]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/machine/image-dbus.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #22159 from medhefgo/boot-xbootldr
[thirdparty/systemd.git] / src / machine / image-dbus.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <sys/file.h>
4 #include <sys/mount.h>
5
6 #include "alloc-util.h"
7 #include "bus-get-properties.h"
8 #include "bus-label.h"
9 #include "bus-polkit.h"
10 #include "copy.h"
11 #include "discover-image.h"
12 #include "dissect-image.h"
13 #include "fd-util.h"
14 #include "fileio.h"
15 #include "fs-util.h"
16 #include "image-dbus.h"
17 #include "io-util.h"
18 #include "loop-util.h"
19 #include "missing_capability.h"
20 #include "mount-util.h"
21 #include "os-util.h"
22 #include "process-util.h"
23 #include "raw-clone.h"
24 #include "strv.h"
25 #include "user-util.h"
26
27 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, image_type, ImageType);
28
29 int bus_image_method_remove(
30 sd_bus_message *message,
31 void *userdata,
32 sd_bus_error *error) {
33
34 _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
35 Image *image = userdata;
36 Manager *m = image->userdata;
37 pid_t child;
38 int r;
39
40 assert(message);
41 assert(image);
42
43 if (m->n_operations >= OPERATIONS_MAX)
44 return sd_bus_error_set(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
45
46 const char *details[] = {
47 "image", image->name,
48 "verb", "remove",
49 NULL
50 };
51
52 r = bus_verify_polkit_async(
53 message,
54 CAP_SYS_ADMIN,
55 "org.freedesktop.machine1.manage-images",
56 details,
57 false,
58 UID_INVALID,
59 &m->polkit_registry,
60 error);
61 if (r < 0)
62 return r;
63 if (r == 0)
64 return 1; /* Will call us back */
65
66 if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
67 return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
68
69 r = safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS, &child);
70 if (r < 0)
71 return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
72 if (r == 0) {
73 errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
74
75 r = image_remove(image);
76 if (r < 0) {
77 (void) write(errno_pipe_fd[1], &r, sizeof(r));
78 _exit(EXIT_FAILURE);
79 }
80
81 _exit(EXIT_SUCCESS);
82 }
83
84 errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
85
86 r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
87 if (r < 0) {
88 (void) sigkill_wait(child);
89 return r;
90 }
91
92 errno_pipe_fd[0] = -1;
93
94 return 1;
95 }
96
97 int bus_image_method_rename(
98 sd_bus_message *message,
99 void *userdata,
100 sd_bus_error *error) {
101
102 Image *image = userdata;
103 Manager *m = image->userdata;
104 const char *new_name;
105 int r;
106
107 assert(message);
108 assert(image);
109
110 r = sd_bus_message_read(message, "s", &new_name);
111 if (r < 0)
112 return r;
113
114 if (!image_name_is_valid(new_name))
115 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
116
117 const char *details[] = {
118 "image", image->name,
119 "verb", "rename",
120 "new_name", new_name,
121 NULL
122 };
123
124 r = bus_verify_polkit_async(
125 message,
126 CAP_SYS_ADMIN,
127 "org.freedesktop.machine1.manage-images",
128 details,
129 false,
130 UID_INVALID,
131 &m->polkit_registry,
132 error);
133 if (r < 0)
134 return r;
135 if (r == 0)
136 return 1; /* Will call us back */
137
138 r = image_rename(image, new_name);
139 if (r < 0)
140 return r;
141
142 return sd_bus_reply_method_return(message, NULL);
143 }
144
145 int bus_image_method_clone(
146 sd_bus_message *message,
147 void *userdata,
148 sd_bus_error *error) {
149
150 _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
151 Image *image = userdata;
152 Manager *m = image->userdata;
153 const char *new_name;
154 int r, read_only;
155 pid_t child;
156
157 assert(message);
158 assert(image);
159 assert(m);
160
161 if (m->n_operations >= OPERATIONS_MAX)
162 return sd_bus_error_set(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
163
164 r = sd_bus_message_read(message, "sb", &new_name, &read_only);
165 if (r < 0)
166 return r;
167
168 if (!image_name_is_valid(new_name))
169 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
170
171 const char *details[] = {
172 "image", image->name,
173 "verb", "clone",
174 "new_name", new_name,
175 NULL
176 };
177
178 r = bus_verify_polkit_async(
179 message,
180 CAP_SYS_ADMIN,
181 "org.freedesktop.machine1.manage-images",
182 details,
183 false,
184 UID_INVALID,
185 &m->polkit_registry,
186 error);
187 if (r < 0)
188 return r;
189 if (r == 0)
190 return 1; /* Will call us back */
191
192 if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
