]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/machine/machine-dbus.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
machined: remove spurious include of <sys/capability.h>
[thirdparty/systemd.git] / src / machine / machine-dbus.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <errno.h>
23 #include <string.h>
24 #include <arpa/inet.h>
25
26 #include "bus-util.h"
27 #include "bus-label.h"
28 #include "strv.h"
29 #include "bus-common-errors.h"
30 #include "copy.h"
31 #include "fileio.h"
32 #include "in-addr-util.h"
33 #include "local-addresses.h"
34 #include "path-util.h"
35 #include "bus-internal.h"
36 #include "machine.h"
37
38 static int property_get_id(
39 sd_bus *bus,
40 const char *path,
41 const char *interface,
42 const char *property,
43 sd_bus_message *reply,
44 void *userdata,
45 sd_bus_error *error) {
46
47 Machine *m = userdata;
48 int r;
49
50 assert(bus);
51 assert(reply);
52 assert(m);
53
54 r = sd_bus_message_append_array(reply, 'y', &m->id, 16);
55 if (r < 0)
56 return r;
57
58 return 1;
59 }
60
61 static int property_get_state(
62 sd_bus *bus,
63 const char *path,
64 const char *interface,
65 const char *property,
66 sd_bus_message *reply,
67 void *userdata,
68 sd_bus_error *error) {
69
70 Machine *m = userdata;
71 const char *state;
72 int r;
73
74 assert(bus);
75 assert(reply);
76 assert(m);
77
78 state = machine_state_to_string(machine_get_state(m));
79
80 r = sd_bus_message_append_basic(reply, 's', state);
81 if (r < 0)
82 return r;
83
84 return 1;
85 }
86
87 static int property_get_netif(
88 sd_bus *bus,
89 const char *path,
90 const char *interface,
91 const char *property,
92 sd_bus_message *reply,
93 void *userdata,
94 sd_bus_error *error) {
95
96 Machine *m = userdata;
97 int r;
98
99 assert(bus);
100 assert(reply);
101 assert(m);
102
103 assert_cc(sizeof(int) == sizeof(int32_t));
104
105 r = sd_bus_message_append_array(reply, 'i', m->netif, m->n_netif * sizeof(int));
106 if (r < 0)
107 return r;
108
109 return 1;
110 }
111
112 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_class, machine_class, MachineClass);
113
114 int bus_machine_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
115 Machine *m = userdata;
116 int r;
117
118 assert(bus);
119 assert(message);
120 assert(m);
121
122 r = machine_stop(m);
123 if (r < 0)
124 return r;
125
126 return sd_bus_reply_method_return(message, NULL);
127 }
128
129 int bus_machine_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
130 Machine *m = userdata;
131 const char *swho;
132 int32_t signo;
133 KillWho who;
134 int r;
135
136 assert(bus);
137 assert(message);
138 assert(m);
139
140 r = sd_bus_message_read(message, "si", &swho, &signo);
141 if (r < 0)
142 return r;
143
144 if (isempty(swho))
145 who = KILL_ALL;
146 else {
147 who = kill_who_from_string(swho);
148 if (who < 0)
149 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid kill parameter '%s'", swho);
150 }
151
152 if (signo <= 0 || signo >= _NSIG)
153 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid signal %i", signo);
154
155 r = machine_kill(m, who, signo);
156 if (r < 0)
157 return r;
158
159 return sd_bus_reply_method_return(message, NULL);
160 }
161
162 int bus_machine_method_get_addresses(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
163 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
164 _cleanup_close_pair_ int pair[2] = { -1, -1 };
