[systemd-commits] 8 commits - Makefile.am TODO src/bus-proxyd src/core src/import src/libsystemd src/machine src/shared src/test
Lennart Poettering
lennart at kemper.freedesktop.org
Tue Dec 23 10:15:33 PST 2014
Makefile.am | 18
TODO | 4
src/bus-proxyd/bus-policy.c | 1050 ----------------------------------
src/bus-proxyd/bus-policy.h | 104 ---
src/bus-proxyd/bus-proxyd.c | 3
src/bus-proxyd/bus-xml-policy.c | 1050 ++++++++++++++++++++++++++++++++++
src/bus-proxyd/bus-xml-policy.h | 104 +++
src/bus-proxyd/test-bus-policy.c | 160 -----
src/bus-proxyd/test-bus-xml-policy.c | 158 +++++
src/core/bus-common.c | 35 -
src/core/bus-common.h | 35 -
src/core/bus-endpoint.c | 56 +
src/core/bus-endpoint.h | 4
src/core/busname.c | 3
src/core/busname.h | 17
src/core/execute.c | 23
src/import/import-dkr.c | 2
src/libsystemd/sd-bus/bus-container.c | 26
src/libsystemd/sd-bus/bus-internal.h | 2
src/libsystemd/sd-bus/bus-kernel.c | 185 -----
src/libsystemd/sd-bus/bus-kernel.h | 5
src/libsystemd/sd-bus/busctl.c | 1
src/libsystemd/sd-bus/sd-bus.c | 69 +-
src/machine/machine-dbus.c | 125 ++--
src/machine/machine.h | 1
src/machine/machinectl.c | 40 -
src/machine/machined-dbus.c | 22
src/shared/condition.c | 1
src/shared/env-util.c | 11
src/shared/env-util.h | 4
src/shared/util.c | 86 ++
src/shared/util.h | 2
src/test/test-fileio.c | 2
src/test/test-tables.c | 3
34 files changed, 1658 insertions(+), 1753 deletions(-)
New commits:
commit f6b6892c49f961cffa2e3075f7884b4a77c443e5
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:14:26 2014 +0100
update TODO
diff --git a/TODO b/TODO
index 0ea986d..fdc37b1 100644
--- a/TODO
+++ b/TODO
@@ -31,6 +31,8 @@ External:
Features:
+* rename sd_bus_open_system_container() to sd_bus_open_system_machine()
+
* Port various tools to make use of verbs.[ch], where applicable
* Check all invocations of access() and consider turning them into laccess()
@@ -47,8 +49,6 @@ Features:
* "machinectl status" should show 10 most recent log lines of both the host logs of the unit of the machine, plus the logs generated in the machine
-* make "machinectl login" use a new machined call OpenMachineLogin() or so to get a pty in a machine. That would open up logins to unprivileged clients
-
* add transparent btrfs pool in a loopback file in /var if btrfs operations (such as systemd-import pull-dkr) are used and /var is not a btrfs file system
* machined: open up certain commands to unprivileged clients via polkit
commit bf441e3d9371a7e5aa1def66cfc40f0118884644
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:14:04 2014 +0100
machinectl: rework 'machinectl login' to use OpenMachineLogin()
diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c
index b9e8381..f558c84 100644
--- a/src/machine/machinectl.c
+++ b/src/machine/machinectl.c
@@ -1013,19 +1013,18 @@ finish:
static int login_machine(int argc, char *argv[], void *userdata) {
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
- _cleanup_bus_close_unref_ sd_bus *container_bus = NULL;
_cleanup_(pty_forward_freep) PTYForward *forward = NULL;
_cleanup_event_unref_ sd_event *event = NULL;
- _cleanup_free_ char *getty = NULL;
int master = -1, r, ret = 0;
sd_bus *bus = userdata;
- const char *pty, *p;
+ const char *pty;
sigset_t mask;
char last_char = 0;
assert(bus);
- if (arg_transport != BUS_TRANSPORT_LOCAL) {
+ if (arg_transport != BUS_TRANSPORT_LOCAL &&
+ arg_transport != BUS_TRANSPORT_CONTAINER) {
log_error("Login only supported on local machines.");
return -ENOTSUP;
}
@@ -1042,7 +1041,7 @@ static int login_machine(int argc, char *argv[], void *userdata) {
"org.freedesktop.machine1",
"/org/freedesktop/machine1",
"org.freedesktop.machine1.Manager",
- "OpenMachinePTY",
+ "OpenMachineLogin",
&error,
&reply,
"s", argv[1]);
@@ -1055,37 +1054,6 @@ static int login_machine(int argc, char *argv[], void *userdata) {
if (r < 0)
return bus_log_parse_error(r);
- p = startswith(pty, "/dev/pts/");
- if (!p) {
- log_error("Invalid pty name %s.", pty);
- return -EIO;
- }
-
- r = sd_bus_open_system_container(&container_bus, argv[1]);
- if (r < 0)
- return log_error_errno(r, "Failed to get container bus: %m");
-
- getty = strjoin("container-getty@", p, ".service", NULL);
- if (!getty)
- return log_oom();
-
- if (unlockpt(master) < 0)
- return log_error_errno(errno, "Failed to unlock tty: %m");
-
- r = sd_bus_call_method(container_bus,
- "org.freedesktop.systemd1",
- "/org/freedesktop/systemd1",
- "org.freedesktop.systemd1.Manager",
- "StartUnit",
- &error, NULL,
- "ss", getty, "replace");
- if (r < 0) {
- log_error("Failed to start getty service: %s", bus_error_message(&error, r));
- return r;
- }
-
- container_bus = sd_bus_unref(container_bus);
-
assert_se(sigemptyset(&mask) == 0);
sigset_add_many(&mask, SIGWINCH, SIGTERM, SIGINT, -1);
assert_se(sigprocmask(SIG_BLOCK, &mask, NULL) == 0);
commit 5f8cc96a0301c1177b11dd2e89370ef0b2ef577b
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:12:49 2014 +0100
machined: add new call OpenMachineLogin() that starts a getty in a container on a pty and returns the pty master fd to the client
This is a one-stop solution for "machinectl login", and should simplify
getting logins in containers.
diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c
index 76c5dcf..600d42f 100644
--- a/src/machine/machine-dbus.c
+++ b/src/machine/machine-dbus.c
@@ -32,6 +32,8 @@
#include "fileio.h"
#include "in-addr-util.h"
#include "local-addresses.h"
+#include "path-util.h"
+#include "bus-internal.h"
#include "machine.h"
static int property_get_id(
@@ -391,99 +393,96 @@ int bus_machine_method_get_os_release(sd_bus *bus, sd_bus_message *message, void
}
int bus_machine_method_open_pty(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1;
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
- _cleanup_close_pair_ int pair[2] = { -1, -1 };
+ _cleanup_free_ char *pty_name = NULL;
_cleanup_close_ int master = -1;
- union {
- struct cmsghdr cmsghdr;
- uint8_t buf[CMSG_SPACE(sizeof(int))];
- } control = {};
- struct msghdr mh = {
- .msg_control = &control,
- .msg_controllen = sizeof(control),
- };
Machine *m = userdata;
- _cleanup_free_ char *pty_name = NULL;
- struct cmsghdr *cmsg;
- siginfo_t si;
- pid_t child;
int r;
assert(bus);
assert(message);
assert(m);
- r = namespace_open(m->leader, &pidnsfd, &mntnsfd, NULL, &rootfd);
+ master = openpt_in_namespace(m->leader, O_RDWR|O_NOCTTY|O_CLOEXEC);
+ if (master < 0)
+ return master;
+
+ r = ptsname_malloc(master, &pty_name);
if (r < 0)
return r;
- if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
- return -errno;
-
- child = fork();
- if (child < 0)
- return -errno;
-
- if (child == 0) {
- pair[0] = safe_close(pair[0]);
-
- r = namespace_enter(pidnsfd, mntnsfd, -1, rootfd);
- if (r < 0)
- _exit(EXIT_FAILURE);
-
- master = posix_openpt(O_RDWR|O_NOCTTY|O_CLOEXEC);
- if (master < 0)
- _exit(EXIT_FAILURE);
-
- cmsg = CMSG_FIRSTHDR(&mh);
- cmsg->cmsg_level = SOL_SOCKET;
- cmsg->cmsg_type = SCM_RIGHTS;
- cmsg->cmsg_len = CMSG_LEN(sizeof(int));
- memcpy(CMSG_DATA(cmsg), &master, sizeof(int));
+ r = sd_bus_message_new_method_return(message, &reply);
+ if (r < 0)
+ return r;
- mh.msg_controllen = cmsg->cmsg_len;
+ r = sd_bus_message_append(reply, "hs", master, pty_name);
+ if (r < 0)
+ return r;
- if (sendmsg(pair[1], &mh, MSG_NOSIGNAL) < 0)
- _exit(EXIT_FAILURE);
+ return sd_bus_send(bus, reply, NULL);
+}
- _exit(EXIT_SUCCESS);
- }
+int bus_machine_method_open_login(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+ _cleanup_free_ char *pty_name = NULL, *getty = NULL;
+ _cleanup_bus_unref_ sd_bus *container_bus = NULL;
+ _cleanup_close_ int master = -1;
+ Machine *m = userdata;
+ const char *p;
+ int r;
- pair[1] = safe_close(pair[1]);
+ master = openpt_in_namespace(m->leader, O_RDWR|O_NOCTTY|O_CLOEXEC);
+ if (master < 0)
+ return master;
- r = wait_for_terminate(child, &si);
+ r = ptsname_malloc(master, &pty_name);
if (r < 0)
return r;
- if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
- return -EIO;
- if (recvmsg(pair[0], &mh, MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) < 0)
+ p = path_startswith(pty_name, "/dev/pts/");
+ if (!p)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "PTS name %s is invalid", pty_name);
+
+ if (unlockpt(master) < 0)
return -errno;
- for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg))
- if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
- int *fds;
- unsigned n_fds;
+ r = sd_bus_new(&container_bus);
+ if (r < 0)
+ return r;
- fds = (int*) CMSG_DATA(cmsg);
- n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
+#ifdef ENABLE_KDBUS
+ asprintf(&container_bus->address, "x-container-kernel:pid=" PID_FMT ";x-container-unix:pid=" PID_FMT, m->leader, m->leader);
+#else
+ asprintf(&container_bus->address, "x-container-kernel:pid=" PID_FMT, m->leader);
+#endif
+ if (!container_bus->address)
+ return -ENOMEM;
- if (n_fds != 1) {
- close_many(fds, n_fds);
- return -EIO;
- }
+ container_bus->bus_client = true;
+ container_bus->trusted = false;
+ container_bus->is_system = true;
- master = fds[0];
- }
+ r = sd_bus_start(container_bus);
+ if (r < 0)
+ return r;
- if (master < 0)
- return -EIO;
+ getty = strjoin("container-getty@", p, ".service", NULL);
+ if (!getty)
+ return -ENOMEM;
- r = ptsname_malloc(master, &pty_name);
+ r = sd_bus_call_method(
+ container_bus,
+ "org.freedesktop.systemd1",
+ "/org/freedesktop/systemd1",
+ "org.freedesktop.systemd1.Manager",
+ "StartUnit",
+ error, NULL,
+ "ss", getty, "replace");
if (r < 0)
return r;
+ container_bus = sd_bus_unref(container_bus);
+
r = sd_bus_message_new_method_return(message, &reply);
if (r < 0)
return r;
diff --git a/src/machine/machine.h b/src/machine/machine.h
index e1094c2..3a78ab4 100644
--- a/src/machine/machine.h
+++ b/src/machine/machine.h
@@ -105,6 +105,7 @@ int bus_machine_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata
int bus_machine_method_get_addresses(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_machine_method_get_os_release(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_machine_method_open_pty(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error);
+int bus_machine_method_open_login(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error);
int machine_send_signal(Machine *m, bool new_machine);
int machine_send_create_reply(Machine *m, sd_bus_error *error);
diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c
index 370d04a..5ce091b 100644
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@@ -536,6 +536,27 @@ static int method_open_machine_pty(sd_bus *bus, sd_bus_message *message, void *u
return bus_machine_method_open_pty(bus, message, machine, error);
}
+static int method_open_machine_login(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) {
+ Manager *m = userdata;
+ Machine *machine;
+ const char *name;
+ int r;
+
+ assert(bus);
+ assert(message);
+ assert(m);
+
+ r = sd_bus_message_read(message, "s", &name);
+ if (r < 0)
+ return sd_bus_error_set_errno(error, r);
+
+ machine = hashmap_get(m->machines, name);
+ if (!machine)
+ return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_MACHINE, "No machine '%s' known", name);
+
+ return bus_machine_method_open_login(bus, message, machine, error);
+}
+
const sd_bus_vtable manager_vtable[] = {
SD_BUS_VTABLE_START(0),
SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, SD_BUS_VTABLE_UNPRIVILEGED),
@@ -552,6 +573,7 @@ const sd_bus_vtable manager_vtable[] = {
SD_BUS_METHOD("GetMachineAddresses", "s", "a(iay)", method_get_machine_addresses, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetMachineOSRelease", "s", "a{ss}", method_get_machine_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("OpenMachinePTY", "s", "hs", method_open_machine_pty, 0),
+ SD_BUS_METHOD("OpenMachineLogin", "s", "hs", method_open_machine_login, 0),
SD_BUS_SIGNAL("MachineNew", "so", 0),
SD_BUS_SIGNAL("MachineRemoved", "so", 0),
SD_BUS_VTABLE_END
diff --git a/src/shared/util.c b/src/shared/util.c
index 6bd278e..97ff320 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -7473,3 +7473,89 @@ int ptsname_malloc(int fd, char **ret) {
