summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile.am2
-rw-r--r--src/fsck/fsck.c71
-rw-r--r--src/libsystemd-bus/bus-util.c74
-rw-r--r--src/libsystemd-bus/bus-util.h2
4 files changed, 101 insertions, 48 deletions
diff --git a/Makefile.am b/Makefile.am
index b337f4f09b..d2ed1dc1d4 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1668,7 +1668,7 @@ systemd_fsck_CFLAGS = \
systemd_fsck_LDADD = \
libsystemd-shared.la \
- libsystemd-dbus.la \
+ libsystemd-bus.la \
libudev.la
# ------------------------------------------------------------------------------
diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c
index 96a79ddcdb..5c21c7e41f 100644
--- a/src/fsck/fsck.c
+++ b/src/fsck/fsck.c
@@ -27,15 +27,16 @@
#include <fcntl.h>
#include <sys/file.h>
-#include <dbus/dbus.h>
+#include "sd-bus.h"
+#include "libudev.h"
#include "util.h"
-#include "dbus-common.h"
#include "special.h"
+#include "bus-util.h"
+#include "bus-error.h"
#include "bus-errors.h"
#include "virt.h"
#include "fileio.h"
-#include "libudev.h"
#include "udev-util.h"
static bool arg_skip = false;
@@ -43,62 +44,38 @@ static bool arg_force = false;
static bool arg_show_progress = false;
static void start_target(const char *target) {
- DBusMessage *m = NULL, *reply = NULL;
- DBusError error;
- const char *mode = "replace", *basic_target = "basic.target";
- DBusConnection *bus = NULL;
+ _cleanup_bus_unref_ sd_bus *bus = NULL;
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
+ int r;
assert(target);
- dbus_error_init(&error);
-
- if (bus_connect(DBUS_BUS_SYSTEM, &bus, NULL, &error) < 0) {
- log_error("Failed to get D-Bus connection: %s", bus_error_message(&error));
- goto finish;
+ r = bus_connect_system(&bus);
+ if (r < 0) {
+ log_error("Failed to get D-Bus connection: %s", strerror(-r));
+ return;
}
- log_info("Running request %s/start/%s", target, mode);
-
- if (!(m = dbus_message_new_method_call("org.freedesktop.systemd1", "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", "StartUnitReplace"))) {
- log_error("Could not allocate message.");
- goto finish;
- }
+ log_info("Running request %s/start/replace", target);
/* Start these units only if we can replace base.target with it */
-
- if (!dbus_message_append_args(m,
- DBUS_TYPE_STRING, &basic_target,
- DBUS_TYPE_STRING, &target,
- DBUS_TYPE_STRING, &mode,
- DBUS_TYPE_INVALID)) {
- log_error("Could not attach target and flag information to message.");
- goto finish;
- }
-
- if (!(reply = dbus_connection_send_with_reply_and_block(bus, m, -1, &error))) {
+ r = sd_bus_call_method(bus,
+ "org.freedesktop.systemd1",
+ "/org/freedesktop/systemd1",
+ "org.freedesktop.systemd1.Manager",
+ "StartUnitReplace",
+ &error,
+ NULL,
+ "sss", "basic.target", target, "replace");
+ if (r < 0) {
/* Don't print a warning if we aren't called during
* startup */
- if (!dbus_error_has_name(&error, BUS_ERROR_NO_SUCH_JOB))
- log_error("Failed to start unit: %s", bus_error_message(&error));
-
- goto finish;
- }
-
-finish:
- if (m)
- dbus_message_unref(m);
-
- if (reply)
- dbus_message_unref(reply);
-
- if (bus) {
- dbus_connection_flush(bus);
- dbus_connection_close(bus);
- dbus_connection_unref(bus);
+ if (!sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_JOB))
+ log_error("Failed to start unit: %s", bus_error_message(&error, -r));
}
- dbus_error_free(&error);
+ return;
}
static int parse_proc_cmdline(void) {
diff --git a/src/libsystemd-bus/bus-util.c b/src/libsystemd-bus/bus-util.c
index b77ae91681..0046b486cf 100644
--- a/src/libsystemd-bus/bus-util.c
+++ b/src/libsystemd-bus/bus-util.c
@@ -19,6 +19,8 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include <sys/socket.h>
+
#include "sd-event.h"
#include "sd-bus.h"
@@ -376,3 +378,75 @@ void bus_verify_polkit_async_registry_free(sd_bus *bus, Hashmap *registry) {
hashmap_free(registry);
#endif
}
+
+static int bus_check_peercred(sd_bus *c) {
+ int fd;
+ struct ucred ucred;
+ socklen_t l;
+
+ assert(c);
+
+ fd = sd_bus_get_fd(c);
+
+ assert(fd >= 0);
+
+ l = sizeof(struct ucred);
+ if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0) {
+ log_error("SO_PEERCRED failed: %m");
+ return -errno;
+ }
+
+ if (l != sizeof(struct ucred)) {
+ log_error("SO_PEERCRED returned wrong size.");
+ return -E2BIG;
+ }
+
+ if (ucred.uid != 0 && ucred.uid != geteuid())
+ return -EPERM;
+
+ return 1;
+}
+
+int bus_connect_system(sd_bus **_bus) {
+ sd_bus *bus = NULL;
+ int r;
+ bool private = true;
+
+ assert(_bus);
+
+ if (geteuid() == 0) {
+ /* If we are root, then let's talk directly to the
+ * system instance, instead of going via the bus */
+
+ r = sd_bus_new(&bus);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_set_address(bus, "unix:path=/run/systemd/private");
+ if (r < 0)
+ return r;
+
+ r = sd_bus_start(bus);
+ if (r < 0)
+ return r;
+
+ } else {
+ r = sd_bus_open_system(&bus);
+ if (r < 0)
+ return r;
+
+ private = false;
+ }
+
+ if (private) {
+ r = bus_check_peercred(bus);
+ if (r < 0) {
+ sd_bus_unref(bus);
+
+ return -EACCES;
+ }
+ }
+
+ *_bus = bus;
+ return 0;
+}
diff --git a/src/libsystemd-bus/bus-util.h b/src/libsystemd-bus/bus-util.h
index 354183f690..9b270c8212 100644
--- a/src/libsystemd-bus/bus-util.h
+++ b/src/libsystemd-bus/bus-util.h
@@ -37,6 +37,8 @@ int bus_verify_polkit(sd_bus *bus, sd_bus_message *m, const char *action, bool i
int bus_verify_polkit_async(sd_bus *bus, Hashmap **registry, sd_bus_message *m, const char *action, bool interactive, sd_bus_error *error, sd_bus_message_handler_t callback, void *userdata);
void bus_verify_polkit_async_registry_free(sd_bus *bus, Hashmap *registry);
+int bus_connect_system(sd_bus **_bus);
+
DEFINE_TRIVIAL_CLEANUP_FUNC(sd_bus*, sd_bus_unref);
DEFINE_TRIVIAL_CLEANUP_FUNC(sd_bus_message*, sd_bus_message_unref);