1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
8 #include "alloc-util.h"
9 #include "bus-common-errors.h"
10 #include "bus-get-properties.h"
11 #include "bus-label.h"
12 #include "bus-object.h"
13 #include "bus-polkit.h"
15 #include "discover-image.h"
19 #include "missing_capability.h"
22 #include "portabled-bus.h"
23 #include "portabled-image-bus.h"
24 #include "portabled-image.h"
25 #include "portabled.h"
26 #include "process-util.h"
28 #include "user-util.h"
30 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type
, image_type
, ImageType
);
32 int bus_image_common_get_os_release(
34 sd_bus_message
*message
,
35 const char *name_or_path
,
37 sd_bus_error
*error
) {
41 assert(name_or_path
|| image
);
49 r
= bus_image_acquire(m
,
53 BUS_IMAGE_AUTHENTICATE_BY_PATH
,
54 "org.freedesktop.portable1.inspect-images",
59 if (r
== 0) /* Will call us back */
62 if (!image
->metadata_valid
) {
63 r
= image_read_metadata(image
, &image_policy_service
);
65 return sd_bus_error_set_errnof(error
, r
, "Failed to read image metadata: %m");
68 return bus_reply_pair_array(message
, image
->os_release
);
71 static int bus_image_method_get_os_release(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
72 return bus_image_common_get_os_release(NULL
, message
, NULL
, userdata
, error
);
75 static int append_fd(sd_bus_message
*m
, PortableMetadata
*d
) {
76 _cleanup_fclose_
FILE *f
= NULL
;
77 _cleanup_free_
char *buf
= NULL
;
86 r
= fdopen_independent(d
->fd
, "r", &f
);
90 r
= read_full_stream(f
, &buf
, &n
);
95 return sd_bus_message_append_array(m
, 'y', buf
, n
);
98 int bus_image_common_get_metadata(
100 sd_bus_message
*message
,
101 const char *name_or_path
,
103 sd_bus_error
*error
) {
105 _cleanup_ordered_hashmap_free_ OrderedHashmap
*extension_releases
= NULL
;
106 _cleanup_(portable_metadata_unrefp
) PortableMetadata
*os_release
= NULL
;
107 _cleanup_strv_free_
char **matches
= NULL
, **extension_images
= NULL
;
108 _cleanup_hashmap_free_ Hashmap
*unit_files
= NULL
;
109 _cleanup_(sd_bus_message_unrefp
) sd_bus_message
*reply
= NULL
;
110 _cleanup_free_ PortableMetadata
**sorted
= NULL
;
111 PortableFlags flags
= 0;
114 assert(name_or_path
|| image
);
122 bool have_exti
= sd_bus_message_is_method_call(message
, NULL
, "GetImageMetadataWithExtensions") ||
123 sd_bus_message_is_method_call(message
, NULL
, "GetMetadataWithExtensions");
126 r
= sd_bus_message_read_strv(message
, &extension_images
);
131 r
= sd_bus_message_read_strv(message
, &matches
);
136 uint64_t input_flags
= 0;
138 r
= sd_bus_message_read(message
, "t", &input_flags
);
142 if ((input_flags
& ~_PORTABLE_MASK_PUBLIC
) != 0)
143 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
,
144 "Invalid 'flags' parameter '%" PRIu64
"'",
146 flags
|= input_flags
;
149 r
= bus_image_acquire(m
,
153 BUS_IMAGE_AUTHENTICATE_BY_PATH
,
154 "org.freedesktop.portable1.inspect-images",
159 if (r
== 0) /* Will call us back */
162 r
= portable_extract(
166 /* image_policy= */ NULL
,
176 r
= portable_metadata_hashmap_to_sorted_array(unit_files
, &sorted
);
180 r
= sd_bus_message_new_method_return(message
, &reply
);
184 r
= sd_bus_message_append(reply
, "s", image
->path
);
188 r
= append_fd(reply
, os_release
);
192 /* If it was requested, also send back the extension path and the content
193 * of each extension-release file. Behind a flag, as it's an incompatible
196 PortableMetadata