l *= 2;
}
}
+
+int openpt_in_namespace(pid_t pid, int flags) {
+ _cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1;
+ _cleanup_close_pair_ int pair[2] = { -1, -1 };
+ union {
+ struct cmsghdr cmsghdr;
+ uint8_t buf[CMSG_SPACE(sizeof(int))];
+ } control = {};
+ struct msghdr mh = {
+ .msg_control = &control,
+ .msg_controllen = sizeof(control),
+ };
+ struct cmsghdr *cmsg;
+ siginfo_t si;
+ pid_t child;
+ int r;
+
+ assert(pid > 0);
+
+ r = namespace_open(pid, &pidnsfd, &mntnsfd, NULL, &rootfd);
+ if (r < 0)
+ return r;
+
+ if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0)
+ return -errno;
+
+ child = fork();
+ if (child < 0)
+ return -errno;
+
+ if (child == 0) {
+ int master;
+
+ pair[0] = safe_close(pair[0]);
+
+ r = namespace_enter(pidnsfd, mntnsfd, -1, rootfd);
+ if (r < 0)
+ _exit(EXIT_FAILURE);
+
+ master = posix_openpt(flags);
+ if (master < 0)
+ _exit(EXIT_FAILURE);
+
+ cmsg = CMSG_FIRSTHDR(&mh);
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_type = SCM_RIGHTS;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+ memcpy(CMSG_DATA(cmsg), &master, sizeof(int));
+
+ mh.msg_controllen = cmsg->cmsg_len;
+
+ if (sendmsg(pair[1], &mh, MSG_NOSIGNAL) < 0)
+ _exit(EXIT_FAILURE);
+
+ _exit(EXIT_SUCCESS);
+ }
+
+ pair[1] = safe_close(pair[1]);
+
+ r = wait_for_terminate(child, &si);
+ if (r < 0)
+ return r;
+ if (si.si_code != CLD_EXITED || si.si_status != EXIT_SUCCESS)
+ return -EIO;
+
+ if (recvmsg(pair[0], &mh, MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) < 0)
+ return -errno;
+
+ for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg))
+ if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
+ int *fds;
+ unsigned n_fds;
+
+ fds = (int*) CMSG_DATA(cmsg);
+ n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
+
+ if (n_fds != 1) {
+ close_many(fds, n_fds);
+ return -EIO;
+ }
+
+ return fds[0];
+ }
+
+ return -EIO;
+}
diff --git a/src/shared/util.h b/src/shared/util.h
index d3e78e4..ec0a663 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -1054,3 +1054,5 @@ int sethostname_idempotent(const char *s);
#define laccess(path, mode) faccessat(AT_FDCWD, (path), (mode), AT_SYMLINK_NOFOLLOW)
int ptsname_malloc(int fd, char **ret);
+
+int openpt_in_namespace(pid_t pid, int flags);
commit ee502e0c28a611470a4e10b0c90bade6ff7fa389
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:11:48 2014 +0100
sd-bus: teach x-container-unix: bus protoocol to connect to the namespace of a PID instead of a container name
diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c
index dd4bf15..d29b98a 100644
--- a/src/libsystemd/sd-bus/bus-container.c
+++ b/src/libsystemd/sd-bus/bus-container.c
@@ -30,19 +30,22 @@
int bus_container_connect_socket(sd_bus *b) {
_cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1;
- pid_t leader, child;
+ pid_t child;
siginfo_t si;
int r;
assert(b);
assert(b->input_fd < 0);
assert(b->output_fd < 0);
+ assert(b->nspid > 0 || b->machine);
- r = container_get_leader(b->machine, &leader);
- if (r < 0)
- return r;
+ if (b->nspid <= 0) {
+ r = container_get_leader(b->machine, &b->nspid);
+ if (r < 0)
+ return r;
+ }
- r = namespace_open(leader, &pidnsfd, &mntnsfd, NULL, &rootfd);
+ r = namespace_open(b->nspid, &pidnsfd, &mntnsfd, NULL, &rootfd);
if (r < 0)
return r;
@@ -127,7 +130,7 @@ int bus_container_connect_kernel(sd_bus *b) {
.msg_controllen = sizeof(control),
};
struct cmsghdr *cmsg;
- pid_t leader, child;
+ pid_t child;
siginfo_t si;
int r;
_cleanup_close_ int fd = -1;
@@ -135,12 +138,15 @@ int bus_container_connect_kernel(sd_bus *b) {
assert(b);
assert(b->input_fd < 0);
assert(b->output_fd < 0);
+ assert(b->nspid > 0 || b->machine);
- r = container_get_leader(b->machine, &leader);
- if (r < 0)
- return r;
+ if (b->nspid <= 0) {
+ r = container_get_leader(b->machine, &b->nspid);
+ if (r < 0)
+ return r;
+ }
- r = namespace_open(leader, &pidnsfd, &mntnsfd, NULL, &rootfd);
+ r = namespace_open(b->nspid, &pidnsfd, &mntnsfd, NULL, &rootfd);
if (r < 0)
return r;
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
index cb529d5..48c20c9 100644
--- a/src/libsystemd/sd-bus/bus-internal.h
+++ b/src/libsystemd/sd-bus/bus-internal.h
@@ -245,6 +245,7 @@ struct sd_bus {
char *kernel;
char *machine;
+ pid_t nspid;
sd_id128_t server_id;
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index fd59bac..69ee239 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -756,7 +756,7 @@ static int parse_kernel_address(sd_bus *b, const char **p, char **guid) {
}
static int parse_container_unix_address(sd_bus *b, const char **p, char **guid) {
- _cleanup_free_ char *machine = NULL;
+ _cleanup_free_ char *machine = NULL, *pid = NULL;
int r;
assert(b);
@@ -777,18 +777,36 @@ static int parse_container_unix_address(sd_bus *b, const char **p, char **guid)
else if (r > 0)
continue;
+ r = parse_address_key(p, "pid", &pid);
+ if (r < 0)
+ return r;
+ else if (r > 0)
+ continue;
+
skip_address_key(p);
}
- if (!machine)
+ if (!machine == !pid)
return -EINVAL;
- if (!machine_name_is_valid(machine))
- return -EINVAL;
+ if (machine) {
+ if (!machine_name_is_valid(machine))
+ return -EINVAL;
- free(b->machine);
- b->machine = machine;
- machine = NULL;
+ free(b->machine);
+ b->machine = machine;
+ machine = NULL;
+ } else {
+ free(b->machine);
+ b->machine = NULL;
+ }
+
+ if (pid) {
+ r = parse_pid(pid, &b->nspid);
+ if (r < 0)
+ return r;
+ } else
+ b->nspid = 0;
b->sockaddr.un.sun_family = AF_UNIX;
strncpy(b->sockaddr.un.sun_path, "/var/run/dbus/system_bus_socket", sizeof(b->sockaddr.un.sun_path));
@@ -798,7 +816,7 @@ static int parse_container_unix_address(sd_bus *b, const char **p, char **guid)
}
static int parse_container_kernel_address(sd_bus *b, const char **p, char **guid) {
- _cleanup_free_ char *machine = NULL;
+ _cleanup_free_ char *machine = NULL, *pid = NULL;
int r;
assert(b);
@@ -819,18 +837,36 @@ static int parse_container_kernel_address(sd_bus *b, const char **p, char **guid
else if (r > 0)
continue;
+ r = parse_address_key(p, "pid", &pid);
+ if (r < 0)
+ return r;
+ else if (r > 0)
+ continue;
+
skip_address_key(p);
}
- if (!machine)
+ if (!machine == !pid)
return -EINVAL;
- if (!machine_name_is_valid(machine))
- return -EINVAL;
+ if (machine) {
+ if (!machine_name_is_valid(machine))
+ return -EINVAL;
- free(b->machine);
- b->machine = machine;
- machine = NULL;
+ free(b->machine);
+ b->machine = machine;
+ machine = NULL;
+ } else {
+ free(b->machine);
+ b->machine = NULL;
+ }
+
+ if (pid) {
+ r = parse_pid(pid, &b->nspid);
+ if (r < 0)
+ return r;
+ } else
+ b->nspid = 0;
free(b->kernel);
b->kernel = strdup("/sys/fs/kdbus/0-system/bus");
@@ -854,6 +890,7 @@ static void bus_reset_parsed_address(sd_bus *b) {
b->kernel = NULL;
free(b->machine);
b->machine = NULL;
+ b->nspid = 0;
}
static int bus_parse_next_address(sd_bus *b) {
@@ -958,9 +995,9 @@ static int bus_start_address(sd_bus *b) {
if (b->exec_path)
r = bus_socket_exec(b);
- else if (b->machine && b->kernel)
+ else if ((b->nspid > 0 || b->machine) && b->kernel)
r = bus_container_connect_kernel(b);
- else if (b->machine && b->sockaddr.sa.sa_family != AF_UNSPEC)
+ else if ((b->nspid > 0 || b->machine) && b->sockaddr.sa.sa_family != AF_UNSPEC)
r = bus_container_connect_socket(b);
else if (b->kernel)
r = bus_kernel_connect(b);
commit 080bfdbb8e9f3d23594b101d7f50e7e2f9e4699b
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:07:01 2014 +0100
condition: don't include files from src/core
diff --git a/src/shared/condition.c b/src/shared/condition.c
index 3a34529..4faca2b 100644
--- a/src/shared/condition.c
+++ b/src/shared/condition.c
@@ -31,7 +31,6 @@
#include "virt.h"
#include "path-util.h"
#include "fileio.h"
-#include "unit.h"
#include "architecture.h"
#include "smack-util.h"
#include "apparmor-util.h"
commit 6eeeb84c96d3f42c0e7726f8f45c06a0a886b4e4
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:05:23 2014 +0100
import: fix compiler warning
diff --git a/src/import/import-dkr.c b/src/import/import-dkr.c
index e2910f9..205deb9 100644
--- a/src/import/import-dkr.c
+++ b/src/import/import-dkr.c
@@ -1103,7 +1103,7 @@ int dkr_import_pull(DkrImport *import, const char *index_url, const char *name,
return -ENOMEM;
e = endswith(n->index_url, "/");
if (e)
- *e = NULL;
+ *e = 0;
n->name = strdup(name);
if (!n->name)
commit 039f0e70a0fcd71dcf7cc2f3ba2cea2e3b186a60
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 19:04:56 2014 +0100
env-util: don't include files from src/core/
diff --git a/src/core/execute.c b/src/core/execute.c
index c472dad..a806d42 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2026,6 +2026,17 @@ void exec_command_free_array(ExecCommand **c, unsigned n) {
c[i] = exec_command_free_list(c[i]);
}
+typedef struct InvalidEnvInfo {
+ const char *unit_id;
+ const char *path;
+} InvalidEnvInfo;
+
+static void invalid_env(const char *p, void *userdata) {
+ InvalidEnvInfo *info = userdata;
+
+ log_unit_error(info->unit_id, "Ignoring invalid environment assignment '%s': %s", p, info->path);
+}
+
int exec_context_load_environment(const ExecContext *c, const char *unit_id, char ***l) {
char **i, **r = NULL;
@@ -2082,8 +2093,14 @@ int exec_context_load_environment(const ExecContext *c, const char *unit_id, cha
return k;
}
/* Log invalid environment variables with filename */
- if (p)
- p = strv_env_clean_log(p, unit_id, pglob.gl_pathv[n]);
+ if (p) {
+ InvalidEnvInfo info = {
+ .unit_id = unit_id,
+ .path = pglob.gl_pathv[n]
+ };
+
+ p = strv_env_clean_with_callback(p, invalid_env, &info);
+ }
if (r == NULL)
r = p;
diff --git a/src/shared/env-util.c b/src/shared/env-util.c
index fbdc73d..038246d 100644
--- a/src/shared/env-util.c
+++ b/src/shared/env-util.c
@@ -28,7 +28,6 @@
#include "util.h"
#include "env-util.h"
#include "def.h"
-#include "unit.h"
#define VALID_CHARS_ENV_NAME \
DIGITS LETTERS \
@@ -415,7 +414,7 @@ char *strv_env_get(char **l, const char *name) {
return strv_env_get_n(l, name, strlen(name));
}
-char **strv_env_clean_log(char **e, const char *unit_id, const char *message) {
+char **strv_env_clean_with_callback(char **e, void (*invalid_callback)(const char *p, void *userdata), void *userdata) {
char **p, **q;
int k = 0;
@@ -424,8 +423,8 @@ char **strv_env_clean_log(char **e, const char *unit_id, const char *message) {
bool duplicate = false;
if (!env_assignment_is_valid(*p)) {
- if (message)
- log_unit_error(unit_id, "Ignoring invalid environment '%s': %s", *p, message);
+ if (invalid_callback)
+ invalid_callback(*p, userdata);
free(*p);
continue;
}
@@ -450,7 +449,3 @@ char **strv_env_clean_log(char **e, const char *unit_id, const char *message) {
return e;
}
-
-char **strv_env_clean(char **e) {
- return strv_env_clean_log(e, NULL, NULL);
-}
diff --git a/src/shared/env-util.h b/src/shared/env-util.h
index 3c6f9d7..fb3a52b 100644
--- a/src/shared/env-util.h
+++ b/src/shared/env-util.h
@@ -29,8 +29,8 @@ bool env_value_is_valid(const char *e);
bool env_assignment_is_valid(const char *e);
bool strv_env_is_valid(char **e);
-char **strv_env_clean(char **l);
-char **strv_env_clean_log(char **e, const char *unit_id, const char *message);
+#define strv_env_clean(l) strv_env_clean_with_callback(l, NULL, NULL)
+char **strv_env_clean_with_callback(char **l, void (*invalid_callback)(const char *p, void *userdata), void *userdata);
bool strv_env_name_or_assignment_is_valid(char **l);
diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c
index cdf1973..63e4a19 100644
--- a/src/test/test-fileio.c
+++ b/src/test/test-fileio.c
@@ -90,7 +90,7 @@ static void test_parse_env_file(void) {
assert_se(streq_ptr(a[9], "ten="));
assert_se(a[10] == NULL);
- strv_env_clean_log(a, NULL, "test");
+ strv_env_clean(a);
k = 0;
STRV_FOREACH(i, b) {
commit 3c70e3bb022f0de3317f3600c9366a2f4597339e
Author: Lennart Poettering <lennart at poettering.net>
Date: Tue Dec 23 18:36:04 2014 +0100
core: rearrange code so that libsystemd/sd-bus/ does not include header files from core
Stuff in src/shared or src/libsystemd should *never* include code from
src/core or any of the tools, so don't do that here either. It's not OK!
