1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-25 10:04:04 +03:00

Merge pull request #34009 from yuwata/network-resolve-polkit

network,resolve: support interactive authentication
This commit is contained in:
Luca Boccassi 2024-08-20 12:14:03 +02:00 committed by GitHub
commit a8d1f9da55
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
22 changed files with 466 additions and 239 deletions

View File

@ -634,6 +634,16 @@ s - Service VLAN, m - Two-port MAC Relay (TPMR)
<xi:include href="standard-options.xml" xpointer="no-legend" />
<xi:include href="standard-options.xml" xpointer="no-pager" />
<varlistentry>
<term><option>--no-ask-password</option></term>
<listitem>
<para>Do not query the user for authentication for privileged operations.</para>
<xi:include href="version-info.xml" xpointer="v257"/>
</listitem>
</varlistentry>
</variablelist>
</refsect1>

View File

@ -495,6 +495,16 @@
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
</varlistentry>
<varlistentry>
<term><option>--no-ask-password</option></term>
<listitem>
<para>Do not query the user for authentication for privileged operations.</para>
<xi:include href="version-info.xml" xpointer="v257"/>
</listitem>
</varlistentry>
<xi:include href="standard-options.xml" xpointer="json" />
<xi:include href="standard-options.xml" xpointer="j" />
<xi:include href="standard-options.xml" xpointer="no-pager" />

View File

@ -44,8 +44,8 @@ _networkctl() {
local i verb comps
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} words cword
local -A OPTS=(
[STANDALONE]='-a --all -h --help --version --no-pager --no-legend -s --stats -l --full
--no-reload --runtime'
[STANDALONE]='-a --all -h --help --version --no-pager --no-legend --no-ask-password
-s --stats -l --full --no-reload --runtime'
[ARG]='-n --lines --json --drop-in'
)

View File

@ -38,7 +38,7 @@ _resolvectl() {
[STANDALONE]='-h --help --version -4 -6 --legend=no --cname=no
--validate=no --synthesize=no --cache=no --relax-single-label=no --zone=no
--trust-anchor=no --network=no --service-address=no
--service-txt=no --search=no --stale-data=no --no-pager'
--service-txt=no --search=no --stale-data=no --no-pager --no-ask-password'
[ARG]='-t --type -c --class -i --interface -p --protocol --raw --json'
)
local -A VERBS=(

View File

@ -52,6 +52,7 @@ _arguments \
'(-a --all)'{-a,--all}'[Show all links with status]' \
'--no-pager[Do not pipe output into a pager]' \
'--no-legend[Do not print the column headers]' \
'--no-ask-password[Do not prompt for password]' \
'(- *)'{-h,--help}'[Show this help]' \
'(- *)--version[Show package version]' \
'--drop-in=[Use the given drop-in file name]:NAME' \

View File

@ -94,4 +94,6 @@ _arguments \
'--search=[Do not use search domains]:BOOL:(yes no)' \
'--raw=[Dump the answer as binary data]:RAW:(payload packet)' \
'--json=[Output as JSON]:JSON:(pretty short off)' \
'--no-pager[Do not pipe output into a pager]' \
'--no-ask-password[Do not prompt for password]' \
'*::default: _resolvectl_commands'

View File

@ -524,7 +524,7 @@ static int set_simple_string_internal(sd_bus *bus, sd_bus_error *error, const ch
_cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (!error)
error = &e;

View File

@ -179,7 +179,7 @@ static int transfer_image_common(sd_bus *bus, sd_bus_message *m) {
assert(bus);
assert(m);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_event_default(&event);
if (r < 0)
@ -867,7 +867,7 @@ static int cancel_transfer(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (int i = 1; i < argc; i++) {
uint32_t id;

View File

@ -1514,7 +1514,7 @@ _public_ int sd_varlink_dispatch_again(sd_varlink *v) {
if (v->state == VARLINK_DISCONNECTED)
return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected.");
if (v->state != VARLINK_PENDING_METHOD)
if (!IN_SET(v->state, VARLINK_PENDING_METHOD, VARLINK_PENDING_METHOD_MORE))
return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection has no pending method.");
varlink_set_state(v, VARLINK_IDLE_SERVER);

View File

@ -187,7 +187,7 @@ static int set_locale(int argc, char **argv, void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_message_new_method_call(bus, &m, bus_locale, "SetLocale");
if (r < 0)
@ -229,7 +229,7 @@ static int set_vconsole_keymap(int argc, char **argv, void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
map = argv[1];
toggle_map = argc > 2 ? argv[2] : "";
@ -268,7 +268,7 @@ static int set_x11_keymap(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
layout = argv[1];
model = argc > 2 ? argv[2] : "";

View File

@ -1197,7 +1197,7 @@ static int activate(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (argc < 2) {
r = sd_bus_call_method(
@ -1240,7 +1240,7 @@ static int kill_session(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (!arg_kill_whom)
arg_kill_whom = "all";
@ -1268,7 +1268,7 @@ static int enable_linger(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
b = streq(argv[0], "enable-linger");
@ -1314,7 +1314,7 @@ static int terminate_user(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (int i = 1; i < argc; i++) {
uid_t uid;
@ -1344,7 +1344,7 @@ static int kill_user(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (!arg_kill_whom)
arg_kill_whom = "all";
@ -1382,7 +1382,7 @@ static int attach(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (int i = 2; i < argc; i++) {
@ -1406,7 +1406,7 @@ static int flush_devices(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(bus, bus_login_mgr, "FlushDevices", &error, NULL, "b", true);
if (r < 0)
@ -1422,7 +1422,7 @@ static int lock_sessions(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(
bus,
@ -1443,7 +1443,7 @@ static int terminate_seat(int argc, char *argv[], void *userdata) {
assert(argv);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (int i = 1; i < argc; i++) {

