user->gc_mode = USER_GC_BY_PIN;
if (!isempty(tty)) {
- session->tty = strdup(tty);
- if (!session->tty) {
- r = -ENOMEM;
+ r = strdup_to(&session->tty, tty);
+ if (r < 0)
goto fail;
- }
session->tty_validity = TTY_FROM_PAM;
}
if (!isempty(display)) {
- session->display = strdup(display);
- if (!session->display) {
- r = -ENOMEM;
+ r = strdup_to(&session->display, display);
+ if (r < 0)
goto fail;
- }
}
if (!isempty(remote_user)) {
- session->remote_user = strdup(remote_user);
- if (!session->remote_user) {
- r = -ENOMEM;
+ r = strdup_to(&session->remote_user, remote_user);
+ if (r < 0)
goto fail;
- }
}
if (!isempty(remote_host)) {
- session->remote_host = strdup(remote_host);
- if (!session->remote_host) {
- r = -ENOMEM;
+ r = strdup_to(&session->remote_host, remote_host);
+ if (r < 0)
goto fail;
- }
}
if (!isempty(service)) {
- session->service = strdup(service);
- if (!session->service) {
- r = -ENOMEM;
+ r = strdup_to(&session->service, service);
+ if (r < 0)
goto fail;
- }
}
if (!isempty(desktop)) {
- session->desktop = strdup(desktop);
- if (!session->desktop) {
- r = -ENOMEM;
+ r = strdup_to(&session->desktop, desktop);
+ if (r < 0)
goto fail;
- }
}
if (seat) {
uid == auth_uid ? "org.freedesktop.login1.set-self-linger" :
"org.freedesktop.login1.set-user-linger",
/* details= */ NULL,
- interactive,
/* good_user= */ UID_INVALID,
+ interactive ? POLKIT_ALLOW_INTERACTIVE : 0,
&m->polkit_registry,
error);
if (r < 0)
message,
"org.freedesktop.login1.attach-device",
/* details= */ NULL,
- interactive,
/* good_user= */ UID_INVALID,
+ interactive ? POLKIT_ALLOW_INTERACTIVE : 0,
&m->polkit_registry,
error);
if (r < 0)
message,
"org.freedesktop.login1.flush-devices",
/* details= */ NULL,
- interactive,
/* good_user= */ UID_INVALID,
+ interactive ? POLKIT_ALLOW_INTERACTIVE : 0,
&m->polkit_registry,
error);
if (r < 0)
/* Check for other users' sessions. Greeter sessions do not
* count, and non-login sessions do not count either. */
HASHMAP_FOREACH(session, m->sessions)
- if (session->class == SESSION_USER &&
+ if (IN_SET(session->class, SESSION_USER, SESSION_USER_EARLY) &&
session->user->user_record->uid != uid)
return true;
message,
a->polkit_action_multiple_sessions,
/* details= */ NULL,
- interactive,
/* good_user= */ UID_INVALID,
+ interactive ? POLKIT_ALLOW_INTERACTIVE : 0,
&m->polkit_registry,
error);
if (r < 0)
message,
a->polkit_action_ignore_inhibit,
/* details= */ NULL,
- interactive,
/* good_user= */ UID_INVALID,
+ interactive ? POLKIT_ALLOW_INTERACTIVE : 0,
&m->polkit_registry,
error);
if (r < 0)
message,
a->polkit_action,
/* details= */ NULL,
- interactive,
/* good_user= */ UID_INVALID,
+ interactive ? POLKIT_ALLOW_INTERACTIVE : 0,
&m->polkit_registry,
error);
if (r < 0)
Manager *manager,
const char *scope,
const PidRef *pidref,
+ bool allow_pidfd,
const char *slice,
const char *description,
const char * const *requires,
if (r < 0)
return r;
- r = bus_append_scope_pidref(m, pidref);
+ r = bus_append_scope_pidref(m, pidref, allow_pidfd);
if (r < 0)
return r;
return r;
r = sd_bus_call(manager->bus, m, 0, error, &reply);
- if (r < 0)
+ if (r < 0) {
+ /* If this failed with a property we couldn't write, this is quite likely because the server
+ * doesn't support PIDFDs yet, let's try without. */
+ if (allow_pidfd &&
+ sd_bus_error_has_names(error, SD_BUS_ERROR_UNKNOWN_PROPERTY, SD_BUS_ERROR_PROPERTY_READ_ONLY))
+ return manager_start_scope(
+ manager,
+ scope,
+ pidref,
+ /* allow_pidfd = */ false,
+ slice,
+ description,
+ requires,
+ extra_after,
+ requires_mounts_for,
+ more_properties,
+ error,
+ ret_job);
+
return r;
+ }
return strdup_job(reply, ret_job);
}