diff --git a/Makefile.am b/Makefile.am
index 904517f..96c9fc4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1046,10 +1046,10 @@ libsystemd_core_la_SOURCES = \
src/core/socket.h \
src/core/busname.c \
src/core/busname.h \
- src/core/bus-common.c \
- src/core/bus-common.h \
src/core/bus-endpoint.c \
src/core/bus-endpoint.h \
+ src/core/bus-policy.c \
+ src/core/bus-policy.h \
src/core/target.c \
src/core/target.h \
src/core/snapshot.c \
@@ -1713,8 +1713,8 @@ test_unaligned_SOURCES = \
test_tables_SOURCES = \
src/test/test-tables.c \
src/shared/test-tables.h \
- src/bus-proxyd/bus-policy.c \
- src/bus-proxyd/bus-policy.h \
+ src/bus-proxyd/bus-xml-policy.c \
+ src/bus-proxyd/bus-xml-policy.h \
src/journal/journald-server.c \
src/journal/journald-server.h
@@ -1948,9 +1948,9 @@ test_conf_files_LDADD = \
libsystemd-shared.la
test_bus_policy_SOURCES = \
- src/bus-proxyd/test-bus-policy.c \
- src/bus-proxyd/bus-policy.c \
- src/bus-proxyd/bus-policy.h
+ src/bus-proxyd/test-bus-xml-policy.c \
+ src/bus-proxyd/bus-xml-policy.c \
+ src/bus-proxyd/bus-xml-policy.h
test_bus_policy_LDADD = \
libsystemd-internal.la \
@@ -2598,8 +2598,8 @@ systemd_run_LDADD = \
# ------------------------------------------------------------------------------
systemd_bus_proxyd_SOURCES = \
src/bus-proxyd/bus-proxyd.c \
- src/bus-proxyd/bus-policy.c \
- src/bus-proxyd/bus-policy.h
+ src/bus-proxyd/bus-xml-policy.c \
+ src/bus-proxyd/bus-xml-policy.h
systemd_bus_proxyd_LDADD = \
libsystemd-internal.la \
diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c
deleted file mode 100644
index 59cc1d7..0000000
--- a/src/bus-proxyd/bus-policy.c
+++ /dev/null
@@ -1,1050 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "xml.h"
-#include "fileio.h"
-#include "strv.h"
-#include "conf-files.h"
-#include "bus-internal.h"
-#include "bus-message.h"
-#include "bus-policy.h"
-
-static void policy_item_free(PolicyItem *i) {
- assert(i);
-
- free(i->interface);
- free(i->member);
- free(i->error);
- free(i->name);
- free(i->path);
- free(i);
-}
-
-DEFINE_TRIVIAL_CLEANUP_FUNC(PolicyItem*, policy_item_free);
-
-static void item_append(PolicyItem *i, PolicyItem **list) {
-
- PolicyItem *tail;
-
- LIST_FIND_TAIL(items, *list, tail);
- LIST_INSERT_AFTER(items, *list, tail, i);
-}
-
-static int file_load(Policy *p, const char *path) {
-
- _cleanup_free_ char *c = NULL, *policy_user = NULL, *policy_group = NULL;
- _cleanup_(policy_item_freep) PolicyItem *i = NULL;
- void *xml_state = NULL;
- unsigned n_other = 0;
- const char *q;
- int r;
-
- enum {
- STATE_OUTSIDE,
- STATE_BUSCONFIG,
- STATE_POLICY,
- STATE_POLICY_CONTEXT,
- STATE_POLICY_USER,
- STATE_POLICY_GROUP,
- STATE_POLICY_OTHER_ATTRIBUTE,
- STATE_ALLOW_DENY,
- STATE_ALLOW_DENY_INTERFACE,
- STATE_ALLOW_DENY_MEMBER,
- STATE_ALLOW_DENY_ERROR,
- STATE_ALLOW_DENY_PATH,
- STATE_ALLOW_DENY_MESSAGE_TYPE,
- STATE_ALLOW_DENY_NAME,
- STATE_ALLOW_DENY_OTHER_ATTRIBUTE,
- STATE_OTHER,
- } state = STATE_OUTSIDE;
-
- enum {
- POLICY_CATEGORY_NONE,
- POLICY_CATEGORY_DEFAULT,
- POLICY_CATEGORY_MANDATORY,
- POLICY_CATEGORY_USER,
- POLICY_CATEGORY_GROUP
- } policy_category = POLICY_CATEGORY_NONE;
-
- unsigned line = 0;
-
- assert(p);
-
- r = read_full_file(path, &c, NULL);
- if (r < 0) {
- if (r == -ENOENT)
- return 0;
- if (r == -EISDIR)
- return r;
-
- return log_error_errno(r, "Failed to load %s: %m", path);
- }
-
- q = c;
- for (;;) {
- _cleanup_free_ char *name = NULL;
- int t;
-
- t = xml_tokenize(&q, &name, &xml_state, &line);
- if (t < 0)
- return log_error_errno(t, "XML parse failure in %s: %m", path);
-
- switch (state) {
-
- case STATE_OUTSIDE:
-
- if (t == XML_TAG_OPEN) {
- if (streq(name, "busconfig"))
- state = STATE_BUSCONFIG;
- else {
- log_error("Unexpected tag %s at %s:%u.", name, path, line);
- return -EINVAL;
- }
-
- } else if (t == XML_END)
- return 0;
- else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
- log_error("Unexpected token (1) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_BUSCONFIG:
-
- if (t == XML_TAG_OPEN) {
- if (streq(name, "policy")) {
- state = STATE_POLICY;
- policy_category = POLICY_CATEGORY_NONE;
- free(policy_user);
- free(policy_group);
- policy_user = policy_group = NULL;
- } else {
- state = STATE_OTHER;
- n_other = 0;
- }
- } else if (t == XML_TAG_CLOSE_EMPTY ||
- (t == XML_TAG_CLOSE && streq(name, "busconfig")))
- state = STATE_OUTSIDE;
- else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
- log_error("Unexpected token (2) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_POLICY:
-
- if (t == XML_ATTRIBUTE_NAME) {
- if (streq(name, "context"))
- state = STATE_POLICY_CONTEXT;
- else if (streq(name, "user"))
- state = STATE_POLICY_USER;
- else if (streq(name, "group"))
- state = STATE_POLICY_GROUP;
- else {
- if (streq(name, "at_console"))
- log_debug("Attribute %s of <policy> tag unsupported at %s:%u, ignoring.", name, path, line);
- else
- log_warning("Attribute %s of <policy> tag unknown at %s:%u, ignoring.", name, path, line);
- state = STATE_POLICY_OTHER_ATTRIBUTE;
- }
- } else if (t == XML_TAG_CLOSE_EMPTY ||
- (t == XML_TAG_CLOSE && streq(name, "policy")))
- state = STATE_BUSCONFIG;
- else if (t == XML_TAG_OPEN) {
- PolicyItemType it;
-
- if (streq(name, "allow"))
- it = POLICY_ITEM_ALLOW;
- else if (streq(name, "deny"))
- it = POLICY_ITEM_DENY;
- else {
- log_warning("Unknown tag %s in <policy> %s:%u.", name, path, line);
- return -EINVAL;
- }
-
- assert(!i);
- i = new0(PolicyItem, 1);
- if (!i)
- return log_oom();
-
- i->type = it;
- state = STATE_ALLOW_DENY;
-
- } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
- log_error("Unexpected token (3) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_POLICY_CONTEXT:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- if (streq(name, "default")) {
- policy_category = POLICY_CATEGORY_DEFAULT;
- state = STATE_POLICY;
- } else if (streq(name, "mandatory")) {
- policy_category = POLICY_CATEGORY_MANDATORY;
- state = STATE_POLICY;
- } else {
- log_error("context= parameter %s unknown for <policy> at %s:%u.", name, path, line);
- return -EINVAL;
- }
- } else {
- log_error("Unexpected token (4) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_POLICY_USER:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- free(policy_user);
- policy_user = name;
- name = NULL;
- policy_category = POLICY_CATEGORY_USER;
- state = STATE_POLICY;
- } else {
- log_error("Unexpected token (5) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_POLICY_GROUP:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- free(policy_group);
- policy_group = name;
- name = NULL;
- policy_category = POLICY_CATEGORY_GROUP;
- state = STATE_POLICY;
- } else {
- log_error("Unexpected token (6) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_POLICY_OTHER_ATTRIBUTE:
-
- if (t == XML_ATTRIBUTE_VALUE)
- state = STATE_POLICY;
- else {
- log_error("Unexpected token (7) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY:
-
- assert(i);
-
- if (t == XML_ATTRIBUTE_NAME) {
- PolicyItemClass ic;
-
- if (startswith(name, "send_"))
- ic = POLICY_ITEM_SEND;
- else if (startswith(name, "receive_"))
- ic = POLICY_ITEM_RECV;
- else if (streq(name, "own"))
- ic = POLICY_ITEM_OWN;
- else if (streq(name, "own_prefix"))
- ic = POLICY_ITEM_OWN_PREFIX;
- else if (streq(name, "user"))
- ic = POLICY_ITEM_USER;
- else if (streq(name, "group"))
- ic = POLICY_ITEM_GROUP;
- else if (streq(name, "eavesdrop")) {
- log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
- i->class = POLICY_ITEM_IGNORE;
- state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
- break;
- } else {
- log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
- state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
- break;
- }
-
- if (i->class != _POLICY_ITEM_CLASS_UNSET && ic != i->class) {
- log_error("send_ and receive_ fields mixed on same tag at %s:%u.", path, line);
- return -EINVAL;
- }
-
- i->class = ic;
-
- if (ic == POLICY_ITEM_SEND || ic == POLICY_ITEM_RECV) {
- const char *u;
-
- u = strchr(name, '_');
- assert(u);
-
- u++;
-
- if (streq(u, "interface"))
- state = STATE_ALLOW_DENY_INTERFACE;
- else if (streq(u, "member"))
- state = STATE_ALLOW_DENY_MEMBER;
- else if (streq(u, "error"))
- state = STATE_ALLOW_DENY_ERROR;
- else if (streq(u, "path"))
- state = STATE_ALLOW_DENY_PATH;
- else if (streq(u, "type"))
- state = STATE_ALLOW_DENY_MESSAGE_TYPE;
- else if ((streq(u, "destination") && ic == POLICY_ITEM_SEND) ||
- (streq(u, "sender") && ic == POLICY_ITEM_RECV))
- state = STATE_ALLOW_DENY_NAME;
- else {
- if (streq(u, "requested_reply"))
- log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
- else
- log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
- state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
- break;
- }
- } else
- state = STATE_ALLOW_DENY_NAME;
-
- } else if (t == XML_TAG_CLOSE_EMPTY ||
- (t == XML_TAG_CLOSE && streq(name, i->type == POLICY_ITEM_ALLOW ? "allow" : "deny"))) {
-
- if (i->class == _POLICY_ITEM_CLASS_UNSET) {
- log_error("Policy not set at %s:%u.", path, line);
- return -EINVAL;
- }
-
- if (policy_category == POLICY_CATEGORY_DEFAULT)
- item_append(i, &p->default_items);
- else if (policy_category == POLICY_CATEGORY_MANDATORY)
- item_append(i, &p->mandatory_items);
- else if (policy_category == POLICY_CATEGORY_USER) {
- const char *u = policy_user;
-
- assert_cc(sizeof(uid_t) == sizeof(uint32_t));
-
- r = hashmap_ensure_allocated(&p->user_items, NULL);
- if (r < 0)
- return log_oom();
-
- if (!u) {
- log_error("User policy without name");
- return -EINVAL;
- }
-
- r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
- if (r < 0) {
- log_error_errno(r, "Failed to resolve user %s, ignoring policy: %m", u);
- free(i);
- } else {
- PolicyItem *first;
-
- first = hashmap_get(p->user_items, UINT32_TO_PTR(i->uid));
- item_append(i, &first);
- i->uid_valid = true;
-
- r = hashmap_replace(p->user_items, UINT32_TO_PTR(i->uid), first);
- if (r < 0) {
- LIST_REMOVE(items, first, i);
- return log_oom();
- }
- }
-
- } else if (policy_category == POLICY_CATEGORY_GROUP) {
- const char *g = policy_group;
-
- assert_cc(sizeof(gid_t) == sizeof(uint32_t));
-
- r = hashmap_ensure_allocated(&p->group_items, NULL);
- if (r < 0)
- return log_oom();
-
- if (!g) {
- log_error("Group policy without name");
- return -EINVAL;
- }
-
- r = get_group_creds(&g, &i->gid);
- if (r < 0) {
- log_error_errno(r, "Failed to resolve group %s, ignoring policy: %m", g);
- free(i);
- } else {
- PolicyItem *first;
-
- first = hashmap_get(p->group_items, UINT32_TO_PTR(i->gid));
- item_append(i, &first);
- i->gid_valid = true;
-
- r = hashmap_replace(p->group_items, UINT32_TO_PTR(i->gid), first);
- if (r < 0) {
- LIST_REMOVE(items, first, i);
- return log_oom();
- }
- }
- }
-
- state = STATE_POLICY;
- i = NULL;
-
- } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
- log_error("Unexpected token (8) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_INTERFACE:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- assert(i);
- if (i->interface) {
- log_error("Duplicate interface at %s:%u.", path, line);
- return -EINVAL;
- }
-
- i->interface = name;
- name = NULL;
- state = STATE_ALLOW_DENY;
- } else {
- log_error("Unexpected token (9) at %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_MEMBER:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- assert(i);
- if (i->member) {
- log_error("Duplicate member in %s:%u.", path, line);
- return -EINVAL;
- }
-
- i->member = name;
- name = NULL;
- state = STATE_ALLOW_DENY;
- } else {
- log_error("Unexpected token (10) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_ERROR:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- assert(i);
- if (i->error) {
- log_error("Duplicate error in %s:%u.", path, line);
- return -EINVAL;
- }
-
- i->error = name;
- name = NULL;
- state = STATE_ALLOW_DENY;
- } else {
- log_error("Unexpected token (11) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_PATH:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- assert(i);
- if (i->path) {
- log_error("Duplicate path in %s:%u.", path, line);
- return -EINVAL;
- }
-
- i->path = name;
- name = NULL;
- state = STATE_ALLOW_DENY;
- } else {
