static errno_t sbus_server_bus_get_connection_unix_user(TALLOC_CTX *mem_ctx, struct sbus_request *sbus_req, struct sbus_server *server, const char *name, uint32_t *_uid) { struct sbus_connection *conn; unsigned long uid; dbus_bool_t dbret; if (strcmp(name, DBUS_SERVICE_DBUS) == 0) { *_uid = server->uid; return EOK; } conn = sss_ptr_hash_lookup(server->names, name, struct sbus_connection); if (conn == NULL) { return ERR_SBUS_UNKNOWN_OWNER; } dbret = dbus_connection_get_unix_user(conn->connection, &uid); if (!dbret) { return EIO; } *_uid = (uint32_t)uid; return EOK; }
glong ibus_connection_get_unix_user (IBusConnection *connection) { IBusConnectionPrivate *priv; priv = IBUS_CONNECTION_GET_PRIVATE (connection); gulong uid; if (priv->connection && dbus_connection_get_unix_user (priv->connection, &uid)) return uid; return -1; }
static dbus_bool_t bus_driver_handle_get_connection_unix_user (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, DBusError *error) { const char *service; DBusString str; BusRegistry *registry; BusService *serv; DBusConnection *conn; DBusMessage *reply; unsigned long uid; dbus_uint32_t uid32; _DBUS_ASSERT_ERROR_IS_CLEAR (error); registry = bus_connection_get_registry (connection); service = NULL; reply = NULL; if (! dbus_message_get_args (message, error, DBUS_TYPE_STRING, &service, DBUS_TYPE_INVALID)) goto failed; _dbus_verbose ("asked for UID of connection %s\n", service); _dbus_string_init_const (&str, service); serv = bus_registry_lookup (registry, &str); if (serv == NULL) { dbus_set_error (error, DBUS_ERROR_NAME_HAS_NO_OWNER, "Could not get UID of name '%s': no such name", service); goto failed; } conn = bus_service_get_primary_owners_connection (serv); reply = dbus_message_new_method_return (message); if (reply == NULL) goto oom; if (!dbus_connection_get_unix_user (conn, &uid)) { dbus_set_error (error, DBUS_ERROR_FAILED, "Could not determine UID for '%s'", service); goto failed; } uid32 = uid; if (! dbus_message_append_args (reply, DBUS_TYPE_UINT32, &uid32, DBUS_TYPE_INVALID)) goto oom; if (! bus_transaction_send_from_driver (transaction, connection, reply)) goto oom; dbus_message_unref (reply); return TRUE; oom: BUS_SET_OOM (error); failed: _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); return FALSE; }
/** * session_from_dbus: * @parent: parent, * @message: D-Bus message. * * Create a new session, based on the specified D-Bus message. * * Return new Session, or NULL on error. **/ Session * session_from_dbus (const void *parent, NihDBusMessage *message) { const char *sender; DBusError dbus_error; unsigned long unix_user; unsigned long unix_process_id; char root[PATH_MAX]; Session *session; struct passwd *pwd; nih_local char *conf_path = NULL; nih_assert (message != NULL); /* Handle explicit command-line request and alternative request * method (primarily for test framework) to disable session support. */ if (disable_sessions || getenv ("UPSTART_NO_SESSIONS")) return NULL; session_init (); /* Ask D-Bus nicely for the origin uid and/or pid of the caller; * sadly we can't ask the bus daemon for the origin pid, so that * one will just have to stay user-session only. */ dbus_error_init (&dbus_error); sender = dbus_message_get_sender (message->message); if (sender) { unix_user = dbus_bus_get_unix_user (message->connection, sender, &dbus_error); if (unix_user == (unsigned long)-1) { dbus_error_free (&dbus_error); unix_user = 0; } unix_process_id = 0; } else { if (! dbus_connection_get_unix_user (message->connection, &unix_user)) unix_process_id = 0; if (! dbus_connection_get_unix_process_id (message->connection, &unix_process_id)) unix_process_id = 0; } /* If we retrieved a process id, look up the root path for it; * if it's just '/' don't worry so much about it. */ if (unix_process_id) { nih_local char *symlink = NULL; ssize_t len; symlink = NIH_MUST (nih_sprintf (NULL, "/proc/%lu/root", unix_process_id)); len = readlink (symlink, root, sizeof root); if (len < 0) return NULL; root[len] = '\0'; if (! strcmp (root, "/")) { unix_process_id = 0; if (! unix_user) return NULL; } } else if (! unix_user) { /* No process id or user id found, return the NULL session */ return NULL; } if (unix_user) { pwd = getpwuid (unix_user); if (! pwd || ! pwd->pw_dir) { nih_error ("%lu: %s: %s", unix_user, _("Unable to lookup home directory"), strerror (errno)); return NULL; } NIH_MUST (nih_strcat_sprintf (&conf_path, NULL, "%s/%s", pwd->pw_dir, USERCONFDIR)); } /* Now find in the existing Sessions list */ NIH_LIST_FOREACH_SAFE (sessions, iter) { Session *session = (Session *)iter; if (unix_process_id) { if (! session->chroot) continue; /* ignore sessions relating to other chroots */ if (strcmp (session->chroot, root)) continue; } /* ignore sessions relating to other users */ if (unix_user != session->user) continue; /* Found a user with the same uid but different * conf_dir to the existing session user. Either the * original user has been deleted and a new user created * with the same uid, or the original users home * directory has changed since they first started * running jobs. Whatever the reason, we (can only) honour * the new value. * * