mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
Merge pull request #31960 from YHNdnzj/capsule-followup
Some follow-ups for capsule
This commit is contained in:
commit
5c7292fa80
@ -13,6 +13,7 @@
|
||||
#include "bus-type.h"
|
||||
#include "bus-util.h"
|
||||
#include "busctl-introspect.h"
|
||||
#include "capsule-util.h"
|
||||
#include "escape.h"
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
@ -28,7 +29,6 @@
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
#include "pretty-print.h"
|
||||
#include "capsule-util.h"
|
||||
#include "runtime-scope.h"
|
||||
#include "set.h"
|
||||
#include "sort-util.h"
|
||||
|
@ -280,6 +280,8 @@ static int pin_capsule_socket(const char *capsule, const char *suffix, uid_t *re
|
||||
|
||||
assert(capsule);
|
||||
assert(suffix);
|
||||
assert(ret_uid);
|
||||
assert(ret_gid);
|
||||
|
||||
p = path_join("/run/capsules", capsule, suffix);
|
||||
if (!p)
|
||||
@ -291,7 +293,7 @@ static int pin_capsule_socket(const char *capsule, const char *suffix, uid_t *re
|
||||
return r;
|
||||
|
||||
if (fstat(inode_fd, &st) < 0)
|
||||
return -errno;
|
||||
return negative_errno();
|
||||
|
||||
/* Paranoid safety check */
|
||||
if (uid_is_system(st.st_uid) || gid_is_system(st.st_gid))
|
||||
@ -303,67 +305,28 @@ static int pin_capsule_socket(const char *capsule, const char *suffix, uid_t *re
|
||||
return TAKE_FD(inode_fd);
|
||||
}
|
||||
|
||||
int bus_connect_capsule_systemd(const char *capsule, sd_bus **ret_bus) {
|
||||
_cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
|
||||
static int bus_set_address_capsule(sd_bus *bus, const char *capsule, const char *suffix, int *ret_pin_fd) {
|
||||
_cleanup_close_ int inode_fd = -EBADF;
|
||||
_cleanup_free_ char *pp = NULL;
|
||||
uid_t uid;
|
||||
gid_t gid;
|
||||
int r;
|
||||
|
||||
assert(capsule);
|
||||
assert(ret_bus);
|
||||
|
||||
r = capsule_name_is_valid(capsule);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0)
|
||||
return -EINVAL;
|
||||
|
||||
/* Connects to a capsule's user bus. We need to do so under the capsule's UID/GID, otherwise the
|
||||
* the service manager might refuse our connection. Hence fake it. */
|
||||
|
||||
inode_fd = pin_capsule_socket(capsule, "systemd/private", &uid, &gid);
|
||||
if (inode_fd < 0)
|
||||
return inode_fd;
|
||||
|
||||
pp = bus_address_escape(FORMAT_PROC_FD_PATH(inode_fd));
|
||||
if (!pp)
|
||||
return -ENOMEM;
|
||||
|
||||
r = sd_bus_new(&bus);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (asprintf(&bus->address, "unix:path=%s,uid=" UID_FMT ",gid=" GID_FMT, pp, uid, gid) < 0)
|
||||
return -ENOMEM;
|
||||
|
||||
r = sd_bus_start(bus);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
*ret_bus = TAKE_PTR(bus);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int bus_set_address_capsule_bus(sd_bus *bus, const char *capsule, int *ret_pin_fd) {
|
||||
_cleanup_free_ char *pp = NULL;
|
||||
_cleanup_close_ int inode_fd = -EBADF;
|
||||
uid_t uid;
|
||||
gid_t gid;
|
||||
int r;
|
||||
|
||||
assert(bus);
|
||||
assert(capsule);
|
||||
assert(suffix);
|
||||
assert(ret_pin_fd);
|
||||
|
||||
/* Connects to a capsule's user bus. We need to do so under the capsule's UID/GID, otherwise
