump_items(PolicyItem *items, const char *prefix) { |
bcf3295d | 1088 | |
080edb34 DM |
1089 | PolicyItem *i; |
1090 | ||
1091 | if (!items) | |
bcf3295d LP |
1092 | return; |
1093 | ||
13f8b8cb LP |
1094 | if (!prefix) |
1095 | prefix = ""; | |
1096 | ||
080edb34 | 1097 | LIST_FOREACH(items, i, items) { |
bcf3295d | 1098 | |
080edb34 DM |
1099 | printf("%sType: %s\n" |
1100 | "%sClass: %s\n", | |
1101 | prefix, policy_item_type_to_string(i->type), | |
1102 | prefix, policy_item_class_to_string(i->class)); | |
bcf3295d | 1103 | |
080edb34 DM |
1104 | if (i->interface) |
1105 | printf("%sInterface: %s\n", | |
1106 | prefix, i->interface); | |
bcf3295d | 1107 | |
080edb34 DM |
1108 | if (i->member) |
1109 | printf("%sMember: %s\n", | |
1110 | prefix, i->member); | |
bcf3295d | 1111 | |
080edb34 DM |
1112 | if (i->error) |
1113 | printf("%sError: %s\n", | |
1114 | prefix, i->error); | |
bcf3295d | 1115 | |
080edb34 DM |
1116 | if (i->path) |
1117 | printf("%sPath: %s\n", | |
1118 | prefix, i->path); | |
bcf3295d | 1119 | |
080edb34 DM |
1120 | if (i->name) |
1121 | printf("%sName: %s\n", | |
1122 | prefix, i->name); | |
bcf3295d | 1123 | |
080edb34 DM |
1124 | if (i->message_type != 0) |
1125 | printf("%sMessage Type: %s\n", | |
1126 | prefix, bus_message_type_to_string(i->message_type)); | |
bcf3295d | 1127 | |
080edb34 DM |
1128 | if (i->uid_valid) { |
1129 | _cleanup_free_ char *user; | |
bcf3295d | 1130 | |
080edb34 | 1131 | user = uid_to_name(i->uid); |
bcf3295d | 1132 | |
1fa2f38f | 1133 | printf("%sUser: %s ("UID_FMT")\n", |
ed91202f | 1134 | prefix, strna(user), i->uid); |
080edb34 | 1135 | } |
bcf3295d | 1136 | |
080edb34 DM |
1137 | if (i->gid_valid) { |
1138 | _cleanup_free_ char *group; | |
bcf3295d | 1139 | |
080edb34 | 1140 | group = gid_to_name(i->gid); |
bcf3295d | 1141 | |
1fa2f38f | 1142 | printf("%sGroup: %s ("GID_FMT")\n", |
ed91202f | 1143 | prefix, strna(group), i->gid); |
080edb34 | 1144 | } |
78f9b196 | 1145 | printf("%s-\n", prefix); |
bcf3295d LP |
1146 | } |
1147 | } | |
1148 | ||
1149 | static void dump_hashmap_items(Hashmap *h) { | |
1150 | PolicyItem *i; | |
1151 | Iterator j; | |
44574303 | 1152 | void *k; |
bcf3295d LP |
1153 | |
1154 | HASHMAP_FOREACH_KEY(i, k, h, j) { | |
13f8b8cb LP |
1155 | printf("\t%s Item for %u:\n", draw_special_char(DRAW_ARROW), PTR_TO_UINT(k)); |
1156 | dump_items(i, "\t\t"); | |
bcf3295d LP |
1157 | } |
1158 | } | |
1159 | ||
e42bb8d4 | 1160 | void policy_dump(Policy *p) { |
bcf3295d | 1161 | |
e76ae7ee | 1162 | printf("%s Default Items:\n", draw_special_char(DRAW_ARROW)); |
13f8b8cb | 1163 | dump_items(p->default_items, "\t"); |
bcf3295d | 1164 | |
e76ae7ee | 1165 | printf("%s Group Items:\n", draw_special_char(DRAW_ARROW)); |
