[thirdparty/systemd.git] / src / machine / image-dbus.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering
***/

#include <sys/file.h>
#include <sys/mount.h>

#include "alloc-util.h"
#include "bus-label.h"
#include "bus-util.h"
#include "copy.h"
#include "dissect-image.h"
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
#include "image-dbus.h"
#include "io-util.h"
#include "loop-util.h"
#include "machine-image.h"
#include "mount-util.h"
#include "process-util.h"
#include "raw-clone.h"
#include "strv.h"
#include "user-util.h"

static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, image_type, ImageType);

int bus_image_method_remove(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
        Image *image = userdata;
        Manager *m = image->userdata;
        pid_t child;
        int r;

        assert(message);
        assert(image);

        if (m->n_operations >= OPERATIONS_MAX)
                return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
                return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");

        r = safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS, &child);
        if (r < 0)
                return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
        if (r == 0) {
                errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);

                r = image_remove(image);
                if (r < 0) {
                        (void) write(errno_pipe_fd[1], &r, sizeof(r));
                        _exit(EXIT_FAILURE);
                }

                _exit(EXIT_SUCCESS);
        }

        errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);

        r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
        if (r < 0) {
                (void) sigkill_wait(child);
                return r;
        }

        errno_pipe_fd[0] = -1;

        return 1;
}

int bus_image_method_rename(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        Manager *m = image->userdata;
        const char *new_name;
        int r;

        assert(message);
        assert(image);

        r = sd_bus_message_read(message, "s", &new_name);
        if (r < 0)
                return r;

        if (!image_name_is_valid(new_name))
                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        r = image_rename(image, new_name);
        if (r < 0)
                return r;

        return sd_bus_reply_method_return(message, NULL);
}

int bus_image_method_clone(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
        Image *image = userdata;
        Manager *m = image->userdata;
        const char *new_name;
        int r, read_only;
        pid_t child;

        assert(message);
        assert(image);
        assert(m);

        if (m->n_operations >= OPERATIONS_MAX)
                return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");

        r = sd_bus_message_read(message, "sb", &new_name, &read_only);
        if (r < 0)
                return r;

        if (!image_name_is_valid(new_name))
                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
                return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");

        r = safe_fork("(imgclone)", FORK_RESET_SIGNALS, &child);
        if (r < 0)
                return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
        if (r == 0) {
                errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);

                r = image_clone(image, new_name, read_only);
                if (r < 0) {
                        (void) write(errno_pipe_fd[1], &r, sizeof(r));
                        _exit(EXIT_FAILURE);
                }

                _exit(EXIT_SUCCESS);
        }

        errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);

        r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
        if (r < 0) {
                (void) sigkill_wait(child);
                return r;
        }

        errno_pipe_fd[0] = -1;

        return 1;
}

int bus_image_method_mark_read_only(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        Manager *m = image->userdata;
        int r, read_only;

        assert(message);

        r = sd_bus_message_read(message, "b", &read_only);
        if (r < 0)
                return r;

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        r = image_read_only(image, read_only);
        if (r < 0)
                return r;

        return sd_bus_reply_method_return(message, NULL);
}

int bus_image_method_set_limit(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        Manager *m = image->userdata;
        uint64_t limit;
        int r;

        assert(message);

        r = sd_bus_message_read(message, "t", &limit);
        if (r < 0)
                return r;
        if (!FILE_SIZE_VALID_OR_INFINITY(limit))
                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        r = image_set_limit(image, limit);
        if (r < 0)
                return r;

        return sd_bus_reply_method_return(message, NULL);
}

int bus_image_method_get_hostname(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        return sd_bus_reply_method_return(message, "s", image->hostname);
}

int bus_image_method_get_machine_id(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        r = sd_bus_message_new_method_return(message, &reply);
        if (r < 0)
                return r;

        if (sd_id128_is_null(image->machine_id)) /* Add an empty array if the ID is zero */
                r = sd_bus_message_append(reply, "ay", 0);
        else
                r = sd_bus_message_append_array(reply, 'y', image->machine_id.bytes, 16);
        if (r < 0)
                return r;

        return sd_bus_send(NULL, reply, NULL);
}

int bus_image_method_get_machine_info(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        return bus_reply_pair_array(message, image->machine_info);
}

int bus_image_method_get_os_release(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        return bus_reply_pair_array(message, image->os_release);
}

const sd_bus_vtable image_vtable[] = {
        SD_BUS_VTABLE_START(0),
        SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Image, name), 0),
        SD_BUS_PROPERTY("Path", "s", NULL, offsetof(Image, path), 0),
        SD_BUS_PROPERTY("Type", "s", property_get_type,  offsetof(Image, type), 0),
        SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool, offsetof(Image, read_only), 0),
        SD_BUS_PROPERTY("CreationTimestamp", "t", NULL, offsetof(Image, crtime), 0),
        SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL, offsetof(Image, mtime), 0),
        SD_BUS_PROPERTY("Usage", "t", NULL, offsetof(Image, usage), 0),
        SD_BUS_PROPERTY("Limit", "t", NULL, offsetof(Image, limit), 0),
        SD_BUS_PROPERTY("UsageExclusive", "t", NULL, offsetof(Image, usage_exclusive), 0),
        SD_BUS_PROPERTY("LimitExclusive", "t", NULL, offsetof(Image, limit_exclusive), 0),
        SD_BUS_METHOD("Remove", NULL, NULL, bus_image_method_remove, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("Rename", "s", NULL, bus_image_method_rename, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("Clone", "sb", NULL, bus_image_method_clone, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("MarkReadOnly", "b", NULL, bus_image_method_mark_read_only, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("SetLimit", "t", NULL, bus_image_method_set_limit, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetHostname", NULL, "s", bus_image_method_get_hostname, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetMachineID", NULL, "ay", bus_image_method_get_machine_id, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetMachineInfo", NULL, "a{ss}", bus_image_method_get_machine_info, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_image_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_VTABLE_END
};

static int image_flush_cache(sd_event_source *s, void *userdata) {
        Manager *m = userdata;

        assert(s);
        assert(m);

        hashmap_clear_with_destructor(m->image_cache, image_unref);
        return 0;
}

int image_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
        _cleanup_free_ char *e = NULL;
        Manager *m = userdata;
        Image *image = NULL;
        const char *p;
        int r;

        assert(bus);
        assert(path);
        assert(interface);
        assert(found);

        p = startswith(path, "/org/freedesktop/machine1/image/");
        if (!p)
                return 0;

        e = bus_label_unescape(p);
        if (!e)
                return -ENOMEM;

        image = hashmap_get(m->image_cache, e);
        if (image) {
                *found = image;
                return 1;
        }

        r = hashmap_ensure_allocated(&m->image_cache, &string_hash_ops);
        if (r < 0)
                return r;

        if (!m->image_cache_defer_event) {
                r = sd_event_add_defer(m->event, &m->image_cache_defer_event, image_flush_cache, m);
                if (r < 0)
                        return r;

                r = sd_event_source_set_priority(m->image_cache_defer_event, SD_EVENT_PRIORITY_IDLE);
                if (r < 0)
                        return r;
        }

        r = sd_event_source_set_enabled(m->image_cache_defer_event, SD_EVENT_ONESHOT);
        if (r < 0)
                return r;

        r = image_find(e, &image);
        if (r <= 0)
                return r;

        image->userdata = m;

        r = hashmap_put(m->image_cache, image->name, image);
        if (r < 0) {
                image_unref(image);
                return r;
        }

        *found = image;
        return 1;
}

char *image_bus_path(const char *name) {
        _cleanup_free_ char *e = NULL;

        assert(name);

        e = bus_label_escape(name);
        if (!e)
                return NULL;

        return strappend("/org/freedesktop/machine1/image/", e);
}

int image_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
        _cleanup_(image_hashmap_freep) Hashmap *images = NULL;
        _cleanup_strv_free_ char **l = NULL;
        Image *image;
        Iterator i;
        int r;

        assert(bus);
        assert(path);
        assert(nodes);

        images = hashmap_new(&string_hash_ops);
        if (!images)
                return -ENOMEM;

        r = image_discover(images);
        if (r < 0)
                return r;