- log_error("Unexpected token (12) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_MESSAGE_TYPE:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- assert(i);
-
- if (i->message_type != 0) {
- log_error("Duplicate message type in %s:%u.", path, line);
- return -EINVAL;
- }
-
- r = bus_message_type_from_string(name, &i->message_type);
- if (r < 0) {
- log_error("Invalid message type in %s:%u.", path, line);
- return -EINVAL;
- }
-
- state = STATE_ALLOW_DENY;
- } else {
- log_error("Unexpected token (13) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_NAME:
-
- if (t == XML_ATTRIBUTE_VALUE) {
- assert(i);
- if (i->name) {
- log_error("Duplicate name in %s:%u.", path, line);
- return -EINVAL;
- }
-
- switch (i->class) {
- case POLICY_ITEM_USER:
- if (!streq(name, "*")) {
- const char *u = name;
-
- r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
- if (r < 0)
- log_error_errno(r, "Failed to resolve user %s: %m", name);
- else
- i->uid_valid = true;
- }
- break;
- case POLICY_ITEM_GROUP:
- if (!streq(name, "*")) {
- const char *g = name;
-
- r = get_group_creds(&g, &i->gid);
- if (r < 0)
- log_error_errno(r, "Failed to resolve group %s: %m", name);
- else
- i->gid_valid = true;
- }
- break;
- default:
- break;
- }
-
- i->name = name;
- name = NULL;
-
- state = STATE_ALLOW_DENY;
- } else {
- log_error("Unexpected token (14) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_ALLOW_DENY_OTHER_ATTRIBUTE:
-
- if (t == XML_ATTRIBUTE_VALUE)
- state = STATE_ALLOW_DENY;
- else {
- log_error("Unexpected token (15) in %s:%u.", path, line);
- return -EINVAL;
- }
-
- break;
-
- case STATE_OTHER:
-
- if (t == XML_TAG_OPEN)
- n_other++;
- else if (t == XML_TAG_CLOSE || t == XML_TAG_CLOSE_EMPTY) {
-
- if (n_other == 0)
- state = STATE_BUSCONFIG;
- else
- n_other--;
- }
-
- break;
- }
- }
-}
-
-enum {
- DENY,
- ALLOW,
- DUNNO,
-};
-
-static const char *verdict_to_string(int v) {
- switch (v) {
-
- case DENY:
- return "DENY";
- case ALLOW:
- return "ALLOW";
- case DUNNO:
- return "DUNNO";
- }
-
- return NULL;
-}
-
-struct policy_check_filter {
- PolicyItemClass class;
- uid_t uid;
- gid_t gid;
- int message_type;
- const char *name;
- const char *interface;
- const char *path;
- const char *member;
-};
-
-static int is_permissive(PolicyItem *i) {
-
- assert(i);
-
- return (i->type == POLICY_ITEM_ALLOW) ? ALLOW : DENY;
-}
-
-static int check_policy_item(PolicyItem *i, const struct policy_check_filter *filter) {
-
- assert(i);
- assert(filter);
-
- switch (i->class) {
- case POLICY_ITEM_SEND:
- case POLICY_ITEM_RECV:
-
- if (i->name && !streq_ptr(i->name, filter->name))
- break;
-
- if ((i->message_type != 0) && (i->message_type != filter->message_type))
- break;
-
- if (i->path && !streq_ptr(i->path, filter->path))
- break;
-
- if (i->member && !streq_ptr(i->member, filter->member))
- break;
-
- if (i->interface && !streq_ptr(i->interface, filter->interface))
- break;
-
- return is_permissive(i);
-
- case POLICY_ITEM_OWN:
- assert(filter->name);
-
- if (streq(i->name, "*") || streq(i->name, filter->name))
- return is_permissive(i);
- break;
-
- case POLICY_ITEM_OWN_PREFIX:
- assert(filter->name);
-
- if (streq(i->name, "*") || service_name_startswith(filter->name, i->name))
- return is_permissive(i);
- break;
-
- case POLICY_ITEM_USER:
- if (filter->uid != UID_INVALID)
- if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->uid)))
- return is_permissive(i);
- break;
-
- case POLICY_ITEM_GROUP:
- if (filter->gid != GID_INVALID)
- if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->gid)))
- return is_permissive(i);
- break;
-
- case POLICY_ITEM_IGNORE:
- default:
- break;
- }
-
- return DUNNO;
-}
-
-static int check_policy_items(PolicyItem *items, const struct policy_check_filter *filter) {
-
- PolicyItem *i;
- int verdict = DUNNO;
-
- assert(filter);
-
- /* Check all policies in a set - a broader one might be followed by a more specific one,
- * and the order of rules in policy definitions matters */
- LIST_FOREACH(items, i, items) {
- int v;
-
- if (i->class != filter->class &&
- !(i->class == POLICY_ITEM_OWN_PREFIX && filter->class == POLICY_ITEM_OWN))
- continue;
-
- v = check_policy_item(i, filter);
- if (v != DUNNO)
- verdict = v;
- }
-
- return verdict;
-}
-
-static int policy_check(Policy *p, const struct policy_check_filter *filter) {
-
- PolicyItem *items;
- int verdict, v;
-
- assert(p);
- assert(filter);
-
- assert(IN_SET(filter->class, POLICY_ITEM_SEND, POLICY_ITEM_RECV, POLICY_ITEM_OWN, POLICY_ITEM_USER, POLICY_ITEM_GROUP));
-
- /*
- * The policy check is implemented by the following logic:
- *
- * 1. Check default items
- * 2. Check group items
- * 3. Check user items
- * 4. Check mandatory items
- *
- * Later rules override earlier rules.
- */
-
- verdict = check_policy_items(p->default_items, filter);
-
- if (filter->gid != GID_INVALID) {
- items = hashmap_get(p->group_items, UINT32_TO_PTR(filter->gid));
- if (items) {
- v = check_policy_items(items, filter);
- if (v != DUNNO)
- verdict = v;
- }
- }
-
- if (filter->uid != UID_INVALID) {
- items = hashmap_get(p->user_items, UINT32_TO_PTR(filter->uid));
- if (items) {
- v = check_policy_items(items, filter);
- if (v != DUNNO)
- verdict = v;
- }
- }
-
- v = check_policy_items(p->mandatory_items, filter);
- if (v != DUNNO)
- verdict = v;
-
- return verdict;
-}
-
-bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name) {
-
- struct policy_check_filter filter = {
- .class = POLICY_ITEM_OWN,
- .uid = uid,
- .gid = gid,
- .name = name,
- };
-
- int verdict;
-
- assert(p);
- assert(name);
-
- verdict = policy_check(p, &filter);
-
- log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
- "Ownership permission check for uid=" UID_FMT " gid=" GID_FMT" name=%s: %s",
- uid, gid, strna(name), strna(verdict_to_string(verdict)));
-
- return verdict == ALLOW;
-}
-
-bool policy_check_hello(Policy *p, uid_t uid, gid_t gid) {
-
- struct policy_check_filter filter = {
- .uid = uid,
- .gid = gid,
- };
- int verdict;
-
- assert(p);
-
- filter.class = POLICY_ITEM_USER;
- verdict = policy_check(p, &filter);
-
- if (verdict != DENY) {
- int v;
-
- filter.class = POLICY_ITEM_GROUP;
- v = policy_check(p, &filter);
- if (v != DUNNO)
- verdict = v;
- }
-
- log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
- "Hello permission check for uid=" UID_FMT " gid=" GID_FMT": %s",
- uid, gid, strna(verdict_to_string(verdict)));
-
- return verdict == ALLOW;
-}
-
-bool policy_check_recv(Policy *p,
- uid_t uid,
- gid_t gid,
- int message_type,
- const char *name,
- const char *path,
- const char *interface,
- const char *member) {
-
- struct policy_check_filter filter = {
- .class = POLICY_ITEM_RECV,
- .uid = uid,
- .gid = gid,
- .message_type = message_type,
- .name = name,
- .interface = interface,
- .path = path,
- .member = member,
- };
-
- int verdict;
-
- assert(p);
-
- verdict = policy_check(p, &filter);
-
- log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
- "Recieve permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s interface=%s path=%s member=%s: %s",
- uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
-
- return verdict == ALLOW;
-}
-
-bool policy_check_send(Policy *p,
- uid_t uid,
- gid_t gid,
- int message_type,
- const char *name,
- const char *path,
- const char *interface,
- const char *member) {
-
- struct policy_check_filter filter = {
- .class = POLICY_ITEM_SEND,
- .uid = uid,
- .gid = gid,
- .message_type = message_type,
- .name = name,
- .interface = interface,
- .path = path,
- .member = member,
- };
-
- int verdict;
-
- assert(p);
-
- verdict = policy_check(p, &filter);
-
- log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
- "Send permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s interface=%s path=%s member=%s: %s",
- uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
-
- return verdict == ALLOW;
-}
-
-int policy_load(Policy *p, char **files) {
- char **i;
- int r;
-
- assert(p);
-
- STRV_FOREACH(i, files) {
-
- r = file_load(p, *i);
- if (r == -EISDIR) {
- _cleanup_strv_free_ char **l = NULL;
- char **j;
-
- r = conf_files_list(&l, ".conf", NULL, *i, NULL);
- if (r < 0)
- return log_error_errno(r, "Failed to get configuration file list: %m");
-
- STRV_FOREACH(j, l)
- file_load(p, *j);
- }
-
- /* We ignore all errors but EISDIR, and just proceed. */
- }
-
- return 0;
-}
-
-void policy_free(Policy *p) {
- PolicyItem *i, *first;
-
- if (!p)
- return;
-
- while ((i = p->default_items)) {
- LIST_REMOVE(items, p->default_items, i);
- policy_item_free(i);
- }
-
- while ((i = p->mandatory_items)) {
- LIST_REMOVE(items, p->mandatory_items, i);
- policy_item_free(i);
- }
-
- while ((first = hashmap_steal_first(p->user_items))) {
-
- while ((i = first)) {
- LIST_REMOVE(items, first, i);
- policy_item_free(i);
- }
- }
-
- while ((first = hashmap_steal_first(p->group_items))) {
-
- while ((i = first)) {
- LIST_REMOVE(items, first, i);
- policy_item_free(i);
- }
- }
-
- hashmap_free(p->user_items);
- hashmap_free(p->group_items);
-
- p->user_items = p->group_items = NULL;
-}
-
-static void dump_items(PolicyItem *items, const char *prefix) {
-
- PolicyItem *i;
-
- if (!items)
- return;
-
- if (!prefix)
- prefix = "";
-
- LIST_FOREACH(items, i, items) {
-
- printf("%sType: %s\n"
- "%sClass: %s\n",
- prefix, policy_item_type_to_string(i->type),
- prefix, policy_item_class_to_string(i->class));
-
- if (i->interface)
- printf("%sInterface: %s\n",
- prefix, i->interface);
-
- if (i->member)
- printf("%sMember: %s\n",
- prefix, i->member);
-
- if (i->error)
- printf("%sError: %s\n",
- prefix, i->error);
-
- if (i->path)
- printf("%sPath: %s\n",
- prefix, i->path);
-
- if (i->name)
- printf("%sName: %s\n",
- prefix, i->name);
-
- if (i->message_type != 0)
- printf("%sMessage Type: %s\n",
- prefix, bus_message_type_to_string(i->message_type));
-
- if (i->uid_valid) {
- _cleanup_free_ char *user;
-
- user = uid_to_name(i->uid);
-
- printf("%sUser: %s (%d)\n",
- prefix, strna(user), i->uid);
- }
-
- if (i->gid_valid) {
- _cleanup_free_ char *group;
-
- group = gid_to_name(i->gid);
-
- printf("%sGroup: %s (%d)\n",
- prefix, strna(group), i->gid);
- }
- printf("%s-\n", prefix);
- }
-}
-
-static void dump_hashmap_items(Hashmap *h) {
- PolicyItem *i;
- Iterator j;
- void *k;
-
- HASHMAP_FOREACH_KEY(i, k, h, j) {
- printf("\t%s Item for %u:\n", draw_special_char(DRAW_ARROW), PTR_TO_UINT(k));
- dump_items(i, "\t\t");
- }
-}
-
-void policy_dump(Policy *p) {
-
- printf("%s Default Items:\n", draw_special_char(DRAW_ARROW));
- dump_items(p->default_items, "\t");
-
- printf("%s Group Items:\n", draw_special_char(DRAW_ARROW));
- dump_hashmap_items(p->group_items);
-
- printf("%s User Items:\n", draw_special_char(DRAW_ARROW));
- dump_hashmap_items(p->user_items);
-
- printf("%s Mandatory Items:\n", draw_special_char(DRAW_ARROW));
- dump_items(p->mandatory_items, "\t");
-}
-
-static const char* const policy_item_type_table[_POLICY_ITEM_TYPE_MAX] = {
- [_POLICY_ITEM_TYPE_UNSET] = "unset",
- [POLICY_ITEM_ALLOW] = "allow",
- [POLICY_ITEM_DENY] = "deny",
-};
-DEFINE_STRING_TABLE_LOOKUP(policy_item_type, PolicyItemType);
-
-static const char* const policy_item_class_table[_POLICY_ITEM_CLASS_MAX] = {
- [_POLICY_ITEM_CLASS_UNSET] = "unset",
- [POLICY_ITEM_SEND] = "send",
- [POLICY_ITEM_RECV] = "recv",
- [POLICY_ITEM_OWN] = "own",
- [POLICY_ITEM_OWN_PREFIX] = "own-prefix",
- [POLICY_ITEM_USER] = "user",
- [POLICY_ITEM_GROUP] = "group",
- [POLICY_ITEM_IGNORE] = "ignore",
-};
-DEFINE_STRING_TABLE_LOOKUP(policy_item_class, PolicyItemClass);
diff --git a/src/bus-proxyd/bus-policy.h b/src/bus-proxyd/bus-policy.h
deleted file mode 100644
index 933a53c..0000000
--- a/src/bus-proxyd/bus-policy.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <inttypes.h>
-
-#include "list.h"
-#include "hashmap.h"
-
-typedef enum PolicyItemType {
- _POLICY_ITEM_TYPE_UNSET = 0,
- POLICY_ITEM_ALLOW,
- POLICY_ITEM_DENY,
- _POLICY_ITEM_TYPE_MAX,
- _POLICY_ITEM_TYPE_INVALID = -1,
-} PolicyItemType;
-
-typedef enum PolicyItemClass {
- _POLICY_ITEM_CLASS_UNSET = 0,
- POLICY_ITEM_SEND,
- POLICY_ITEM_RECV,
- POLICY_ITEM_OWN,
- POLICY_ITEM_OWN_PREFIX,
- POLICY_ITEM_USER,
- POLICY_ITEM_GROUP,
- POLICY_ITEM_IGNORE,
- _POLICY_ITEM_CLASS_MAX,
