[thirdparty/systemd.git] / src / machine / image-dbus.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#include <sys/file.h>
#include <sys/mount.h>

#include "alloc-util.h"
#include "bus-label.h"
#include "bus-util.h"
#include "copy.h"
#include "dissect-image.h"
#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
#include "image-dbus.h"
#include "io-util.h"
#include "loop-util.h"
#include "machine-image.h"
#include "missing_capability.h"
#include "mount-util.h"
#include "process-util.h"
#include "raw-clone.h"
#include "strv.h"
#include "user-util.h"

static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, image_type, ImageType);

int bus_image_method_remove(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
        Image *image = userdata;
        Manager *m = image->userdata;
        pid_t child;
        int r;

        assert(message);
        assert(image);

        if (m->n_operations >= OPERATIONS_MAX)
                return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
                return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");

        r = safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS, &child);
        if (r < 0)
                return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
        if (r == 0) {
                errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);

                r = image_remove(image);
                if (r < 0) {
                        (void) write(errno_pipe_fd[1], &r, sizeof(r));
                        _exit(EXIT_FAILURE);
                }

                _exit(EXIT_SUCCESS);
        }

        errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);

        r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
        if (r < 0) {
                (void) sigkill_wait(child);
                return r;
        }

        errno_pipe_fd[0] = -1;

        return 1;
}

int bus_image_method_rename(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        Manager *m = image->userdata;
        const char *new_name;
        int r;

        assert(message);
        assert(image);

        r = sd_bus_message_read(message, "s", &new_name);
        if (r < 0)
                return r;

        if (!image_name_is_valid(new_name))
                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        r = image_rename(image, new_name);
        if (r < 0)
                return r;

        return sd_bus_reply_method_return(message, NULL);
}

int bus_image_method_clone(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
        Image *image = userdata;
        Manager *m = image->userdata;
        const char *new_name;
        int r, read_only;
        pid_t child;

        assert(message);
        assert(image);
        assert(m);

        if (m->n_operations >= OPERATIONS_MAX)
                return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");

        r = sd_bus_message_read(message, "sb", &new_name, &read_only);
        if (r < 0)
                return r;

        if (!image_name_is_valid(new_name))
                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
                return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");

        r = safe_fork("(sd-imgclone)", FORK_RESET_SIGNALS, &child);
        if (r < 0)
                return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
        if (r == 0) {
                errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);

                r = image_clone(image, new_name, read_only);
                if (r < 0) {
                        (void) write(errno_pipe_fd[1], &r, sizeof(r));
                        _exit(EXIT_FAILURE);
                }

                _exit(EXIT_SUCCESS);
        }

        errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);

        r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
        if (r < 0) {
                (void) sigkill_wait(child);
                return r;
        }

        errno_pipe_fd[0] = -1;

        return 1;
}

int bus_image_method_mark_read_only(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        Manager *m = image->userdata;
        int r, read_only;

        assert(message);

        r = sd_bus_message_read(message, "b", &read_only);
        if (r < 0)
                return r;

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        r = image_read_only(image, read_only);
        if (r < 0)
                return r;

        return sd_bus_reply_method_return(message, NULL);
}

int bus_image_method_set_limit(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        Manager *m = image->userdata;
        uint64_t limit;
        int r;

        assert(message);

        r = sd_bus_message_read(message, "t", &limit);
        if (r < 0)
                return r;
        if (!FILE_SIZE_VALID_OR_INFINITY(limit))
                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");

        r = bus_verify_polkit_async(
                        message,
                        CAP_SYS_ADMIN,
                        "org.freedesktop.machine1.manage-images",
                        NULL,
                        false,
                        UID_INVALID,
                        &m->polkit_registry,
                        error);
        if (r < 0)
                return r;
        if (r == 0)
                return 1; /* Will call us back */

        r = image_set_limit(image, limit);
        if (r < 0)
                return r;

        return sd_bus_reply_method_return(message, NULL);
}

int bus_image_method_get_hostname(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        return sd_bus_reply_method_return(message, "s", image->hostname);
}

int bus_image_method_get_machine_id(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        r = sd_bus_message_new_method_return(message, &reply);
        if (r < 0)
                return r;

