]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
shared: split out polkit stuff from bus-util.c → bus-polkit.c
[thirdparty/systemd.git] / src / core / dbus.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <sys/epoll.h>
5 #include <unistd.h>
6
7 #include "sd-bus.h"
8
9 #include "alloc-util.h"
10 #include "bus-common-errors.h"
11 #include "bus-error.h"
12 #include "bus-internal.h"
13 #include "bus-polkit.h"
14 #include "dbus-automount.h"
15 #include "dbus-cgroup.h"
16 #include "dbus-device.h"
17 #include "dbus-execute.h"
18 #include "dbus-job.h"
19 #include "dbus-kill.h"
20 #include "dbus-manager.h"
21 #include "dbus-mount.h"
22 #include "dbus-path.h"
23 #include "dbus-scope.h"
24 #include "dbus-service.h"
25 #include "dbus-slice.h"
26 #include "dbus-socket.h"
27 #include "dbus-swap.h"
28 #include "dbus-target.h"
29 #include "dbus-timer.h"
30 #include "dbus-unit.h"
31 #include "dbus.h"
32 #include "fd-util.h"
33 #include "fs-util.h"
34 #include "log.h"
35 #include "mkdir.h"
36 #include "process-util.h"
37 #include "selinux-access.h"
38 #include "serialize.h"
39 #include "service.h"
40 #include "special.h"
41 #include "string-util.h"
42 #include "strv.h"
43 #include "strxcpyx.h"
44 #include "user-util.h"
45
46 #define CONNECTIONS_MAX 4096
47
48 static void destroy_bus(Manager *m, sd_bus **bus);
49
50 int bus_send_pending_reload_message(Manager *m) {
51 int r;
52
53 assert(m);
54
55 if (!m->pending_reload_message)
56 return 0;
57
58 /* If we cannot get rid of this message we won't dispatch any D-Bus messages, so that we won't end up wanting
59 * to queue another message. */
60
61 r = sd_bus_send(NULL, m->pending_reload_message, NULL);
62 if (r < 0)
63 log_warning_errno(r, "Failed to send queued message, ignoring: %m");
64
65 m->pending_reload_message = sd_bus_message_unref(m->pending_reload_message);
66
67 return 0;
68 }
69
70 int bus_forward_agent_released(Manager *m, const char *path) {
71 int r;
72
73 assert(m);
74 assert(path);
75
76 if (!MANAGER_IS_SYSTEM(m))
77 return 0;
78
79 if (!m->system_bus)
80 return 0;
81
82 /* If we are running a system instance we forward the agent message on the system bus, so that the user
83 * instances get notified about this, too */
84
85 r = sd_bus_emit_signal(m->system_bus,
86 "/org/freedesktop/systemd1/agent",
87 "org.freedesktop.systemd1.Agent",
88 "Released",
89 "s", path);
90 if (r < 0)
91 return log_debug_errno(r, "Failed to propagate agent release message: %m");
92
93 return 1;
94 }
95
96 static int signal_agent_released(sd_bus_message *message, void *userdata, sd_bus_error *error) {
97 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
98 Manager *m = userdata;
99 const char *cgroup;
100 uid_t sender_uid;
101 int r;
102
103 assert(message);
104 assert(m);
105
106 /* only accept org.freedesktop.systemd1.Agent from UID=0 */
107 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID, &creds);
108 if (r < 0)
109 return r;
110
111 r = sd_bus_creds_get_euid(creds, &sender_uid);
112 if (r < 0 || sender_uid != 0)
113 return 0;
114
115 /* parse 'cgroup-empty' notification */
116 r = sd_bus_message_read(message, "s", &cgroup);
117 if (r < 0) {
118 bus_log_parse_error(r);
119 return 0;
120 }
121
122 manager_notify_cgroup_empty(m, cgroup);
123 return 0;
124 }
125
126 static int signal_disconnected(sd_bus_message *message, void *userdata, sd_bus_error *error) {
127 Manager *m = userdata;
128 sd_bus *bus;
129
130 assert(message);
131 assert(m);
132 assert_se(bus = sd_bus_message_get_bus(message));
133
134 if (bus == m->api_bus)
135 bus_done_api(m);
136 if (bus == m->system_bus)
137 bus_done_system(m);
138
139 if (set_remove(m->private_buses, bus)) {
140 log_debug("Got disconnect on private connection.");
141 destroy_bus(m, &bus);
142 }
143
144 return 0;
145 }
146
147 static int signal_activation_request(sd_bus_message *message, void *userdata, sd_bus_error *ret_error) {
148 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
149 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
150 Manager *m = userdata;
151 const char *name;
152 Unit *u;
153 int r;
154
155 assert(message);
