]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/machine/machine-dbus.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #2471 from michaelolbrich/transient-mounts
[thirdparty/systemd.git] / src / machine / machine-dbus.c
1 /***
2 This file is part of systemd.
3
4 Copyright 2011 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18 ***/
19
20 #include <errno.h>
21 #include <string.h>
22 #include <sys/mount.h>
23 #include <sys/wait.h>
24
25 /* When we include libgen.h because we need dirname() we immediately
26 * undefine basename() since libgen.h defines it as a macro to the POSIX
27 * version which is really broken. We prefer GNU basename(). */
28 #include <libgen.h>
29 #undef basename
30
31 #include "alloc-util.h"
32 #include "bus-common-errors.h"
33 #include "bus-internal.h"
34 #include "bus-label.h"
35 #include "bus-util.h"
36 #include "copy.h"
37 #include "env-util.h"
38 #include "fd-util.h"
39 #include "fileio.h"
40 #include "formats-util.h"
41 #include "fs-util.h"
42 #include "in-addr-util.h"
43 #include "local-addresses.h"
44 #include "machine-dbus.h"
45 #include "machine.h"
46 #include "mkdir.h"
47 #include "path-util.h"
48 #include "process-util.h"
49 #include "signal-util.h"
50 #include "strv.h"
51 #include "terminal-util.h"
52 #include "user-util.h"
53
54 static int property_get_id(
55 sd_bus *bus,
56 const char *path,
57 const char *interface,
58 const char *property,
59 sd_bus_message *reply,
60 void *userdata,
61 sd_bus_error *error) {
62
63 Machine *m = userdata;
64
65 assert(bus);
66 assert(reply);
67 assert(m);
68
69 return sd_bus_message_append_array(reply, 'y', &m->id, 16);
70 }
71
72 static int property_get_state(
73 sd_bus *bus,
74 const char *path,
75 const char *interface,
76 const char *property,
77 sd_bus_message *reply,
78 void *userdata,
79 sd_bus_error *error) {
80
81 Machine *m = userdata;
82 const char *state;
83 int r;
84
85 assert(bus);
86 assert(reply);
87 assert(m);
88
89 state = machine_state_to_string(machine_get_state(m));
90
91 r = sd_bus_message_append_basic(reply, 's', state);
92 if (r < 0)
93 return r;
94
95 return 1;
96 }
97
98 static int property_get_netif(
99 sd_bus *bus,
100 const char *path,
101 const char *interface,
102 const char *property,
103 sd_bus_message *reply,
104 void *userdata,
105 sd_bus_error *error) {
106
107 Machine *m = userdata;
108
109 assert(bus);
110 assert(reply);
111 assert(m);
112
113 assert_cc(sizeof(int) == sizeof(int32_t));
114
115 return sd_bus_message_append_array(reply, 'i', m->netif, m->n_netif * sizeof(int));
116 }
117
118 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_class, machine_class, MachineClass);
119
120 int bus_machine_method_terminate(sd_bus_message *message, void *userdata, sd_bus_error *error) {
121 Machine *m = userdata;
122 int r;
123
124 assert(message);
125 assert(m);
126
127 r = bus_verify_polkit_async(
128 message,
129 CAP_KILL,
130 "org.freedesktop.machine1.manage-machines",
131 NULL,
132 false,
133 UID_INVALID,
134 &m->manager->polkit_registry,
135 error);
136 if (r < 0)
137 return r;
138 if (r == 0)
139 return 1; /* Will call us back */
140
141 r = machine_stop(m);
142 if (r < 0)
143 return r;
144
145 return sd_bus_reply_method_return(message, NULL);
146 }
147
148 int bus_machine_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
149 Machine *m = userdata;
150 const char *swho;
151 int32_t signo;
152 KillWho who;
153 int r;
154
155 assert(message);
156 assert(m);
157
158 r = sd_bus_message_read(message, "si", &swho, &signo);
159 if (r < 0)
160 return r;
161
162 if (isempty(swho))
163 who = KILL_ALL;
164 else {
165 who = kill_who_from_string(swho);
166 if (who < 0)
167 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid kill parameter '%s'", swho);
168 }
169
170 if (!SIGNAL_VALID(signo))
171 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid signal %i", signo);
172
173 r = bus_verify_polkit_async(
174 message,
175 CAP_KILL,
176 "org.freedesktop.machine1.manage-machines",
177 NULL,
178 false,
179 UID_INVALID,
180 &m->manager->polkit_registry,
181 error);
182 if (r < 0)
183 return r;
184 if (r == 0)
185 return 1; /* Will call us back */
186
187 r = machine_kill(m, who, signo);
188 if (r < 0)
189 return r;
190
191 return sd_bus_reply_method_return(message, NULL);
192 }
193
194 int bus_machine_method_get_addresses(sd_bus_message *message, void *userdata, sd_bus_error *error) {
195 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
196 Machine *m = userdata;
197 int r;
198
199 assert(message);
200 assert(m);
201
202 r = sd_bus_message_new_method_return(message, &reply);
203 if (r < 0)
204 return r;
205
206 r = sd_bus_message_open_container(reply, 'a', "(iay)");
207 if (r < 0)
208 return r;
209
210 switch (m->class) {
211
212 case MACHINE_HOST: {
213 _cleanup_free_ struct local_address *addresses = NULL;
214 struct local_address *a;
215 int n, i;
216
217 n = local_addresses(NULL, 0, AF_UNSPEC, &addresses);
218 if (n < 0)
219 return n;
220
221 for (a = addresses, i = 0; i < n; a++, i++) {
