]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus-execute.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: make the LimitXYZ= properties settable for transient service units
[thirdparty/systemd.git] / src / core / dbus-execute.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/prctl.h>
23
24 #ifdef HAVE_SECCOMP
25 #include <seccomp.h>
26 #endif
27
28 #include "bus-util.h"
29 #include "missing.h"
30 #include "ioprio.h"
31 #include "strv.h"
32 #include "fileio.h"
33 #include "execute.h"
34 #include "dbus-execute.h"
35 #include "capability.h"
36 #include "env-util.h"
37 #include "af-list.h"
38
39 #ifdef HAVE_SECCOMP
40 #include "seccomp-util.h"
41 #endif
42
43 BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_exec_output, exec_output, ExecOutput);
44
45 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInput);
46
47 static int property_get_environment_files(
48 sd_bus *bus,
49 const char *path,
50 const char *interface,
51 const char *property,
52 sd_bus_message *reply,
53 void *userdata,
54 sd_bus_error *error) {
55
56 ExecContext *c = userdata;
57 char **j;
58 int r;
59
60 assert(bus);
61 assert(reply);
62 assert(c);
63
64 r = sd_bus_message_open_container(reply, 'a', "(sb)");
65 if (r < 0)
66 return r;
67
68 STRV_FOREACH(j, c->environment_files) {
69 const char *fn = *j;
70
71 r = sd_bus_message_append(reply, "(sb)", fn[0] == '-' ? fn + 1 : fn, fn[0] == '-');
72 if (r < 0)
73 return r;
74 }
75
76 return sd_bus_message_close_container(reply);
77 }
78
79 static int property_get_rlimit(
80 sd_bus *bus,
81 const char *path,
82 const char *interface,
83 const char *property,
84 sd_bus_message *reply,
85 void *userdata,
86 sd_bus_error *error) {
87
88 struct rlimit *rl;
89 uint64_t u;
90 rlim_t x;
91
92 assert(bus);
93 assert(reply);
94 assert(userdata);
95
96 rl = *(struct rlimit**) userdata;
97 if (rl)
98 x = rl->rlim_max;
99 else {
100 struct rlimit buf = {};
101 int z;
102
103 z = rlimit_from_string(property);
104 assert(z >= 0);
105
106 getrlimit(z, &buf);
107 x = buf.rlim_max;
108 }
109
110 /* rlim_t might have different sizes, let's map
111 * RLIMIT_INFINITY to (uint64_t) -1, so that it is the same on
112 * all archs */
113 u = x == RLIM_INFINITY ? (uint64_t) -1 : (uint64_t) x;
114
115 return sd_bus_message_append(reply, "t", u);
116 }
117
118 static int property_get_oom_score_adjust(
119 sd_bus *bus,
120 const char *path,
121 const char *interface,
122 const char *property,
123 sd_bus_message *reply,
124 void *userdata,
125 sd_bus_error *error) {
126
127
128 ExecContext *c = userdata;
129 int32_t n;
130
131 assert(bus);
132 assert(reply);
133 assert(c);
134
135 if (c->oom_score_adjust_set)
136 n = c->oom_score_adjust;
137 else {
138 _cleanup_free_ char *t = NULL;
139
140 n = 0;
141 if (read_one_line_file("/proc/self/oom_score_adj", &t) >= 0)
142 safe_atoi(t, &n);
143 }
144
145 return sd_bus_message_append(reply, "i", n);
146 }
147
148 static int property_get_nice(
149 sd_bus *bus,
150 const char *path,
151 const char *interface,
152 const char *property,
153 sd_bus_message *reply,
154 void *userdata,
155 sd_bus_error *error) {
156
157
158 ExecContext *c = userdata;
159 int32_t n;
160