156 assert(m);
157
158 r = sd_bus_message_read(message, "s", &name);
159 if (r < 0) {
160 bus_log_parse_error(r);
161 return 0;
162 }
163
164 if (manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SERVICE) ||
165 manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SOCKET)) {
166 r = sd_bus_error_setf(&error, BUS_ERROR_SHUTTING_DOWN, "Refusing activation, D-Bus is shutting down.");
167 goto failed;
168 }
169
170 r = manager_load_unit(m, name, NULL, &error, &u);
171 if (r < 0)
172 goto failed;
173
174 if (u->refuse_manual_start) {
175 r = sd_bus_error_setf(&error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, %s may be requested by dependency only (it is configured to refuse manual start/stop).", u->id);
176 goto failed;
177 }
178
179 r = manager_add_job(m, JOB_START, u, JOB_REPLACE, NULL, &error, NULL);
180 if (r < 0)
181 goto failed;
182
183 /* Successfully queued, that's it for us */
184 return 0;
185
186 failed:
187 if (!sd_bus_error_is_set(&error))
188 sd_bus_error_set_errno(&error, r);
189
190 log_debug("D-Bus activation failed for %s: %s", name, bus_error_message(&error, r));
191
192 r = sd_bus_message_new_signal(sd_bus_message_get_bus(message), &reply, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Activator", "ActivationFailure");
193 if (r < 0) {
194 bus_log_create_error(r);
195 return 0;
196 }
197
198 r = sd_bus_message_append(reply, "sss", name, error.name, error.message);
199 if (r < 0) {
200 bus_log_create_error(r);
201 return 0;
202 }
203
204 r = sd_bus_send_to(NULL, reply, "org.freedesktop.DBus", NULL);
205 if (r < 0)
206 return log_error_errno(r, "Failed to respond with to bus activation request: %m");
207
208 return 0;
209 }
210
211 #if HAVE_SELINUX
212 static int mac_selinux_filter(sd_bus_message *message, void *userdata, sd_bus_error *error) {
213 Manager *m = userdata;
214 const char *verb, *path;
215 Unit *u = NULL;
216 Job *j;
217 int r;
218
219 assert(message);
220
221 /* Our own method calls are all protected individually with
222 * selinux checks, but the built-in interfaces need to be
223 * protected too. */
224
225 if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", "Set"))
226 verb = "reload";
227 else if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", NULL) ||
228 sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", NULL) ||
229 sd_bus_message_is_method_call(message, "org.freedesktop.DBus.ObjectManager", NULL) ||
230 sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Peer", NULL))
231 verb = "status";
232 else
233 return 0;
234
235 path = sd_bus_message_get_path(message);
236
237 if (object_path_startswith("/org/freedesktop/systemd1", path)) {
238 r = mac_selinux_access_check(message, verb, error);
239 if (r < 0)
240 return r;
241
242 return 0;
243 }
244
245 if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) {
246 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
247 pid_t pid;
248
249 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
250 if (r < 0)
251 return 0;
252
253 r = sd_bus_creds_get_pid(creds, &pid);
254 if (r < 0)
255 return 0;
256
257 u = manager_get_unit_by_pid(m, pid);
258 } else {
259 r = manager_get_job_from_dbus_path(m, path, &j);
260 if (r >= 0)
261 u = j->unit;
262 else
263 manager_load_unit_from_dbus_path(m, path, NULL, &u);
264 }
265 if (!u)
266 return 0;
267
268 r = mac_selinux_unit_access_check(u, message, verb, error);
269 if (r < 0)
270 return r;
271
272 return 0;
273 }
274 #endif
275
276 static int bus_job_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
277 Manager *m = userdata;
278 Job *j;
279 int r;
280
281 assert(bus);
282 assert(path);
283 assert(interface);
284 assert(found);
285 assert(m);
286
287 r = manager_get_job_from_dbus_path(m, path, &j);
288 if (r < 0)
289 return 0;
290
291 *found = j;
292 return 1;
293 }
294
295 static int find_unit(Manager *m, sd_bus *bus, const char *path, Unit **unit, sd_bus_error *error) {
296 Unit *u = NULL; /* just to appease gcc, initialization is not really necessary */
297 int r;
298
299 assert(m);
300 assert(bus);
301 assert(path);
302
303 if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) {
