[thirdparty/systemd.git] / src / bus-proxyd / bus-proxyd.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering
  Copyright 2013 Daniel Mack
  Copyright 2014 Kay Sievers
  Copyright 2015 David Herrmann

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <getopt.h>
#include <pthread.h>
#include <stddef.h>
#include <string.h>
#include <sys/prctl.h>
#include <sys/socket.h>
#include <unistd.h>

#include "sd-daemon.h"

#include "bus-internal.h"
#include "bus-xml-policy.h"
#include "capability-util.h"
#include "def.h"
#include "fd-util.h"
#include "formats-util.h"
#include "log.h"
#include "proxy.h"
#include "string-util.h"
#include "strv.h"
#include "user-util.h"
#include "util.h"

static char *arg_address = NULL;
static char **arg_configuration = NULL;

typedef struct {
        int fd;
        SharedPolicy *policy;
        uid_t bus_uid;
} ClientContext;

static ClientContext *client_context_free(ClientContext *c) {
        if (!c)
                return NULL;

        safe_close(c->fd);
        free(c);

        return NULL;
}

DEFINE_TRIVIAL_CLEANUP_FUNC(ClientContext*, client_context_free);

static int client_context_new(ClientContext **out) {
        _cleanup_(client_context_freep) ClientContext *c = NULL;

        c = new0(ClientContext, 1);
        if (!c)
                return -ENOMEM;

        c->fd = -1;

        *out = c;
        c = NULL;
        return 0;
}

static void *run_client(void *userdata) {
        _cleanup_(client_context_freep) ClientContext *c = userdata;
        _cleanup_(proxy_freep) Proxy *p = NULL;
        char comm[16];
        int r;

        r = proxy_new(&p, c->fd, c->fd, arg_address);
        c->fd = -1;

        if (r < 0)
                goto exit;

        /* set comm to "p$PIDu$UID" and suffix with '*' if truncated */
        r = snprintf(comm, sizeof(comm), "p" PID_FMT "u" UID_FMT, p->local_creds.pid, p->local_creds.uid);
        if (r >= (ssize_t)sizeof(comm))
                comm[sizeof(comm) - 2] = '*';
        (void) prctl(PR_SET_NAME, comm);

        r = proxy_set_policy(p, c->policy, arg_configuration);
        if (r < 0)
                goto exit;

        r = proxy_hello_policy(p, c->bus_uid);
        if (r < 0)
                goto exit;

        r = proxy_run(p);

exit:
        return NULL;
}

static int loop_clients(int accept_fd, uid_t bus_uid) {
        _cleanup_(shared_policy_freep) SharedPolicy *sp = NULL;
        pthread_attr_t attr;
        int r;

        r = pthread_attr_init(&attr);
        if (r != 0)
                return log_error_errno(r, "Cannot initialize pthread attributes: %m");

        r = pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
        if (r != 0) {
                r = log_error_errno(r, "Cannot mark pthread attributes as detached: %m");
                goto finish;
        }

        r = shared_policy_new(&sp);
        if (r < 0)
                goto finish;

        for (;;) {
                ClientContext *c;
                pthread_t tid;
                int fd;

                fd = accept4(accept_fd, NULL, NULL, SOCK_NONBLOCK | SOCK_CLOEXEC);
                if (fd < 0) {
                        if (errno == EAGAIN || errno == EINTR)
                                continue;

                        r = log_error_errno(errno, "accept4() failed: %m");
                        goto finish;
                }

                r = client_context_new(&c);
                if (r < 0) {
                        log_oom();
                        close(fd);
                        continue;
                }

                c->fd = fd;
                c->policy = sp;
                c->bus_uid = bus_uid;

                r = pthread_create(&tid, &attr, run_client, c);
                if (r != 0) {
                        log_warning_errno(r, "Cannot spawn thread, ignoring: %m");
                        client_context_free(c);
                        continue;
                }
        }

