summaryrefslogtreecommitdiff
path: root/src/libsystemd/sd-bus/bus-util.c
AgeCommit message (Collapse)Author
2015-04-21sd-bus: when augmenting creds, remember which ones were augmentedLennart Poettering
Also, when we do permissions checks using creds, verify that we don't do so based on augmented creds, as extra safety check.
2015-04-12bus-util: add articles to explanation messagesZbigniew Jędrzejewski-Szmek
We are talking about one member of a group of things (resource limits, signals, timeouts), without specifying which one. An indenfinite article is in order. When we are talking about the control process, it's a specific one, so the definite article is used.
2015-04-11bus: implement bus_path_{en,de}code_unique()David Herrmann
Whenever we provide a bus API that allows clients to create and manage server-side objects, we need to provide a unique name for these objects. There are two ways to provide them: 1) Let the server choose a name and return it as method reply. 2) Let the client pass its name of choice in the method arguments. The first method is the easiest one to implement. However, it suffers from a race condition: If a client creates an object asynchronously, it cannot destroy that object until it received the method reply. It cannot know the name of the new object, thus, it cannot destroy it. Furthermore, this method enforces a round-trip. If the client _depends_ on the method call to succeed (eg., it would close() the connection if it failed), the client usually has no reason to wait for the method reply. Instead, the client can immediately schedule further method calls on the newly created object (in case the API guarantees in-order method-call handling). The second method fixes both problems: The client passes an object name with the method-call. The server uses it to create the object. Therefore, the client can schedule object destruction even if the object-creation hasn't finished, yet (again, requiring in-order method-call handling). Furthermore, the client can schedule further method calls on the newly created object, before the constructor returned. There're two problems to solve, though: 1) Object names are usually defined via dbus object paths, which are usually globally namespaced. Therefore, multiple clients must be able to choose unique object names without interference. 2) If multiple libraries share the same bus connection, they must be able to choose unique object names without interference. The first problem is solved easily by prefixing a name with the unique-bus-name of a connection. The server side must enforce this and reject any other name. The second problem is solved by providing unique suffixes from within sd-bus. As long as sd-bus always returns a fresh new ID, if requested, multiple libraries will never interfere. This implementation re-uses bus->cookie as ID generator, which already provides unique IDs for each bus connection. This patch introduces two new helpers: bus_path_encode_unique(sd_bus *bus, const char *prefix, const char *sender_id, const char *external_id, char **ret_path); This creates a new object-path via the template '/prefix/sender_id/external_id'. That is, it appends two new labels to the given prefix. If 'sender_id' is NULL, it will use bus->unique_name, if 'external_id' is NULL, it will allocate a fresh, unique cookie from bus->cookie. bus_path_decode_unique(const char *path, const char *prefix, char **ret_sender, char **ret_external); This reverses what bus_path_encode_unique() did. It parses 'path' from the template '/prefix/sender/external' and returns both suffix-labels in 'ret_sender' and 'ret_external'. In case the template does not match, 0 is returned and both output arguments are set to NULL. Otherwise, 1 is returned and the output arguments contain the decoded labels. Note: Client-side allocated IDs are inspired by the Wayland protocol (which itself was inspired by X11). Wayland uses those IDs heavily to avoid round-trips. Clients can create server-side objects and send method calls without any round-trip and waiting for any object IDs to be returned. But unlike Wayland, DBus uses gobally namespaced object names. Therefore, we have to add the extra step by adding the unique-name of the bus connection.
2015-04-10bus-util: be more verbose if dbus job failsMichal Sekletar
Users might have hard time figuring out why exactly their systemctl request failed. If dbus job fails try to figure out more details about failure by examining Result property of the service. https://bugzilla.redhat.com/show_bug.cgi?id=1016680
2015-04-09bus: use free_and_strdup()David Herrmann
Save some LOCs by replacing strdup()+error-handling+free+assign with free_and_strdup().
2015-04-09util: add shell_maybe_quote() call for preparing a string for shell cmdline ↵Lennart Poettering
inclusion If necessary the passed string is enclosed in "", and all special characters escapes. This also ports over usage in bus-util.c and job.c to use this, instead of a incorrect local implementation that forgets to properly escape.
2015-04-07polkit: rename bus_verify_polkit() to bus_test_polkit() and make it strictly ↵Lennart Poettering
non-interactive Interactive authorization should only happen asynchronously, hence disallow it in synchronous bus_verify_polkit(), and rename it to bus_test_polkit(). This way even if the bus message header asks for interactive authorization, we'll ask for non-interactive authorization which is actually the desired behaviour if CanSuspend, CanHibernate and friends, which call this function.