161 assert(bus);
162 assert(reply);
163 assert(c);
164
165 if (c->nice_set)
166 n = c->nice;
167 else {
168 errno = 0;
169 n = getpriority(PRIO_PROCESS, 0);
170 if (errno != 0)
171 n = 0;
172 }
173
174 return sd_bus_message_append(reply, "i", n);
175 }
176
177 static int property_get_ioprio(
178 sd_bus *bus,
179 const char *path,
180 const char *interface,
181 const char *property,
182 sd_bus_message *reply,
183 void *userdata,
184 sd_bus_error *error) {
185
186
187 ExecContext *c = userdata;
188 int32_t n;
189
190 assert(bus);
191 assert(reply);
192 assert(c);
193
194 if (c->ioprio_set)
195 n = c->ioprio;
196 else {
197 n = ioprio_get(IOPRIO_WHO_PROCESS, 0);
198 if (n < 0)
199 n = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 4);
200 }
201
202 return sd_bus_message_append(reply, "i", n);
203 }
204
205 static int property_get_cpu_sched_policy(
206 sd_bus *bus,
207 const char *path,
208 const char *interface,
209 const char *property,
210 sd_bus_message *reply,
211 void *userdata,
212 sd_bus_error *error) {
213
214 ExecContext *c = userdata;
215 int32_t n;
216
217 assert(bus);
218 assert(reply);
219 assert(c);
220
221 if (c->cpu_sched_set)
222 n = c->cpu_sched_policy;
223 else {
224 n = sched_getscheduler(0);
225 if (n < 0)
226 n = SCHED_OTHER;
227 }
228
229 return sd_bus_message_append(reply, "i", n);
230 }
231
232 static int property_get_cpu_sched_priority(
233 sd_bus *bus,
234 const char *path,
235 const char *interface,
236 const char *property,
237 sd_bus_message *reply,
238 void *userdata,
239 sd_bus_error *error) {
240
241 ExecContext *c = userdata;
242 int32_t n;
243
244 assert(bus);
245 assert(reply);
246 assert(c);
247
248 if (c->cpu_sched_set)
249 n = c->cpu_sched_priority;
250 else {
251 struct sched_param p = {};
252
253 if (sched_getparam(0, &p) >= 0)
254 n = p.sched_priority;
255 else
256 n = 0;
257 }
258
259 return sd_bus_message_append(reply, "i", n);
260 }
261
262 static int property_get_cpu_affinity(
263 sd_bus *bus,
264 const char *path,
265 const char *interface,
266 const char *property,
267 sd_bus_message *reply,
268 void *userdata,
269 sd_bus_error *error) {
270
271 ExecContext *c = userdata;
272
273 assert(bus);
274 assert(reply);
275 assert(c);
276
277 if (c->cpuset)
278 return sd_bus_message_append_array(reply, 'y', c->cpuset, CPU_ALLOC_SIZE(c->cpuset_ncpus));
279 else
280 return sd_bus_message_append_array(reply, 'y', NULL, 0);
281 }
282
283 static int property_get_timer_slack_nsec(
284 sd_bus *bus,
285 const char *path,
286 const char *interface,
287 const char *property,
288 sd_bus_message *reply,
289 void *userdata,
290 sd_bus_error *error) {
291
292 ExecContext *c = userdata;
293 uint64_t u;
294
295 assert(bus);
296 assert(reply);
297 assert(c);
298
299 if (c->timer_slack_nsec != (nsec_t) -1)
300 u = (uint64_t) c->timer_slack_nsec;
301 else
302 u = (uint64_t) prctl(PR_GET_TIMERSLACK);
303
304 return sd_bus_message_append(reply, "t", u);
305 }
306
307 static int property_get_capability_bounding_set(
308 sd_bus *bus,
309 const char *path,
310 const char *interface,
311 const char *property,
312 sd_bus_message *reply,
313 void *userdata,
314 sd_bus_error *error) {
315
316 ExecContext *c = userdata;
317
318 assert(bus);
319 assert(reply);
320 assert(c);
321
322 /* We store this negated internally, to match the kernel, but
323 * we expose it normalized. */
324 return sd_bus_message_append(reply, "t", ~c->capability_bounding_set_drop);
325 }
326
327 static int property_get_capabilities(
328 sd_bus *bus,
329 const char *path,
330 const char *interface,
331 const char *property,
332 sd_bus_message *reply,
333 void *userdata,
334 sd_bus_error *error) {
335
336 ExecContext *c = userdata;
337 _cleanup_cap_free_charp_ char *t = NULL;
338 const char *s;
339
340 assert(bus);
341 assert(reply);
342 assert(c);
343
344 if (c->capabilities)
345 s = t = cap_to_text(c->capabilities, NULL);
346 else
347 s = "";
348
349 if (!s)
350 return -ENOMEM;
351
352 return sd_bus_message_append(reply, "s", s);
353 }
354
355 static int property_get_syscall_filter(
356 sd_bus *bus,
357 const char *path,
358 const char *interface,
359 const char *property,
360 sd_bus_message *reply,
361 void *userdata,
362 sd_bus_error *error) {
363
364 ExecContext *c = userdata;
365 _cleanup_strv_free_ char **l = NULL;
366 int r;
367
368 #ifdef HAVE_SECCOMP
369 Iterator i;
370 void *id;
371 #endif
372
373 assert(bus);
374 assert(reply);
375 assert(c);
376
377 r = sd_bus_message_open_container(reply, 'r', "bas");
378 if (r < 0)
379 return r;
380
381 r = sd_bus_message_append(reply, "b", c->syscall_whitelist);
382 if (r < 0)
383 return r;
384
385 #ifdef HAVE_SECCOMP
386 SET_FOREACH(id, c->syscall_filter, i) {
387 char *name;
388
389 name = seccomp_syscall_resolve_num_arch(SCMP_ARCH_NATIVE, PTR_TO_INT(id) - 1);
390 if (!name)
391 continue;
392
393 r = strv_consume(&l, name);
394 if (r < 0)
395 return r;
396 }
397 #endif
398
399 strv_sort(l);
400
401 r = sd_bus_message_append_strv(reply, l);
402 if (r < 0)
403 return r;
404
405 return sd_bus_message_close_container(reply);
406 }
407
408 static int property_get_syscall_archs(
409 sd_bus *bus,
410 const char *path,
411 const char *interface,
412 const char *property,
413 sd_bus_message *reply,
414 void *userdata,
415 sd_bus_error *error) {
416
417 ExecContext *c = userdata;
418 _cleanup_strv_free_ char **l = NULL;
419 int r;
420
421 #ifdef HAVE_SECCOMP
422 Iterator i;
423 void *id;
424 #endif
425
426 assert(bus);
427 assert(reply);
428 assert(c);
429
430 #ifdef HAVE_SECCOMP
431 SET_FOREACH(id, c->syscall_archs, i) {
432 const char *name;
433
434 name = seccomp_arch_to_string(PTR_TO_UINT32(id) - 1);
435 if (!name)
436 continue;
437
438 r = strv_extend(&l, name);
439 if (r < 0)
440 return -ENOMEM;
441 }
442 #endif
443
444 strv_sort(l);
445
446 r = sd_bus_message_append_strv(reply, l);
447 if (r < 0)
448 return r;
449
450 return 0;
451 }
452
453 static int property_get_syscall_errno(
454 sd_bus *bus,
455 const char *path,
456 const char *interface,
457 const char *property,
458 sd_bus_message *reply,
459 void *userdata,
460 sd_bus_error *error) {
461
462 ExecContext *c = userdata;
463
464 assert(bus);
465 assert(reply);
466 assert(c);
467
468 return sd_bus_message_append(reply, "i", (int32_t) c->syscall_errno);
469 }
470
471 static int property_get_selinux_context(
472 sd_bus *bus,
473 const char *path,