        if (sd_id128_is_null(image->machine_id)) /* Add an empty array if the ID is zero */
                r = sd_bus_message_append(reply, "ay", 0);
        else
                r = sd_bus_message_append_array(reply, 'y', image->machine_id.bytes, 16);
        if (r < 0)
                return r;

        return sd_bus_send(NULL, reply, NULL);
}

int bus_image_method_get_machine_info(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        return bus_reply_pair_array(message, image->machine_info);
}

int bus_image_method_get_os_release(
                sd_bus_message *message,
                void *userdata,
                sd_bus_error *error) {

        Image *image = userdata;
        int r;

        if (!image->metadata_valid) {
                r = image_read_metadata(image);
                if (r < 0)
                        return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
        }

        return bus_reply_pair_array(message, image->os_release);
}

const sd_bus_vtable image_vtable[] = {
        SD_BUS_VTABLE_START(0),
        SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Image, name), 0),
        SD_BUS_PROPERTY("Path", "s", NULL, offsetof(Image, path), 0),
        SD_BUS_PROPERTY("Type", "s", property_get_type,  offsetof(Image, type), 0),
        SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool, offsetof(Image, read_only), 0),
        SD_BUS_PROPERTY("CreationTimestamp", "t", NULL, offsetof(Image, crtime), 0),
        SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL, offsetof(Image, mtime), 0),
        SD_BUS_PROPERTY("Usage", "t", NULL, offsetof(Image, usage), 0),
        SD_BUS_PROPERTY("Limit", "t", NULL, offsetof(Image, limit), 0),
        SD_BUS_PROPERTY("UsageExclusive", "t", NULL, offsetof(Image, usage_exclusive), 0),
        SD_BUS_PROPERTY("LimitExclusive", "t", NULL, offsetof(Image, limit_exclusive), 0),
        SD_BUS_METHOD("Remove", NULL, NULL, bus_image_method_remove, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("Rename", "s", NULL, bus_image_method_rename, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("Clone", "sb", NULL, bus_image_method_clone, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("MarkReadOnly", "b", NULL, bus_image_method_mark_read_only, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("SetLimit", "t", NULL, bus_image_method_set_limit, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetHostname", NULL, "s", bus_image_method_get_hostname, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetMachineID", NULL, "ay", bus_image_method_get_machine_id, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetMachineInfo", NULL, "a{ss}", bus_image_method_get_machine_info, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_image_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_VTABLE_END
};

static int image_flush_cache(sd_event_source *s, void *userdata) {
        Manager *m = userdata;

        assert(s);
        assert(m);

        hashmap_clear(m->image_cache);
        return 0;
}

int image_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
        _cleanup_free_ char *e = NULL;
        Manager *m = userdata;
        Image *image = NULL;
        const char *p;
        int r;

        assert(bus);
        assert(path);
        assert(interface);
        assert(found);

        p = startswith(path, "/org/freedesktop/machine1/image/");
        if (!p)
                return 0;

        e = bus_label_unescape(p);
        if (!e)
                return -ENOMEM;

        image = hashmap_get(m->image_cache, e);
        if (image) {
                *found = image;
                return 1;
        }

        r = hashmap_ensure_allocated(&m->image_cache, &image_hash_ops);
        if (r < 0)
                return r;

        if (!m->image_cache_defer_event) {
                r = sd_event_add_defer(m->event, &m->image_cache_defer_event, image_flush_cache, m);
                if (r < 0)
                        return r;

                r = sd_event_source_set_priority(m->image_cache_defer_event, SD_EVENT_PRIORITY_IDLE);
                if (r < 0)
                        return r;
        }

        r = sd_event_source_set_enabled(m->image_cache_defer_event, SD_EVENT_ONESHOT);
        if (r < 0)
                return r;

        r = image_find(IMAGE_MACHINE, e, &image);
        if (r == -ENOENT)
                return 0;
        if (r < 0)
                return r;

        image->userdata = m;

        r = hashmap_put(m->image_cache, image->name, image);
        if (r < 0) {
                image_unref(image);
                return r;
        }