        HASHMAP_FOREACH(image, images, i) {
                char *p;

                p = image_bus_path(image->name);
                if (!p)
                        return -ENOMEM;

                r = strv_consume(&l, p);
                if (r < 0)
                        return r;
        }

        *nodes = TAKE_PTR(l);

        return 1;
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
ebeccf9e LP	2	/***
	3	This file is part of systemd.
	4
	5	Copyright 2014 Lennart Poettering
ebeccf9e LP	6	***/
ebeccf9e LP	7
fe993888	8	#include <sys/file.h>
9153b02b LP	9	#include <sys/mount.h>
9153b02b LP	10
b5efdb8a	11	#include "alloc-util.h"
ebeccf9e	12	#include "bus-label.h"
1ddb263d	13	#include "bus-util.h"
9153b02b LP	14	#include "copy.h"
9153b02b LP	15	#include "dissect-image.h"
56599585	16	#include "fd-util.h"
9153b02b LP	17	#include "fileio.h"
9153b02b LP	18	#include "fs-util.h"
003dffde	19	#include "image-dbus.h"
a90fb858	20	#include "io-util.h"
9153b02b	21	#include "loop-util.h"
ee104e11	22	#include "machine-image.h"
9153b02b	23	#include "mount-util.h"
56599585	24	#include "process-util.h"
9153b02b	25	#include "raw-clone.h"
ee104e11 LP	26	#include "strv.h"
ee104e11 LP	27	#include "user-util.h"
ebeccf9e	28
1ddb263d	29	static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, image_type, ImageType);
ebeccf9e	30
1ddb263d	31	int bus_image_method_remove(
08682124 LP	32	sd_bus_message *message,
	33	void *userdata,
	34	sd_bus_error *error) {
	35
5d2036b5	36	_cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
1ddb263d	37	Image *image = userdata;
70244d1d	38	Manager *m = image->userdata;
5d2036b5	39	pid_t child;
08682124 LP	40	int r;
08682124 LP	41
08682124	42	assert(message);
1ddb263d	43	assert(image);
08682124	44
5d2036b5 LP	45	if (m->n_operations >= OPERATIONS_MAX)
	46	return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
	47
70244d1d LP	48	r = bus_verify_polkit_async(
	49	message,
	50	CAP_SYS_ADMIN,
	51	"org.freedesktop.machine1.manage-images",
403ed0e5	52	NULL,
70244d1d	53	false,
c529695e	54	UID_INVALID,
70244d1d LP	55	&m->polkit_registry,
	56	error);
	57	if (r < 0)
	58	return r;
	59	if (r == 0)
	60	return 1; /* Will call us back */
	61
5d2036b5 LP	62	if (pipe2(errno_pipe_fd, O_CLOEXEC\|O_NONBLOCK) < 0)
	63	return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
	64
4c253ed1 LP	65	r = safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS, &child);
	66	if (r < 0)
	67	return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
	68	if (r == 0) {
5d2036b5 LP	69	errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
	70
	71	r = image_remove(image);
	72	if (r < 0) {
	73	(void) write(errno_pipe_fd[1], &r, sizeof(r));
	74	_exit(EXIT_FAILURE);
	75	}
	76
	77	_exit(EXIT_SUCCESS);
	78	}
	79
	80	errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
	81
03c2b288	82	r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
5d2036b5 LP	83	if (r < 0) {
5d2036b5 LP	84	(void) sigkill_wait(child);
08682124	85	return r;
5d2036b5 LP	86	}
	87
	88	errno_pipe_fd[0] = -1;
08682124	89
5d2036b5	90	return 1;
08682124 LP	91	}