222
223 r = sd_bus_message_open_container(reply, 'r', "iay");
224 if (r < 0)
225 return r;
226
227 r = sd_bus_message_append(reply, "i", addresses[i].family);
228 if (r < 0)
229 return r;
230
231 r = sd_bus_message_append_array(reply, 'y', &addresses[i].address, FAMILY_ADDRESS_SIZE(addresses[i].family));
232 if (r < 0)
233 return r;
234
235 r = sd_bus_message_close_container(reply);
236 if (r < 0)
237 return r;
238 }
239
240 break;
241 }
242
243 case MACHINE_CONTAINER: {
244 _cleanup_close_pair_ int pair[2] = { -1, -1 };
245 _cleanup_free_ char *us = NULL, *them = NULL;
246 _cleanup_close_ int netns_fd = -1;
247 const char *p;
248 siginfo_t si;
249 pid_t child;
250
251 r = readlink_malloc("/proc/self/ns/net", &us);
252 if (r < 0)
253 return r;
254
255 p = procfs_file_alloca(m->leader, "ns/net");
256 r = readlink_malloc(p, &them);
257 if (r < 0)
258 return r;
259
260 if (streq(us, them))
261 return sd_bus_error_setf(error, BUS_ERROR_NO_PRIVATE_NETWORKING, "Machine %s does not use private networking", m->name);
262
263 r = namespace_open(m->leader, NULL, NULL, &netns_fd, NULL, NULL);
264 if (r < 0)
265 return r;
266
267 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
268 return -errno;
269
270 child = fork();
271 if (child < 0)
272 return sd_bus_error_set_errnof(error, errno, "Failed to fork(): %m");
273
274 if (child == 0) {
275 _cleanup_free_ struct local_address *addresses = NULL;
276 struct local_address *a;
277 int i, n;
278
279 pair[0] = safe_close(pair[0]);
280
281 r = namespace_enter(-1, -1, netns_fd, -1, -1);
282 if (r < 0)
283 _exit(EXIT_FAILURE);
284
285 n = local_addresses(NULL, 0, AF_UNSPEC, &addresses);
286 if (n < 0)
287 _exit(EXIT_FAILURE);
288
289 for (a = addresses, i = 0; i < n; a++, i++) {
290 struct iovec iov[2] = {
291 { .iov_base = &a->family, .iov_len = sizeof(a->family) },
292 { .iov_base = &a->address, .iov_len = FAMILY_ADDRESS_SIZE(a->family) },
293 };
294
295 r = writev(pair[1], iov, 2);
296 if (r < 0)
297 _exit(EXIT_FAILURE);
298 }
299
300 pair[1] = safe_close(pair[1]);
301
302 _exit(EXIT_SUCCESS);
303 }
304
305 pair[1] = safe_close(pair[1]);
306
307 for (;;) {
308 int family;
309 ssize_t n;
310 union in_addr_union in_addr;
311 struct iovec iov[2];
312 struct msghdr mh = {
313 .msg_iov = iov,
314 .msg_iovlen = 2,
315 };
316
317 iov[0] = (struct iovec) { .iov_base = &family, .iov_len = sizeof(family) };
318 iov[1] = (struct iovec) { .iov_base = &in_addr, .iov_len = sizeof(in_addr) };
319
320 n = recvmsg(pair[0], &mh, 0);
321 if (n < 0)
322 return -errno;
323 if ((size_t) n < sizeof(family))
324 break;
325
326 r = sd_bus_message_open_container(reply, 'r', "iay");
327 if (r < 0)
328 return r;
329
330 r = sd_bus_message_append(reply, "i", family);
331 if (r < 0)
332 return r;
333
334 switch (family) {
335
336 case AF_INET:
337 if (n != sizeof(struct in_addr) + sizeof(family))
338 return -EIO;
339
340 r = sd_bus_message_append_array(reply, 'y', &in_addr.in, sizeof(in_addr.in));
341 break;
342
343 case AF_INET6:
344 if (n != sizeof(struct in6_addr) + sizeof(family))
345 return -EIO;
346
347 r = sd_bus_message_append_array(reply, 'y', &in_addr.in6, sizeof(in_addr.in6));
348 break;
349 }
350 if (r < 0)
351 return r;
352
353 r = sd_bus_message_close_container(reply);
354 if (r < 0)
355 return r;
356 }
357
358 r = wait_for_terminate(child, &si);
359 if (r < 0)
360 return sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
361 if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
362 return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Child died abnormally.");
363 break;
364 }
365
366 default:
367 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Requesting IP address data is only supported on container machines.");
368 }
369
370 r = sd_bus_message_close_container(reply);
371 if (r < 0)
372 return r;
373
374 return sd_bus_send(NULL, reply, NULL);
375 }
376
377 int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, sd_bus_error *error) {
378 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
379 _cleanup_strv_free_ char **l = NULL;
380 Machine *m = userdata;
381 char **k, **v;
382 int r;
383
384 assert(message);
385 assert(m);
386
387 switch (m->class) {
388
389 case MACHINE_HOST:
390 r = load_env_file_pairs(NULL, "/etc/os-release", NULL, &l);
391 if (r < 0)
392 return r;
393
394 break;
395
396 case MACHINE_CONTAINER: {
397 _cleanup_close_ int mntns_fd = -1, root_fd = -1;
398 _cleanup_close_pair_ int pair[2] = { -1, -1 };
399 _cleanup_fclose_ FILE *f = NULL;
400 siginfo_t si;
401 pid_t child;
402
403 r = namespace_open(m->leader, NULL, &mntns_fd, NULL, NULL, &root_fd);
404 if (r < 0)
405 return r;
406
407 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0)
408 return -errno;
409
410 child = fork();
411 if (child < 0)
412 return sd_bus_error_set_errnof(error, errno, "Failed to fork(): %m");
413
414 if (child == 0) {
415 _cleanup_close_ int fd = -1;
416
417 pair[0] = safe_close(pair[0]);
418
419 r = namespace_enter(-1, mntns_fd, -1, -1, root_fd);
