]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #2921 from keszybz/do-not-report-masked-units-as-changed
[thirdparty/systemd.git] / src / core / dbus.c
1 /***
2 This file is part of systemd.
3
4 Copyright 2010 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18 ***/
19
20 #include <errno.h>
21 #include <sys/epoll.h>
22 #include <unistd.h>
23
24 #include "sd-bus.h"
25
26 #include "alloc-util.h"
27 #include "bus-common-errors.h"
28 #include "bus-error.h"
29 #include "bus-internal.h"
30 #include "bus-util.h"
31 #include "dbus-cgroup.h"
32 #include "dbus-execute.h"
33 #include "dbus-job.h"
34 #include "dbus-kill.h"
35 #include "dbus-manager.h"
36 #include "dbus-unit.h"
37 #include "dbus.h"
38 #include "fd-util.h"
39 #include "log.h"
40 #include "missing.h"
41 #include "mkdir.h"
42 #include "selinux-access.h"
43 #include "special.h"
44 #include "string-util.h"
45 #include "strv.h"
46 #include "strxcpyx.h"
47 #include "user-util.h"
48
49 #define CONNECTIONS_MAX 4096
50
51 static void destroy_bus(Manager *m, sd_bus **bus);
52
53 int bus_send_queued_message(Manager *m) {
54 int r;
55
56 assert(m);
57
58 if (!m->queued_message)
59 return 0;
60
61 /* If we cannot get rid of this message we won't dispatch any
62 * D-Bus messages, so that we won't end up wanting to queue
63 * another message. */
64
65 r = sd_bus_send(NULL, m->queued_message, NULL);
66 if (r < 0)
67 log_warning_errno(r, "Failed to send queued message: %m");
68
69 m->queued_message = sd_bus_message_unref(m->queued_message);
70
71 return 0;
72 }
73
74 static int signal_agent_released(sd_bus_message *message, void *userdata, sd_bus_error *error) {
75 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
76 const char *cgroup, *me;
77 Manager *m = userdata;
78 uid_t sender_uid;
79 sd_bus *bus;
80 int r;
81
82 assert(message);
83 assert(m);
84
85 /* ignore recursive events sent by us on the system/user bus */
86 bus = sd_bus_message_get_bus(message);
87 if (!sd_bus_is_server(bus)) {
88 r = sd_bus_get_unique_name(bus, &me);
89 if (r < 0)
90 return r;
91
92 if (streq_ptr(sd_bus_message_get_sender(message), me))
93 return 0;
94 }
95
96 /* only accept org.freedesktop.systemd1.Agent from UID=0 */
97 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID, &creds);
98 if (r < 0)
99 return r;
100
101 r = sd_bus_creds_get_euid(creds, &sender_uid);
102 if (r < 0 || sender_uid != 0)
103 return 0;
104
105 /* parse 'cgroup-empty' notification */
106 r = sd_bus_message_read(message, "s", &cgroup);
107 if (r < 0) {
108 bus_log_parse_error(r);
109 return 0;
110 }
111
112 manager_notify_cgroup_empty(m, cgroup);
113
114 /* if running as system-instance, forward under our name */
115 if (MANAGER_IS_SYSTEM(m) && m->system_bus) {
116 r = sd_bus_message_rewind(message, 1);
117 if (r >= 0)
118 r = sd_bus_send(m->system_bus, message, NULL);
119 if (r < 0)
120 log_warning_errno(r, "Failed to forward Released message: %m");
121 }
122
123 return 0;
124 }
125
126 static int signal_disconnected(sd_bus_message *message, void *userdata, sd_bus_error *error) {
127 Manager *m = userdata;
128 sd_bus *bus;
129
130 assert(message);
131 assert(m);
132 assert_se(bus = sd_bus_message_get_bus(message));
133
134 if (bus == m->api_bus)
135 destroy_bus(m, &m->api_bus);
136 if (bus == m->system_bus)
137 destroy_bus(m, &m->system_bus);
138 if (set_remove(m->private_buses, bus)) {
139 log_debug("Got disconnect on private connection.");
140 destroy_bus(m, &bus);
141 }
142
143 return 0;
144 }
145
146 static int signal_activation_request(sd_bus_message *message, void *userdata, sd_bus_error *ret_error) {
147 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
148 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
149 Manager *m = userdata;
150 const char *name;
151 Unit *u;
152 int r;
153
154 assert(message);
155 assert(m);
156
157 r = sd_bus_message_read(message, "s", &name);
158 if (r < 0) {
159 bus_log_parse_error(r);
160 return 0;
161 }
162
163 if (manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SERVICE) ||
