Line data Source code
1 : /* SPDX-License-Identifier: LGPL-2.1+ */
2 :
3 : #include <errno.h>
4 : #include <string.h>
5 : #include <unistd.h>
6 :
7 : #include "sd-id128.h"
8 :
9 : #include "alloc-util.h"
10 : #include "btrfs-util.h"
11 : #include "bus-common-errors.h"
12 : #include "bus-util.h"
13 : #include "cgroup-util.h"
14 : #include "errno-util.h"
15 : #include "fd-util.h"
16 : #include "fileio.h"
17 : #include "format-util.h"
18 : #include "hostname-util.h"
19 : #include "image-dbus.h"
20 : #include "io-util.h"
21 : #include "machine-dbus.h"
22 : #include "machine-image.h"
23 : #include "machine-pool.h"
24 : #include "machined.h"
25 : #include "missing_capability.h"
26 : #include "path-util.h"
27 : #include "process-util.h"
28 : #include "stdio-util.h"
29 : #include "strv.h"
30 : #include "tmpfile-util.h"
31 : #include "unit-name.h"
32 : #include "user-util.h"
33 :
34 0 : static BUS_DEFINE_PROPERTY_GET_GLOBAL(property_get_pool_path, "s", "/var/lib/machines");
35 :
36 0 : static int property_get_pool_usage(
37 : sd_bus *bus,
38 : const char *path,
39 : const char *interface,
40 : const char *property,
41 : sd_bus_message *reply,
42 : void *userdata,
43 : sd_bus_error *error) {
44 :
45 0 : _cleanup_close_ int fd = -1;
46 0 : uint64_t usage = (uint64_t) -1;
47 :
48 0 : assert(bus);
49 0 : assert(reply);
50 :
51 0 : fd = open("/var/lib/machines", O_RDONLY|O_CLOEXEC|O_DIRECTORY);
52 0 : if (fd >= 0) {
53 : BtrfsQuotaInfo q;
54 :
55 0 : if (btrfs_subvol_get_subtree_quota_fd(fd, 0, &q) >= 0)
56 0 : usage = q.referenced;
57 : }
58 :
59 0 : return sd_bus_message_append(reply, "t", usage);
60 : }
61 :
62 0 : static int property_get_pool_limit(
63 : sd_bus *bus,
64 : const char *path,
65 : const char *interface,
66 : const char *property,
67 : sd_bus_message *reply,
68 : void *userdata,
69 : sd_bus_error *error) {
70 :
71 0 : _cleanup_close_ int fd = -1;
72 0 : uint64_t size = (uint64_t) -1;
73 :
74 0 : assert(bus);
75 0 : assert(reply);
76 :
77 0 : fd = open("/var/lib/machines", O_RDONLY|O_CLOEXEC|O_DIRECTORY);
78 0 : if (fd >= 0) {
79 : BtrfsQuotaInfo q;
80 :
81 0 : if (btrfs_subvol_get_subtree_quota_fd(fd, 0, &q) >= 0)
82 0 : size = q.referenced_max;
83 : }
84 :
85 0 : return sd_bus_message_append(reply, "t", size);
86 : }
87 :
88 0 : static int method_get_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
89 0 : _cleanup_free_ char *p = NULL;
90 0 : Manager *m = userdata;
91 : Machine *machine;
92 : const char *name;
93 : int r;
94 :
95 0 : assert(message);
96 0 : assert(m);
97 :
98 0 : r = sd_bus_message_read(message, "s", &name);
99 0 : if (r < 0)
100 0 : return r;
101 :
102 0 : machine = hashmap_get(m->machines, name);
103 0 : if (!machine)
104 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_MACHINE, "No machine '%s' known", name);
105 :
106 0 : p = machine_bus_path(machine);
107 0 : if (!p)
108 0 : return -ENOMEM;
109 :
110 0 : return sd_bus_reply_method_return(message, "o", p);
111 : }
112 :
113 0 : static int method_get_image(sd_bus_message *message, void *userdata, sd_bus_error *error) {
114 0 : _cleanup_free_ char *p = NULL;
115 0 : Manager *m = userdata;
116 : const char *name;
117 : int r;
118 :
119 0 : assert(message);
120 0 : assert(m);
121 :
122 0 : r = sd_bus_message_read(message, "s", &name);
123 0 : if (r < 0)
124 0 : return r;
125 :
126 0 : r = image_find(IMAGE_MACHINE, name, NULL);
127 0 : if (r == -ENOENT)
128 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_IMAGE, "No image '%s' known", name);
129 0 : if (r < 0)
130 0 : return r;
131 :
132 0 : p = image_bus_path(name);
133 0 : if (!p)
134 0 : return -ENOMEM;
135 :
136 0 : return sd_bus_reply_method_return(message, "o", p);
137 : }
138 :
139 0 : static int method_get_machine_by_pid(sd_bus_message *message, void *userdata, sd_bus_error *error) {
140 0 : _cleanup_free_ char *p = NULL;
141 0 : Manager *m = userdata;
142 0 : Machine *machine = NULL;
143 : pid_t pid;
144 : int r;
145 :
146 0 : assert(message);
147 0 : assert(m);
148 :
149 : assert_cc(sizeof(pid_t) == sizeof(uint32_t));
150 :
151 0 : r = sd_bus_message_read(message, "u", &pid);
152 0 : if (r < 0)
153 0 : return r;
154 :
155 0 : if (pid < 0)
156 0 : return -EINVAL;
157 :
158 0 : if (pid == 0) {
159 0 : _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
160 :
161 0 : r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
162 0 : if (r < 0)
163 0 : return r;
164 :
165 0 : r = sd_bus_creds_get_pid(creds, &pid);
166 0 : if (r < 0)
167 0 : return r;
168 : }
169 :
170 0 : r = manager_get_machine_by_pid(m, pid, &machine);
171 0 : if (r < 0)
172 0 : return r;
173 0 : if (!machine)
174 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_MACHINE_FOR_PID, "PID "PID_FMT" does not belong to any known machine", pid);
175 :
176 0 : p = machine_bus_path(machine);
177 0 : if (!p)
178 0 : return -ENOMEM;
179 :
180 0 : return sd_bus_reply_method_return(message, "o", p);
181 : }
182 :
183 0 : static int method_list_machines(sd_bus_message *message, void *userdata, sd_bus_error *error) {
184 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
185 0 : Manager *m = userdata;
186 : Machine *machine;
187 : Iterator i;
188 : int r;
189 :
190 0 : assert(message);
191 0 : assert(m);
192 :
193 0 : r = sd_bus_message_new_method_return(message, &reply);
194 0 : if (r < 0)
195 0 : return sd_bus_error_set_errno(error, r);
196 :
197 0 : r = sd_bus_message_open_container(reply, 'a', "(ssso)");
198 0 : if (r < 0)
199 0 : return sd_bus_error_set_errno(error, r);
200 :
201 0 : HASHMAP_FOREACH(machine, m->machines, i) {
202 0 : _cleanup_free_ char *p = NULL;
203 :
204 0 : p = machine_bus_path(machine);
205 0 : if (!p)
206 0 : return -ENOMEM;
207 :
208 0 : r = sd_bus_message_append(reply, "(ssso)",
209 0 : machine->name,
210 0 : strempty(machine_class_to_string(machine->class)),
211 0 : machine->service,
212 : p);
213 0 : if (r < 0)
214 0 : return sd_bus_error_set_errno(error, r);
215 : }
216 :
217 0 : r = sd_bus_message_close_container(reply);
218 0 : if (r < 0)
219 0 : return sd_bus_error_set_errno(error, r);
220 :
221 0 : return sd_bus_send(NULL, reply, NULL);
222 : }
223 :
224 0 : static int method_create_or_register_machine(Manager *manager, sd_bus_message *message, bool read_network, Machine **_m, sd_bus_error *error) {
225 : const char *name, *service, *class, *root_directory;