193 return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
194
195 r = safe_fork("(sd-imgclone)", FORK_RESET_SIGNALS, &child);
196 if (r < 0)
197 return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
198 if (r == 0) {
199 errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
200
201 r = image_clone(image, new_name, read_only);
202 if (r < 0) {
203 (void) write(errno_pipe_fd[1], &r, sizeof(r));
204 _exit(EXIT_FAILURE);
205 }
206
207 _exit(EXIT_SUCCESS);
208 }
209
210 errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
211
212 r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
213 if (r < 0) {
214 (void) sigkill_wait(child);
215 return r;
216 }
217
218 errno_pipe_fd[0] = -1;
219
220 return 1;
221 }
222
223 int bus_image_method_mark_read_only(
224 sd_bus_message *message,
225 void *userdata,
226 sd_bus_error *error) {
227
228 Image *image = userdata;
229 Manager *m = image->userdata;
230 bool read_only;
231 int r;
232
233 assert(message);
234
235 r = sd_bus_message_read(message, "b", &read_only);
236 if (r < 0)
237 return r;
238
239 const char *details[] = {
240 "image", image->name,
241 "verb", "mark_read_only",
242 "read_only", (read_only?"1":"0"),
243 NULL
244 };
245
246 r = bus_verify_polkit_async(
247 message,
248 CAP_SYS_ADMIN,
249 "org.freedesktop.machine1.manage-images",
250 details,
251 false,
252 UID_INVALID,
253 &m->polkit_registry,
254 error);
255 if (r < 0)
256 return r;
257 if (r == 0)
258 return 1; /* Will call us back */
259
260 r = image_read_only(image, read_only);
261 if (r < 0)
262 return r;
263
264 return sd_bus_reply_method_return(message, NULL);
265 }
266
267 int bus_image_method_set_limit(
268 sd_bus_message *message,
269 void *userdata,
270 sd_bus_error *error) {
271
272 Image *image = userdata;
273 Manager *m = image->userdata;
274 uint64_t limit;
275 int r;
276
277 assert(message);
278
279 r = sd_bus_message_read(message, "t", &limit);
280 if (r < 0)
281 return r;
282 if (!FILE_SIZE_VALID_OR_INFINITY(limit))
283 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");
284
285 const char *details[] = {
286 "machine", image->name,
287 "verb", "set_limit",
288 NULL
289 };
290
291 r = bus_verify_polkit_async(
292 message,
293 CAP_SYS_ADMIN,
294 "org.freedesktop.machine1.manage-images",
295 details,
296 false,
297 UID_INVALID,
298 &m->polkit_registry,
299 error);
300 if (r < 0)
301 return r;
302 if (r == 0)
303 return 1; /* Will call us back */
304
305 r = image_set_limit(image, limit);
306 if (r < 0)
307 return r;
308
309 return sd_bus_reply_method_return(message, NULL);
310 }
311
312 int bus_image_method_get_hostname(
313 sd_bus_message *message,
314 void *userdata,
315 sd_bus_error *error) {
316
317 Image *image = userdata;
318 int r;
319
320 if (!image->metadata_valid) {
321 r = image_read_metadata(image);
322 if (r < 0)
323 return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
324 }
325
326 return sd_bus_reply_method_return(message, "s", image->hostname);
327 }
328
329 int bus_image_method_get_machine_id(
330 sd_bus_message *message,
331 void *userdata,
332 sd_bus_error *error) {
333
334 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
335 Image *image = userdata;
336 int r;
337
338 if (!image->metadata_valid) {
339 r = image_read_metadata(image);
340 if (r < 0)
341 return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
342 }
343
344 r = sd_bus_message_new_method_return(message, &reply);
345 if (r < 0)
346 return r;
347
348 if (sd_id128_is_null(image->machine_id)) /* Add an empty array if the ID is zero */
349 r = sd_bus_message_append(reply, "ay", 0);
350 else
351 r = sd_bus_message_append_array(reply, 'y', image->machine_id.bytes, 16);
352 if (r < 0)
353 return r;
354
355 return sd_bus_send(NULL, reply, NULL);
356 }
357
358 int bus_image_method_get_machine_info(
359 sd_bus_message *message,
360 void *userdata,
361 sd_bus_error *error) {
362
363 Image *image = userdata;
364 int r;
365
366 if (!image->metadata_valid) {
367 r = image_read_metadata(image);
368 if (r < 0)
369 return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
370 }
371
372 return bus_reply_pair_array(message, image->machine_info);
373 }
374
375 int bus_image_method_get_os_release(
376 sd_bus_message *message,
377 void *userdata,
378 sd_bus_error *error) {
379
380 Image *image = userdata;
381 int r;
382
383 if (!image->metadata_valid) {
384 r = image_read_metadata(image);
385 if (r < 0)
386 return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
387 }
388
389 return bus_reply_pair_array(message, image->os_release);
390 }
