1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
8 #include <sys/resource.h>
9 #include <sys/socket.h>
13 #include "sd-daemon.h"
17 #include "bus-common-errors.h"
18 #include "bus-internal.h"
19 #include "bus-label.h"
21 #include "data-fd-util.h"
23 #include "path-util.h"
24 #include "socket-util.h"
25 #include "stdio-util.h"
27 static int name_owner_change_callback(sd_bus_message
*m
, void *userdata
, sd_bus_error
*ret_error
) {
28 sd_event
*e
= ASSERT_PTR(userdata
);
32 sd_bus_close(sd_bus_message_get_bus(m
));
38 int bus_log_address_error(int r
, BusTransport transport
) {
39 bool hint
= transport
== BUS_TRANSPORT_LOCAL
&& r
== -ENOMEDIUM
;
41 return log_error_errno(r
,
42 hint
? "Failed to set bus address: $DBUS_SESSION_BUS_ADDRESS and $XDG_RUNTIME_DIR not defined (consider using --machine=<user>@.host --user to connect to bus of other user)" :
43 "Failed to set bus address: %m");
46 int bus_log_connect_error(int r
, BusTransport transport
) {
47 bool hint_vars
= transport
== BUS_TRANSPORT_LOCAL
&& r
== -ENOMEDIUM
,
48 hint_addr
= transport
== BUS_TRANSPORT_LOCAL
&& ERRNO_IS_PRIVILEGE(r
);
50 return log_error_errno(r
,
51 r
== hint_vars
? "Failed to connect to bus: $DBUS_SESSION_BUS_ADDRESS and $XDG_RUNTIME_DIR not defined (consider using --machine=<user>@.host --user to connect to bus of other user)" :
52 r
== hint_addr
? "Failed to connect to bus: Operation not permitted (consider using --machine=<user>@.host --user to connect to bus of other user)" :
53 "Failed to connect to bus: %m");
56 int bus_async_unregister_and_exit(sd_event
*e
, sd_bus
*bus
, const char *name
) {
65 /* We unregister the name here and then wait for the
66 * NameOwnerChanged signal for this event to arrive before we
67 * quit. We do this in order to make sure that any queued
68 * requests are still processed before we really exit. */
70 r
= sd_bus_get_unique_name(bus
, &unique
);
75 "sender='org.freedesktop.DBus',"
77 "interface='org.freedesktop.DBus',"
78 "member='NameOwnerChanged',"
79 "path='/org/freedesktop/DBus',"
81 "arg1='", unique
, "',",
84 r
= sd_bus_add_match_async(bus
, NULL
, match
, name_owner_change_callback
, NULL
, e
);
88 r
= sd_bus_release_name_async(bus
, NULL
, name
, NULL
, NULL
);
95 int bus_event_loop_with_idle(
100 check_idle_t check_idle
,
102 bool exiting
= false;
112 r
= sd_event_get_state(e
);
115 if (r
== SD_EVENT_FINISHED
)
119 idle
= check_idle(userdata
);
123 r
= sd_event_run(e
, exiting
|| !idle
? UINT64_MAX
: timeout
);
127 if (r
== 0 && !exiting
&& idle
) {
128 /* Inform the service manager that we are going down, so that it will queue all
129 * further start requests, instead of assuming we are already running. */
130 sd_notify(false, "STOPPING=1");
132 r
= bus_async_unregister_and_exit(e
, bus
, name
);
141 r
= sd_event_get_exit_code(e
, &code
);
148 int bus_name_has_owner(sd_bus
*c
, const char *name
, sd_bus_error
*error
) {
149 _cleanup_(sd_bus_message_unrefp
) sd_bus_message
*rep
= NULL
;
150 int r
, has_owner
= 0;
155 r
= sd_bus_call_method(c
,
156 "org.freedesktop.DBus",
157 "/org/freedesktop/dbus",
158 "org.freedesktop.DBus",
167 r
= sd_bus_message_read_basic(rep
, 'b', &has_owner
);
169 return sd_bus_error_set_errno(error
, r
);
174 bool bus_error_is_unknown_service(const sd_bus_error
*error
) {
175 return sd_bus_error_has_names(error
,
176 SD_BUS_ERROR_SERVICE_UNKNOWN
,
177 SD_BUS_ERROR_NAME_HAS_NO_OWNER
,
178 BUS_ERROR_NO_SUCH_UNIT
);
181 int bus_check_peercred(sd_bus
*c
) {
187 fd
= sd_bus_get_fd(c
);
191 r
= getpeercred(fd
, &ucred
);
195 if (ucred
.uid
!= 0 && ucred
.uid
!= geteuid())
201 int bus_connect_system_systemd(sd_bus
**ret_bus
) {
202 _cleanup_(sd_bus_close_unrefp
) sd_bus
*bus
= NULL
;
208 return sd_bus_default_system(ret_bus
);
210 /* If we are root then let's talk directly to the system
211 * instance, instead of going via the bus */
213 r
= sd_bus_new(&bus
);
217 r