164 manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SOCKET)) {
165 r = sd_bus_error_setf(&error, BUS_ERROR_SHUTTING_DOWN, "Refusing activation, D-Bus is shutting down.");
166 goto failed;
167 }
168
169 r = manager_load_unit(m, name, NULL, &error, &u);
170 if (r < 0)
171 goto failed;
172
173 if (u->refuse_manual_start) {
174 r = sd_bus_error_setf(&error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, %s may be requested by dependency only.", u->id);
175 goto failed;
176 }
177
178 r = manager_add_job(m, JOB_START, u, JOB_REPLACE, &error, NULL);
179 if (r < 0)
180 goto failed;
181
182 /* Successfully queued, that's it for us */
183 return 0;
184
185 failed:
186 if (!sd_bus_error_is_set(&error))
187 sd_bus_error_set_errno(&error, r);
188
189 log_debug("D-Bus activation failed for %s: %s", name, bus_error_message(&error, r));
190
191 r = sd_bus_message_new_signal(sd_bus_message_get_bus(message), &reply, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Activator", "ActivationFailure");
192 if (r < 0) {
193 bus_log_create_error(r);
194 return 0;
195 }
196
197 r = sd_bus_message_append(reply, "sss", name, error.name, error.message);
198 if (r < 0) {
199 bus_log_create_error(r);
200 return 0;
201 }
202
203 r = sd_bus_send_to(NULL, reply, "org.freedesktop.DBus", NULL);
204 if (r < 0)
205 return log_error_errno(r, "Failed to respond with to bus activation request: %m");
206
207 return 0;
208 }
209
210 #ifdef HAVE_SELINUX
211 static int mac_selinux_filter(sd_bus_message *message, void *userdata, sd_bus_error *error) {
212 Manager *m = userdata;
213 const char *verb, *path;
214 Unit *u = NULL;
215 Job *j;
216 int r;
217
218 assert(message);
219
220 /* Our own method calls are all protected individually with
221 * selinux checks, but the built-in interfaces need to be
222 * protected too. */
223
224 if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", "Set"))
225 verb = "reload";
226 else if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", NULL) ||
227 sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", NULL) ||
228 sd_bus_message_is_method_call(message, "org.freedesktop.DBus.ObjectManager", NULL) ||
229 sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Peer", NULL))
230 verb = "status";
231 else
232 return 0;
233
234 path = sd_bus_message_get_path(message);
235
236 if (object_path_startswith("/org/freedesktop/systemd1", path)) {
237
238 r = mac_selinux_access_check(message, verb, error);
239 if (r < 0)
240 return r;
241
242 return 0;
243 }
244
245 if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) {
246 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
247 pid_t pid;
248
249 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
250 if (r < 0)
251 return 0;
252
253 r = sd_bus_creds_get_pid(creds, &pid);
254 if (r < 0)
255 return 0;
256
257 u = manager_get_unit_by_pid(m, pid);
258 } else {
259 r = manager_get_job_from_dbus_path(m, path, &j);
260 if (r >= 0)
261 u = j->unit;
262 else
263 manager_load_unit_from_dbus_path(m, path, NULL, &u);
264 }
265
266 if (!u)
267 return 0;
268
269 r = mac_selinux_unit_access_check(u, message, verb, error);
270 if (r < 0)
271 return r;
272
273 return 0;
274 }
275 #endif
276
277 static int bus_job_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
278 Manager *m = userdata;
279 Job *j;
280 int r;
281
282 assert(bus);
283 assert(path);
284 assert(interface);
285 assert(found);
286 assert(m);
287
288 r = manager_get_job_from_dbus_path(m, path, &j);
289 if (r < 0)
290 return 0;
291
292 *found = j;
293 return 1;
294 }
295
296 static int find_unit(Manager *m, sd_bus *bus, const char *path, Unit **unit, sd_bus_error *error) {
297 Unit *u;
298 int r;
299
300 assert(m);
301 assert(bus);
302 assert(path);
303
304 if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) {
305 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
306 sd_bus_message *message;
307 pid_t pid;
308
309 message = sd_bus_get_current_message(bus);
310 if (!message)
311 return 0;
312
313 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
314 if (r < 0)
315 return r;