420 if (r < 0)
421 _exit(EXIT_FAILURE);
422
423 fd = open("/etc/os-release", O_RDONLY|O_CLOEXEC);
424 if (fd < 0) {
425 fd = open("/usr/lib/os-release", O_RDONLY|O_CLOEXEC);
426 if (fd < 0)
427 _exit(EXIT_FAILURE);
428 }
429
430 r = copy_bytes(fd, pair[1], (uint64_t) -1, false);
431 if (r < 0)
432 _exit(EXIT_FAILURE);
433
434 _exit(EXIT_SUCCESS);
435 }
436
437 pair[1] = safe_close(pair[1]);
438
439 f = fdopen(pair[0], "re");
440 if (!f)
441 return -errno;
442
443 pair[0] = -1;
444
445 r = load_env_file_pairs(f, "/etc/os-release", NULL, &l);
446 if (r < 0)
447 return r;
448
449 r = wait_for_terminate(child, &si);
450 if (r < 0)
451 return sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
452 if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
453 return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Child died abnormally.");
454
455 break;
456 }
457
458 default:
459 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Requesting OS release data is only supported on container machines.");
460 }
461
462 r = sd_bus_message_new_method_return(message, &reply);
463 if (r < 0)
464 return r;
465
466 r = sd_bus_message_open_container(reply, 'a', "{ss}");
467 if (r < 0)
468 return r;
469
470 STRV_FOREACH_PAIR(k, v, l) {
471 r = sd_bus_message_append(reply, "{ss}", *k, *v);
472 if (r < 0)
473 return r;
474 }
475
476 r = sd_bus_message_close_container(reply);
477 if (r < 0)
478 return r;
479
480 return sd_bus_send(NULL, reply, NULL);
481 }
482
483 int bus_machine_method_open_pty(sd_bus_message *message, void *userdata, sd_bus_error *error) {
484 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
485 _cleanup_free_ char *pty_name = NULL;
486 _cleanup_close_ int master = -1;
487 Machine *m = userdata;
488 int r;
489
490 assert(message);
491 assert(m);
492
493 r = bus_verify_polkit_async(
494 message,
495 CAP_SYS_ADMIN,
496 m->class == MACHINE_HOST ? "org.freedesktop.machine1.host-open-pty" : "org.freedesktop.machine1.open-pty",
497 NULL,
498 false,
499 UID_INVALID,
500 &m->manager->polkit_registry,
501 error);
502 if (r < 0)
503 return r;
504 if (r == 0)
505 return 1; /* Will call us back */
506
507 master = machine_openpt(m, O_RDWR|O_NOCTTY|O_CLOEXEC);
508 if (master < 0)
509 return master;
510
511 r = ptsname_namespace(master, &pty_name);
512 if (r < 0)
513 return r;
514
515 r = sd_bus_message_new_method_return(message, &reply);
516 if (r < 0)
517 return r;
518
519 r = sd_bus_message_append(reply, "hs", master, pty_name);
520 if (r < 0)
521 return r;
522
523 return sd_bus_send(NULL, reply, NULL);
524 }
525
526 static int container_bus_new(Machine *m, sd_bus_error *error, sd_bus **ret) {
527 int r;
528
529 assert(m);
530 assert(ret);
531
532 switch (m->class) {
533
534 case MACHINE_HOST:
535 *ret = NULL;
536 break;
537
538 case MACHINE_CONTAINER: {
539 _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
540 char *address;
541
542 r = sd_bus_new(&bus);
543 if (r < 0)
544 return r;
545
546 if (asprintf(&address, "x-machine-kernel:pid=%1$" PID_PRI ";x-machine-unix:pid=%1$" PID_PRI, m->leader) < 0)
547 return -ENOMEM;
548
549 bus->address = address;
550 bus->bus_client = true;
551 bus->trusted = false;
552 bus->is_system = true;
553
554 r = sd_bus_start(bus);
555 if (r == -ENOENT)
556 return sd_bus_error_set_errnof(error, r, "There is no system bus in container %s.", m->name);
557 if (r < 0)
558 return r;
559
560 *ret = bus;
561 bus = NULL;
562 break;
563 }
564
565 default:
566 return -EOPNOTSUPP;
567 }
568
569 return 0;
570 }
571
572 int bus_machine_method_open_login(sd_bus_message *message, void *userdata, sd_bus_error *error) {
573 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
574 _cleanup_free_ char *pty_name = NULL;
575 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *allocated_bus = NULL;
576 _cleanup_close_ int master = -1;
577 sd_bus *container_bus = NULL;
578 Machine *m = userdata;
579 const char *p, *getty;
580 int r;
581
582 assert(message);
583 assert(m);
584
585 r = bus_verify_polkit_async(
586 message,
587 CAP_SYS_ADMIN,
588 m->class == MACHINE_HOST ? "org.freedesktop.machine1.host-login" : "org.freedesktop.machine1.login",
589 NULL,
590 false,
591 UID_INVALID,
592 &m->manager->polkit_registry,
593 error);
594 if (r < 0)
595 return r;
596 if (r == 0)
597 return 1; /* Will call us back */
598
599 master = machine_openpt(m, O_RDWR|O_NOCTTY|O_CLOEXEC);
600 if (master < 0)
601 return master;
602
603 r = ptsname_namespace(master, &pty_name);
604 if (r < 0)
605 return r;
606
607 p = path_startswith(pty_name, "/dev/pts/");
608 if (!p)
609 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "PTS name %s is invalid", pty_name);
610
611 r = container_bus_new(m, error, &allocated_bus);
612 if (r < 0)
613 return r;
614
615 container_bus = allocated_bus ?: m->manager->bus;
616
617 getty = strjoina("container-getty@", p, ".service");
618
619 r = sd_bus_call_method(
620 container_bus,
621 "org.freedesktop.systemd1",
622 "/org/freedesktop/systemd1",
623 "org.freedesktop.systemd1.Manager",