= sd_bus_set_address(bus
, "unix:path=/run/systemd/private");
221 r
= sd_bus_start(bus
);
223 return sd_bus_default_system(ret_bus
);
225 r
= bus_check_peercred(bus
);
229 *ret_bus
= TAKE_PTR(bus
);
233 int bus_connect_user_systemd(sd_bus
**ret_bus
) {
234 _cleanup_(sd_bus_close_unrefp
) sd_bus
*bus
= NULL
;
235 _cleanup_free_
char *ee
= NULL
;
241 e
= secure_getenv("XDG_RUNTIME_DIR");
243 return sd_bus_default_user(ret_bus
);
245 ee
= bus_address_escape(e
);
249 r
= sd_bus_new(&bus
);
253 bus
->address
= strjoin("unix:path=", ee
, "/systemd/private");
257 r
= sd_bus_start(bus
);
259 return sd_bus_default_user(ret_bus
);
261 r
= bus_check_peercred(bus
);
265 *ret_bus
= TAKE_PTR(bus
);
269 int bus_connect_transport(
270 BusTransport transport
,
272 RuntimeScope runtime_scope
,
275 _cleanup_(sd_bus_close_unrefp
) sd_bus
*bus
= NULL
;
278 assert(transport
>= 0);
279 assert(transport
< _BUS_TRANSPORT_MAX
);
282 assert_return((transport
== BUS_TRANSPORT_LOCAL
) == !host
, -EINVAL
);
283 assert_return(transport
!= BUS_TRANSPORT_REMOTE
|| runtime_scope
== RUNTIME_SCOPE_SYSTEM
, -EOPNOTSUPP
);
287 case BUS_TRANSPORT_LOCAL
:
289 switch (runtime_scope
) {
291 case RUNTIME_SCOPE_USER
:
292 r
= sd_bus_default_user(&bus
);
295 case RUNTIME_SCOPE_SYSTEM
:
296 if (sd_booted() <= 0)
297 /* Print a friendly message when the local system is actually not running systemd as PID 1. */
298 return log_error_errno(SYNTHETIC_ERRNO(EHOSTDOWN
),
299 "System has not been booted with systemd as init system (PID 1). Can't operate.");
300 r
= sd_bus_default_system(&bus
);
304 assert_not_reached();
308 case BUS_TRANSPORT_REMOTE
:
309 r
= sd_bus_open_system_remote(&bus
, host
);
312 case BUS_TRANSPORT_MACHINE
:
314 switch (runtime_scope
) {
316 case RUNTIME_SCOPE_USER
:
317 r
= sd_bus_open_user_machine(&bus
, host
);
320 case RUNTIME_SCOPE_SYSTEM
:
321 r
= sd_bus_open_system_machine(&bus
, host
);
325 assert_not_reached();
331 assert_not_reached();
336 r
= sd_bus_set_exit_on_disconnect(bus
, true);
340 *ret
= TAKE_PTR(bus
);
344 int bus_connect_transport_systemd(BusTransport transport
, const char *host
, RuntimeScope runtime_scope
, sd_bus
**bus
) {
345 assert(transport
>= 0);
346 assert(transport
< _BUS_TRANSPORT_MAX
);
349 assert_return((transport
== BUS_TRANSPORT_LOCAL
) == !host
, -EINVAL
);
350 assert_return(transport
== BUS_TRANSPORT_LOCAL
|| runtime_scope
== RUNTIME_SCOPE_SYSTEM
, -EOPNOTSUPP
);
354 case BUS_TRANSPORT_LOCAL
:
355 switch (runtime_scope
) {
357 case RUNTIME_SCOPE_USER
:
358 return bus_connect_user_systemd(bus
);
360 case RUNTIME_SCOPE_SYSTEM
:
361 if (sd_booted() <= 0)
362 /* Print a friendly message when the local system is actually not running systemd as PID 1. */
363 return log_error_errno(SYNTHETIC_ERRNO(EHOSTDOWN
),
364 "System has not been booted with systemd as init system (PID 1). Can't operate.");
365 return bus_connect_system_systemd(bus
);
368 assert_not_reached();
373 case BUS_TRANSPORT_REMOTE
:
374 return sd_bus_open_system_remote(bus
, host
);
376 case BUS_TRANSPORT_MACHINE
:
377 return sd_bus_open_system_machine(bus
, host
);
380 assert_not_reached();
385 * bus_path_encode_unique() - encode unique object path
386 * @b: bus connection or NULL
387 * @prefix: object path prefix
388 * @sender_id: unique-name of client, or NULL
389 * @external_id: external ID to be chosen by client, or NULL
390 * @ret_path: storage for encoded object path pointer
392 * Whenever we provide a bus API that allows clients to create and manage
393 * server-side objects, we need to provide a unique name for these objects. If
394 * we let the server choose the name, we suffer from a race condition: If a
395 * client creates an object asynchronously, it cannot destroy that object until
396 * it received the method reply. It cannot know the name of the new object,
397 * thus, it cannot destroy it. Furthermore, it enforces a round-trip.