- _POLICY_ITEM_CLASS_INVALID = -1,
-} PolicyItemClass;
-
-typedef struct PolicyItem PolicyItem;
-
-struct PolicyItem {
- PolicyItemType type;
- PolicyItemClass class;
- char *interface;
- char *member;
- char *error;
- char *path;
- char *name;
- uint8_t message_type;
- uid_t uid;
- gid_t gid;
-
- bool uid_valid, gid_valid;
-
- LIST_FIELDS(PolicyItem, items);
-};
-
-typedef struct Policy {
- LIST_HEAD(PolicyItem, default_items);
- LIST_HEAD(PolicyItem, mandatory_items);
- Hashmap *user_items;
- Hashmap *group_items;
-} Policy;
-
-int policy_load(Policy *p, char **files);
-void policy_free(Policy *p);
-
-bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name);
-bool policy_check_hello(Policy *p, uid_t uid, gid_t gid);
-bool policy_check_recv(Policy *p,
- uid_t uid,
- gid_t gid,
- int message_type,
- const char *name,
- const char *path,
- const char *interface,
- const char *member);
-bool policy_check_send(Policy *p,
- uid_t uid,
- gid_t gid,
- int message_type,
- const char *name,
- const char *path,
- const char *interface,
- const char *member);
-
-void policy_dump(Policy *p);
-
-const char* policy_item_type_to_string(PolicyItemType t) _const_;
-PolicyItemType policy_item_type_from_string(const char *s) _pure_;
-
-const char* policy_item_class_to_string(PolicyItemClass t) _const_;
-PolicyItemClass policy_item_class_from_string(const char *s) _pure_;
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 6da7fb9..64c11ff 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -44,9 +44,10 @@
#include "strv.h"
#include "def.h"
#include "capability.h"
-#include "bus-policy.h"
#include "bus-control.h"
#include "smack-util.h"
+#include "set.h"
+#include "bus-xml-policy.h"
static char *arg_address = NULL;
static char *arg_command_line_buffer = NULL;
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c
new file mode 100644
index 0000000..ac0e14b
--- /dev/null
+++ b/src/bus-proxyd/bus-xml-policy.c
@@ -0,0 +1,1050 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2013 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include "xml.h"
+#include "fileio.h"
+#include "strv.h"
+#include "conf-files.h"
+#include "bus-internal.h"
+#include "bus-message.h"
+#include "bus-xml-policy.h"
+
+static void policy_item_free(PolicyItem *i) {
+ assert(i);
+
+ free(i->interface);
+ free(i->member);
+ free(i->error);
+ free(i->name);
+ free(i->path);
+ free(i);
+}
+
+DEFINE_TRIVIAL_CLEANUP_FUNC(PolicyItem*, policy_item_free);
+
+static void item_append(PolicyItem *i, PolicyItem **list) {
+
+ PolicyItem *tail;
+
+ LIST_FIND_TAIL(items, *list, tail);
+ LIST_INSERT_AFTER(items, *list, tail, i);
+}
+
+static int file_load(Policy *p, const char *path) {
+
+ _cleanup_free_ char *c = NULL, *policy_user = NULL, *policy_group = NULL;
+ _cleanup_(policy_item_freep) PolicyItem *i = NULL;
+ void *xml_state = NULL;
+ unsigned n_other = 0;
+ const char *q;
+ int r;
+
+ enum {
+ STATE_OUTSIDE,
+ STATE_BUSCONFIG,
+ STATE_POLICY,
+ STATE_POLICY_CONTEXT,
+ STATE_POLICY_USER,
+ STATE_POLICY_GROUP,
+ STATE_POLICY_OTHER_ATTRIBUTE,
+ STATE_ALLOW_DENY,
+ STATE_ALLOW_DENY_INTERFACE,
+ STATE_ALLOW_DENY_MEMBER,
+ STATE_ALLOW_DENY_ERROR,
+ STATE_ALLOW_DENY_PATH,
+ STATE_ALLOW_DENY_MESSAGE_TYPE,
+ STATE_ALLOW_DENY_NAME,
+ STATE_ALLOW_DENY_OTHER_ATTRIBUTE,
+ STATE_OTHER,
+ } state = STATE_OUTSIDE;
+
+ enum {
+ POLICY_CATEGORY_NONE,
+ POLICY_CATEGORY_DEFAULT,
+ POLICY_CATEGORY_MANDATORY,
+ POLICY_CATEGORY_USER,
+ POLICY_CATEGORY_GROUP
+ } policy_category = POLICY_CATEGORY_NONE;
+
+ unsigned line = 0;
+
+ assert(p);
+
+ r = read_full_file(path, &c, NULL);
+ if (r < 0) {
+ if (r == -ENOENT)
+ return 0;
+ if (r == -EISDIR)
+ return r;
+
+ return log_error_errno(r, "Failed to load %s: %m", path);
+ }
+
+ q = c;
+ for (;;) {
+ _cleanup_free_ char *name = NULL;
+ int t;
+
+ t = xml_tokenize(&q, &name, &xml_state, &line);
+ if (t < 0)
+ return log_error_errno(t, "XML parse failure in %s: %m", path);
+
+ switch (state) {
+
+ case STATE_OUTSIDE:
+
+ if (t == XML_TAG_OPEN) {
+ if (streq(name, "busconfig"))
+ state = STATE_BUSCONFIG;
+ else {
+ log_error("Unexpected tag %s at %s:%u.", name, path, line);
+ return -EINVAL;
+ }
+
+ } else if (t == XML_END)
+ return 0;
+ else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
+ log_error("Unexpected token (1) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_BUSCONFIG:
+
+ if (t == XML_TAG_OPEN) {
+ if (streq(name, "policy")) {
+ state = STATE_POLICY;
+ policy_category = POLICY_CATEGORY_NONE;
+ free(policy_user);
+ free(policy_group);
+ policy_user = policy_group = NULL;
+ } else {
+ state = STATE_OTHER;
+ n_other = 0;
+ }
+ } else if (t == XML_TAG_CLOSE_EMPTY ||
+ (t == XML_TAG_CLOSE && streq(name, "busconfig")))
+ state = STATE_OUTSIDE;
+ else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
+ log_error("Unexpected token (2) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_POLICY:
+
+ if (t == XML_ATTRIBUTE_NAME) {
+ if (streq(name, "context"))
+ state = STATE_POLICY_CONTEXT;
+ else if (streq(name, "user"))
+ state = STATE_POLICY_USER;
+ else if (streq(name, "group"))
+ state = STATE_POLICY_GROUP;
+ else {
+ if (streq(name, "at_console"))
+ log_debug("Attribute %s of <policy> tag unsupported at %s:%u, ignoring.", name, path, line);
+ else
+ log_warning("Attribute %s of <policy> tag unknown at %s:%u, ignoring.", name, path, line);
+ state = STATE_POLICY_OTHER_ATTRIBUTE;
+ }
+ } else if (t == XML_TAG_CLOSE_EMPTY ||
+ (t == XML_TAG_CLOSE && streq(name, "policy")))
+ state = STATE_BUSCONFIG;
+ else if (t == XML_TAG_OPEN) {
+ PolicyItemType it;
+
+ if (streq(name, "allow"))
+ it = POLICY_ITEM_ALLOW;
+ else if (streq(name, "deny"))
+ it = POLICY_ITEM_DENY;
+ else {
+ log_warning("Unknown tag %s in <policy> %s:%u.", name, path, line);
+ return -EINVAL;
+ }
+
+ assert(!i);
+ i = new0(PolicyItem, 1);
+ if (!i)
+ return log_oom();
+
+ i->type = it;
+ state = STATE_ALLOW_DENY;
+
+ } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
+ log_error("Unexpected token (3) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_POLICY_CONTEXT:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ if (streq(name, "default")) {
+ policy_category = POLICY_CATEGORY_DEFAULT;
+ state = STATE_POLICY;
+ } else if (streq(name, "mandatory")) {
+ policy_category = POLICY_CATEGORY_MANDATORY;
+ state = STATE_POLICY;
+ } else {
+ log_error("context= parameter %s unknown for <policy> at %s:%u.", name, path, line);
+ return -EINVAL;
+ }
+ } else {
+ log_error("Unexpected token (4) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_POLICY_USER:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ free(policy_user);
+ policy_user = name;
+ name = NULL;
+ policy_category = POLICY_CATEGORY_USER;
+ state = STATE_POLICY;
+ } else {
+ log_error("Unexpected token (5) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_POLICY_GROUP:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ free(policy_group);
+ policy_group = name;
+ name = NULL;
+ policy_category = POLICY_CATEGORY_GROUP;
+ state = STATE_POLICY;
+ } else {
+ log_error("Unexpected token (6) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_POLICY_OTHER_ATTRIBUTE:
+
+ if (t == XML_ATTRIBUTE_VALUE)
+ state = STATE_POLICY;
+ else {
+ log_error("Unexpected token (7) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY:
+
+ assert(i);
+
+ if (t == XML_ATTRIBUTE_NAME) {
+ PolicyItemClass ic;
+
+ if (startswith(name, "send_"))
+ ic = POLICY_ITEM_SEND;
+ else if (startswith(name, "receive_"))
+ ic = POLICY_ITEM_RECV;
+ else if (streq(name, "own"))
+ ic = POLICY_ITEM_OWN;
+ else if (streq(name, "own_prefix"))
+ ic = POLICY_ITEM_OWN_PREFIX;
+ else if (streq(name, "user"))
+ ic = POLICY_ITEM_USER;
+ else if (streq(name, "group"))
+ ic = POLICY_ITEM_GROUP;
+ else if (streq(name, "eavesdrop")) {
+ log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
+ i->class = POLICY_ITEM_IGNORE;
+ state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
+ break;
+ } else {
+ log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
+ state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
+ break;
+ }
+
+ if (i->class != _POLICY_ITEM_CLASS_UNSET && ic != i->class) {
+ log_error("send_ and receive_ fields mixed on same tag at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ i->class = ic;
+
+ if (ic == POLICY_ITEM_SEND || ic == POLICY_ITEM_RECV) {
+ const char *u;
+
+ u = strchr(name, '_');
+ assert(u);
+
+ u++;
+
+ if (streq(u, "interface"))
+ state = STATE_ALLOW_DENY_INTERFACE;
+ else if (streq(u, "member"))
+ state = STATE_ALLOW_DENY_MEMBER;
+ else if (streq(u, "error"))
+ state = STATE_ALLOW_DENY_ERROR;
+ else if (streq(u, "path"))
+ state = STATE_ALLOW_DENY_PATH;
+ else if (streq(u, "type"))
+ state = STATE_ALLOW_DENY_MESSAGE_TYPE;
+ else if ((streq(u, "destination") && ic == POLICY_ITEM_SEND) ||
+ (streq(u, "sender") && ic == POLICY_ITEM_RECV))
+ state = STATE_ALLOW_DENY_NAME;
+ else {
+ if (streq(u, "requested_reply"))
+ log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
+ else
+ log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
+ state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
+ break;
+ }
+ } else
+ state = STATE_ALLOW_DENY_NAME;
+
+ } else if (t == XML_TAG_CLOSE_EMPTY ||
+ (t == XML_TAG_CLOSE && streq(name, i->type == POLICY_ITEM_ALLOW ? "allow" : "deny"))) {
+
+ if (i->class == _POLICY_ITEM_CLASS_UNSET) {
+ log_error("Policy not set at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ if (policy_category == POLICY_CATEGORY_DEFAULT)
+ item_append(i, &p->default_items);
+ else if (policy_category == POLICY_CATEGORY_MANDATORY)
+ item_append(i, &p->mandatory_items);
+ else if (policy_category == POLICY_CATEGORY_USER) {
+ const char *u = policy_user;
+
+ assert_cc(sizeof(uid_t) == sizeof(uint32_t));
+
+ r = hashmap_ensure_allocated(&p->user_items, NULL);
+ if (r < 0)
+ return log_oom();
+
+ if (!u) {
+ log_error("User policy without name");
+ return -EINVAL;
+ }
+
+ r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
+ if (r < 0) {
+ log_error_errno(r, "Failed to resolve user %s, ignoring policy: %m", u);
+ free(i);
+ } else {
+ PolicyItem *first;
+
+ first = hashmap_get(p->user_items, UINT32_TO_PTR(i->uid));
+ item_append(i, &first);
+ i->uid_valid = true;
+
+ r = hashmap_replace(p->user_items, UINT32_TO_PTR(i->uid), first);
+ if (r < 0) {
+ LIST_REMOVE(items, first, i);
+ return log_oom();
+ }
+ }
+
+ } else if (policy_category == POLICY_CATEGORY_GROUP) {
+ const char *g = policy_group;
+
+ assert_cc(sizeof(gid_t) == sizeof(uint32_t));
+
+ r = hashmap_ensure_allocated(&p->group_items, NULL);
+ if (r < 0)
+ return log_oom();
+
+ if (!g) {
+ log_error("Group policy without name");
+ return -EINVAL;
+ }
+
+ r = get_group_creds(&g, &i->gid);
+ if (r < 0) {
+ log_error_errno(r, "Failed to resolve group %s, ignoring policy: %m", g);
+ free(i);
+ } else {
+ PolicyItem *first;
+
+ first = hashmap_get(p->group_items, UINT32_TO_PTR(i->gid));
+ item_append(i, &first);
+ i->gid_valid = true;
+
+ r = hashmap_replace(p->group_items, UINT32_TO_PTR(i->gid), first);
+ if (r < 0) {
+ LIST_REMOVE(items, first, i);
+ return log_oom();
+ }
+ }
+ }
+
+ state = STATE_POLICY;
+ i = NULL;
+
+ } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
+ log_error("Unexpected token (8) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_INTERFACE:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ assert(i);
+ if (i->interface) {
+ log_error("Duplicate interface at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ i->interface = name;
+ name = NULL;
+ state = STATE_ALLOW_DENY;
+ } else {
+ log_error("Unexpected token (9) at %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_MEMBER:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ assert(i);
+ if (i->member) {
+ log_error("Duplicate member in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ i->member = name;
+ name = NULL;
+ state = STATE_ALLOW_DENY;
+ } else {
+ log_error("Unexpected token (10) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_ERROR:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ assert(i);
+ if (i->error) {
+ log_error("Duplicate error in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ i->error = name;
+ name = NULL;