624 "StartUnit",
625 error, NULL,
626 "ss", getty, "replace");
627 if (r < 0)
628 return r;
629
630 r = sd_bus_message_new_method_return(message, &reply);
631 if (r < 0)
632 return r;
633
634 r = sd_bus_message_append(reply, "hs", master, pty_name);
635 if (r < 0)
636 return r;
637
638 return sd_bus_send(NULL, reply, NULL);
639 }
640
641 int bus_machine_method_open_shell(sd_bus_message *message, void *userdata, sd_bus_error *error) {
642 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL, *tm = NULL;
643 _cleanup_free_ char *pty_name = NULL;
644 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *allocated_bus = NULL;
645 sd_bus *container_bus = NULL;
646 _cleanup_close_ int master = -1, slave = -1;
647 _cleanup_strv_free_ char **env = NULL, **args = NULL;
648 Machine *m = userdata;
649 const char *p, *unit, *user, *path, *description, *utmp_id;
650 int r;
651
652 assert(message);
653 assert(m);
654
655 r = sd_bus_message_read(message, "ss", &user, &path);
656 if (r < 0)
657 return r;
658 user = empty_to_null(user);
659 if (isempty(path))
660 path = "/bin/sh";
661 if (!path_is_absolute(path))
662 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Specified path '%s' is not absolute", path);
663
664 r = sd_bus_message_read_strv(message, &args);
665 if (r < 0)
666 return r;
667 if (strv_isempty(args)) {
668 args = strv_free(args);
669
670 args = strv_new(path, NULL);
671 if (!args)
672 return -ENOMEM;
673
674 args[0][0] = '-'; /* Tell /bin/sh that this shall be a login shell */
675 }
676
677 r = sd_bus_message_read_strv(message, &env);
678 if (r < 0)
679 return r;
680 if (!strv_env_is_valid(env))
681 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment assignments");
682
683 r = bus_verify_polkit_async(
684 message,
685 CAP_SYS_ADMIN,
686 m->class == MACHINE_HOST ? "org.freedesktop.machine1.host-shell" : "org.freedesktop.machine1.shell",
687 NULL,
688 false,
689 UID_INVALID,
690 &m->manager->polkit_registry,
691 error);
692 if (r < 0)
693 return r;
694 if (r == 0)
695 return 1; /* Will call us back */
696
697 master = machine_openpt(m, O_RDWR|O_NOCTTY|O_CLOEXEC);
698 if (master < 0)
699 return master;
700
701 r = ptsname_namespace(master, &pty_name);
702 if (r < 0)
703 return r;
704
705 p = path_startswith(pty_name, "/dev/pts/");
706 assert(p);
707
708 slave = machine_open_terminal(m, pty_name, O_RDWR|O_NOCTTY|O_CLOEXEC);
709 if (slave < 0)
710 return slave;
711
712 utmp_id = path_startswith(pty_name, "/dev/");
713 assert(utmp_id);
714
715 r = container_bus_new(m, error, &allocated_bus);
716 if (r < 0)
717 return r;
718
719 container_bus = allocated_bus ?: m->manager->bus;
720
721 r = sd_bus_message_new_method_call(
722 container_bus,
723 &tm,
724 "org.freedesktop.systemd1",
725 "/org/freedesktop/systemd1",
726 "org.freedesktop.systemd1.Manager",
727 "StartTransientUnit");
728 if (r < 0)
729 return r;
730
731 /* Name and mode */
732 unit = strjoina("container-shell@", p, ".service");
733 r = sd_bus_message_append(tm, "ss", unit, "fail");
734 if (r < 0)
735 return r;
736
737 /* Properties */
738 r = sd_bus_message_open_container(tm, 'a', "(sv)");
739 if (r < 0)
740 return r;
741
742 description = strjoina("Shell for User ", isempty(user) ? "root" : user);
743 r = sd_bus_message_append(tm,
744 "(sv)(sv)(sv)(sv)(sv)(sv)(sv)(sv)(sv)(sv)(sv)(sv)",
745 "Description", "s", description,
746 "StandardInputFileDescriptor", "h", slave,
747 "StandardOutputFileDescriptor", "h", slave,
748 "StandardErrorFileDescriptor", "h", slave,
749 "SendSIGHUP", "b", true,
750 "IgnoreSIGPIPE", "b", false,
751 "KillMode", "s", "mixed",
752 "TTYReset", "b", true,
753 "UtmpIdentifier", "s", utmp_id,
754 "UtmpMode", "s", "user",
755 "PAMName", "s", "login",
756 "WorkingDirectory", "s", "-~");
757 if (r < 0)
758 return r;
759
760 r = sd_bus_message_append(tm, "(sv)", "User", "s", isempty(user) ? "root" : user);
761 if (r < 0)
762 return r;
763
764 if (!strv_isempty(env)) {
765 r = sd_bus_message_open_container(tm, 'r', "sv");
766 if (r < 0)
767 return r;
768
769 r = sd_bus_message_append(tm, "s", "Environment");
770 if (r < 0)
771 return r;
772
773 r = sd_bus_message_open_container(tm, 'v', "as");
774 if (r < 0)
775 return r;
776
777 r = sd_bus_message_append_strv(tm, env);
778 if (r < 0)
779 return r;
780
781 r = sd_bus_message_close_container(tm);
782 if (r < 0)
783 return r;
784
785 r = sd_bus_message_close_container(tm);
786 if (r < 0)
787 return r;
788 }
789
790 /* Exec container */
791 r = sd_bus_message_open_container(tm, 'r', "sv");
792 if (r < 0)
793 return r;
794
795 r = sd_bus_message_append(tm, "s", "ExecStart");
796 if (r < 0)
797 return r;
798
799 r = sd_bus_message_open_container(tm, 'v', "a(sasb)");
800 if (r < 0)
801 return r;
802
803 r = sd_bus_message_open_container(tm, 'a', "(sasb)");
804 if (r < 0)
805 return r;
806
807 r = sd_bus_message_open_container(tm, 'r', "sasb");
808 if (r < 0)
809 return r;
810
811 r = sd_bus_message_append(tm, "s", path);
812 if (r < 0)
813 return r;
814