2015-03-13tree-wide: there is no ENOTSUP on linuxDavid Herrmann
Replace ENOTSUP by EOPNOTSUPP as this is what linux actually uses.
2015-03-07bus-util: remove stray errno assignmentZbigniew Jędrzejewski-Szmek
2015-02-18logind: open up most bus calls for unpriviliged processes, using PolicyKitLennart Poettering
Also, allow clients to alter their own objects without any further priviliges. i.e. this allows clients to kill and lock their own sessions without involving PK.
2015-02-13exit-on-idle: only exit if actually idleTom Gundersen
sd_event_wait() returning 0 usually means that it timed out, which means it must have been idle. However, sd_event_wait() may return 0 in case an event was triggered but it turned out there was nothing to do. Make the check for idle explicit to avoid this edge-case.
2015-02-03core: open up DefaultDependencies= property for transient unitsLennart Poettering
2015-01-07bus-util: fix error number output when waiting for jobLennart Poettering
2015-01-05systemctl: fix waiting for jobs when using direct connections to PID 1 for dbusLennart Poettering
2014-12-29machinectl: add "enable" and "disable" verbs for enabling/disabling ↵Lennart Poettering
systemd-nspawn for containers This is basically just a shortcut for "systemctl enable systemd-nspawn@<foobar>.service", but does escaping.
2014-12-29machinectl: add new "start" verb to start a container as a service in nspawnLennart Poettering
2014-12-25bus: remove spurious include of <sys/capability.h>Filipe Brandenburger
They do not use any functions from libcap directly. The CAP_SYS_ADMIN constant in use by bus-objects.c comes from <linux/capability.h> imported through "missing.h". The "missing.h" header is imported through "util.h" which gets imported in "bus-util.h". Tested that everything builds cleanly after this change.
2014-12-24sd-bus: rename sd_bus_open_system_container() to sd_bus_open_system_machine()Lennart Poettering
Pretty much everywhere else we use the generic term "machine" when referring to containers in API, so let's do though in sd-bus too. In particular, since the concept of a "container" exists in sd-bus too, but as part of the marshalling system.
2014-12-09run: introduce timer support optionWaLyong Cho
Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-11-28treewide: more log_*_errno + return simplificationsMichal Schmidt
2014-11-28sd-bus: rename default bus address constants, they aren't "paths" but ↵Lennart Poettering
"addresses"
2014-11-28treewide: no need to negate errno for log_*_errno()Michal Schmidt
It corrrectly handles both positive and negative errno values.
2014-11-28treewide: auto-convert the simple cases to log_*_errno()Michal Schmidt
As a followup to 086891e5c1 "log: add an "error" parameter to all low-level logging calls and intrdouce log_error_errno() as log calls that take error numbers", use sed to convert the simple cases to use the new macros: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/' Multi-line log_*() invocations are not covered. And we also should add log_unit_*_errno().
2014-11-10bus: when dumping string property values escape the chars we use as ↵Lennart Poettering
end-of-line and end-of-item marks
2014-10-28polkit: actually generate new InteractiveAuthorizationRequired error on the ↵Lennart Poettering
right occasions
2014-10-13bus: check allow-interactive-auhtorization flag when doing polkitLennart Poettering
2014-09-18bus: fix bus_print_property() to use "int" for booleansDavid Herrmann
We always use "int" if we retrieve boolean values from sd-bus, as "bool" is only a single byte, but full int on va-args. Thanks to Werner Fink for the report!
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-08-28bus: don't skip interfaces in bus_message_map_properties_changed()David Herrmann
Skipping interfaces randomly without the caller specifying it is nasty. Avoid this and let the caller do that themselves.
2014-08-27bus: split bus_map_all_properties into multiple helpersDavid Herrmann
The bus_map_all_properties() helper calls org.freedesktop.DBus.Properties.GetAll() on a given target and parses the result according to a given property-table. This simplifies dealing with DBus.Properties significantly. However, the function is blocking and thus not really useful in many situations. This patch extracts the core of this function and adds two new helpers which directly take dbus-messages as arguments. This way, you can issue asynchronous requests and parse the result via these helpers: bus_message_map_all_properties(): This is the same as bus_map_all_properties() but takes the result message from a GetAll() request as argument. You can thus issue an asynchronous GetAll() request and then use this helper once you got the result. bus_message_map_properties_changed(): This function takes a signal-message that was retrieved via a PropertiesChanged signal and then parses it like if you retrieved it via GetAll(). Furthermore, this function returns the number of matched properties that got invalidated by the PropertiesChanged signal, but didn't carry the new value. This way, the caller can issue a new GetAll() request and then parse the result. The old function bus_map_all_properties() is functionally unchanged, but now uses bus_message_map_all_properties() internally.