View File

@ -1044,7 +1044,7 @@ static int kill_machine(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (!arg_kill_whom)
arg_kill_whom = "all";
@ -1089,7 +1089,7 @@ static int terminate_machine(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (int i = 1; i < argc; i++) {
r = bus_call_method(bus, bus_machine_mgr, "TerminateMachine", &error, NULL, "s", argv[i]);
@ -1116,7 +1116,7 @@ static int copy_files(int argc, char *argv[], void *userdata) {
bool copy_from;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
copy_from = streq(argv[0], "copy-from");
dest = argv[3] ?: argv[2];
@ -1167,7 +1167,7 @@ static int bind_mount(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(
bus,
@ -1316,7 +1316,7 @@ static int login_machine(int argc, char *argv[], void *userdata) {
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
"Login only supported on local machines.");
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_event_default(&event);
if (r < 0)
@ -1376,7 +1376,7 @@ static int shell_machine(int argc, char *argv[], void *userdata) {
}
}
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_event_default(&event);
if (r < 0)
@ -1595,7 +1595,7 @@ static int remove_image(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (int i = 1; i < argc; i++) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
@ -1623,7 +1623,7 @@ static int rename_image(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(
bus,
@ -1644,7 +1644,7 @@ static int clone_image(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_message_new_method_call(bus, &m, bus_machine_mgr, "CloneImage");
if (r < 0)
@ -1675,7 +1675,7 @@ static int read_only_image(int argc, char *argv[], void *userdata) {
argv[2]);
}
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(bus, bus_machine_mgr, "MarkImageReadOnly", &error, NULL, "sb", argv[1], b);
if (r < 0)
@ -1726,7 +1726,7 @@ static int start_machine(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
ask_password_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_wait_for_jobs_new(bus, &w);
@ -1784,7 +1784,7 @@ static int enable_machine(int argc, char *argv[], void *userdata) {
int r;
bool enable;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
enable = streq(argv[0], "enable");
method = enable ? "EnableUnitFiles" : "DisableUnitFiles";
@ -1878,7 +1878,7 @@ static int set_limit(int argc, char *argv[], void *userdata) {
uint64_t limit;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (STR_IN_SET(argv[argc-1], "-", "none", "infinity"))
limit = UINT64_MAX;
@ -1911,7 +1911,7 @@ static int clean_images(int argc, char *argv[], void *userdata) {
unsigned c = 0;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_message_new_method_call(bus, &m, bus_machine_mgr, "CleanPool");
if (r < 0)

View File

@ -638,10 +638,6 @@ static int start_transient_mount(
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
if (r < 0)
return bus_log_create_error(r);
/* Name and mode */
r = sd_bus_message_append(m, "ss", mount_unit, "fail");
if (r < 0)
@ -665,7 +661,7 @@ static int start_transient_mount(
if (r < 0)
return bus_log_create_error(r);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_call(bus, m, 0, &error, &reply);
if (r < 0)
@ -719,10 +715,6 @@ static int start_transient_automount(
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
if (r < 0)
return bus_log_create_error(r);
/* Name and mode */
r = sd_bus_message_append(m, "ss", automount_unit, "fail");
if (r < 0)
@ -774,7 +766,7 @@ static int start_transient_automount(
if (r < 0)
return bus_log_create_error(r);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_call(bus, m, 0, &error, &reply);
if (r < 0)
@ -923,16 +915,12 @@ static int stop_mount(
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
if (r < 0)
return bus_log_create_error(r);
/* Name and mode */
r = sd_bus_message_append(m, "ss", mount_unit, "fail");
if (r < 0)
return bus_log_create_error(r);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_call(bus, m, 0, &error, &reply);
if (r < 0) {
@ -1527,6 +1515,8 @@ static int run(int argc, char* argv[]) {
if (r < 0)
return bus_log_connect_error(r, arg_transport);
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
if (arg_action == ACTION_UMOUNT)
return action_umount(bus, argc, argv);

View File

@ -95,6 +95,7 @@ bool arg_stdin = false;
unsigned arg_lines = 10;
char *arg_drop_in = NULL;
sd_json_format_flags_t arg_json_format_flags = SD_JSON_FORMAT_OFF;
bool arg_ask_password = true;
STATIC_DESTRUCTOR_REGISTER(arg_drop_in, freep);
@ -174,6 +175,8 @@ int acquire_bus(sd_bus **ret) {
if (r < 0)
return log_error_errno(r, "Failed to connect to system bus: %m");
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
if (networkd_is_running()) {
r = varlink_connect_networkd(/* ret_varlink = */ NULL);
if (r < 0)
@ -2841,6 +2844,8 @@ static int link_renew(int argc, char *argv[], void *userdata) {
if (r < 0)
return r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = 0;
for (int i = 1; i < argc; i++) {
@ -2881,6 +2886,8 @@ static int link_force_renew(int argc, char *argv[], void *userdata) {
if (r < 0)
return r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
for (int i = 1; i < argc; i++) {
int index = rtnl_resolve_interface_or_warn(&rtnl, argv[i]);
if (index < 0)
@ -2903,6 +2910,8 @@ static int verb_reload(int argc, char *argv[], void *userdata) {
if (r < 0)
return r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_network_mgr, "Reload", &error, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to reload network settings: %s", bus_error_message(&error, r));
@ -2922,6 +2931,8 @@ static int verb_reconfigure(int argc, char *argv[], void *userdata) {
if (r < 0)
return r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
indexes = set_new(NULL);
if (!indexes)
return log_oom();
@ -3016,6 +3027,7 @@ static int help(void) {
" --version Show package version\n"
" --no-pager Do not pipe output into a pager\n"
" --no-legend Do not show the headers and footers\n"
" --no-ask-password Do not prompt for password\n"
" -a --all Show status for all links\n"
" -s --stats Show detailed link statistics\n"
" -l --full Do not ellipsize output\n"
@ -3041,6 +3053,7 @@ static int parse_argv(int argc, char *argv[]) {
ARG_VERSION = 0x100,
ARG_NO_PAGER,
ARG_NO_LEGEND,
ARG_NO_ASK_PASSWORD,
ARG_JSON,
ARG_NO_RELOAD,
ARG_DROP_IN,
@ -3053,6 +3066,7 @@ static int parse_argv(int argc, char *argv[]) {
{ "version", no_argument, NULL, ARG_VERSION },
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
{ "no-legend", no_argument, NULL, ARG_NO_LEGEND },
{ "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
{ "all", no_argument, NULL, 'a' },
{ "stats", no_argument, NULL, 's' },
{ "full", no_argument, NULL, 'l' },
@ -3092,6 +3106,10 @@ static int parse_argv(int argc, char *argv[]) {
arg_no_reload = true;
break;
case ARG_NO_ASK_PASSWORD:
arg_ask_password = false;
break;
case ARG_RUNTIME:
arg_runtime = true;
break;

View File

@ -19,6 +19,7 @@ extern bool arg_stdin;
extern unsigned arg_lines;
extern char *arg_drop_in;
extern sd_json_format_flags_t arg_json_format_flags;
extern bool arg_ask_password;
bool networkd_is_running(void);
int acquire_bus(sd_bus **ret);