304 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
305 sd_bus_message *message;
306 pid_t pid;
307
308 message = sd_bus_get_current_message(bus);
309 if (!message)
310 return 0;
311
312 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
313 if (r < 0)
314 return r;
315
316 r = sd_bus_creds_get_pid(creds, &pid);
317 if (r < 0)
318 return r;
319
320 u = manager_get_unit_by_pid(m, pid);
321 if (!u)
322 return 0;
323 } else {
324 r = manager_load_unit_from_dbus_path(m, path, error, &u);
325 if (r < 0)
326 return 0;
327 assert(u);
328 }
329
330 *unit = u;
331 return 1;
332 }
333
334 static int bus_unit_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
335 Manager *m = userdata;
336
337 assert(bus);
338 assert(path);
339 assert(interface);
340 assert(found);
341 assert(m);
342
343 return find_unit(m, bus, path, (Unit**) found, error);
344 }
345
346 static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
347 Manager *m = userdata;
348 Unit *u;
349 int r;
350
351 assert(bus);
352 assert(path);
353 assert(interface);
354 assert(found);
355 assert(m);
356
357 r = find_unit(m, bus, path, &u, error);
358 if (r <= 0)
359 return r;
360
361 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
362 return 0;
363
364 *found = u;
365 return 1;
366 }
367
368 static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
369 Manager *m = userdata;
370 Unit *u;
371 int r;
372
373 assert(bus);
374 assert(path);
375 assert(interface);
376 assert(found);
377 assert(m);
378
379 r = find_unit(m, bus, path, &u, error);
380 if (r <= 0)
381 return r;
382
383 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
384 return 0;
385
386 if (!UNIT_HAS_CGROUP_CONTEXT(u))
387 return 0;
388
389 *found = u;
390 return 1;
391 }
392
393 static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
394 Manager *m = userdata;
395 CGroupContext *c;
396 Unit *u;
397 int r;
398
399 assert(bus);
400 assert(path);
401 assert(interface);
402 assert(found);
403 assert(m);
404
405 r = find_unit(m, bus, path, &u, error);
406 if (r <= 0)
407 return r;
408
409 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
410 return 0;
411
412 c = unit_get_cgroup_context(u);
413 if (!c)
414 return 0;
415
416 *found = c;
417 return 1;
418 }
419
420 static int bus_exec_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
421 Manager *m = userdata;
422 ExecContext *c;
423 Unit *u;
424 int r;
425
426 assert(bus);
427 assert(path);
428 assert(interface);
429 assert(found);
430 assert(m);
431
432 r = find_unit(m, bus, path, &u, error);
433 if (r <= 0)
434 return r;
435
436 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
437 return 0;
438
439 c = unit_get_exec_context(u);
440 if (!c)
441 return 0;
442
443 *found = c;
444 return 1;
445 }
446
447 static int bus_kill_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
448 Manager *m = userdata;
449 KillContext *c;
450 Unit *u;
451 int r;
452
453 assert(bus);
454 assert(path);
455 assert(interface);
456 assert(found);
457 assert(m);
458
459 r = find_unit(m, bus, path, &u, error);
460 if (r <= 0)
461 return r;
462
463 if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
464 return 0;
465
466 c = unit_get_kill_context(u);
467 if (!c)
468 return 0;
469
470 *found = c;
471 return 1;
472 }
473
474 static int bus_job_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
475 _cleanup_strv_free_ char **l = NULL;
476 Manager *m = userdata;
477 unsigned k = 0;
478 Iterator i;
479 Job *j;
480
481 l = new0(char*, hashmap_size(m->jobs)+1);
482 if (!l)
483 return -ENOMEM;
484
485 HASHMAP_FOREACH(j, m->jobs, i) {
486 l[k] = job_dbus_path(j);
487 if (!l[k])
488 return -ENOMEM;
489
490 k++;
491 }
492
493 assert(hashmap_size(m->jobs) == k);
494
495 *nodes = TAKE_PTR(l);
496
497 return k;
498 }
499
500 static int bus_unit_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
501 _cleanup_strv_free_ char **l = NULL;
502 Manager *m = userdata;
503 unsigned k = 0;
504 Iterator i;
505 Unit *u;
506
507 l = new0(char*, hashmap_size(m->units)+1);
508 if (!l)
509 return -ENOMEM;
510
511 HASHMAP_FOREACH(u, m->units, i) {