399 * Therefore, many APIs allow the client to choose the unique name for newly
400 * created objects. There're two problems to solve, though:
401 * 1) Object names are usually defined via dbus object paths, which are
402 * usually globally namespaced. Therefore, multiple clients must be able
403 * to choose unique object names without interference.
404 * 2) If multiple libraries share the same bus connection, they must be
405 * able to choose unique object names without interference.
406 * The first problem is solved easily by prefixing a name with the
407 * unique-bus-name of a connection. The server side must enforce this and
408 * reject any other name. The second problem is solved by providing unique
409 * suffixes from within sd-bus.
411 * This helper allows clients to create unique object-paths. It uses the
412 * template '/prefix/sender_id/external_id' and returns the new path in
413 * @ret_path (must be freed by the caller).
414 * If @sender_id is NULL, the unique-name of @b is used. If @external_id is
415 * NULL, this function allocates a unique suffix via @b (by requesting a new
416 * cookie). If both @sender_id and @external_id are given, @b can be passed as
419 * Returns: 0 on success, negative error code on failure.
421 int bus_path_encode_unique(sd_bus
*b
, const char *prefix
, const char *sender_id
, const char *external_id
, char **ret_path
) {
422 _cleanup_free_
char *sender_label
= NULL
, *external_label
= NULL
;
423 char external_buf
[DECIMAL_STR_MAX(uint64_t)], *p
;
426 assert_return(b
|| (sender_id
&& external_id
), -EINVAL
);
427 assert_return(sd_bus_object_path_is_valid(prefix
), -EINVAL
);
428 assert_return(ret_path
, -EINVAL
);
431 r
= sd_bus_get_unique_name(b
, &sender_id
);
437 xsprintf(external_buf
, "%"PRIu64
, ++b
->cookie
);
438 external_id
= external_buf
;
441 sender_label
= bus_label_escape(sender_id
);
445 external_label
= bus_label_escape(external_id
);
449 p
= path_join(prefix
, sender_label
, external_label
);
458 * bus_path_decode_unique() - decode unique object path
459 * @path: object path to decode
460 * @prefix: object path prefix
461 * @ret_sender: output parameter for sender-id label
462 * @ret_external: output parameter for external-id label
464 * This does the reverse of bus_path_encode_unique() (see its description for
465 * details). Both trailing labels, sender-id and external-id, are unescaped and
466 * returned in the given output parameters (the caller must free them).
468 * Note that this function returns 0 if the path does not match the template
469 * (see bus_path_encode_unique()), 1 if it matched.
471 * Returns: Negative error code on failure, 0 if the given object path does not
472 * match the template (return parameters are set to NULL), 1 if it was
473 * parsed successfully (return parameters contain allocated labels).