815 r = sd_bus_message_append_strv(tm, args);
816 if (r < 0)
817 return r;
818
819 r = sd_bus_message_append(tm, "b", true);
820 if (r < 0)
821 return r;
822
823 r = sd_bus_message_close_container(tm);
824 if (r < 0)
825 return r;
826
827 r = sd_bus_message_close_container(tm);
828 if (r < 0)
829 return r;
830
831 r = sd_bus_message_close_container(tm);
832 if (r < 0)
833 return r;
834
835 r = sd_bus_message_close_container(tm);
836 if (r < 0)
837 return r;
838
839 r = sd_bus_message_close_container(tm);
840 if (r < 0)
841 return r;
842
843 /* Auxiliary units */
844 r = sd_bus_message_append(tm, "a(sa(sv))", 0);
845 if (r < 0)
846 return r;
847
848 r = sd_bus_call(container_bus, tm, 0, error, NULL);
849 if (r < 0)
850 return r;
851
852 slave = safe_close(slave);
853
854 r = sd_bus_message_new_method_return(message, &reply);
855 if (r < 0)
856 return r;
857
858 r = sd_bus_message_append(reply, "hs", master, pty_name);
859 if (r < 0)
860 return r;
861
862 return sd_bus_send(NULL, reply, NULL);
863 }
864
865 int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bus_error *error) {
866 _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
867 char mount_slave[] = "/tmp/propagate.XXXXXX", *mount_tmp, *mount_outside, *p;
868 bool mount_slave_created = false, mount_slave_mounted = false,
869 mount_tmp_created = false, mount_tmp_mounted = false,
870 mount_outside_created = false, mount_outside_mounted = false;
871 const char *dest, *src;
872 Machine *m = userdata;
873 int read_only, make_directory;
874 pid_t child;
875 siginfo_t si;
876 int r;
877
878 assert(message);
879 assert(m);
880
881 if (m->class != MACHINE_CONTAINER)
882 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Bind mounting is only supported on container machines.");
883
884 r = sd_bus_message_read(message, "ssbb", &src, &dest, &read_only, &make_directory);
885 if (r < 0)
886 return r;
887
888 if (!path_is_absolute(src) || !path_is_safe(src))
889 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path must be absolute and not contain ../.");
890
891 if (isempty(dest))
892 dest = src;
893 else if (!path_is_absolute(dest) || !path_is_safe(dest))
894 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Destination path must be absolute and not contain ../.");
895
896 r = bus_verify_polkit_async(
897 message,
898 CAP_SYS_ADMIN,
899 "org.freedesktop.machine1.manage-machines",
900 NULL,
901 false,
902 UID_INVALID,
903 &m->manager->polkit_registry,
904 error);
905 if (r < 0)
906 return r;
907 if (r == 0)
908 return 1; /* Will call us back */
909
910 /* One day, when bind mounting /proc/self/fd/n works across
911 * namespace boundaries we should rework this logic to make
912 * use of it... */
913
914 p = strjoina("/run/systemd/nspawn/propagate/", m->name, "/");
915 if (laccess(p, F_OK) < 0)
916 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Container does not allow propagation of mount points.");
917
918 /* Our goal is to install a new bind mount into the container,
919 possibly read-only. This is irritatingly complex
920 unfortunately, currently.
921
922 First, we start by creating a private playground in /tmp,
923 that we can mount MS_SLAVE. (Which is necessary, since
924 MS_MOVE cannot be applied to mounts with MS_SHARED parent
925 mounts.) */
926
927 if (!mkdtemp(mount_slave))
928 return sd_bus_error_set_errnof(error, errno, "Failed to create playground %s: %m", mount_slave);
929
930 mount_slave_created = true;
931
932 if (mount(mount_slave, mount_slave, NULL, MS_BIND, NULL) < 0) {
933 r = sd_bus_error_set_errnof(error, errno, "Failed to make bind mount %s: %m", mount_slave);
934 goto finish;
935 }
936
937 mount_slave_mounted = true;
938
939 if (mount(NULL, mount_slave, NULL, MS_SLAVE, NULL) < 0) {
940 r = sd_bus_error_set_errnof(error, errno, "Failed to remount slave %s: %m", mount_slave);
941 goto finish;
942 }
943
944 /* Second, we mount the source directory to a directory inside
945 of our MS_SLAVE playground. */
946 mount_tmp = strjoina(mount_slave, "/mount");
947 if (mkdir(mount_tmp, 0700) < 0) {
948 r = sd_bus_error_set_errnof(error, errno, "Failed to create temporary mount point %s: %m", mount_tmp);
949 goto finish;
950 }
951
952 mount_tmp_created = true;
953
954 if (mount(src, mount_tmp, NULL, MS_BIND, NULL) < 0) {
955 r = sd_bus_error_set_errnof(error, errno, "Failed to overmount %s: %m", mount_tmp);
956 goto finish;
957 }
958
959 mount_tmp_mounted = true;
960
961 /* Third, we remount the new bind mount read-only if requested. */
962 if (read_only)
963 if (mount(NULL, mount_tmp, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY, NULL) < 0) {
964 r = sd_bus_error_set_errnof(error, errno, "Failed to remount read-only %s: %m", mount_tmp);
965 goto finish;
966 }
967
968 /* Fourth, we move the new bind mount into the propagation
969 * directory. This way it will appear there read-only
970 * right-away. */
971
972 mount_outside = strjoina("/run/systemd/nspawn/propagate/", m->name, "/XXXXXX");
973 if (!mkdtemp(mount_outside)) {