        *found = image;
        return 1;
}

char *image_bus_path(const char *name) {
        _cleanup_free_ char *e = NULL;

        assert(name);

        e = bus_label_escape(name);
        if (!e)
                return NULL;

        return strappend("/org/freedesktop/machine1/image/", e);
}

int image_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
        _cleanup_hashmap_free_ Hashmap *images = NULL;
        _cleanup_strv_free_ char **l = NULL;
        Image *image;
        Iterator i;
        int r;

        assert(bus);
        assert(path);
        assert(nodes);

        images = hashmap_new(&image_hash_ops);
        if (!images)
                return -ENOMEM;

        r = image_discover(IMAGE_MACHINE, images);
        if (r < 0)
                return r;

        HASHMAP_FOREACH(image, images, i) {
                char *p;

                p = image_bus_path(image->name);
                if (!p)
                        return -ENOMEM;

                r = strv_consume(&l, p);
                if (r < 0)
                        return r;
        }

        *nodes = TAKE_PTR(l);

        return 1;
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
ebeccf9e	2
fe993888	3	#include <sys/file.h>
9153b02b LP	4	#include <sys/mount.h>
9153b02b LP	5
b5efdb8a	6	#include "alloc-util.h"
ebeccf9e	7	#include "bus-label.h"
1ddb263d	8	#include "bus-util.h"
9153b02b LP	9	#include "copy.h"
9153b02b LP	10	#include "dissect-image.h"
56599585	11	#include "fd-util.h"
9153b02b LP	12	#include "fileio.h"
9153b02b LP	13	#include "fs-util.h"
003dffde	14	#include "image-dbus.h"
a90fb858	15	#include "io-util.h"
9153b02b	16	#include "loop-util.h"
ee104e11	17	#include "machine-image.h"
204f52e3	18	#include "missing_capability.h"
9153b02b	19	#include "mount-util.h"
56599585	20	#include "process-util.h"
9153b02b	21	#include "raw-clone.h"
ee104e11 LP	22	#include "strv.h"
ee104e11 LP	23	#include "user-util.h"
ebeccf9e	24
1ddb263d	25	static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, image_type, ImageType);
ebeccf9e	26
1ddb263d	27	int bus_image_method_remove(
08682124 LP	28	sd_bus_message *message,
	29	void *userdata,
	30	sd_bus_error *error) {
	31
5d2036b5	32	_cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
1ddb263d	33	Image *image = userdata;
70244d1d	34	Manager *m = image->userdata;
5d2036b5	35	pid_t child;
08682124 LP	36	int r;
08682124 LP	37
08682124	38	assert(message);
1ddb263d	39	assert(image);
08682124	40
5d2036b5 LP	41	if (m->n_operations >= OPERATIONS_MAX)
	42	return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
	43
70244d1d LP	44	r = bus_verify_polkit_async(
	45	message,
	46	CAP_SYS_ADMIN,
	47	"org.freedesktop.machine1.manage-images",
403ed0e5	48	NULL,
70244d1d	49	false,
c529695e	50	UID_INVALID,
70244d1d LP	51	&m->polkit_registry,
	52	error);
	53	if (r < 0)
	54	return r;
	55	if (r == 0)
	56	return 1; /* Will call us back */
	57
5d2036b5 LP	58	if (pipe2(errno_pipe_fd, O_CLOEXEC\|O_NONBLOCK) < 0)
	59	return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
	60
4c253ed1 LP	61	r = safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS, &child);
	62	if (r < 0)
	63	return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
	64	if (r == 0) {
5d2036b5 LP	65	errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