165 _cleanup_free_ char *us = NULL, *them = NULL;
166 _cleanup_close_ int netns_fd = -1;
167 Machine *m = userdata;
168 const char *p;
169 siginfo_t si;
170 pid_t child;
171 int r;
172
173 assert(bus);
174 assert(message);
175 assert(m);
176
177 r = readlink_malloc("/proc/self/ns/net", &us);
178 if (r < 0)
179 return sd_bus_error_set_errno(error, r);
180
181 p = procfs_file_alloca(m->leader, "ns/net");
182 r = readlink_malloc(p, &them);
183 if (r < 0)
184 return sd_bus_error_set_errno(error, r);
185
186 if (streq(us, them))
187 return sd_bus_error_setf(error, BUS_ERROR_NO_PRIVATE_NETWORKING, "Machine %s does not use private networking", m->name);
188
189 r = namespace_open(m->leader, NULL, NULL, &netns_fd, NULL);
190 if (r < 0)
191 return sd_bus_error_set_errno(error, r);
192
193 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
194 return sd_bus_error_set_errno(error, -errno);
195
196 child = fork();
197 if (child < 0)
198 return sd_bus_error_set_errno(error, -errno);
199
200 if (child == 0) {
201 _cleanup_free_ struct local_address *addresses = NULL;
202 struct local_address *a;
203 int i, n;
204
205 pair[0] = safe_close(pair[0]);
206
207 r = namespace_enter(-1, -1, netns_fd, -1);
208 if (r < 0)
209 _exit(EXIT_FAILURE);
210
211 n = local_addresses(NULL, 0, AF_UNSPEC, &addresses);
212 if (n < 0)
213 _exit(EXIT_FAILURE);
214
215 for (a = addresses, i = 0; i < n; a++, i++) {
216 struct iovec iov[2] = {
217 { .iov_base = &a->family, .iov_len = sizeof(a->family) },
218 { .iov_base = &a->address, .iov_len = FAMILY_ADDRESS_SIZE(a->family) },
219 };
220
221 r = writev(pair[1], iov, 2);
222 if (r < 0)
223 _exit(EXIT_FAILURE);
224 }
225
226 pair[1] = safe_close(pair[1]);
227
228 _exit(EXIT_SUCCESS);
229 }
230
231 pair[1] = safe_close(pair[1]);
232
233 r = sd_bus_message_new_method_return(message, &reply);
234 if (r < 0)
235 return sd_bus_error_set_errno(error, r);
236
237 r = sd_bus_message_open_container(reply, 'a', "(iay)");
238 if (r < 0)
239 return sd_bus_error_set_errno(error, r);
240
241 for (;;) {
242 int family;
243 ssize_t n;
244 union in_addr_union in_addr;
245 struct iovec iov[2];
246 struct msghdr mh = {
247 .msg_iov = iov,
248 .msg_iovlen = 2,
249 };
250
251 iov[0] = (struct iovec) { .iov_base = &family, .iov_len = sizeof(family) };
252 iov[1] = (struct iovec) { .iov_base = &in_addr, .iov_len = sizeof(in_addr) };
253
254 n = recvmsg(pair[0], &mh, 0);
255 if (n < 0)
256 return sd_bus_error_set_errno(error, -errno);
257 if ((size_t) n < sizeof(family))
258 break;
259
260 r = sd_bus_message_open_container(reply, 'r', "iay");
261 if (r < 0)
262 return sd_bus_error_set_errno(error, r);
263
264 r = sd_bus_message_append(reply, "i", family);
265 if (r < 0)
266 return sd_bus_error_set_errno(error, r);
267
268 switch (family) {
269
270 case AF_INET:
271 if (n != sizeof(struct in_addr) + sizeof(family))
272 return sd_bus_error_set_errno(error, EIO);
273
274 r = sd_bus_message_append_array(reply, 'y', &in_addr.in, sizeof(in_addr.in));
275 break;
276
277 case AF_INET6:
278 if (n != sizeof(struct in6_addr) + sizeof(family))
279 return sd_bus_error_set_errno(error, EIO);
280
281 r = sd_bus_message_append_array(reply, 'y', &in_addr.in6, sizeof(in_addr.in6));
282 break;
283 }
284 if (r < 0)
285 return sd_bus_error_set_errno(error, r);
286
287 r = sd_bus_message_close_container(reply);
288 if (r < 0)
289 return sd_bus_error_set_errno(error, r);
290 }
291
