return 0;
}
- if (manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SERVICE) ||
- manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SOCKET)) {
+ if (manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SOCKET) ||
+ manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SERVICE)) {
r = sd_bus_error_set(&error, BUS_ERROR_SHUTTING_DOWN, "Refusing activation, D-Bus is shutting down.");
goto failed;
}
return 0;
}
- nfd = -EBADF;
+ TAKE_FD(nfd);
r = bus_check_peercred(bus);
if (r < 0) {
r = sd_bus_negotiate_creds(bus, 1,
SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
- SD_BUS_CREDS_SELINUX_CONTEXT);
+ SD_BUS_CREDS_SELINUX_CONTEXT|
+ SD_BUS_CREDS_COMM|SD_BUS_CREDS_DESCRIPTION);
if (r < 0) {
log_warning_errno(r, "Failed to enable credentials for new connection: %m");
return 0;
return 0;
}
+ if (DEBUG_LOGGING) {
+ _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *c = NULL;
+ const char *comm = NULL, *description = NULL;
+ pid_t pid = 0;
+
+ r = sd_bus_get_owner_creds(bus, SD_BUS_CREDS_PID|SD_BUS_CREDS_COMM|SD_BUS_CREDS_DESCRIPTION, &c);
+ if (r < 0)
+ log_warning_errno(r, "Failed to get peer creds, ignoring: %m");
+ else {
+ (void) sd_bus_creds_get_pid(c, &pid);
+ (void) sd_bus_creds_get_comm(c, &comm);
+ (void) sd_bus_creds_get_description(c, &description);
+ }
+
+ log_debug("Accepting direct incoming connection from " PID_FMT " (%s) [%s]", pid, strna(comm), strna(description));
+ }
+
r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
if (r < 0) {
log_warning_errno(r, "Failed to attach new connection bus to event loop: %m");
if (r < 0)
return log_error_errno(errno, "Failed to bind private socket: %m");
- r = listen(fd, SOMAXCONN);
+ r = listen(fd, SOMAXCONN_DELUXE);
if (r < 0)
return log_error_errno(errno, "Failed to make private socket listening: %m");
}
int bus_verify_manage_units_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-units", NULL, false, UID_INVALID, &m->polkit_registry, error);
+ return bus_verify_polkit_async(
+ call,
+ "org.freedesktop.systemd1.manage-units",
+ /* details= */ NULL,
+ &m->polkit_registry,
+ error);
}
int bus_verify_manage_unit_files_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-unit-files", NULL, false, UID_INVALID, &m->polkit_registry, error);
+ return bus_verify_polkit_async(
+ call,
+ "org.freedesktop.systemd1.manage-unit-files",
+ /* details= */ NULL,
+ &m->polkit_registry,
+ error);
}
int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.reload-daemon", NULL, false, UID_INVALID, &m->polkit_registry, error);
+ return bus_verify_polkit_async(
+ call,
+ "org.freedesktop.systemd1.reload-daemon",
+ /* details= */ NULL,
+ &m->polkit_registry, error);
}
int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.set-environment", NULL, false, UID_INVALID, &m->polkit_registry, error);
+ return bus_verify_polkit_async(
+ call,
+ "org.freedesktop.systemd1.set-environment",
+ /* details= */ NULL,
+ &m->polkit_registry,
+ error);
+}
+int bus_verify_bypass_dump_ratelimit_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
+ return bus_verify_polkit_async(
+ call,
+ "org.freedesktop.systemd1.bypass-dump-ratelimit",
+ /* details= */ NULL,
+ &m->polkit_registry,
+ error);
}
uint64_t manager_bus_n_queued_write(Manager *m) {