474 const char *interface,
475 const char *property,
476 sd_bus_message *reply,
477 void *userdata,
478 sd_bus_error *error) {
479
480 ExecContext *c = userdata;
481
482 assert(bus);
483 assert(reply);
484 assert(c);
485
486 return sd_bus_message_append(reply, "(bs)", c->selinux_context_ignore, c->selinux_context);
487 }
488
489 static int property_get_apparmor_profile(
490 sd_bus *bus,
491 const char *path,
492 const char *interface,
493 const char *property,
494 sd_bus_message *reply,
495 void *userdata,
496 sd_bus_error *error) {
497
498 ExecContext *c = userdata;
499
500 assert(bus);
501 assert(reply);
502 assert(c);
503
504 return sd_bus_message_append(reply, "(bs)", c->apparmor_profile_ignore, c->apparmor_profile);
505 }
506
507 static int property_get_personality(
508 sd_bus *bus,
509 const char *path,
510 const char *interface,
511 const char *property,
512 sd_bus_message *reply,
513 void *userdata,
514 sd_bus_error *error) {
515
516 ExecContext *c = userdata;
517
518 assert(bus);
519 assert(reply);
520 assert(c);
521
522 return sd_bus_message_append(reply, "s", personality_to_string(c->personality));
523 }
524
525 static int property_get_address_families(
526 sd_bus *bus,
527 const char *path,
528 const char *interface,
529 const char *property,
530 sd_bus_message *reply,
531 void *userdata,
532 sd_bus_error *error) {
533
534 ExecContext *c = userdata;
535 _cleanup_strv_free_ char **l = NULL;
536 Iterator i;
537 void *af;
538 int r;
539
540 assert(bus);
541 assert(reply);
542 assert(c);
543
544 r = sd_bus_message_open_container(reply, 'r', "bas");
545 if (r < 0)
546 return r;
547
548 r = sd_bus_message_append(reply, "b", c->address_families_whitelist);
549 if (r < 0)
550 return r;
551
552 SET_FOREACH(af, c->address_families, i) {
553 const char *name;
554
555 name = af_to_name(PTR_TO_INT(af));
556 if (!name)
557 continue;
558
559 r = strv_extend(&l, name);
560 if (r < 0)
561 return -ENOMEM;
562 }
563
564 strv_sort(l);
565
566 r = sd_bus_message_append_strv(reply, l);
567 if (r < 0)
568 return r;
569
570 return sd_bus_message_close_container(reply);
571 }
572
573 const sd_bus_vtable bus_exec_vtable[] = {
574 SD_BUS_VTABLE_START(0),
575 SD_BUS_PROPERTY("Environment", "as", NULL, offsetof(ExecContext, environment), SD_BUS_VTABLE_PROPERTY_CONST),
576 SD_BUS_PROPERTY("EnvironmentFiles", "a(sb)", property_get_environment_files, 0, SD_BUS_VTABLE_PROPERTY_CONST),
577 SD_BUS_PROPERTY("UMask", "u", bus_property_get_mode, offsetof(ExecContext, umask), SD_BUS_VTABLE_PROPERTY_CONST),
578 SD_BUS_PROPERTY("LimitCPU", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_CPU]), SD_BUS_VTABLE_PROPERTY_CONST),
579 SD_BUS_PROPERTY("LimitFSIZE", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_FSIZE]), SD_BUS_VTABLE_PROPERTY_CONST),
580 SD_BUS_PROPERTY("LimitDATA", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_DATA]), SD_BUS_VTABLE_PROPERTY_CONST),
581 SD_BUS_PROPERTY("LimitSTACK", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_STACK]), SD_BUS_VTABLE_PROPERTY_CONST),
582 SD_BUS_PROPERTY("LimitCORE", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_CORE]), SD_BUS_VTABLE_PROPERTY_CONST),
583 SD_BUS_PROPERTY("LimitRSS", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RSS]), SD_BUS_VTABLE_PROPERTY_CONST),
584 SD_BUS_PROPERTY("LimitNOFILE", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NOFILE]), SD_BUS_VTABLE_PROPERTY_CONST),
585 SD_BUS_PROPERTY("LimitAS", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_AS]), SD_BUS_VTABLE_PROPERTY_CONST),
586 SD_BUS_PROPERTY("LimitNPROC", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NPROC]), SD_BUS_VTABLE_PROPERTY_CONST),
587 SD_BUS_PROPERTY("LimitMEMLOCK", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_MEMLOCK]), SD_BUS_VTABLE_PROPERTY_CONST),
588 SD_BUS_PROPERTY("LimitLOCKS", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_LOCKS]), SD_BUS_VTABLE_PROPERTY_CONST),
589 SD_BUS_PROPERTY("LimitSIGPENDING", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_SIGPENDING]), SD_BUS_VTABLE_PROPERTY_CONST),
590 SD_BUS_PROPERTY("LimitMSGQUEUE", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_MSGQUEUE]), SD_BUS_VTABLE_PROPERTY_CONST),
591 SD_BUS_PROPERTY("LimitNICE", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NICE]), SD_BUS_VTABLE_PROPERTY_CONST),
592 SD_BUS_PROPERTY("LimitRTPRIO", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RTPRIO]), SD_BUS_VTABLE_PROPERTY_CONST),
593 SD_BUS_PROPERTY("LimitRTTIME", "t", property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RTTIME]), SD_BUS_VTABLE_PROPERTY_CONST),
594 SD_BUS_PROPERTY("WorkingDirectory", "s", NULL, offsetof(ExecContext, working_directory), SD_BUS_VTABLE_PROPERTY_CONST),
595 SD_BUS_PROPERTY("RootDirectory", "s", NULL, offsetof(ExecContext, root_directory), SD_BUS_VTABLE_PROPERTY_CONST),
596 SD_BUS_PROPERTY("OOMScoreAdjust", "i", property_get_oom_score_adjust, 0, SD_BUS_VTABLE_PROPERTY_CONST),
597 SD_BUS_PROPERTY("Nice", "i", property_get_nice, 0, SD_BUS_VTABLE_PROPERTY_CONST),
598 SD_BUS_PROPERTY("IOScheduling", "i", property_get_ioprio, 0, SD_BUS_VTABLE_PROPERTY_CONST),
599 SD_BUS_PROPERTY("CPUSchedulingPolicy", "i", property_get_cpu_sched_policy, 0, SD_BUS_VTABLE_PROPERTY_CONST),
600 SD_BUS_PROPERTY("CPUSchedulingPriority", "i", property_get_cpu_sched_priority, 0, SD_BUS_VTABLE_PROPERTY_CONST),
601 SD_BUS_PROPERTY("CPUAffinity", "ay", property_get_cpu_affinity, 0, SD_BUS_VTABLE_PROPERTY_CONST),
602 SD_BUS_PROPERTY("TimerSlackNSec", "t", property_get_timer_slack_nsec, 0, SD_BUS_VTABLE_PROPERTY_CONST),
603 SD_BUS_PROPERTY("CPUSchedulingResetOnFork", "b", bus_property_get_bool, offsetof(ExecContext, cpu_sched_reset_on_fork), SD_BUS_VTABLE_PROPERTY_CONST),
604 SD_BUS_PROPERTY("NonBlocking", "b", bus_property_get_bool, offsetof(ExecContext, non_blocking), SD_BUS_VTABLE_PROPERTY_CONST),
605 SD_BUS_PROPERTY("StandardInput", "s", property_get_exec_input, offsetof(ExecContext, std_input), SD_BUS_VTABLE_PROPERTY_CONST),
606 SD_BUS_PROPERTY("StandardOutput", "s", bus_property_get_exec_output, offsetof(ExecContext, std_output), SD_BUS_VTABLE_PROPERTY_CONST),
607 SD_BUS_PROPERTY("StandardError", "s", bus_property_get_exec_output, offsetof(ExecContext, std_error), SD_BUS_VTABLE_PROPERTY_CONST),
608 SD_BUS_PROPERTY("TTYPath", "s", NULL, offsetof(ExecContext, tty_path), SD_BUS_VTABLE_PROPERTY_CONST),