*extension_release
;
198 r
= sd_bus_message_open_container(reply
, 'a', "{say}");
202 ORDERED_HASHMAP_FOREACH(extension_release
, extension_releases
) {
204 r
= sd_bus_message_open_container(reply
, 'e', "say");
208 r
= sd_bus_message_append(reply
, "s", extension_release
->image_path
);
212 r
= append_fd(reply
, extension_release
);
216 r
= sd_bus_message_close_container(reply
);
221 r
= sd_bus_message_close_container(reply
);
226 r
= sd_bus_message_open_container(reply
, 'a', "{say}");
230 for (size_t i
= 0; i
< hashmap_size(unit_files
); i
++) {
232 r
= sd_bus_message_open_container(reply
, 'e', "say");
236 r
= sd_bus_message_append(reply
, "s", sorted
[i
]->name
);
240 r
= append_fd(reply
, sorted
[i
]);
244 r
= sd_bus_message_close_container(reply
);
249 r
= sd_bus_message_close_container(reply
);
253 return sd_bus_send(NULL
, reply
, NULL
);
256 static int bus_image_method_get_metadata(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
257 return bus_image_common_get_metadata(NULL
, message
, NULL
, userdata
, error
);
260 static int bus_image_method_get_state(
261 sd_bus_message
*message
,
263 sd_bus_error
*error
) {
265 _cleanup_strv_free_
char **extension_images
= NULL
;
266 Image
*image
= ASSERT_PTR(userdata
);
272 if (sd_bus_message_is_method_call(message
, NULL
, "GetStateWithExtensions")) {
273 uint64_t input_flags
= 0;
275 r
= sd_bus_message_read_strv(message
, &extension_images
);
279 r
= sd_bus_message_read(message
, "t", &input_flags
);
283 /* No flags are supported by this method for now. */
284 if (input_flags
!= 0)
285 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
,
286 "Invalid 'flags' parameter '%" PRIu64
"'",
290 r
= portable_get_state(
291 sd_bus_message_get_bus(message
),
300 return sd_bus_reply_method_return(message
, "s", portable_state_to_string(state
));
303 int bus_image_common_attach(
305 sd_bus_message
*message
,
306 const char *name_or_path
,
308 sd_bus_error
*error
) {
310 _cleanup_strv_free_
char **matches
= NULL
, **extension_images
= NULL
;
311 PortableChange
*changes
= NULL
;
312 PortableFlags flags
= 0;
313 const char *profile
, *copy_mode
;
314 size_t n_changes
= 0;
318 assert(name_or_path
|| image
);
320 CLEANUP_ARRAY(changes
, n_changes
, portable_changes_free
);
327 if (sd_bus_message_is_method_call(message
, NULL
, "AttachImageWithExtensions") ||
328 sd_bus_message_is_method_call(message
, NULL
, "AttachWithExtensions")) {
329 r
= sd_bus_message_read_strv(message
, &extension_images
);
334 r
= sd_bus_message_read_strv(message
, &matches
);
338 r
= sd_bus_message_read(message
, "s", &profile
);
342 if (sd_bus_message_is_method_call(message
, NULL
, "AttachImageWithExtensions") ||
343 sd_bus_message_is_method_call(message
, NULL
, "AttachWithExtensions")) {
344 uint64_t input_flags
= 0;
346 r
= sd_bus_message_read(message
, "st", ©_mode
, &input_flags
);
349 if ((input_flags
& ~_PORTABLE_MASK_PUBLIC
) != 0)
350 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
,
351 "Invalid 'flags' parameter '%" PRIu64
"'",
353 flags
|= input_flags
;
357 r
= sd_bus_message_read(message
, "bs", &runtime
, ©_mode
);
362 flags
|= PORTABLE_RUNTIME
;
365 if (streq(copy_mode
, "symlink"))
366 flags
|= PORTABLE_PREFER_SYMLINK
;
367 else if (streq(copy_mode
, "copy"))
368 flags
|= PORTABLE_PREFER_COPY
;
369 else if (streq(copy_mode
, "mixed"))
370 flags
|= PORTABLE_MIXED_COPY_LINK
;
371 else if (!isempty(copy_mode