finish:
        pthread_attr_destroy(&attr);
        return r;
}

static int help(void) {

        printf("%s [OPTIONS...]\n\n"
               "DBus proxy server.\n\n"
               "  -h --help               Show this help\n"
               "     --version            Show package version\n"
               "     --configuration=PATH Configuration file or directory\n"
               "     --machine=MACHINE    Connect to specified machine\n"
               "     --address=ADDRESS    Connect to the bus specified by ADDRESS\n"
               "                          (default: " DEFAULT_SYSTEM_BUS_ADDRESS ")\n",
               program_invocation_short_name);

        return 0;
}

static int parse_argv(int argc, char *argv[]) {

        enum {
                ARG_VERSION = 0x100,
                ARG_ADDRESS,
                ARG_CONFIGURATION,
                ARG_MACHINE,
        };

        static const struct option options[] = {
                { "help",            no_argument,       NULL, 'h'                 },
                { "version",         no_argument,       NULL, ARG_VERSION         },
                { "address",         required_argument, NULL, ARG_ADDRESS         },
                { "configuration",   required_argument, NULL, ARG_CONFIGURATION   },
                { "machine",         required_argument, NULL, ARG_MACHINE         },
                {},
        };

        int c, r;

        assert(argc >= 0);
        assert(argv);

        while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)

                switch (c) {

                case 'h':
                        help();
                        return 0;

                case ARG_VERSION:
                        return version();

                case ARG_ADDRESS:
                        r = free_and_strdup(&arg_address, optarg);
                        if (r < 0)
                                return log_oom();
                        break;

                case ARG_CONFIGURATION:
                        r = strv_extend(&arg_configuration, optarg);
                        if (r < 0)
                                return log_oom();
                        break;

                case ARG_MACHINE: {
                        _cleanup_free_ char *e = NULL;
                        char *a;

                        e = bus_address_escape(optarg);
                        if (!e)
                                return log_oom();

                        a = strjoin("x-machine-kernel:machine=", e, ";x-machine-unix:machine=", e, NULL);
                        if (!a)
                                return log_oom();

                        free(arg_address);
                        arg_address = a;

                        break;
                }

                case '?':
                        return -EINVAL;

                default:
                        assert_not_reached("Unhandled option");
                }

        if (argc > optind) {
                log_error("Too many arguments");
                return -EINVAL;
        }

        if (!arg_address) {
                arg_address = strdup(DEFAULT_SYSTEM_BUS_ADDRESS);
                if (!arg_address)
                        return log_oom();
        }

        return 1;
}

int main(int argc, char *argv[]) {
        int r, accept_fd;
        uid_t uid, bus_uid;
        gid_t gid;

        log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
        log_parse_environment();
        log_open();

        bus_uid = getuid();

        if (geteuid() == 0) {
                const char *user = "systemd-bus-proxy";

                r = get_user_creds(&user, &uid, &gid, NULL, NULL);
                if (r < 0) {
                        log_error_errno(r, "Cannot resolve user name %s: %m", user);
                        goto finish;
                }

                r = drop_privileges(uid, gid, 1ULL << CAP_IPC_OWNER);
                if (r < 0) {
                        log_error_errno(r, "Cannot drop privileges: %m");
                        goto finish;
                }
        }

        r = parse_argv(argc, argv);
        if (r <= 0)
                goto finish;

        r = sd_listen_fds(0);
        if (r != 1) {
                log_error("Illegal number of file descriptors passed");
                goto finish;
        }

        accept_fd = SD_LISTEN_FDS_START;

        r = fd_nonblock(accept_fd, false);
        if (r < 0) {
                log_error_errno(r, "Cannot mark accept-fd non-blocking: %m");
                goto finish;
        }

        r = loop_clients(accept_fd, bus_uid);

finish:
        sd_notify(false,
                  "STOPPING=1\n"
                  "STATUS=Shutting down.");

        strv_free(arg_configuration);
        free(arg_address);