316
317 r = sd_bus_creds_get_pid(creds, &pid);
318 if (r < 0)
319 return r;
320
321 u = manager_get_unit_by_pid(m, pid);
322 } else {
323 r = manager_load_unit_from_dbus_path(m, path, error, &u);
324 if (r < 0)
325 return 0;
326 }
327
328 if (!u)
329 return 0;
330
331 *unit = u;
332 return 1;
333 }
334
335 static int bus_unit_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
336 Manager *m = userdata;
337
338 assert(bus);
339 assert(path);
340 assert(interface);
341 assert(found);
342 assert(m);
343
344 return find_unit(m, bus, path, (Unit**) found, error);
345 }
346
347 static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
348 Manager *m = userdata;
349 Unit *u;
350 int r;
351
352 assert(bus);
353 assert(path);
354 assert(interface);
355 assert(found);
356 assert(m);
357
358 r = find_unit(m, bus, path, &u, error);
359 if (r <= 0)
360 return r;
361
362 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
363 return 0;
364
365 *found = u;
366 return 1;
367 }
368
369 static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
370 Manager *m = userdata;
371 Unit *u;
372 int r;
373
374 assert(bus);
375 assert(path);
376 assert(interface);
377 assert(found);
378 assert(m);
379
380 r = find_unit(m, bus, path, &u, error);
381 if (r <= 0)
382 return r;
383
384 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
385 return 0;
386
387 if (!UNIT_HAS_CGROUP_CONTEXT(u))
388 return 0;
389
390 *found = u;
391 return 1;
392 }
393
394 static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
395 Manager *m = userdata;
396 CGroupContext *c;
397 Unit *u;
398 int r;
399
400 assert(bus);
401 assert(path);
402 assert(interface);
403 assert(found);
404 assert(m);
405
406 r = find_unit(m, bus, path, &u, error);
407 if (r <= 0)
408 return r;
409
410 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
411 return 0;
412
413 c = unit_get_cgroup_context(u);
414 if (!c)
415 return 0;
416
417 *found = c;
418 return 1;
419 }
420
421 static int bus_exec_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
422 Manager *m = userdata;
423 ExecContext *c;
424 Unit *u;
425 int r;
426
427 assert(bus);
428 assert(path);
429 assert(interface);
430 assert(found);
431 assert(m);
432
433 r = find_unit(m, bus, path, &u, error);
434 if (r <= 0)
435 return r;
436
437 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
438 return 0;
439
440 c = unit_get_exec_context(u);
441 if (!c)
442 return 0;
443
444 *found = c;
445 return 1;
446 }
447
448 static int bus_kill_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
449 Manager *m = userdata;
450 KillContext *c;
451 Unit *u;
452 int r;
453
454 assert(bus);
455 assert(path);
456 assert(interface);
457 assert(found);
458 assert(m);
459
460 r = find_unit(m, bus, path, &u, error);
461 if (r <= 0)
462 return r;
463
464 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
465 return 0;
466
467 c = unit_get_kill_context(u);
468 if (!c)
469 return 0;
470
471 *found = c;
472 return 1;
473 }
474
475 static int bus_job_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
476 _cleanup_free_ char **l = NULL;
477 Manager *m = userdata;
478 unsigned k = 0;
479 Iterator i;
480 Job *j;
481
482 l = new0(char*, hashmap_size(m->jobs)+1);
483 if (!l)
484 return -ENOMEM;
485
486 HASHMAP_FOREACH(j, m->jobs, i) {
487 l[k] = job_dbus_path(j);
488 if (!l[k])
489 return -ENOMEM;
490
491 k++;
492 }
493
494 assert(hashmap_size(m->jobs) == k);
495
496 *nodes = l;
497 l = NULL;
498
499 return k;
500 }
501
502 static int bus_unit_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
503 _cleanup_free_ char **l = NULL;
504 Manager *m = userdata;
505 unsigned k = 0;
506 Iterator i;
507 Unit *u;
508
509 l = new0(char*, hashmap_size(m->units)+1);
510 if (!l)
511 return -ENOMEM;
512
513 HASHMAP_FOREACH(u, m->units, i) {
514 l[k] = unit_dbus_path(u);
515 if (!l[k])
516 return -ENOMEM;
517
518 k++;
519 }
520
521 *nodes = l;
522 l = NULL;
523
524 return k;
525 }
526
527 static int bus_setup_api_vtables(Manager *m, sd_bus *bus) {
528 UnitType t;
529 int r;
530
531 assert(m);
532 assert(bus);