View File

@ -139,4 +139,59 @@
<annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate>
</action>
<action id="org.freedesktop.resolve1.subscribe-query-results">
<description gettext-domain="systemd">Subscribe query results</description>
<message gettext-domain="systemd">Authentication is required to subscribe query results.</message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate>
</action>
<action id="org.freedesktop.resolve1.dump-cache">
<description gettext-domain="systemd">Dump cache</description>
<message gettext-domain="systemd">Authentication is required to dump cache.</message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate>
</action>
<action id="org.freedesktop.resolve1.dump-server-state">
<description gettext-domain="systemd">Dump server state</description>
<message gettext-domain="systemd">Authentication is required to dump server state.</message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate>
</action>
<action id="org.freedesktop.resolve1.dump-statistics">
<description gettext-domain="systemd">Dump statistics</description>
<message gettext-domain="systemd">Authentication is required to dump statistics.</message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate>
</action>
<action id="org.freedesktop.resolve1.reset-statistics">
<description gettext-domain="systemd">Reset statistics</description>
<message gettext-domain="systemd">Authentication is required to reset statistics.</message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate>
</action>
</policyconfig>

View File

@ -62,6 +62,7 @@ static sd_json_format_flags_t arg_json_format_flags = SD_JSON_FORMAT_OFF;
static PagerFlags arg_pager_flags = 0;
bool arg_ifindex_permissive = false; /* If true, don't generate an error if the specified interface index doesn't exist */
static const char *arg_service_family = NULL;
static bool arg_ask_password = true;
typedef enum RawType {
RAW_NONE,
@ -102,6 +103,22 @@ typedef struct InterfaceInfo {
const char *name;
} InterfaceInfo;
static int acquire_bus(sd_bus **ret) {
_cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
int r;
assert(ret);
r = sd_bus_open_system(&bus);
if (r < 0)
return log_error_errno(r, "sd_bus_open_system: %m");
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
*ret = TAKE_PTR(bus);
return 0;
}
static int interface_info_compare(const InterfaceInfo *a, const InterfaceInfo *b) {
int r;
@ -759,35 +776,34 @@ invalid:
}
static int verb_query(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
int q, r = 0;
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int ret = 0, r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (arg_type != 0)
STRV_FOREACH(p, argv + 1) {
q = resolve_record(bus, *p, arg_class, arg_type, true);
if (q < 0)
r = q;
}
STRV_FOREACH(p, strv_skip(argv, 1))
RET_GATHER(ret, resolve_record(bus, *p, arg_class, arg_type, true));
else
STRV_FOREACH(p, argv + 1) {
STRV_FOREACH(p, strv_skip(argv, 1)) {
if (startswith(*p, "dns:"))
q = resolve_rfc4501(bus, *p);
RET_GATHER(ret, resolve_rfc4501(bus, *p));
else {
int family, ifindex;
union in_addr_union a;
q = in_addr_ifindex_from_string_auto(*p, &family, &a, &ifindex);
if (q >= 0)
q = resolve_address(bus, family, &a, ifindex);
r = in_addr_ifindex_from_string_auto(*p, &family, &a, &ifindex);
if (r >= 0)
RET_GATHER(ret, resolve_address(bus, family, &a, ifindex));
else
q = resolve_host(bus, *p);
RET_GATHER(ret, resolve_host(bus, *p));
}
if (q < 0)
r = q;
}
return r;
return ret;
}
static int resolve_service(sd_bus *bus, const char *name, const char *type, const char *domain) {
@ -970,7 +986,12 @@ static int resolve_service(sd_bus *bus, const char *name, const char *type, cons
}
static int verb_service(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (!FLAGS_SET(arg_json_format_flags, SD_JSON_FORMAT_OFF))
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Use --json=pretty with --type= to acquire resource record information in JSON format.");
@ -1031,19 +1052,20 @@ static int resolve_openpgp(sd_bus *bus, const char *address) {
}
static int verb_openpgp(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
int q, r = 0;
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r, ret = 0;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (!FLAGS_SET(arg_json_format_flags, SD_JSON_FORMAT_OFF))
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Use --json=pretty with --type= to acquire resource record information in JSON format.");
STRV_FOREACH(p, argv + 1) {
q = resolve_openpgp(bus, *p);
if (q < 0)
r = q;
}
STRV_FOREACH(p, strv_skip(argv, 1))
RET_GATHER(ret, resolve_openpgp(bus, *p));
return r;
return ret;
}
static int resolve_tlsa(sd_bus *bus, const char *family, const char *address) {
@ -1083,26 +1105,30 @@ static bool service_family_is_valid(const char *s) {
}
static int verb_tlsa(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
char **args = argv + 1;
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
const char *family = "tcp";
int q, r = 0;
char **args;
int r, ret = 0;
assert(argc >= 2);
r = acquire_bus(&bus);
if (r < 0)
return r;
if (!FLAGS_SET(arg_json_format_flags, SD_JSON_FORMAT_OFF))
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Use --json=pretty with --type= to acquire resource record information in JSON format.");
if (service_family_is_valid(argv[1])) {
family = argv[1];
args++;
}
args = strv_skip(argv, 2);
} else
args = strv_skip(argv, 1);
STRV_FOREACH(p, args) {
q = resolve_tlsa(bus, family, *p);
if (q < 0)
r = q;
}
STRV_FOREACH(p, args)
RET_GATHER(ret, resolve_tlsa(bus, family, *p));
return r;
return ret;
}
static int show_statistics(int argc, char **argv, void *userdata) {
@ -1111,11 +1137,17 @@ static int show_statistics(int argc, char **argv, void *userdata) {
_cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = sd_varlink_connect_address(&vl, "/run/systemd/resolve/io.systemd.Resolve.Monitor");
if (r < 0)
return log_error_errno(r, "Failed to connect to query monitoring service /run/systemd/resolve/io.systemd.Resolve.Monitor: %m");
r = varlink_call_and_log(vl, "io.systemd.Resolve.Monitor.DumpStatistics", /* parameters= */ NULL, &reply);
r = varlink_callbo_and_log(
vl,
"io.systemd.Resolve.Monitor.DumpStatistics",
&reply,
SD_JSON_BUILD_PAIR_BOOLEAN("allowInteractiveAuthentication", arg_ask_password));
if (r < 0)
return r;
