summaryrefslogtreecommitdiff
path: root/src/bus-proxyd
diff options
context:
space:
mode:
Diffstat (limited to 'src/bus-proxyd')
-rw-r--r--src/bus-proxyd/bus-proxyd.c17
-rw-r--r--src/bus-proxyd/bus-xml-policy.c2
-rw-r--r--src/bus-proxyd/bus-xml-policy.h2
-rw-r--r--src/bus-proxyd/driver.c103
-rw-r--r--src/bus-proxyd/proxy.c27
-rw-r--r--src/bus-proxyd/proxy.h3
-rw-r--r--src/bus-proxyd/stdio-bridge.c15
-rw-r--r--src/bus-proxyd/synthesize.c10
-rw-r--r--src/bus-proxyd/synthesize.h2
-rw-r--r--src/bus-proxyd/test-bus-xml-policy.c13
10 files changed, 113 insertions, 81 deletions
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index b6b0056362..3e398b53e9 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -23,13 +23,9 @@
***/
#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/types.h>
-#include <fcntl.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
-#include <poll.h>
#include <sys/prctl.h>
#include <stddef.h>
#include <getopt.h>
@@ -37,24 +33,15 @@
#include "log.h"
#include "util.h"
-#include "hashmap.h"
-#include "socket-util.h"
#include "sd-daemon.h"
-#include "sd-bus.h"
#include "bus-internal.h"
-#include "bus-message.h"
-#include "bus-util.h"
#include "build.h"
#include "strv.h"
#include "def.h"
#include "capability.h"
-#include "bus-control.h"
-#include "smack-util.h"
-#include "set.h"
#include "bus-xml-policy.h"
-#include "driver.h"
#include "proxy.h"
-#include "synthesize.h"
+#include "formats-util.h"
static char *arg_address = NULL;
static char **arg_configuration = NULL;
@@ -82,7 +69,7 @@ static int client_context_new(ClientContext **out) {
c = new0(ClientContext, 1);
if (!c)
- return log_oom();
+ return -ENOMEM;
c->fd = -1;
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c
index f6ac0c0093..675d24485e 100644
--- a/src/bus-proxyd/bus-xml-policy.c
+++ b/src/bus-proxyd/bus-xml-policy.c
@@ -25,9 +25,9 @@
#include "set.h"
#include "conf-files.h"
#include "bus-internal.h"
-#include "bus-message.h"
#include "bus-xml-policy.h"
#include "sd-login.h"
+#include "formats-util.h"
static void policy_item_free(PolicyItem *i) {
assert(i);
diff --git a/src/bus-proxyd/bus-xml-policy.h b/src/bus-proxyd/bus-xml-policy.h
index f2ec1bbea4..8f0ab8f17f 100644
--- a/src/bus-proxyd/bus-xml-policy.h
+++ b/src/bus-proxyd/bus-xml-policy.h
@@ -21,12 +21,10 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <inttypes.h>
#include <pthread.h>
#include "list.h"
#include "hashmap.h"
-#include "set.h"
typedef enum PolicyItemType {
_POLICY_ITEM_TYPE_UNSET = 0,
diff --git a/src/bus-proxyd/driver.c b/src/bus-proxyd/driver.c
index bc2c0c86f3..4ac955da41 100644
--- a/src/bus-proxyd/driver.c
+++ b/src/bus-proxyd/driver.c
@@ -21,23 +21,16 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <sys/types.h>
-#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <stddef.h>
-#include "log.h"
#include "util.h"
#include "sd-bus.h"
#include "bus-internal.h"
#include "bus-message.h"
#include "bus-util.h"
-#include "build.h"
#include "strv.h"
-#include "def.h"
-#include "capability.h"
-#include "bus-control.h"
#include "set.h"
#include "driver.h"
#include "synthesize.h"
@@ -56,9 +49,6 @@ static int get_creds_by_name(sd_bus *bus, const char *name, uint64_t mask, sd_bu
if (r < 0)
return r;
- if ((c->mask & mask) != mask)
- return -ENOTSUP;
-
*_creds = c;
c = NULL;
@@ -116,6 +106,10 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli
" <method name=\"RemoveMatch\">\n"
" <arg type=\"s\" direction=\"in\"/>\n"
" </method>\n"
+ " <method name=\"GetConnectionCredentials\">\n"
+ " <arg type=\"s\" direction=\"in\"/>\n"
+ " <arg type=\"a{sv}\" direction=\"out\"/>\n"
+ " </method>\n"
" <method name=\"GetConnectionSELinuxSecurityContext\">\n"
" <arg type=\"s\" direction=\"in\"/>\n"
" <arg type=\"ay\" direction=\"out\"/>\n"
@@ -219,7 +213,74 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli
return synthetic_reply_method_return(m, NULL);
+ } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionCredentials")) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+ _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
+
+ if (!sd_bus_message_has_signature(m, "s"))
+ return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters"));
+
+ r = get_creds_by_message(a, m, SD_BUS_CREDS_PID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SELINUX_CONTEXT, &creds, &error);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, &error);
+
+ r = sd_bus_message_new_method_return(m, &reply);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_open_container(reply, 'a', "{sv}");