2014-08-21bus: when terminating our bus-actviated services that exit-on-idle send ↵Lennart Poettering
STOPPING=1 via sd_notify() This should fix a race where a service thatis idle drops its name, and is immediately requested by another client, which causes dbus-daemon to ask systemd to activate it again, but since systemd still assumes it is running it won't do anything.
2014-08-19remove unused variablesThomas Hindoe Paaboel Andersen
2014-08-18bus-util: simplify bus_verify_polkit_async() a bitLennart Poettering
First, let's drop the "bus" argument, we can determine it from the message anyway. Secondly, determine the right callback/userdata pair automatically from what is currently is being dispatched. This should simplify things a lot for us, since it makes it unnecessary to pass pointers through the original handlers through all functions when we process messages, which might require authentication.
2014-08-15Merge commit 'b39a2770ba55637da80e2e389222c59dbea73507'Lennart Poettering
2014-08-15sd-bus: add API to check if a client has privilegesLennart Poettering
This is a generalization of the vtable privilege check we already have, but exported, and hence useful when preparing for a polkit change. This will deal with the complexity that on dbus1 one cannot trust the capability field we retrieve via the bus, since it is read via /proc/$$/stat (and thus might be out-of-date) rather than directly from the message (like on kdbus) or bus connection (as for uid creds on dbus1). Also, port over all code to this new API.
2014-08-15sd-bus: Remove bus arg from bus_verify_polkit_async_registry_free()Stef Walter
It's unneccessary, not used, and complicates callers of the function.
2014-08-12networkd: add minimal client tool "networkd" to query network statusLennart Poettering
In the long run this should become a full fledged client to networkd (but not before networkd learns bus support). For now, just pull interesting data out of networkd, udev, and rtnl and present it to the user, in a simple but useful output.
2014-07-29time-util: add and use USEC/NSEC_INFINIYKay Sievers
2014-06-05bus: make use of sd_bus_try_close() in exit-on-idle servicesLennart Poettering
2014-05-24timedated: refuse manual system time updates when automatic timesync is enabledKay Sievers
2014-05-22cgroups: simplify CPUQuota= logicLennart Poettering
Only accept cpu quota values in percentages, get rid of period definition. It's not clear whether the CFS period controllable per-cgroup even has a future in the kernel, hence let's simplify all this, hardcode the period to 100ms and only accept percentage based quota values.
2014-05-15Remove unnecessary casts in printfsZbigniew Jędrzejewski-Szmek
No functional change expected :)
2014-05-15sd-bus: introduce sd_bus_slot objects encapsulating callbacks or vtables ↵Lennart Poettering
attached to a bus connection This makes callback behaviour more like sd-event or sd-resolve, and creates proper object for unregistering callbacks. Taking the refernce to the slot is optional. If not taken life time of the slot will be bound to the underlying bus object (or in the case of an async call until the reply has been recieved).
2014-04-25core: expose CFS CPU time quota as high-level unit propertiesLennart Poettering
2014-03-17systemctl: introduce -r switch to show units running in local containers in ↵Lennart Poettering
addition to the host
2014-03-05systemd-run: support all currently exported properties with -pLennart Poettering
2014-03-05core: make the LimitXYZ= properties settable for transient service unitsLennart Poettering
2014-03-05systemd-run: add new --property= switch that can set arbitrary properties ↵Lennart Poettering
for the unit that is created The code for parsing these properties is shared with "systemctl set-property", which means all the resource control settings are immediately available.
2014-02-20api: in constructor function calls, always put the returned object pointer ↵Lennart Poettering
first (or second) Previously the returned object of constructor functions where sometimes returned as last, sometimes as first and sometimes as second parameter. Let's clean this up a bit. Here are the new rules: 1. The object the new object is derived from is put first, if there is any 2. The object we are creating will be returned in the next arguments 3. This is followed by any additional arguments Rationale: For functions that operate on an object we always put that object first. Constructors should probably not be too different in this regard. Also, if the additional parameters might want to use varargs which suggests to put them last. Note that this new scheme only applies to constructor functions, not to all other functions. We do give a lot of freedom for those. Note that this commit only changes the order of the new functions we added, for old ones we accept the wrong order and leave it like that.
2014-02-20sd-bus: the bus returned should be the first argJason A. Donenfeld
This matches the API of previous headers, such as sd-journal.h.