226 0 : const int32_t *netif = NULL;
227 : MachineClass c;
228 : uint32_t leader;
229 : sd_id128_t id;
230 : const void *v;
231 : Machine *m;
232 0 : size_t n, n_netif = 0;
233 : int r;
234 :
235 0 : assert(manager);
236 0 : assert(message);
237 0 : assert(_m);
238 :
239 0 : r = sd_bus_message_read(message, "s", &name);
240 0 : if (r < 0)
241 0 : return r;
242 0 : if (!machine_name_is_valid(name))
243 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid machine name");
244 :
245 0 : r = sd_bus_message_read_array(message, 'y', &v, &n);
246 0 : if (r < 0)
247 0 : return r;
248 0 : if (n == 0)
249 0 : id = SD_ID128_NULL;
250 0 : else if (n == 16)
251 0 : memcpy(&id, v, n);
252 : else
253 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid machine ID parameter");
254 :
255 0 : r = sd_bus_message_read(message, "ssus", &service, &class, &leader, &root_directory);
256 0 : if (r < 0)
257 0 : return r;
258 :
259 0 : if (read_network) {
260 : size_t i;
261 :
262 0 : r = sd_bus_message_read_array(message, 'i', (const void**) &netif, &n_netif);
263 0 : if (r < 0)
264 0 : return r;
265 :
266 0 : n_netif /= sizeof(int32_t);
267 :
268 0 : for (i = 0; i < n_netif; i++) {
269 0 : if (netif[i] <= 0)
270 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid network interface index %i", netif[i]);
271 : }
272 : }
273 :
274 0 : if (isempty(class))
275 0 : c = _MACHINE_CLASS_INVALID;
276 : else {
277 0 : c = machine_class_from_string(class);
278 0 : if (c < 0)
279 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid machine class parameter");
280 : }
281 :
282 0 : if (leader == 1)
283 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid leader PID");
284 :
285 0 : if (!isempty(root_directory) && !path_is_absolute(root_directory))
286 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Root directory must be empty or an absolute path");
287 :
288 0 : if (leader == 0) {
289 0 : _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
290 :
291 0 : r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
292 0 : if (r < 0)
293 0 : return r;
294 :
295 : assert_cc(sizeof(uint32_t) == sizeof(pid_t));
296 :
297 0 : r = sd_bus_creds_get_pid(creds, (pid_t*) &leader);
298 0 : if (r < 0)
299 0 : return r;
300 : }
301 :
302 0 : if (hashmap_get(manager->machines, name))
303 0 : return sd_bus_error_setf(error, BUS_ERROR_MACHINE_EXISTS, "Machine '%s' already exists", name);
304 :
305 0 : r = manager_add_machine(manager, name, &m);
306 0 : if (r < 0)
307 0 : return r;
308 :
309 0 : m->leader = leader;
310 0 : m->class = c;
311 0 : m->id = id;
312 :
313 0 : if (!isempty(service)) {
314 0 : m->service = strdup(service);
315 0 : if (!m->service) {
316 0 : r = -ENOMEM;
317 0 : goto fail;
318 : }
319 : }
320 :
321 0 : if (!isempty(root_directory)) {
322 0 : m->root_directory = strdup(root_directory);
323 0 : if (!m->root_directory) {
324 0 : r = -ENOMEM;
325 0 : goto fail;
326 : }
327 : }
328 :
329 0 : if (n_netif > 0) {
330 : assert_cc(sizeof(int32_t) == sizeof(int));
331 0 : m->netif = memdup(netif, sizeof(int32_t) * n_netif);
332 0 : if (!m->netif) {
333 0 : r = -ENOMEM;
334 0 : goto fail;
335 : }
336 :
337 0 : m->n_netif = n_netif;
338 : }
339 :
340 0 : *_m = m;
341 :
342 0 : return 1;
343 :
344 0 : fail:
345 0 : machine_add_to_gc_queue(m);
346 0 : return r;
347 : }
348 :
349 0 : static int method_create_machine_internal(sd_bus_message *message, bool read_network, void *userdata, sd_bus_error *error) {
350 0 : Manager *manager = userdata;
351 0 : Machine *m = NULL;
352 : int r;
353 :
354 0 : assert(message);
355 0 : assert(manager);
356 :
357 0 : r = method_create_or_register_machine(manager, message, read_network, &m, error);
358 0 : if (r < 0)
359 0 : return r;
360 :
361 0 : r = sd_bus_message_enter_container(message, 'a', "(sv)");
362 0 : if (r < 0)
363 0 : goto fail;
364 :
365 0 : r = machine_start(m, message, error);
366 0 : if (r < 0)
367 0 : goto fail;
368 :
369 0 : m->create_message = sd_bus_message_ref(message);
370 0 : return 1;
371 :
372 0 : fail:
373 0 : machine_add_to_gc_queue(m);
374 0 : return r;
375 : }
376 :
377 0 : static int method_create_machine_with_network(sd_bus_message *message, void *userdata, sd_bus_error *error) {
378 0 : return method_create_machine_internal(message, true, userdata, error);
379 : }
380 :
381 0 : static int method_create_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
382 0 : return method_create_machine_internal(message, false, userdata, error);
383 : }
384 :
385 0 : static int method_register_machine_internal(sd_bus_message *message, bool read_network, void *userdata, sd_bus_error *error) {
386 0 : Manager *manager = userdata;
387 0 : _cleanup_free_ char *p = NULL;
388 0 : Machine *m = NULL;
389 : int r;
390 :
391 0 : assert(message);
392 0 : assert(manager);
393 :
394 0 : r = method_create_or_register_machine(manager, message, read_network, &m, error);
395 0 : if (r < 0)
396 0 : return r;
397 :
398 0 : r = cg_pid_get_unit(m->leader, &m->unit);
399 0 : if (r < 0) {
400 0 : r = sd_bus_error_set_errnof(error, r,
401 : "Failed to determine unit of process "PID_FMT" : %m",
402 0 : m->leader);
403 0 : goto fail;
404 : }
405 :
406 0 : r = machine_start(m, NULL, error);
407 0 : if (r < 0)
408 0 : goto fail;
409 :
410 0 : p = machine_bus_path(m);
411 0 : if (!p) {
412 0 : r = -ENOMEM;
413 0 : goto fail;
414 : }
415 :
416 0 : return sd_bus_reply_method_return(message, "o", p);
417 :
418 0 : fail:
419 0 : machine_add_to_gc_queue(m);
420 0 : return r;
421 : }
422 :
423 0 : static int method_register_machine_with_network(sd_bus_message *message, void *userdata, sd_bus_error *error) {
424 0 : return method_register_machine_internal(message, true, userdata, error);
425 : }
426 :
427 0 : static int method_register_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
428 0 : return method_register_machine_internal(message, false, userdata, error);
429 : }
430 :
431 0 : static int redirect_method_to_machine(sd_bus_message *message, Manager *m, sd_bus_error *error, sd_bus_message_handler_t method) {
432 : Machine *machine;
433 : const char *name;
434 : int r;
435 :
436 0 : assert(message);
437 0 : assert(m);
438 0 : assert(method);
439 :
440 0 : r = sd_bus_message_read(message, "s", &name);
441 0 : if (r < 0)
442 0 : return sd_bus_error_set_errno(error, r);
443 :