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ /* Due to i.e. namespace translations some data might be missing */
+
+ if (creds->mask & SD_BUS_CREDS_PID) {
+ r = sd_bus_message_append(reply, "{sv}", "ProcessID", "u", (uint32_t) creds->pid);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+ }
+
+ if (creds->mask & SD_BUS_CREDS_EUID) {
+ r = sd_bus_message_append(reply, "{sv}", "UnixUserID", "u", (uint32_t) creds->euid);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+ }
+
+ if (creds->mask & SD_BUS_CREDS_SELINUX_CONTEXT) {
+ r = sd_bus_message_open_container(reply, 'e', "sv");
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_append(reply, "s", "LinuxSecurityLabel");
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_open_container(reply, 'v', "ay");
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_append_array(reply, 'y', creds->label, strlen(creds->label));
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_close_container(reply);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_close_container(reply);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+ }
+
+ r = sd_bus_message_close_container(reply);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ return synthetic_driver_send(m->bus, reply);
+
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionSELinuxSecurityContext")) {
+ _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
_cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
@@ -230,7 +291,18 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli
if (r < 0)
return synthetic_reply_method_errno(m, r, &error);
- return synthetic_reply_method_return(m, "y", creds->label, strlen(creds->label));
+ if (!(creds->mask & SD_BUS_CREDS_SELINUX_CONTEXT))
+ return synthetic_reply_method_errno(m, -EOPNOTSUPP, NULL);
+
+ r = sd_bus_message_new_method_return(m, &reply);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_append_array(reply, 'y', creds->label, strlen(creds->label));
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ return synthetic_driver_send(m->bus, reply);
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionUnixProcessID")) {
_cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
@@ -243,6 +315,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli
if (r < 0)
return synthetic_reply_method_errno(m, r, &error);
+ if (!(creds->mask & SD_BUS_CREDS_PID))
+ return synthetic_reply_method_errno(m, -EOPNOTSUPP, NULL);
+
return synthetic_reply_method_return(m, "u", (uint32_t) creds->pid);
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionUnixUser")) {
@@ -256,6 +331,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli
if (r < 0)
return synthetic_reply_method_errno(m, r, &error);
+ if (!(creds->mask & SD_BUS_CREDS_EUID))
+ return synthetic_reply_method_errno(m, -EOPNOTSUPP, NULL);
+
return synthetic_reply_method_return(m, "u", (uint32_t) creds->euid);
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetId")) {
@@ -290,6 +368,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli
if (r < 0)
return synthetic_reply_method_errno(m, r, &error);
+ if (!(creds->mask & SD_BUS_CREDS_UNIQUE_NAME))
+ return synthetic_reply_method_errno(m, -EOPNOTSUPP, NULL);
+
return synthetic_reply_method_return(m, "s", creds->unique_name);
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ListActivatableNames")) {
diff --git a/src/bus-proxyd/proxy.c b/src/bus-proxyd/proxy.c
index 3dea908f5b..aa5010c1ac 100644
--- a/src/bus-proxyd/proxy.c
+++ b/src/bus-proxyd/proxy.c
@@ -23,35 +23,26 @@
***/
#include <sys/socket.h>
-#include <sys/un.h>
#include <sys/types.h>
-#include <fcntl.h>
-#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <poll.h>
-#include <stddef.h>
-#include <getopt.h>
#include "log.h"
#include "util.h"
-#include "socket-util.h"
#include "sd-daemon.h"
#include "sd-bus.h"
#include "bus-internal.h"
#include "bus-message.h"
#include "bus-util.h"
-#include "build.h"
#include "strv.h"
-#include "def.h"
-#include "capability.h"
#include "bus-control.h"
-#include "smack-util.h"
#include "set.h"
#include "bus-xml-policy.h"
#include "driver.h"
#include "proxy.h"
#include "synthesize.h"
+#include "formats-util.h"
static int proxy_create_destination(Proxy *p, const char *destination, const char *local_sec, bool negotiate_fds) {
_cleanup_bus_close_unref_ sd_bus *b = NULL;
@@ -729,13 +720,21 @@ static int proxy_process_destination_to_local(Proxy *p) {
/* Return the error to the client, if we can */