974 r = sd_bus_error_set_errnof(error, errno, "Cannot create propagation directory %s: %m", mount_outside);
975 goto finish;
976 }
977
978 mount_outside_created = true;
979
980 if (mount(mount_tmp, mount_outside, NULL, MS_MOVE, NULL) < 0) {
981 r = sd_bus_error_set_errnof(error, errno, "Failed to move %s to %s: %m", mount_tmp, mount_outside);
982 goto finish;
983 }
984
985 mount_outside_mounted = true;
986 mount_tmp_mounted = false;
987
988 (void) rmdir(mount_tmp);
989 mount_tmp_created = false;
990
991 (void) umount(mount_slave);
992 mount_slave_mounted = false;
993
994 (void) rmdir(mount_slave);
995 mount_slave_created = false;
996
997 if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0) {
998 r = sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
999 goto finish;
1000 }
1001
1002 child = fork();
1003 if (child < 0) {
1004 r = sd_bus_error_set_errnof(error, errno, "Failed to fork(): %m");
1005 goto finish;
1006 }
1007
1008 if (child == 0) {
1009 const char *mount_inside;
1010 int mntfd;
1011 const char *q;
1012
1013 errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
1014
1015 q = procfs_file_alloca(m->leader, "ns/mnt");
1016 mntfd = open(q, O_RDONLY|O_NOCTTY|O_CLOEXEC);
1017 if (mntfd < 0) {
1018 r = log_error_errno(errno, "Failed to open mount namespace of leader: %m");
1019 goto child_fail;
1020 }
1021
1022 if (setns(mntfd, CLONE_NEWNS) < 0) {
1023 r = log_error_errno(errno, "Failed to join namespace of leader: %m");
1024 goto child_fail;
1025 }
1026
1027 if (make_directory)
1028 (void) mkdir_p(dest, 0755);
1029
1030 /* Fifth, move the mount to the right place inside */
1031 mount_inside = strjoina("/run/systemd/nspawn/incoming/", basename(mount_outside));
1032 if (mount(mount_inside, dest, NULL, MS_MOVE, NULL) < 0) {
1033 r = log_error_errno(errno, "Failed to mount: %m");
1034 goto child_fail;
1035 }
1036
1037 _exit(EXIT_SUCCESS);
1038
1039 child_fail:
1040 (void) write(errno_pipe_fd[1], &r, sizeof(r));
1041 errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
1042
1043 _exit(EXIT_FAILURE);
1044 }
1045
1046 errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
1047
1048 r = wait_for_terminate(child, &si);
1049 if (r < 0) {
1050 r = sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
1051 goto finish;
1052 }
1053 if (si.si_code != CLD_EXITED) {
1054 r = sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Child died abnormally.");
1055 goto finish;
1056 }
1057 if (si.si_status != EXIT_SUCCESS) {
1058
1059 if (read(errno_pipe_fd[0], &r, sizeof(r)) == sizeof(r))
1060 r = sd_bus_error_set_errnof(error, r, "Failed to mount: %m");
1061 else
1062 r = sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Child failed.");
1063 goto finish;
1064 }
1065
1066 r = sd_bus_reply_method_return(message, NULL);
1067
1068 finish:
1069 if (mount_outside_mounted)
1070 umount(mount_outside);
1071 if (mount_outside_created)
1072 rmdir(mount_outside);
1073
1074 if (mount_tmp_mounted)
1075 umount(mount_tmp);
1076 if (mount_tmp_created)
1077 rmdir(mount_tmp);
1078
1079 if (mount_slave_mounted)
1080 umount(mount_slave);
1081 if (mount_slave_created)
1082 rmdir(mount_slave);
1083
1084 return r;
1085 }
1086
1087 int bus_machine_method_copy(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1088 const char *src, *dest, *host_path, *container_path, *host_basename, *host_dirname, *container_basename, *container_dirname;
1089 _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
1090 _cleanup_close_ int hostfd = -1;
1091 Machine *m = userdata;
1092 bool copy_from;
1093 pid_t child;
1094 char *t;
1095 int r;
1096
1097 assert(message);
1098 assert(m);
1099
1100 if (m->manager->n_operations >= OPERATIONS_MAX)
1101 return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing copies.");
1102
1103 if (m->class != MACHINE_CONTAINER)
1104 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Copying files is only supported on container machines.");
1105
1106 r = sd_bus_message_read(message, "ss", &src, &dest);
1107 if (r < 0)
1108 return r;
1109
1110 if (!path_is_absolute(src))
1111 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path must be absolute.");
1112
1113 if (isempty(dest))
1114 dest = src;
1115 else if (!path_is_absolute(dest))
1116 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Destination path must be absolute.");
1117
1118 r = bus_verify_polkit_async(
1119 message,
1120 CAP_SYS_ADMIN,
1121 "org.freedesktop.machine1.manage-machines",
1122 NULL,
1123 false,
1124 UID_INVALID,
1125 &m->manager->polkit_registry,
1126 error);
1127 if (r < 0)
1128 return r;
1129 if (r == 0)
1130 return 1; /* Will call us back */
1131
1132 copy_from = strstr(sd_bus_message_get_member(message), "CopyFrom");
1133
1134 if (copy_from) {
1135 container_path = src;
1136 host_path = dest;
1137 } else {
1138 host_path = src;
1139 container_path = dest;
1140 }
1141
1142 host_basename = basename(host_path);
1143 t = strdupa(host_path);
1144 host_dirname = dirname(t);
1145
1146 container_basename = basename(container_path);