512 l[k] = unit_dbus_path(u);
513 if (!l[k])
514 return -ENOMEM;
515
516 k++;
517 }
518
519 *nodes = TAKE_PTR(l);
520
521 return k;
522 }
523
524 static int bus_setup_api_vtables(Manager *m, sd_bus *bus) {
525 UnitType t;
526 int r;
527
528 assert(m);
529 assert(bus);
530
531 #if HAVE_SELINUX
532 r = sd_bus_add_filter(bus, NULL, mac_selinux_filter, m);
533 if (r < 0)
534 return log_error_errno(r, "Failed to add SELinux access filter: %m");
535 #endif
536
537 r = sd_bus_add_object_vtable(bus, NULL, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", bus_manager_vtable, m);
538 if (r < 0)
539 return log_error_errno(r, "Failed to register Manager vtable: %m");
540
541 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/job", "org.freedesktop.systemd1.Job", bus_job_vtable, bus_job_find, m);
542 if (r < 0)
543 return log_error_errno(r, "Failed to register Job vtable: %m");
544
545 r = sd_bus_add_node_enumerator(bus, NULL, "/org/freedesktop/systemd1/job", bus_job_enumerate, m);
546 if (r < 0)
547 return log_error_errno(r, "Failed to add job enumerator: %m");
548
549 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", "org.freedesktop.systemd1.Unit", bus_unit_vtable, bus_unit_find, m);
550 if (r < 0)
551 return log_error_errno(r, "Failed to register Unit vtable: %m");
552
553 r = sd_bus_add_node_enumerator(bus, NULL, "/org/freedesktop/systemd1/unit", bus_unit_enumerate, m);
554 if (r < 0)
555 return log_error_errno(r, "Failed to add job enumerator: %m");
556
557 for (t = 0; t < _UNIT_TYPE_MAX; t++) {
558 const char *interface;
559
560 assert_se(interface = unit_dbus_interface_from_type(t));
561
562 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, unit_vtable[t]->bus_vtable, bus_unit_interface_find, m);
563 if (r < 0)
564 return log_error_errno(r, "Failed to register type specific vtable for %s: %m", interface);
565
566 if (unit_vtable[t]->cgroup_context_offset > 0) {
567 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_unit_cgroup_vtable, bus_unit_cgroup_find, m);
568 if (r < 0)
569 return log_error_errno(r, "Failed to register control group unit vtable for %s: %m", interface);
570
571 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_cgroup_vtable, bus_cgroup_context_find, m);
572 if (r < 0)
573 return log_error_errno(r, "Failed to register control group vtable for %s: %m", interface);
574 }
575
576 if (unit_vtable[t]->exec_context_offset > 0) {
577 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_exec_vtable, bus_exec_context_find, m);
578 if (r < 0)
579 return log_error_errno(r, "Failed to register execute vtable for %s: %m", interface);
580 }
581
582 if (unit_vtable[t]->kill_context_offset > 0) {
583 r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_kill_vtable, bus_kill_context_find, m);
584 if (r < 0)
585 return log_error_errno(r, "Failed to register kill vtable for %s: %m", interface);
586 }
587 }
588
589 return 0;
590 }
591
592 static int bus_setup_disconnected_match(Manager *m, sd_bus *bus) {
593 int r;
594
595 assert(m);
596 assert(bus);
597
598 r = sd_bus_match_signal_async(
599 bus,
600 NULL,
601 "org.freedesktop.DBus.Local",
602 "/org/freedesktop/DBus/Local",
603 "org.freedesktop.DBus.Local",
604 "Disconnected",
605 signal_disconnected, NULL, m);
606 if (r < 0)
607 return log_error_errno(r, "Failed to request match for Disconnected message: %m");
608
609 return 0;
610 }
611
612 static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
613 _cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
614 _cleanup_close_ int nfd = -1;
615 Manager *m = userdata;
616 sd_id128_t id;
617 int r;
618
619 assert(s);
620 assert(m);
621
622 nfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
623 if (nfd < 0) {
624 if (ERRNO_IS_ACCEPT_AGAIN(errno))
625 return 0;
626
627 log_warning_errno(errno, "Failed to accept private connection, ignoring: %m");
628 return 0;
629 }
630
631 if (set_size(m->private_buses) >= CONNECTIONS_MAX) {
632 log_warning("Too many concurrent connections, refusing");
633 return 0;
634 }
635
636 r = set_ensure_allocated(&m->private_buses, NULL);
637 if (r < 0) {
638 log_oom();
639 return 0;