08682124 LP	92
1ddb263d	93	int bus_image_method_rename(
ebd93cb6 LP	94	sd_bus_message *message,
	95	void *userdata,
	96	sd_bus_error *error) {
	97
1ddb263d	98	Image *image = userdata;
70244d1d	99	Manager *m = image->userdata;
ebd93cb6 LP	100	const char *new_name;
	101	int r;
	102
ebd93cb6	103	assert(message);
1ddb263d	104	assert(image);
ebd93cb6 LP	105
	106	r = sd_bus_message_read(message, "s", &new_name);
	107	if (r < 0)
	108	return r;
	109
	110	if (!image_name_is_valid(new_name))
	111	return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
	112
70244d1d LP	113	r = bus_verify_polkit_async(
	114	message,
	115	CAP_SYS_ADMIN,
	116	"org.freedesktop.machine1.manage-images",
403ed0e5	117	NULL,
70244d1d	118	false,
c529695e	119	UID_INVALID,
70244d1d LP	120	&m->polkit_registry,
	121	error);
	122	if (r < 0)
	123	return r;
	124	if (r == 0)
	125	return 1; /* Will call us back */
	126
ebd93cb6 LP	127	r = image_rename(image, new_name);
	128	if (r < 0)
	129	return r;
	130
	131	return sd_bus_reply_method_return(message, NULL);
	132	}
	133
1ddb263d	134	int bus_image_method_clone(
ebd93cb6 LP	135	sd_bus_message *message,
	136	void *userdata,
	137	sd_bus_error *error) {
	138
56599585	139	_cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
1ddb263d	140	Image *image = userdata;
70244d1d	141	Manager *m = image->userdata;
ebd93cb6 LP	142	const char *new_name;
ebd93cb6 LP	143	int r, read_only;
56599585	144	pid_t child;
ebd93cb6	145
ebd93cb6	146	assert(message);
1ddb263d	147	assert(image);
56599585 LP	148	assert(m);
	149
	150	if (m->n_operations >= OPERATIONS_MAX)
	151	return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
ebd93cb6 LP	152
	153	r = sd_bus_message_read(message, "sb", &new_name, &read_only);
	154	if (r < 0)
	155	return r;
	156
	157	if (!image_name_is_valid(new_name))
	158	return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
	159
70244d1d LP	160	r = bus_verify_polkit_async(
	161	message,
	162	CAP_SYS_ADMIN,
	163	"org.freedesktop.machine1.manage-images",
403ed0e5	164	NULL,
70244d1d	165	false,
c529695e	166	UID_INVALID,
70244d1d LP	167	&m->polkit_registry,
	168	error);
	169	if (r < 0)
	170	return r;
	171	if (r == 0)
	172	return 1; /* Will call us back */
	173
56599585 LP	174	if (pipe2(errno_pipe_fd, O_CLOEXEC\|O_NONBLOCK) < 0)
	175	return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
	176
4c253ed1 LP	177	r = safe_fork("(imgclone)", FORK_RESET_SIGNALS, &child);
	178	if (r < 0)
	179	return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
	180	if (r == 0) {
56599585 LP	181	errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
	182
	183	r = image_clone(image, new_name, read_only);
	184	if (r < 0) {
	185	(void) write(errno_pipe_fd[1], &r, sizeof(r));
	186	_exit(EXIT_FAILURE);
	187	}
	188
	189	_exit(EXIT_SUCCESS);
	190	}
	191
	192	errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
	193
03c2b288	194	r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
56599585	195	if (r < 0) {
89c9030d	196	(void) sigkill_wait(child);
ebd93cb6	197	return r;
56599585	198	}
ebd93cb6	199
56599585 LP	200	errno_pipe_fd[0] = -1;