@ -1269,11 +1301,17 @@ static int reset_statistics(int argc, char **argv, void *userdata) {
_cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = sd_varlink_connect_address(&vl, "/run/systemd/resolve/io.systemd.Resolve.Monitor");
if (r < 0)
return log_error_errno(r, "Failed to connect to query monitoring service /run/systemd/resolve/io.systemd.Resolve.Monitor: %m");
r = varlink_call_and_log(vl, "io.systemd.Resolve.Monitor.ResetStatistics", /* parameters= */ NULL, &reply);
r = varlink_callbo_and_log(
vl,
"io.systemd.Resolve.Monitor.ResetStatistics",
&reply,
SD_JSON_BUILD_PAIR_BOOLEAN("allowInteractiveAuthentication", arg_ask_password));
if (r < 0)
return r;
@ -1284,10 +1322,14 @@ static int reset_statistics(int argc, char **argv, void *userdata) {
}
static int flush_caches(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = userdata;
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
r = bus_call_method(bus, bus_resolve_mgr, "FlushCaches", &error, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to flush caches: %s", bus_error_message(&error, r));
@ -1296,10 +1338,14 @@ static int flush_caches(int argc, char **argv, void *userdata) {
}
static int reset_server_features(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = userdata;
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
r = bus_call_method(bus, bus_resolve_mgr, "ResetServerFeatures", &error, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to reset server features: %s", bus_error_message(&error, r));
@ -2070,7 +2116,7 @@ static int status_all(sd_bus *bus, StatusMode mode) {
_cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL;
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
bool empty_line = false;
int r;
int ret = 0, r;
assert(bus);
@ -2128,26 +2174,27 @@ static int status_all(sd_bus *bus, StatusMode mode) {
typesafe_qsort(infos, n_infos, interface_info_compare);
r = 0;
for (size_t i = 0; i < n_infos; i++) {
int q = status_ifindex(bus, infos[i].index, infos[i].name, mode, &empty_line);
if (q < 0 && r >= 0)
r = q;
}
FOREACH_ARRAY(info, infos, n_infos)
RET_GATHER(ret, status_ifindex(bus, info->index, info->name, mode, &empty_line));
return r;
return ret;
}
static int verb_status(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
int r = 0;
if (argc > 1) {
bool empty_line = false;
int r, ret = 0;
STRV_FOREACH(ifname, argv + 1) {
int ifindex, q;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc <= 1)
return status_all(bus, STATUS_ALL);
STRV_FOREACH(ifname, strv_skip(argv, 1)) {
int ifindex;
ifindex = rtnl_resolve_interface(&rtnl, *ifname);
if (ifindex < 0) {
@ -2155,20 +2202,18 @@ static int verb_status(int argc, char **argv, void *userdata) {
continue;
}
q = status_ifindex(bus, ifindex, NULL, STATUS_ALL, &empty_line);
if (q < 0)
r = q;
RET_GATHER(ret, status_ifindex(bus, ifindex, NULL, STATUS_ALL, &empty_line));
}
} else
r = status_all(bus, STATUS_ALL);
return r;
return ret;
}
static int call_dns(sd_bus *bus, char **dns, const BusLocator *locator, sd_bus_error *error, bool extended) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_message_new_method_call(bus, &req, locator, extended ? "SetLinkDNSEx" : "SetLinkDNS");
if (r < 0)
return bus_log_create_error(r);
@ -2237,10 +2282,14 @@ static int call_dns(sd_bus *bus, char **dns, const BusLocator *locator, sd_bus_e
}
static int verb_dns(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2253,11 +2302,12 @@ static int verb_dns(int argc, char **argv, void *userdata) {
if (argc < 3)
return status_ifindex(bus, arg_ifindex, NULL, STATUS_DNS, NULL);
r = call_dns(bus, argv + 2, bus_resolve_mgr, &error, true);
char **args = strv_skip(argv, 2);
r = call_dns(bus, args, bus_resolve_mgr, &error, true);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
r = call_dns(bus, argv + 2, bus_network_mgr, &error, true);
r = call_dns(bus, args, bus_network_mgr, &error, true);
}
if (r < 0) {
if (arg_ifindex_permissive &&
@ -2274,6 +2324,8 @@ static int call_domain(sd_bus *bus, char **domain, const BusLocator *locator, sd
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_message_new_method_call(bus, &req, locator, "SetLinkDomains");
if (r < 0)
return bus_log_create_error(r);
@ -2315,10 +2367,14 @@ static int call_domain(sd_bus *bus, char **domain, const BusLocator *locator, sd
}
static int verb_domain(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2331,11 +2387,12 @@ static int verb_domain(int argc, char **argv, void *userdata) {
if (argc < 3)
return status_ifindex(bus, arg_ifindex, NULL, STATUS_DOMAIN, NULL);
r = call_domain(bus, argv + 2, bus_resolve_mgr, &error);
char **args = strv_skip(argv, 2);
r = call_domain(bus, args, bus_resolve_mgr, &error);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
r = call_domain(bus, argv + 2, bus_network_mgr, &error);
r = call_domain(bus, args, bus_network_mgr, &error);
}
if (r < 0) {
if (arg_ifindex_permissive &&
@ -2349,10 +2406,14 @@ static int verb_domain(int argc, char **argv, void *userdata) {
}
static int verb_default_route(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r, b;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2369,6 +2430,8 @@ static int verb_default_route(int argc, char **argv, void *userdata) {
if (b < 0)
return log_error_errno(b, "Failed to parse boolean argument: %s", argv[2]);
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_resolve_mgr, "SetLinkDefaultRoute", &error, NULL, "ib", arg_ifindex, b);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
@ -2387,12 +2450,16 @@ static int verb_default_route(int argc, char **argv, void *userdata) {
}
static int verb_llmnr(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_free_ char *global_llmnr_support_str = NULL;
ResolveSupport global_llmnr_support, llmnr_support;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2421,6 +2488,8 @@ static int verb_llmnr(int argc, char **argv, void *userdata) {
log_warning("Setting LLMNR support level \"%s\" for \"%s\", but the global support level is \"%s\".",
argv[2], arg_ifname, global_llmnr_support_str);
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_resolve_mgr, "SetLinkLLMNR", &error, NULL, "is", arg_ifindex, argv[2]);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
@ -2439,12 +2508,16 @@ static int verb_llmnr(int argc, char **argv, void *userdata) {
}