bcf3295d LP |
1166 | dump_hashmap_items(p->group_items); |
1167 | ||
e76ae7ee | 1168 | printf("%s User Items:\n", draw_special_char(DRAW_ARROW)); |
bcf3295d | 1169 | dump_hashmap_items(p->user_items); |
13f8b8cb | 1170 | |
87b93496 DH |
1171 | printf("%s On-Console Items:\n", draw_special_char(DRAW_ARROW)); |
1172 | dump_items(p->on_console_items, "\t"); | |
1173 | ||
1174 | printf("%s No-Console Items:\n", draw_special_char(DRAW_ARROW)); | |
1175 | dump_items(p->no_console_items, "\t"); | |
1176 | ||
13f8b8cb LP |
1177 | printf("%s Mandatory Items:\n", draw_special_char(DRAW_ARROW)); |
1178 | dump_items(p->mandatory_items, "\t"); | |
48aae6d6 LP |
1179 | |
1180 | fflush(stdout); | |
bcf3295d LP |
1181 | } |
1182 | ||
c4bc1a84 DH |
1183 | int shared_policy_new(SharedPolicy **out) { |
1184 | SharedPolicy *sp; | |
1185 | int r; | |
1186 | ||
1187 | sp = new0(SharedPolicy, 1); | |
1188 | if (!sp) | |
1189 | return log_oom(); | |
1190 | ||
1191 | r = pthread_mutex_init(&sp->lock, NULL); | |
50e0d56c LP |
1192 | if (r != 0) { |
1193 | r = log_error_errno(r, "Cannot initialize shared policy mutex: %m"); | |
c4bc1a84 DH |
1194 | goto exit_free; |
1195 | } | |
1196 | ||
1197 | r = pthread_rwlock_init(&sp->rwlock, NULL); | |
50e0d56c LP |
1198 | if (r != 0) { |
1199 | r = log_error_errno(r, "Cannot initialize shared policy rwlock: %m"); | |
c4bc1a84 DH |
1200 | goto exit_mutex; |
1201 | } | |
1202 | ||
1203 | *out = sp; | |
1204 | sp = NULL; | |
1205 | return 0; | |
1206 | ||
1207 | /* pthread lock destruction is not fail-safe... meh! */ | |
1208 | exit_mutex: | |
1209 | pthread_mutex_destroy(&sp->lock); | |
1210 | exit_free: | |
1211 | free(sp); | |
1212 | return r; | |
1213 | } | |
1214 | ||
1215 | SharedPolicy *shared_policy_free(SharedPolicy *sp) { | |
1216 | if (!sp) | |
1217 | return NULL; | |
1218 | ||
1219 | policy_free(sp->policy); | |
1220 | pthread_rwlock_destroy(&sp->rwlock); | |
1221 | pthread_mutex_destroy(&sp->lock); | |
0d620e53 | 1222 | strv_free(sp->configuration); |
c4bc1a84 DH |
1223 | free(sp); |
1224 | ||
1225 | return NULL; | |
1226 | } | |
1227 | ||
1228 | static int shared_policy_reload_unlocked(SharedPolicy *sp, char **configuration) { | |
1229 | Policy old, buffer = {}; | |
1230 | bool free_old; | |
1231 | int r; | |
1232 | ||
1233 | assert(sp); | |
1234 | ||
1235 | r = policy_load(&buffer, configuration); | |
1236 | if (r < 0) | |
1237 | return log_error_errno(r, "Failed to load policy: %m"); | |
1238 | ||
0d620e53 | 1239 | log_debug("Reloading configuration"); |
c4bc1a84 DH |
1240 | /* policy_dump(&buffer); */ |
1241 | ||
1242 | pthread_rwlock_wrlock(&sp->rwlock); | |
1243 | memcpy(&old, &sp->buffer, sizeof(old)); | |
1244 | memcpy(&sp->buffer, &buffer, sizeof(buffer)); | |
