summaryrefslogtreecommitdiff
path: root/src/machine/machine-dbus.c
AgeCommit message (Collapse)Author
2015-08-04machined: Relax path checks for Copy{From,To}Richard Maw
Absolute paths should be sufficient to prevent funny business, and while path_is_safe() checks this, it also checks whether the path contains . or .. components, which while odd, aren't a security risk.
2015-07-08machine: remove unused variablesThomas Hindoe Paaboel Andersen
2015-07-08property callback returns are consistentUmut Tezduyar Lindskog
It is no different to return 0 over 1 in the property callback. It is confusing to return 1 which made me think 1 has a special purpose. This way code is consistent with the rest of the tree.
2015-06-17turn kdbus support into a runtime optionKay Sievers
./configure --enable/disable-kdbus can be used to set the default behavior regarding kdbus. If no kdbus kernel support is available, dbus-dameon will be used. With --enable-kdbus, the kernel command line option "kdbus=0" can be used to disable kdbus. With --disable-kdbus, the kernel command line option "kdbus=1" is required to enable kdbus support.
2015-06-17Stop talking about the "XDG" version of basename()Simon McVittie
XDG refers to X Desktop Group, a former name for freedesktop.org. This group is responsible for specifications like basedirs, .desktop files and icon naming, but as far as I know, it has never tried to redefine basename(). I think these references were meant to say XPG (X/Open Portability Guide), a precursor of POSIX. POSIX is better-known and less easily confused with XDG, and is how the basename(3) man page describes the libgen.h version of basename(). The other version of basename() is glibc-specific and is described in basename(3) as "the GNU version"; specifically mention that version, to disambiguate.
2015-04-29sd-bus: allow passing NULL as bus parameter to sd_bus_send()Lennart Poettering
If NULL is specified for the bus it is now automatically derived from the passed in message. This commit also changes a number of invocations of sd_bus_send() to make use of this.
2015-04-29sd-bus: drop bus parameter from message callback prototypeLennart Poettering
This should simplify the prototype a bit. The bus parameter is redundant in most cases, and in the few where it matters it can be derived from the message via sd_bus_message_get_bus().
2015-04-10shared: add process-util.[ch]Ronny Chevalier
2015-04-10shared: add formats-util.hRonny Chevalier
2015-03-07machine: do not rely on asprintf setting arg on errorZbigniew Jędrzejewski-Szmek
Strictly speaking, the output variable is undefined if asprintf fails. We use the return value not the arg everywhere, and should we do here.
2015-03-01machined: use x-machine-unix prefix for the container bus on dbus1Benjamin Franzke
This fixes "machinectl login" on systems configured with --disable-kdbus. The error was: machinectl login foo Failed to get machine PTY: Input/output error
2015-02-24machined: fix check if host directory could be openedThomas Hindoe Paaboel Andersen
CID#1271351
2015-02-23remove unused includesThomas Hindoe Paaboel Andersen
This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
2015-02-18logind: open up most bus calls for unpriviliged processes, using PolicyKitLennart Poettering
Also, allow clients to alter their own objects without any further priviliges. i.e. this allows clients to kill and lock their own sessions without involving PK.
2015-02-18machined: open up most of machined's commands to unprivileged clients via ↵Lennart Poettering
PolicyKit
2015-02-17machined: make "machinectl copy-to" and "machinectl copy-from" server side ↵Lennart Poettering
operations This way, any bus client can make use of these calls.
2015-02-17machined: various simplificationsLennart Poettering
2015-02-17machined: move logic for bind mounting into containers from machinectl to ↵Lennart Poettering
machined This extends the bus interface, adding BindMountMachine() for bind mounting directories from the host into the container.
2015-02-12Revert "tree-wide: Always use recvmsg with MSG_CMSG_CLOEXEC"Lennart Poettering
This reverts commit d6d810fbf8071f8510450dbacd1d083f37603656. It's apparently not OK to pass MSG_CMSG_CLOEXEC to recvmsg() of raw sockets.
2015-02-10tree-wide: Always use recvmsg with MSG_CMSG_CLOEXECCristian Rodríguez
2015-01-13machined: refuse certain operation on non-container machines, since they ↵Lennart Poettering
cannot work elsewhere
2015-01-05machined,bus-proxy: fix connecting to containersLennart Poettering
2014-12-28machined: Move image discovery logic into src/shared, so that we can make ↵Lennart Poettering
use of it from nspawn
2014-12-25machined: remove spurious include of <sys/capability.h>Filipe Brandenburger
They do not use any functions from libcap directly. The CAP_KILL constant in use by these files comes from <linux/capability.h> imported through "missing.h". Tested that "systemd-machined" builds cleanly and works after this change.
2014-12-23machined: introduce polkit for OpenLogin() callLennart Poettering
This way "machinectl login" can be opened up to run without privileges.
2014-12-23machined: add new call OpenMachineLogin() that starts a getty in a container ↵Lennart Poettering
on a pty and returns the pty master fd to the client This is a one-stop solution for "machinectl login", and should simplify getting logins in containers.