292 r = wait_for_terminate(child, &si);
293 if (r < 0)
294 return sd_bus_error_set_errno(error, r);
295 if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
296 return sd_bus_error_set_errno(error, EIO);
297
298 r = sd_bus_message_close_container(reply);
299 if (r < 0)
300 return sd_bus_error_set_errno(error, r);
301
302 return sd_bus_send(bus, reply, NULL);
303 }
304
305 int bus_machine_method_get_os_release(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
306 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
307 _cleanup_close_ int mntns_fd = -1, root_fd = -1;
308 _cleanup_close_pair_ int pair[2] = { -1, -1 };
309 _cleanup_strv_free_ char **l = NULL;
310 _cleanup_fclose_ FILE *f = NULL;
311 Machine *m = userdata;
312 char **k, **v;
313 siginfo_t si;
314 pid_t child;
315 int r;
316
317 assert(bus);
318 assert(message);
319 assert(m);
320
321 r = namespace_open(m->leader, NULL, &mntns_fd, NULL, &root_fd);
322 if (r < 0)
323 return r;
324
325 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
326 return -errno;
327
328 child = fork();
329 if (child < 0)
330 return -errno;
331
332 if (child == 0) {
333 _cleanup_close_ int fd = -1;
334
335 pair[0] = safe_close(pair[0]);
336
337 r = namespace_enter(-1, mntns_fd, -1, root_fd);
338 if (r < 0)
339 _exit(EXIT_FAILURE);
340
341 fd = open("/etc/os-release", O_RDONLY|O_CLOEXEC);
342 if (fd < 0) {
343 fd = open("/usr/lib/os-release", O_RDONLY|O_CLOEXEC);
344 if (fd < 0)
345 _exit(EXIT_FAILURE);
346 }
347
348 r = copy_bytes(fd, pair[1], (off_t) -1, false);
349 if (r < 0)
350 _exit(EXIT_FAILURE);
351
352 _exit(EXIT_SUCCESS);
353 }
354
355 pair[1] = safe_close(pair[1]);
356
357 f = fdopen(pair[0], "re");
358 if (!f)
359 return -errno;
360
361 pair[0] = -1;
362
363 r = load_env_file_pairs(f, "/etc/os-release", NULL, &l);
364 if (r < 0)
365 return r;
366
367 r = wait_for_terminate(child, &si);
368 if (r < 0)
369 return r;
370 if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
371 return -EIO;
372
373 r = sd_bus_message_new_method_return(message, &reply);
374 if (r < 0)
375 return r;
376
377 r = sd_bus_message_open_container(reply, 'a', "{ss}");
378 if (r < 0)
379 return r;
380
381 STRV_FOREACH_PAIR(k, v, l) {
382 r = sd_bus_message_append(reply, "{ss}", *k, *v);
383 if (r < 0)
384 return r;
385 }
386
387 r = sd_bus_message_close_container(reply);
388 if (r < 0)
389 return r;
390
391 return sd_bus_send(bus, reply, NULL);
392 }
393
394 int bus_machine_method_open_pty(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
395 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
396 _cleanup_free_ char *pty_name = NULL;
397 _cleanup_close_ int master = -1;
398 Machine *m = userdata;
399 int r;
400
401 assert(bus);
402 assert(message);
403 assert(m);
404
405 master = openpt_in_namespace(m->leader, O_RDWR|O_NOCTTY|O_CLOEXEC);
406 if (master < 0)
407 return master;
408
409 r = ptsname_malloc(master, &pty_name);
410 if (r < 0)
411 return r;
412
413 r = sd_bus_message_new_method_return(message, &reply);
414 if (r < 0)
415 return r;
416
417 r = sd_bus_message_append(reply, "hs", master, pty_name);
418 if (r < 0)
419 return r;
420
421 return sd_bus_send(bus, reply, NULL);
422 }
423
424 int bus_machine_method_open_login(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
425 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
426 _cleanup_free_ char *pty_name = NULL, *getty = NULL;