609 SD_BUS_PROPERTY("TTYReset", "b", bus_property_get_bool, offsetof(ExecContext, tty_reset), SD_BUS_VTABLE_PROPERTY_CONST),
610 SD_BUS_PROPERTY("TTYVHangup", "b", bus_property_get_bool, offsetof(ExecContext, tty_vhangup), SD_BUS_VTABLE_PROPERTY_CONST),
611 SD_BUS_PROPERTY("TTYVTDisallocate", "b", bus_property_get_bool, offsetof(ExecContext, tty_vt_disallocate), SD_BUS_VTABLE_PROPERTY_CONST),
612 SD_BUS_PROPERTY("SyslogPriority", "i", bus_property_get_int, offsetof(ExecContext, syslog_priority), SD_BUS_VTABLE_PROPERTY_CONST),
613 SD_BUS_PROPERTY("SyslogIdentifier", "s", NULL, offsetof(ExecContext, syslog_identifier), SD_BUS_VTABLE_PROPERTY_CONST),
614 SD_BUS_PROPERTY("SyslogLevelPrefix", "b", bus_property_get_bool, offsetof(ExecContext, syslog_level_prefix), SD_BUS_VTABLE_PROPERTY_CONST),
615 SD_BUS_PROPERTY("Capabilities", "s", property_get_capabilities, 0, SD_BUS_VTABLE_PROPERTY_CONST),
616 SD_BUS_PROPERTY("SecureBits", "i", bus_property_get_int, offsetof(ExecContext, secure_bits), SD_BUS_VTABLE_PROPERTY_CONST),
617 SD_BUS_PROPERTY("CapabilityBoundingSet", "t", property_get_capability_bounding_set, 0, SD_BUS_VTABLE_PROPERTY_CONST),
618 SD_BUS_PROPERTY("User", "s", NULL, offsetof(ExecContext, user), SD_BUS_VTABLE_PROPERTY_CONST),
619 SD_BUS_PROPERTY("Group", "s", NULL, offsetof(ExecContext, group), SD_BUS_VTABLE_PROPERTY_CONST),
620 SD_BUS_PROPERTY("SupplementaryGroups", "as", NULL, offsetof(ExecContext, supplementary_groups), SD_BUS_VTABLE_PROPERTY_CONST),
621 SD_BUS_PROPERTY("TCPWrapName", "s", NULL, offsetof(ExecContext, tcpwrap_name), SD_BUS_VTABLE_PROPERTY_CONST),
622 SD_BUS_PROPERTY("PAMName", "s", NULL, offsetof(ExecContext, pam_name), SD_BUS_VTABLE_PROPERTY_CONST),
623 SD_BUS_PROPERTY("ReadWriteDirectories", "as", NULL, offsetof(ExecContext, read_write_dirs), SD_BUS_VTABLE_PROPERTY_CONST),
624 SD_BUS_PROPERTY("ReadOnlyDirectories", "as", NULL, offsetof(ExecContext, read_only_dirs), SD_BUS_VTABLE_PROPERTY_CONST),
625 SD_BUS_PROPERTY("InaccessibleDirectories", "as", NULL, offsetof(ExecContext, inaccessible_dirs), SD_BUS_VTABLE_PROPERTY_CONST),
626 SD_BUS_PROPERTY("MountFlags", "t", bus_property_get_ulong, offsetof(ExecContext, mount_flags), SD_BUS_VTABLE_PROPERTY_CONST),
627 SD_BUS_PROPERTY("PrivateTmp", "b", bus_property_get_bool, offsetof(ExecContext, private_tmp), SD_BUS_VTABLE_PROPERTY_CONST),
628 SD_BUS_PROPERTY("PrivateNetwork", "b", bus_property_get_bool, offsetof(ExecContext, private_network), SD_BUS_VTABLE_PROPERTY_CONST),
629 SD_BUS_PROPERTY("PrivateDevices", "b", bus_property_get_bool, offsetof(ExecContext, private_devices), SD_BUS_VTABLE_PROPERTY_CONST),
630 SD_BUS_PROPERTY("SameProcessGroup", "b", bus_property_get_bool, offsetof(ExecContext, same_pgrp), SD_BUS_VTABLE_PROPERTY_CONST),
631 SD_BUS_PROPERTY("UtmpIdentifier", "s", NULL, offsetof(ExecContext, utmp_id), SD_BUS_VTABLE_PROPERTY_CONST),
632 SD_BUS_PROPERTY("SELinuxContext", "(bs)", property_get_selinux_context, 0, SD_BUS_VTABLE_PROPERTY_CONST),
633 SD_BUS_PROPERTY("AppArmorProfile", "(bs)", property_get_apparmor_profile, 0, SD_BUS_VTABLE_PROPERTY_CONST),
634 SD_BUS_PROPERTY("IgnoreSIGPIPE", "b", bus_property_get_bool, offsetof(ExecContext, ignore_sigpipe), SD_BUS_VTABLE_PROPERTY_CONST),
