]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
6c12b52e | 2 | |
b5efdb8a | 3 | #include "alloc-util.h" |
96aad8d1 | 4 | #include "bus-common-errors.h" |
40af3d02 | 5 | #include "bus-get-properties.h" |
4ac08d8a | 6 | #include "bus-util.h" |
1d22e906 LP |
7 | #include "dbus-cgroup.h" |
8 | #include "dbus-kill.h" | |
5fa09835 | 9 | #include "dbus-manager.h" |
1d22e906 | 10 | #include "dbus-scope.h" |
b5efdb8a | 11 | #include "dbus-unit.h" |
0fb0fffa | 12 | #include "dbus-util.h" |
b5efdb8a LP |
13 | #include "dbus.h" |
14 | #include "scope.h" | |
15 | #include "selinux-access.h" | |
16 | #include "unit.h" | |
6c12b52e | 17 | |
c20076a8 | 18 | int bus_scope_method_abandon(sd_bus_message *message, void *userdata, sd_bus_error *error) { |
99534007 | 19 | Scope *s = ASSERT_PTR(userdata); |
4e2f8d27 | 20 | int r; |
a911bb9a | 21 | |
a911bb9a | 22 | assert(message); |
a911bb9a | 23 | |
1d22e906 LP |
24 | r = mac_selinux_unit_access_check(UNIT(s), message, "stop", error); |
25 | if (r < 0) | |
26 | return r; | |
27 | ||
28 | r = bus_verify_manage_units_async(UNIT(s)->manager, message, error); | |
283868e1 SW |
29 | if (r < 0) |
30 | return r; | |
31 | if (r == 0) | |
32 | return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ | |
33 | ||
4e2f8d27 | 34 | r = scope_abandon(s); |
4e2f8d27 LP |
35 | if (r == -ESTALE) |
36 | return sd_bus_error_setf(error, BUS_ERROR_SCOPE_NOT_RUNNING, "Scope %s is not running, cannot abandon.", UNIT(s)->id); | |
1d22e906 LP |
37 | if (r < 0) |
38 | return r; | |
4e2f8d27 LP |
39 | |
40 | return sd_bus_reply_method_return(message, NULL); | |
a911bb9a LP |
41 | } |
42 | ||
718db961 | 43 | static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, scope_result, ScopeResult); |
5fa09835 | 44 | static BUS_DEFINE_SET_TRANSIENT_PARSE(oom_policy, OOMPolicy, oom_policy_from_string); |
6c12b52e | 45 | |
718db961 LP |
46 | const sd_bus_vtable bus_scope_vtable[] = { |
47 | SD_BUS_VTABLE_START(0), | |
371c0b79 | 48 | SD_BUS_PROPERTY("Controller", "s", NULL, offsetof(Scope, controller), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), |
556089dc | 49 | SD_BUS_PROPERTY("TimeoutStopUSec", "t", bus_property_get_usec, offsetof(Scope, timeout_stop_usec), SD_BUS_VTABLE_PROPERTY_CONST), |
718db961 | 50 | SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Scope, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), |
9ed7de60 | 51 | SD_BUS_PROPERTY("RuntimeMaxUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_max_usec), SD_BUS_VTABLE_PROPERTY_CONST), |
5918a933 | 52 | SD_BUS_PROPERTY("RuntimeRandomizedExtraUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_rand_extra_usec), SD_BUS_VTABLE_PROPERTY_CONST), |
5fa09835 | 53 | SD_BUS_PROPERTY("OOMPolicy", "s", bus_property_get_oom_policy, offsetof(Scope, oom_policy), SD_BUS_VTABLE_PROPERTY_CONST), |
2d4a39e7 | 54 | SD_BUS_SIGNAL("RequestStop", NULL, 0), |
