#include "io-util.h"
#include "ioprio-util.h"
#include "journal-file.h"
+#include "load-fragment.h"
#include "memstream-util.h"
#include "missing_ioprio.h"
#include "mountpoint-util.h"
return sd_bus_message_close_container(reply);
}
+static int property_get_import_credential(
+ sd_bus *bus,
+ const char *path,
+ const char *interface,
+ const char *property,
+ sd_bus_message *reply,
+ void *userdata,
+ sd_bus_error *error) {
+
+ ExecContext *c = ASSERT_PTR(userdata);
+ const char *s;
+ int r;
+
+ assert(bus);
+ assert(property);
+ assert(reply);
+
+ r = sd_bus_message_open_container(reply, 'a', "s");
+ if (r < 0)
+ return r;
+
+ SET_FOREACH(s, c->import_credentials) {
+ r = sd_bus_message_append(reply, "s", s);
+ if (r < 0)
+ return r;
+ }
+
+ return sd_bus_message_close_container(reply);
+}
+
static int property_get_root_hash(
sd_bus *bus,
const char *path,
SD_BUS_PROPERTY("SetCredentialEncrypted", "a(say)", property_get_set_credential, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("LoadCredential", "a(ss)", property_get_load_credential, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("LoadCredentialEncrypted", "a(ss)", property_get_load_credential, 0, SD_BUS_VTABLE_PROPERTY_CONST),
+ SD_BUS_PROPERTY("ImportCredential", "as", property_get_import_credential, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SupplementaryGroups", "as", NULL, offsetof(ExecContext, supplementary_groups), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("PAMName", "s", NULL, offsetof(ExecContext, pam_name), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("ReadWritePaths", "as", NULL, offsetof(ExecContext, read_write_paths), SD_BUS_VTABLE_PROPERTY_CONST),
isempty = false;
if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
- _cleanup_free_ char *copy = NULL;
- ExecLoadCredential *old;
+ bool encrypted = streq(name, "LoadCredentialEncrypted");
- copy = strdup(source);
- if (!copy)
- return -ENOMEM;
+ r = hashmap_put_credential(&c->load_credentials, id, source, encrypted);
+ if (r < 0)
+ return r;
- old = hashmap_get(c->load_credentials, id);
- if (old) {
- free_and_replace(old->path, copy);
- old->encrypted = streq(name, "LoadCredentialEncrypted");
- } else {
- _cleanup_(exec_load_credential_freep) ExecLoadCredential *lc = NULL;
+ (void) unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "%s=%s:%s", name, id, source);
+ }
+ }
- lc = new(ExecLoadCredential, 1);
- if (!lc)
- return -ENOMEM;
+ r = sd_bus_message_exit_container(message);
+ if (r < 0)
+ return r;
- *lc = (ExecLoadCredential) {
- .id = strdup(id),
- .path = TAKE_PTR(copy),
- .encrypted = streq(name, "LoadCredentialEncrypted"),
- };
+ if (!UNIT_WRITE_FLAGS_NOOP(flags) && isempty) {
+ c->load_credentials = hashmap_free(c->load_credentials);
+ (void) unit_write_settingf(u, flags, name, "%s=", name);
+ }
- if (!lc->id)
- return -ENOMEM;
+ return 1;
- r = hashmap_ensure_put(&c->load_credentials, &exec_load_credential_hash_ops, lc->id, lc);
- if (r < 0)
- return r;
+ } else if (streq(name, "ImportCredential")) {
+ bool isempty = true;
- TAKE_PTR(lc);
- }
+ r = sd_bus_message_enter_container(message, 'a', "s");
+ if (r < 0)
+ return r;
- (void) unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "%s=%s:%s", name, id, source);
+ for (;;) {
+ const char *s;
+
+ r = sd_bus_message_read(message, "s", &s);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ break;
+
+ if (!filename_is_valid(s))
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Credential name is invalid: %s", s);
+
+ isempty = false;
+
+ if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
+ r = set_put_strdup(&c->import_credentials, s);
+ if (r < 0)
+ return r;
+
+ (void) unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "%s=%s", name, s);
}
}
return r;
if (!UNIT_WRITE_FLAGS_NOOP(flags) && isempty) {
- c->load_credentials = hashmap_free(c->load_credentials);
+ c->import_credentials = set_free(c->import_credentials);
(void) unit_write_settingf(u, flags, name, "%s=", name);
}