	66
	67	r = image_remove(image);
	68	if (r < 0) {
	69	(void) write(errno_pipe_fd[1], &r, sizeof(r));
	70	_exit(EXIT_FAILURE);
	71	}
	72
	73	_exit(EXIT_SUCCESS);
	74	}
	75
	76	errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
	77
03c2b288	78	r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
5d2036b5 LP	79	if (r < 0) {
5d2036b5 LP	80	(void) sigkill_wait(child);
08682124	81	return r;
5d2036b5 LP	82	}
	83
	84	errno_pipe_fd[0] = -1;
08682124	85
5d2036b5	86	return 1;
08682124 LP	87	}
08682124 LP	88
1ddb263d	89	int bus_image_method_rename(
ebd93cb6 LP	90	sd_bus_message *message,
	91	void *userdata,
	92	sd_bus_error *error) {
	93
1ddb263d	94	Image *image = userdata;
70244d1d	95	Manager *m = image->userdata;
ebd93cb6 LP	96	const char *new_name;
	97	int r;
	98
ebd93cb6	99	assert(message);
1ddb263d	100	assert(image);
ebd93cb6 LP	101
	102	r = sd_bus_message_read(message, "s", &new_name);
	103	if (r < 0)
	104	return r;
	105
	106	if (!image_name_is_valid(new_name))
	107	return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
	108
70244d1d LP	109	r = bus_verify_polkit_async(
	110	message,
	111	CAP_SYS_ADMIN,
	112	"org.freedesktop.machine1.manage-images",
403ed0e5	113	NULL,
70244d1d	114	false,
c529695e	115	UID_INVALID,
70244d1d LP	116	&m->polkit_registry,
	117	error);
	118	if (r < 0)
	119	return r;
	120	if (r == 0)
	121	return 1; /* Will call us back */
	122
ebd93cb6 LP	123	r = image_rename(image, new_name);
	124	if (r < 0)
	125	return r;
	126
	127	return sd_bus_reply_method_return(message, NULL);
	128	}
	129
1ddb263d	130	int bus_image_method_clone(
ebd93cb6 LP	131	sd_bus_message *message,
	132	void *userdata,
	133	sd_bus_error *error) {
	134
56599585	135	_cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
1ddb263d	136	Image *image = userdata;
70244d1d	137	Manager *m = image->userdata;
ebd93cb6 LP	138	const char *new_name;
ebd93cb6 LP	139	int r, read_only;
56599585	140	pid_t child;
ebd93cb6	141
ebd93cb6	142	assert(message);
1ddb263d	143	assert(image);
56599585 LP	144	assert(m);
	145
	146	if (m->n_operations >= OPERATIONS_MAX)
	147	return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
ebd93cb6 LP	148
	149	r = sd_bus_message_read(message, "sb", &new_name, &read_only);
	150	if (r < 0)
	151	return r;
	152
	153	if (!image_name_is_valid(new_name))
	154	return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", new_name);
	155
70244d1d LP	156	r = bus_verify_polkit_async(
	157	message,
	158	CAP_SYS_ADMIN,
	159	"org.freedesktop.machine1.manage-images",
403ed0e5	160	NULL,
70244d1d	161	false,
c529695e	162	UID_INVALID,
70244d1d LP	163	&m->polkit_registry,
	164	error);
	165	if (r < 0)
	166	return r;
	167	if (r == 0)
	168	return 1; /* Will call us back */
	169
56599585 LP	170	if (pipe2(errno_pipe_fd, O_CLOEXEC\|O_NONBLOCK) < 0)
	171	return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
	172
f2747bf5	173	r = safe_fork("(sd-imgclone)", FORK_RESET_SIGNALS, &child);
4c253ed1 LP	174	if (r < 0)
	175	return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
	176	if (r == 0) {
56599585 LP	177	errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
	178
	179	r = image_clone(image, new_name, read_only);
	180	if (r < 0) {
	181	(void) write(errno_pipe_fd[1], &r, sizeof(r));