640 }
641
642 r = sd_bus_new(&bus);
643 if (r < 0) {
644 log_warning_errno(r, "Failed to allocate new private connection bus: %m");
645 return 0;
646 }
647
648 (void) sd_bus_set_description(bus, "private-bus-connection");
649
650 r = sd_bus_set_fd(bus, nfd, nfd);
651 if (r < 0) {
652 log_warning_errno(r, "Failed to set fd on new connection bus: %m");
653 return 0;
654 }
655
656 nfd = -1;
657
658 r = bus_check_peercred(bus);
659 if (r < 0) {
660 log_warning_errno(r, "Incoming private connection from unprivileged client, refusing: %m");
661 return 0;
662 }
663
664 assert_se(sd_id128_randomize(&id) >= 0);
665
666 r = sd_bus_set_server(bus, 1, id);
667 if (r < 0) {
668 log_warning_errno(r, "Failed to enable server support for new connection bus: %m");
669 return 0;
670 }
671
672 r = sd_bus_negotiate_creds(bus, 1,
673 SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
674 SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
675 SD_BUS_CREDS_SELINUX_CONTEXT);
676 if (r < 0) {
677 log_warning_errno(r, "Failed to enable credentials for new connection: %m");
678 return 0;
679 }
680
681 r = sd_bus_set_sender(bus, "org.freedesktop.systemd1");
682 if (r < 0) {
683 log_warning_errno(r, "Failed to set direct connection sender: %m");
684 return 0;
685 }
686
687 r = sd_bus_start(bus);
688 if (r < 0) {
689 log_warning_errno(r, "Failed to start new connection bus: %m");
690 return 0;
691 }
692
693 r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
694 if (r < 0) {
695 log_warning_errno(r, "Failed to attach new connection bus to event loop: %m");
696 return 0;
697 }
698
699 r = bus_setup_disconnected_match(m, bus);
700 if (r < 0)
701 return 0;
702
703 r = bus_setup_api_vtables(m, bus);
704 if (r < 0) {
705 log_warning_errno(r, "Failed to set up API vtables on new connection bus: %m");
706 return 0;
707 }
708
709 r = set_put(m->private_buses, bus);
710 if (r < 0) {
711 log_warning_errno(r, "Failed to add new connection bus to set: %m");
712 return 0;
713 }
714
715 bus = NULL;
716
717 log_debug("Accepted new private connection.");
718
719 return 0;
720 }
721
722 static int bus_setup_api(Manager *m, sd_bus *bus) {
723 Iterator i;
724 char *name;
725 Unit *u;
726 int r;
727
728 assert(m);
729 assert(bus);
730
731 /* Let's make sure we have enough credential bits so that we can make security and selinux decisions */
732 r = sd_bus_negotiate_creds(bus, 1,
733 SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
734 SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
735 SD_BUS_CREDS_SELINUX_CONTEXT);
736 if (r < 0)
737 log_warning_errno(r, "Failed to enable credential passing, ignoring: %m");
738
739 r = bus_setup_api_vtables(m, bus);
740 if (r < 0)
741 return r;
742
743 HASHMAP_FOREACH_KEY(u, name, m->watch_bus, i) {
744 r = unit_install_bus_match(u, bus, name);
745 if (r < 0)
746 log_error_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
747 }
748
749 r = sd_bus_match_signal_async(
750 bus,
751 NULL,
752 "org.freedesktop.DBus",
753 "/org/freedesktop/DBus",
754 "org.freedesktop.systemd1.Activator",
755 "ActivationRequest",
756 signal_activation_request, NULL, m);
757 if (r < 0)
758 log_warning_errno(r, "Failed to subscribe to activation signal: %m");
759
760 /* Allow replacing of our name, to ease implementation of reexecution, where we keep the old connection open
761 * until after the new connection is set up and the name installed to allow clients to synchronously wait for
762 * reexecution to finish */
763 r = sd_bus_request_name_async(bus, NULL, "org.freedesktop.systemd1", SD_BUS_NAME_REPLACE_EXISTING|SD_BUS_NAME_ALLOW_REPLACEMENT, NULL, NULL);
764 if (r < 0)
765 return log_error_errno(r, "Failed to request name: %m");
766
767 log_debug("Successfully connected to API bus.");
768
769 return 0;
770 }
771
772 int bus_init_api(Manager *m) {
773 _cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
774 int r;
775
776 if (m->api_bus)
777 return 0;
778
779 /* The API and system bus is the same if we are running in system mode */
780 if (MANAGER_IS_SYSTEM(m) && m->system_bus)
781 bus = sd_bus_ref(m->system_bus);
782 else {