1245 | free_old = !!sp->policy; | |
1246 | sp->policy = &sp->buffer; | |
1247 | pthread_rwlock_unlock(&sp->rwlock); | |
1248 | ||
1249 | if (free_old) | |
1250 | policy_free(&old); | |
1251 | ||
1252 | return 0; | |
1253 | } | |
1254 | ||
0d620e53 | 1255 | int shared_policy_reload(SharedPolicy *sp) { |
c4bc1a84 DH |
1256 | int r; |
1257 | ||
1258 | assert(sp); | |
1259 | ||
1260 | pthread_mutex_lock(&sp->lock); | |
0d620e53 | 1261 | r = shared_policy_reload_unlocked(sp, sp->configuration); |
c4bc1a84 DH |
1262 | pthread_mutex_unlock(&sp->lock); |
1263 | ||
1264 | return r; | |
1265 | } | |
1266 | ||
1267 | int shared_policy_preload(SharedPolicy *sp, char **configuration) { | |
0d620e53 DH |
1268 | _cleanup_strv_free_ char **conf = NULL; |
1269 | int r = 0; | |
c4bc1a84 DH |
1270 | |
1271 | assert(sp); | |
1272 | ||
0d620e53 DH |
1273 | conf = strv_copy(configuration); |
1274 | if (!conf) | |
1275 | return log_oom(); | |
1276 | ||
c4bc1a84 | 1277 | pthread_mutex_lock(&sp->lock); |
0d620e53 DH |
1278 | if (!sp->policy) { |
1279 | r = shared_policy_reload_unlocked(sp, conf); | |
1280 | if (r >= 0) { | |
1281 | sp->configuration = conf; | |
1282 | conf = NULL; | |
1283 | } | |
1284 | } | |
c4bc1a84 DH |
1285 | pthread_mutex_unlock(&sp->lock); |
1286 | ||
1287 | return r; | |
1288 | } | |
1289 | ||
1290 | Policy *shared_policy_acquire(SharedPolicy *sp) { | |
1291 | assert(sp); | |
1292 | ||
1293 | pthread_rwlock_rdlock(&sp->rwlock); | |
1294 | if (sp->policy) | |
1295 | return sp->policy; | |
1296 | pthread_rwlock_unlock(&sp->rwlock); | |
1297 | ||
1298 | return NULL; | |
1299 | } | |
1300 | ||
1301 | void shared_policy_release(SharedPolicy *sp, Policy *p) { | |
1302 | assert(sp); | |
1303 | assert(!p || sp->policy == p); | |
1304 | ||
1305 | if (p) | |
1306 | pthread_rwlock_unlock(&sp->rwlock); | |
1307 | } | |
1308 | ||
bcf3295d LP |
1309 | static const char* const policy_item_type_table[_POLICY_ITEM_TYPE_MAX] = { |
1310 | [_POLICY_ITEM_TYPE_UNSET] = "unset", | |
1311 | [POLICY_ITEM_ALLOW] = "allow", | |
1312 | [POLICY_ITEM_DENY] = "deny", | |
1313 | }; | |
1314 | DEFINE_STRING_TABLE_LOOKUP(policy_item_type, PolicyItemType); | |
1315 | ||
1316 | static const char* const policy_item_class_table[_POLICY_ITEM_CLASS_MAX] = { | |
1317 | [_POLICY_ITEM_CLASS_UNSET] = "unset", | |
1318 | [POLICY_ITEM_SEND] = "send", | |
1319 | [POLICY_ITEM_RECV] = "recv", | |
1320 | [POLICY_ITEM_OWN] = "own", | |
1321 | [POLICY_ITEM_OWN_PREFIX] = "own-prefix", | |
1322 | [POLICY_ITEM_USER] = "user", | |
1323 | [POLICY_ITEM_GROUP] = "group", | |
86bbe5bf | 1324 | [POLICY_ITEM_IGNORE] = "ignore", |
bcf3295d LP |
1325 | }; |
1326 | DEFINE_STRING_TABLE_LOOKUP(policy_item_class, PolicyItemClass); |