444 0 : machine = hashmap_get(m->machines, name);
445 0 : if (!machine)
446 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_MACHINE, "No machine '%s' known", name);
447 :
448 0 : return method(message, machine, error);
449 : }
450 :
451 0 : static int method_terminate_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
452 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_terminate);
453 : }
454 :
455 0 : static int method_kill_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
456 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_kill);
457 : }
458 :
459 0 : static int method_get_machine_addresses(sd_bus_message *message, void *userdata, sd_bus_error *error) {
460 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_get_addresses);
461 : }
462 :
463 0 : static int method_get_machine_os_release(sd_bus_message *message, void *userdata, sd_bus_error *error) {
464 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_get_os_release);
465 : }
466 :
467 0 : static int method_list_images(sd_bus_message *message, void *userdata, sd_bus_error *error) {
468 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
469 0 : _cleanup_hashmap_free_ Hashmap *images = NULL;
470 0 : Manager *m = userdata;
471 : Image *image;
472 : Iterator i;
473 : int r;
474 :
475 0 : assert(message);
476 0 : assert(m);
477 :
478 0 : images = hashmap_new(&image_hash_ops);
479 0 : if (!images)
480 0 : return -ENOMEM;
481 :
482 0 : r = image_discover(IMAGE_MACHINE, images);
483 0 : if (r < 0)
484 0 : return r;
485 :
486 0 : r = sd_bus_message_new_method_return(message, &reply);
487 0 : if (r < 0)
488 0 : return r;
489 :
490 0 : r = sd_bus_message_open_container(reply, 'a', "(ssbttto)");
491 0 : if (r < 0)
492 0 : return r;
493 :
494 0 : HASHMAP_FOREACH(image, images, i) {
495 0 : _cleanup_free_ char *p = NULL;
496 :
497 0 : p = image_bus_path(image->name);
498 0 : if (!p)
499 0 : return -ENOMEM;
500 :
501 0 : r = sd_bus_message_append(reply, "(ssbttto)",
502 0 : image->name,
503 0 : image_type_to_string(image->type),
504 0 : image->read_only,
505 0 : image->crtime,
506 0 : image->mtime,
507 0 : image->usage,
508 : p);
509 0 : if (r < 0)
510 0 : return r;
511 : }
512 :
513 0 : r = sd_bus_message_close_container(reply);
514 0 : if (r < 0)
515 0 : return r;
516 :
517 0 : return sd_bus_send(NULL, reply, NULL);
518 : }
519 :
520 0 : static int method_open_machine_pty(sd_bus_message *message, void *userdata, sd_bus_error *error) {
521 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_open_pty);
522 : }
523 :
524 0 : static int method_open_machine_login(sd_bus_message *message, void *userdata, sd_bus_error *error) {
525 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_open_login);
526 : }
527 :
528 0 : static int method_open_machine_shell(sd_bus_message *message, void *userdata, sd_bus_error *error) {
529 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_open_shell);
530 : }
531 :
532 0 : static int method_bind_mount_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
533 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_bind_mount);
534 : }
535 :
536 0 : static int method_copy_machine(sd_bus_message *message, void *userdata, sd_bus_error *error) {
537 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_copy);
538 : }
539 :
540 0 : static int method_open_machine_root_directory(sd_bus_message *message, void *userdata, sd_bus_error *error) {
541 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_open_root_directory);
542 : }
543 :
544 0 : static int method_get_machine_uid_shift(sd_bus_message *message, void *userdata, sd_bus_error *error) {
545 0 : return redirect_method_to_machine(message, userdata, error, bus_machine_method_get_uid_shift);
546 : }
547 :
548 0 : static int redirect_method_to_image(sd_bus_message *message, Manager *m, sd_bus_error *error, sd_bus_message_handler_t method) {
549 0 : _cleanup_(image_unrefp) Image* i = NULL;
550 : const char *name;
551 : int r;
552 :
553 0 : assert(message);
554 0 : assert(m);
555 0 : assert(method);
556 :
557 0 : r = sd_bus_message_read(message, "s", &name);
558 0 : if (r < 0)
559 0 : return r;
560 :
561 0 : if (!image_name_is_valid(name))
562 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Image name '%s' is invalid.", name);
563 :
564 0 : r = image_find(IMAGE_MACHINE, name, &i);
565 0 : if (r == -ENOENT)
566 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_IMAGE, "No image '%s' known", name);
567 0 : if (r < 0)
568 0 : return r;
569 :
570 0 : i->userdata = m;
571 0 : return method(message, i, error);
572 : }
573 :
574 0 : static int method_remove_image(sd_bus_message *message, void *userdata, sd_bus_error *error) {
575 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_remove);
576 : }
577 :
578 0 : static int method_rename_image(sd_bus_message *message, void *userdata, sd_bus_error *error) {
579 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_rename);
580 : }
581 :
582 0 : static int method_clone_image(sd_bus_message *message, void *userdata, sd_bus_error *error) {
583 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_clone);
584 : }
585 :
586 0 : static int method_mark_image_read_only(sd_bus_message *message, void *userdata, sd_bus_error *error) {
587 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_mark_read_only);
588 : }
589 :
590 0 : static int method_get_image_hostname(sd_bus_message *message, void *userdata, sd_bus_error *error) {
591 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_get_hostname);
592 : }
593 :
594 0 : static int method_get_image_machine_id(sd_bus_message *message, void *userdata, sd_bus_error *error) {
595 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_get_machine_id);
596 : }
597 :
598 0 : static int method_get_image_machine_info(sd_bus_message *message, void *userdata, sd_bus_error *error) {
599 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_get_machine_info);
600 : }
601 :
602 0 : static int method_get_image_os_release(sd_bus_message *message, void *userdata, sd_bus_error *error) {
603 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_get_os_release);
604 : }
605 :
606 0 : static int clean_pool_done(Operation *operation, int ret, sd_bus_error *error) {
607 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
608 0 : _cleanup_fclose_ FILE *f = NULL;
609 : bool success;
610 : size_t n;