        return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}
Commit	Line	Data
a8f11321 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
dc780ecf KS	7	Copyright 2013 Daniel Mack
dc780ecf KS	8	Copyright 2014 Kay Sievers
a8a1a43f	9	Copyright 2015 David Herrmann
a8f11321 LP	10
a8f11321 LP	11	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	12	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	13	the Free Software Foundation; either version 2.1 of the License, or
a8f11321 LP	14	(at your option) any later version.
	15
	16	systemd is distributed in the hope that it will be useful, but
	17	WITHOUT ANY WARRANTY; without even the implied warranty of
	18	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	19	Lesser General Public License for more details.
a8f11321	20
5430f7f2	21	You should have received a copy of the GNU Lesser General Public License
a8f11321 LP	22	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	23	***/
	24
a8f11321	25	#include <errno.h>
71008e18	26	#include <getopt.h>
a8a1a43f	27	#include <pthread.h>
3f6fd1ba LP	28	#include <stddef.h>
	29	#include <string.h>
	30	#include <sys/prctl.h>
	31	#include <sys/socket.h>
	32	#include <unistd.h>
a8f11321	33
d51539b1	34	#include "sd-daemon.h"
3f6fd1ba	35
d51539b1	36	#include "bus-internal.h"
3c70e3bb	37	#include "bus-xml-policy.h"
430f0182	38	#include "capability-util.h"
3f6fd1ba	39	#include "def.h"
3ffd4af2	40	#include "fd-util.h"
6482f626	41	#include "formats-util.h"
3f6fd1ba LP	42	#include "log.h"
3f6fd1ba LP	43	#include "proxy.h"
07630cea	44	#include "string-util.h"
3f6fd1ba	45	#include "strv.h"
b1d4f8e1	46	#include "user-util.h"
3f6fd1ba	47	#include "util.h"
71008e18	48
7f0d207d	49	static char *arg_address = NULL;
2e2b3608	50	static char **arg_configuration = NULL;
0721804f	51
a8a1a43f DH	52	typedef struct {
a8a1a43f DH	53	int fd;
c4bc1a84	54	SharedPolicy *policy;
d340f820	55	uid_t bus_uid;
a8a1a43f DH	56	} ClientContext;
	57
	58	static ClientContext client_context_free(ClientContext c) {
	59	if (!c)
	60	return NULL;
	61
95eb099f	62	safe_close(c->fd);
a8a1a43f DH	63	free(c);
	64
	65	return NULL;
	66	}
	67
	68	DEFINE_TRIVIAL_CLEANUP_FUNC(ClientContext*, client_context_free);
	69
c4bc1a84	70	static int client_context_new(ClientContext **out) {
a8a1a43f DH	71	_cleanup_(client_context_freep) ClientContext *c = NULL;
	72
	73	c = new0(ClientContext, 1);
	74	if (!c)
c2900521	75	return -ENOMEM;
a8a1a43f	76
c4bc1a84	77	c->fd = -1;
a8a1a43f DH	78
	79	*out = c;
	80	c = NULL;
	81	return 0;
	82	}
	83
	84	static void run_client(void userdata) {
	85	_cleanup_(client_context_freep) ClientContext *c = userdata;
	86	_cleanup_(proxy_freep) Proxy *p = NULL;
d3394ff4	87	char comm[16];
a8a1a43f DH	88	int r;
	89
	90	r = proxy_new(&p, c->fd, c->fd, arg_address);
1a37c975 LP	91	c->fd = -1;
1a37c975 LP	92
a8a1a43f DH	93	if (r < 0)
	94	goto exit;
	95
d3394ff4 DH	96	/* set comm to "p$PIDu$UID" and suffix with '' if truncated /
	97	r = snprintf(comm, sizeof(comm), "p" PID_FMT "u" UID_FMT, p->local_creds.pid, p->local_creds.uid);
	98	if (r >= (ssize_t)sizeof(comm))
	99	comm[sizeof(comm) - 2] = '*';
	100	(void) prctl(PR_SET_NAME, comm);
	101