533
534 #ifdef HAVE_SELINUX
535 r = sd_bus_add_filter(bus, NULL, mac_selinux_filter, m);
536 if (r < 0)
537 return log_error_errno(r, "Failed to add SELinux access filter: %m");
538 #endif
539
540 r = sd_bus_add_object_vtable(bus, NULL, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", bus_manager_vtable, m);
541 if (r < 0)
542 return log_error_errno(r, "Failed to register Manager vtable: %m");
543
544 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/job", "org.freedesktop.systemd1.Job", bus_job_vtable, bus_job_find, m);
545 if (r < 0)
546 return log_error_errno(r, "Failed to register Job vtable: %m");
547
548 r = sd_bus_add_node_enumerator(bus, NULL, "/org/freedesktop/systemd1/job", bus_job_enumerate, m);
549 if (r < 0)
550 return log_error_errno(r, "Failed to add job enumerator: %m");
551
552 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", "org.freedesktop.systemd1.Unit", bus_unit_vtable, bus_unit_find, m);
553 if (r < 0)
554 return log_error_errno(r, "Failed to register Unit vtable: %m");
555
556 r = sd_bus_add_node_enumerator(bus, NULL, "/org/freedesktop/systemd1/unit", bus_unit_enumerate, m);
557 if (r < 0)
558 return log_error_errno(r, "Failed to add job enumerator: %m");
559
560 for (t = 0; t < _UNIT_TYPE_MAX; t++) {
561 const char *interface;
562
563 assert_se(interface = unit_dbus_interface_from_type(t));
564
565 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, unit_vtable[t]->bus_vtable, bus_unit_interface_find, m);
566 if (r < 0)
567 return log_error_errno(r, "Failed to register type specific vtable for %s: %m", interface);
568
569 if (unit_vtable[t]->cgroup_context_offset > 0) {
570 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_unit_cgroup_vtable, bus_unit_cgroup_find, m);
571 if (r < 0)
572 return log_error_errno(r, "Failed to register control group unit vtable for %s: %m", interface);
573
574 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_cgroup_vtable, bus_cgroup_context_find, m);
575 if (r < 0)
576 return log_error_errno(r, "Failed to register control group vtable for %s: %m", interface);
577 }
578
579 if (unit_vtable[t]->exec_context_offset > 0) {
580 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_exec_vtable, bus_exec_context_find, m);
581 if (r < 0)
582 return log_error_errno(r, "Failed to register execute vtable for %s: %m", interface);
583 }
584
585 if (unit_vtable[t]->kill_context_offset > 0) {
586 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_kill_vtable, bus_kill_context_find, m);
587 if (r < 0)
588 return log_error_errno(r, "Failed to register kill vtable for %s: %m", interface);
589 }
590 }
591
592 return 0;
593 }
594
595 static int bus_setup_disconnected_match(Manager *m, sd_bus *bus) {
596 int r;
597
598 assert(m);
599 assert(bus);
600
601 r = sd_bus_add_match(
602 bus,
603 NULL,
604 "sender='org.freedesktop.DBus.Local',"
605 "type='signal',"
606 "path='/org/freedesktop/DBus/Local',"
607 "interface='org.freedesktop.DBus.Local',"
608 "member='Disconnected'",
609 signal_disconnected, m);
610
611 if (r < 0)
612 return log_error_errno(r, "Failed to register match for Disconnected message: %m");
613
614 return 0;
615 }
616
617 static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
618 _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
619 _cleanup_close_ int nfd = -1;
620 Manager *m = userdata;
621 sd_id128_t id;
622 int r;
623
624 assert(s);
625 assert(m);
626
627 nfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
628 if (nfd < 0) {
629 log_warning_errno(errno, "Failed to accept private connection, ignoring: %m");
630 return 0;
631 }
632
633 if (set_size(m->private_buses) >= CONNECTIONS_MAX) {
634 log_warning("Too many concurrent connections, refusing");
635 return 0;
636 }
637
638 r = set_ensure_allocated(&m->private_buses, NULL);
639 if (r < 0) {
640 log_oom();
641 return 0;
642 }
643
644 r = sd_bus_new(&bus);
645 if (r < 0) {
646 log_warning_errno(r, "Failed to allocate new private connection bus: %m");
647 return 0;
648 }
649
650 r = sd_bus_set_fd(bus, nfd, nfd);