+ state = STATE_ALLOW_DENY;
+ } else {
+ log_error("Unexpected token (11) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_PATH:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ assert(i);
+ if (i->path) {
+ log_error("Duplicate path in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ i->path = name;
+ name = NULL;
+ state = STATE_ALLOW_DENY;
+ } else {
+ log_error("Unexpected token (12) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_MESSAGE_TYPE:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ assert(i);
+
+ if (i->message_type != 0) {
+ log_error("Duplicate message type in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ r = bus_message_type_from_string(name, &i->message_type);
+ if (r < 0) {
+ log_error("Invalid message type in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ state = STATE_ALLOW_DENY;
+ } else {
+ log_error("Unexpected token (13) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_NAME:
+
+ if (t == XML_ATTRIBUTE_VALUE) {
+ assert(i);
+ if (i->name) {
+ log_error("Duplicate name in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ switch (i->class) {
+ case POLICY_ITEM_USER:
+ if (!streq(name, "*")) {
+ const char *u = name;
+
+ r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
+ if (r < 0)
+ log_error_errno(r, "Failed to resolve user %s: %m", name);
+ else
+ i->uid_valid = true;
+ }
+ break;
+ case POLICY_ITEM_GROUP:
+ if (!streq(name, "*")) {
+ const char *g = name;
+
+ r = get_group_creds(&g, &i->gid);
+ if (r < 0)
+ log_error_errno(r, "Failed to resolve group %s: %m", name);
+ else
+ i->gid_valid = true;
+ }
+ break;
+ default:
+ break;
+ }
+
+ i->name = name;
+ name = NULL;
+
+ state = STATE_ALLOW_DENY;
+ } else {
+ log_error("Unexpected token (14) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_ALLOW_DENY_OTHER_ATTRIBUTE:
+
+ if (t == XML_ATTRIBUTE_VALUE)
+ state = STATE_ALLOW_DENY;
+ else {
+ log_error("Unexpected token (15) in %s:%u.", path, line);
+ return -EINVAL;
+ }
+
+ break;
+
+ case STATE_OTHER:
+
+ if (t == XML_TAG_OPEN)
+ n_other++;
+ else if (t == XML_TAG_CLOSE || t == XML_TAG_CLOSE_EMPTY) {
+
+ if (n_other == 0)
+ state = STATE_BUSCONFIG;
+ else
+ n_other--;
+ }
+
+ break;
+ }
+ }
+}
+
+enum {
+ DENY,
+ ALLOW,
+ DUNNO,
+};
+
+static const char *verdict_to_string(int v) {
+ switch (v) {
+
+ case DENY:
+ return "DENY";
+ case ALLOW:
+ return "ALLOW";
+ case DUNNO:
+ return "DUNNO";
+ }
+
+ return NULL;
+}
+
+struct policy_check_filter {
+ PolicyItemClass class;
+ uid_t uid;
+ gid_t gid;
+ int message_type;
+ const char *name;
+ const char *interface;
+ const char *path;
+ const char *member;
+};
+
+static int is_permissive(PolicyItem *i) {
+
+ assert(i);
+
+ return (i->type == POLICY_ITEM_ALLOW) ? ALLOW : DENY;
+}
+
+static int check_policy_item(PolicyItem *i, const struct policy_check_filter *filter) {
+
+ assert(i);
+ assert(filter);
+
+ switch (i->class) {
+ case POLICY_ITEM_SEND:
+ case POLICY_ITEM_RECV:
+
+ if (i->name && !streq_ptr(i->name, filter->name))
+ break;
+
+ if ((i->message_type != 0) && (i->message_type != filter->message_type))
+ break;
+
+ if (i->path && !streq_ptr(i->path, filter->path))
+ break;
+
+ if (i->member && !streq_ptr(i->member, filter->member))
+ break;
+
+ if (i->interface && !streq_ptr(i->interface, filter->interface))
+ break;
+
+ return is_permissive(i);
+
+ case POLICY_ITEM_OWN:
+ assert(filter->name);
+
+ if (streq(i->name, "*") || streq(i->name, filter->name))
+ return is_permissive(i);
+ break;
+
+ case POLICY_ITEM_OWN_PREFIX:
+ assert(filter->name);
+
+ if (streq(i->name, "*") || service_name_startswith(filter->name, i->name))
+ return is_permissive(i);
+ break;
+
+ case POLICY_ITEM_USER:
+ if (filter->uid != UID_INVALID)
+ if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->uid)))
+ return is_permissive(i);
+ break;
+
+ case POLICY_ITEM_GROUP:
+ if (filter->gid != GID_INVALID)
+ if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->gid)))
+ return is_permissive(i);
+ break;
+
+ case POLICY_ITEM_IGNORE:
+ default:
+ break;
+ }
+
+ return DUNNO;
+}
+
+static int check_policy_items(PolicyItem *items, const struct policy_check_filter *filter) {
+
+ PolicyItem *i;
+ int verdict = DUNNO;
+
+ assert(filter);
+
+ /* Check all policies in a set - a broader one might be followed by a more specific one,
+ * and the order of rules in policy definitions matters */
+ LIST_FOREACH(items, i, items) {
+ int v;
+
+ if (i->class != filter->class &&
+ !(i->class == POLICY_ITEM_OWN_PREFIX && filter->class == POLICY_ITEM_OWN))
+ continue;
+
+ v = check_policy_item(i, filter);
+ if (v != DUNNO)
+ verdict = v;
+ }
+
+ return verdict;
+}
+
+static int policy_check(Policy *p, const struct policy_check_filter *filter) {
+
+ PolicyItem *items;
+ int verdict, v;
+
+ assert(p);
+ assert(filter);
+
+ assert(IN_SET(filter->class, POLICY_ITEM_SEND, POLICY_ITEM_RECV, POLICY_ITEM_OWN, POLICY_ITEM_USER, POLICY_ITEM_GROUP));
+
+ /*
+ * The policy check is implemented by the following logic:
+ *
+ * 1. Check default items
+ * 2. Check group items
+ * 3. Check user items
+ * 4. Check mandatory items
+ *
+ * Later rules override earlier rules.
+ */
+
+ verdict = check_policy_items(p->default_items, filter);
+
+ if (filter->gid != GID_INVALID) {
+ items = hashmap_get(p->group_items, UINT32_TO_PTR(filter->gid));
+ if (items) {
+ v = check_policy_items(items, filter);
+ if (v != DUNNO)
+ verdict = v;
+ }
+ }
+
+ if (filter->uid != UID_INVALID) {
+ items = hashmap_get(p->user_items, UINT32_TO_PTR(filter->uid));
+ if (items) {
+ v = check_policy_items(items, filter);
+ if (v != DUNNO)
+ verdict = v;
+ }
+ }
+
+ v = check_policy_items(p->mandatory_items, filter);
+ if (v != DUNNO)
+ verdict = v;
+
+ return verdict;
+}
+
+bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name) {
+
+ struct policy_check_filter filter = {
+ .class = POLICY_ITEM_OWN,
+ .uid = uid,
+ .gid = gid,
+ .name = name,
+ };
+
+ int verdict;
+
+ assert(p);
+ assert(name);
+
+ verdict = policy_check(p, &filter);
+
+ log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
+ "Ownership permission check for uid=" UID_FMT " gid=" GID_FMT" name=%s: %s",
+ uid, gid, strna(name), strna(verdict_to_string(verdict)));
+
+ return verdict == ALLOW;
+}
+
+bool policy_check_hello(Policy *p, uid_t uid, gid_t gid) {
+
+ struct policy_check_filter filter = {
+ .uid = uid,
+ .gid = gid,
+ };
+ int verdict;
+
+ assert(p);
+
+ filter.class = POLICY_ITEM_USER;
+ verdict = policy_check(p, &filter);
+
+ if (verdict != DENY) {
+ int v;
+
+ filter.class = POLICY_ITEM_GROUP;
+ v = policy_check(p, &filter);
+ if (v != DUNNO)
+ verdict = v;
+ }
+
+ log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
+ "Hello permission check for uid=" UID_FMT " gid=" GID_FMT": %s",
+ uid, gid, strna(verdict_to_string(verdict)));
+
+ return verdict == ALLOW;
+}
+
+bool policy_check_recv(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ const char *name,
+ const char *path,
+ const char *interface,
+ const char *member) {
+
+ struct policy_check_filter filter = {
+ .class = POLICY_ITEM_RECV,
+ .uid = uid,
+ .gid = gid,
+ .message_type = message_type,
+ .name = name,
+ .interface = interface,
+ .path = path,
+ .member = member,
+ };
+
+ int verdict;
+
+ assert(p);
+
+ verdict = policy_check(p, &filter);
+
+ log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
+ "Recieve permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s interface=%s path=%s member=%s: %s",
+ uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
+
+ return verdict == ALLOW;
+}
+
+bool policy_check_send(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ const char *name,
+ const char *path,
+ const char *interface,
+ const char *member) {
+
+ struct policy_check_filter filter = {
+ .class = POLICY_ITEM_SEND,
+ .uid = uid,
+ .gid = gid,
+ .message_type = message_type,
+ .name = name,
+ .interface = interface,
+ .path = path,
+ .member = member,
+ };
+
+ int verdict;
+
+ assert(p);
+
+ verdict = policy_check(p, &filter);
+
+ log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
+ "Send permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s interface=%s path=%s member=%s: %s",
+ uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
+
+ return verdict == ALLOW;
+}
+
+int policy_load(Policy *p, char **files) {
+ char **i;
+ int r;
+
+ assert(p);
+
+ STRV_FOREACH(i, files) {
+
+ r = file_load(p, *i);
+ if (r == -EISDIR) {
+ _cleanup_strv_free_ char **l = NULL;
+ char **j;
+
+ r = conf_files_list(&l, ".conf", NULL, *i, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get configuration file list: %m");
+
+ STRV_FOREACH(j, l)
+ file_load(p, *j);
+ }
+
+ /* We ignore all errors but EISDIR, and just proceed. */
+ }
+
+ return 0;
+}
+
+void policy_free(Policy *p) {
+ PolicyItem *i, *first;
+
+ if (!p)
+ return;
+
+ while ((i = p->default_items)) {
+ LIST_REMOVE(items, p->default_items, i);
+ policy_item_free(i);
+ }
+
+ while ((i = p->mandatory_items)) {
+ LIST_REMOVE(items, p->mandatory_items, i);
+ policy_item_free(i);
+ }
+
+ while ((first = hashmap_steal_first(p->user_items))) {
+
+ while ((i = first)) {
+ LIST_REMOVE(items, first, i);
+ policy_item_free(i);
+ }
+ }
+
+ while ((first = hashmap_steal_first(p->group_items))) {
+
+ while ((i = first)) {
+ LIST_REMOVE(items, first, i);
+ policy_item_free(i);
+ }
+ }
+
+ hashmap_free(p->user_items);
+ hashmap_free(p->group_items);
+
+ p->user_items = p->group_items = NULL;
+}
+
+static void dump_items(PolicyItem *items, const char *prefix) {
+
+ PolicyItem *i;
+
+ if (!items)
+ return;
+
+ if (!prefix)
+ prefix = "";
+
+ LIST_FOREACH(items, i, items) {
+
+ printf("%sType: %s\n"
+ "%sClass: %s\n",
+ prefix, policy_item_type_to_string(i->type),
+ prefix, policy_item_class_to_string(i->class));
+
+ if (i->interface)
+ printf("%sInterface: %s\n",
+ prefix, i->interface);
+
+ if (i->member)
+ printf("%sMember: %s\n",
+ prefix, i->member);
+
+ if (i->error)
+ printf("%sError: %s\n",
+ prefix, i->error);
+
+ if (i->path)
+ printf("%sPath: %s\n",
+ prefix, i->path);
+
+ if (i->name)
+ printf("%sName: %s\n",
+ prefix, i->name);
+
+ if (i->message_type != 0)
+ printf("%sMessage Type: %s\n",
+ prefix, bus_message_type_to_string(i->message_type));
+
+ if (i->uid_valid) {
+ _cleanup_free_ char *user;
+
+ user = uid_to_name(i->uid);
+
+ printf("%sUser: %s (%d)\n",
+ prefix, strna(user), i->uid);
+ }
+
+ if (i->gid_valid) {
+ _cleanup_free_ char *group;
+
+ group = gid_to_name(i->gid);
+
+ printf("%sGroup: %s (%d)\n",
+ prefix, strna(group), i->gid);
+ }
+ printf("%s-\n", prefix);
+ }
+}
+
+static void dump_hashmap_items(Hashmap *h) {
+ PolicyItem *i;
+ Iterator j;
+ void *k;
+
+ HASHMAP_FOREACH_KEY(i, k, h, j) {
+ printf("\t%s Item for %u:\n", draw_special_char(DRAW_ARROW), PTR_TO_UINT(k));
+ dump_items(i, "\t\t");
+ }
+}
+
+void policy_dump(Policy *p) {
+
+ printf("%s Default Items:\n", draw_special_char(DRAW_ARROW));
+ dump_items(p->default_items, "\t");
+
+ printf("%s Group Items:\n", draw_special_char(DRAW_ARROW));
+ dump_hashmap_items(p->group_items);
+
+ printf("%s User Items:\n", draw_special_char(DRAW_ARROW));
+ dump_hashmap_items(p->user_items);
+
+ printf("%s Mandatory Items:\n", draw_special_char(DRAW_ARROW));
+ dump_items(p->mandatory_items, "\t");
+}
+
+static const char* const policy_item_type_table[_POLICY_ITEM_TYPE_MAX] = {
+ [_POLICY_ITEM_TYPE_UNSET] = "unset",
+ [POLICY_ITEM_ALLOW] = "allow",
+ [POLICY_ITEM_DENY] = "deny",
+};
+DEFINE_STRING_TABLE_LOOKUP(policy_item_type, PolicyItemType);
+
+static const char* const policy_item_class_table[_POLICY_ITEM_CLASS_MAX] = {
+ [_POLICY_ITEM_CLASS_UNSET] = "unset",
+ [POLICY_ITEM_SEND] = "send",
+ [POLICY_ITEM_RECV] = "recv",
+ [POLICY_ITEM_OWN] = "own",
+ [POLICY_ITEM_OWN_PREFIX] = "own-prefix",
+ [POLICY_ITEM_USER] = "user",
+ [POLICY_ITEM_GROUP] = "group",
+ [POLICY_ITEM_IGNORE] = "ignore",
+};
+DEFINE_STRING_TABLE_LOOKUP(policy_item_class, PolicyItemClass);
diff --git a/src/bus-proxyd/bus-xml-policy.h b/src/bus-proxyd/bus-xml-policy.h
new file mode 100644
index 0000000..933a53c
--- /dev/null
+++ b/src/bus-proxyd/bus-xml-policy.h
@@ -0,0 +1,104 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#pragma once
+
+/***
+ This file is part of systemd.
