1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 #include "alloc-util.h"
4 #include "bus-common-errors.h"
10 #include "machine-image.h"
12 #include "portabled-bus.h"
13 #include "portabled-image-bus.h"
14 #include "portabled-image.h"
15 #include "portabled.h"
16 #include "process-util.h"
18 #include "user-util.h"
20 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type
, image_type
, ImageType
);
22 int bus_image_common_get_os_release(
24 sd_bus_message
*message
,
25 const char *name_or_path
,
27 sd_bus_error
*error
) {
31 assert(name_or_path
|| image
);
39 r
= bus_image_acquire(m
,
43 BUS_IMAGE_AUTHENTICATE_BY_PATH
,
44 "org.freedesktop.portable1.inspect-images",
49 if (r
== 0) /* Will call us back */
52 if (!image
->metadata_valid
) {
53 r
= image_read_metadata(image
);
55 return sd_bus_error_set_errnof(error
, r
, "Failed to read image metadata: %m");
58 return bus_reply_pair_array(message
, image
->os_release
);
61 static int bus_image_method_get_os_release(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
62 return bus_image_common_get_os_release(NULL
, message
, NULL
, userdata
, error
);
65 static int append_fd(sd_bus_message
*m
, PortableMetadata
*d
) {
66 _cleanup_fclose_
FILE *f
= NULL
;
67 _cleanup_free_
char *buf
= NULL
;
75 f
= fdopen(d
->fd
, "re");
81 r
= read_full_stream(f
, &buf
, &n
);
85 return sd_bus_message_append_array(m
, 'y', buf
, n
);
88 int bus_image_common_get_metadata(
90 sd_bus_message
*message
,
91 const char *name_or_path
,
93 sd_bus_error
*error
) {
95 _cleanup_(portable_metadata_unrefp
) PortableMetadata
*os_release
= NULL
;
96 _cleanup_(portable_metadata_hashmap_unrefp
) Hashmap
*unit_files
= NULL
;
97 _cleanup_(sd_bus_message_unrefp
) sd_bus_message
*reply
= NULL
;
98 _cleanup_free_ PortableMetadata
**sorted
= NULL
;
99 _cleanup_strv_free_
char **matches
= NULL
;
103 assert(name_or_path
|| image
);
111 r
= sd_bus_message_read_strv(message
, &matches
);
115 r
= bus_image_acquire(m
,
119 BUS_IMAGE_AUTHENTICATE_BY_PATH
,
120 "org.freedesktop.portable1.inspect-images",
125 if (r
== 0) /* Will call us back */
128 r
= portable_extract(
137 r
= portable_metadata_hashmap_to_sorted_array(unit_files
, &sorted
);
141 r
= sd_bus_message_new_method_return(message
, &reply
);
145 r
= sd_bus_message_append(reply
, "s", image
->path
);
149 r
= append_fd(reply
, os_release
);
153 r
= sd_bus_message_open_container(reply
, 'a', "{say}");
157 for (i
= 0; i
< hashmap_size(unit_files
); i
++) {
159 r
= sd_bus_message_open_container(reply
, 'e', "say");
163 r
= sd_bus_message_append(reply
, "s", sorted
[i
]->name
);
167 r
= append_fd(reply
, sorted
[i
]);
171 r
= sd_bus_message_close_container(reply
);
176 r
= sd_bus_message_close_container(reply
);
180 return sd_bus_send(NULL
, reply
, NULL
);
183 static int bus_image_method_get_metadata(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
184 return bus_image_common_get_metadata(NULL
, message
, NULL
, userdata
, error
);
187 static int bus_image_method_get_state(
188 sd_bus_message
*message
,
190 sd_bus_error
*error
) {
192 Image
*image
= userdata
;
199 r
= portable_get_state(
200 sd_bus_message_get_bus(message
),
208 return sd_bus_reply_method_return(message
, "s", portable_state_to_string(state
));
211 int bus_image_common_attach(
213 sd_bus_message
*message
,