	201
	202	return 1;
ebd93cb6 LP	203	}
ebd93cb6 LP	204
1ddb263d	205	int bus_image_method_mark_read_only(
ebd93cb6 LP	206	sd_bus_message *message,
	207	void *userdata,
	208	sd_bus_error *error) {
	209
1ddb263d	210	Image *image = userdata;
70244d1d	211	Manager *m = image->userdata;
ebd93cb6 LP	212	int r, read_only;
ebd93cb6 LP	213
ebd93cb6 LP	214	assert(message);
ebd93cb6 LP	215
ebd93cb6 LP	216	r = sd_bus_message_read(message, "b", &read_only);
	217	if (r < 0)
	218	return r;
	219
70244d1d LP	220	r = bus_verify_polkit_async(
	221	message,
	222	CAP_SYS_ADMIN,
	223	"org.freedesktop.machine1.manage-images",
403ed0e5	224	NULL,
70244d1d	225	false,
c529695e	226	UID_INVALID,
70244d1d LP	227	&m->polkit_registry,
	228	error);
	229	if (r < 0)
	230	return r;
	231	if (r == 0)
	232	return 1; /* Will call us back */
	233
ebd93cb6 LP	234	r = image_read_only(image, read_only);
	235	if (r < 0)
	236	return r;
	237
	238	return sd_bus_reply_method_return(message, NULL);
	239	}
	240
d6ce17c7	241	int bus_image_method_set_limit(
d6ce17c7 LP	242	sd_bus_message *message,
	243	void *userdata,
	244	sd_bus_error *error) {
	245
	246	Image *image = userdata;
	247	Manager *m = image->userdata;
	248	uint64_t limit;
	249	int r;
	250
d6ce17c7 LP	251	assert(message);
	252
	253	r = sd_bus_message_read(message, "t", &limit);
	254	if (r < 0)
	255	return r;
a90fb858 LP	256	if (!FILE_SIZE_VALID_OR_INFINITY(limit))
a90fb858 LP	257	return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");
d6ce17c7 LP	258
	259	r = bus_verify_polkit_async(
	260	message,
	261	CAP_SYS_ADMIN,
	262	"org.freedesktop.machine1.manage-images",
403ed0e5	263	NULL,
d6ce17c7 LP	264	false,
	265	UID_INVALID,
	266	&m->polkit_registry,
	267	error);
	268	if (r < 0)
	269	return r;
	270	if (r == 0)
	271	return 1; /* Will call us back */
	272
	273	r = image_set_limit(image, limit);
	274	if (r < 0)
	275	return r;
	276
	277	return sd_bus_reply_method_return(message, NULL);
	278	}
	279
cf30a8c1 LP	280	int bus_image_method_get_hostname(
	281	sd_bus_message *message,
	282	void *userdata,
	283	sd_bus_error *error) {
9153b02b	284
cf30a8c1	285	Image *image = userdata;
9153b02b LP	286	int r;
9153b02b LP	287
cf30a8c1 LP	288	if (!image->metadata_valid) {
	289	r = image_read_metadata(image);
	290	if (r < 0)
	291	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
	292	}
9153b02b	293
cf30a8c1	294	return sd_bus_reply_method_return(message, "s", image->hostname);
9153b02b LP	295	}
9153b02b LP	296
cf30a8c1 LP	297	int bus_image_method_get_machine_id(
	298	sd_bus_message *message,
	299	void *userdata,
	300	sd_bus_error *error) {
9153b02b	301
cf30a8c1 LP	302	_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
	303	Image *image = userdata;
	304	int r;
9153b02b	305
cf30a8c1 LP	306	if (!image->metadata_valid) {
cf30a8c1 LP	307	r = image_read_metadata(image);
9153b02b	308	if (r < 0)
cf30a8c1	309	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
9153b02b LP	310	}
9153b02b LP	311
cf30a8c1	312	r = sd_bus_message_new_method_return(message, &reply);
9153b02b LP	313	if (r < 0)
	314	return r;
	315
