From 35e528018f315798d3bffcb592b32a0d8f5162bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Aug 2019 19:00:34 +0200 Subject: [PATCH 1/6] shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() https://bugzilla.redhat.com/show_bug.cgi?id=1746057 This only affects systemd-resolved. bus_open_system_watch_bind_with_description() is also used in timesyncd, but it has no methods, only read-only properties, and in networkd, but it annotates all methods with SD_BUS_VTABLE_UNPRIVILEGED and does polkit checks. --- src/shared/bus-util.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c index 6af115e7aa..821339d4ae 100644 --- a/src/shared/bus-util.c +++ b/src/shared/bus-util.c @@ -1705,10 +1705,6 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri if (r < 0) return r; - r = sd_bus_set_trusted(bus, true); - if (r < 0) - return r; - r = sd_bus_negotiate_creds(bus, true, SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS); if (r < 0) return r; From 11791cdeccd3e01f84dff614d344d4bda5d40a54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Aug 2019 17:34:39 +0200 Subject: [PATCH 2/6] test-bus-vtable: also print introspection for the fallback vtable This doesn't really test anything, it's just a trivial test that we get the expected output for a fallback vtable. --- src/libsystemd/sd-bus/test-bus-vtable.c | 26 ++++++++++++++++++++++-- src/libsystemd/sd-bus/test-vtable-data.h | 2 +- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/src/libsystemd/sd-bus/test-bus-vtable.c b/src/libsystemd/sd-bus/test-bus-vtable.c index d69ca6ac97..b6350027dd 100644 --- a/src/libsystemd/sd-bus/test-bus-vtable.c +++ b/src/libsystemd/sd-bus/test-bus-vtable.c @@ -19,9 +19,24 @@ #define DEFAULT_BUS_PATH "unix:path=/run/dbus/system_bus_socket" +static struct context c = {}; +static int happy_finder_object = 0; + +static int happy_finder(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) { + assert(userdata); + assert(userdata == &c); + +#ifndef __cplusplus + log_info("%s called", __func__); +#endif + + happy_finder_object++; + *found = &happy_finder_object; + return 1; /* found */ +} + static void test_vtable(void) { sd_bus *bus = NULL; - struct context c = {}; int r; assert(sd_bus_new(&bus) >= 0); @@ -32,16 +47,23 @@ static void test_vtable(void) { assert(sd_bus_add_object_vtable(bus, NULL, "/foo", "org.freedesktop.systemd.testVtable221", (const sd_bus_vtable *)vtable_format_221, &c) >= 0); + assert(sd_bus_add_fallback_vtable(bus, NULL, "/fallback", "org.freedesktop.systemd.testVtable2", test_vtable_2, happy_finder, &c) >= 0); + assert(sd_bus_set_address(bus, DEFAULT_BUS_PATH) >= 0); r = sd_bus_start(bus); assert(r == 0 || /* success */ r == -ENOENT /* dbus is inactive */ ); #ifndef __cplusplus - _cleanup_free_ char *s = NULL; + _cleanup_free_ char *s, *s2; assert_se(introspect_path(bus, "/foo", NULL, false, true, NULL, &s, NULL) == 1); fputs(s, stdout); + + assert_se(introspect_path(bus, "/fallback", NULL, false, true, NULL, &s2, NULL) == 1); + fputs(s2, stdout); + + assert_se(happy_finder_object == 1); #endif sd_bus_unref(bus); diff --git a/src/libsystemd/sd-bus/test-vtable-data.h b/src/libsystemd/sd-bus/test-vtable-data.h index 333dbd5b12..bc89893814 100644 --- a/src/libsystemd/sd-bus/test-vtable-data.h +++ b/src/libsystemd/sd-bus/test-vtable-data.h @@ -42,7 +42,7 @@ static const sd_bus_vtable test_vtable_1[] = { static const sd_bus_vtable test_vtable_2[] = { SD_BUS_VTABLE_START(0), - SD_BUS_METHOD("AlterSomething", "s", "s", handler, 0), + SD_BUS_METHOD("AlterSomething", "s", "s", handler, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("Exit", "", "", handler, 0), SD_BUS_METHOD_WITH_OFFSET("AlterSomething2", "s", "s", handler, 200, 0), SD_BUS_METHOD_WITH_OFFSET("Exit2", "", "", handler, 200, 0), From 61252bae91e71aa529d4c8c7c7293e6a69429291 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Aug 2019 19:00:50 +0200 Subject: [PATCH 3/6] sd-bus: adjust indentation of comments --- src/libsystemd/sd-bus/sd-bus.c | 3 +-- src/shared/bus-util.c | 7 ++++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index 303dcea106..026ac8cb94 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -1354,8 +1354,7 @@ _public_ int sd_bus_open_user_with_description(sd_bus **ret, const char *descrip b->bus_client = true; b->is_user = true; - /* We don't do any per-method access control on the user - * bus. */ + /* We don't do any per-method access control on the user bus. */ b->trusted = true; b->is_local = true; diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c index 821339d4ae..e9b0b8a99d 100644 --- a/src/shared/bus-util.c +++ b/src/shared/bus-util.c @@ -1681,7 +1681,8 @@ int bus_open_system_watch_bind_with_description(sd_bus **ret, const char *descri assert(ret); - /* Match like sd_bus_open_system(), but with the "watch_bind" feature and the Connected() signal turned on. */ + /* Match like sd_bus_open_system(), but with the "watch_bind" feature and the Connected() signal + * turned on. */ r = sd_bus_new(&bus); if (r < 0) @@ -1733,8 +1734,8 @@ int bus_reply_pair_array(sd_bus_message *m, char **l) { assert(m); - /* Reply to the specified message with a message containing a dictionary put together from the specified - * strv */ + /* Reply to the specified message with a message containing a dictionary put together from the + * specified strv */ r = sd_bus_message_new_method_return(m, &reply); if (r < 0) From ab77c8793bbb63de3c0b693d662f82a2ac65524f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Aug 2019 19:02:53 +0200 Subject: [PATCH 4/6] resolved: do not run loop twice This doesn't matter much, but let's just do the loop once and allocate the populate the result set on the fly. If we find an error, it'll get cleaned up automatically. --- src/resolve/resolved-link-bus.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c index 81ef5ffaa4..4e7685e889 100644 --- a/src/resolve/resolved-link-bus.c +++ b/src/resolve/resolved-link-bus.c @@ -544,6 +544,10 @@ int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, v if (r < 0) return r; + ns = set_new(&dns_name_hash_ops); + if (!ns) + return -ENOMEM; + r = sd_bus_message_read_strv(message, &ntas); if (r < 0) return r; @@ -553,14 +557,9 @@ int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, v if (r < 0) return r; if (r == 0) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid negative trust anchor domain: %s", *i); - } + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, + "Invalid negative trust anchor domain: %s", *i); - ns = set_new(&dns_name_hash_ops); - if (!ns) - return -ENOMEM; - - STRV_FOREACH(i, ntas) { r = set_put_strdup(ns, *i); if (r < 0) return r; From 52aaef0f5dc81b9a08d720f551eac53ac88aa596 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Aug 2019 19:25:05 +0200 Subject: [PATCH 5/6] resolved: allow access to Set*Link and Revert methods through polkit This matches what is done in networkd very closely. In fact even the policy descriptions are all identical (with s/network/resolve), except for the last one: resolved has org.freedesktop.resolve1.revert while networkd has org.freedesktop.network1.revert-ntp and org.freedesktop.network1.revert-dns so the description is a bit different. --- src/resolve/org.freedesktop.resolve1.policy | 99 ++++++++++++++++++ src/resolve/resolved-bus.c | 24 ++--- src/resolve/resolved-link-bus.c | 106 ++++++++++++++++++-- 3 files changed, 206 insertions(+), 23 deletions(-) diff --git a/src/resolve/org.freedesktop.resolve1.policy b/src/resolve/org.freedesktop.resolve1.policy index b65ba3e56a..592c4eb8b0 100644 --- a/src/resolve/org.freedesktop.resolve1.policy +++ b/src/resolve/org.freedesktop.resolve1.policy @@ -40,4 +40,103 @@ unix-user:systemd-resolve + + Set DNS servers + Authentication is required to set DNS servers. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Set domains + Authentication is required to set domains. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Set default route + Authentication is required to set default route. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Enable/disable LLMNR + Authentication is required to enable or disable LLMNR. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Enable/disable multicast DNS + Authentication is required to enable or disable multicast DNS. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Enable/disable DNS over TLS + Authentication is required to enable or disable DNS over TLS. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Enable/disable DNSSEC + Authentication is required to enable or disable DNSSEC. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Set DNSSEC Negative Trust Anchors + Authentication is required to set DNSSEC Negative Trust Anchros. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + + + Revert name resolution settings + Authentication is required to revert name resolution settings. + + auth_admin + auth_admin + auth_admin_keep + + unix-user:systemd-resolve + + diff --git a/src/resolve/resolved-bus.c b/src/resolve/resolved-bus.c index 4fc281e80a..924242fe6c 100644 --- a/src/resolve/resolved-bus.c +++ b/src/resolve/resolved-bus.c @@ -1854,19 +1854,19 @@ static const sd_bus_vtable resolve_vtable[] = { SD_BUS_METHOD("ResolveAddress", "iiayt", "a(is)t", bus_method_resolve_address, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("ResolveRecord", "isqqt", "a(iqqay)t", bus_method_resolve_record, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("ResolveService", "isssit", "a(qqqsa(iiay)s)aayssst", bus_method_resolve_service, SD_BUS_VTABLE_UNPRIVILEGED), - SD_BUS_METHOD("ResetStatistics", NULL, NULL, bus_method_reset_statistics, 0), - SD_BUS_METHOD("FlushCaches", NULL, NULL, bus_method_flush_caches, 0), - SD_BUS_METHOD("ResetServerFeatures", NULL, NULL, bus_method_reset_server_features, 0), + SD_BUS_METHOD("ResetStatistics", NULL, NULL, bus_method_reset_statistics, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("FlushCaches", NULL, NULL, bus_method_flush_caches, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("ResetServerFeatures", NULL, NULL, bus_method_reset_server_features, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("GetLink", "i", "o", bus_method_get_link, SD_BUS_VTABLE_UNPRIVILEGED), - SD_BUS_METHOD("SetLinkDNS", "ia(iay)", NULL, bus_method_set_link_dns_servers, 0), - SD_BUS_METHOD("SetLinkDomains", "ia(sb)", NULL, bus_method_set_link_domains, 0), - SD_BUS_METHOD("SetLinkDefaultRoute", "ib", NULL, bus_method_set_link_default_route, 0), - SD_BUS_METHOD("SetLinkLLMNR", "is", NULL, bus_method_set_link_llmnr, 0), - SD_BUS_METHOD("SetLinkMulticastDNS", "is", NULL, bus_method_set_link_mdns, 0), - SD_BUS_METHOD("SetLinkDNSOverTLS", "is", NULL, bus_method_set_link_dns_over_tls, 0), - SD_BUS_METHOD("SetLinkDNSSEC", "is", NULL, bus_method_set_link_dnssec, 0), - SD_BUS_METHOD("SetLinkDNSSECNegativeTrustAnchors", "ias", NULL, bus_method_set_link_dnssec_negative_trust_anchors, 0), - SD_BUS_METHOD("RevertLink", "i", NULL, bus_method_revert_link, 0), + SD_BUS_METHOD("SetLinkDNS", "ia(iay)", NULL, bus_method_set_link_dns_servers, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkDomains", "ia(sb)", NULL, bus_method_set_link_domains, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkDefaultRoute", "ib", NULL, bus_method_set_link_default_route, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkLLMNR", "is", NULL, bus_method_set_link_llmnr, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkMulticastDNS", "is", NULL, bus_method_set_link_mdns, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkDNSOverTLS", "is", NULL, bus_method_set_link_dns_over_tls, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkDNSSEC", "is", NULL, bus_method_set_link_dnssec, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLinkDNSSECNegativeTrustAnchors", "ias", NULL, bus_method_set_link_dnssec_negative_trust_anchors, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("RevertLink", "i", NULL, bus_method_revert_link, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("RegisterService", "sssqqqaa{say}", "o", bus_method_register_service, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("UnregisterService", "o", NULL, bus_method_unregister_service, SD_BUS_VTABLE_UNPRIVILEGED), diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c