tree-wide: use UINT64_MAX or friends

[thirdparty/systemd.git] / src / login / logind-dbus.c
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c

index d883288b254e394de66fe4e80e72c4ecdd298fd4..a539a2e9797d2e2a78336d32dbc52fa489a09434 100644 (file)
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -1,4 +1,4 @@
-/* SPDX-License-Identifier: LGPL-2.1+ */
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
  
  #include <errno.h>
  #include <sys/stat.h>
@@ -30,6 +30,7 @@
  #include "format-util.h"
  #include "fs-util.h"
  #include "logind-dbus.h"
+#include "logind-polkit.h"
  #include "logind-seat-dbus.h"
  #include "logind-session-dbus.h"
  #include "logind-user-dbus.h"
@@ -516,7 +517,6 @@ static int method_list_sessions(sd_bus_message *message, void *userdata, sd_bus_
          _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
          Manager *m = userdata;
          Session *session;
-        Iterator i;
          int r;
  
          assert(message);
@@ -530,7 +530,7 @@ static int method_list_sessions(sd_bus_message *message, void *userdata, sd_bus_
          if (r < 0)
                  return r;
  
-        HASHMAP_FOREACH(session, m->sessions, i) {
+        HASHMAP_FOREACH(session, m->sessions) {
                  _cleanup_free_ char *p = NULL;
  
                  p = session_bus_path(session);
@@ -558,7 +558,6 @@ static int method_list_users(sd_bus_message *message, void *userdata, sd_bus_err
          _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
          Manager *m = userdata;
          User *user;
-        Iterator i;
          int r;
  
          assert(message);
@@ -572,7 +571,7 @@ static int method_list_users(sd_bus_message *message, void *userdata, sd_bus_err
          if (r < 0)
                  return r;
  
-        HASHMAP_FOREACH(user, m->users, i) {
+        HASHMAP_FOREACH(user, m->users) {
                  _cleanup_free_ char *p = NULL;
  
                  p = user_bus_path(user);
@@ -598,7 +597,6 @@ static int method_list_seats(sd_bus_message *message, void *userdata, sd_bus_err
          _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
          Manager *m = userdata;
          Seat *seat;
-        Iterator i;
          int r;
  
          assert(message);
@@ -612,7 +610,7 @@ static int method_list_seats(sd_bus_message *message, void *userdata, sd_bus_err
          if (r < 0)
                  return r;
  
-        HASHMAP_FOREACH(seat, m->seats, i) {
+        HASHMAP_FOREACH(seat, m->seats) {
                  _cleanup_free_ char *p = NULL;
  
                  p = seat_bus_path(seat);
@@ -635,7 +633,6 @@ static int method_list_inhibitors(sd_bus_message *message, void *userdata, sd_bu
          _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
          Manager *m = userdata;
          Inhibitor *inhibitor;
-        Iterator i;
          int r;
  
          assert(message);
@@ -649,7 +646,7 @@ static int method_list_inhibitors(sd_bus_message *message, void *userdata, sd_bu
          if (r < 0)
                  return r;
  
-        HASHMAP_FOREACH(inhibitor, m->inhibitors, i) {
+        HASHMAP_FOREACH(inhibitor, m->inhibitors) {
  
                  r = sd_bus_message_append(reply, "(ssssuu)",
                                            strempty(inhibit_what_to_string(inhibitor->what)),
@@ -1051,15 +1048,7 @@ static int method_activate_session_on_seat(sd_bus_message *message, void *userda
                  return sd_bus_error_setf(error, BUS_ERROR_SESSION_NOT_ON_SEAT,
                                           "Session %s not on seat %s", session_name, seat_name);
  
-        r = bus_verify_polkit_async(
-                        message,
-                        CAP_SYS_ADMIN,
-                        "org.freedesktop.login1.chvt",
-                        NULL,
-                        false,
-                        UID_INVALID,
-                        &m->polkit_registry,
-                        error);
+        r = check_polkit_chvt(message, m, error);
          if (r < 0)
                  return r;
          if (r == 0)
@@ -1361,7 +1350,7 @@ static int attach_device(Manager *m, const char *seat, const char *sysfs) {
          if (r < 0)
                  return r;
  