))
372 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
, "Unknown copy mode '%s'", copy_mode
);
374 r
= bus_image_acquire(m
,
378 BUS_IMAGE_AUTHENTICATE_ALL
,
379 "org.freedesktop.portable1.attach-images",
384 if (r
== 0) /* Will call us back */
388 sd_bus_message_get_bus(message
),
393 /* image_policy= */ NULL
,
401 return reply_portable_changes(message
, changes
, n_changes
);
404 static int bus_image_method_attach(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
405 return bus_image_common_attach(NULL
, message
, NULL
, userdata
, error
);
408 static int bus_image_method_detach(
409 sd_bus_message
*message
,
411 sd_bus_error
*error
) {
413 _cleanup_strv_free_
char **extension_images
= NULL
;
414 PortableChange
*changes
= NULL
;
415 Image
*image
= ASSERT_PTR(userdata
);
416 Manager
*m
= ASSERT_PTR(image
->userdata
);
417 PortableFlags flags
= 0;
418 size_t n_changes
= 0;
423 CLEANUP_ARRAY(changes
, n_changes
, portable_changes_free
);
425 if (sd_bus_message_is_method_call(message
, NULL
, "DetachWithExtensions")) {
426 r
= sd_bus_message_read_strv(message
, &extension_images
);
431 if (sd_bus_message_is_method_call(message
, NULL
, "DetachWithExtensions")) {
432 uint64_t input_flags
= 0;
434 r
= sd_bus_message_read(message
, "t", &input_flags
);
438 if ((input_flags
& ~_PORTABLE_MASK_PUBLIC
) != 0)
439 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
,
440 "Invalid 'flags' parameter '%" PRIu64
"'",
442 flags
|= input_flags
;
446 r
= sd_bus_message_read(message
, "b", &runtime
);
451 flags
|= PORTABLE_RUNTIME
;
454 r
= bus_verify_polkit_async(
456 "org.freedesktop.portable1.attach-images",
463 return 1; /* Will call us back */
466 sd_bus_message_get_bus(message
),
476 return reply_portable_changes(message
, changes
, n_changes
);
479 int bus_image_common_remove(
481 sd_bus_message
*message
,
482 const char *name_or_path
,
484 sd_bus_error
*error
) {
486 _cleanup_close_pair_
int errno_pipe_fd
[2] = EBADF_PAIR
;
487 _cleanup_(sigkill_waitp
) pid_t child
= 0;
492 assert(name_or_path
|| image
);
499 if (m
->n_operations
>= OPERATIONS_MAX
)
500 return sd_bus_error_set(error
, SD_BUS_ERROR_LIMITS_EXCEEDED
, "Too many ongoing operations.");
502 r
= bus_image_acquire(m
,
506 BUS_IMAGE_AUTHENTICATE_ALL
,
507 "org.freedesktop.portable1.manage-images",
513 return 1; /* Will call us back */
515 r
= portable_get_state(
516 sd_bus_message_get_bus(message
),
525 if (state
!= PORTABLE_DETACHED
)
526 return sd_bus_error_set_errnof(error
, EBUSY
, "Image '%s' is not detached, refusing.", image
->path
);
528 if (pipe2(errno_pipe_fd
, O_CLOEXEC
|O_NONBLOCK
) < 0)
529 return sd_bus_error_set_errnof(error
, errno
, "Failed to create pipe: %m");
531 r
= safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS
, &child
);
533 return sd_bus_error_set_errnof(error
, r
, "Failed to fork(): %m");
535 errno_pipe_fd
[0] = safe_close(errno_pipe_fd
[0]);
537 r
= image_remove(image
);
539 (void) write(errno_pipe_fd
[1], &r
, sizeof(r
));
546 errno_pipe_fd
[1] = safe_close(errno_pipe_fd
[1]);
548 r
= operation_new(m
, child
, message
, errno_pipe_fd
[0], NULL
);
553 errno_pipe_fd
[0] = -EBADF
;
558 static int bus_image_method_remove(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
559 return bus_image_common_remove(NULL
, message
, NULL
, userdata
, error
);
562 /* Given two PortableChange arrays, return a new array that has all elements of the first that are