	182	_exit(EXIT_FAILURE);
	183	}
	184
	185	_exit(EXIT_SUCCESS);
	186	}
	187
	188	errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
	189
03c2b288	190	r = operation_new(m, NULL, child, message, errno_pipe_fd[0], NULL);
56599585	191	if (r < 0) {
89c9030d	192	(void) sigkill_wait(child);
ebd93cb6	193	return r;
56599585	194	}
ebd93cb6	195
56599585 LP	196	errno_pipe_fd[0] = -1;
	197
	198	return 1;
ebd93cb6 LP	199	}
ebd93cb6 LP	200
1ddb263d	201	int bus_image_method_mark_read_only(
ebd93cb6 LP	202	sd_bus_message *message,
	203	void *userdata,
	204	sd_bus_error *error) {
	205
1ddb263d	206	Image *image = userdata;
70244d1d	207	Manager *m = image->userdata;
ebd93cb6 LP	208	int r, read_only;
ebd93cb6 LP	209
ebd93cb6 LP	210	assert(message);
ebd93cb6 LP	211
ebd93cb6 LP	212	r = sd_bus_message_read(message, "b", &read_only);
	213	if (r < 0)
	214	return r;
	215
70244d1d LP	216	r = bus_verify_polkit_async(
	217	message,
	218	CAP_SYS_ADMIN,
	219	"org.freedesktop.machine1.manage-images",
403ed0e5	220	NULL,
70244d1d	221	false,
c529695e	222	UID_INVALID,
70244d1d LP	223	&m->polkit_registry,
	224	error);
	225	if (r < 0)
	226	return r;
	227	if (r == 0)
	228	return 1; /* Will call us back */
	229
ebd93cb6 LP	230	r = image_read_only(image, read_only);
	231	if (r < 0)
	232	return r;
	233
	234	return sd_bus_reply_method_return(message, NULL);
	235	}
	236
d6ce17c7	237	int bus_image_method_set_limit(
d6ce17c7 LP	238	sd_bus_message *message,
	239	void *userdata,
	240	sd_bus_error *error) {
	241
	242	Image *image = userdata;
	243	Manager *m = image->userdata;
	244	uint64_t limit;
	245	int r;
	246
d6ce17c7 LP	247	assert(message);
	248
	249	r = sd_bus_message_read(message, "t", &limit);
	250	if (r < 0)
	251	return r;
a90fb858 LP	252	if (!FILE_SIZE_VALID_OR_INFINITY(limit))
a90fb858 LP	253	return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");
d6ce17c7 LP	254
	255	r = bus_verify_polkit_async(
	256	message,
	257	CAP_SYS_ADMIN,
	258	"org.freedesktop.machine1.manage-images",
403ed0e5	259	NULL,
d6ce17c7 LP	260	false,
	261	UID_INVALID,
	262	&m->polkit_registry,
	263	error);
	264	if (r < 0)
	265	return r;
	266	if (r == 0)
	267	return 1; /* Will call us back */
	268
	269	r = image_set_limit(image, limit);
	270	if (r < 0)
	271	return r;
	272
	273	return sd_bus_reply_method_return(message, NULL);
	274	}
	275
cf30a8c1 LP	276	int bus_image_method_get_hostname(
	277	sd_bus_message *message,
	278	void *userdata,
	279	sd_bus_error *error) {
9153b02b	280
cf30a8c1	281	Image *image = userdata;
9153b02b LP	282	int r;
9153b02b LP	283
cf30a8c1 LP	284	if (!image->metadata_valid) {
	285	r = image_read_metadata(image);
	286	if (r < 0)
	287	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
	288	}
9153b02b	289
cf30a8c1	290	return sd_bus_reply_method_return(message, "s", image->hostname);
9153b02b LP	291	}
9153b02b LP	292
cf30a8c1 LP	293	int bus_image_method_get_machine_id(
	294	sd_bus_message *message,
	295	void *userdata,
	296	sd_bus_error *error) {
9153b02b	297
cf30a8c1 LP	298	_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
	299	Image *image = userdata;
	300	int r;
9153b02b	301
cf30a8c1 LP	302	if (!image->metadata_valid) {
cf30a8c1 LP	303	r = image_read_metadata(image);
9153b02b	304	if (r < 0)