c20076a8 | 55 | SD_BUS_METHOD("Abandon", NULL, NULL, bus_scope_method_abandon, SD_BUS_VTABLE_UNPRIVILEGED), |
718db961 LP |
56 | SD_BUS_VTABLE_END |
57 | }; | |
6c12b52e | 58 | |
9f2e86af | 59 | static int bus_scope_set_transient_property( |
6c12b52e LP |
60 | Scope *s, |
61 | const char *name, | |
718db961 | 62 | sd_bus_message *message, |
2e59b241 | 63 | UnitWriteFlags flags, |
718db961 | 64 | sd_bus_error *error) { |
6c12b52e | 65 | |
ef71cc77 | 66 | Unit *u = UNIT(s); |
6c12b52e LP |
67 | int r; |
68 | ||
6c12b52e | 69 | assert(s); |
718db961 LP |
70 | assert(name); |
71 | assert(message); | |
6c12b52e | 72 | |
2e59b241 LP |
73 | flags |= UNIT_PRIVATE; |
74 | ||
0fb0fffa | 75 | if (streq(name, "TimeoutStopUSec")) |
ef71cc77 | 76 | return bus_set_transient_usec(u, name, &s->timeout_stop_usec, message, flags, error); |
0fb0fffa | 77 | |
9ed7de60 PW |
78 | if (streq(name, "RuntimeMaxUSec")) |
79 | return bus_set_transient_usec(u, name, &s->runtime_max_usec, message, flags, error); | |
80 | ||
5918a933 AB |
81 | if (streq(name, "RuntimeRandomizedExtraUSec")) |
82 | return bus_set_transient_usec(u, name, &s->runtime_rand_extra_usec, message, flags, error); | |
83 | ||
5fa09835 ML |
84 | if (streq(name, "OOMPolicy")) |
85 | return bus_set_transient_oom_policy(u, name, &s->oom_policy, message, flags, error); | |
86 | ||
6c12b52e | 87 | if (streq(name, "PIDs")) { |
4ac08d8a | 88 | _cleanup_(pidref_done) PidRef sender_pidref = PIDREF_NULL; |
294a90cc | 89 | unsigned n = 0; |
6c12b52e | 90 | |
718db961 LP |
91 | r = sd_bus_message_enter_container(message, 'a', "u"); |
92 | if (r < 0) | |
93 | return r; | |
6c12b52e | 94 | |
6592b975 | 95 | for (;;) { |
495e75ed | 96 | _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL; |
6592b975 | 97 | uint32_t upid; |
4ac08d8a | 98 | PidRef *p; |
6592b975 LP |
99 | |
100 | r = sd_bus_message_read(message, "u", &upid); | |
101 | if (r < 0) | |
102 | return r; | |
103 | if (r == 0) | |
104 | break; | |
105 | ||
106 | if (upid == 0) { | |
4ac08d8a LP |
107 | if (!pidref_is_set(&sender_pidref)) { |
108 | r = bus_query_sender_pidref(message, &sender_pidref); | |
6592b975 LP |
109 | if (r < 0) |
110 | return r; | |
111 | } | |
112 | ||
4ac08d8a LP |
113 | p = &sender_pidref; |
114 | } else { | |
115 | r = pidref_set_pid(&pidref, upid); | |
6592b975 LP |
116 | if (r < 0) |
117 | return r; | |
6c12b52e | 118 | |
4ac08d8a LP |
119 | p = &pidref; |
120 | } | |
495e75ed | 121 | |
4ac08d8a | 122 | r = unit_pid_attachable(u, p, error); |
6592b975 LP |
123 | if (r < 0) |
124 | return r; | |
6c12b52e | 125 | |
2e59b241 | 126 | if (!UNIT_WRITE_FLAGS_NOOP(flags)) { |
4ac08d8a | 127 | r = unit_watch_pidref(u, p, /* exclusive= */ false); |
adb3a45d LP |
128 | if (r < 0 && r != -EEXIST) |
129 | return r; | |
130 | } | |
6c12b52e | 131 | |
adb3a45d | 132 | n++; |
6c12b52e | 133 | } |
718db961 LP |
134 | |
135 | r = sd_bus_message_exit_container(message); | |
136 | if (r < 0) | |
137 | return r; | |