475 int bus_path_decode_unique(const char *path
, const char *prefix
, char **ret_sender
, char **ret_external
) {
477 char *sender
, *external
;
479 assert(sd_bus_object_path_is_valid(path
));
480 assert(sd_bus_object_path_is_valid(prefix
));
482 assert(ret_external
);
484 p
= object_path_startswith(path
, prefix
);
487 *ret_external
= NULL
;
494 *ret_external
= NULL
;
498 sender
= bus_label_unescape_n(p
, q
- p
);
499 external
= bus_label_unescape(q
+ 1);
500 if (!sender
|| !external
) {
506 *ret_sender
= sender
;
507 *ret_external
= external
;
511 int bus_track_add_name_many(sd_bus_track
*t
, char **l
) {
516 /* Continues adding after failure, and returns the first failure. */
521 k
= sd_bus_track_add_name(t
, *i
);
529 int bus_open_system_watch_bind_with_description(sd_bus
**ret
, const char *description
) {
530 _cleanup_(sd_bus_close_unrefp
) sd_bus
*bus
= NULL
;
536 /* Match like sd_bus_open_system(), but with the "watch_bind" feature and the Connected() signal
539 r
= sd_bus_new(&bus
);
544 r
= sd_bus_set_description(bus
, description
);
549 e
= secure_getenv("DBUS_SYSTEM_BUS_ADDRESS");
551 e
= DEFAULT_SYSTEM_BUS_ADDRESS
;
553 r
= sd_bus_set_address(bus
, e
);
557 r
= sd_bus_set_bus_client(bus
, true);
561 r
= sd_bus_negotiate_creds(bus
, true, SD_BUS_CREDS_UID
|SD_BUS_CREDS_EUID
|SD_BUS_CREDS_EFFECTIVE_CAPS
);
565 r
= sd_bus_set_watch_bind(bus
, true);
569 r
= sd_bus_set_connected_signal(bus
, true);
573 r
= sd_bus_start(bus
);
577 *ret
= TAKE_PTR(bus
);
582 int bus_reply_pair_array(sd_bus_message
*m
, char **l
) {
583 _cleanup_(sd_bus_message_unrefp
) sd_bus_message
*reply
= NULL
;
588 /* Reply to the specified message with a message containing a dictionary put together from the
591 r
= sd_bus_message_new_method_return(m
, &reply
);
595 r
= sd_bus_message_open_container(reply
, 'a', "{ss}");
599 STRV_FOREACH_PAIR(k
, v
, l
) {
600 r
= sd_bus_message_append(reply
, "{ss}", *k
, *v
);
605 r
= sd_bus_message_close_container(reply
);
609 return sd_bus_send(NULL
, reply
, NULL
);
612 static int method_dump_memory_state_by_fd(sd_bus_message
*message
, void *userdata
, sd_bus_error
*ret_error
) {
613 _cleanup_free_
char *dump
= NULL
; /* keep this above dump_file, so that it's freed after */
614 _cleanup_fclose_
FILE *dump_file
= NULL
;
615 _cleanup_close_
int fd
= -EBADF
;
621 dump_file
= open_memstream(&dump
, &dump_size
);
625 r
= RET_NERRNO(malloc_info(/* options= */ 0, dump_file
));
629 dump_file
= safe_fclose(dump_file
);
631 fd
= acquire_data_fd(dump
, dump_size
, 0);
635 r
= sd_bus_reply_method_return(message
, "h", fd
);
639 return 1; /* Stop further processing */
642 /* The default install callback will fail and disconnect the bus if it cannot register the match, but this
643 * is only a debug method, we definitely don't want to fail in case there's some permission issue. */
644 static int dummy_install_callback(sd_bus_message
*message
, void *userdata
, sd_bus_error
*ret_error
) {
648 int bus_register_malloc_status(sd_bus
*bus
, const char *destination
) {
653 assert(!isempty(destination
));
655 match
= strjoina("type='method_call',"
656 "interface='org.freedesktop.MemoryAllocation1',"
657 "path='/org/freedesktop/MemoryAllocation1',"
658 "destination='", destination
, "',",
659 "member='GetMallocInfo'");
661 r
= sd_bus_add_match_async(bus
, NULL
, match
, method_dump_memory_state_by_fd
, dummy_install_callback
, NULL
);
663 return log_debug_errno(r
, "Failed to subscribe to GetMallocInfo() calls on MemoryAllocation1 interface: %m");
668 static void bus_message_unref_wrapper(void *m
) {
669 sd_bus_message_unref(m
);
672 const struct hash_ops bus_message_hash_ops
= {
673 .hash
= trivial_hash_func
,
674 .compare
= trivial_compare_func
,
675 .free_value
= bus_message_unref_wrapper
,