+
+ Copyright 2013 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <inttypes.h>
+
+#include "list.h"
+#include "hashmap.h"
+
+typedef enum PolicyItemType {
+ _POLICY_ITEM_TYPE_UNSET = 0,
+ POLICY_ITEM_ALLOW,
+ POLICY_ITEM_DENY,
+ _POLICY_ITEM_TYPE_MAX,
+ _POLICY_ITEM_TYPE_INVALID = -1,
+} PolicyItemType;
+
+typedef enum PolicyItemClass {
+ _POLICY_ITEM_CLASS_UNSET = 0,
+ POLICY_ITEM_SEND,
+ POLICY_ITEM_RECV,
+ POLICY_ITEM_OWN,
+ POLICY_ITEM_OWN_PREFIX,
+ POLICY_ITEM_USER,
+ POLICY_ITEM_GROUP,
+ POLICY_ITEM_IGNORE,
+ _POLICY_ITEM_CLASS_MAX,
+ _POLICY_ITEM_CLASS_INVALID = -1,
+} PolicyItemClass;
+
+typedef struct PolicyItem PolicyItem;
+
+struct PolicyItem {
+ PolicyItemType type;
+ PolicyItemClass class;
+ char *interface;
+ char *member;
+ char *error;
+ char *path;
+ char *name;
+ uint8_t message_type;
+ uid_t uid;
+ gid_t gid;
+
+ bool uid_valid, gid_valid;
+
+ LIST_FIELDS(PolicyItem, items);
+};
+
+typedef struct Policy {
+ LIST_HEAD(PolicyItem, default_items);
+ LIST_HEAD(PolicyItem, mandatory_items);
+ Hashmap *user_items;
+ Hashmap *group_items;
+} Policy;
+
+int policy_load(Policy *p, char **files);
+void policy_free(Policy *p);
+
+bool policy_check_own(Policy *p, uid_t uid, gid_t gid, const char *name);
+bool policy_check_hello(Policy *p, uid_t uid, gid_t gid);
+bool policy_check_recv(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ const char *name,
+ const char *path,
+ const char *interface,
+ const char *member);
+bool policy_check_send(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ const char *name,
+ const char *path,
+ const char *interface,
+ const char *member);
+
+void policy_dump(Policy *p);
+
+const char* policy_item_type_to_string(PolicyItemType t) _const_;
+PolicyItemType policy_item_type_from_string(const char *s) _pure_;
+
+const char* policy_item_class_to_string(PolicyItemClass t) _const_;
+PolicyItemClass policy_item_class_from_string(const char *s) _pure_;
diff --git a/src/bus-proxyd/test-bus-policy.c b/src/bus-proxyd/test-bus-policy.c
deleted file mode 100644
index 91ab33d..0000000
--- a/src/bus-proxyd/test-bus-policy.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-/***
- This file is part of systemd.
-
- Copyright 2014 Daniel Mack
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <string.h>
-#include <errno.h>
-#include <sys/poll.h>
-#include <stddef.h>
-#include <getopt.h>
-
-#include "log.h"
-#include "util.h"
-#include "sd-bus.h"
-#include "bus-internal.h"
-#include "bus-message.h"
-#include "bus-util.h"
-#include "build.h"
-#include "strv.h"
-#include "def.h"
-#include "capability.h"
-
-#include <bus-proxyd/bus-policy.h>
-
-static int test_policy_load(Policy *p, const char *name)
-{
- _cleanup_free_ char *path = NULL;
- int r = 0;
-
- path = strjoin(TEST_DIR, "/bus-policy/", name, NULL);
- assert_se(path);
-
- if (access(path, R_OK) == 0)
- policy_load(p, STRV_MAKE(path));
- else
- r = -ENOENT;
-
- return r;
-}
-
-int main(int argc, char *argv[]) {
-
- Policy p = {};
-
- /* Ownership tests */
- assert_se(test_policy_load(&p, "ownerships.conf") == 0);
-
- assert_se(policy_check_own(&p, 0, 0, "org.test.test1") == true);
- assert_se(policy_check_own(&p, 1, 0, "org.test.test1") == true);
-
- assert_se(policy_check_own(&p, 0, 0, "org.test.test2") == true);
- assert_se(policy_check_own(&p, 1, 0, "org.test.test2") == false);
-
- assert_se(policy_check_own(&p, 0, 0, "org.test.test3") == false);
- assert_se(policy_check_own(&p, 1, 0, "org.test.test3") == false);
-
- assert_se(policy_check_own(&p, 0, 0, "org.test.test4") == false);
- assert_se(policy_check_own(&p, 1, 0, "org.test.test4") == true);
-
- policy_free(&p);
-
- /* Signaltest */
- assert_se(test_policy_load(&p, "signals.conf") == 0);
-
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == true);
- assert_se(policy_check_send(&p, 1, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == false);
-
- policy_free(&p);
-
- /* Method calls */
- assert_se(test_policy_load(&p, "methods.conf") == 0);
- policy_dump(&p);
-
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int1", "Member") == true);
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == true);
-
- assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test3", "/an/object/path", "org.test.int3", "Member111") == true);
-
- policy_free(&p);
-
- /* User and groups */
- assert_se(test_policy_load(&p, "hello.conf") == 0);
- policy_dump(&p);
-
- assert_se(policy_check_hello(&p, 0, 0) == true);
- assert_se(policy_check_hello(&p, 1, 0) == false);
- assert_se(policy_check_hello(&p, 0, 1) == false);
-
- policy_free(&p);
-
- /* dbus1 test file: ownership */
-
- assert_se(test_policy_load(&p, "check-own-rules.conf") >= 0);
- policy_dump(&p);
-
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop") == false);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystem") == false);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems") == true);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo") == true);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo.bar") == true);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2") == false);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo") == false);
- assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo.bar") == false);
-
- policy_free(&p);
-
- /* dbus1 test file: many rules */
-
- assert_se(test_policy_load(&p, "many-rules.conf") >= 0);
- policy_dump(&p);
- policy_free(&p);
-
- /* dbus1 test file: generic test */
-
- assert_se(test_policy_load(&p, "test.conf") >= 0);
- policy_dump(&p);
-
- assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService") == true);
- assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService2") == false);
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
- assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
- assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
- assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
- assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
-
- assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService") == false);
- assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService2") == false);
- assert_se(policy_check_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
- assert_se(policy_check_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
- assert_se(policy_check_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
- assert_se(policy_check_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
- assert_se(policy_check_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
-
- policy_free(&p);
-
- return EXIT_SUCCESS;
-}
diff --git a/src/bus-proxyd/test-bus-xml-policy.c b/src/bus-proxyd/test-bus-xml-policy.c
new file mode 100644
index 0000000..b0f4ed7
--- /dev/null
+++ b/src/bus-proxyd/test-bus-xml-policy.c
@@ -0,0 +1,158 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2014 Daniel Mack
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/poll.h>
+#include <stddef.h>
+#include <getopt.h>
+
+#include "log.h"
+#include "util.h"
+#include "sd-bus.h"
+#include "bus-internal.h"
+#include "bus-message.h"
+#include "bus-util.h"
+#include "build.h"
+#include "strv.h"
+#include "def.h"
+#include "capability.h"
+#include "bus-xml-policy.h"
+
+static int test_policy_load(Policy *p, const char *name) {
+ _cleanup_free_ char *path = NULL;
+ int r = 0;
+
+ path = strjoin(TEST_DIR, "/bus-policy/", name, NULL);
+ assert_se(path);
+
+ if (access(path, R_OK) == 0)
+ policy_load(p, STRV_MAKE(path));
+ else
+ r = -ENOENT;
+
+ return r;
+}
+
+int main(int argc, char *argv[]) {
+
+ Policy p = {};
+
+ /* Ownership tests */
+ assert_se(test_policy_load(&p, "ownerships.conf") == 0);
+
+ assert_se(policy_check_own(&p, 0, 0, "org.test.test1") == true);
+ assert_se(policy_check_own(&p, 1, 0, "org.test.test1") == true);
+
+ assert_se(policy_check_own(&p, 0, 0, "org.test.test2") == true);
+ assert_se(policy_check_own(&p, 1, 0, "org.test.test2") == false);
+
+ assert_se(policy_check_own(&p, 0, 0, "org.test.test3") == false);
+ assert_se(policy_check_own(&p, 1, 0, "org.test.test3") == false);
+
+ assert_se(policy_check_own(&p, 0, 0, "org.test.test4") == false);
+ assert_se(policy_check_own(&p, 1, 0, "org.test.test4") == true);
+
+ policy_free(&p);
+
+ /* Signaltest */
+ assert_se(test_policy_load(&p, "signals.conf") == 0);
+
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == true);
+ assert_se(policy_check_send(&p, 1, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == false);
+
+ policy_free(&p);
+
+ /* Method calls */
+ assert_se(test_policy_load(&p, "methods.conf") == 0);
+ policy_dump(&p);
+
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int1", "Member") == true);
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == true);
+
+ assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test3", "/an/object/path", "org.test.int3", "Member111") == true);
+
+ policy_free(&p);
+
+ /* User and groups */
+ assert_se(test_policy_load(&p, "hello.conf") == 0);
+ policy_dump(&p);
+
+ assert_se(policy_check_hello(&p, 0, 0) == true);
+ assert_se(policy_check_hello(&p, 1, 0) == false);
+ assert_se(policy_check_hello(&p, 0, 1) == false);
+
+ policy_free(&p);
+
+ /* dbus1 test file: ownership */
+
+ assert_se(test_policy_load(&p, "check-own-rules.conf") >= 0);
+ policy_dump(&p);
+
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop") == false);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystem") == false);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems") == true);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo") == true);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo.bar") == true);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2") == false);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo") == false);
+ assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo.bar") == false);
+
+ policy_free(&p);
+
+ /* dbus1 test file: many rules */
+
+ assert_se(test_policy_load(&p, "many-rules.conf") >= 0);
+ policy_dump(&p);
+ policy_free(&p);
+
+ /* dbus1 test file: generic test */
+
+ assert_se(test_policy_load(&p, "test.conf") >= 0);
+ policy_dump(&p);
+
+ assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService") == true);
+ assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService2") == false);
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
+ assert_se(policy_check_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
+ assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
+ assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
+ assert_se(policy_check_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
+
+ assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService") == false);
+ assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService2") == false);
+ assert_se(policy_check_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
+ assert_se(policy_check_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
+ assert_se(policy_check_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
+ assert_se(policy_check_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
+ assert_se(policy_check_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
+
+ policy_free(&p);
+
+ return EXIT_SUCCESS;
+}
diff --git a/src/core/bus-common.c b/src/core/bus-common.c
deleted file mode 100644
index 4a61cb9..0000000
--- a/src/core/bus-common.c
+++ /dev/null
@@ -1,35 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-/***
- This file is part of systemd.
