-/* SPDX-License-Identifier: LGPL-2.1+ */
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <sys/file.h>
#include <sys/mount.h>
#include "alloc-util.h"
+#include "bus-get-properties.h"
#include "bus-label.h"
#include "bus-polkit.h"
-#include "bus-util.h"
#include "copy.h"
+#include "discover-image.h"
#include "dissect-image.h"
#include "fd-util.h"
#include "fileio.h"
#include "image-dbus.h"
#include "io-util.h"
#include "loop-util.h"
-#include "machine-image.h"
#include "missing_capability.h"
#include "mount-util.h"
+#include "os-util.h"
#include "process-util.h"
#include "raw-clone.h"
#include "strv.h"
void *userdata,
sd_bus_error *error) {
- _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
- Image *image = userdata;
+ _cleanup_close_pair_ int errno_pipe_fd[2] = EBADF_PAIR;
+ Image *image = ASSERT_PTR(userdata);
Manager *m = image->userdata;
pid_t child;
int r;
assert(message);
- assert(image);
if (m->n_operations >= OPERATIONS_MAX)
- return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
+ return sd_bus_error_set(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
+
+ const char *details[] = {
+ "image", image->name,
+ "verb", "remove",
+ NULL
+ };
r = bus_verify_polkit_async(
message,
- CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
- NULL,
- false,
- UID_INVALID,
+ details,
&m->polkit_registry,
error);
if (r < 0)
return r;
}
- errno_pipe_fd[0] = -1;
+ errno_pipe_fd[0] = -EBADF;
return 1;
}
void *userdata,
sd_bus_error *error) {
- Image *image = userdata;
+ Image *image = ASSERT_PTR(userdata);
Manager *m = image->userdata;
const char *new_name;
int r;
assert(message);
- assert(image);
r = sd_bus_message_read(message, "s", &new_name);
if (r < 0)
if (!image_name_is_valid(new_name))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
+ const char *details[] = {
+ "image", image->name,
+ "verb", "rename",
+ "new_name", new_name,
+ NULL
+ };
+
r = bus_verify_polkit_async(
message,
- CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
- NULL,
- false,
- UID_INVALID,
+ details,
&m->polkit_registry,
error);
if (r < 0)
void *userdata,
sd_bus_error *error) {
- _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
- Image *image = userdata;
- Manager *m = image->userdata;
+ _cleanup_close_pair_ int errno_pipe_fd[2] = EBADF_PAIR;
+ Image *image = ASSERT_PTR(userdata);
+ Manager *m = ASSERT_PTR(image->userdata);
const char *new_name;
int r, read_only;
pid_t child;
assert(message);
- assert(image);
- assert(m);
if (m->n_operations >= OPERATIONS_MAX)
- return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
+ return sd_bus_error_set(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
r = sd_bus_message_read(message, "sb", &new_name, &read_only);
if (r < 0)
if (!image_name_is_valid(new_name))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
+ const char *details[] = {
+ "image", image->name,
+ "verb", "clone",
+ "new_name", new_name,
+ NULL
+ };
+
r = bus_verify_polkit_async(
message,
- CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
- NULL,
- false,
- UID_INVALID,
+ details,
&m->polkit_registry,
error);
if (r < 0)
return r;
}
- errno_pipe_fd[0] = -1;
+ errno_pipe_fd[0] = -EBADF;
return 1;
}
Image *image = userdata;
Manager *m = image->userdata;
- int r, read_only;
+ int read_only, r;
assert(message);
if (r < 0)
return r;
+ const char *details[] = {
+ "image", image->name,
+ "verb", "mark_read_only",
+ "read_only", one_zero(read_only),
+ NULL
+ };
+
r = bus_verify_polkit_async(
message,
- CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
- NULL,
- false,
- UID_INVALID,
+ details,
&m->polkit_registry,
error);
if (r < 0)
if (r < 0)
return r;
if (!FILE_SIZE_VALID_OR_INFINITY(limit))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");
+ return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");
+
+ const char *details[] = {
+ "machine", image->name,
+ "verb", "set_limit",
+ NULL
+ };
r = bus_verify_polkit_async(
message,
- CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
- NULL,
- false,
- UID_INVALID,
+ details,
&m->polkit_registry,
error);
if (r < 0)
int r;
if (!image->metadata_valid) {
- r = image_read_metadata(image);
+ r = image_read_metadata(image, &image_policy_container);
if (r < 0)
return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
}
int r;
if (!image->metadata_valid) {
- r = image_read_metadata(image);
+ r = image_read_metadata(image, &image_policy_container);
if (r < 0)
return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
}
int r;
if (!image->metadata_valid) {
- r = image_read_metadata(image);
+ r = image_read_metadata(image, &image_policy_container);
if (r < 0)
return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
}
int r;
if (!image->metadata_valid) {
- r = image_read_metadata(image);
+ r = image_read_metadata(image, &image_policy_container);
if (r < 0)
return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
}
}
static int image_flush_cache(sd_event_source *s, void *userdata) {
- Manager *m = userdata;
+ Manager *m = ASSERT_PTR(userdata);
assert(s);
- assert(m);
hashmap_clear(m->image_cache);
return 0;
return 1;
}
- r = hashmap_ensure_allocated(&m->image_cache, &image_hash_ops);
- if (r < 0)
- return r;
-
if (!m->image_cache_defer_event) {
r = sd_event_add_defer(m->event, &m->image_cache_defer_event, image_flush_cache, m);
if (r < 0)
if (r < 0)
return r;
- r = image_find(IMAGE_MACHINE, e, &image);
+ r = image_find(IMAGE_MACHINE, e, NULL, &image);
if (r == -ENOENT)
return 0;
if (r < 0)
image->userdata = m;
- r = hashmap_put(m->image_cache, image->name, image);
+ r = hashmap_ensure_put(&m->image_cache, &image_hash_ops, image->name, image);
if (r < 0) {
image_unref(image);
return r;
_cleanup_hashmap_free_ Hashmap *images = NULL;
_cleanup_strv_free_ char **l = NULL;
Image *image;
- Iterator i;
int r;
assert(bus);
if (!images)
return -ENOMEM;
- r = image_discover(IMAGE_MACHINE, images);
+ r = image_discover(IMAGE_MACHINE, NULL, images);
if (r < 0)
return r;
- HASHMAP_FOREACH(image, images, i) {
+ HASHMAP_FOREACH(image, images) {
char *p;
p = image_bus_path(image->name);
projects / thirdparty / systemd.git / blobdiff