651 if (r < 0) {
652 log_warning_errno(r, "Failed to set fd on new connection bus: %m");
653 return 0;
654 }
655
656 nfd = -1;
657
658 r = bus_check_peercred(bus);
659 if (r < 0) {
660 log_warning_errno(r, "Incoming private connection from unprivileged client, refusing: %m");
661 return 0;
662 }
663
664 assert_se(sd_id128_randomize(&id) >= 0);
665
666 r = sd_bus_set_server(bus, 1, id);
667 if (r < 0) {
668 log_warning_errno(r, "Failed to enable server support for new connection bus: %m");
669 return 0;
670 }
671
672 r = sd_bus_negotiate_creds(bus, 1,
673 SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
674 SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
675 SD_BUS_CREDS_SELINUX_CONTEXT);
676 if (r < 0) {
677 log_warning_errno(r, "Failed to enable credentials for new connection: %m");
678 return 0;
679 }
680
681 r = sd_bus_start(bus);
682 if (r < 0) {
683 log_warning_errno(r, "Failed to start new connection bus: %m");
684 return 0;
685 }
686
687 r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
688 if (r < 0) {
689 log_warning_errno(r, "Failed to attach new connection bus to event loop: %m");
690 return 0;
691 }
692
693 if (MANAGER_IS_SYSTEM(m)) {
694 /* When we run as system instance we get the Released
695 * signal via a direct connection */
696
697 r = sd_bus_add_match(
698 bus,
699 NULL,
700 "type='signal',"
701 "interface='org.freedesktop.systemd1.Agent',"
702 "member='Released',"
703 "path='/org/freedesktop/systemd1/agent'",
704 signal_agent_released, m);
705
706 if (r < 0) {
707 log_warning_errno(r, "Failed to register Released match on new connection bus: %m");
708 return 0;
709 }
710 }
711
712 r = bus_setup_disconnected_match(m, bus);
713 if (r < 0)
714 return 0;
715
716 r = bus_setup_api_vtables(m, bus);
717 if (r < 0) {
718 log_warning_errno(r, "Failed to set up API vtables on new connection bus: %m");
719 return 0;
720 }
721
722 r = set_put(m->private_buses, bus);
723 if (r < 0) {
724 log_warning_errno(r, "Failed to add new connection bus to set: %m");
725 return 0;
726 }
727
728 bus = NULL;
729
730 log_debug("Accepted new private connection.");
731
732 return 0;
733 }
734
735 int manager_sync_bus_names(Manager *m, sd_bus *bus) {
736 _cleanup_strv_free_ char **names = NULL;
737 const char *name;
738 Iterator i;
739 Unit *u;
740 int r;
741
742 assert(m);
743 assert(bus);
744
745 r = sd_bus_list_names(bus, &names, NULL);
746 if (r < 0)
747 return log_error_errno(r, "Failed to get initial list of names: %m");
748
749 /* We have to synchronize the current bus names with the
750 * list of active services. To do this, walk the list of
751 * all units with bus names. */
752 HASHMAP_FOREACH_KEY(u, name, m->watch_bus, i) {
753 Service *s = SERVICE(u);
754
755 assert(s);
756
757 if (!streq_ptr(s->bus_name, name)) {
758 log_unit_warning(u, "Bus name has changed from %s → %s, ignoring.", s->bus_name, name);
759 continue;
760 }
761
762 /* Check if a service's bus name is in the list of currently
763 * active names */
764 if (strv_contains(names, name)) {
765 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
766 const char *unique;
767
768 /* If it is, determine its current owner */
769 r = sd_bus_get_name_creds(bus, name, SD_BUS_CREDS_UNIQUE_NAME, &creds);
770 if (r < 0) {
771 log_error_errno(r, "Failed to get bus name owner %s: %m", name);
772 continue;
773 }
774
775 r = sd_bus_creds_get_unique_name(creds, &unique);
776 if (r < 0) {
777 log_error_errno(r, "Failed to get unique name for %s: %m", name);
778 continue;
779 }
780
781 /* Now, let's compare that to the previous bus owner, and
782 * if it's still the same, all is fine, so just don't
783 * bother the service. Otherwise, the name has apparently
784 * changed, so synthesize a name owner changed signal. */
785
786 if (!streq_ptr(unique, s->bus_name_owner))
787 UNIT_VTABLE(u)->bus_name_owner_change(u, name, s->bus_name_owner, unique);
788 } else {
789 /* So, the name we're watching is not on the bus.
790 * This either means it simply hasn't appeared yet,
791 * or it was lost during the daemon reload.