static int verb_mdns(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_free_ char *global_mdns_support_str = NULL;
ResolveSupport global_mdns_support, mdns_support;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2473,6 +2546,8 @@ static int verb_mdns(int argc, char **argv, void *userdata) {
log_warning("Setting mDNS support level \"%s\" for \"%s\", but the global support level is \"%s\".",
argv[2], arg_ifname, global_mdns_support_str);
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_resolve_mgr, "SetLinkMulticastDNS", &error, NULL, "is", arg_ifindex, argv[2]);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
@ -2497,10 +2572,14 @@ static int verb_mdns(int argc, char **argv, void *userdata) {
}
static int verb_dns_over_tls(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2513,6 +2592,8 @@ static int verb_dns_over_tls(int argc, char **argv, void *userdata) {
if (argc < 3)
return status_ifindex(bus, arg_ifindex, NULL, STATUS_PRIVATE, NULL);
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_resolve_mgr, "SetLinkDNSOverTLS", &error, NULL, "is", arg_ifindex, argv[2]);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
@ -2537,10 +2618,14 @@ static int verb_dns_over_tls(int argc, char **argv, void *userdata) {
}
static int verb_dnssec(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2553,6 +2638,8 @@ static int verb_dnssec(int argc, char **argv, void *userdata) {
if (argc < 3)
return status_ifindex(bus, arg_ifindex, NULL, STATUS_DNSSEC, NULL);
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_resolve_mgr, "SetLinkDNSSEC", &error, NULL, "is", arg_ifindex, argv[2]);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
@ -2574,6 +2661,8 @@ static int call_nta(sd_bus *bus, char **nta, const BusLocator *locator, sd_bus_
_cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_message_new_method_call(bus, &req, locator, "SetLinkDNSSECNegativeTrustAnchors");
if (r < 0)
return bus_log_create_error(r);
@ -2590,10 +2679,15 @@ static int call_nta(sd_bus *bus, char **nta, const BusLocator *locator, sd_bus_
}
static int verb_nta(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
char **args;
bool clear;
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
@ -2607,12 +2701,15 @@ static int verb_nta(int argc, char **argv, void *userdata) {
if (argc < 3)
return status_ifindex(bus, arg_ifindex, NULL, STATUS_NTA, NULL);
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
/* If only argument is the empty string, then call SetLinkDNSSECNegativeTrustAnchors()
* with an empty list, which will clear the list of domains for an interface. */
clear = strv_equal(argv + 2, STRV_MAKE(""));
args = strv_skip(argv, 2);
clear = strv_equal(args, STRV_MAKE(""));
if (!clear)
STRV_FOREACH(p, argv + 2) {
STRV_FOREACH(p, args) {
r = dns_name_is_valid(*p);
if (r < 0)
return log_error_errno(r, "Failed to validate specified domain %s: %m", *p);
@ -2622,11 +2719,11 @@ static int verb_nta(int argc, char **argv, void *userdata) {
*p);
}
r = call_nta(bus, clear ? NULL : argv + 2, bus_resolve_mgr, &error);
r = call_nta(bus, clear ? NULL : args, bus_resolve_mgr, &error);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
r = call_nta(bus, clear ? NULL : argv + 2, bus_network_mgr, &error);
r = call_nta(bus, clear ? NULL : args, bus_network_mgr, &error);
}
if (r < 0) {
if (arg_ifindex_permissive &&
@ -2640,10 +2737,14 @@ static int verb_nta(int argc, char **argv, void *userdata) {
}
static int verb_revert_link(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
sd_bus *bus = ASSERT_PTR(userdata);
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
if (argc >= 2) {
r = ifname_mangle(argv[1]);
if (r < 0)
@ -2653,6 +2754,8 @@ static int verb_revert_link(int argc, char **argv, void *userdata) {
if (arg_ifindex <= 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Interface argument required.");
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_resolve_mgr, "RevertLink", &error, NULL, "i", arg_ifindex);
if (r < 0 && sd_bus_error_has_name(&error, BUS_ERROR_LINK_BUSY)) {
sd_bus_error_free(&error);
@ -2671,7 +2774,12 @@ static int verb_revert_link(int argc, char **argv, void *userdata) {
}
static int verb_log_level(int argc, char *argv[], void *userdata) {
sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
r = acquire_bus(&bus);
if (r < 0)
return r;
assert(IN_SET(argc, 1, 2));
@ -2845,6 +2953,8 @@ static int verb_monitor(int argc, char *argv[], void *userdata) {
_cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;
int r, c;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = sd_event_default(&event);
if (r < 0)
return log_error_errno(r, "Failed to get event loop: %m");
@ -2869,7 +2979,10 @@ static int verb_monitor(int argc, char *argv[], void *userdata) {
if (r < 0)
return log_error_errno(r, "Failed to bind reply callback to varlink connection: %m");
r = sd_varlink_observe(vl, "io.systemd.Resolve.Monitor.SubscribeQueryResults", NULL);
r = sd_varlink_observebo(
vl,
"io.systemd.Resolve.Monitor.SubscribeQueryResults",
SD_JSON_BUILD_PAIR_BOOLEAN("allowInteractiveAuthentication", arg_ask_password));
if (r < 0)
return log_error_errno(r, "Failed to issue SubscribeQueryResults() varlink call: %m");
@ -3003,11 +3116,17 @@ static int verb_show_cache(int argc, char *argv[], void *userdata) {
_cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = sd_varlink_connect_address(&vl, "/run/systemd/resolve/io.systemd.Resolve.Monitor");
if (r < 0)
return log_error_errno(r, "Failed to connect to query monitoring service /run/systemd/resolve/io.systemd.Resolve.Monitor: %m");
r = varlink_call_and_log(vl, "io.systemd.Resolve.Monitor.DumpCache", /* parameters= */ NULL, &reply);
r = varlink_callbo_and_log(
vl,
"io.systemd.Resolve.Monitor.DumpCache",
&reply,
SD_JSON_BUILD_PAIR_BOOLEAN("allowInteractiveAuthentication", arg_ask_password));
if (r < 0)
return r;
@ -3177,11 +3296,17 @@ static int verb_show_server_state(int argc, char *argv[], void *userdata) {
_cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;
int r;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = sd_varlink_connect_address(&vl, "/run/systemd/resolve/io.systemd.Resolve.Monitor");
if (r < 0)
return log_error_errno(r, "Failed to connect to query monitoring service /run/systemd/resolve/io.systemd.Resolve.Monitor: %m");
r = varlink_call_and_log(vl, "io.systemd.Resolve.Monitor.DumpServerState", /* parameters= */ NULL, &reply);