synthetic_reply_method_errnof(m, r, "Failed to forward message we got from destination: %m");
- log_error_errno(r,
- "Failed to forward message we got from destination: uid=" UID_FMT " gid=" GID_FMT" message=%s destination=%s path=%s interface=%s member=%s: %m",
- p->local_creds.uid, p->local_creds.gid, bus_message_type_to_string(m->header->type),
- strna(m->destination), strna(m->path), strna(m->interface), strna(m->member));
+ if (r == -ENOBUFS) {
+ /* if local dbus1 peer does not dispatch its queue, warn only once */
+ if (!p->queue_overflow)
+ log_error("Dropped messages due to queue overflow of local peer (pid: "PID_FMT" uid: "UID_FMT")", p->local_creds.pid, p->local_creds.uid);
+ p->queue_overflow = true;
+ } else
+ log_error_errno(r,
+ "Failed to forward message we got from destination: uid=" UID_FMT " gid=" GID_FMT" message=%s destination=%s path=%s interface=%s member=%s: %m",
+ p->local_creds.uid, p->local_creds.gid, bus_message_type_to_string(m->header->type),
+ strna(m->destination), strna(m->path), strna(m->interface), strna(m->member));
+
return 1;
}
+ p->queue_overflow = false;
return 1;
}
diff --git a/src/bus-proxyd/proxy.h b/src/bus-proxyd/proxy.h
index 913d47071b..ff278a2465 100644
--- a/src/bus-proxyd/proxy.h
+++ b/src/bus-proxyd/proxy.h
@@ -21,10 +21,8 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <stdlib.h>
#include "sd-bus.h"
#include "bus-xml-policy.h"
-#include "util.h"
typedef struct Proxy Proxy;
@@ -40,6 +38,7 @@ struct Proxy {
SharedPolicy *policy;
bool got_hello : 1;
+ bool queue_overflow : 1;
};
int proxy_new(Proxy **out, int in_fd, int out_fd, const char *dest);
diff --git a/src/bus-proxyd/stdio-bridge.c b/src/bus-proxyd/stdio-bridge.c
index 9fb3e9fc49..61bc08ae33 100644
--- a/src/bus-proxyd/stdio-bridge.c
+++ b/src/bus-proxyd/stdio-bridge.c
@@ -21,36 +21,23 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/types.h>
-#include <fcntl.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
-#include <poll.h>
#include <stddef.h>
#include <getopt.h>
#include "log.h"
#include "util.h"
-#include "socket-util.h"
#include "sd-daemon.h"
#include "sd-bus.h"
#include "bus-internal.h"
-#include "bus-message.h"
#include "bus-util.h"
#include "build.h"
#include "strv.h"
#include "def.h"
-#include "capability.h"
-#include "bus-control.h"
-#include "smack-util.h"
-#include "set.h"
-#include "bus-xml-policy.h"
-#include "driver.h"
#include "proxy.h"
-#include "synthesize.h"
+#include "formats-util.h"
static char *arg_address = NULL;
static char *arg_command_line_buffer = NULL;
diff --git a/src/bus-proxyd/synthesize.c b/src/bus-proxyd/synthesize.c
index e1b0fd3535..67bcc7a242 100644
--- a/src/bus-proxyd/synthesize.c
+++ b/src/bus-proxyd/synthesize.c
@@ -21,24 +21,16 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <sys/types.h>
-#include <unistd.h>
-#include <string.h>
-#include <errno.h>
#include <stddef.h>
-#include "log.h"
#include "util.h"
#include "sd-bus.h"
#include "bus-internal.h"
#include "bus-message.h"
#include "bus-util.h"
-#include "strv.h"
-#include "def.h"
-#include "bus-control.h"
#include "synthesize.h"
-static int synthetic_driver_send(sd_bus *b, sd_bus_message *m) {
+int synthetic_driver_send(sd_bus *b, sd_bus_message *m) {
int r;
assert(b);
diff --git a/src/bus-proxyd/synthesize.h b/src/bus-proxyd/synthesize.h
index a55f171cb2..e850350bc5 100644
--- a/src/bus-proxyd/synthesize.h
+++ b/src/bus-proxyd/synthesize.h
@@ -23,6 +23,8 @@
#include "sd-bus.h"
+int synthetic_driver_send(sd_bus *b, sd_bus_message *m);
+
int synthetic_reply_method_return(sd_bus_message *call, const char *types, ...);
int synthetic_reply_method_return_strv(sd_bus_message *call, char **l);
diff --git a/src/bus-proxyd/test-bus-xml-policy.c b/src/bus-proxyd/test-bus-xml-policy.c
index 421487e038..d19d0e1b60 100644
--- a/src/bus-proxyd/test-bus-xml-policy.c
+++ b/src/bus-proxyd/test-bus-xml-policy.c
@@ -19,27 +19,14 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/types.h>
-#include <fcntl.h>
#include <unistd.h>
-#include <string.h>
#include <errno.h>
-#include <poll.h>
#include <stddef.h>
-#include <getopt.h>
#include "log.h"
#include "util.h"
#include "sd-bus.h"
-#include "bus-internal.h"
-#include "bus-message.h"
-#include "bus-util.h"
-#include "build.h"
#include "strv.h"
-#include "def.h"
-#include "capability.h"
#include "bus-xml-policy.h"
static int test_policy_load(Policy *p, const char *name) {
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-01-17 21:58:36 +0000