792 * Check if the service has a stored name owner,
793 * and synthesize a name loss signal in this case. */
794
795 if (s->bus_name_owner)
796 UNIT_VTABLE(u)->bus_name_owner_change(u, name, s->bus_name_owner, NULL);
797 }
798 }
799
800 return 0;
801 }
802
803 static int bus_setup_api(Manager *m, sd_bus *bus) {
804 Iterator i;
805 char *name;
806 Unit *u;
807 int r;
808
809 assert(m);
810 assert(bus);
811
812 /* Let's make sure we have enough credential bits so that we can make security and selinux decisions */
813 r = sd_bus_negotiate_creds(bus, 1,
814 SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
815 SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
816 SD_BUS_CREDS_SELINUX_CONTEXT);
817 if (r < 0)
818 log_warning_errno(r, "Failed to enable credential passing, ignoring: %m");
819
820 r = bus_setup_api_vtables(m, bus);
821 if (r < 0)
822 return r;
823
824 HASHMAP_FOREACH_KEY(u, name, m->watch_bus, i) {
825 r = unit_install_bus_match(u, bus, name);
826 if (r < 0)
827 log_error_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
828 }
829
830 r = sd_bus_add_match(
831 bus,
832 NULL,
833 "type='signal',"
834 "sender='org.freedesktop.DBus',"
835 "path='/org/freedesktop/DBus',"
836 "interface='org.freedesktop.systemd1.Activator',"
837 "member='ActivationRequest'",
838 signal_activation_request, m);
839 if (r < 0)
840 log_warning_errno(r, "Failed to subscribe to activation signal: %m");
841
842 /* Allow replacing of our name, to ease implementation of
843 * reexecution, where we keep the old connection open until
844 * after the new connection is set up and the name installed
845 * to allow clients to synchronously wait for reexecution to
846 * finish */
847 r = sd_bus_request_name(bus,"org.freedesktop.systemd1", SD_BUS_NAME_REPLACE_EXISTING|SD_BUS_NAME_ALLOW_REPLACEMENT);
848 if (r < 0)
849 return log_error_errno(r, "Failed to register name: %m");
850
851 r = manager_sync_bus_names(m, bus);
852 if (r < 0)
853 return r;
854
855 log_debug("Successfully connected to API bus.");
856 return 0;
857 }
858
859 static int bus_init_api(Manager *m) {
860 _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
861 int r;
862
863 if (m->api_bus)
864 return 0;
865
866 /* The API and system bus is the same if we are running in system mode */
867 if (MANAGER_IS_SYSTEM(m) && m->system_bus)
868 bus = sd_bus_ref(m->system_bus);
869 else {
870 if (MANAGER_IS_SYSTEM(m))
871 r = sd_bus_open_system(&bus);
872 else
873 r = sd_bus_open_user(&bus);
874
875 if (r < 0) {
876 log_debug("Failed to connect to API bus, retrying later...");
877 return 0;
878 }
879
880 r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
881 if (r < 0) {
882 log_error_errno(r, "Failed to attach API bus to event loop: %m");
883 return 0;
884 }
885
886 r = bus_setup_disconnected_match(m, bus);
887 if (r < 0)
888 return 0;
889 }
890
891 r = bus_setup_api(m, bus);
892 if (r < 0) {
893 log_error_errno(r, "Failed to set up API bus: %m");
894 return 0;
895 }
896
897 m->api_bus = bus;
898 bus = NULL;
899
900 return 0;
901 }
902
903 static int bus_setup_system(Manager *m, sd_bus *bus) {
904 int r;
905
906 assert(m);
907 assert(bus);
908
909 /* On kdbus or if we are a user instance we get the Released message via the system bus */
910 if (MANAGER_IS_USER(m) || m->kdbus_fd >= 0) {
911 r = sd_bus_add_match(
912 bus,
913 NULL,
914 "type='signal',"
915 "interface='org.freedesktop.systemd1.Agent',"
916 "member='Released',"
917 "path='/org/freedesktop/systemd1/agent'",
918 signal_agent_released, m);
919 if (r < 0)
920 log_warning_errno(r, "Failed to register Released match on system bus: %m");
921 }
922
923 log_debug("Successfully connected to system bus.");
924 return 0;
925 }
926
927 static int bus_init_system(Manager *m) {
928 _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
929 int r;
930
931 if (m->system_bus)
932 return 0;
933
934 /* The API and system bus is the same if we are running in system mode */
935 if (MANAGER_IS_SYSTEM(m) && m->api_bus) {
936 m->system_bus = sd_bus_ref(m->api_bus);
937 return 0;
938 }
939
940 r = sd_bus_open_system(&bus);
941 if (r < 0) {