index 4e7685e889..b6c1476f5c 100644 --- a/src/resolve/resolved-link-bus.c +++ b/src/resolve/resolved-link-bus.c @@ -1,6 +1,8 @@ /* SPDX-License-Identifier: LGPL-2.1+ */ #include +#include +#include #include "alloc-util.h" #include "bus-common-errors.h" @@ -11,6 +13,7 @@ #include "resolved-link-bus.h" #include "resolved-resolv-conf.h" #include "strv.h" +#include "user-util.h" static BUS_DEFINE_PROPERTY_GET(property_get_dnssec_supported, "b", Link, link_dnssec_supported); static BUS_DEFINE_PROPERTY_GET2(property_get_dnssec_mode, "s", Link, link_get_dnssec_mode, dnssec_mode_to_string); @@ -262,6 +265,15 @@ int bus_link_method_set_dns_servers(sd_bus_message *message, void *userdata, sd_ if (r < 0) return r; + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-dns-servers", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + dns_server_mark_all(l->dns_servers); for (i = 0; i < n; i++) { @@ -325,12 +337,21 @@ int bus_link_method_set_domains(sd_bus_message *message, void *userdata, sd_bus_ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Root domain is not suitable as search domain"); } - dns_search_domain_mark_all(l->search_domains); - r = sd_bus_message_rewind(message, false); if (r < 0) return r; + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-domains", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + + dns_search_domain_mark_all(l->search_domains); + for (;;) { DnsSearchDomain *d; const char *name; @@ -388,6 +409,15 @@ int bus_link_method_set_default_route(sd_bus_message *message, void *userdata, s if (r < 0) return r; + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-default-route", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + if (l->default_route != b) { l->default_route = b; @@ -423,6 +453,15 @@ int bus_link_method_set_llmnr(sd_bus_message *message, void *userdata, sd_bus_er return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid LLMNR setting: %s", llmnr); } + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-llmnr", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + l->llmnr_support = mode; link_allocate_scopes(l); link_add_rrs(l, false); @@ -457,6 +496,15 @@ int bus_link_method_set_mdns(sd_bus_message *message, void *userdata, sd_bus_err return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid MulticastDNS setting: %s", mdns); } + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-mdns", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + l->mdns_support = mode; link_allocate_scopes(l); link_add_rrs(l, false); @@ -491,6 +539,15 @@ int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid DNSOverTLS setting: %s", dns_over_tls); } + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-dns-over-tls", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + link_set_dns_over_tls_mode(l, mode); (void) link_save_user(l); @@ -523,6 +580,15 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid DNSSEC setting: %s", dnssec); } + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-dnssec", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + link_set_dnssec_mode(l, mode); (void) link_save_user(l); @@ -565,6 +631,15 @@ int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, v return r; } + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.set-dnssec-negative-trust-anchors", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + set_free_free(l->dnssec_negative_trust_anchors); l->dnssec_negative_trust_anchors = TAKE_PTR(ns); @@ -584,6 +659,15 @@ int bus_link_method_revert(sd_bus_message *message, void *userdata, sd_bus_error if (r < 0) return r; + r = bus_verify_polkit_async(message, CAP_NET_ADMIN, + "org.freedesktop.resolve1.revert", + NULL, true, UID_INVALID, + &l->manager->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + link_flush_settings(l); link_allocate_scopes(l); link_add_rrs(l, false); @@ -609,15 +693,15 @@ const sd_bus_vtable link_vtable[] = { SD_BUS_PROPERTY("DNSSECNegativeTrustAnchors", "as", property_get_ntas, 0, 0), SD_BUS_PROPERTY("DNSSECSupported", "b", property_get_dnssec_supported, 0, 0), - SD_BUS_METHOD("SetDNS", "a(iay)", NULL, bus_link_method_set_dns_servers, 0), - SD_BUS_METHOD("SetDomains", "a(sb)", NULL, bus_link_method_set_domains, 0), - SD_BUS_METHOD("SetDefaultRoute", "b", NULL, bus_link_method_set_default_route, 0), - SD_BUS_METHOD("SetLLMNR", "s", NULL, bus_link_method_set_llmnr, 0), - SD_BUS_METHOD("SetMulticastDNS", "s", NULL, bus_link_method_set_mdns, 0), - SD_BUS_METHOD("SetDNSOverTLS", "s", NULL, bus_link_method_set_dns_over_tls, 0), - SD_BUS_METHOD("SetDNSSEC", "s", NULL, bus_link_method_set_dnssec, 0), - SD_BUS_METHOD("SetDNSSECNegativeTrustAnchors", "as", NULL, bus_link_method_set_dnssec_negative_trust_anchors, 0), - SD_BUS_METHOD("Revert", NULL, NULL, bus_link_method_revert, 0), + SD_BUS_METHOD("SetDNS", "a(iay)", NULL, bus_link_method_set_dns_servers, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetDomains", "a(sb)", NULL, bus_link_method_set_domains, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetDefaultRoute", "b", NULL, bus_link_method_set_default_route, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetLLMNR", "s", NULL, bus_link_method_set_llmnr, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetMulticastDNS", "s", NULL, bus_link_method_set_mdns, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetDNSOverTLS", "s", NULL, bus_link_method_set_dns_over_tls, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetDNSSEC", "s", NULL, bus_link_method_set_dnssec, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("SetDNSSECNegativeTrustAnchors", "as", NULL, bus_link_method_set_dnssec_negative_trust_anchors, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("Revert", NULL, NULL, bus_link_method_revert, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_VTABLE_END }; From fd73184f25d85506aa7ad51993921a39e6cbba74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 27 Aug 2019 19:28:19 +0200 Subject: [PATCH 6/6] resolved: query polkit only after parsing the data That's what we do everywhere else because it leads to nicer user experience. --- src/resolve/resolved-bus.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/resolve/resolved-bus.c b/src/resolve/resolved-bus.c index 924242fe6c..db0f8381ef 100644 --- a/src/resolve/resolved-bus.c +++ b/src/resolve/resolved-bus.c @@ -1638,15 +1638,6 @@ static int bus_method_register_service(sd_bus_message *message, void *userdata, if (m->mdns_support != RESOLVE_SUPPORT_YES) return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Support for MulticastDNS is disabled"); - r = bus_verify_polkit_async(message, CAP_SYS_ADMIN, - "org.freedesktop.resolve1.register-service", - NULL, false, UID_INVALID, - &m->polkit_registry, error); - if (r < 0) - return r; - if (r == 0) - return 1; /* Polkit will call us back */ - service = new0(DnssdService, 1); if (!service) return log_oom(); @@ -1771,6 +1762,15 @@ static int bus_method_register_service(sd_bus_message *message, void *userdata, if (r < 0) return r; + r = bus_verify_polkit_async(message, CAP_SYS_ADMIN, + "org.freedesktop.resolve1.register-service", + NULL, false, UID_INVALID, + &m->polkit_registry, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* Polkit will call us back */ + r = hashmap_ensure_allocated(&m->dnssd_services, &string_hash_ops); if (r < 0) return r;