611 : int r;
612 :
613 0 : assert(operation);
614 0 : assert(operation->extra_fd >= 0);
615 :
616 0 : if (lseek(operation->extra_fd, 0, SEEK_SET) == (off_t) -1)
617 0 : return -errno;
618 :
619 0 : f = fdopen(operation->extra_fd, "r");
620 0 : if (!f)
621 0 : return -errno;
622 :
623 0 : operation->extra_fd = -1;
624 :
625 : /* The resulting temporary file starts with a boolean value that indicates success or not. */
626 0 : errno = 0;
627 0 : n = fread(&success, 1, sizeof(success), f);
628 0 : if (n != sizeof(success))
629 0 : return ret < 0 ? ret : errno_or_else(EIO);
630 :
631 0 : if (ret < 0) {
632 0 : _cleanup_free_ char *name = NULL;
633 :
634 : /* The clean-up operation failed. In this case the resulting temporary file should contain a boolean
635 : * set to false followed by the name of the failed image. Let's try to read this and use it for the
636 : * error message. If we can't read it, don't mind, and return the naked error. */
637 :
638 0 : if (success) /* The resulting temporary file could not be updated, ignore it. */
639 0 : return ret;
640 :
641 0 : r = read_nul_string(f, LONG_LINE_MAX, &name);
642 0 : if (r <= 0) /* Same here... */
643 0 : return ret;
644 :
645 0 : return sd_bus_error_set_errnof(error, ret, "Failed to remove image %s: %m", name);
646 : }
647 :
648 0 : assert(success);
649 :
650 0 : r = sd_bus_message_new_method_return(operation->message, &reply);
651 0 : if (r < 0)
652 0 : return r;
653 :
654 0 : r = sd_bus_message_open_container(reply, 'a', "(st)");
655 0 : if (r < 0)
656 0 : return r;
657 :
658 : /* On success the resulting temporary file will contain a list of image names that were removed followed by
659 : * their size on disk. Let's read that and turn it into a bus message. */
660 0 : for (;;) {
661 0 : _cleanup_free_ char *name = NULL;
662 : uint64_t size;
663 :
664 0 : r = read_nul_string(f, LONG_LINE_MAX, &name);
665 0 : if (r < 0)
666 0 : return r;
667 0 : if (r == 0) /* reached the end */
668 0 : break;
669 :
670 0 : errno = 0;
671 0 : n = fread(&size, 1, sizeof(size), f);
672 0 : if (n != sizeof(size))
673 0 : return errno_or_else(EIO);
674 :
675 0 : r = sd_bus_message_append(reply, "(st)", name, size);
676 0 : if (r < 0)
677 0 : return r;
678 : }
679 :
680 0 : r = sd_bus_message_close_container(reply);
681 0 : if (r < 0)
682 0 : return r;
683 :
684 0 : return sd_bus_send(NULL, reply, NULL);
685 : }
686 :
687 0 : static int method_clean_pool(sd_bus_message *message, void *userdata, sd_bus_error *error) {
688 : enum {
689 : REMOVE_ALL,
690 : REMOVE_HIDDEN,
691 : } mode;
692 :
693 0 : _cleanup_close_pair_ int errno_pipe_fd[2] = { -1, -1 };
694 0 : _cleanup_close_ int result_fd = -1;
695 0 : Manager *m = userdata;
696 : Operation *operation;
697 : const char *mm;
698 : pid_t child;
699 : int r;
700 :
701 0 : assert(message);
702 :
703 0 : if (m->n_operations >= OPERATIONS_MAX)
704 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_LIMITS_EXCEEDED, "Too many ongoing operations.");
705 :
706 0 : r = sd_bus_message_read(message, "s", &mm);
707 0 : if (r < 0)
708 0 : return r;
709 :
710 0 : if (streq(mm, "all"))
711 0 : mode = REMOVE_ALL;
712 0 : else if (streq(mm, "hidden"))
713 0 : mode = REMOVE_HIDDEN;
714 : else
715 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unknown mode '%s'.", mm);
716 :
717 0 : r = bus_verify_polkit_async(
718 : message,
719 : CAP_SYS_ADMIN,
720 : "org.freedesktop.machine1.manage-machines",
721 : NULL,
722 : false,
723 : UID_INVALID,
724 : &m->polkit_registry,
725 : error);
726 0 : if (r < 0)
727 0 : return r;
728 0 : if (r == 0)
729 0 : return 1; /* Will call us back */
730 :
731 0 : if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
732 0 : return sd_bus_error_set_errnof(error, errno, "Failed to create pipe: %m");
733 :
734 : /* Create a temporary file we can dump information about deleted images into. We use a temporary file for this
735 : * instead of a pipe or so, since this might grow quit large in theory and we don't want to process this
736 : * continuously */
737 0 : result_fd = open_tmpfile_unlinkable(NULL, O_RDWR|O_CLOEXEC);
738 0 : if (result_fd < 0)
739 0 : return -errno;
740 :
741 : /* This might be a slow operation, run it asynchronously in a background process */
742 0 : r = safe_fork("(sd-clean)", FORK_RESET_SIGNALS, &child);
743 0 : if (r < 0)
744 0 : return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m");
745 0 : if (r == 0) {
746 0 : _cleanup_hashmap_free_ Hashmap *images = NULL;
747 0 : bool success = true;
748 : Image *image;
749 : Iterator i;
750 : ssize_t l;
751 :
752 0 : errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
753 :
754 0 : images = hashmap_new(&image_hash_ops);
755 0 : if (!images) {
756 0 : r = -ENOMEM;
757 0 : goto child_fail;
758 : }
759 :
760 0 : r = image_discover(IMAGE_MACHINE, images);
761 0 : if (r < 0)
762 0 : goto child_fail;
763 :
764 0 : l = write(result_fd, &success, sizeof(success));
765 0 : if (l < 0) {
766 0 : r = -errno;
767 0 : goto child_fail;
768 : }
769 :
770 0 : HASHMAP_FOREACH(image, images, i) {
771 :
772 : /* We can't remove vendor images (i.e. those in /usr) */
773 0 : if (IMAGE_IS_VENDOR(image))
774 0 : continue;
775 :
776 0 : if (IMAGE_IS_HOST(image))
777 0 : continue;
778 :
779 0 : if (mode == REMOVE_HIDDEN && !IMAGE_IS_HIDDEN(image))
780 0 : continue;
781 :
782 0 : r = image_remove(image);
783 0 : if (r == -EBUSY) /* keep images that are currently being used. */
784 0 : continue;
785 0 : if (r < 0) {
786 : /* If the operation failed, let's override everything we wrote, and instead write there at which image we failed. */
787 0 : success = false;
788 0 : (void) ftruncate(result_fd, 0);
789 0 : (void) lseek(result_fd, 0, SEEK_SET);
790 0 : (void) write(result_fd, &success, sizeof(success));
791 0 : (void) write(result_fd, image->name, strlen(image->name)+1);
792 0 : goto child_fail;
793 : }
794 :
795 0 : l = write(result_fd, image->name, strlen(image->name)+1);
796 0 : if (l < 0) {
797 0 : r = -errno;
798 0 : goto child_fail;
799 : }
800 :
801 0 : l = write(result_fd, &image->usage_exclusive, sizeof(image->usage_exclusive));
802 0 : if (l < 0) {
803 0 : r = -errno;
804 0 : goto child_fail;
805 : }
806 : }
807 :
808 0 : result_fd = safe_close(result_fd);
809 0 : _exit(EXIT_SUCCESS);
810 :
811 0 : child_fail:
812 0 : (void) write(errno_pipe_fd[1], &r, sizeof(r));
813 0 : _exit(EXIT_FAILURE);
814 : }
815 :
816 0 : errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
817 :
818 : /* The clean-up might take a while, hence install a watch on the child and return */
819 :
820 0 : r = operation_new(m, NULL, child, message, errno_pipe_fd[0], &operation);
821 0 : if (r < 0) {
822 0 : (void) sigkill_wait(child);
823 0 : return r;
824 : }
825 :
826 0 : operation->extra_fd = result_fd;
827 0 : operation->done = clean_pool_done;
828 :
829 0 : result_fd = -1;
830 0 : errno_pipe_fd[0] = -1;
831 :
832 0 : return 1;
833 : }
834 :
835 0 : static int method_set_pool_limit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
836 0 : Manager *m = userdata;
837 : uint64_t limit;
838 : int r;
839 :
840 0 : assert(message);
841 :
842 0 : r = sd_bus_message_read(message, "t", &limit);
843 0 : if (r < 0)
844 0 : return r;
845 0 : if (!FILE_SIZE_VALID_OR_INFINITY(limit))
846 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "New limit out of range");
847 :
848 0 : r = bus_verify_polkit_async(
849 : message,
850 : CAP_SYS_ADMIN,
851 : "org.freedesktop.machine1.manage-machines",
852 : NULL,
853 : false,
854 : UID_INVALID,
855 : &m->polkit_registry,
856 : error);
857 0 : if (r < 0)
858 0 : return r;
859 0 : if (r == 0)
860 0 : return 1; /* Will call us back */
861 :
862 : /* Set up the machine directory if necessary */
863 0 : r = setup_machine_directory(error);
864 0 : if (r < 0)
865 0 : return r;
866 :
867 0 : (void) btrfs_qgroup_set_limit("/var/lib/machines", 0, limit);
868 :
869 0 : r = btrfs_subvol_set_subtree_quota_limit("/var/lib/machines", 0, limit);
870 0 : if (r == -ENOTTY)
871 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Quota is only supported on btrfs.");
872 0 : if (r < 0)
873 0 : return sd_bus_error_set_errnof(error, r, "Failed to adjust quota limit: %m");
874 :
875 0 : return sd_bus_reply_method_return(message, NULL);
876 : }
877 :
878 0 : static int method_set_image_limit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
879 0 : return redirect_method_to_image(message, userdata, error, bus_image_method_set_limit);
880 : }
881 :
882 0 : static int method_map_from_machine_user(sd_bus_message *message, void *userdata, sd_bus_error *error) {
883 0 : _cleanup_fclose_ FILE *f = NULL;
884 0 : Manager *m = userdata;
885 : const char *name, *p;
886 : Machine *machine;
887 : uint32_t uid;
888 : int r;
889 :
890 0 : r = sd_bus_message_read(message, "su", &name, &uid);
891 0 : if (r < 0)
892 0 : return r;
893 :
894 0 : if (!uid_is_valid(uid))
895 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid user ID " UID_FMT, uid);
896 :
897 0 : machine = hashmap_get(m->machines, name);
898 0 : if (!machine)
899 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_MACHINE, "No machine '%s' known", name);
900 :
901 0 : if (machine->class != MACHINE_CONTAINER)
902 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Not supported for non-container machines.");
903 :
904 0 : p = procfs_file_alloca(machine->leader, "uid_map");
905 0 : f = fopen(p, "re");
906 0 : if (!f)
907 0 : return -errno;
908 :
909 0 : for (;;) {
910 : uid_t uid_base, uid_shift, uid_range, converted;
911 : int k;
912 :
913 0 : errno = 0;
914 0 : k = fscanf(f, UID_FMT " " UID_FMT " " UID_FMT, &uid_base, &uid_shift, &uid_range);
915 0 : if (k < 0 && feof(f))
916 0 : break;
917 0 : if (k != 3) {
918 0 : if (ferror(f))
919 0 : return errno_or_else(EIO);
920 :
921 0 : return -EIO;
922 : }
923 :
924 0 : if (uid < uid_base || uid >= uid_base + uid_range)
925 0 : continue;
926 :
927 0 : converted = uid - uid_base + uid_shift;
928 0 : if (!uid_is_valid(converted))
929 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid user ID " UID_FMT, uid);
930 :
931 0 : return sd_bus_reply_method_return(message, "u", (uint32_t) converted);
932 : }
933 :
934 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_USER_MAPPING, "Machine '%s' has no matching user mappings.", name);
935 : }
936 :
937 0 : static int method_map_to_machine_user(sd_bus_message *message, void *userdata, sd_bus_error *error) {
938 0 : Manager *m = userdata;
939 : Machine *machine;
940 : uid_t uid;
941 : Iterator i;
942 : int r;
943 :
944 0 : r = sd_bus_message_read(message, "u", &uid);
945 0 : if (r < 0)
946 0 : return r;
947 0 : if (!uid_is_valid(uid))
948 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid user ID " UID_FMT, uid);
949 0 : if (uid < 0x10000)
950 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_USER_MAPPING, "User " UID_FMT " belongs to host UID range", uid);
951 :
952 0 : HASHMAP_FOREACH(machine, m->machines, i) {
953 0 : _cleanup_fclose_ FILE *f = NULL;
954 : char p[STRLEN("/proc//uid_map") + DECIMAL_STR_MAX(pid_t) + 1];
955 :
956 0 : if (machine->class != MACHINE_CONTAINER)
957 0 : continue;
958 :
959 0 : xsprintf(p, "/proc/" UID_FMT "/uid_map", machine->leader);
960 0 : f = fopen(p, "re");
961 0 : if (!f) {
962 0 : log_warning_errno(errno, "Failed to open %s, ignoring,", p);
963 0 : continue;
964 : }
965 :
966 0 : for (;;) {
967 0 : _cleanup_free_ char *o = NULL;
968 : uid_t uid_base, uid_shift, uid_range, converted;
969 : int k;
970 :
971 0 : errno = 0;
972 0 : k = fscanf(f, UID_FMT " " UID_FMT " " UID_FMT, &uid_base, &uid_shift, &uid_range);
973 0 : if (k < 0 && feof(f))
974 0 : break;
975 0 : if (k != 3) {
976 0 : if (ferror(f))
977 0 : return errno_or_else(EIO);
978 :
979 0 : return -EIO;
980 : }
981 :
982 : /* The private user namespace is disabled, ignoring. */
983 0 : if (uid_shift == 0)
984 0 : continue;
985 :
986 0 : if (uid < uid_shift || uid >= uid_shift + uid_range)
987 0 : continue;
988 :
989 0 : converted = (uid - uid_shift + uid_base);
990 0 : if (!uid_is_valid(converted))
991 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid user ID " UID_FMT, uid);
992 :
993 0 : o = machine_bus_path(machine);
994 0 : if (!o)
995 0 : return -ENOMEM;
996 :
997 0 : return sd_bus_reply_method_return(message, "sou", machine->name, o, (uint32_t) converted);
998 : }
999 : }
1000 :
1001 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_USER_MAPPING, "No matching user mapping for " UID_FMT ".", uid);
1002 : }
1003 :
1004 0 : static int method_map_from_machine_group(sd_bus_message *message, void *groupdata, sd_bus_error *error) {
1005 0 : _cleanup_fclose_ FILE *f = NULL;