1147 t = strdupa(container_path);
1148 container_dirname = dirname(t);
1149
1150 hostfd = open(host_dirname, O_CLOEXEC|O_RDONLY|O_NOCTTY|O_DIRECTORY);
1151 if (hostfd < 0)
1152 return sd_bus_error_set_errnof(error, errno, "Failed to open host directory %s: %m", host_dirname);
1153
1154 if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
1155 return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
1156
1157 child = fork();
1158 if (child < 0)
1159 return sd_bus_error_set_errnof(error, errno, "Failed to fork(): %m");
1160
1161 if (child == 0) {
1162 int containerfd;
1163 const char *q;
1164 int mntfd;
1165
1166 errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
1167
1168 q = procfs_file_alloca(m->leader, "ns/mnt");
1169 mntfd = open(q, O_RDONLY|O_NOCTTY|O_CLOEXEC);
1170 if (mntfd < 0) {
1171 r = log_error_errno(errno, "Failed to open mount namespace of leader: %m");
1172 goto child_fail;
1173 }
1174
1175 if (setns(mntfd, CLONE_NEWNS) < 0) {
1176 r = log_error_errno(errno, "Failed to join namespace of leader: %m");
1177 goto child_fail;
1178 }
1179
1180 containerfd = open(container_dirname, O_CLOEXEC|O_RDONLY|O_NOCTTY|O_DIRECTORY);
1181 if (containerfd < 0) {
1182 r = log_error_errno(errno, "Failed top open destination directory: %m");
1183 goto child_fail;
1184 }
1185
1186 if (copy_from)
1187 r = copy_tree_at(containerfd, container_basename, hostfd, host_basename, true);
1188 else
1189 r = copy_tree_at(hostfd, host_basename, containerfd, container_basename, true);
1190
1191 hostfd = safe_close(hostfd);
1192 containerfd = safe_close(containerfd);
1193
1194 if (r < 0) {
1195 r = log_error_errno(r, "Failed to copy tree: %m");
1196 goto child_fail;
1197 }
1198
1199 _exit(EXIT_SUCCESS);
1200
1201 child_fail:
1202 (void) write(errno_pipe_fd[1], &r, sizeof(r));
1203 _exit(EXIT_FAILURE);
1204 }
1205
1206 errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
1207
1208 /* Copying might take a while, hence install a watch on the child, and return */
1209
1210 r = operation_new(m->manager, m, child, message, errno_pipe_fd[0], NULL);
1211 if (r < 0) {
1212 (void) sigkill_wait(child);
1213 return r;
1214 }
1215 errno_pipe_fd[0] = -1;
1216
1217 return 1;
1218 }
1219
1220 int bus_machine_method_open_root_directory(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1221 _cleanup_close_ int fd = -1;
1222 Machine *m = userdata;
1223 int r;
1224
1225 assert(message);
1226 assert(m);
1227
1228 r = bus_verify_polkit_async(
1229 message,
1230 CAP_SYS_ADMIN,
1231 "org.freedesktop.machine1.manage-machines",
1232 NULL,
1233 false,
1234 UID_INVALID,
1235 &m->manager->polkit_registry,
1236 error);
1237 if (r < 0)
1238 return r;
1239 if (r == 0)
1240 return 1; /* Will call us back */
1241
1242 switch (m->class) {
1243
1244 case MACHINE_HOST:
1245 fd = open("/", O_RDONLY|O_CLOEXEC|O_DIRECTORY);
1246 if (fd < 0)
1247 return -errno;
1248
1249 break;
1250
1251 case MACHINE_CONTAINER: {
1252 _cleanup_close_ int mntns_fd = -1, root_fd = -1;
1253 _cleanup_close_pair_ int pair[2] = { -1, -1 };
1254 siginfo_t si;
1255 pid_t child;
1256
1257 r = namespace_open(m->leader, NULL, &mntns_fd, NULL, NULL, &root_fd);
1258 if (r < 0)
1259 return r;
1260
1261 if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
1262 return -errno;
1263
1264 child = fork();
1265 if (child < 0)
1266 return sd_bus_error_set_errnof(error, errno, "Failed to fork(): %m");
1267
1268 if (child == 0) {
1269 _cleanup_close_ int dfd = -1;
1270
1271 pair[0] = safe_close(pair[0]);
1272
1273 r = namespace_enter(-1, mntns_fd, -1, -1, root_fd);
1274 if (r < 0)
1275 _exit(EXIT_FAILURE);
1276
1277 dfd = open("/", O_RDONLY|O_CLOEXEC|O_DIRECTORY);
1278 if (dfd < 0)
1279 _exit(EXIT_FAILURE);
1280
1281 r = send_one_fd(pair[1], dfd, 0);
1282 dfd = safe_close(dfd);
1283 if (r < 0)
1284 _exit(EXIT_FAILURE);
1285
1286 _exit(EXIT_SUCCESS);
1287 }
1288
1289 pair[1] = safe_close(pair[1]);
1290
1291 r = wait_for_terminate(child, &si);
1292 if (r < 0)
1293 return sd_bus_error_set_errnof(error, r, "Failed to wait for child: %m");
1294 if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
1295 return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Child died abnormally.");
1296
1297 fd = receive_one_fd(pair[0], MSG_DONTWAIT);
1298 if (fd < 0)
1299 return fd;
1300
1301 break;
1302 }
1303
1304 default:
1305 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Opening the root directory is only supported on container machines.");
1306 }
1307
1308 return sd_bus_reply_method_return(message, "h", fd);
1309 }
1310
1311 const sd_bus_vtable machine_vtable[] = {
1312 SD_BUS_VTABLE_START(0),
1313 SD_BUS_PROPERTY("Name", "s", NULL, offsetof(Machine, name), SD_BUS_VTABLE_PROPERTY_CONST),
1314 SD_BUS_PROPERTY("Id", "ay", property_get_id, 0, SD_BUS_VTABLE_PROPERTY_CONST),
1315 BUS_PROPERTY_DUAL_TIMESTAMP("Timestamp", offsetof(Machine, timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
1316 SD_BUS_PROPERTY("Service", "s", NULL, offsetof(Machine, service), SD_BUS_VTABLE_PROPERTY_CONST),