cf30a8c1 LP	316	if (sd_id128_is_null(image->machine_id)) /* Add an empty array if the ID is zero */
	317	r = sd_bus_message_append(reply, "ay", 0);
	318	else
	319	r = sd_bus_message_append_array(reply, 'y', image->machine_id.bytes, 16);
9153b02b	320	if (r < 0)
cf30a8c1	321	return r;
9153b02b	322
cf30a8c1	323	return sd_bus_send(NULL, reply, NULL);
9153b02b LP	324	}
9153b02b LP	325
cf30a8c1	326	int bus_image_method_get_machine_info(
9153b02b LP	327	sd_bus_message *message,
	328	void *userdata,
	329	sd_bus_error *error) {
	330
9153b02b LP	331	Image *image = userdata;
	332	int r;
	333
cf30a8c1 LP	334	if (!image->metadata_valid) {
	335	r = image_read_metadata(image);
	336	if (r < 0)
	337	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
	338	}
9153b02b	339
cf30a8c1 LP	340	return bus_reply_pair_array(message, image->machine_info);
cf30a8c1 LP	341	}
9153b02b	342
cf30a8c1 LP	343	int bus_image_method_get_os_release(
	344	sd_bus_message *message,
	345	void *userdata,
	346	sd_bus_error *error) {
9153b02b	347
cf30a8c1 LP	348	Image *image = userdata;
cf30a8c1 LP	349	int r;
9153b02b	350
cf30a8c1 LP	351	if (!image->metadata_valid) {
	352	r = image_read_metadata(image);
	353	if (r < 0)
	354	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
9153b02b	355	}
9153b02b	356
cf30a8c1	357	return bus_reply_pair_array(message, image->os_release);
9153b02b LP	358	}
9153b02b LP	359
ebeccf9e LP	360	const sd_bus_vtable image_vtable[] = {
ebeccf9e LP	361	SD_BUS_VTABLE_START(0),
1ddb263d LP	362	SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Image, name), 0),
	363	SD_BUS_PROPERTY("Path", "s", NULL, offsetof(Image, path), 0),
	364	SD_BUS_PROPERTY("Type", "s", property_get_type, offsetof(Image, type), 0),
	365	SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool, offsetof(Image, read_only), 0),
	366	SD_BUS_PROPERTY("CreationTimestamp", "t", NULL, offsetof(Image, crtime), 0),
	367	SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL, offsetof(Image, mtime), 0),
c19de711	368	SD_BUS_PROPERTY("Usage", "t", NULL, offsetof(Image, usage), 0),
1ddb263d	369	SD_BUS_PROPERTY("Limit", "t", NULL, offsetof(Image, limit), 0),
c19de711	370	SD_BUS_PROPERTY("UsageExclusive", "t", NULL, offsetof(Image, usage_exclusive), 0),
1ddb263d	371	SD_BUS_PROPERTY("LimitExclusive", "t", NULL, offsetof(Image, limit_exclusive), 0),
70244d1d LP	372	SD_BUS_METHOD("Remove", NULL, NULL, bus_image_method_remove, SD_BUS_VTABLE_UNPRIVILEGED),
	373	SD_BUS_METHOD("Rename", "s", NULL, bus_image_method_rename, SD_BUS_VTABLE_UNPRIVILEGED),
	374	SD_BUS_METHOD("Clone", "sb", NULL, bus_image_method_clone, SD_BUS_VTABLE_UNPRIVILEGED),
	375	SD_BUS_METHOD("MarkReadOnly", "b", NULL, bus_image_method_mark_read_only, SD_BUS_VTABLE_UNPRIVILEGED),
d6ce17c7	376	SD_BUS_METHOD("SetLimit", "t", NULL, bus_image_method_set_limit, SD_BUS_VTABLE_UNPRIVILEGED),
cf30a8c1 LP	377	SD_BUS_METHOD("GetHostname", NULL, "s", bus_image_method_get_hostname, SD_BUS_VTABLE_UNPRIVILEGED),
	378	SD_BUS_METHOD("GetMachineID", NULL, "ay", bus_image_method_get_machine_id, SD_BUS_VTABLE_UNPRIVILEGED),
