diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-02-18 12:55:25 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-02-18 12:55:25 +0100 |
commit | c529695e7a30b300fdaa61ace4a8a4ed0e94ad1c (patch) | |
tree | b8613d0df12627f161c4be274378329bea2e72fc /src/login | |
parent | 2723b3b51d409340558e46e37e90525d4f880fe1 (diff) |
logind: open up most bus calls for unpriviliged processes, using PolicyKit
Also, allow clients to alter their own objects without any further
priviliges. i.e. this allows clients to kill and lock their own sessions
without involving PK.
Diffstat (limited to 'src/login')
-rw-r--r-- | src/login/loginctl.c | 16 | ||||
-rw-r--r-- | src/login/logind-dbus.c | 134 | ||||
-rw-r--r-- | src/login/logind-seat-dbus.c | 17 | ||||
-rw-r--r-- | src/login/logind-seat.h | 2 | ||||
-rw-r--r-- | src/login/logind-session-dbus.c | 59 | ||||
-rw-r--r-- | src/login/logind-session.h | 5 | ||||
-rw-r--r-- | src/login/logind-user-dbus.c | 34 | ||||
-rw-r--r-- | src/login/logind-user.h | 3 | ||||
-rw-r--r-- | src/login/org.freedesktop.login1.policy.in | 20 |
9 files changed, 188 insertions, 102 deletions
diff --git a/src/login/loginctl.c b/src/login/loginctl.c index b0eede9a34..13b8102483 100644 --- a/src/login/loginctl.c +++ b/src/login/loginctl.c @@ -869,7 +869,7 @@ static int activate(int argc, char *argv[], void *userdata) { for (i = 1; i < argc; i++) { - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -904,7 +904,7 @@ static int kill_session(int argc, char *argv[], void *userdata) { for (i = 1; i < argc; i++) { - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -954,7 +954,7 @@ static int enable_linger(int argc, char *argv[], void *userdata) { return log_error_errno(r, "Failed to look up user %s: %m", argv[i]); } - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -988,7 +988,7 @@ static int terminate_user(int argc, char *argv[], void *userdata) { if (r < 0) return log_error_errno(r, "Failed to look up user %s: %m", argv[i]); - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -1025,7 +1025,7 @@ static int kill_user(int argc, char *argv[], void *userdata) { if (r < 0) return log_error_errno(r, "Failed to look up user %s: %m", argv[i]); - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -1054,7 +1054,7 @@ static int attach(int argc, char *argv[], void *userdata) { for (i = 2; i < argc; i++) { - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -1082,7 +1082,7 @@ static int flush_devices(int argc, char *argv[], void *userdata) { polkit_agent_open_if_enabled(); - r = sd_bus_call_method ( + r = sd_bus_call_method( bus, "org.freedesktop.login1", "/org/freedesktop/login1", @@ -1375,6 +1375,8 @@ int main(int argc, char *argv[]) { goto finish; } + sd_bus_set_allow_interactive_authorization(bus, arg_ask_password); + r = loginctl_main(argc, argv, bus); finish: diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index 8b0bafd49e..5d61edbd46 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -854,11 +854,7 @@ static int method_activate_session(sd_bus *bus, sd_bus_message *message, void *u if (r < 0) return r; - r = session_activate(session); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_session_method_activate(bus, message, session, error); } static int method_activate_session_on_seat(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -915,11 +911,7 @@ static int method_lock_session(sd_bus *bus, sd_bus_message *message, void *userd if (r < 0) return r; - r = session_send_lock(session, streq(sd_bus_message_get_member(message), "LockSession")); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_session_method_lock(bus, message, session, error); } static int method_lock_sessions(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -930,6 +922,19 @@ static int method_lock_sessions(sd_bus *bus, sd_bus_message *message, void *user assert(message); assert(m); + r = bus_verify_polkit_async( + message, + CAP_SYS_ADMIN, + "org.freedesktop.login1.lock-sessions", + false, + UID_INVALID, + &m->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + r = session_send_lock_all(m, streq(sd_bus_message_get_member(message), "LockSessions")); if (r < 0) return r; @@ -938,47 +943,29 @@ static int method_lock_sessions(sd_bus *bus, sd_bus_message *message, void *user } static int method_kill_session(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { - const char *name, *swho; + const char *name; Manager *m = userdata; Session *session; - int32_t signo; - KillWho who; int r; assert(bus); assert(message); assert(m); - r = sd_bus_message_read(message, "ssi", &name, &swho, &signo); + r = sd_bus_message_read(message, "s", &name); if (r < 0) return r; - if (isempty(swho)) - who = KILL_ALL; - else { - who = kill_who_from_string(swho); - if (who < 0) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid kill parameter '%s'", swho); - } - - if (signo <= 0 || signo >= _NSIG) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid signal %i", signo); - r = manager_get_session_from_creds(m, message, name, error, &session); if (r < 0) return r; - r = session_kill(session, who, signo); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_session_method_kill(bus, message, session, error); } static int method_kill_user(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Manager *m = userdata; uint32_t uid; - int32_t signo; User *user; int r; @@ -986,22 +973,15 @@ static int method_kill_user(sd_bus *bus, sd_bus_message *message, void *userdata assert(message); assert(m); - r = sd_bus_message_read(message, "ui", &uid, &signo); + r = sd_bus_message_read(message, "u", &uid); if (r < 0) return r; - if (signo <= 0 || signo >= _NSIG) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid signal %i", signo); - r = manager_get_user_from_creds(m, message, uid, error, &user); if (r < 0) return r; - r = user_kill(user, signo); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_user_method_kill(bus, message, user, error); } static int method_terminate_session(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -1022,11 +1002,7 @@ static int method_terminate_session(sd_bus *bus, sd_bus_message *message, void * if (r < 0) return r; - r = session_stop(session, true); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_session_method_terminate(bus, message, session, error); } static int method_terminate_user(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -1047,11 +1023,7 @@ static int method_terminate_user(sd_bus *bus, sd_bus_message *message, void *use if (r < 0) return r; - r = user_stop(user, true); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_user_method_terminate(bus, message, user, error); } static int method_terminate_seat(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -1072,11 +1044,7 @@ static int method_terminate_seat(sd_bus *bus, sd_bus_message *message, void *use if (r < 0) return r; - r = seat_stop_sessions(seat, true); - if (r < 0) - return r; - - return sd_bus_reply_method_return(message, NULL); + return bus_seat_method_terminate(bus, message, seat, error); } static int method_set_user_linger(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { @@ -1119,6 +1087,7 @@ static int method_set_user_linger(sd_bus *bus, sd_bus_message *message, void *us CAP_SYS_ADMIN, "org.freedesktop.login1.set-user-linger", interactive, + UID_INVALID, &m->polkit_registry, error); if (r < 0) @@ -1291,6 +1260,7 @@ static int method_attach_device(sd_bus *bus, sd_bus_message *message, void *user CAP_SYS_ADMIN, "org.freedesktop.login1.attach-device", interactive, + UID_INVALID, &m->polkit_registry, error); if (r < 0) @@ -1322,6 +1292,7 @@ static int method_flush_devices(sd_bus *bus, sd_bus_message *message, void *user CAP_SYS_ADMIN, "org.freedesktop.login1.flush-devices", interactive, + UID_INVALID, &m->polkit_registry, error); if (r < 0) @@ -1619,7 +1590,7 @@ static int method_do_shutdown_or_sleep( blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL); if (multiple_sessions) { - r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_multiple_sessions, interactive, &m->polkit_registry, error); + r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_multiple_sessions, interactive, UID_INVALID, &m->polkit_registry, error); if (r < 0) return r; if (r == 0) @@ -1627,7 +1598,7 @@ static int method_do_shutdown_or_sleep( } if (blocked) { - r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_ignore_inhibit, interactive, &m->polkit_registry, error); + r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_ignore_inhibit, interactive, UID_INVALID, &m->polkit_registry, error); if (r < 0) return r; if (r == 0) @@ -1635,7 +1606,7 @@ static int method_do_shutdown_or_sleep( } if (!multiple_sessions && !blocked) { - r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action, interactive, &m->polkit_registry, error); + r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action, interactive, UID_INVALID, &m->polkit_registry, error); if (r < 0) return r; if (r == 0) @@ -1772,7 +1743,7 @@ static int method_can_shutdown_or_sleep( blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL); if (multiple_sessions) { - r = bus_verify_polkit(message, CAP_SYS_BOOT, action_multiple_sessions, false, &challenge, error); + r = bus_verify_polkit(message, CAP_SYS_BOOT, action_multiple_sessions, false, UID_INVALID, &challenge, error); if (r < 0) return r; @@ -1785,7 +1756,7 @@ static int method_can_shutdown_or_sleep( } if (blocked) { - r = bus_verify_polkit(message, CAP_SYS_BOOT, action_ignore_inhibit, false, &challenge, error); + r = bus_verify_polkit(message, CAP_SYS_BOOT, action_ignore_inhibit, false, UID_INVALID, &challenge, error); if (r < 0) return r; @@ -1801,7 +1772,7 @@ static int method_can_shutdown_or_sleep( /* If neither inhibit nor multiple sessions * apply then just check the normal policy */ - r = bus_verify_polkit(message, CAP_SYS_BOOT, action, false, &challenge, error); + r = bus_verify_polkit(message, CAP_SYS_BOOT, action, false, UID_INVALID, &challenge, error); if (r < 0) return r; @@ -1921,15 +1892,20 @@ static int method_inhibit(sd_bus *bus, sd_bus_message *message, void *userdata, if (m->action_what & w) return sd_bus_error_setf(error, BUS_ERROR_OPERATION_IN_PROGRESS, "The operation inhibition has been requested for is already running"); - r = bus_verify_polkit_async(message, CAP_SYS_BOOT, - w == INHIBIT_SHUTDOWN ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-shutdown" : "org.freedesktop.login1.inhibit-delay-shutdown") : - w == INHIBIT_SLEEP ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-sleep" : "org.freedesktop.login1.inhibit-delay-sleep") : - w == INHIBIT_IDLE ? "org.freedesktop.login1.inhibit-block-idle" : - w == INHIBIT_HANDLE_POWER_KEY ? "org.freedesktop.login1.inhibit-handle-power-key" : - w == INHIBIT_HANDLE_SUSPEND_KEY ? "org.freedesktop.login1.inhibit-handle-suspend-key" : - w == INHIBIT_HANDLE_HIBERNATE_KEY ? "org.freedesktop.login1.inhibit-handle-hibernate-key" : - "org.freedesktop.login1.inhibit-handle-lid-switch", - false, &m->polkit_registry, error); + r = bus_verify_polkit_async( + message, + CAP_SYS_BOOT, + w == INHIBIT_SHUTDOWN ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-shutdown" : "org.freedesktop.login1.inhibit-delay-shutdown") : + w == INHIBIT_SLEEP ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-sleep" : "org.freedesktop.login1.inhibit-delay-sleep") : + w == INHIBIT_IDLE ? "org.freedesktop.login1.inhibit-block-idle" : + w == INHIBIT_HANDLE_POWER_KEY ? "org.freedesktop.login1.inhibit-handle-power-key" : + w == INHIBIT_HANDLE_SUSPEND_KEY ? "org.freedesktop.login1.inhibit-handle-suspend-key" : + w == INHIBIT_HANDLE_HIBERNATE_KEY ? "org.freedesktop.login1.inhibit-handle-hibernate-key" : + "org.freedesktop.login1.inhibit-handle-lid-switch", + false, + UID_INVALID, + &m->polkit_registry, + error); if (r < 0) return r; if (r == 0) @@ -2025,15 +2001,15 @@ const sd_bus_vtable manager_vtable[] = { SD_BUS_METHOD("ReleaseSession", "s", NULL, method_release_session, 0), SD_BUS_METHOD("ActivateSession", "s", NULL, method_activate_session, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("ActivateSessionOnSeat", "ss", NULL, method_activate_session_on_seat, SD_BUS_VTABLE_UNPRIVILEGED), - SD_BUS_METHOD("LockSession", "s", NULL, method_lock_session, 0), - SD_BUS_METHOD("UnlockSession", "s", NULL, method_lock_session, 0), - SD_BUS_METHOD("LockSessions", NULL, NULL, method_lock_sessions, 0), - SD_BUS_METHOD("UnlockSessions", NULL, NULL, method_lock_sessions, 