563 * not also present in the second, comparing the basename of the path values. */
564 static int normalize_portable_changes(
565 const PortableChange
*changes_attached
,
566 size_t n_changes_attached
,
567 const PortableChange
*changes_detached
,
568 size_t n_changes_detached
,
569 PortableChange
**ret_changes
,
570 size_t *ret_n_changes
) {
572 PortableChange
*changes
= NULL
;
573 size_t n_changes
= 0;
575 assert(ret_n_changes
);
578 if (n_changes_detached
== 0)
579 return 0; /* Nothing to do */
581 changes
= new0(PortableChange
, n_changes_attached
+ n_changes_detached
);
585 CLEANUP_ARRAY(changes
, n_changes
, portable_changes_free
);
587 /* Corner case: only detached, nothing attached */
588 if (n_changes_attached
== 0) {
589 memcpy(changes
, changes_detached
, sizeof(PortableChange
) * n_changes_detached
);
590 *ret_changes
= TAKE_PTR(changes
);
591 *ret_n_changes
= n_changes_detached
;
595 for (size_t i
= 0; i
< n_changes_detached
; ++i
) {
598 for (size_t j
= 0; j
< n_changes_attached
; ++j
)
599 if (path_equal_filename(changes_detached
[i
].path
, changes_attached
[j
].path
)) {
605 _cleanup_free_
char *path
= NULL
, *source
= NULL
;
607 path
= strdup(changes_detached
[i
].path
);
611 if (changes_detached
[i
].source
) {
612 source
= strdup(changes_detached
[i
].source
);
617 changes
[n_changes
++] = (PortableChange
) {
618 .type_or_errno
= changes_detached
[i
].type_or_errno
,
619 .path
= TAKE_PTR(path
),
620 .source
= TAKE_PTR(source
),
625 *ret_n_changes
= n_changes
;
626 *ret_changes
= TAKE_PTR(changes
);
631 int bus_image_common_reattach(
633 sd_bus_message
*message
,
634 const char *name_or_path
,
636 sd_bus_error
*error
) {
638 PortableChange
*changes_detached
= NULL
, *changes_attached
= NULL
, *changes_gone
= NULL
;
639 size_t n_changes_detached
= 0, n_changes_attached
= 0, n_changes_gone
= 0;
640 _cleanup_strv_free_
char **matches
= NULL
, **extension_images
= NULL
;
641 PortableFlags flags
= PORTABLE_REATTACH
;
642 const char *profile
, *copy_mode
;
646 assert(name_or_path
|| image
);
648 CLEANUP_ARRAY(changes_detached
, n_changes_detached
, portable_changes_free
);
649 CLEANUP_ARRAY(changes_attached
, n_changes_attached
, portable_changes_free
);
650 CLEANUP_ARRAY(changes_gone
, n_changes_gone
, portable_changes_free
);
657 if (sd_bus_message_is_method_call(message
, NULL
, "ReattachImageWithExtensions") ||
658 sd_bus_message_is_method_call(message
, NULL
, "ReattachWithExtensions")) {
659 r
= sd_bus_message_read_strv(message
, &extension_images
);
664 r
= sd_bus_message_read_strv(message
, &matches
);
668 r
= sd_bus_message_read(message
, "s", &profile
);
672 if (sd_bus_message_is_method_call(message
, NULL
, "ReattachImageWithExtensions") ||
673 sd_bus_message_is_method_call(message
, NULL
, "ReattachWithExtensions")) {
674 uint64_t input_flags
= 0;
676 r
= sd_bus_message_read(message
, "st", ©_mode
, &input_flags
);
680 if ((input_flags
& ~_PORTABLE_MASK_PUBLIC
) != 0)
681 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
,
682 "Invalid 'flags' parameter '%" PRIu64
"'",
684 flags
|= input_flags
;
688 r
= sd_bus_message_read(message
, "bs", &runtime
, ©_mode
);
693 flags
|= PORTABLE_RUNTIME
;
696 if (streq(copy_mode
, "symlink"))
697 flags
|= PORTABLE_PREFER_SYMLINK
;
698 else if (streq(copy_mode
, "copy"))
699 flags
|= PORTABLE_PREFER_COPY
;
700 else if (streq(copy_mode
, "mixed"))
701 flags