cf30a8c1	305	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
9153b02b LP	306	}
9153b02b LP	307
cf30a8c1	308	r = sd_bus_message_new_method_return(message, &reply);
9153b02b LP	309	if (r < 0)
	310	return r;
	311
cf30a8c1 LP	312	if (sd_id128_is_null(image->machine_id)) /* Add an empty array if the ID is zero */
	313	r = sd_bus_message_append(reply, "ay", 0);
	314	else
	315	r = sd_bus_message_append_array(reply, 'y', image->machine_id.bytes, 16);
9153b02b	316	if (r < 0)
cf30a8c1	317	return r;
9153b02b	318
cf30a8c1	319	return sd_bus_send(NULL, reply, NULL);
9153b02b LP	320	}
9153b02b LP	321
cf30a8c1	322	int bus_image_method_get_machine_info(
9153b02b LP	323	sd_bus_message *message,
	324	void *userdata,
	325	sd_bus_error *error) {
	326
9153b02b LP	327	Image *image = userdata;
	328	int r;
	329
cf30a8c1 LP	330	if (!image->metadata_valid) {
	331	r = image_read_metadata(image);
	332	if (r < 0)
	333	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
	334	}
9153b02b	335
cf30a8c1 LP	336	return bus_reply_pair_array(message, image->machine_info);
cf30a8c1 LP	337	}
9153b02b	338
cf30a8c1 LP	339	int bus_image_method_get_os_release(
	340	sd_bus_message *message,
	341	void *userdata,
	342	sd_bus_error *error) {
9153b02b	343
cf30a8c1 LP	344	Image *image = userdata;
cf30a8c1 LP	345	int r;
9153b02b	346
cf30a8c1 LP	347	if (!image->metadata_valid) {
	348	r = image_read_metadata(image);
	349	if (r < 0)
	350	return sd_bus_error_set_errnof(error, r, "Failed to read image metadata: %m");
9153b02b	351	}
9153b02b	352
cf30a8c1	353	return bus_reply_pair_array(message, image->os_release);
9153b02b LP	354	}
9153b02b LP	355
ebeccf9e LP	356	const sd_bus_vtable image_vtable[] = {
ebeccf9e LP	357	SD_BUS_VTABLE_START(0),
1ddb263d LP	358	SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Image, name), 0),
	359	SD_BUS_PROPERTY("Path", "s", NULL, offsetof(Image, path), 0),
	360	SD_BUS_PROPERTY("Type", "s", property_get_type, offsetof(Image, type), 0),
	361	SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool, offsetof(Image, read_only), 0),
	362	SD_BUS_PROPERTY("CreationTimestamp", "t", NULL, offsetof(Image, crtime), 0),
	363	SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL, offsetof(Image, mtime), 0),
c19de711	364	SD_BUS_PROPERTY("Usage", "t", NULL, offsetof(Image, usage), 0),
1ddb263d	365	SD_BUS_PROPERTY("Limit", "t", NULL, offsetof(Image, limit), 0),
c19de711	366	SD_BUS_PROPERTY("UsageExclusive", "t", NULL, offsetof(Image, usage_exclusive), 0),
1ddb263d	367	SD_BUS_PROPERTY("LimitExclusive", "t", NULL, offsetof(Image, limit_exclusive), 0),
70244d1d LP	368	SD_BUS_METHOD("Remove", NULL, NULL, bus_image_method_remove, SD_BUS_VTABLE_UNPRIVILEGED),
	369	SD_BUS_METHOD("Rename", "s", NULL, bus_image_method_rename, SD_BUS_VTABLE_UNPRIVILEGED),
	370	SD_BUS_METHOD("Clone", "sb", NULL, bus_image_method_clone, SD_BUS_VTABLE_UNPRIVILEGED),
	371	SD_BUS_METHOD("MarkReadOnly", "b", NULL, bus_image_method_mark_read_only, SD_BUS_VTABLE_UNPRIVILEGED),
d6ce17c7	372	SD_BUS_METHOD("SetLimit", "t", NULL, bus_image_method_set_limit, SD_BUS_VTABLE_UNPRIVILEGED),
cf30a8c1 LP	373	SD_BUS_METHOD("GetHostname", NULL, "s", bus_image_method_get_hostname, SD_BUS_VTABLE_UNPRIVILEGED),
	374	SD_BUS_METHOD("GetMachineID", NULL, "ay", bus_image_method_get_machine_id, SD_BUS_VTABLE_UNPRIVILEGED),