6c12b52e | 138 | |
7595fed9 LP |
139 | return n <= 0 ? -EINVAL : 1; |
140 | } | |
6c12b52e | 141 | |
7595fed9 LP |
142 | if (streq(name, "PIDFDs")) { |
143 | unsigned n = 0; | |
144 | ||
145 | r = sd_bus_message_enter_container(message, 'a', "h"); | |
146 | if (r < 0) | |
147 | return r; | |
148 | ||
149 | for (;;) { | |
150 | _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL; | |
151 | int fd; | |
152 | ||
153 | r = sd_bus_message_read(message, "h", &fd); | |
154 | if (r < 0) | |
155 | return r; | |
156 | if (r == 0) | |
157 | break; | |
158 | ||
159 | r = pidref_set_pidfd(&pidref, fd); | |
160 | if (r < 0) | |
161 | return r; | |
162 | ||
163 | r = unit_pid_attachable(u, &pidref, error); | |
164 | if (r < 0) | |
165 | return r; | |
166 | ||
167 | if (!UNIT_WRITE_FLAGS_NOOP(flags)) { | |
168 | r = unit_watch_pidref(u, &pidref, /* exclusive= */ false); | |
169 | if (r < 0 && r != -EEXIST) | |
170 | return r; | |
171 | } | |
172 | ||
173 | n++; | |
174 | } | |
175 | ||
176 | r = sd_bus_message_exit_container(message); | |
177 | if (r < 0) | |
178 | return r; | |
179 | ||
180 | return n <= 0 ? -EINVAL : 1; | |
181 | } | |
cc23f9f1 | 182 | |
7595fed9 | 183 | if (streq(name, "Controller")) { |
2d4a39e7 | 184 | const char *controller; |
2d4a39e7 | 185 | |
f2c49c86 LP |
186 | /* We can't support direct connections with this, as direct connections know no service or unique name |
187 | * concept, but the Controller field stores exactly that. */ | |
ef71cc77 | 188 | if (sd_bus_message_get_bus(message) != u->manager->api_bus) |
1b09b81c | 189 | return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED, "Sorry, Controller= logic only supported via the bus."); |
f2c49c86 | 190 | |
2d4a39e7 LP |
191 | r = sd_bus_message_read(message, "s", &controller); |
192 | if (r < 0) | |
193 | return r; | |
194 | ||
5453a4b1 | 195 | if (!isempty(controller) && !sd_bus_service_name_is_valid(controller)) |
2d4a39e7 LP |
196 | return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Controller '%s' is not a valid bus name.", controller); |
197 | ||
2e59b241 LP |
198 | if (!UNIT_WRITE_FLAGS_NOOP(flags)) { |
199 | r = free_and_strdup(&s->controller, empty_to_null(controller)); | |
200 | if (r < 0) | |
201 | return r; | |
2d4a39e7 LP |
202 | } |
203 | ||
cc23f9f1 | 204 | return 1; |
6c12b52e LP |
205 | } |
206 | ||
207 | return 0; | |
208 | } | |
209 | ||
210 | int bus_scope_set_property( | |
211 | Unit *u, | |
212 | const char *name, | |
718db961 | 213 | sd_bus_message *message, |
2e59b241 | 214 | UnitWriteFlags flags, |
718db961 | 215 | sd_bus_error *error) { |
6c12b52e LP |
216 | |
217 | Scope *s = SCOPE(u); | |
218 | int r; | |
219 | ||
718db961 | 220 | assert(s); |
6c12b52e | 221 | assert(name); |
718db961 | 222 | assert(message); |
6c12b52e | 223 | |
2e59b241 | 224 | r = bus_cgroup_set_property(u, &s->cgroup_context, name, message, flags, error); |
6c12b52e LP |
225 | if (r != 0) |