-
- Copyright 2014 Daniel Mack
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "special.h"
-#include "bus-kernel.h"
-#include "bus-internal.h"
-#include "bus-util.h"
-#include "service.h"
-#include "bus-common.h"
-
-static const char* const bus_policy_access_table[_BUS_POLICY_ACCESS_MAX] = {
- [BUS_POLICY_ACCESS_SEE] = "see",
- [BUS_POLICY_ACCESS_TALK] = "talk",
- [BUS_POLICY_ACCESS_OWN] = "own",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(bus_policy_access, BusPolicyAccess);
diff --git a/src/core/bus-common.h b/src/core/bus-common.h
deleted file mode 100644
index 209f870..0000000
--- a/src/core/bus-common.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-#pragma once
-
-#include "macro.h"
-
-/***
- This file is part of systemd.
-
- Copyright 2014 Daniel Mack
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef enum BusPolicyAccess {
- BUS_POLICY_ACCESS_SEE,
- BUS_POLICY_ACCESS_TALK,
- BUS_POLICY_ACCESS_OWN,
- _BUS_POLICY_ACCESS_MAX,
- _BUS_POLICY_ACCESS_INVALID = -1
-} BusPolicyAccess;
-
-const char* bus_policy_access_to_string(BusPolicyAccess i) _const_;
-BusPolicyAccess bus_policy_access_from_string(const char *s) _pure_;
diff --git a/src/core/bus-endpoint.c b/src/core/bus-endpoint.c
index aac540d..27dd192 100644
--- a/src/core/bus-endpoint.c
+++ b/src/core/bus-endpoint.c
@@ -19,10 +19,56 @@
#include <stdlib.h>
+#include "kdbus.h"
+#include "bus-kernel.h"
+#include "bus-policy.h"
#include "bus-endpoint.h"
-int bus_endpoint_new(BusEndpoint **ep)
-{
+int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) {
+
+ struct kdbus_cmd_update *update;
+ struct kdbus_item *n;
+ BusEndpointPolicy *po;
+ Iterator i;
+ size_t size;
+ int r;
+
+ size = ALIGN8(offsetof(struct kdbus_cmd_update, items));
+
+ HASHMAP_FOREACH(po, ep->policy_hash, i) {
+ size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1);
+ size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
+ }
+
+ update = alloca0_align(size, 8);
+ update->size = size;
+
+ n = update->items;
+
+ HASHMAP_FOREACH(po, ep->policy_hash, i) {
+ n->type = KDBUS_ITEM_NAME;
+ n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1;
+ strcpy(n->str, po->name);
+ n = KDBUS_ITEM_NEXT(n);
+
+ n->type = KDBUS_ITEM_POLICY_ACCESS;
+ n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
+
+ n->policy_access.type = KDBUS_POLICY_ACCESS_USER;
+ n->policy_access.access = bus_kernel_translate_access(po->access);
+ n->policy_access.id = uid;
+
+ n = KDBUS_ITEM_NEXT(n);
+ }
+
+ r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update);
+ if (r < 0)
+ return -errno;
+
+ return 0;
+}
+
+int bus_endpoint_new(BusEndpoint **ep) {
assert(ep);
*ep = new0(BusEndpoint, 1);
@@ -32,8 +78,7 @@ int bus_endpoint_new(BusEndpoint **ep)
return 0;
}
-int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess access)
-{
+int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess access) {
_cleanup_free_ BusEndpointPolicy *po = NULL;
_cleanup_free_ char *key = NULL;
int r;
@@ -80,8 +125,7 @@ int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess a
return 0;
}
-void bus_endpoint_free(BusEndpoint *endpoint)
-{
+void bus_endpoint_free(BusEndpoint *endpoint) {
if (!endpoint)
return;
diff --git a/src/core/bus-endpoint.h b/src/core/bus-endpoint.h
index 2c5415f..4a31f4c 100644
--- a/src/core/bus-endpoint.h
+++ b/src/core/bus-endpoint.h
@@ -24,8 +24,8 @@
typedef struct BusEndpoint BusEndpoint;
typedef struct BusEndpointPolicy BusEndpointPolicy;
-#include "bus-common.h"
#include "hashmap.h"
+#include "bus-policy.h"
struct BusEndpointPolicy {
char *name;
@@ -40,3 +40,5 @@ int bus_endpoint_new(BusEndpoint **ep);
void bus_endpoint_free(BusEndpoint *endpoint);
int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess access);
+
+int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep);
diff --git a/src/core/busname.c b/src/core/busname.c
index acd6652..9ab9556 100644
--- a/src/core/busname.c
+++ b/src/core/busname.c
@@ -26,9 +26,10 @@
#include "bus-internal.h"
#include "bus-util.h"
#include "service.h"
+#include "kdbus.h"
+#include "bus-policy.h"
#include "dbus-busname.h"
#include "busname.h"
-#include "kdbus.h"
static const UnitActiveState state_translation_table[_BUSNAME_STATE_MAX] = {
[BUSNAME_DEAD] = UNIT_INACTIVE,
diff --git a/src/core/busname.h b/src/core/busname.h
index c9b653d..775822d 100644
--- a/src/core/busname.h
+++ b/src/core/busname.h
@@ -25,7 +25,6 @@ typedef struct BusName BusName;
typedef struct BusNamePolicy BusNamePolicy;
#include "unit.h"
-#include "bus-common.h"
typedef enum BusNameState {
BUSNAME_DEAD,
@@ -52,22 +51,6 @@ typedef enum BusNameResult {
_BUSNAME_RESULT_INVALID = -1
} BusNameResult;
-typedef enum BusNamePolicyType {
- BUSNAME_POLICY_TYPE_USER,
- BUSNAME_POLICY_TYPE_GROUP,
- _BUSNAME_POLICY_TYPE_MAX,
- _BUSNAME_POLICY_TYPE_INVALID = -1
-} BusNamePolicyType;
-
-struct BusNamePolicy {
- BusNamePolicyType type;
- BusPolicyAccess access;
-
- char *name;
-
- LIST_FIELDS(BusNamePolicy, policy);
-};
-
struct BusName {
Unit meta;
diff --git a/src/core/execute.c b/src/core/execute.c
index 4735ab2..c472dad 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -84,7 +84,7 @@
#include "mkdir.h"
#include "apparmor-util.h"
#include "smack-util.h"
-#include "bus-kernel.h"
+#include "bus-endpoint.h"
#include "label.h"
#include "cap-list.h"
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
index 977b340..cb529d5 100644
--- a/src/libsystemd/sd-bus/bus-internal.h
+++ b/src/libsystemd/sd-bus/bus-internal.h
@@ -31,6 +31,7 @@
#include "list.h"
#include "util.h"
#include "refcnt.h"
+#include "socket-util.h"
#include "sd-bus.h"
#include "bus-error.h"
diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c
index a696289..a7811ee 100644
--- a/src/libsystemd/sd-bus/bus-kernel.c
+++ b/src/libsystemd/sd-bus/bus-kernel.c
@@ -1576,69 +1576,6 @@ int bus_kernel_create_bus(const char *name, bool world, char **s) {
return fd;
}
-static int bus_kernel_translate_access(BusPolicyAccess access) {
- assert(access >= 0);
- assert(access < _BUS_POLICY_ACCESS_MAX);
-
- switch (access) {
-
- case BUS_POLICY_ACCESS_SEE:
- return KDBUS_POLICY_SEE;
-
- case BUS_POLICY_ACCESS_TALK:
- return KDBUS_POLICY_TALK;
-
- case BUS_POLICY_ACCESS_OWN:
- return KDBUS_POLICY_OWN;
-
- default:
- assert_not_reached("Unknown policy access");
- }
-}
-
-static int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) {
- int r;
-
- assert(policy);
- assert(item);
-
- switch (policy->type) {
-
- case BUSNAME_POLICY_TYPE_USER: {
- const char *user = policy->name;
- uid_t uid;
-
- r = get_user_creds(&user, &uid, NULL, NULL, NULL);
- if (r < 0)
- return r;
-
- item->policy_access.type = KDBUS_POLICY_ACCESS_USER;
- item->policy_access.id = uid;
- break;
- }
-
- case BUSNAME_POLICY_TYPE_GROUP: {
- const char *group = policy->name;
- gid_t gid;
-
- r = get_group_creds(&group, &gid);
- if (r < 0)
- return r;
-
- item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP;
- item->policy_access.id = gid;
- break;
- }
-
- default:
- assert_not_reached("Unknown policy type");
- }
-
- item->policy_access.access = bus_kernel_translate_access(policy->access);
-
- return 0;
-}
-
int bus_kernel_open_bus_fd(const char *bus, char **path) {
char *p;
int fd;
@@ -1715,128 +1652,6 @@ int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char *
return fd;
}
-int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) {
-
- struct kdbus_cmd_update *update;
- struct kdbus_item *n;
- BusEndpointPolicy *po;
- Iterator i;
- size_t size;
- int r;
-
- size = ALIGN8(offsetof(struct kdbus_cmd_update, items));
-
- HASHMAP_FOREACH(po, ep->policy_hash, i) {
- size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1);
- size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
- }
-
- update = alloca0_align(size, 8);
- update->size = size;
-
- n = update->items;
-
- HASHMAP_FOREACH(po, ep->policy_hash, i) {
- n->type = KDBUS_ITEM_NAME;
- n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1;
- strcpy(n->str, po->name);
- n = KDBUS_ITEM_NEXT(n);
-
- n->type = KDBUS_ITEM_POLICY_ACCESS;
- n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
-
- n->policy_access.type = KDBUS_POLICY_ACCESS_USER;
- n->policy_access.access = bus_kernel_translate_access(po->access);
- n->policy_access.id = uid;
-
- n = KDBUS_ITEM_NEXT(n);
- }
-
- r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update);
- if (r < 0)
- return -errno;
-
- return 0;
-}
-
-int bus_kernel_make_starter(
- int fd,
- const char *name,
- bool activating,
- bool accept_fd,
- BusNamePolicy *policy,
- BusPolicyAccess world_policy) {
-
- struct kdbus_cmd_free cmd_free = { .size = sizeof(cmd_free) };
- struct kdbus_cmd_hello *hello;
- struct kdbus_item *n;
- size_t policy_cnt = 0;
- BusNamePolicy *po;
- size_t size;
- int r;
-
- assert(fd >= 0);
- assert(name);
-
- LIST_FOREACH(policy, po, policy)
- policy_cnt++;
-
- if (world_policy >= 0)
- policy_cnt++;
-
- size = offsetof(struct kdbus_cmd_hello, items) +
- ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) +
- policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
-
- hello = alloca0_align(size, 8);
-
- n = hello->items;
- strcpy(n->str, name);
- n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
- n->type = KDBUS_ITEM_NAME;
- n = KDBUS_ITEM_NEXT(n);
-
- LIST_FOREACH(policy, po, policy) {
- n->type = KDBUS_ITEM_POLICY_ACCESS;
- n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
-
- r = bus_kernel_translate_policy(po, n);
- if (r < 0)
- return r;
-
- n = KDBUS_ITEM_NEXT(n);
- }
-
- if (world_policy >= 0) {
- n->type = KDBUS_ITEM_POLICY_ACCESS;
- n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
- n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD;
- n->policy_access.access = bus_kernel_translate_access(world_policy);
- }
-
- hello->size = size;
- hello->flags =
- (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) |
- (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0);
- hello->pool_size = KDBUS_POOL_SIZE;
- hello->attach_flags_send = _KDBUS_ATTACH_ANY;
- hello->attach_flags_recv = _KDBUS_ATTACH_ANY;
-
- if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0)
- return -errno;
-
- /* not interested in any output values */
- cmd_free.offset = hello->offset;
- (void) ioctl(fd, KDBUS_CMD_FREE, &cmd_free);
-
- /* The higher 32bit of the bus_flags fields are considered
- * 'incompatible flags'. Refuse them all for now. */
- if (hello->bus_flags > 0xFFFFFFFFULL)
- return -ENOTSUP;
-
- return fd;
-}
-
int bus_kernel_try_close(sd_bus *bus) {
assert(bus);
assert(bus->is_kernel);
diff --git a/src/libsystemd/sd-bus/bus-kernel.h b/src/libsystemd/sd-bus/bus-kernel.h
index 2152f62..7b1e9ef 100644
--- a/src/libsystemd/sd-bus/bus-kernel.h
+++ b/src/libsystemd/sd-bus/bus-kernel.h
@@ -23,8 +23,6 @@
#include <stdbool.h>
-#include "busname.h"
-#include "bus-endpoint.h"
#include "sd-bus.h"
#define KDBUS_ITEM_NEXT(item) \
@@ -67,13 +65,10 @@ int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call
int bus_kernel_read_message(sd_bus *bus, bool hint_priority, int64_t priority);
int bus_kernel_open_bus_fd(const char *bus, char **path);
-int bus_kernel_make_starter(int fd, const char *name, bool activating, bool accept_fd, BusNamePolicy *policy, BusPolicyAccess world_policy);
int bus_kernel_create_bus(const char *name, bool world, char **s);
int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char **path);
-int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep);
-
int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *allocated);
void bus_kernel_push_memfd(sd_bus *bus, int fd, void *address, size_t mapped, size_t allocated);
diff --git a/src/libsystemd/sd-bus/busctl.c b/src/libsystemd/sd-bus/busctl.c
index dd6ae86..3233c1b 100644
--- a/src/libsystemd/sd-bus/busctl.c
+++ b/src/libsystemd/sd-bus/busctl.c
@@ -28,6 +28,7 @@
#include "pager.h"
#include "xml.h"
#include "path-util.h"
+#include "set.h"
#include "sd-bus.h"
#include "bus-message.h"
diff --git a/src/test/test-tables.c b/src/test/test-tables.c
index 97d5609..bda224b 100644
--- a/src/test/test-tables.c
+++ b/src/test/test-tables.c
@@ -46,7 +46,8 @@
#include "util.h"
#include "architecture.h"
#include "link-config.h"
-#include "bus-policy.h"
+#include "bus-xml-policy.h"
+#include "busname.h"
#include "journald-server.h"
#include "locale-util.h"
More information about the systemd-commits
mailing list