-        if (sd_device_has_tag(d, "seat") <= 0)
+        if (sd_device_has_current_tag(d, "seat") <= 0)
                  return -ENODEV;
  
          if (sd_device_get_property_value(d, "ID_FOR_SEAT", &id_for_seat) < 0)
@@ -1499,13 +1488,12 @@ static int have_multiple_sessions(
                  uid_t uid) {
  
          Session *session;
-        Iterator i;
  
          assert(m);
  
          /* Check for other users' sessions. Greeter sessions do not
           * count, and non-login sessions do not count either. */
-        HASHMAP_FOREACH(session, m->sessions, i)
+        HASHMAP_FOREACH(session, m->sessions)
                  if (session->class == SESSION_USER &&
                      session->user->user_record->uid != uid)
                          return true;
@@ -1649,7 +1637,7 @@ static int execute_shutdown_or_sleep(
          m->action_what = w;
  
          /* Make sure the lid switch is ignored for a while */
-        manager_set_lid_switch_ignore(m, now(CLOCK_MONOTONIC) + m->holdoff_timeout_usec);
+        manager_set_lid_switch_ignore(m, usec_add(now(CLOCK_MONOTONIC), m->holdoff_timeout_usec));
  
          return 0;
  
@@ -1798,14 +1786,14 @@ static int verify_shutdown_creds(
                  Manager *m,
                  sd_bus_message *message,
                  InhibitWhat w,
-                bool interactive,
                  const char *action,
                  const char *action_multiple_sessions,
                  const char *action_ignore_inhibit,
+                uint64_t flags,
                  sd_bus_error *error) {
  
          _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
-        bool multiple_sessions, blocked;
+        bool multiple_sessions, blocked, interactive;
          uid_t uid;
          int r;
  
@@ -1828,6 +1816,7 @@ static int verify_shutdown_creds(
  
          multiple_sessions = r > 0;
          blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL);
+        interactive = flags & SD_LOGIND_INTERACTIVE;
  
          if (multiple_sessions && action_multiple_sessions) {
                  r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_multiple_sessions, NULL, interactive, UID_INVALID, &m->polkit_registry, error);
@@ -1837,12 +1826,19 @@ static int verify_shutdown_creds(
                          return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
          }
  
-        if (blocked && action_ignore_inhibit) {
-                r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_ignore_inhibit, NULL, interactive, UID_INVALID, &m->polkit_registry, error);
-                if (r < 0)
-                        return r;
-                if (r == 0)
-                        return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+        if (blocked) {
+                /* We don't check polkit for root here, because you can't be more privileged than root */
+                if (uid == 0 && (flags & SD_LOGIND_ROOT_CHECK_INHIBITORS))
+                        return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED,
+                                                 "Access denied to root due to active block inhibitor");
+
+                if (action_ignore_inhibit) {
+                        r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_ignore_inhibit, NULL, interactive, UID_INVALID, &m->polkit_registry, error);
+                        if (r < 0)
+                                return r;
+                        if (r == 0)
+                                return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+                }
          }
  
          if (!multiple_sessions && !blocked && action) {
@@ -1865,9 +1861,11 @@ static int method_do_shutdown_or_sleep(
                  const char *action_multiple_sessions,
                  const char *action_ignore_inhibit,
                  const char *sleep_verb,
+                bool with_flags,
                  sd_bus_error *error) {
  
-        int interactive, r;
+        uint64_t flags;
+        int r;
  
          assert(m);
          assert(message);
@@ -1875,9 +1873,25 @@ static int method_do_shutdown_or_sleep(
          assert(w >= 0);
          assert(w <= _INHIBIT_WHAT_MAX);
  