	375	SD_BUS_METHOD("GetMachineInfo", NULL, "a{ss}", bus_image_method_get_machine_info, SD_BUS_VTABLE_UNPRIVILEGED),
9153b02b	376	SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_image_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
ebeccf9e LP	377	SD_BUS_VTABLE_END
	378	};
	379
1ddb263d LP	380	static int image_flush_cache(sd_event_source s, void userdata) {
1ddb263d LP	381	Manager *m = userdata;
1ddb263d LP	382
	383	assert(s);
	384	assert(m);
	385
b07ec5a1	386	hashmap_clear(m->image_cache);
1ddb263d LP	387	return 0;
	388	}
	389
ebeccf9e	390	int image_object_find(sd_bus bus, const char path, const char interface, void userdata, void *found, sd_bus_error error) {
1ddb263d LP	391	_cleanup_free_ char *e = NULL;
	392	Manager *m = userdata;
	393	Image *image = NULL;
	394	const char *p;
ebeccf9e LP	395	int r;
	396
	397	assert(bus);
	398	assert(path);
	399	assert(interface);
	400	assert(found);
	401
1ddb263d LP	402	p = startswith(path, "/org/freedesktop/machine1/image/");
	403	if (!p)
	404	return 0;
	405
	406	e = bus_label_unescape(p);
	407	if (!e)
	408	return -ENOMEM;
	409
	410	image = hashmap_get(m->image_cache, e);
	411	if (image) {
	412	*found = image;
	413	return 1;
	414	}
	415
b07ec5a1	416	r = hashmap_ensure_allocated(&m->image_cache, &image_hash_ops);
1ddb263d LP	417	if (r < 0)
	418	return r;
	419
	420	if (!m->image_cache_defer_event) {
	421	r = sd_event_add_defer(m->event, &m->image_cache_defer_event, image_flush_cache, m);
	422	if (r < 0)
	423	return r;
	424
	425	r = sd_event_source_set_priority(m->image_cache_defer_event, SD_EVENT_PRIORITY_IDLE);
	426	if (r < 0)
	427	return r;
	428	}
	429
	430	r = sd_event_source_set_enabled(m->image_cache_defer_event, SD_EVENT_ONESHOT);
	431	if (r < 0)
	432	return r;
	433
5ef46e5f	434	r = image_find(IMAGE_MACHINE, e, &image);
3a6ce860 LP	435	if (r == -ENOENT)
	436	return 0;
	437	if (r < 0)
ebeccf9e LP	438	return r;
ebeccf9e LP	439
70244d1d LP	440	image->userdata = m;
70244d1d LP	441
1ddb263d LP	442	r = hashmap_put(m->image_cache, image->name, image);
	443	if (r < 0) {
	444	image_unref(image);
	445	return r;
	446	}
	447
	448	*found = image;
ebeccf9e LP	449	return 1;
	450	}
	451
	452	char image_bus_path(const char name) {
	453	_cleanup_free_ char *e = NULL;
	454
	455	assert(name);
	456
	457	e = bus_label_escape(name);
	458	if (!e)
	459	return NULL;
	460
	461	return strappend("/org/freedesktop/machine1/image/", e);
	462	}
	463
	464	int image_node_enumerator(sd_bus bus, const char path, void userdata, char *nodes, sd_bus_error error) {
b07ec5a1	465	_cleanup_hashmap_free_ Hashmap *images = NULL;
ebeccf9e LP	466	_cleanup_strv_free_ char **l = NULL;
	467	Image *image;
	468	Iterator i;
	469	int r;
	470
	471	assert(bus);
	472	assert(path);
	473	assert(nodes);
	474
b07ec5a1	475	images = hashmap_new(&image_hash_ops);
ebeccf9e LP	476	if (!images)
	477	return -ENOMEM;
	478
5ef46e5f	479	r = image_discover(IMAGE_MACHINE, images);
ebeccf9e LP	480	if (r < 0)
	481	return r;
	482
	483	HASHMAP_FOREACH(image, images, i) {
	484	char *p;
	485
	486	p = image_bus_path(image->name);
	487	if (!p)
	488	return -ENOMEM;
	489
	490	r = strv_consume(&l, p);
	491	if (r < 0)
	492	return r;
	493	}
	494
1cc6c93a	495	*nodes = TAKE_PTR(l);
ebeccf9e LP	496
	497	return 1;
	498	}