r = varlink_callbo_and_log(
vl,
"io.systemd.Resolve.Monitor.DumpServerState",
&reply,
SD_JSON_BUILD_PAIR_BOOLEAN("allowInteractiveAuthentication", arg_ask_password));
if (r < 0)
return r;
@ -3331,6 +3456,7 @@ static int native_help(void) {
" -h --help Show this help\n"
" --version Show package version\n"
" --no-pager Do not pipe output into a pager\n"
" --no-ask-password Do not prompt for password\n"
" -4 Resolve IPv4 addresses\n"
" -6 Resolve IPv6 addresses\n"
" -i --interface=INTERFACE Look on interface\n"
@ -3703,6 +3829,7 @@ static int native_parse_argv(int argc, char *argv[]) {
ARG_RAW,
ARG_SEARCH,
ARG_NO_PAGER,
ARG_NO_ASK_PASSWORD,
ARG_JSON,
ARG_STALE_DATA,
ARG_RELAX_SINGLE_LABEL,
@ -3728,6 +3855,7 @@ static int native_parse_argv(int argc, char *argv[]) {
{ "raw", optional_argument, NULL, ARG_RAW },
{ "search", required_argument, NULL, ARG_SEARCH },
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
{ "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
{ "json", required_argument, NULL, ARG_JSON },
{ "stale-data", required_argument, NULL, ARG_STALE_DATA },
{ "relax-single-label", required_argument, NULL, ARG_RELAX_SINGLE_LABEL },
@ -3928,6 +4056,10 @@ static int native_parse_argv(int argc, char *argv[]) {
arg_pager_flags |= PAGER_DISABLE;
break;
case ARG_NO_ASK_PASSWORD:
arg_ask_password = false;
break;
case ARG_JSON:
r = parse_json_argument(optarg, &arg_json_format_flags);
if (r <= 0)
@ -3959,7 +4091,7 @@ static int native_parse_argv(int argc, char *argv[]) {
return 1 /* work to do */;
}
static int native_main(int argc, char *argv[], sd_bus *bus) {
static int native_main(int argc, char *argv[]) {
static const Verb verbs[] = {
{ "help", VERB_ANY, VERB_ANY, 0, verb_help },
@ -3988,10 +4120,10 @@ static int native_main(int argc, char *argv[], sd_bus *bus) {
{}
};
return dispatch_verb(argc, argv, verbs, bus);
return dispatch_verb(argc, argv, verbs, /* userdata = */ NULL);
}
static int translate(const char *verb, const char *single_arg, size_t num_args, char **args, sd_bus *bus) {
static int translate(const char *verb, const char *single_arg, size_t num_args, char **args) {
char **fake, **p;
size_t num;
@ -4004,86 +4136,86 @@ static int translate(const char *verb, const char *single_arg, size_t num_args,
*p++ = (char *) verb;
if (single_arg)
*p++ = (char *) single_arg;
for (size_t i = 0; i < num_args; i++)
*p++ = args[i];
FOREACH_ARRAY(arg, args, num_args)
*p++ = *arg;
optind = 0;
return native_main((int) num, fake, bus);
return native_main((int) num, fake);
}
static int compat_main(int argc, char *argv[], sd_bus *bus) {
static int compat_main(int argc, char *argv[]) {
int r = 0;
switch (arg_mode) {
case MODE_RESOLVE_HOST:
case MODE_RESOLVE_RECORD:
return translate("query", NULL, argc - optind, argv + optind, bus);
return translate("query", NULL, argc - optind, argv + optind);
case MODE_RESOLVE_SERVICE:
return translate("service", NULL, argc - optind, argv + optind, bus);
return translate("service", NULL, argc - optind, argv + optind);
case MODE_RESOLVE_OPENPGP:
return translate("openpgp", NULL, argc - optind, argv + optind, bus);
return translate("openpgp", NULL, argc - optind, argv + optind);
case MODE_RESOLVE_TLSA:
return translate("tlsa", arg_service_family, argc - optind, argv + optind, bus);
return translate("tlsa", arg_service_family, argc - optind, argv + optind);
case MODE_STATISTICS:
return translate("statistics", NULL, 0, NULL, bus);
return translate("statistics", NULL, 0, NULL);
case MODE_RESET_STATISTICS:
return translate("reset-statistics", NULL, 0, NULL, bus);
return translate("reset-statistics", NULL, 0, NULL);
case MODE_FLUSH_CACHES:
return translate("flush-caches", NULL, 0, NULL, bus);
return translate("flush-caches", NULL, 0, NULL);
case MODE_RESET_SERVER_FEATURES:
return translate("reset-server-features", NULL, 0, NULL, bus);
return translate("reset-server-features", NULL, 0, NULL);
case MODE_STATUS:
return translate("status", NULL, argc - optind, argv + optind, bus);
return translate("status", NULL, argc - optind, argv + optind);
case MODE_SET_LINK:
assert(arg_ifname);
if (arg_set_dns) {
r = translate("dns", arg_ifname, strv_length(arg_set_dns), arg_set_dns, bus);
r = translate("dns", arg_ifname, strv_length(arg_set_dns), arg_set_dns);
if (r < 0)
return r;
}
if (arg_set_domain) {
r = translate("domain", arg_ifname, strv_length(arg_set_domain), arg_set_domain, bus);
r = translate("domain", arg_ifname, strv_length(arg_set_domain), arg_set_domain);
if (r < 0)
return r;
}
if (arg_set_nta) {
r = translate("nta", arg_ifname, strv_length(arg_set_nta), arg_set_nta, bus);
r = translate("nta", arg_ifname, strv_length(arg_set_nta), arg_set_nta);
if (r < 0)
return r;
}
if (arg_set_llmnr) {
r = translate("llmnr", arg_ifname, 1, (char **) &arg_set_llmnr, bus);
r = translate("llmnr", arg_ifname, 1, (char **) &arg_set_llmnr);
if (r < 0)
return r;
}
if (arg_set_mdns) {
r = translate("mdns", arg_ifname, 1, (char **) &arg_set_mdns, bus);
r = translate("mdns", arg_ifname, 1, (char **) &arg_set_mdns);
if (r < 0)
return r;
}
if (arg_set_dns_over_tls) {
r = translate("dnsovertls", arg_ifname, 1, (char **) &arg_set_dns_over_tls, bus);
r = translate("dnsovertls", arg_ifname, 1, (char **) &arg_set_dns_over_tls);
if (r < 0)
return r;
}
if (arg_set_dnssec) {
r = translate("dnssec", arg_ifname, 1, (char **) &arg_set_dnssec, bus);
r = translate("dnssec", arg_ifname, 1, (char **) &arg_set_dnssec);
if (r < 0)
return r;
}
@ -4093,7 +4225,7 @@ static int compat_main(int argc, char *argv[], sd_bus *bus) {
case MODE_REVERT_LINK:
assert(arg_ifname);
return translate("revert", arg_ifname, 0, NULL, bus);
return translate("revert", arg_ifname, 0, NULL);
case _MODE_INVALID:
assert_not_reached();
@ -4103,7 +4235,6 @@ static int compat_main(int argc, char *argv[], sd_bus *bus) {
}
static int run(int argc, char **argv) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
bool compat = false;
int r;
@ -4121,14 +4252,10 @@ static int run(int argc, char **argv) {
if (r <= 0)
return r;
r = sd_bus_open_system(&bus);
if (r < 0)
return log_error_errno(r, "sd_bus_open_system: %m");
if (compat)
return compat_main(argc, argv, bus);
return compat_main(argc, argv);
return native_main(argc, argv, bus);
return native_main(argc, argv);
}
DEFINE_MAIN_FUNCTION(run);