c4bc1a84	102	r = proxy_set_policy(p, c->policy, arg_configuration);
a8a1a43f DH	103	if (r < 0)
	104	goto exit;
	105
d340f820	106	r = proxy_hello_policy(p, c->bus_uid);
a8a1a43f DH	107	if (r < 0)
	108	goto exit;
	109
	110	r = proxy_run(p);
	111
	112	exit:
	113	return NULL;
	114	}
	115
d340f820	116	static int loop_clients(int accept_fd, uid_t bus_uid) {
c4bc1a84	117	_cleanup_(shared_policy_freep) SharedPolicy *sp = NULL;
a8a1a43f DH	118	pthread_attr_t attr;
	119	int r;
	120
	121	r = pthread_attr_init(&attr);
50e0d56c LP	122	if (r != 0)
50e0d56c LP	123	return log_error_errno(r, "Cannot initialize pthread attributes: %m");
a8a1a43f DH	124
a8a1a43f DH	125	r = pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
50e0d56c LP	126	if (r != 0) {
50e0d56c LP	127	r = log_error_errno(r, "Cannot mark pthread attributes as detached: %m");
5569b33a	128	goto finish;
a8a1a43f DH	129	}
a8a1a43f DH	130
c4bc1a84 DH	131	r = shared_policy_new(&sp);
c4bc1a84 DH	132	if (r < 0)
5569b33a	133	goto finish;
c4bc1a84	134
a8a1a43f DH	135	for (;;) {
	136	ClientContext *c;
	137	pthread_t tid;
	138	int fd;
	139
	140	fd = accept4(accept_fd, NULL, NULL, SOCK_NONBLOCK \| SOCK_CLOEXEC);
	141	if (fd < 0) {
	142	if (errno == EAGAIN \|\| errno == EINTR)
	143	continue;
	144
	145	r = log_error_errno(errno, "accept4() failed: %m");
5569b33a	146	goto finish;
a8a1a43f DH	147	}
a8a1a43f DH	148
c4bc1a84	149	r = client_context_new(&c);
a8a1a43f DH	150	if (r < 0) {
	151	log_oom();
	152	close(fd);
	153	continue;
	154	}
	155
c4bc1a84 DH	156	c->fd = fd;
c4bc1a84 DH	157	c->policy = sp;
d340f820	158	c->bus_uid = bus_uid;
c4bc1a84	159
a8a1a43f	160	r = pthread_create(&tid, &attr, run_client, c);
50e0d56c LP	161	if (r != 0) {
50e0d56c LP	162	log_warning_errno(r, "Cannot spawn thread, ignoring: %m");
a8a1a43f DH	163	client_context_free(c);
	164	continue;
	165	}
	166	}
	167
5569b33a	168	finish:
a8a1a43f	169	pthread_attr_destroy(&attr);
a8a1a43f DH	170	return r;
	171	}
	172
71008e18 DM	173	static int help(void) {
	174
	175	printf("%s [OPTIONS...]\n\n"
a8a1a43f	176	"DBus proxy server.\n\n"
2e2b3608 LP	177	" -h --help Show this help\n"
2e2b3608 LP	178	" --version Show package version\n"
2e2b3608	179	" --configuration=PATH Configuration file or directory\n"
7f0d207d	180	" --machine=MACHINE Connect to specified machine\n"
2e2b3608	181	" --address=ADDRESS Connect to the bus specified by ADDRESS\n"
057171ef DH	182	" (default: " DEFAULT_SYSTEM_BUS_ADDRESS ")\n",
057171ef DH	183	program_invocation_short_name);
71008e18 DM	184
	185	return 0;
	186	}
	187
	188	static int parse_argv(int argc, char *argv[]) {
	189
	190	enum {
	191	ARG_VERSION = 0x100,
ba768916	192	ARG_ADDRESS,
2e2b3608	193	ARG_CONFIGURATION,
7f0d207d	194	ARG_MACHINE,
71008e18 DM	195	};
	196
	197	static const struct option options[] = {
6a010ac9 LP	198	{ "help", no_argument, NULL, 'h' },
	199	{ "version", no_argument, NULL, ARG_VERSION },
	200	{ "address", required_argument, NULL, ARG_ADDRESS },
2e2b3608	201	{ "configuration", required_argument, NULL, ARG_CONFIGURATION },
7f0d207d LP	202	{ "machine", required_argument, NULL, ARG_MACHINE },
7f0d207d LP	203	{},
71008e18 DM	204	};
71008e18 DM	205