226 | return r; | |
227 | ||
228 | if (u->load_state == UNIT_STUB) { | |
229 | /* While we are created we still accept PIDs */ | |
230 | ||
2e59b241 | 231 | r = bus_scope_set_transient_property(s, name, message, flags, error); |
6c12b52e LP |
232 | if (r != 0) |
233 | return r; | |
a6c0353b | 234 | |
2e59b241 | 235 | r = bus_kill_context_set_transient_property(u, &s->kill_context, name, message, flags, error); |
a6c0353b LP |
236 | if (r != 0) |
237 | return r; | |
03860190 MS |
238 | |
239 | if (streq(name, "User")) | |
240 | return bus_set_transient_user_relaxed(u, name, &s->user, message, flags, error); | |
241 | ||
242 | if (streq(name, "Group")) | |
243 | return bus_set_transient_user_relaxed(u, name, &s->group, message, flags, error); | |
6c12b52e LP |
244 | } |
245 | ||
246 | return 0; | |
247 | } | |
248 | ||
249 | int bus_scope_commit_properties(Unit *u) { | |
250 | assert(u); | |
251 | ||
252 | unit_realize_cgroup(u); | |
bc432dc7 | 253 | |
6c12b52e LP |
254 | return 0; |
255 | } | |
2d4a39e7 LP |
256 | |
257 | int bus_scope_send_request_stop(Scope *s) { | |
4afd3348 | 258 | _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; |
2d4a39e7 LP |
259 | _cleanup_free_ char *p = NULL; |
260 | int r; | |
261 | ||
262 | assert(s); | |
263 | ||
264 | if (!s->controller) | |
265 | return 0; | |
266 | ||
267 | p = unit_dbus_path(UNIT(s)); | |
268 | if (!p) | |
269 | return -ENOMEM; | |
270 | ||
271 | r = sd_bus_message_new_signal( | |
272 | UNIT(s)->manager->api_bus, | |
151b9b96 | 273 | &m, |
2d4a39e7 LP |
274 | p, |
275 | "org.freedesktop.systemd1.Scope", | |
151b9b96 | 276 | "RequestStop"); |
2d4a39e7 LP |
277 | if (r < 0) |
278 | return r; | |
279 | ||
f4b0fb23 | 280 | return sd_bus_send_to(UNIT(s)->manager->api_bus, m, s->controller, NULL); |
2d4a39e7 | 281 | } |
371c0b79 LP |
282 | |
283 | static int on_controller_gone(sd_bus_track *track, void *userdata) { | |
284 | Scope *s = userdata; | |
285 | ||
286 | assert(track); | |
287 | ||
288 | if (s->controller) { | |
289 | log_unit_debug(UNIT(s), "Controller %s disappeared from bus.", s->controller); | |
290 | unit_add_to_dbus_queue(UNIT(s)); | |
291 | s->controller = mfree(s->controller); | |
292 | } | |
293 | ||
294 | s->controller_track = sd_bus_track_unref(s->controller_track); | |
295 | ||
296 | return 0; | |
297 | } | |
298 | ||
299 | int bus_scope_track_controller(Scope *s) { | |
300 | int r; | |
301 | ||
302 | assert(s); | |
303 | ||
304 | if (!s->controller || s->controller_track) | |
305 | return 0; | |
306 | ||
307 | r = sd_bus_track_new(UNIT(s)->manager->api_bus, &s->controller_track, on_controller_gone, s); | |
308 | if (r < 0) | |
309 | return r; | |
310 | ||
311 | r = sd_bus_track_add_name(s->controller_track, s->controller); | |
312 | if (r < 0) { | |
313 | s->controller_track = sd_bus_track_unref(s->controller_track); | |
314 | return r; | |
315 | } | |
316 | ||
317 | return 0; | |
318 | } |