0), - SD_BUS_METHOD("KillSession", "ssi", NULL, method_kill_session, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), - SD_BUS_METHOD("KillUser", "ui", NULL, method_kill_user, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), - SD_BUS_METHOD("TerminateSession", "s", NULL, method_terminate_session, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), - SD_BUS_METHOD("TerminateUser", "u", NULL, method_terminate_user, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), - SD_BUS_METHOD("TerminateSeat", "s", NULL, method_terminate_seat, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), + SD_BUS_METHOD("LockSession", "s", NULL, method_lock_session, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("UnlockSession", "s", NULL, method_lock_session, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("LockSessions", NULL, NULL, method_lock_sessions, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("UnlockSessions", NULL, NULL, method_lock_sessions, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("KillSession", "ssi", NULL, method_kill_session, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("KillUser", "ui", NULL, method_kill_user, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("TerminateSession", "s", NULL, method_terminate_session, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("TerminateUser", "u", NULL, method_terminate_user, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("TerminateSeat", "s", NULL, method_terminate_seat, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("SetUserLinger", "ubb", NULL, method_set_user_linger, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("AttachDevice", "ssb", NULL, method_attach_device, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("FlushDevices", "b", NULL, method_flush_devices, SD_BUS_VTABLE_UNPRIVILEGED), diff --git a/src/login/logind-seat-dbus.c b/src/login/logind-seat-dbus.c index 50b0b8842f..f50ee8d759 100644 --- a/src/login/logind-seat-dbus.c +++ b/src/login/logind-seat-dbus.c @@ -193,7 +193,7 @@ static int property_get_idle_since_hint( return sd_bus_message_append(reply, "t", u); } -static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_seat_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Seat *s = userdata; int r; @@ -201,6 +201,19 @@ static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata assert(message); assert(s); + r = bus_verify_polkit_async( + message, + CAP_KILL, + "org.freedesktop.login1.manage", + false, + UID_INVALID, + &s->manager->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + r = seat_stop_sessions(s, true); if (r < 0) return r; @@ -302,7 +315,7 @@ const sd_bus_vtable seat_vtable[] = { SD_BUS_PROPERTY("IdleSinceHint", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), SD_BUS_PROPERTY("IdleSinceHintMonotonic", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), - SD_BUS_METHOD("Terminate", NULL, NULL, method_terminate, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), + SD_BUS_METHOD("Terminate", NULL, NULL, bus_seat_method_terminate, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("ActivateSession", "s", NULL, method_activate_session, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("SwitchTo", "u", NULL, method_switch_to, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("SwitchToNext", NULL, NULL, method_switch_to_next, SD_BUS_VTABLE_UNPRIVILEGED), diff --git a/src/login/logind-seat.h b/src/login/logind-seat.h index 9e469d41c6..15f11b85ab 100644 --- a/src/login/logind-seat.h +++ b/src/login/logind-seat.h @@ -96,3 +96,5 @@ char *seat_bus_path(Seat *s); int seat_send_signal(Seat *s, bool new_seat); int seat_send_changed(Seat *s, const char *properties, ...) _sentinel_; + +int bus_seat_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); diff --git a/src/login/logind-session-dbus.c b/src/login/logind-session-dbus.c index 4e7edef52d..b119c8321b 100644 --- a/src/login/logind-session-dbus.c +++ b/src/login/logind-session-dbus.c @@ -180,7 +180,7 @@ static int property_get_idle_since_hint( return sd_bus_message_append(reply, "t", u); } -static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_session_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Session *s = userdata; int r; @@ -188,6 +188,19 @@ static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata assert(message); assert(s); + r = bus_verify_polkit_async( + message, + CAP_KILL, + "org.freedesktop.login1.manage", + false, + s->user->uid, + &s->manager->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + r = session_stop(s, true); if (r < 0) return r; @@ -195,7 +208,7 @@ static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata return sd_bus_reply_method_return(message, NULL); } -static int method_activate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_session_method_activate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Session *s = userdata; int r; @@ -210,7 +223,7 @@ static int method_activate(sd_bus *bus, sd_bus_message *message, void *userdata, return sd_bus_reply_method_return(message, NULL); } -static int method_lock(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_session_method_lock(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Session *s = userdata; int r; @@ -218,7 +231,20 @@ static int method_lock(sd_bus *bus, sd_bus_message *message, void *userdata, sd_ assert(message); assert(s); - r = session_send_lock(s, streq(sd_bus_message_get_member(message), "Lock")); + r = bus_verify_polkit_async( + message, + CAP_SYS_ADMIN, + "org.freedesktop.login1.lock-sessions", + false, + s->user->uid, + &s->manager->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + + r = session_send_lock(s, strstr(sd_bus_message_get_member(message), "Lock")); if (r < 0) return r; @@ -255,7 +281,7 @@ static int method_set_idle_hint(sd_bus *bus, sd_bus_message *message, void *user return sd_bus_reply_method_return(message, NULL); } -static int method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_session_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { Session *s = userdata; const char *swho; int32_t signo; @@ -281,6 +307,19 @@ static int method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_ if (signo <= 0 || signo >= _NSIG) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid signal %i", signo); + r = bus_verify_polkit_async( + message, + CAP_KILL, + "org.freedesktop.login1.manage", + false, + s->user->uid, + &s->manager->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + r = session_kill(s, who, signo); if (r < 0) return r; @@ -456,12 +495,12 @@ const sd_bus_vtable session_vtable[] = { SD_BUS_PROPERTY("IdleSinceHint", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), SD_BUS_PROPERTY("IdleSinceHintMonotonic", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), - SD_BUS_METHOD("Terminate", NULL, NULL, method_terminate, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), - SD_BUS_METHOD("Activate", NULL, NULL, method_activate, SD_BUS_VTABLE_UNPRIVILEGED), - SD_BUS_METHOD("Lock", NULL, NULL, method_lock, 0), - SD_BUS_METHOD("Unlock", NULL, NULL, method_lock, 0), + SD_BUS_METHOD("Terminate", NULL, NULL, bus_session_method_terminate, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("Activate", NULL, NULL, bus_session_method_activate, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("Lock", NULL, NULL, bus_session_method_lock, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("Unlock", NULL, NULL, bus_session_method_lock, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("SetIdleHint", "b", NULL, method_set_idle_hint, SD_BUS_VTABLE_UNPRIVILEGED), - SD_BUS_METHOD("Kill", "si", NULL, method_kill, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), + SD_BUS_METHOD("Kill", "si", NULL, bus_session_method_kill, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("TakeControl", "b", NULL, method_take_control, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("ReleaseControl", NULL, NULL, method_release_control, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("TakeDevice", "uu", "hb", method_take_device, SD_BUS_VTABLE_UNPRIVILEGED), diff --git a/src/login/logind-session.h b/src/login/logind-session.h index a007fb5e84..3ec9d84f96 100644 --- a/src/login/logind-session.h +++ b/src/login/logind-session.h @@ -179,3 +179,8 @@ void session_leave_vt(Session *s); bool session_is_controller(Session *s, const char *sender); int session_set_controller(Session *s, const