1317 SD_BUS_PROPERTY("Unit", "s", NULL, offsetof(Machine, unit), SD_BUS_VTABLE_PROPERTY_CONST),
1318 SD_BUS_PROPERTY("Scope", "s", NULL, offsetof(Machine, unit), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1319 SD_BUS_PROPERTY("Leader", "u", NULL, offsetof(Machine, leader), SD_BUS_VTABLE_PROPERTY_CONST),
1320 SD_BUS_PROPERTY("Class", "s", property_get_class, offsetof(Machine, class), SD_BUS_VTABLE_PROPERTY_CONST),
1321 SD_BUS_PROPERTY("RootDirectory", "s", NULL, offsetof(Machine, root_directory), SD_BUS_VTABLE_PROPERTY_CONST),
1322 SD_BUS_PROPERTY("NetworkInterfaces", "ai", property_get_netif, 0, SD_BUS_VTABLE_PROPERTY_CONST),
1323 SD_BUS_PROPERTY("State", "s", property_get_state, 0, 0),
1324 SD_BUS_METHOD("Terminate", NULL, NULL, bus_machine_method_terminate, SD_BUS_VTABLE_UNPRIVILEGED),
1325 SD_BUS_METHOD("Kill", "si", NULL, bus_machine_method_kill, SD_BUS_VTABLE_UNPRIVILEGED),
1326 SD_BUS_METHOD("GetAddresses", NULL, "a(iay)", bus_machine_method_get_addresses, SD_BUS_VTABLE_UNPRIVILEGED),
1327 SD_BUS_METHOD("GetOSRelease", NULL, "a{ss}", bus_machine_method_get_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
1328 SD_BUS_METHOD("OpenPTY", NULL, "hs", bus_machine_method_open_pty, SD_BUS_VTABLE_UNPRIVILEGED),
1329 SD_BUS_METHOD("OpenLogin", NULL, "hs", bus_machine_method_open_login, SD_BUS_VTABLE_UNPRIVILEGED),
1330 SD_BUS_METHOD("OpenShell", "ssasas", "hs", bus_machine_method_open_shell, SD_BUS_VTABLE_UNPRIVILEGED),
1331 SD_BUS_METHOD("BindMount", "ssbb", NULL, bus_machine_method_bind_mount, SD_BUS_VTABLE_UNPRIVILEGED),
1332 SD_BUS_METHOD("CopyFrom", "ss", NULL, bus_machine_method_copy, SD_BUS_VTABLE_UNPRIVILEGED),
1333 SD_BUS_METHOD("CopyTo", "ss", NULL, bus_machine_method_copy, SD_BUS_VTABLE_UNPRIVILEGED),
1334 SD_BUS_METHOD("OpenRootDirectory", NULL, "h", bus_machine_method_open_root_directory, SD_BUS_VTABLE_UNPRIVILEGED),
1335 SD_BUS_VTABLE_END
1336 };
1337
1338 int machine_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
1339 Manager *m = userdata;
1340 Machine *machine;
1341 int r;
1342
1343 assert(bus);
1344 assert(path);
1345 assert(interface);
1346 assert(found);
1347 assert(m);
1348
1349 if (streq(path, "/org/freedesktop/machine1/machine/self")) {
1350 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
1351 sd_bus_message *message;
1352 pid_t pid;
1353
1354 message = sd_bus_get_current_message(bus);
1355 if (!message)
1356 return 0;
1357
1358 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
1359 if (r < 0)
1360 return r;
1361
1362 r = sd_bus_creds_get_pid(creds, &pid);
1363 if (r < 0)
1364 return r;
1365
1366 r = manager_get_machine_by_pid(m, pid, &machine);
1367 if (r <= 0)
1368 return 0;
1369 } else {
1370 _cleanup_free_ char *e = NULL;
1371 const char *p;
1372
1373 p = startswith(path, "/org/freedesktop/machine1/machine/");
1374 if (!p)
1375 return 0;
1376
1377 e = bus_label_unescape(p);
1378 if (!e)
1379 return -ENOMEM;
1380
1381 machine = hashmap_get(m->machines, e);
1382 if (!machine)
1383 return 0;
1384 }
1385
1386 *found = machine;
1387 return 1;
1388 }
1389
1390 char *machine_bus_path(Machine *m) {
1391 _cleanup_free_ char *e = NULL;
1392
1393 assert(m);
1394
1395 e = bus_label_escape(m->name);
1396 if (!e)
1397 return NULL;
1398
1399 return strappend("/org/freedesktop/machine1/machine/", e);
1400 }
1401
1402 int machine_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
1403 _cleanup_strv_free_ char **l = NULL;
1404 Machine *machine = NULL;
1405 Manager *m = userdata;
1406 Iterator i;
1407 int r;
1408
1409 assert(bus);
1410 assert(path);
1411 assert(nodes);
1412
1413 HASHMAP_FOREACH(machine, m->machines, i) {
1414 char *p;
1415
1416 p = machine_bus_path(machine);
1417 if (!p)
1418 return -ENOMEM;
1419
1420 r = strv_consume(&l, p);
1421 if (r < 0)
1422 return r;
1423 }
1424
1425 *nodes = l;
1426 l = NULL;
1427
1428 return 1;
1429 }
1430
1431 int machine_send_signal(Machine *m, bool new_machine) {
1432 _cleanup_free_ char *p = NULL;
1433
1434 assert(m);
1435
1436 p = machine_bus_path(m);
1437 if (!p)
1438 return -ENOMEM;
1439
1440 return sd_bus_emit_signal(
1441 m->manager->bus,
1442 "/org/freedesktop/machine1",
1443 "org.freedesktop.machine1.Manager",
1444 new_machine ? "MachineNew" : "MachineRemoved",
1445 "so", m->name, p);
1446 }
1447
1448 int machine_send_create_reply(Machine *m, sd_bus_error *error) {
1449 _cleanup_(sd_bus_message_unrefp) sd_bus_message *c = NULL;
1450 _cleanup_free_ char *p = NULL;
1451
1452 assert(m);
1453
1454 if (!m->create_message)
1455 return 0;
1456
1457 c = m->create_message;
1458 m->create_message = NULL;
1459
1460 if (error)
1461 return sd_bus_reply_method_error(c, error);
1462
1463 /* Update the machine state file before we notify the client
1464 * about the result. */
1465 machine_save(m);
1466
1467 p = machine_bus_path(m);
1468 if (!p)
1469 return -ENOMEM;
1470
1471 return sd_bus_reply_method_return(c, "o", p);
1472 }
Unnamed repository; edit this file 'description' to name the repository.