783 if (MANAGER_IS_SYSTEM(m))
784 r = sd_bus_open_system_with_description(&bus, "bus-api-system");
785 else
786 r = sd_bus_open_user_with_description(&bus, "bus-api-user");
787 if (r < 0)
788 return log_error_errno(r, "Failed to connect to API bus: %m");
789
790 r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
791 if (r < 0)
792 return log_error_errno(r, "Failed to attach API bus to event loop: %m");
793
794 r = bus_setup_disconnected_match(m, bus);
795 if (r < 0)
796 return r;
797 }
798
799 r = bus_setup_api(m, bus);
800 if (r < 0)
801 return log_error_errno(r, "Failed to set up API bus: %m");
802
803 m->api_bus = TAKE_PTR(bus);
804
805 return 0;
806 }
807
808 static int bus_setup_system(Manager *m, sd_bus *bus) {
809 int r;
810
811 assert(m);
812 assert(bus);
813
814 /* if we are a user instance we get the Released message via the system bus */
815 if (MANAGER_IS_USER(m)) {
816 r = sd_bus_match_signal_async(
817 bus,
818 NULL,
819 NULL,
820 "/org/freedesktop/systemd1/agent",
821 "org.freedesktop.systemd1.Agent",
822 "Released",
823 signal_agent_released, NULL, m);
824 if (r < 0)
825 log_warning_errno(r, "Failed to request Released match on system bus: %m");
826 }
827
828 log_debug("Successfully connected to system bus.");
829 return 0;
830 }
831
832 int bus_init_system(Manager *m) {
833 _cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
834 int r;
835
836 if (m->system_bus)
837 return 0;
838
839 /* The API and system bus is the same if we are running in system mode */
840 if (MANAGER_IS_SYSTEM(m) && m->api_bus)
841 bus = sd_bus_ref(m->api_bus);
842 else {
843 r = sd_bus_open_system_with_description(&bus, "bus-system");
844 if (r < 0)
845 return log_error_errno(r, "Failed to connect to system bus: %m");
846
847 r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
848 if (r < 0)
849 return log_error_errno(r, "Failed to attach system bus to event loop: %m");
850
851 r = bus_setup_disconnected_match(m, bus);
852 if (r < 0)
853 return r;
854 }
855
856 r = bus_setup_system(m, bus);
857 if (r < 0)
858 return log_error_errno(r, "Failed to set up system bus: %m");
859
860 m->system_bus = TAKE_PTR(bus);
861
862 return 0;
863 }
864
865 int bus_init_private(Manager *m) {
866 _cleanup_close_ int fd = -1;
867 union sockaddr_union sa = {};
868 sd_event_source *s;
869 int r, salen;
870
871 assert(m);
872
873 if (m->private_listen_fd >= 0)
874 return 0;
875
876 if (MANAGER_IS_SYSTEM(m)) {
877
878 /* We want the private bus only when running as init */
879 if (getpid_cached() != 1)
880 return 0;
881
882 salen = sockaddr_un_set_path(&sa.un, "/run/systemd/private");
883 } else {
884 const char *e, *joined;
885
886 e = secure_getenv("XDG_RUNTIME_DIR");
887 if (!e)
888 return log_error_errno(SYNTHETIC_ERRNO(EHOSTDOWN),
889 "XDG_RUNTIME_DIR is not set, refusing.");
890
891 joined = strjoina(e, "/systemd/private");
892 salen = sockaddr_un_set_path(&sa.un, joined);
893 }
894 if (salen < 0)
895 return log_error_errno(salen, "Can't set path for AF_UNIX socket to bind to: %m");
896
897 (void) mkdir_parents_label(sa.un.sun_path, 0755);
898 (void) sockaddr_un_unlink(&sa.un);
899
900 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
901 if (fd < 0)
902 return log_error_errno(errno, "Failed to allocate private socket: %m");
903
904 r = bind(fd, &sa.sa, salen);
905 if (r < 0)
906 return log_error_errno(errno, "Failed to bind private socket: %m");
907
908 r = listen(fd, SOMAXCONN);
909 if (r < 0)
910 return log_error_errno(errno, "Failed to make private socket listening: %m");
911
912 /* Generate an inotify event in case somebody waits for this socket to appear using inotify() */
913 (void) touch(sa.un.sun_path);
914
915 r = sd_event_add_io(m->event, &s, fd, EPOLLIN, bus_on_connection, m);
916 if (r < 0)
917 return log_error_errno(r, "Failed to allocate event source: %m");
918
919 (void) sd_event_source_set_description(s, "bus-connection");
920
921 m->private_listen_fd = TAKE_FD(fd);
922 m->private_listen_event_source = s;
923
924 log_debug("Successfully created private D-Bus server.");
925
926 return 0;
927 }
928
929 static void destroy_bus(Manager *m, sd_bus **bus) {