-        r = sd_bus_message_read(message, "b", &interactive);
-        if (r < 0)
-                return r;
+        if (with_flags) {
+                /* New style method: with flags parameter (and interactive bool in the bus message header) */
+                r = sd_bus_message_read(message, "t", &flags);
+                if (r < 0)
+                        return r;
+                if ((flags & ~SD_LOGIND_SHUTDOWN_AND_SLEEP_FLAGS_PUBLIC) != 0)
+                        return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid flags parameter");
+        } else {
+                /* Old style method: no flags parameter, but interactive bool passed as boolean in
+                 * payload. Let's convert this argument to the new-style flags parameter for our internal
+                 * use. */
+                int interactive;
+
+                r = sd_bus_message_read(message, "b", &interactive);
+                if (r < 0)
+                        return r;
+
+                flags = interactive ? SD_LOGIND_INTERACTIVE : 0;
+        }
  
          /* Don't allow multiple jobs being executed at the same time */
          if (m->action_what > 0)
@@ -1896,8 +1910,8 @@ static int method_do_shutdown_or_sleep(
                          return r;
          }
  
-        r = verify_shutdown_creds(m, message, w, interactive, action, action_multiple_sessions,
-                                  action_ignore_inhibit, error);
+        r = verify_shutdown_creds(m, message, w, action, action_multiple_sessions,
+                                  action_ignore_inhibit, flags, error);
          if (r != 0)
                  return r;
  
@@ -1919,6 +1933,7 @@ static int method_poweroff(sd_bus_message *message, void *userdata, sd_bus_error
                          "org.freedesktop.login1.power-off-multiple-sessions",
                          "org.freedesktop.login1.power-off-ignore-inhibit",
                          NULL,
+                        sd_bus_message_is_method_call(message, NULL, "PowerOffWithFlags"),
                          error);
  }
  
@@ -1933,6 +1948,7 @@ static int method_reboot(sd_bus_message *message, void *userdata, sd_bus_error *
                          "org.freedesktop.login1.reboot-multiple-sessions",
                          "org.freedesktop.login1.reboot-ignore-inhibit",
                          NULL,
+                        sd_bus_message_is_method_call(message, NULL, "RebootWithFlags"),
                          error);
  }
  
@@ -1947,6 +1963,7 @@ static int method_halt(sd_bus_message *message, void *userdata, sd_bus_error *er
                          "org.freedesktop.login1.halt-multiple-sessions",
                          "org.freedesktop.login1.halt-ignore-inhibit",
                          NULL,
+                        sd_bus_message_is_method_call(message, NULL, "HaltWithFlags"),
                          error);
  }
  
@@ -1961,6 +1978,7 @@ static int method_suspend(sd_bus_message *message, void *userdata, sd_bus_error
                          "org.freedesktop.login1.suspend-multiple-sessions",
                          "org.freedesktop.login1.suspend-ignore-inhibit",
                          "suspend",
+                        sd_bus_message_is_method_call(message, NULL, "SuspendWithFlags"),
                          error);
  }
  
@@ -1975,6 +1993,7 @@ static int method_hibernate(sd_bus_message *message, void *userdata, sd_bus_erro
                          "org.freedesktop.login1.hibernate-multiple-sessions",
                          "org.freedesktop.login1.hibernate-ignore-inhibit",
                          "hibernate",
+                        sd_bus_message_is_method_call(message, NULL, "HibernateWithFlags"),
                          error);
  }
  
@@ -1989,6 +2008,7 @@ static int method_hybrid_sleep(sd_bus_message *message, void *userdata, sd_bus_e
                          "org.freedesktop.login1.hibernate-multiple-sessions",
                          "org.freedesktop.login1.hibernate-ignore-inhibit",
                          "hybrid-sleep",
+                        sd_bus_message_is_method_call(message, NULL, "HybridSleepWithFlags"),
                          error);
  }
  