|= PORTABLE_MIXED_COPY_LINK
;
702 else if (!isempty(copy_mode
))
703 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
, "Unknown copy mode '%s'", copy_mode
);
705 r
= bus_image_acquire(m
,
709 BUS_IMAGE_AUTHENTICATE_ALL
,
710 "org.freedesktop.portable1.attach-images",
715 if (r
== 0) /* Will call us back */
719 sd_bus_message_get_bus(message
),
730 sd_bus_message_get_bus(message
),
735 /* image_policy= */ NULL
,
743 /* We want to return the list of units really removed by the detach,
744 * and not added again by the attach */
745 r
= normalize_portable_changes(changes_attached
, n_changes_attached
,
746 changes_detached
, n_changes_detached
,
747 &changes_gone
, &n_changes_gone
);
751 /* First, return the units that are gone (so that the caller can stop them)
752 * Then, return the units that are changed/added (so that the caller can
753 * start/restart/enable them) */
754 return reply_portable_changes_pair(message
,
755 changes_gone
, n_changes_gone
,
756 changes_attached
, n_changes_attached
);
759 static int bus_image_method_reattach(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
760 return bus_image_common_reattach(NULL
, message
, NULL
, userdata
, error
);
763 int bus_image_common_mark_read_only(
765 sd_bus_message
*message
,
766 const char *name_or_path
,
768 sd_bus_error
*error
) {
773 assert(name_or_path
|| image
);
780 r
= sd_bus_message_read(message
, "b", &read_only
);
784 r
= bus_image_acquire(m
,
788 BUS_IMAGE_AUTHENTICATE_ALL
,
789 "org.freedesktop.portable1.manage-images",
795 return 1; /* Will call us back */
797 r
= image_read_only(image
, read_only
);
801 return sd_bus_reply_method_return(message
, NULL
);
804 static int bus_image_method_mark_read_only(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
805 return bus_image_common_mark_read_only(NULL
, message
, NULL
, userdata
, error
);
808 int bus_image_common_set_limit(
810 sd_bus_message
*message
,
811 const char *name_or_path
,
813 sd_bus_error
*error
) {
819 assert(name_or_path
|| image
);
826 r
= sd_bus_message_read(message
, "t", &limit
);
829 if (!FILE_SIZE_VALID_OR_INFINITY(limit
))
830 return sd_bus_error_set(error
, SD_BUS_ERROR_INVALID_ARGS
, "New limit out of range");
832 r
= bus_image_acquire(m
,
836 BUS_IMAGE_AUTHENTICATE_ALL
,
837 "org.freedesktop.portable1.manage-images",
843 return 1; /* Will call us back */
845 r
= image_set_limit(image
, limit
);
849 return sd_bus_reply_method_return(message
, NULL
);
852 static int bus_image_method_set_limit(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
853 return bus_image_common_set_limit(NULL
, message
, NULL
, userdata
, error
);
856 const sd_bus_vtable image_vtable
[] = {
857 SD_BUS_VTABLE_START(0),
858 SD_BUS_PROPERTY("Name", "s", NULL
, offsetof(Image
, name
), 0),
859 SD_BUS_PROPERTY("Path", "s", NULL
, offsetof(Image
, path
), 0),
860 SD_BUS_PROPERTY("Type", "s", property_get_type
, offsetof(Image
, type
), 0),
861 SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool
, offsetof(Image
, read_only
), 0),
862 SD_BUS_PROPERTY("CreationTimestamp", "t", NULL
, offsetof(Image
, crtime
), 0),
863 SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL
, offsetof(Image
, mtime
), 0),
864 SD_BUS_PROPERTY("Usage", "t", NULL
, offsetof(Image
, usage
), 0),
865 SD_BUS_PROPERTY("Limit", "t", NULL
, offsetof(Image
, limit
), 0),
866 SD_BUS_PROPERTY("UsageExclusive", "t", NULL
, offsetof(Image