214 const char *name_or_path
,
216 sd_bus_error
*error
) {
218 _cleanup_strv_free_
char **matches
= NULL
;
219 PortableChange
*changes
= NULL
;
220 PortableFlags flags
= 0;
221 const char *profile
, *copy_mode
;
222 size_t n_changes
= 0;
226 assert(name_or_path
|| image
);
233 r
= sd_bus_message_read_strv(message
, &matches
);
237 r
= sd_bus_message_read(message
, "sbs", &profile
, &runtime
, ©_mode
);
241 if (streq(copy_mode
, "symlink"))
242 flags
|= PORTABLE_PREFER_SYMLINK
;
243 else if (streq(copy_mode
, "copy"))
244 flags
|= PORTABLE_PREFER_COPY
;
245 else if (!isempty(copy_mode
))
246 return sd_bus_reply_method_errorf(message
, SD_BUS_ERROR_INVALID_ARGS
, "Unknown copy mode '%s'", copy_mode
);
249 flags
|= PORTABLE_RUNTIME
;
251 r
= bus_image_acquire(m
,
255 BUS_IMAGE_AUTHENTICATE_ALL
,
256 "org.freedesktop.portable1.attach-images",
261 if (r
== 0) /* Will call us back */
265 sd_bus_message_get_bus(message
),
276 r
= reply_portable_changes(message
, changes
, n_changes
);
279 portable_changes_free(changes
, n_changes
);
283 static int bus_image_method_attach(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
284 return bus_image_common_attach(NULL
, message
, NULL
, userdata
, error
);
287 static int bus_image_method_detach(
288 sd_bus_message
*message
,
290 sd_bus_error
*error
) {
292 PortableChange
*changes
= NULL
;
293 Image
*image
= userdata
;
294 Manager
*m
= image
->userdata
;
295 size_t n_changes
= 0;
302 r
= sd_bus_message_read(message
, "b", &runtime
);
306 r
= bus_verify_polkit_async(
309 "org.freedesktop.portable1.attach-images",
318 return 1; /* Will call us back */
321 sd_bus_message_get_bus(message
),
323 runtime
? PORTABLE_RUNTIME
: 0,
330 r
= reply_portable_changes(message
, changes
, n_changes
);
333 portable_changes_free(changes
, n_changes
);
337 int bus_image_common_remove(
339 sd_bus_message
*message
,
340 const char *name_or_path
,
342 sd_bus_error
*error
) {
344 _cleanup_close_pair_
int errno_pipe_fd
[2] = { -1, -1 };
345 _cleanup_(sigkill_waitp
) pid_t child
= 0;
350 assert(name_or_path
|| image
);
357 if (m
->n_operations
>= OPERATIONS_MAX
)
358 return sd_bus_error_setf(error
, SD_BUS_ERROR_LIMITS_EXCEEDED
, "Too many ongoing operations.");
360 r
= bus_image_acquire(m
,
364 BUS_IMAGE_AUTHENTICATE_ALL
,
365 "org.freedesktop.portable1.manage-images",
371 return 1; /* Will call us back */
373 r
= portable_get_state(
374 sd_bus_message_get_bus(message
),
382 if (state
!= PORTABLE_DETACHED
)
383 return sd_bus_error_set_errnof(error
, EBUSY
, "Image '%s' is not detached, refusing.", image
->path
);
385 if (pipe2(errno_pipe_fd
, O_CLOEXEC
|O_NONBLOCK
) < 0)
386 return sd_bus_error_set_errnof(error
, errno
, "Failed to create pipe: %m");
388 r
= safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS
, &child
);
390 return sd_bus_error_set_errnof(error
, r
, "Failed to fork(): %m");
392 errno_pipe_fd
[0] = safe_close(errno_pipe_fd
[0]);
394 r
= image_remove(image
);
396 (void) write(errno_pipe_fd
[1], &r
, sizeof(r
));
403 errno_pipe_fd
[1] = safe_close(errno_pipe_fd
[1]);
405 r
= operation_new(m
, child
, message
, errno_pipe_fd
[0], NULL
);
410 errno_pipe_fd
[0] = -1;
415 static int bus_image_method_remove(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
416 return bus_image_common_remove(NULL
, message
, NULL
, userdata