|
||||
* the service manager might refuse our connection. Hence fake it. */
|
||||
|
||||
r = capsule_name_is_valid(capsule);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0)
|
||||
return -EINVAL;
|
||||
|
||||
inode_fd = pin_capsule_socket(capsule, "bus", &uid, &gid);
|
||||
inode_fd = pin_capsule_socket(capsule, suffix, &uid, &gid);
|
||||
if (inode_fd < 0)
|
||||
return inode_fd;
|
||||
|
||||
@ -378,6 +341,34 @@ int bus_set_address_capsule_bus(sd_bus *bus, const char *capsule, int *ret_pin_f
|
||||
return 0;
|
||||
}
|
||||
|
||||
int bus_set_address_capsule_bus(sd_bus *bus, const char *capsule, int *ret_pin_fd) {
|
||||
return bus_set_address_capsule(bus, capsule, "bus", ret_pin_fd);
|
||||
}
|
||||
|
||||
int bus_connect_capsule_systemd(const char *capsule, sd_bus **ret_bus) {
|
||||
_cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
|
||||
_cleanup_close_ int inode_fd = -EBADF;
|
||||
int r;
|
||||
|
||||
assert(capsule);
|
||||
assert(ret_bus);
|
||||
|
||||
r = sd_bus_new(&bus);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = bus_set_address_capsule(bus, capsule, "systemd/private", &inode_fd);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = sd_bus_start(bus);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
*ret_bus = TAKE_PTR(bus);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int bus_connect_capsule_bus(const char *capsule, sd_bus **ret_bus) {
|
||||
_cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
|
||||
_cleanup_close_ int inode_fd = -EBADF;
|
||||
|
@ -8,6 +8,7 @@
|
||||
|
||||
#include "build.h"
|
||||
#include "bus-util.h"
|
||||
#include "capsule-util.h"
|
||||
#include "dissect-image.h"
|
||||
#include "install.h"
|
||||
#include "main-func.h"
|
||||
@ -18,7 +19,6 @@
|
||||
#include "path-util.h"
|
||||
#include "pretty-print.h"
|
||||
#include "process-util.h"
|
||||
#include "capsule-util.h"
|
||||
#include "reboot-util.h"
|
||||
#include "rlimit-util.h"
|
||||
#include "sigbus.h"
|
||||
|
@ -7,6 +7,8 @@ units = [
|
||||
{ 'file' : 'blockdev@.target' },
|
||||
{ 'file' : 'bluetooth.target' },
|
||||
{ 'file' : 'boot-complete.target' },
|
||||
{ 'file' : 'capsule@.service.in' },
|
||||
{ 'file' : 'capsule.slice' },
|
||||
{ 'file' : 'console-getty.service.in' },
|
||||
{ 'file' : 'container-getty@.service.in' },
|
||||
{
|
||||
@ -746,8 +748,6 @@ units = [
|
||||
{ 'file' : 'user-runtime-dir@.service.in' },
|
||||
{ 'file' : 'user.slice' },
|
||||
{ 'file' : 'user@.service.in' },
|
||||
{ 'file' : 'capsule@.service.in' },
|
||||
{ 'file' : 'capsule.slice' },
|
||||
{
|
||||
'file' : 'var-lib-machines.mount',
|
||||
'conditions' : ['ENABLE_MACHINED'],
|
||||
|
@ -5,13 +5,13 @@ units = [
|
||||
'background.slice',
|
||||
'basic.target',
|
||||
'bluetooth.target',
|
||||
'capsule@.target',
|
||||
'default.target',
|
||||
'exit.target',
|
||||
'graphical-session-pre.target',
|
||||
'graphical-session.target',
|
||||
'paths.target',
|
||||
'printer.target',
|
||||
'capsule@.target',
|
||||
'session.slice',
|
||||
'shutdown.target',
|
||||
'smartcard.target',
|
||||
|
Loading…
Reference in New Issue
Block a user