942 log_debug("Failed to connect to system bus, retrying later...");
943 return 0;
944 }
945
946 r = bus_setup_disconnected_match(m, bus);
947 if (r < 0)
948 return 0;
949
950 r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
951 if (r < 0) {
952 log_error_errno(r, "Failed to attach system bus to event loop: %m");
953 return 0;
954 }
955
956 r = bus_setup_system(m, bus);
957 if (r < 0) {
958 log_error_errno(r, "Failed to set up system bus: %m");
959 return 0;
960 }
961
962 m->system_bus = bus;
963 bus = NULL;
964
965 return 0;
966 }
967
968 static int bus_init_private(Manager *m) {
969 _cleanup_close_ int fd = -1;
970 union sockaddr_union sa = {
971 .un.sun_family = AF_UNIX
972 };
973 sd_event_source *s;
974 socklen_t salen;
975 int r;
976
977 assert(m);
978
979 if (m->private_listen_fd >= 0)
980 return 0;
981
982 /* We don't need the private socket if we have kdbus */
983 if (m->kdbus_fd >= 0)
984 return 0;
985
986 if (MANAGER_IS_SYSTEM(m)) {
987
988 /* We want the private bus only when running as init */
989 if (getpid() != 1)
990 return 0;
991
992 strcpy(sa.un.sun_path, "/run/systemd/private");
993 salen = offsetof(union sockaddr_union, un.sun_path) + strlen("/run/systemd/private");
994 } else {
995 size_t left = sizeof(sa.un.sun_path);
996 char *p = sa.un.sun_path;
997 const char *e;
998
999 e = secure_getenv("XDG_RUNTIME_DIR");
1000 if (!e) {
1001 log_error("Failed to determine XDG_RUNTIME_DIR");
1002 return -EHOSTDOWN;
1003 }
1004
1005 left = strpcpy(&p, left, e);
1006 left = strpcpy(&p, left, "/systemd/private");
1007
1008 salen = sizeof(sa.un) - left;
1009 }
1010
1011 (void) mkdir_parents_label(sa.un.sun_path, 0755);
1012 (void) unlink(sa.un.sun_path);
1013
1014 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1015 if (fd < 0)
1016 return log_error_errno(errno, "Failed to allocate private socket: %m");
1017
1018 r = bind(fd, &sa.sa, salen);
1019 if (r < 0)
1020 return log_error_errno(errno, "Failed to bind private socket: %m");
1021
1022 r = listen(fd, SOMAXCONN);
1023 if (r < 0)
1024 return log_error_errno(errno, "Failed to make private socket listening: %m");
1025
1026 r = sd_event_add_io(m->event, &s, fd, EPOLLIN, bus_on_connection, m);
1027 if (r < 0)
1028 return log_error_errno(r, "Failed to allocate event source: %m");
1029
1030 (void) sd_event_source_set_description(s, "bus-connection");
1031
1032 m->private_listen_fd = fd;
1033 m->private_listen_event_source = s;
1034 fd = -1;
1035
1036 log_debug("Successfully created private D-Bus server.");
1037
1038 return 0;
1039 }
1040
1041 int bus_init(Manager *m, bool try_bus_connect) {
1042 int r;
1043
1044 if (try_bus_connect) {
1045 r = bus_init_system(m);
1046 if (r < 0)
1047 return r;
1048
1049 r = bus_init_api(m);
1050 if (r < 0)
1051 return r;
1052 }
1053
1054 r = bus_init_private(m);
1055 if (r < 0)
1056 return r;
1057
1058 return 0;
1059 }
1060
1061 static void destroy_bus(Manager *m, sd_bus **bus) {
1062 Iterator i;
1063 Job *j;
1064
1065 assert(m);
1066 assert(bus);
1067
1068 if (!*bus)
1069 return;
1070
1071 /* Get rid of tracked clients on this bus */
1072 if (m->subscribed && sd_bus_track_get_bus(m->subscribed) == *bus)
1073 m->subscribed = sd_bus_track_unref(m->subscribed);
1074
1075 HASHMAP_FOREACH(j, m->jobs, i)
1076 if (j->clients && sd_bus_track_get_bus(j->clients) == *bus)
1077 j->clients = sd_bus_track_unref(j->clients);
1078
1079 /* Get rid of queued message on this bus */
1080 if (m->queued_message && sd_bus_message_get_bus(m->queued_message) == *bus)
1081 m->queued_message = sd_bus_message_unref(m->queued_message);
1082
1083 /* Possibly flush unwritten data, but only if we are
1084 * unprivileged, since we don't want to sync here */
1085 if (!MANAGER_IS_SYSTEM(m))
1086 sd_bus_flush(*bus);
1087
1088 /* And destroy the object */
1089 sd_bus_close(*bus);
1090 *bus = sd_bus_unref(*bus);
1091 }
1092
1093 void bus_done(Manager *m) {
1094 sd_bus *b;
1095
1096 assert(m);
1097
1098 if (m->api_bus)
1099 destroy_bus(m, &m->api_bus);
1100 if (m->system_bus)
1101 destroy_bus(m, &m->system_bus);
1102 while ((b = set_steal_first(m->private_buses)))
1103 destroy_bus(m, &b);
1104