, error
);
419 int bus_image_common_mark_read_only(
421 sd_bus_message
*message
,
422 const char *name_or_path
,
424 sd_bus_error
*error
) {
429 assert(name_or_path
|| image
);
436 r
= sd_bus_message_read(message
, "b", &read_only
);
440 r
= bus_image_acquire(m
,
444 BUS_IMAGE_AUTHENTICATE_ALL
,
445 "org.freedesktop.portable1.manage-images",
451 return 1; /* Will call us back */
453 r
= image_read_only(image
, read_only
);
457 return sd_bus_reply_method_return(message
, NULL
);
460 static int bus_image_method_mark_read_only(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
461 return bus_image_common_mark_read_only(NULL
, message
, NULL
, userdata
, error
);
464 int bus_image_common_set_limit(
466 sd_bus_message
*message
,
467 const char *name_or_path
,
469 sd_bus_error
*error
) {
475 assert(name_or_path
|| image
);
482 r
= sd_bus_message_read(message
, "t", &limit
);
485 if (!FILE_SIZE_VALID_OR_INFINITY(limit
))
486 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "New limit out of range");
488 r
= bus_image_acquire(m
,
492 BUS_IMAGE_AUTHENTICATE_ALL
,
493 "org.freedesktop.portable1.manage-images",
499 return 1; /* Will call us back */
501 r
= image_set_limit(image
, limit
);
505 return sd_bus_reply_method_return(message
, NULL
);
508 static int bus_image_method_set_limit(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
509 return bus_image_common_set_limit(NULL
, message
, NULL
, userdata
, error
);
512 const sd_bus_vtable image_vtable
[] = {
513 SD_BUS_VTABLE_START(0),
514 SD_BUS_PROPERTY("Name", "s", NULL
, offsetof(Image
, name
), 0),
515 SD_BUS_PROPERTY("Path", "s", NULL
, offsetof(Image
, path
), 0),
516 SD_BUS_PROPERTY("Type", "s", property_get_type
, offsetof(Image
, type
), 0),
517 SD_BUS_PROPERTY("ReadOnly", "b", bus_property_get_bool
, offsetof(Image
, read_only
), 0),
518 SD_BUS_PROPERTY("CreationTimestamp", "t", NULL
, offsetof(Image
, crtime
), 0),
519 SD_BUS_PROPERTY("ModificationTimestamp", "t", NULL
, offsetof(Image
, mtime
), 0),
520 SD_BUS_PROPERTY("Usage", "t", NULL
, offsetof(Image
, usage
), 0),
521 SD_BUS_PROPERTY("Limit", "t", NULL
, offsetof(Image
, limit
), 0),
522 SD_BUS_PROPERTY("UsageExclusive", "t", NULL
, offsetof(Image
, usage_exclusive
), 0),
523 SD_BUS_PROPERTY("LimitExclusive", "t", NULL
, offsetof(Image
, limit_exclusive
), 0),
524 SD_BUS_METHOD("GetOSRelease", NULL
, "a{ss}", bus_image_method_get_os_release
, SD_BUS_VTABLE_UNPRIVILEGED
),
525 SD_BUS_METHOD("GetMedatadata", "as", "saya{say}", bus_image_method_get_metadata
, SD_BUS_VTABLE_UNPRIVILEGED
),
526 SD_BUS_METHOD("GetState", NULL
, "s", bus_image_method_get_state
, SD_BUS_VTABLE_UNPRIVILEGED
),
527 SD_BUS_METHOD("Attach", "assbs", "a(sss)", bus_image_method_attach
, SD_BUS_VTABLE_UNPRIVILEGED
),
528 SD_BUS_METHOD("Detach", "b", "a(sss)", bus_image_method_detach
, SD_BUS_VTABLE_UNPRIVILEGED
),
529 SD_BUS_METHOD("Remove", NULL
, NULL
, bus_image_method_remove
, SD_BUS_VTABLE_UNPRIVILEGED
),
530 SD_BUS_METHOD("MarkReadOnly", "b", NULL
, bus_image_method_mark_read_only
, SD_BUS_VTABLE_UNPRIVILEGED
),
531 SD_BUS_METHOD("SetLimit", "t", NULL
, bus_image_method_set_limit
, SD_BUS_VTABLE_UNPRIVILEGED
),
535 int bus_image_path(Image
*image
, char **ret
) {
539 if (!image
->discoverable
)
542 return sd_bus_path_encode("/org/freedesktop/portable1/image", image
