core: rework policykit hookup

- Always issue selinux access check as early as possible, and PK check
  as late as possible.

- Introduce a new policykit action for altering environment

- Open most remaining bus calls to unprivileged clients via PK

1 files changed, 6 insertions, 2 deletions

diff --git a/src/core/dbus.c b/src/core/dbus.c
index 2f313adec7..e7cf93dc6c 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -1192,12 +1192,12 @@ int bus_track_coldplug(Manager *m, sd_bus_track **t, char ***l) {
         return r;
 }
 
-int bus_verify_manage_unit_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
+int bus_verify_manage_units_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
         return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-units", false, UID_INVALID, &m->polkit_registry, error);
 }
 
 /* Same as bus_verify_manage_unit_async(), but checks for CAP_KILL instead of CAP_SYS_ADMIN */
-int bus_verify_manage_unit_async_for_kill(Manager *m, sd_bus_message *call, sd_bus_error *error) {
+int bus_verify_manage_units_async_for_kill(Manager *m, sd_bus_message *call, sd_bus_error *error) {
         return bus_verify_polkit_async(call, CAP_KILL, "org.freedesktop.systemd1.manage-units", false, UID_INVALID, &m->polkit_registry, error);
 }
 
@@ -1208,3 +1208,7 @@ int bus_verify_manage_unit_files_async(Manager *m, sd_bus_message *call, sd_bus_
 int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
         return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.reload-daemon", false, UID_INVALID, &m->polkit_registry, error);
 }
+
+int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
+        return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.set-environment", false, UID_INVALID, &m->polkit_registry, error);
+}