@@ -2003,6 +2023,7 @@ static int method_suspend_then_hibernate(sd_bus_message *message, void *userdata
                          "org.freedesktop.login1.hibernate-multiple-sessions",
                          "org.freedesktop.login1.hibernate-ignore-inhibit",
                          "hybrid-sleep",
+                        sd_bus_message_is_method_call(message, NULL, "SuspendThenHibernateWithFlags"),
                          error);
  }
  
@@ -2190,8 +2211,8 @@ static int method_schedule_shutdown(sd_bus_message *message, void *userdata, sd_
          } else
                  return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unsupported shutdown type");
  
-        r = verify_shutdown_creds(m, message, INHIBIT_SHUTDOWN, false,
-                                  action, action_multiple_sessions, action_ignore_inhibit, error);
+        r = verify_shutdown_creds(m, message, INHIBIT_SHUTDOWN, action, action_multiple_sessions,
+                                  action_ignore_inhibit, 0, error);
          if (r != 0)
                  return r;
  
@@ -3200,7 +3221,6 @@ static int method_inhibit(sd_bus_message *message, void *userdata, sd_bus_error
          _cleanup_free_ char *id = NULL;
          _cleanup_close_ int fifo_fd = -1;
          Manager *m = userdata;
-        Inhibitor *i = NULL;
          InhibitMode mm;
          InhibitWhat w;
          pid_t pid;
@@ -3245,6 +3265,7 @@ static int method_inhibit(sd_bus_message *message, void *userdata, sd_bus_error
                          w == INHIBIT_IDLE                 ? "org.freedesktop.login1.inhibit-block-idle" :
                          w == INHIBIT_HANDLE_POWER_KEY     ? "org.freedesktop.login1.inhibit-handle-power-key" :
                          w == INHIBIT_HANDLE_SUSPEND_KEY   ? "org.freedesktop.login1.inhibit-handle-suspend-key" :
+                        w == INHIBIT_HANDLE_REBOOT_KEY    ? "org.freedesktop.login1.inhibit-handle-reboot-key" :
                          w == INHIBIT_HANDLE_HIBERNATE_KEY ? "org.freedesktop.login1.inhibit-handle-hibernate-key" :
                                                              "org.freedesktop.login1.inhibit-handle-lid-switch",
                          NULL,
@@ -3282,6 +3303,7 @@ static int method_inhibit(sd_bus_message *message, void *userdata, sd_bus_error
  
          } while (hashmap_get(m->inhibitors, id));
  
+        _cleanup_(inhibitor_freep) Inhibitor *i = NULL;
          r = manager_add_inhibitor(m, id, &i);
          if (r < 0)
                  return r;
@@ -3293,28 +3315,19 @@ static int method_inhibit(sd_bus_message *message, void *userdata, sd_bus_error
          i->why = strdup(why);
          i->who = strdup(who);
  
-        if (!i->why || !i->who) {
-                r = -ENOMEM;
-                goto fail;
-        }
+        if (!i->why || !i->who)
+                return -ENOMEM;
  
          fifo_fd = inhibitor_create_fifo(i);
-        if (fifo_fd < 0) {
-                r = fifo_fd;
-                goto fail;
-        }
+        if (fifo_fd < 0)
+                return fifo_fd;
  
          r = inhibitor_start(i);
          if (r < 0)
-                goto fail;
+                return r;
+        TAKE_PTR(i);
  
          return sd_bus_reply_method_return(message, "h", fifo_fd);
-
-fail:
-        if (i)
-                inhibitor_free(i);
-
-        return r;
  }
  