427 _cleanup_bus_unref_ sd_bus *container_bus = NULL;
428 _cleanup_close_ int master = -1;
429 Machine *m = userdata;
430 const char *p;
431 int r;
432
433 r = bus_verify_polkit_async(
434 message,
435 CAP_SYS_ADMIN,
436 "org.freedesktop.machine1.login",
437 false,
438 &m->manager->polkit_registry,
439 error);
440 if (r < 0)
441 return r;
442 if (r == 0)
443 return 1; /* Will call us back */
444
445 master = openpt_in_namespace(m->leader, O_RDWR|O_NOCTTY|O_CLOEXEC);
446 if (master < 0)
447 return master;
448
449 r = ptsname_malloc(master, &pty_name);
450 if (r < 0)
451 return r;
452
453 p = path_startswith(pty_name, "/dev/pts/");
454 if (!p)
455 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "PTS name %s is invalid", pty_name);
456
457 if (unlockpt(master) < 0)
458 return -errno;
459
460 r = sd_bus_new(&container_bus);
461 if (r < 0)
462 return r;
463
464 #ifdef ENABLE_KDBUS
465 asprintf(&container_bus->address, "x-container-kernel:pid=" PID_FMT ";x-container-unix:pid=" PID_FMT, m->leader, m->leader);
466 #else
467 asprintf(&container_bus->address, "x-container-kernel:pid=" PID_FMT, m->leader);
468 #endif
469 if (!container_bus->address)
470 return -ENOMEM;
471
472 container_bus->bus_client = true;
473 container_bus->trusted = false;
474 container_bus->is_system = true;
475
476 r = sd_bus_start(container_bus);
477 if (r < 0)
478 return r;
479
480 getty = strjoin("container-getty@", p, ".service", NULL);
481 if (!getty)
482 return -ENOMEM;
483
484 r = sd_bus_call_method(
485 container_bus,
486 "org.freedesktop.systemd1",
487 "/org/freedesktop/systemd1",
488 "org.freedesktop.systemd1.Manager",
489 "StartUnit",
490 error, NULL,
491 "ss", getty, "replace");
492 if (r < 0)
493 return r;
494
495 container_bus = sd_bus_unref(container_bus);
496
497 r = sd_bus_message_new_method_return(message, &reply);
498 if (r < 0)
499 return r;
500
501 r = sd_bus_message_append(reply, "hs", master, pty_name);
502 if (r < 0)
503 return r;
504
505 return sd_bus_send(bus, reply, NULL);
506 }
507
508 const sd_bus_vtable machine_vtable[] = {
509 SD_BUS_VTABLE_START(0),
510 SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Machine, name), SD_BUS_VTABLE_PROPERTY_CONST),
511 SD_BUS_PROPERTY("Id", "ay", property_get_id, 0, SD_BUS_VTABLE_PROPERTY_CONST),
512 BUS_PROPERTY_DUAL_TIMESTAMP("Timestamp", offsetof(Machine, timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
513 SD_BUS_PROPERTY("Service", "s", NULL, offsetof(Machine, service), SD_BUS_VTABLE_PROPERTY_CONST),
514 SD_BUS_PROPERTY("Unit", "s", NULL, offsetof(Machine, unit), SD_BUS_VTABLE_PROPERTY_CONST),
515 SD_BUS_PROPERTY("Scope", "s", NULL, offsetof(Machine, unit), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
516 SD_BUS_PROPERTY("Leader", "u", NULL, offsetof(Machine, leader), SD_BUS_VTABLE_PROPERTY_CONST),
517 SD_BUS_PROPERTY("Class", "s", property_get_class, offsetof(Machine, class), SD_BUS_VTABLE_PROPERTY_CONST),
518 SD_BUS_PROPERTY("RootDirectory", "s", NULL, offsetof(Machine, root_directory), SD_BUS_VTABLE_PROPERTY_CONST),
519 SD_BUS_PROPERTY("NetworkInterfaces", "ai", property_get_netif, 0, SD_BUS_VTABLE_PROPERTY_CONST),
520 SD_BUS_PROPERTY("State", "s", property_get_state, 0, 0),
521 SD_BUS_METHOD("Terminate", NULL, NULL, bus_machine_method_terminate, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
522 SD_BUS_METHOD("Kill", "si", NULL, bus_machine_method_kill, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)),