View File

@ -1,5 +1,6 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "bus-polkit.h"
#include "glyph-util.h"
#include "in-addr-util.h"
#include "json-util.h"
@ -1233,20 +1234,40 @@ static int vl_method_resolve_record(sd_varlink *link, sd_json_variant *parameter
return 1;
}
static int vl_method_subscribe_query_results(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
Manager *m;
static int verify_polkit(sd_varlink *link, sd_json_variant *parameters, const char *action) {
static const sd_json_dispatch_field dispatch_table[] = {
VARLINK_DISPATCH_POLKIT_FIELD,
{}
};
int r;
Manager *m = ASSERT_PTR(sd_varlink_get_userdata(ASSERT_PTR(link)));
assert(link);
assert(action);
m = ASSERT_PTR(sd_varlink_server_get_userdata(sd_varlink_get_server(link)));
r = sd_varlink_dispatch(link, parameters, dispatch_table, /* userdata = */ NULL);
if (r != 0)
return r;
return varlink_verify_polkit_async(
link,
m->bus,
action,
/* details= */ NULL,
&m->polkit_registry);
}
static int vl_method_subscribe_query_results(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
Manager *m = ASSERT_PTR(sd_varlink_get_userdata(ASSERT_PTR(link)));
int r;
/* if the client didn't set the more flag, it is using us incorrectly */
if (!FLAGS_SET(flags, SD_VARLINK_METHOD_MORE))
return sd_varlink_error(link, SD_VARLINK_ERROR_EXPECTED_MORE, NULL);
if (sd_json_variant_elements(parameters) > 0)
return sd_varlink_error_invalid_parameter(link, parameters);
r = verify_polkit(link, parameters, "org.freedesktop.resolve1.subscribe-query-results");
if (r <= 0)
return r;
/* Send a ready message to the connecting client, to indicate that we are now listinening, and all
* queries issued after the point the client sees this will also be reported to the client. */
@ -1266,15 +1287,14 @@ static int vl_method_subscribe_query_results(sd_varlink *link, sd_json_variant *
static int vl_method_dump_cache(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *list = NULL;
Manager *m;
Manager *m = ASSERT_PTR(sd_varlink_get_userdata(ASSERT_PTR(link)));
int r;
assert(link);
if (sd_json_variant_elements(parameters) > 0)
return sd_varlink_error_invalid_parameter(link, parameters);
m = ASSERT_PTR(sd_varlink_server_get_userdata(sd_varlink_get_server(link)));
r = verify_polkit(link, parameters, "org.freedesktop.resolve1.dump-cache");
if (r <= 0)
return r;
LIST_FOREACH(scopes, s, m->dns_scopes) {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *j = NULL;
@ -1313,16 +1333,13 @@ static int dns_server_dump_state_to_json_list(DnsServer *server, sd_json_variant
static int vl_method_dump_server_state(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *list = NULL;
Manager *m;
int r;
Manager *m = ASSERT_PTR(sd_varlink_get_userdata(ASSERT_PTR(link)));
Link *l;
int r;
assert(link);
if (sd_json_variant_elements(parameters) > 0)
return sd_varlink_error_invalid_parameter(link, parameters);
m = ASSERT_PTR(sd_varlink_server_get_userdata(sd_varlink_get_server(link)));
r = verify_polkit(link, parameters, "org.freedesktop.resolve1.dump-server-state");
if (r <= 0)
return r;
LIST_FOREACH(servers, server, m->dns_servers) {
r = dns_server_dump_state_to_json_list(server, &list);
@ -1354,15 +1371,14 @@ static int vl_method_dump_server_state(sd_varlink *link, sd_json_variant *parame
static int vl_method_dump_statistics(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *j = NULL;
Manager *m;
Manager *m = ASSERT_PTR(sd_varlink_get_userdata(ASSERT_PTR(link)));
int r;
assert(link);
if (sd_json_variant_elements(parameters) > 0)
return sd_varlink_error_invalid_parameter(link, parameters);
m = ASSERT_PTR(sd_varlink_server_get_userdata(sd_varlink_get_server(link)));
r = verify_polkit(link, parameters, "org.freedesktop.resolve1.dump-statistics");
if (r <= 0)
return r;
r = dns_manager_dump_statistics_json(m, &j);
if (r < 0)
@ -1372,14 +1388,12 @@ static int vl_method_dump_statistics(sd_varlink *link, sd_json_variant *paramete
}
static int vl_method_reset_statistics(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
Manager *m;
Manager *m = ASSERT_PTR(sd_varlink_get_userdata(ASSERT_PTR(link)));
int r;
assert(link);
if (sd_json_variant_elements(parameters) > 0)
return sd_varlink_error_invalid_parameter(link, parameters);
m = ASSERT_PTR(sd_varlink_server_get_userdata(sd_varlink_get_server(link)));
r = verify_polkit(link, parameters, "org.freedesktop.resolve1.reset-statistics");
if (r <= 0)
return r;
dns_manager_reset_statistics(m);
@ -1395,7 +1409,7 @@ static int varlink_monitor_server_init(Manager *m) {
if (m->varlink_monitor_server)
return 0;
r = sd_varlink_server_new(&server, SD_VARLINK_SERVER_ROOT_ONLY);
r = sd_varlink_server_new(&server, SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA);
if (r < 0)
return log_error_errno(r, "Failed to allocate varlink server object: %m");
@ -1419,7 +1433,7 @@ static int varlink_monitor_server_init(Manager *m) {
if (r < 0)
return log_error_errno(r, "Failed to register varlink disconnect handler: %m");
r = sd_varlink_server_listen_address(server, "/run/systemd/resolve/io.systemd.Resolve.Monitor", 0600);
r = sd_varlink_server_listen_address(server, "/run/systemd/resolve/io.systemd.Resolve.Monitor", 0666);
if (r < 0)
return log_error_errno(r, "Failed to bind to varlink socket: %m");