char *sender, bool force); void session_drop_controller(Session *s); + +int bus_session_method_activate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); +int bus_session_method_lock(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); +int bus_session_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); +int bus_session_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); diff --git a/src/login/logind-user-dbus.c b/src/login/logind-user-dbus.c index 5cfaac0d4f..f7af8ff9b2 100644 --- a/src/login/logind-user-dbus.c +++ b/src/login/logind-user-dbus.c @@ -171,7 +171,7 @@ static int property_get_linger( return sd_bus_message_append(reply, "b", r > 0); } -static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_user_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { User *u = userdata; int r; @@ -179,6 +179,19 @@ static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata assert(message); assert(u); + r = bus_verify_polkit_async( + message, + CAP_KILL, + "org.freedesktop.login1.manage", + false, + u->uid, + &u->manager->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + r = user_stop(u, true); if (r < 0) return r; @@ -186,7 +199,7 @@ static int method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata return sd_bus_reply_method_return(message, NULL); } -static int method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { +int bus_user_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { User *u = userdata; int32_t signo; int r; @@ -195,6 +208,19 @@ static int method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_ assert(message); assert(u); + r = bus_verify_polkit_async( + message, + CAP_KILL, + "org.freedesktop.login1.manage", + false, + u->uid, + &u->manager->polkit_registry, + error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Will call us back */ + r = sd_bus_message_read(message, "i", &signo); if (r < 0) return r; @@ -227,8 +253,8 @@ const sd_bus_vtable user_vtable[] = { SD_BUS_PROPERTY("IdleSinceHintMonotonic", "t", property_get_idle_since_hint, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), SD_BUS_PROPERTY("Linger", "b", property_get_linger, 0, 0), - SD_BUS_METHOD("Terminate", NULL, NULL, method_terminate, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), - SD_BUS_METHOD("Kill", "i", NULL, method_kill, SD_BUS_VTABLE_CAPABILITY(CAP_KILL)), + SD_BUS_METHOD("Terminate", NULL, NULL, bus_user_method_terminate, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("Kill", "i", NULL, bus_user_method_kill, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_VTABLE_END }; diff --git a/src/login/logind-user.h b/src/login/logind-user.h index 4e0568fea9..2cb57e1675 100644 --- a/src/login/logind-user.h +++ b/src/login/logind-user.h @@ -92,3 +92,6 @@ int user_send_changed(User *u, const char *properties, ...) _sentinel_; const char* user_state_to_string(UserState s) _const_; UserState user_state_from_string(const char *s) _pure_; + +int bus_user_method_terminate(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); +int bus_user_method_kill(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error); diff --git a/src/login/org.freedesktop.login1.policy.in b/src/login/org.freedesktop.login1.policy.in index 49094eeddb..35bb3907c6 100644 --- a/src/login/org.freedesktop.login1.policy.in +++ b/src/login/org.freedesktop.login1.policy.in @@ -270,4 +270,24 @@ <annotate key="org.freedesktop.policykit.imply">org.freedesktop.login1.hibernate</annotate> </action> + <action id="org.freedesktop.login1.manage"> + <_description>Manager active sessions, users and seats</_description> + <_message>Authentication is required for managing active sessions, users and seats.</_message> + <defaults> + <allow_any>auth_admin_keep</allow_any> + <allow_inactive>auth_admin_keep</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.login1.lock-sessions"> + <_description>Lock or unlock active sessions</_description> + <_message>Authentication is required for locking or unlocking active sessions.</_message> + <defaults> + <allow_any>auth_admin_keep</allow_any> + <allow_inactive>auth_admin_keep</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + </policyconfig> |