635 SD_BUS_PROPERTY("NoNewPrivileges", "b", bus_property_get_bool, offsetof(ExecContext, no_new_privileges), SD_BUS_VTABLE_PROPERTY_CONST),
636 SD_BUS_PROPERTY("SystemCallFilter", "(bas)", property_get_syscall_filter, 0, SD_BUS_VTABLE_PROPERTY_CONST),
637 SD_BUS_PROPERTY("SystemCallArchitectures", "as", property_get_syscall_archs, 0, SD_BUS_VTABLE_PROPERTY_CONST),
638 SD_BUS_PROPERTY("SystemCallErrorNumber", "i", property_get_syscall_errno, 0, SD_BUS_VTABLE_PROPERTY_CONST),
639 SD_BUS_PROPERTY("Personality", "s", property_get_personality, 0, SD_BUS_VTABLE_PROPERTY_CONST),
640 SD_BUS_PROPERTY("RestrictAddressFamilies", "(bas)", property_get_address_families, 0, SD_BUS_VTABLE_PROPERTY_CONST),
641 SD_BUS_PROPERTY("RuntimeDirectoryMode", "u", bus_property_get_mode, offsetof(ExecContext, runtime_directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
642 SD_BUS_PROPERTY("RuntimeDirectory", "as", NULL, offsetof(ExecContext, runtime_directory), SD_BUS_VTABLE_PROPERTY_CONST),
643 SD_BUS_VTABLE_END
644 };
645
646 static int append_exec_command(sd_bus_message *reply, ExecCommand *c) {
647 int r;
648
649 assert(reply);
650 assert(c);
651
652 if (!c->path)
653 return 0;
654
655 r = sd_bus_message_open_container(reply, 'r', "sasbttttuii");
656 if (r < 0)
657 return r;
658
659 r = sd_bus_message_append(reply, "s", c->path);
660 if (r < 0)
661 return r;
662
663 r = sd_bus_message_append_strv(reply, c->argv);
664 if (r < 0)
665 return r;
666
667 r = sd_bus_message_append(reply, "bttttuii",
668 c->ignore,
669 c->exec_status.start_timestamp.realtime,
670 c->exec_status.start_timestamp.monotonic,
671 c->exec_status.exit_timestamp.realtime,
672 c->exec_status.exit_timestamp.monotonic,
673 (uint32_t) c->exec_status.pid,
674 (int32_t) c->exec_status.code,
675 (int32_t) c->exec_status.status);
676 if (r < 0)
677 return r;
678
679 return sd_bus_message_close_container(reply);
680 }
681
682 int bus_property_get_exec_command(
683 sd_bus *bus,
684 const char *path,
685 const char *interface,
686 const char *property,
687 sd_bus_message *reply,
688 void *userdata,
689 sd_bus_error *ret_error) {
690
691 ExecCommand *c = (ExecCommand*) userdata;
692 int r;
693
694 assert(bus);
695 assert(reply);
696
697 r = sd_bus_message_open_container(reply, 'a', "(sasbttttuii)");
698 if (r < 0)
699 return r;
700
701 r = append_exec_command(reply, c);
702 if (r < 0)
703 return r;
704
705 return sd_bus_message_close_container(reply);
706 }
707
708 int bus_property_get_exec_command_list(
709 sd_bus *bus,
710 const char *path,
711 const char *interface,
712 const char *property,
713 sd_bus_message *reply,
714 void *userdata,
715 sd_bus_error *ret_error) {
716
717 ExecCommand *c = *(ExecCommand**) userdata;
718 int r;
719
720 assert(bus);
721 assert(reply);
722
723 r = sd_bus_message_open_container(reply, 'a', "(sasbttttuii)");
724 if (r < 0)
725 return r;
726
727 LIST_FOREACH(command, c, c) {
728 r = append_exec_command(reply, c);
729 if (r < 0)
730 return r;
731 }
732
733 return sd_bus_message_close_container(reply);
734 }
735
736 int bus_exec_context_set_transient_property(
737 Unit *u,