View File

@ -1562,10 +1562,6 @@ static int make_transient_service_unit(
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
if (r < 0)
return bus_log_create_error(r);
/* Name and mode */
r = sd_bus_message_append(m, "ss", service, "fail");
if (r < 0)
@ -1734,6 +1730,8 @@ static int start_transient_service(sd_bus *bus) {
assert(bus);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
if (arg_stdio == ARG_STDIO_PTY) {
if (IN_SET(arg_transport, BUS_TRANSPORT_LOCAL, BUS_TRANSPORT_CAPSULE)) {
@ -1769,6 +1767,8 @@ static int start_transient_service(sd_bus *bus) {
if (r < 0)
return log_error_errno(r, "Failed to connect to system bus: %m");
(void) sd_bus_set_allow_interactive_authorization(system_bus, arg_ask_password);
r = bus_call_method(system_bus,
bus_machine_mgr,
"OpenMachinePTY",
@ -1823,8 +1823,6 @@ static int start_transient_service(sd_bus *bus) {
return r;
slave = safe_close(slave);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_with_hint(bus, m, "service", &reply);
if (r < 0)
return r;
@ -2037,7 +2035,7 @@ static int start_transient_scope(sd_bus *bus) {
return r;
}
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
for (;;) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
@ -2047,10 +2045,6 @@ static int start_transient_scope(sd_bus *bus) {
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
if (r < 0)
return bus_log_create_error(r);
/* Name and Mode */
r = sd_bus_message_append(m, "ss", scope, "fail");
if (r < 0)
@ -2219,10 +2213,6 @@ static int make_transient_trigger_unit(
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
if (r < 0)
return bus_log_create_error(r);
/* Name and Mode */
r = sd_bus_message_append(m, "ss", trigger, "fail");
if (r < 0)
@ -2352,7 +2342,7 @@ static int start_transient_trigger(sd_bus *bus, const char *suffix) {
if (r < 0)
return r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_with_hint(bus, m, suffix + 1, &reply);
if (r < 0)
@ -2453,6 +2443,8 @@ static int run(int argc, char* argv[]) {
if (r < 0)
return bus_log_connect_error(r, arg_transport);
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
if (arg_scope)
return start_transient_scope(bus);
if (arg_path_property)

View File

@ -19,6 +19,7 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
static SD_VARLINK_DEFINE_METHOD(
SubscribeQueryResults,
SD_VARLINK_DEFINE_INPUT(allowInteractiveAuthentication, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE),
/* First reply */
SD_VARLINK_DEFINE_OUTPUT(ready, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE),
/* Subsequent replies */
@ -49,6 +50,7 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
static SD_VARLINK_DEFINE_METHOD(
DumpCache,
SD_VARLINK_DEFINE_INPUT(allowInteractiveAuthentication, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE),
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(dump, ScopeCache, SD_VARLINK_ARRAY));
static SD_VARLINK_DEFINE_STRUCT_TYPE(
@ -72,6 +74,7 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
static SD_VARLINK_DEFINE_METHOD(
DumpServerState,
SD_VARLINK_DEFINE_INPUT(allowInteractiveAuthentication, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE),
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(dump, ServerState, SD_VARLINK_ARRAY));
static SD_VARLINK_DEFINE_STRUCT_TYPE(
@ -98,11 +101,14 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
static SD_VARLINK_DEFINE_METHOD(
DumpStatistics,
SD_VARLINK_DEFINE_INPUT(allowInteractiveAuthentication, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE),
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(transactions, TransactionStatistics, 0),
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(cache, CacheStatistics, 0),
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(dnssec, DnssecStatistics, 0));
static SD_VARLINK_DEFINE_METHOD(ResetStatistics);
static SD_VARLINK_DEFINE_METHOD(
ResetStatistics,
SD_VARLINK_DEFINE_INPUT(allowInteractiveAuthentication, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE));
SD_VARLINK_DEFINE_INTERFACE(
io_systemd_Resolve_Monitor,

View File

@ -86,7 +86,7 @@ void polkit_agent_open_maybe(void) {
if (arg_runtime_scope != RUNTIME_SCOPE_SYSTEM)
return;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
}
int translate_bus_error_to_exit_status(int r, const sd_bus_error *error) {

View File

@ -213,12 +213,11 @@ static int show_properties(int argc, char **argv, void *userdata) {
static int set_time(int argc, char **argv, void *userdata) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
bool relative = false, interactive = arg_ask_password;
sd_bus *bus = userdata;
usec_t t;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = parse_timestamp(argv[1], &t);
if (r < 0)
@ -230,7 +229,7 @@ static int set_time(int argc, char **argv, void *userdata) {
"SetTime",
&error,
NULL,
"xbb", (int64_t) t, relative, interactive);
"xbb", (int64_t) t, false, arg_ask_password);
if (r < 0)
return log_error_errno(r, "Failed to set time: %s", bus_error_message(&error, r));
@ -242,7 +241,7 @@ static int set_timezone(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
int r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(bus, bus_timedate, "SetTimezone", &error, NULL, "sb", argv[1], arg_ask_password);
if (r < 0)
@ -256,7 +255,7 @@ static int set_local_rtc(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
int r, b;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
b = parse_boolean(argv[1]);
if (b < 0)
@ -288,7 +287,7 @@ static int set_ntp(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
int b, r;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
b = parse_boolean(argv[1]);
if (b < 0)
@ -821,7 +820,7 @@ static int verb_ntp_servers(int argc, char **argv, void *userdata) {
if (ifindex < 0)
return ifindex;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_message_new_method_call(bus, &req, bus_network_mgr, "SetLinkNTP");
if (r < 0)
@ -851,7 +850,7 @@ static int verb_revert(int argc, char **argv, void *userdata) {
if (ifindex < 0)
return ifindex;
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = bus_call_method(bus, bus_network_mgr, "RevertLinkNTP", &error, NULL, "i", ifindex);
if (r < 0)
@ -1041,6 +1040,8 @@ static int run(int argc, char *argv[]) {
if (r < 0)
return bus_log_connect_error(r, arg_transport);
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
return timedatectl_main(bus, argc, argv);
}