523 SD_BUS_METHOD("GetAddresses", NULL, "a(iay)", bus_machine_method_get_addresses, SD_BUS_VTABLE_UNPRIVILEGED),
524 SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_machine_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
525 SD_BUS_METHOD("OpenPTY", NULL, "hs", bus_machine_method_open_pty, 0),
526 SD_BUS_METHOD("OpenLogin", NULL, "hs", bus_machine_method_open_login, SD_BUS_VTABLE_UNPRIVILEGED),
527 SD_BUS_VTABLE_END
528 };
529
530 int machine_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
531 Manager *m = userdata;
532 Machine *machine;
533 int r;
534
535 assert(bus);
536 assert(path);
537 assert(interface);
538 assert(found);
539 assert(m);
540
541 if (streq(path, "/org/freedesktop/machine1/machine/self")) {
542 _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
543 sd_bus_message *message;
544 pid_t pid;
545
546 message = sd_bus_get_current_message(bus);
547 if (!message)
548 return 0;
549
550 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
551 if (r < 0)
552 return r;
553
554 r = sd_bus_creds_get_pid(creds, &pid);
555 if (r < 0)
556 return r;
557
558 r = manager_get_machine_by_pid(m, pid, &machine);
559 if (r <= 0)
560 return 0;
561 } else {
562 _cleanup_free_ char *e = NULL;
563 const char *p;
564
565 p = startswith(path, "/org/freedesktop/machine1/machine/");
566 if (!p)
567 return 0;
568
569 e = bus_label_unescape(p);
570 if (!e)
571 return -ENOMEM;
572
573 machine = hashmap_get(m->machines, e);
574 if (!machine)
575 return 0;
576 }
577
578 *found = machine;
579 return 1;
580 }
581
582 char *machine_bus_path(Machine *m) {
583 _cleanup_free_ char *e = NULL;
584
585 assert(m);
586
587 e = bus_label_escape(m->name);
588 if (!e)
589 return NULL;
590
591 return strappend("/org/freedesktop/machine1/machine/", e);
592 }
593
594 int machine_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
595 _cleanup_strv_free_ char **l = NULL;
596 Machine *machine = NULL;
597 Manager *m = userdata;
598 Iterator i;
599 int r;
600
601 assert(bus);
602 assert(path);
603 assert(nodes);
604
605 HASHMAP_FOREACH(machine, m->machines, i) {
606 char *p;
607
608 p = machine_bus_path(machine);
609 if (!p)
610 return -ENOMEM;
611
612 r = strv_consume(&l, p);
613 if (r < 0)
614 return r;
615 }
616
617 *nodes = l;
618 l = NULL;
619
620 return 1;
621 }
622
623 int machine_send_signal(Machine *m, bool new_machine) {
624 _cleanup_free_ char *p = NULL;
625
626 assert(m);
627
628 p = machine_bus_path(m);
629 if (!p)
630 return -ENOMEM;
631
632 return sd_bus_emit_signal(
633 m->manager->bus,
634 "/org/freedesktop/machine1",
635 "org.freedesktop.machine1.Manager",
636 new_machine ? "MachineNew" : "MachineRemoved",
637 "so", m->name, p);
638 }
639
640 int machine_send_create_reply(Machine *m, sd_bus_error *error) {
641 _cleanup_bus_message_unref_ sd_bus_message *c = NULL;
642 _cleanup_free_ char *p = NULL;
643
644 assert(m);
645
646 if (!m->create_message)
647 return 0;
648
649 c = m->create_message;
650 m->create_message = NULL;
651
652 if (error)
653 return sd_bus_reply_method_error(c, error);
654
655 /* Update the machine state file before we notify the client
656 * about the result. */
657 machine_save(m);
658
659 p = machine_bus_path(m);
660 if (!p)
661 return -ENOMEM;
662
663 return sd_bus_reply_method_return(c, "o", p);
664 }
Unnamed repository; edit this file 'description' to name the repository.