2014-12-23systemd-run: support -t mode when combined with -MLennart Poettering
For that, ask machined for a container PTY and use that.
2014-12-23machined: add OpenMachinePTY() bus call for allocating a PTY device within a ↵Lennart Poettering
container Then, port "machinectl" over to make use of it.
2014-12-19machined: add a full bus object for imagesLennart Poettering
2014-12-19machined/machinectl: add logic to show list of available imagesLennart Poettering
This adds a new bus call to machined that enumerates /var/lib/container and returns all trees stored in it, distuingishing three types: - GPT disk images, which are files suffixed with ".gpt" - directory trees - btrfs subvolumes
2014-12-12copy: use btrfs reflinking only whe we know we copy full filesLennart Poettering
2014-12-10sd-bus: move common errors src/shared/bus-errors.h → ↵Lennart Poettering
src/libsystemd/sd-bus/bus-common-errors.h Stuff in src/shared/ should not use stuff from src/libsystemd/ really.
2014-12-04rtnl: when querying local addresses and gateways, take address family into ↵Lennart Poettering
account
2014-08-12networkd: add minimal client tool "networkd" to query network statusLennart Poettering
In the long run this should become a full fledged client to networkd (but not before networkd learns bus support). For now, just pull interesting data out of networkd, udev, and rtnl and present it to the user, in a simple but useful output.
2014-07-18change type for address family to "int"Lennart Poettering
Let's settle on a single type for all address family values, even if UNIX is very inconsitent on the precise type otherwise. Given that socket() is the primary entrypoint for the sockets API, and that uses "int", and "int" is relatively simple and generic, we settle on "int" for this.
2014-07-18shared: rename PROTO_ADDRESS_SIZE() to FAMILY_ADDRESS_SIZE()Lennart Poettering
We mostly use "family" to refer to AF_INET, AF_INET6, etc, let's use this terminology here, too
2014-07-10machined: allow registering host-side network interfaces for communication ↵Lennart Poettering
with containers
2014-07-10machined: when querying addresses of a container, use same code as ↵Lennart Poettering
nss-myhostname uses
2014-07-10shared: split out in_addr related calls from socket-util.[ch] into its ↵Lennart Poettering
private in-addr-util.[ch] These are enough calls for a new file, and they are sufficiently different from the sockaddr-related calls, hence let's split this out.
2014-07-10machined: various modernizations when enumerating container addressesLennart Poettering
2014-07-03machinectl: show /etc/os-release information of container in status outputLennart Poettering
2014-05-18machined: add logic to query IP addresses of containersLennart Poettering
2014-05-15sd-bus: introduce sd_bus_slot objects encapsulating callbacks or vtables ↵Lennart Poettering
attached to a bus connection This makes callback behaviour more like sd-event or sd-resolve, and creates proper object for unregistering callbacks. Taking the refernce to the slot is optional. If not taken life time of the slot will be bound to the underlying bus object (or in the case of an async call until the reply has been recieved).
2014-03-11bus: replace sd_bus_label_{escape,unescape}() by new ↵Lennart Poettering
sd_bus_path_{encode,decode}() The new calls work similarly, but enforce a that a common, fixed bus path prefix is used. This follows discussions with Simon McVittie on IRC that it should be a good idea to make sure that people don't use the escaping applied here too wildly as anything other than the last label of a bus path.
2014-03-04Introduce strv_consume which takes ownershipZbigniew Jędrzejewski-Szmek
This mirrors set_consume and makes the common use a bit nicer.
2014-02-11machined: optionally, allow registration of pre-existing units (scopesLennart Poettering
or services) as machine with machined
2013-12-22bus: decorate the various object vtables with SD_BUS_VTABLE_PROPERTY_CONST ↵Lennart Poettering
where appropriate
2013-11-28bus: add new sd_bus_creds object to encapsulate process credentialsLennart Poettering
This way we can unify handling of credentials that are attached to messages, or can be queried for bus name owners or connection peers. This also adds the ability to extend incomplete credential information with data from /proc, Also, provide a convenience call that will automatically determine the most appropriate credential object for an incoming message, by using the the attached information if possible, the sending name information if available and otherwise the peer's credentials.
2013-11-22bus: also add error parameter to object find and enumerator callbacksLennart Poettering
Just in order to bring things inline with the method and property callbacks.
2013-11-21bus: rework message handlers to always take an error argumentLennart Poettering
Message handler callbacks can be simplified drastically if the dispatcher automatically replies to method calls if errors are returned. Thus: add an sd_bus_error argument to all message handlers. When we dispatch a message handler and it returns negative or a set sd_bus_error we send this as message error back to the client. This means errors returned by handlers by default are given back to clients instead of rippling all the way up to the event loop, which is desirable to make things robust. As a side-effect we can now easily turn the SELinux checks into normal function calls, since the method call dispatcher will generate the right error replies automatically now. Also, make sure we always pass the error structure to all property and method handlers as last argument to follow the usual style of passing variables for return values as last argument.