930 Iterator i;
931 Unit *u;
932 Job *j;
933
934 assert(m);
935 assert(bus);
936
937 if (!*bus)
938 return;
939
940 /* Make sure all bus slots watching names are released. */
941 HASHMAP_FOREACH(u, m->watch_bus, i) {
942 if (u->match_bus_slot && sd_bus_slot_get_bus(u->match_bus_slot) == *bus)
943 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
944 if (u->get_name_owner_slot && sd_bus_slot_get_bus(u->get_name_owner_slot) == *bus)
945 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
946 }
947
948 /* Get rid of tracked clients on this bus */
949 if (m->subscribed && sd_bus_track_get_bus(m->subscribed) == *bus)
950 m->subscribed = sd_bus_track_unref(m->subscribed);
951
952 HASHMAP_FOREACH(j, m->jobs, i)
953 if (j->bus_track && sd_bus_track_get_bus(j->bus_track) == *bus)
954 j->bus_track = sd_bus_track_unref(j->bus_track);
955
956 HASHMAP_FOREACH(u, m->units, i)
957 if (u->bus_track && sd_bus_track_get_bus(u->bus_track) == *bus)
958 u->bus_track = sd_bus_track_unref(u->bus_track);
959
960 /* Get rid of queued message on this bus */
961 if (m->pending_reload_message && sd_bus_message_get_bus(m->pending_reload_message) == *bus)
962 m->pending_reload_message = sd_bus_message_unref(m->pending_reload_message);
963
964 /* Possibly flush unwritten data, but only if we are
965 * unprivileged, since we don't want to sync here */
966 if (!MANAGER_IS_SYSTEM(m))
967 sd_bus_flush(*bus);
968
969 /* And destroy the object */
970 *bus = sd_bus_close_unref(*bus);
971 }
972
973 void bus_done_api(Manager *m) {
974 destroy_bus(m, &m->api_bus);
975 }
976
977 void bus_done_system(Manager *m) {
978 destroy_bus(m, &m->system_bus);
979 }
980
981 void bus_done_private(Manager *m) {
982 sd_bus *b;
983
984 assert(m);
985
986 while ((b = set_steal_first(m->private_buses)))
987 destroy_bus(m, &b);
988
989 m->private_buses = set_free(m->private_buses);
990
991 m->private_listen_event_source = sd_event_source_unref(m->private_listen_event_source);
992 m->private_listen_fd = safe_close(m->private_listen_fd);
993 }
994
995 void bus_done(Manager *m) {
996 assert(m);
997
998 bus_done_api(m);
999 bus_done_system(m);
1000 bus_done_private(m);
1001
1002 assert(!m->subscribed);
1003
1004 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1005 bus_verify_polkit_async_registry_free(m->polkit_registry);
1006 }
1007
1008 int bus_fdset_add_all(Manager *m, FDSet *fds) {
1009 Iterator i;
1010 sd_bus *b;
1011 int fd;
1012
1013 assert(m);
1014 assert(fds);
1015
1016 /* When we are about to reexecute we add all D-Bus fds to the
1017 * set to pass over to the newly executed systemd. They won't
1018 * be used there however, except thatt they are closed at the
1019 * very end of deserialization, those making it possible for
1020 * clients to synchronously wait for systemd to reexec by
1021 * simply waiting for disconnection */
1022
1023 if (m->api_bus) {
1024 fd = sd_bus_get_fd(m->api_bus);
1025 if (fd >= 0) {
1026 fd = fdset_put_dup(fds, fd);
1027 if (fd < 0)
1028 return fd;
1029 }
1030 }
1031
1032 SET_FOREACH(b, m->private_buses, i) {
1033 fd = sd_bus_get_fd(b);
1034 if (fd >= 0) {
1035 fd = fdset_put_dup(fds, fd);
1036 if (fd < 0)
1037 return fd;
1038 }
1039 }
1040
1041 /* We don't offer any APIs on the system bus (well, unless it
1042 * is the same as the API bus) hence we don't bother with it
1043 * here */
1044
1045 return 0;
1046 }
1047
1048 int bus_foreach_bus(
1049 Manager *m,
1050 sd_bus_track *subscribed2,
1051 int (*send_message)(sd_bus *bus, void *userdata),
1052 void *userdata) {
1053
1054 Iterator i;
1055 sd_bus *b;
1056 int r, ret = 0;
1057
1058 /* Send to all direct buses, unconditionally */
1059 SET_FOREACH(b, m->private_buses, i) {
1060
1061 /* Don't bother with enqueing these messages to clients that haven't started yet */
1062 if (sd_bus_is_ready(b) <= 0)
1063 continue;
1064
1065 r = send_message(b, userdata);
1066 if (r < 0)
1067 ret = r;
1068 }
1069
1070 /* Send to API bus, but only if somebody is subscribed */
1071 if (m->api_bus &&
1072 (sd_bus_track_count(m->subscribed) > 0 ||
1073 sd_bus_track_count(subscribed2) > 0)) {