  static const sd_bus_vtable manager_vtable[] = {
@@ -3551,42 +3564,84 @@ static const sd_bus_vtable manager_vtable[] = {
                                   NULL,,
                                   method_poweroff,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("PowerOffWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_poweroff,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("Reboot",
                                   "b",
                                   SD_BUS_PARAM(interactive),
                                   NULL,,
                                   method_reboot,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("RebootWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_reboot,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("Halt",
                                   "b",
                                   SD_BUS_PARAM(interactive),
                                   NULL,,
                                   method_halt,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("HaltWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_halt,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("Suspend",
                                   "b",
                                   SD_BUS_PARAM(interactive),
                                   NULL,,
                                   method_suspend,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("SuspendWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_suspend,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("Hibernate",
                                   "b",
                                   SD_BUS_PARAM(interactive),
                                   NULL,,
                                   method_hibernate,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("HibernateWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_hibernate,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("HybridSleep",
                                   "b",
                                   SD_BUS_PARAM(interactive),
                                   NULL,,
                                   method_hybrid_sleep,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("HybridSleepWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_hybrid_sleep,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("SuspendThenHibernate",
                                   "b",
                                   SD_BUS_PARAM(interactive),
                                   NULL,,
                                   method_suspend_then_hibernate,
                                   SD_BUS_VTABLE_UNPRIVILEGED),
+        SD_BUS_METHOD_WITH_NAMES("SuspendThenHibernateWithFlags",
+                                 "t",
+                                 SD_BUS_PARAM(flags),
+                                 NULL,,
+                                 method_suspend_then_hibernate,
+                                 SD_BUS_VTABLE_UNPRIVILEGED),
          SD_BUS_METHOD_WITH_NAMES("CanPowerOff",
                                   NULL,,
                                   "s",
@@ -3900,7 +3955,6 @@ int match_properties_changed(sd_bus_message *message, void *userdata, sd_bus_err
  int match_reloading(sd_bus_message *message, void *userdata, sd_bus_error *error) {
          Manager *m = userdata;
          Session *session;
-        Iterator i;
          int b, r;
  
          assert(message);
@@ -3918,7 +3972,7 @@ int match_reloading(sd_bus_message *message, void *userdata, sd_bus_error *error
          /* systemd finished reloading, let's recheck all our sessions */
          log_debug("System manager has been reloaded, rechecking sessions...");
  
-        HASHMAP_FOREACH(session, m->sessions, i)
+        HASHMAP_FOREACH(session, m->sessions)
                  session_add_to_gc_queue(session);
  
          return 0;
@@ -4030,7 +4084,7 @@ int manager_start_scope(
                  return r;
  
          /* disable TasksMax= for the session scope, rely on the slice setting for it */
-        r = sd_bus_message_append(m, "(sv)", "TasksMax", "t", (uint64_t)-1);
+        r = sd_bus_message_append(m, "(sv)", "TasksMax", "t", UINT64_MAX);
          if (r < 0)
                  return bus_log_create_error(r);
  
@@ -4077,13 +4131,13 @@ int manager_start_unit(Manager *manager, const char *unit, sd_bus_error *error,
          return strdup_job(reply, job);
  }
  
-int manager_stop_unit(Manager *manager, const char *unit, sd_bus_error *error, char **job) {
+int manager_stop_unit(Manager *manager, const char *unit, const char *job_mode, sd_bus_error *error, char **ret_job) {
          _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
          int r;
  
          assert(manager);
          assert(unit);
-        assert(job);
+        assert(ret_job);
  
          r = bus_call_method(
                          manager->bus,
@@ -4091,12 +4145,12 @@ int manager_stop_unit(Manager *manager, const char *unit, sd_bus_error *error, c
                          "StopUnit",
                          error,
                          &reply,
-                        "ss", unit, "fail");
+                        "ss", unit, job_mode ?: "fail");
          if (r < 0) {
                  if (sd_bus_error_has_names(error, BUS_ERROR_NO_SUCH_UNIT,
                                                    BUS_ERROR_LOAD_FAILED)) {
  
-                        *job = NULL;
+                        *ret_job = NULL;
                          sd_bus_error_free(error);
                          return 0;
                  }
@@ -4104,7 +4158,7 @@ int manager_stop_unit(Manager *manager, const char *unit, sd_bus_error *error, c
                  return r;
          }
  
-        return strdup_job(reply, job);
+        return strdup_job(reply, ret_job);
  }
  
  int manager_abandon_scope(Manager *manager, const char *scope, sd_bus_error *ret_error) {