, usage_exclusive
), 0),
867 SD_BUS_PROPERTY("LimitExclusive", "t", NULL
, offsetof(Image
, limit_exclusive
), 0),
868 SD_BUS_METHOD_WITH_ARGS("GetOSRelease",
870 SD_BUS_RESULT("a{ss}", os_release
),
871 bus_image_method_get_os_release
,
872 SD_BUS_VTABLE_UNPRIVILEGED
),
873 SD_BUS_METHOD_WITH_ARGS("GetMetadata",
874 SD_BUS_ARGS("as", matches
),
875 SD_BUS_RESULT("s", image
,
878 bus_image_method_get_metadata
,
879 SD_BUS_VTABLE_UNPRIVILEGED
),
880 SD_BUS_METHOD_WITH_ARGS("GetMetadataWithExtensions",
881 SD_BUS_ARGS("as", extensions
,
884 SD_BUS_RESULT("s", image
,
886 "a{say}", extensions
,
888 bus_image_method_get_metadata
,
889 SD_BUS_VTABLE_UNPRIVILEGED
),
890 SD_BUS_METHOD_WITH_ARGS("GetState",
892 SD_BUS_RESULT("s", state
),
893 bus_image_method_get_state
,
894 SD_BUS_VTABLE_UNPRIVILEGED
),
895 SD_BUS_METHOD_WITH_ARGS("GetStateWithExtensions",
896 SD_BUS_ARGS("as", extensions
,
898 SD_BUS_RESULT("s", state
),
899 bus_image_method_get_state
,
900 SD_BUS_VTABLE_UNPRIVILEGED
),
901 SD_BUS_METHOD_WITH_ARGS("Attach",
902 SD_BUS_ARGS("as", matches
,
906 SD_BUS_RESULT("a(sss)", changes
),
907 bus_image_method_attach
,
908 SD_BUS_VTABLE_UNPRIVILEGED
),
909 SD_BUS_METHOD_WITH_ARGS("AttachWithExtensions",
910 SD_BUS_ARGS("as", extensions
,
915 SD_BUS_RESULT("a(sss)", changes
),
916 bus_image_method_attach
,
917 SD_BUS_VTABLE_UNPRIVILEGED
),
918 SD_BUS_METHOD_WITH_ARGS("Detach",
919 SD_BUS_ARGS("b", runtime
),
920 SD_BUS_RESULT("a(sss)", changes
),
921 bus_image_method_detach
,
922 SD_BUS_VTABLE_UNPRIVILEGED
),
923 SD_BUS_METHOD_WITH_ARGS("DetachWithExtensions",
924 SD_BUS_ARGS("as", extensions
,
926 SD_BUS_RESULT("a(sss)", changes
),
927 bus_image_method_detach
,
928 SD_BUS_VTABLE_UNPRIVILEGED
),
929 SD_BUS_METHOD_WITH_ARGS("Reattach",
930 SD_BUS_ARGS("as", matches
,
934 SD_BUS_RESULT("a(sss)", changes_removed
,
935 "a(sss)", changes_updated
),
936 bus_image_method_reattach
,
937 SD_BUS_VTABLE_UNPRIVILEGED
),
938 SD_BUS_METHOD_WITH_ARGS("ReattachWithExtensions",
939 SD_BUS_ARGS("as", extensions
,
944 SD_BUS_RESULT("a(sss)", changes_removed
,
945 "a(sss)", changes_updated
),
946 bus_image_method_reattach
,
947 SD_BUS_VTABLE_UNPRIVILEGED
),
948 SD_BUS_METHOD_WITH_ARGS("Remove",
951 bus_image_method_remove
,
952 SD_BUS_VTABLE_UNPRIVILEGED
),
953 SD_BUS_METHOD_WITH_ARGS("MarkReadOnly",
954 SD_BUS_ARGS("b", read_only
),
956 bus_image_method_mark_read_only
,
957 SD_BUS_VTABLE_UNPRIVILEGED
),
958 SD_BUS_METHOD_WITH_ARGS("SetLimit",
959 SD_BUS_ARGS("t", limit
),
961 bus_image_method_set_limit
,
962 SD_BUS_VTABLE_UNPRIVILEGED
),
963 /* Deprecated silly typo */
964 SD_BUS_METHOD_WITH_ARGS("ReattacheWithExtensions",
965 SD_BUS_ARGS("as", extensions
,
970 SD_BUS_RESULT("a(sss)", changes_removed
,
971 "a(sss)", changes_updated
),
972 bus_image_method_reattach
,
973 SD_BUS_VTABLE_UNPRIVILEGED
|SD_BUS_VTABLE_HIDDEN
),
977 int bus_image_path(Image
*image
, char **ret
) {
981 if (!image
->discoverable
)
984 return sd_bus_path_encode("/org/freedesktop/portable1/image", image
->name
, ret
);
987 int bus_image_acquire(
989 sd_bus_message
*message
,
990 const char *name_or_path
,
992 ImageAcquireMode mode
,
993 const char *polkit_action
,
995 sd_bus_error
*error
) {
997 _cleanup_(image_unrefp
) Image
*loaded
= NULL
;
1003 assert(name_or_path
|| image
);
1005 assert(mode
< _BUS_IMAGE_ACQUIRE_MODE_MAX
);
1006 assert(polkit_action
|| mode
== BUS_IMAGE_REFUSE_BY_PATH