391
392 static int image_flush_cache(sd_event_source *s, void *userdata) {
393 Manager *m = userdata;
394
395 assert(s);
396 assert(m);
397
398 hashmap_clear(m->image_cache);
399 return 0;
400 }
401
402 static int image_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
403 _cleanup_free_ char *e = NULL;
404 Manager *m = userdata;
405 Image *image = NULL;
406 const char *p;
407 int r;
408
409 assert(bus);
410 assert(path);
411 assert(interface);
412 assert(found);
413
414 p = startswith(path, "/org/freedesktop/machine1/image/");
415 if (!p)
416 return 0;
417
418 e = bus_label_unescape(p);
419 if (!e)
420 return -ENOMEM;
421
422 image = hashmap_get(m->image_cache, e);
423 if (image) {
424 *found = image;
425 return 1;
426 }
427
428 if (!m->image_cache_defer_event) {
429 r = sd_event_add_defer(m->event, &m->image_cache_defer_event, image_flush_cache, m);
430 if (r < 0)
431 return r;
432
433 r = sd_event_source_set_priority(m->image_cache_defer_event, SD_EVENT_PRIORITY_IDLE);
434 if (r < 0)
435 return r;
436 }
437
438 r = sd_event_source_set_enabled(m->image_cache_defer_event, SD_EVENT_ONESHOT);
439 if (r < 0)
440 return r;
441
442 r = image_find(IMAGE_MACHINE, e, NULL, &image);
443 if (r == -ENOENT)
444 return 0;
445 if (r < 0)
446 return r;
447
448 image->userdata = m;
449
450 r = hashmap_ensure_put(&m->image_cache, &image_hash_ops, image->name, image);
451 if (r < 0) {
452 image_unref(image);
453 return r;
454 }
455
456 *found = image;
457 return 1;
458 }
459
460 char *image_bus_path(const char *name) {
461 _cleanup_free_ char *e = NULL;
462
463 assert(name);
464
465 e = bus_label_escape(name);
466 if (!e)
467 return NULL;
468
469 return strjoin("/org/freedesktop/machine1/image/", e);
470 }
471
472 static int image_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
473 _cleanup_hashmap_free_ Hashmap *images = NULL;
474 _cleanup_strv_free_ char **l = NULL;
475 Image *image;
476 int r;
477
478 assert(bus);
479 assert(path);
480 assert(nodes);
481
482 images = hashmap_new(&image_hash_ops);
483 if (!images)
484 return -ENOMEM;
485
486 r = image_discover(IMAGE_MACHINE, NULL, images);
487 if (r < 0)
488 return r;
489
490 HASHMAP_FOREACH(image, images) {
491 char *p;
492
493 p = image_bus_path(image->name);
494 if (!p)
495 return -ENOMEM;
496
497 r = strv_consume(&l, p);
498 if (r < 0)
499 return r;
500 }
501
502 *nodes = TAKE_PTR(l);
503
504 return 1;
505 }
506
507 const sd_bus_vtable image_vtable[] = {
508 SD_BUS_VTABLE_START(0),
509 SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Image, name), 0),
510 SD_BUS_PROPERTY("Path", "s", NULL, offsetof(Image, path), 0),
511 SD_BUS_PROPERTY("Type", "s", property_get_type, offsetof(Image, type), 0),
512 SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool, offsetof(Image, read_only), 0),
513 SD_BUS_PROPERTY("CreationTimestamp", "t", NULL, offsetof(Image, crtime), 0),
514 SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL, offsetof(Image, mtime), 0),
515 SD_BUS_PROPERTY("Usage", "t", NULL, offsetof(Image, usage), 0),
516 SD_BUS_PROPERTY("Limit", "t", NULL, offsetof(Image, limit), 0),
517 SD_BUS_PROPERTY("UsageExclusive", "t", NULL, offsetof(Image, usage_exclusive), 0),
518 SD_BUS_PROPERTY("LimitExclusive", "t", NULL, offsetof(Image, limit_exclusive), 0),
519 SD_BUS_METHOD("Remove", NULL, NULL, bus_image_method_remove, SD_BUS_VTABLE_UNPRIVILEGED),
520 SD_BUS_METHOD("Rename", "s", NULL, bus_image_method_rename, SD_BUS_VTABLE_UNPRIVILEGED),
521 SD_BUS_METHOD("Clone", "sb", NULL, bus_image_method_clone, SD_BUS_VTABLE_UNPRIVILEGED),
522 SD_BUS_METHOD("MarkReadOnly", "b", NULL, bus_image_method_mark_read_only, SD_BUS_VTABLE_UNPRIVILEGED),
523 SD_BUS_METHOD("SetLimit", "t", NULL, bus_image_method_set_limit, SD_BUS_VTABLE_UNPRIVILEGED),
524 SD_BUS_METHOD("GetHostname", NULL, "s", bus_image_method_get_hostname, SD_BUS_VTABLE_UNPRIVILEGED),
525 SD_BUS_METHOD("GetMachineID", NULL, "ay", bus_image_method_get_machine_id, SD_BUS_VTABLE_UNPRIVILEGED),
526 SD_BUS_METHOD("GetMachineInfo", NULL, "a{ss}", bus_image_method_get_machine_info, SD_BUS_VTABLE_UNPRIVILEGED),
527 SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_image_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
528 SD_BUS_VTABLE_END
529 };
530
531 const BusObjectImplementation image_object = {
532 "/org/freedesktop/machine1/image",
533 "org.freedesktop.machine1.Image",
534 .fallback_vtables = BUS_FALLBACK_VTABLES({image_vtable, image_object_find}),
535 .node_enumerator = image_node_enumerator,
536 };
Unnamed repository; edit this file 'description' to name the repository.