1074 r = send_message(m->api_bus, userdata);
1075 if (r < 0)
1076 ret = r;
1077 }
1078
1079 return ret;
1080 }
1081
1082 void bus_track_serialize(sd_bus_track *t, FILE *f, const char *prefix) {
1083 const char *n;
1084
1085 assert(f);
1086 assert(prefix);
1087
1088 for (n = sd_bus_track_first(t); n; n = sd_bus_track_next(t)) {
1089 int c, j;
1090
1091 c = sd_bus_track_count_name(t, n);
1092 for (j = 0; j < c; j++)
1093 (void) serialize_item(f, prefix, n);
1094 }
1095 }
1096
1097 int bus_track_coldplug(Manager *m, sd_bus_track **t, bool recursive, char **l) {
1098 int r = 0;
1099
1100 assert(m);
1101 assert(t);
1102
1103 if (strv_isempty(l))
1104 return 0;
1105
1106 if (!m->api_bus)
1107 return 0;
1108
1109 if (!*t) {
1110 r = sd_bus_track_new(m->api_bus, t, NULL, NULL);
1111 if (r < 0)
1112 return r;
1113 }
1114
1115 r = sd_bus_track_set_recursive(*t, recursive);
1116 if (r < 0)
1117 return r;
1118
1119 return bus_track_add_name_many(*t, l);
1120 }
1121
1122 int bus_verify_manage_units_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1123 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-units", NULL, false, UID_INVALID, &m->polkit_registry, error);
1124 }
1125
1126 int bus_verify_manage_unit_files_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1127 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-unit-files", NULL, false, UID_INVALID, &m->polkit_registry, error);
1128 }
1129
1130 int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1131 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.reload-daemon", NULL, false, UID_INVALID, &m->polkit_registry, error);
1132 }
1133
1134 int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
1135 return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.set-environment", NULL, false, UID_INVALID, &m->polkit_registry, error);
1136 }
1137
1138 uint64_t manager_bus_n_queued_write(Manager *m) {
1139 uint64_t c = 0;
1140 Iterator i;
1141 sd_bus *b;
1142 int r;
1143
1144 /* Returns the total number of messages queued for writing on all our direct and API buses. */
1145
1146 SET_FOREACH(b, m->private_buses, i) {
1147 uint64_t k;
1148
1149 r = sd_bus_get_n_queued_write(b, &k);
1150 if (r < 0)
1151 log_debug_errno(r, "Failed to query queued messages for private bus: %m");
1152 else
1153 c += k;
1154 }
1155
1156 if (m->api_bus) {
1157 uint64_t k;
1158
1159 r = sd_bus_get_n_queued_write(m->api_bus, &k);
1160 if (r < 0)
1161 log_debug_errno(r, "Failed to query queued messages for API bus: %m");
1162 else
1163 c += k;
1164 }
1165
1166 return c;
1167 }
1168
1169 static void vtable_dump_bus_properties(FILE *f, const sd_bus_vtable *table) {
1170 const sd_bus_vtable *i;
1171
1172 for (i = table; i->type != _SD_BUS_VTABLE_END; i++) {
1173 if (!IN_SET(i->type, _SD_BUS_VTABLE_PROPERTY, _SD_BUS_VTABLE_WRITABLE_PROPERTY) ||
1174 (i->flags & (SD_BUS_VTABLE_DEPRECATED | SD_BUS_VTABLE_HIDDEN)) != 0)
1175 continue;
1176
1177 fprintf(f, "%s\n", i->x.property.member);
1178 }
1179 }
1180
1181 void dump_bus_properties(FILE *f) {
1182 assert(f);
1183
1184 vtable_dump_bus_properties(f, bus_automount_vtable);
1185 vtable_dump_bus_properties(f, bus_cgroup_vtable);
1186 vtable_dump_bus_properties(f, bus_device_vtable);
1187 vtable_dump_bus_properties(f, bus_exec_vtable);
1188 vtable_dump_bus_properties(f, bus_job_vtable);
1189 vtable_dump_bus_properties(f, bus_kill_vtable);
1190 vtable_dump_bus_properties(f, bus_manager_vtable);
1191 vtable_dump_bus_properties(f, bus_mount_vtable);
1192 vtable_dump_bus_properties(f, bus_path_vtable);
1193 vtable_dump_bus_properties(f, bus_scope_vtable);
1194 vtable_dump_bus_properties(f, bus_service_vtable);
1195 vtable_dump_bus_properties(f, bus_slice_vtable);
1196 vtable_dump_bus_properties(f, bus_socket_vtable);
1197 vtable_dump_bus_properties(f, bus_swap_vtable);
1198 vtable_dump_bus_properties(f, bus_target_vtable);
1199 vtable_dump_bus_properties(f, bus_timer_vtable);
1200 vtable_dump_bus_properties(f, bus_unit_vtable);
1201 vtable_dump_bus_properties(f, bus_unit_cgroup_vtable);
1202 }
Unnamed repository; edit this file 'description' to name the repository.