->name
, ret
);
545 int bus_image_acquire(
547 sd_bus_message
*message
,
548 const char *name_or_path
,
550 ImageAcquireMode mode
,
551 const char *polkit_action
,
553 sd_bus_error
*error
) {
555 _cleanup_(image_unrefp
) Image
*loaded
= NULL
;
561 assert(name_or_path
|| image
);
563 assert(mode
< _BUS_IMAGE_ACQUIRE_MODE_MAX
);
564 assert(polkit_action
|| mode
== BUS_IMAGE_REFUSE_BY_PATH
);
567 /* Acquires an 'Image' object if not acquired yet, and enforces necessary authentication while doing so. */
569 if (mode
== BUS_IMAGE_AUTHENTICATE_ALL
) {
570 r
= bus_verify_polkit_async(
581 if (r
== 0) { /* Will call us back */
587 /* Already passed in? */
593 /* Let's see if this image is already cached? */
594 cached
= manager_image_cache_get(m
, name_or_path
);
600 if (image_name_is_valid(name_or_path
)) {
602 /* If it's a short name, let's search for it */
603 r
= image_find(IMAGE_PORTABLE
, name_or_path
, &loaded
);
605 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PORTABLE_IMAGE
, "No image '%s' found.", name_or_path
);
607 /* other errors are handled below… */
609 /* Don't accept path if this is always forbidden */
610 if (mode
== BUS_IMAGE_REFUSE_BY_PATH
)
611 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Expected image name, not path in place of '%s'.", name_or_path
);
613 if (!path_is_absolute(name_or_path
))
614 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Image name '%s' is not valid or not a valid path.", name_or_path
);
616 if (!path_is_normalized(name_or_path
))
617 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Image path '%s' is not normalized.", name_or_path
);
619 if (mode
== BUS_IMAGE_AUTHENTICATE_BY_PATH
) {
620 r
= bus_verify_polkit_async(
631 if (r
== 0) { /* Will call us back */
637 r
= image_from_path(name_or_path
, &loaded
);
639 if (r
== -EMEDIUMTYPE
) {
640 sd_bus_error_setf(error
, BUS_ERROR_BAD_PORTABLE_IMAGE_TYPE
, "Typ of image '%s' not recognized; supported image types are directories/btrfs subvolumes, block devices, and raw disk image files with suffix '.raw'.", name_or_path
);
646 /* Add what we just loaded to the cache. This has as side-effect that the object stays in memory until the
647 * cache is purged again, i.e. at least for the current event loop iteration, which is all we need, and which
648 * means we don't actually need to ref the return object. */
649 r
= manager_image_cache_add(m
, loaded
);
657 int bus_image_object_find(
660 const char *interface
,
663 sd_bus_error
*error
) {
665 _cleanup_free_
char *e
= NULL
;
666 Manager
*m
= userdata
;
675 r
= sd_bus_path_decode(path
, "/org/freedesktop/portable1/image", &e
);
681 r
= bus_image_acquire(m
, sd_bus_get_current_message(bus
), e
, NULL
, BUS_IMAGE_REFUSE_BY_PATH
, NULL
, &image
, error
);
695 int bus_image_node_enumerator(sd_bus
*bus
, const char *path
, void *userdata
, char ***nodes
, sd_bus_error
*error
) {
696 _cleanup_(image_hashmap_freep
) Hashmap
*images
= NULL
;
697 _cleanup_strv_free_
char **l
= NULL
;
698 size_t n_allocated
= 0, n
= 0;
699 Manager
*m
= userdata
;
708 images
= hashmap_new(&string_hash_ops
);
712 r
= manager_image_cache_discover(m
, images
, error
);
716 HASHMAP_FOREACH(image
, images
, i
) {
719 r
= bus_image_path(image
, &p
);
723 if (!GREEDY_REALLOC(l
, n_allocated
, n
+2)) {
732 *nodes
= TAKE_PTR(l
);