	379	SD_BUS_METHOD("GetMachineInfo", NULL, "a{ss}", bus_image_method_get_machine_info, SD_BUS_VTABLE_UNPRIVILEGED),
9153b02b	380	SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_image_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
ebeccf9e LP	381	SD_BUS_VTABLE_END
	382	};
	383
1ddb263d LP	384	static int image_flush_cache(sd_event_source s, void userdata) {
1ddb263d LP	385	Manager *m = userdata;
1ddb263d LP	386
	387	assert(s);
	388	assert(m);
	389
224b0e7a	390	hashmap_clear_with_destructor(m->image_cache, image_unref);
1ddb263d LP	391	return 0;
	392	}
	393
ebeccf9e	394	int image_object_find(sd_bus bus, const char path, const char interface, void userdata, void *found, sd_bus_error error) {
1ddb263d LP	395	_cleanup_free_ char *e = NULL;
	396	Manager *m = userdata;
	397	Image *image = NULL;
	398	const char *p;
ebeccf9e LP	399	int r;
	400
	401	assert(bus);
	402	assert(path);
	403	assert(interface);
	404	assert(found);
	405
1ddb263d LP	406	p = startswith(path, "/org/freedesktop/machine1/image/");
	407	if (!p)
	408	return 0;
	409
	410	e = bus_label_unescape(p);
	411	if (!e)
	412	return -ENOMEM;
	413
	414	image = hashmap_get(m->image_cache, e);
	415	if (image) {
	416	*found = image;
	417	return 1;
	418	}
	419
	420	r = hashmap_ensure_allocated(&m->image_cache, &string_hash_ops);
	421	if (r < 0)
	422	return r;
	423
	424	if (!m->image_cache_defer_event) {
	425	r = sd_event_add_defer(m->event, &m->image_cache_defer_event, image_flush_cache, m);
	426	if (r < 0)
	427	return r;
	428
	429	r = sd_event_source_set_priority(m->image_cache_defer_event, SD_EVENT_PRIORITY_IDLE);
	430	if (r < 0)
	431	return r;
	432	}
	433
	434	r = sd_event_source_set_enabled(m->image_cache_defer_event, SD_EVENT_ONESHOT);
	435	if (r < 0)
	436	return r;
	437
	438	r = image_find(e, &image);
ebeccf9e LP	439	if (r <= 0)
	440	return r;
	441
70244d1d LP	442	image->userdata = m;
70244d1d LP	443
1ddb263d LP	444	r = hashmap_put(m->image_cache, image->name, image);
	445	if (r < 0) {
	446	image_unref(image);
	447	return r;
	448	}
	449
	450	*found = image;
ebeccf9e LP	451	return 1;
	452	}
	453
	454	char image_bus_path(const char name) {
	455	_cleanup_free_ char *e = NULL;
	456
	457	assert(name);
	458
	459	e = bus_label_escape(name);
	460	if (!e)
	461	return NULL;
	462
	463	return strappend("/org/freedesktop/machine1/image/", e);
	464	}
	465
	466	int image_node_enumerator(sd_bus bus, const char path, void userdata, char *nodes, sd_bus_error error) {
	467	_cleanup_(image_hashmap_freep) Hashmap *images = NULL;
	468	_cleanup_strv_free_ char **l = NULL;
	469	Image *image;
	470	Iterator i;
	471	int r;
	472
	473	assert(bus);
	474	assert(path);
	475	assert(nodes);
	476
	477	images = hashmap_new(&string_hash_ops);
	478	if (!images)
	479	return -ENOMEM;
	480
	481	r = image_discover(images);
	482	if (r < 0)
	483	return r;
	484
	485	HASHMAP_FOREACH(image, images, i) {
	486	char *p;
	487
	488	p = image_bus_path(image->name);
	489	if (!p)
	490	return -ENOMEM;
	491
	492	r = strv_consume(&l, p);
	493	if (r < 0)
	494	return r;
	495	}
	496
1cc6c93a	497	*nodes = TAKE_PTR(l);
ebeccf9e LP	498
	499	return 1;
	500	}