2e2b3608	206	int c, r;
71008e18 DM	207
	208	assert(argc >= 0);
	209	assert(argv);
	210
601185b4	211	while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
71008e18 DM	212
	213	switch (c) {
	214
	215	case 'h':
	216	help();
	217	return 0;
	218
	219	case ARG_VERSION:
3f6fd1ba	220	return version();
71008e18	221
5569b33a LP	222	case ARG_ADDRESS:
	223	r = free_and_strdup(&arg_address, optarg);
	224	if (r < 0)
7f0d207d	225	return log_oom();
ba768916 LP	226	break;
ba768916 LP	227
2e2b3608 LP	228	case ARG_CONFIGURATION:
	229	r = strv_extend(&arg_configuration, optarg);
	230	if (r < 0)
	231	return log_oom();
	232	break;
	233
7f0d207d LP	234	case ARG_MACHINE: {
	235	_cleanup_free_ char *e = NULL;
	236	char *a;
	237
	238	e = bus_address_escape(optarg);
	239	if (!e)
	240	return log_oom();
	241
146d4773	242	a = strjoin("x-machine-kernel:machine=", e, ";x-machine-unix:machine=", e, NULL);
7f0d207d LP	243	if (!a)
	244	return log_oom();
	245
	246	free(arg_address);
	247	arg_address = a;
	248
	249	break;
	250	}
	251
71008e18 DM	252	case '?':
	253	return -EINVAL;
	254
71008e18	255	default:
ba768916	256	assert_not_reached("Unhandled option");
71008e18	257	}
71008e18	258
a8a1a43f	259	if (argc > optind) {
0721804f LP	260	log_error("Too many arguments");
	261	return -EINVAL;
	262	}
	263
7f0d207d	264	if (!arg_address) {
057171ef	265	arg_address = strdup(DEFAULT_SYSTEM_BUS_ADDRESS);
7f0d207d LP	266	if (!arg_address)
	267	return log_oom();
	268	}
	269
71008e18 DM	270	return 1;
71008e18 DM	271	}
a8f11321 LP	272
a8f11321 LP	273	int main(int argc, char *argv[]) {
a8a1a43f	274	int r, accept_fd;
d340f820	275	uid_t uid, bus_uid;
a80a3a75	276	gid_t gid;
a8f11321	277
4cfa2c99	278	log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
a8f11321 LP	279	log_parse_environment();
	280	log_open();
	281
d340f820 DH	282	bus_uid = getuid();
d340f820 DH	283
a80a3a75	284	if (geteuid() == 0) {
5569b33a LP	285	const char *user = "systemd-bus-proxy";
5569b33a LP	286
a80a3a75 DH	287	r = get_user_creds(&user, &uid, &gid, NULL, NULL);
	288	if (r < 0) {
	289	log_error_errno(r, "Cannot resolve user name %s: %m", user);
	290	goto finish;
	291	}
	292
	293	r = drop_privileges(uid, gid, 1ULL << CAP_IPC_OWNER);
	294	if (r < 0) {
	295	log_error_errno(r, "Cannot drop privileges: %m");
	296	goto finish;
	297	}
	298	}
	299
71008e18 DM	300	r = parse_argv(argc, argv);
	301	if (r <= 0)
	302	goto finish;
	303
	304	r = sd_listen_fds(0);
a8a1a43f	305	if (r != 1) {
9f6445e3	306	log_error("Illegal number of file descriptors passed");
71008e18 DM	307	goto finish;
	308	}
	309
a8a1a43f	310	accept_fd = SD_LISTEN_FDS_START;
5569b33a	311
a8a1a43f DH	312	r = fd_nonblock(accept_fd, false);
	313	if (r < 0) {
	314	log_error_errno(r, "Cannot mark accept-fd non-blocking: %m");
ac4eaf6d	315	goto finish;
a8a1a43f	316	}
ac4eaf6d	317
d340f820	318	r = loop_clients(accept_fd, bus_uid);
a8f11321	319
a8f11321	320	finish:
af4ec430 LP	321	sd_notify(false,
	322	"STOPPING=1\n"
	323	"STATUS=Shutting down.");
	324
2e2b3608	325	strv_free(arg_configuration);
7f0d207d	326	free(arg_address);
bcf3295d	327
d51539b1	328	return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
a8f11321	329	}