1006 0 : Manager *m = groupdata;
1007 : const char *name, *p;
1008 : Machine *machine;
1009 : uint32_t gid;
1010 : int r;
1011 :
1012 0 : r = sd_bus_message_read(message, "su", &name, &gid);
1013 0 : if (r < 0)
1014 0 : return r;
1015 :
1016 0 : if (!gid_is_valid(gid))
1017 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid group ID " GID_FMT, gid);
1018 :
1019 0 : machine = hashmap_get(m->machines, name);
1020 0 : if (!machine)
1021 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_MACHINE, "No machine '%s' known", name);
1022 :
1023 0 : if (machine->class != MACHINE_CONTAINER)
1024 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Not supported for non-container machines.");
1025 :
1026 0 : p = procfs_file_alloca(machine->leader, "gid_map");
1027 0 : f = fopen(p, "re");
1028 0 : if (!f)
1029 0 : return -errno;
1030 :
1031 0 : for (;;) {
1032 : gid_t gid_base, gid_shift, gid_range, converted;
1033 : int k;
1034 :
1035 0 : errno = 0;
1036 0 : k = fscanf(f, GID_FMT " " GID_FMT " " GID_FMT, &gid_base, &gid_shift, &gid_range);
1037 0 : if (k < 0 && feof(f))
1038 0 : break;
1039 0 : if (k != 3) {
1040 0 : if (ferror(f))
1041 0 : return errno_or_else(EIO);
1042 :
1043 0 : return -EIO;
1044 : }
1045 :
1046 0 : if (gid < gid_base || gid >= gid_base + gid_range)
1047 0 : continue;
1048 :
1049 0 : converted = gid - gid_base + gid_shift;
1050 0 : if (!gid_is_valid(converted))
1051 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid group ID " GID_FMT, gid);
1052 :
1053 0 : return sd_bus_reply_method_return(message, "u", (uint32_t) converted);
1054 : }
1055 :
1056 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_GROUP_MAPPING, "Machine '%s' has no matching group mappings.", name);
1057 : }
1058 :
1059 0 : static int method_map_to_machine_group(sd_bus_message *message, void *groupdata, sd_bus_error *error) {
1060 0 : Manager *m = groupdata;
1061 : Machine *machine;
1062 : gid_t gid;
1063 : Iterator i;
1064 : int r;
1065 :
1066 0 : r = sd_bus_message_read(message, "u", &gid);
1067 0 : if (r < 0)
1068 0 : return r;
1069 0 : if (!gid_is_valid(gid))
1070 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid group ID " GID_FMT, gid);
1071 0 : if (gid < 0x10000)
1072 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_GROUP_MAPPING, "Group " GID_FMT " belongs to host GID range", gid);
1073 :
1074 0 : HASHMAP_FOREACH(machine, m->machines, i) {
1075 0 : _cleanup_fclose_ FILE *f = NULL;
1076 : char p[STRLEN("/proc//gid_map") + DECIMAL_STR_MAX(pid_t) + 1];
1077 :
1078 0 : if (machine->class != MACHINE_CONTAINER)
1079 0 : continue;
1080 :
1081 0 : xsprintf(p, "/proc/" GID_FMT "/gid_map", machine->leader);
1082 0 : f = fopen(p, "re");
1083 0 : if (!f) {
1084 0 : log_warning_errno(errno, "Failed to open %s, ignoring,", p);
1085 0 : continue;
1086 : }
1087 :
1088 0 : for (;;) {
1089 0 : _cleanup_free_ char *o = NULL;
1090 : gid_t gid_base, gid_shift, gid_range, converted;
1091 : int k;
1092 :
1093 0 : errno = 0;
1094 0 : k = fscanf(f, GID_FMT " " GID_FMT " " GID_FMT, &gid_base, &gid_shift, &gid_range);
1095 0 : if (k < 0 && feof(f))
1096 0 : break;
1097 0 : if (k != 3) {
1098 0 : if (ferror(f))
1099 0 : return errno_or_else(EIO);
1100 :
1101 0 : return -EIO;
1102 : }
1103 :
1104 : /* The private user namespace is disabled, ignoring. */
1105 0 : if (gid_shift == 0)
1106 0 : continue;
1107 :
1108 0 : if (gid < gid_shift || gid >= gid_shift + gid_range)
1109 0 : continue;
1110 :
1111 0 : converted = (gid - gid_shift + gid_base);
1112 0 : if (!gid_is_valid(converted))
1113 0 : return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid group ID " GID_FMT, gid);
1114 :
1115 0 : o = machine_bus_path(machine);
1116 0 : if (!o)
1117 0 : return -ENOMEM;
1118 :
1119 0 : return sd_bus_reply_method_return(message, "sou", machine->name, o, (uint32_t) converted);
1120 : }
1121 : }
1122 :
1123 0 : return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_GROUP_MAPPING, "No matching group mapping for " GID_FMT ".", gid);
1124 : }
1125 :
1126 : const sd_bus_vtable manager_vtable[] = {
1127 : SD_BUS_VTABLE_START(0),
1128 : SD_BUS_PROPERTY("PoolPath", "s", property_get_pool_path, 0, 0),
1129 : SD_BUS_PROPERTY("PoolUsage", "t", property_get_pool_usage, 0, 0),
1130 : SD_BUS_PROPERTY("PoolLimit", "t", property_get_pool_limit, 0, 0),
1131 : SD_BUS_METHOD("GetMachine", "s", "o", method_get_machine, SD_BUS_VTABLE_UNPRIVILEGED),
1132 : SD_BUS_METHOD("GetImage", "s", "o", method_get_image, SD_BUS_VTABLE_UNPRIVILEGED),
1133 : SD_BUS_METHOD("GetMachineByPID", "u", "o", method_get_machine_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
1134 : SD_BUS_METHOD("ListMachines", NULL, "a(ssso)", method_list_machines, SD_BUS_VTABLE_UNPRIVILEGED),
1135 : SD_BUS_METHOD("ListImages", NULL, "a(ssbttto)", method_list_images, SD_BUS_VTABLE_UNPRIVILEGED),
1136 : SD_BUS_METHOD("CreateMachine", "sayssusa(sv)", "o", method_create_machine, 0),
1137 : SD_BUS_METHOD("CreateMachineWithNetwork", "sayssusaia(sv)", "o", method_create_machine_with_network, 0),
1138 : SD_BUS_METHOD("RegisterMachine", "sayssus", "o", method_register_machine, 0),
1139 : SD_BUS_METHOD("RegisterMachineWithNetwork", "sayssusai", "o", method_register_machine_with_network, 0),
1140 : SD_BUS_METHOD("TerminateMachine", "s", NULL, method_terminate_machine, SD_BUS_VTABLE_UNPRIVILEGED),
1141 : SD_BUS_METHOD("KillMachine", "ssi", NULL, method_kill_machine, SD_BUS_VTABLE_UNPRIVILEGED),
1142 : SD_BUS_METHOD("GetMachineAddresses", "s", "a(iay)", method_get_machine_addresses, SD_BUS_VTABLE_UNPRIVILEGED),
1143 : SD_BUS_METHOD("GetMachineOSRelease", "s", "a{ss}", method_get_machine_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
1144 : SD_BUS_METHOD("OpenMachinePTY", "s", "hs", method_open_machine_pty, 0),
1145 : SD_BUS_METHOD("OpenMachineLogin", "s", "hs", method_open_machine_login, SD_BUS_VTABLE_UNPRIVILEGED),
1146 : SD_BUS_METHOD("OpenMachineShell", "sssasas", "hs", method_open_machine_shell, SD_BUS_VTABLE_UNPRIVILEGED),
1147 : SD_BUS_METHOD("BindMountMachine", "sssbb", NULL, method_bind_mount_machine, SD_BUS_VTABLE_UNPRIVILEGED),
1148 : SD_BUS_METHOD("CopyFromMachine", "sss", NULL, method_copy_machine, SD_BUS_VTABLE_UNPRIVILEGED),
1149 : SD_BUS_METHOD("CopyToMachine", "sss", NULL, method_copy_machine, SD_BUS_VTABLE_UNPRIVILEGED),
