summaryrefslogtreecommitdiff
path: root/src/libsystemd/sd-bus
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-07-03 01:17:26 +0200
committerLennart Poettering <lennart@poettering.net>2014-07-03 01:17:26 +0200
commit7f0d207d2c816e0a8cb2742b0a789911f7c99356 (patch)
tree148eea6477a079339c5ecfa1a03d7debe50fed17 /src/libsystemd/sd-bus
parent8f6e22a1cafafb4e78e23c1998f23a997c1b294f (diff)
sd-bus: support connecting to remote hosts, directly into containers
systemctl -H root@foobar:waldi will now show a list of services running on container "waldi" on host "foobar", using "root" for authenticating at "foobar". Since entereing a container requires priviliges, this will only work correctly for root logins.
Diffstat (limited to 'src/libsystemd/sd-bus')
-rw-r--r--src/libsystemd/sd-bus/sd-bus.c31
1 files changed, 27 insertions, 4 deletions
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index eb267d430e..c25375c592 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -1209,15 +1209,38 @@ fail:
int bus_set_address_system_remote(sd_bus *b, const char *host) {
_cleanup_free_ char *e = NULL;
+ char *m = NULL, *c = NULL;
assert(b);
assert(host);
- e = bus_address_escape(host);
- if (!e)
- return -ENOMEM;
+ /* Let's see if we shall enter some container */
+ m = strchr(host, ':');
+ if (m) {
+ m++;
+
+ /* Let's make sure this is not a port of some kind,
+ * and is a valid machine name. */
+ if (!in_charset(m, "0123456789") && machine_name_is_valid(m)) {
+ char *t;
+
+ /* Cut out the host part */
+ t = strndupa(host, m - host - 1);
+ e = bus_address_escape(t);
+ if (!e)
+ return -ENOMEM;
+
+ c = strappenda(",argv4=--machine=", m);
+ }
+ }
+
+ if (!e) {
+ e = bus_address_escape(host);
+ if (!e)
+ return -ENOMEM;
+ }
- b->address = strjoin("unixexec:path=ssh,argv1=-xT,argv2=", e, ",argv3=systemd-stdio-bridge", NULL);
+ b->address = strjoin("unixexec:path=ssh,argv1=-xT,argv2=", e, ",argv3=systemd-stdio-bridge", c, NULL);
if (!b->address)
return -ENOMEM;