);
1009 /* Acquires an 'Image' object if not acquired yet, and enforces necessary authentication while doing so. */
1011 if (mode
== BUS_IMAGE_AUTHENTICATE_ALL
) {
1012 r
= bus_verify_polkit_async(
1015 /* details= */ NULL
,
1016 &m
->polkit_registry
,
1020 if (r
== 0) { /* Will call us back */
1026 /* Already passed in? */
1032 /* Let's see if this image is already cached? */
1033 cached
= manager_image_cache_get(m
, name_or_path
);
1039 if (image_name_is_valid(name_or_path
)) {
1041 /* If it's a short name, let's search for it */
1042 r
= image_find(IMAGE_PORTABLE
, name_or_path
, NULL
, &loaded
);
1044 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PORTABLE_IMAGE
,
1045 "No image '%s' found.", name_or_path
);
1047 /* other errors are handled below… */
1049 /* Don't accept path if this is always forbidden */
1050 if (mode
== BUS_IMAGE_REFUSE_BY_PATH
)
1051 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
,
1052 "Expected image name, not path in place of '%s'.", name_or_path
);
1054 if (!path_is_absolute(name_or_path
))
1055 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
,
1056 "Image name '%s' is not valid or not a valid path.", name_or_path
);
1058 if (!path_is_normalized(name_or_path
))
1059 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
,
1060 "Image path '%s' is not normalized.", name_or_path
);
1062 if (mode
== BUS_IMAGE_AUTHENTICATE_BY_PATH
) {
1063 r
= bus_verify_polkit_async(
1066 /* details= */ NULL
,
1067 &m
->polkit_registry
,
1071 if (r
== 0) { /* Will call us back */
1077 r
= image_from_path(name_or_path
, &loaded
);
1079 if (r
== -EMEDIUMTYPE
) {
1080 sd_bus_error_setf(error
, BUS_ERROR_BAD_PORTABLE_IMAGE_TYPE
,
1081 "Type of image '%s' not recognized; supported image types are directories/btrfs subvolumes, block devices, and raw disk image files with suffix '.raw'.",
1088 /* Add what we just loaded to the cache. This has as side-effect that the object stays in memory until the
1089 * cache is purged again, i.e. at least for the current event loop iteration, which is all we need, and which
1090 * means we don't actually need to ref the return object. */
1091 r
= manager_image_cache_add(m
, loaded
);
1099 int bus_image_object_find(
1102 const char *interface
,
1105 sd_bus_error
*error
) {
1107 _cleanup_free_
char *e
= NULL
;
1108 Manager
*m
= userdata
;
1109 Image
*image
= NULL
;
1117 r
= sd_bus_path_decode(path
, "/org/freedesktop/portable1/image", &e
);
1123 /* The path is "/org/freedesktop/portable1/image" itself */
1126 r
= bus_image_acquire(m
, sd_bus_get_current_message(bus
), e
, NULL
, BUS_IMAGE_REFUSE_BY_PATH
, NULL
, &image
, error
);
1140 int bus_image_node_enumerator(sd_bus
*bus
, const char *path
, void *userdata
, char ***nodes
, sd_bus_error
*error
) {
1141 _cleanup_hashmap_free_ Hashmap
*images
= NULL
;
1142 _cleanup_strv_free_
char **l
= NULL
;
1143 Manager
*m
= userdata
;
1152 images
= hashmap_new(&image_hash_ops
);
1156 r
= manager_image_cache_discover(m
, images
, error
);
1160 HASHMAP_FOREACH(image
, images
) {
1163 r
= bus_image_path(image
, &p
);
1167 if (!GREEDY_REALLOC(l
, n
+2)) {
1176 *nodes
= TAKE_PTR(l
);
1181 const BusObjectImplementation image_object
= {
1182 "/org/freedesktop/portable1/image",
1183 "org.freedesktop.portable1.Image",
1184 .fallback_vtables
= BUS_FALLBACK_VTABLES({image_vtable
, bus_image_object_find
}),
1185 .node_enumerator
= bus_image_node_enumerator
,