1150 : SD_BUS_METHOD("OpenMachineRootDirectory", "s", "h", method_open_machine_root_directory, SD_BUS_VTABLE_UNPRIVILEGED),
1151 : SD_BUS_METHOD("GetMachineUIDShift", "s", "u", method_get_machine_uid_shift, SD_BUS_VTABLE_UNPRIVILEGED),
1152 : SD_BUS_METHOD("RemoveImage", "s", NULL, method_remove_image, SD_BUS_VTABLE_UNPRIVILEGED),
1153 : SD_BUS_METHOD("RenameImage", "ss", NULL, method_rename_image, SD_BUS_VTABLE_UNPRIVILEGED),
1154 : SD_BUS_METHOD("CloneImage", "ssb", NULL, method_clone_image, SD_BUS_VTABLE_UNPRIVILEGED),
1155 : SD_BUS_METHOD("MarkImageReadOnly", "sb", NULL, method_mark_image_read_only, SD_BUS_VTABLE_UNPRIVILEGED),
1156 : SD_BUS_METHOD("GetImageHostname", "s", "s", method_get_image_hostname, SD_BUS_VTABLE_UNPRIVILEGED),
1157 : SD_BUS_METHOD("GetImageMachineID", "s", "ay", method_get_image_machine_id, SD_BUS_VTABLE_UNPRIVILEGED),
1158 : SD_BUS_METHOD("GetImageMachineInfo", "s", "a{ss}", method_get_image_machine_info, SD_BUS_VTABLE_UNPRIVILEGED),
1159 : SD_BUS_METHOD("GetImageOSRelease", "s", "a{ss}", method_get_image_os_release, SD_BUS_VTABLE_UNPRIVILEGED),
1160 : SD_BUS_METHOD("SetPoolLimit", "t", NULL, method_set_pool_limit, SD_BUS_VTABLE_UNPRIVILEGED),
1161 : SD_BUS_METHOD("SetImageLimit", "st", NULL, method_set_image_limit, SD_BUS_VTABLE_UNPRIVILEGED),
1162 : SD_BUS_METHOD("CleanPool", "s", "a(st)", method_clean_pool, SD_BUS_VTABLE_UNPRIVILEGED),
1163 : SD_BUS_METHOD("MapFromMachineUser", "su", "u", method_map_from_machine_user, SD_BUS_VTABLE_UNPRIVILEGED),
1164 : SD_BUS_METHOD("MapToMachineUser", "u", "sou", method_map_to_machine_user, SD_BUS_VTABLE_UNPRIVILEGED),
1165 : SD_BUS_METHOD("MapFromMachineGroup", "su", "u", method_map_from_machine_group, SD_BUS_VTABLE_UNPRIVILEGED),
1166 : SD_BUS_METHOD("MapToMachineGroup", "u", "sou", method_map_to_machine_group, SD_BUS_VTABLE_UNPRIVILEGED),
1167 : SD_BUS_SIGNAL("MachineNew", "so", 0),
1168 : SD_BUS_SIGNAL("MachineRemoved", "so", 0),
1169 : SD_BUS_VTABLE_END
1170 : };
1171 :
1172 0 : int match_job_removed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1173 : const char *path, *result, *unit;
1174 0 : Manager *m = userdata;
1175 : Machine *machine;
1176 : uint32_t id;
1177 : int r;
1178 :
1179 0 : assert(message);
1180 0 : assert(m);
1181 :
1182 0 : r = sd_bus_message_read(message, "uoss", &id, &path, &unit, &result);
1183 0 : if (r < 0) {
1184 0 : bus_log_parse_error(r);
1185 0 : return 0;
1186 : }
1187 :
1188 0 : machine = hashmap_get(m->machine_units, unit);
1189 0 : if (!machine)
1190 0 : return 0;
1191 :
1192 0 : if (streq_ptr(path, machine->scope_job)) {
1193 0 : machine->scope_job = mfree(machine->scope_job);
1194 :
1195 0 : if (machine->started) {
1196 0 : if (streq(result, "done"))
1197 0 : machine_send_create_reply(machine, NULL);
1198 : else {
1199 0 : _cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
1200 :
1201 0 : sd_bus_error_setf(&e, BUS_ERROR_JOB_FAILED, "Start job for unit %s failed with '%s'", unit, result);
1202 :
1203 0 : machine_send_create_reply(machine, &e);
1204 : }
1205 : }
1206 :
1207 0 : machine_save(machine);
1208 : }
1209 :
1210 0 : machine_add_to_gc_queue(machine);
1211 0 : return 0;
1212 : }
1213 :
1214 0 : int match_properties_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1215 0 : _cleanup_free_ char *unit = NULL;
1216 : const char *path;
1217 0 : Manager *m = userdata;
1218 : Machine *machine;
1219 : int r;
1220 :
1221 0 : assert(message);
1222 0 : assert(m);
1223 :
1224 0 : path = sd_bus_message_get_path(message);
1225 0 : if (!path)
1226 0 : return 0;
1227 :
1228 0 : r = unit_name_from_dbus_path(path, &unit);
1229 0 : if (r == -EINVAL) /* not for a unit */
1230 0 : return 0;
1231 0 : if (r < 0) {
1232 0 : log_oom();
1233 0 : return 0;
1234 : }
1235 :
1236 0 : machine = hashmap_get(m->machine_units, unit);
1237 0 : if (!machine)
1238 0 : return 0;
1239 :
1240 0 : machine_add_to_gc_queue(machine);
1241 0 : return 0;
1242 : }
1243 :
1244 0 : int match_unit_removed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1245 : const char *path, *unit;
1246 0 : Manager *m = userdata;
1247 : Machine *machine;
1248 : int r;
1249 :
1250 0 : assert(message);
1251 0 : assert(m);
1252 :
1253 0 : r = sd_bus_message_read(message, "so", &unit, &path);
1254 0 : if (r < 0) {
1255 0 : bus_log_parse_error(r);
1256 0 : return 0;
1257 : }
1258 :
1259 0 : machine = hashmap_get(m->machine_units, unit);
1260 0 : if (!machine)
1261 0 : return 0;
1262 :
1263 0 : machine_add_to_gc_queue(machine);
1264 0 : return 0;
1265 : }
1266 :
1267 0 : int match_reloading(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1268 0 : Manager *m = userdata;
1269 : Machine *machine;
1270 : Iterator i;
1271 : int b, r;
1272 :
1273 0 : assert(message);
1274 0 : assert(m);
1275 :
1276 0 : r = sd_bus_message_read(message, "b", &b);
1277 0 : if (r < 0) {
1278 0 : bus_log_parse_error(r);
1279 0 : return 0;
1280 : }
1281 0 : if (b)
1282 0 : return 0;
1283 :
1284 : /* systemd finished reloading, let's recheck all our machines */
1285 0 : log_debug("System manager has been reloaded, rechecking machines...");
1286 :
1287 0 : HASHMAP_FOREACH(machine, m->machines, i)
1288 0 : machine_add_to_gc_queue(machine);
1289 :
1290 0 : return 0;
1291 : }
1292 :
1293 0 : int manager_start_scope(
1294 : Manager *manager,
1295 : const char *scope,
1296 : pid_t pid,
1297 : const char *slice,
1298 : const char *description,
1299 : sd_bus_message *more_properties,
1300 : sd_bus_error *error,
1301 : char **job) {
1302 :
1303 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
1304 : int r;
1305 :
1306 0 : assert(manager);
1307 0 : assert(scope);
1308 0 : assert(pid > 1);
1309 :
1310 0 : r = sd_bus_message_new_method_call(
1311 : manager->bus,
1312 : &m,
1313 : "org.freedesktop.systemd1",
1314 : "/org/freedesktop/systemd1",
1315 : "org.freedesktop.systemd1.Manager",
1316 : "StartTransientUnit");
1317 0 : if (r < 0)
1318 0 : return r;
1319 :
1320 0 : r = sd_bus_message_append(m, "ss", strempty(scope), "fail");
1321 0 : if (r < 0)
1322 0 : return r;
1323 :
1324 0 : r = sd_bus_message_open_container(m, 'a', "(sv)");
1325 0 : if (r < 0)
1326 0 : return r;
1327 :
1328 0 : if (!isempty(slice)) {
1329 0 : r = sd_bus_message_append(m, "(sv)", "Slice", "s", slice);
1330 0 : if (r < 0)
1331 0 : return r;
1332 : }
1333 :
1334 0 : if (!isempty(description)) {
1335 0 : r = sd_bus_message_append(m, "(sv)", "Description", "s", description);