1105 m->private_buses = set_free(m->private_buses);
1106
1107 m->subscribed = sd_bus_track_unref(m->subscribed);
1108 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1109
1110 if (m->private_listen_event_source)
1111 m->private_listen_event_source = sd_event_source_unref(m->private_listen_event_source);
1112
1113 m->private_listen_fd = safe_close(m->private_listen_fd);
1114
1115 bus_verify_polkit_async_registry_free(m->polkit_registry);
1116 }
1117
1118 int bus_fdset_add_all(Manager *m, FDSet *fds) {
1119 Iterator i;
1120 sd_bus *b;
1121 int fd;
1122
1123 assert(m);
1124 assert(fds);
1125
1126 /* When we are about to reexecute we add all D-Bus fds to the
1127 * set to pass over to the newly executed systemd. They won't
1128 * be used there however, except thatt they are closed at the
1129 * very end of deserialization, those making it possible for
1130 * clients to synchronously wait for systemd to reexec by
1131 * simply waiting for disconnection */
1132
1133 if (m->api_bus) {
1134 fd = sd_bus_get_fd(m->api_bus);
1135 if (fd >= 0) {
1136 fd = fdset_put_dup(fds, fd);
1137 if (fd < 0)
1138 return fd;
1139 }
1140 }
1141
1142 SET_FOREACH(b, m->private_buses, i) {
1143 fd = sd_bus_get_fd(b);
1144 if (fd >= 0) {
1145 fd = fdset_put_dup(fds, fd);
1146 if (fd < 0)
1147 return fd;
1148 }
1149 }
1150
1151 /* We don't offer any APIs on the system bus (well, unless it
1152 * is the same as the API bus) hence we don't bother with it
1153 * here */
1154
1155 return 0;
1156 }
1157
1158 int bus_foreach_bus(
1159 Manager *m,
1160 sd_bus_track *subscribed2,
1161 int (*send_message)(sd_bus *bus, void *userdata),
1162 void *userdata) {
1163
1164 Iterator i;
1165 sd_bus *b;
1166 int r, ret = 0;
1167
1168 /* Send to all direct buses, unconditionally */
1169 SET_FOREACH(b, m->private_buses, i) {
1170 r = send_message(b, userdata);
1171 if (r < 0)
1172 ret = r;
1173 }
1174
1175 /* Send to API bus, but only if somebody is subscribed */
1176 if (sd_bus_track_count(m->subscribed) > 0 ||
1177 sd_bus_track_count(subscribed2) > 0) {
1178 r = send_message(m->api_bus, userdata);
1179 if (r < 0)
1180 ret = r;
1181 }
1182
1183 return ret;
1184 }
1185
1186 void bus_track_serialize(sd_bus_track *t, FILE *f) {
1187 const char *n;
1188
1189 assert(f);
1190
1191 for (n = sd_bus_track_first(t); n; n = sd_bus_track_next(t))
1192 fprintf(f, "subscribed=%s\n", n);
1193 }
1194
1195 int bus_track_deserialize_item(char ***l, const char *line) {
1196 const char *e;
1197 int r;
1198
1199 assert(l);
1200 assert(line);
1201
1202 e = startswith(line, "subscribed=");
1203 if (!e)
1204 return 0;
1205
1206 r = strv_extend(l, e);
1207 if (r < 0)
1208 return r;
1209
1210 return 1;
1211 }
1212
1213 int bus_track_coldplug(Manager *m, sd_bus_track **t, char ***l) {
1214 int r = 0;
1215
1216 assert(m);
1217 assert(t);
1218 assert(l);
1219
1220 if (!strv_isempty(*l) && m->api_bus) {
1221 char **i;
1222
1223 if (!*t) {
1224 r = sd_bus_track_new(m->api_bus, t, NULL, NULL);
1225 if (r < 0)
1226 return r;
1227 }
1228
1229 r = 0;
1230 STRV_FOREACH(i, *l) {
1231 int k;
1232
1233 k = sd_bus_track_add_name(*t, *i);
1234 if (k < 0)
1235 r = k;
1236 }
1237 }
1238
1239 *l = strv_free(*l);
1240
1241 return r;
1242 }
1243
1244 int bus_verify_manage_units_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1245 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-units", NULL, false, UID_INVALID, &m->polkit_registry, error);
1246 }
1247
1248 int bus_verify_manage_unit_files_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1249 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-unit-files", NULL, false, UID_INVALID, &m->polkit_registry, error);
1250 }
1251
1252 int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1253 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.reload-daemon", NULL, false, UID_INVALID, &m->polkit_registry, error);
1254 }
1255
1256 int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1257 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.set-environment", NULL, false, UID_INVALID, &m->polkit_registry, error);
1258 }
Unnamed repository; edit this file 'description' to name the repository.