738 ExecContext *c,
739 const char *name,
740 sd_bus_message *message,
741 UnitSetPropertiesMode mode,
742 sd_bus_error *error) {
743
744 int r;
745
746 assert(u);
747 assert(c);
748 assert(name);
749 assert(message);
750
751 if (streq(name, "User")) {
752 const char *uu;
753
754 r = sd_bus_message_read(message, "s", &uu);
755 if (r < 0)
756 return r;
757
758 if (mode != UNIT_CHECK) {
759
760 if (isempty(uu)) {
761 free(c->user);
762 c->user = NULL;
763 } else {
764 char *t;
765
766 t = strdup(uu);
767 if (!t)
768 return -ENOMEM;
769
770 free(c->user);
771 c->user = t;
772 }
773
774 unit_write_drop_in_private_format(u, mode, name, "User=%s\n", uu);
775 }
776
777 return 1;
778
779 } else if (streq(name, "Group")) {
780 const char *gg;
781
782 r = sd_bus_message_read(message, "s", &gg);
783 if (r < 0)
784 return r;
785
786 if (mode != UNIT_CHECK) {
787
788 if (isempty(gg)) {
789 free(c->group);
790 c->group = NULL;
791 } else {
792 char *t;
793
794 t = strdup(gg);
795 if (!t)
796 return -ENOMEM;
797
798 free(c->group);
799 c->group = t;
800 }
801
802 unit_write_drop_in_private_format(u, mode, name, "Group=%s\n", gg);
803 }
804
805 return 1;
806
807 } else if (streq(name, "Nice")) {
808 int n;
809
810 r = sd_bus_message_read(message, "i", &n);
811 if (r < 0)
812 return r;
813
814 if (n < PRIO_MIN || n >= PRIO_MAX)
815 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Nice value out of range");
816
817 if (mode != UNIT_CHECK) {
818 c->nice = n;
819 unit_write_drop_in_private_format(u, mode, name, "Nice=%i\n", n);
820 }
821
822 return 1;
823
824 } else if (streq(name, "Environment")) {
825
826 _cleanup_strv_free_ char **l = NULL;
827
828 r = sd_bus_message_read_strv(message, &l);
829 if (r < 0)
830 return r;
831
832 if (!strv_env_is_valid(l))
833 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment block.");
834
835 if (mode != UNIT_CHECK) {
836 _cleanup_free_ char *joined = NULL;
837 char **e;
838
839 e = strv_env_merge(2, c->environment, l);
840 if (!e)
841 return -ENOMEM;
842
843 strv_free(c->environment);
844 c->environment = e;
845
846 joined = strv_join(c->environment, " ");
847 if (!joined)
848 return -ENOMEM;
849
850 unit_write_drop_in_private_format(u, mode, name, "Environment=%s\n", joined);
851 }
852
853 return 1;
854
855 } else if (rlimit_from_string(name) >= 0) {
856 uint64_t rl;
857 rlim_t x;
858
859 r = sd_bus_message_read(message, "t", &rl);
860 if (r < 0)
861 return r;
862
863 if (rl == (uint64_t) -1)
864 x = RLIM_INFINITY;
865 else {
866 x = (rlim_t) rl;
867
868 if ((uint64_t) x != rl)
869 return -ERANGE;
870 }
871
872 if (mode != UNIT_CHECK) {
873 int z;
874
875 z = rlimit_from_string(name);
876
877 if (!c->rlimit[z]) {
878 c->rlimit[z] = new(struct rlimit, 1);
879 if (!c->rlimit[z])
880 return -ENOMEM;
881 }
882
883 c->rlimit[z]->rlim_cur = c->rlimit[z]->rlim_max = x;
884
885 if (x == RLIM_INFINITY)
886 unit_write_drop_in_private_format(u, mode, name, "%s=infinity\n", name);
887 else
888 unit_write_drop_in_private_format(u, mode, name, "%s=%" PRIu64 "\n", name, rl);
889 }
890
891 return 1;
892 }
893
894 return 0;
895 }
Unnamed repository; edit this file 'description' to name the repository.