1336 0 : if (r < 0)
1337 0 : return r;
1338 : }
1339 :
1340 0 : r = sd_bus_message_append(m, "(sv)(sv)(sv)(sv)(sv)",
1341 : "PIDs", "au", 1, pid,
1342 : "Delegate", "b", 1,
1343 : "CollectMode", "s", "inactive-or-failed",
1344 : "AddRef", "b", 1,
1345 : "TasksMax", "t", UINT64_C(16384));
1346 0 : if (r < 0)
1347 0 : return r;
1348 :
1349 0 : if (more_properties) {
1350 0 : r = sd_bus_message_copy(m, more_properties, true);
1351 0 : if (r < 0)
1352 0 : return r;
1353 : }
1354 :
1355 0 : r = sd_bus_message_close_container(m);
1356 0 : if (r < 0)
1357 0 : return r;
1358 :
1359 0 : r = sd_bus_message_append(m, "a(sa(sv))", 0);
1360 0 : if (r < 0)
1361 0 : return r;
1362 :
1363 0 : r = sd_bus_call(manager->bus, m, 0, error, &reply);
1364 0 : if (r < 0)
1365 0 : return r;
1366 :
1367 0 : if (job) {
1368 : const char *j;
1369 : char *copy;
1370 :
1371 0 : r = sd_bus_message_read(reply, "o", &j);
1372 0 : if (r < 0)
1373 0 : return r;
1374 :
1375 0 : copy = strdup(j);
1376 0 : if (!copy)
1377 0 : return -ENOMEM;
1378 :
1379 0 : *job = copy;
1380 : }
1381 :
1382 0 : return 1;
1383 : }
1384 :
1385 0 : int manager_unref_unit(
1386 : Manager *m,
1387 : const char *unit,
1388 : sd_bus_error *error) {
1389 :
1390 0 : assert(m);
1391 0 : assert(unit);
1392 :
1393 0 : return sd_bus_call_method(
1394 : m->bus,
1395 : "org.freedesktop.systemd1",
1396 : "/org/freedesktop/systemd1",
1397 : "org.freedesktop.systemd1.Manager",
1398 : "UnrefUnit",
1399 : error,
1400 : NULL,
1401 : "s",
1402 : unit);
1403 : }
1404 :
1405 0 : int manager_stop_unit(Manager *manager, const char *unit, sd_bus_error *error, char **job) {
1406 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1407 : int r;
1408 :
1409 0 : assert(manager);
1410 0 : assert(unit);
1411 :
1412 0 : r = sd_bus_call_method(
1413 : manager->bus,
1414 : "org.freedesktop.systemd1",
1415 : "/org/freedesktop/systemd1",
1416 : "org.freedesktop.systemd1.Manager",
1417 : "StopUnit",
1418 : error,
1419 : &reply,
1420 : "ss", unit, "fail");
1421 0 : if (r < 0) {
1422 0 : if (sd_bus_error_has_name(error, BUS_ERROR_NO_SUCH_UNIT) ||
1423 0 : sd_bus_error_has_name(error, BUS_ERROR_LOAD_FAILED)) {
1424 :
1425 0 : if (job)
1426 0 : *job = NULL;
1427 :
1428 0 : sd_bus_error_free(error);
1429 0 : return 0;
1430 : }
1431 :
1432 0 : return r;
1433 : }
1434 :
1435 0 : if (job) {
1436 : const char *j;
1437 : char *copy;
1438 :
1439 0 : r = sd_bus_message_read(reply, "o", &j);
1440 0 : if (r < 0)
1441 0 : return r;
1442 :
1443 0 : copy = strdup(j);
1444 0 : if (!copy)
1445 0 : return -ENOMEM;
1446 :
1447 0 : *job = copy;
1448 : }
1449 :
1450 0 : return 1;
1451 : }
1452 :
1453 0 : int manager_kill_unit(Manager *manager, const char *unit, int signo, sd_bus_error *error) {
1454 0 : assert(manager);
1455 0 : assert(unit);
1456 :
1457 0 : return sd_bus_call_method(
1458 : manager->bus,
1459 : "org.freedesktop.systemd1",
1460 : "/org/freedesktop/systemd1",
1461 : "org.freedesktop.systemd1.Manager",
1462 : "KillUnit",
1463 : error,
1464 : NULL,
1465 : "ssi", unit, "all", signo);
1466 : }
1467 :
1468 0 : int manager_unit_is_active(Manager *manager, const char *unit) {
1469 0 : _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1470 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1471 0 : _cleanup_free_ char *path = NULL;
1472 : const char *state;
1473 : int r;
1474 :
1475 0 : assert(manager);
1476 0 : assert(unit);
1477 :
1478 0 : path = unit_dbus_path_from_name(unit);
1479 0 : if (!path)
1480 0 : return -ENOMEM;
1481 :
1482 0 : r = sd_bus_get_property(
1483 : manager->bus,
1484 : "org.freedesktop.systemd1",
1485 : path,
1486 : "org.freedesktop.systemd1.Unit",
1487 : "ActiveState",
1488 : &error,
1489 : &reply,
1490 : "s");
1491 0 : if (r < 0) {
1492 0 : if (sd_bus_error_has_name(&error, SD_BUS_ERROR_NO_REPLY) ||
1493 0 : sd_bus_error_has_name(&error, SD_BUS_ERROR_DISCONNECTED))
1494 0 : return true;
1495 :
1496 0 : if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_UNIT) ||
1497 0 : sd_bus_error_has_name(&error, BUS_ERROR_LOAD_FAILED))
1498 0 : return false;
1499 :
1500 0 : return r;
1501 : }
1502 :
1503 0 : r = sd_bus_message_read(reply, "s", &state);
1504 0 : if (r < 0)
1505 0 : return -EINVAL;
1506 :
1507 0 : return !STR_IN_SET(state, "inactive", "failed");
1508 : }
1509 :
1510 0 : int manager_job_is_active(Manager *manager, const char *path) {
1511 0 : _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1512 0 : _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1513 : int r;
1514 :
1515 0 : assert(manager);
1516 0 : assert(path);
1517 :
1518 0 : r = sd_bus_get_property(
1519 : manager->bus,
1520 : "org.freedesktop.systemd1",
1521 : path,
1522 : "org.freedesktop.systemd1.Job",
1523 : "State",
1524 : &error,
1525 : &reply,
1526 : "s");
1527 0 : if (r < 0) {
1528 0 : if (sd_bus_error_has_name(&error, SD_BUS_ERROR_NO_REPLY) ||
1529 0 : sd_bus_error_has_name(&error, SD_BUS_ERROR_DISCONNECTED))
1530 0 : return true;
1531 :
1532 0 : if (sd_bus_error_has_name(&error, SD_BUS_ERROR_UNKNOWN_OBJECT))
1533 0 : return false;
1534 :
1535 0 : return r;
1536 : }
1537 :
1538 : /* We don't actually care about the state really. The fact
1539 : * that we could read the job state is enough for us */
1540 :
1541 0 : return true;
1542 : }
1543 :
1544 0 : int manager_get_machine_by_pid(Manager *m, pid_t pid, Machine **machine) {
1545 : Machine *mm;
1546 : int r;
1547 :
1548 0 : assert(m);
1549 0 : assert(pid >= 1);
1550 0 : assert(machine);
1551 :
1552 0 : mm = hashmap_get(m->machine_leaders, PID_TO_PTR(pid));
1553 0 : if (!mm) {
1554 0 : _cleanup_free_ char *unit = NULL;
1555 :
1556 0 : r = cg_pid_get_unit(pid, &unit);
1557 0 : if (r >= 0)
1558 0 : mm = hashmap_get(m->machine_units, unit);
1559 : }
1560 0 : if (!mm)
1561 0 : return 0;
1562 :
1563 0 : *machine = mm;
1564 0 : return 1;
1565 : }
1566 :
1567 0 : int manager_add_machine(Manager *m, const char *name, Machine **_machine) {
1568 : Machine *machine;
1569 :
1570 0 : assert(m);
1571 0 : assert(name);
1572 :
1573 0 : machine = hashmap_get(m->machines, name);
1574 0 : if (!machine) {
1575 0 : machine = machine_new(m, _MACHINE_CLASS_INVALID, name);
1576 0 : if (!machine)
1577 0 : return -ENOMEM;
1578 : }
1579 :
1580 0 : if (_machine)
1581 0 : *_machine = machine;
1582 :
1583 0 : return 0;
1584 : }
|
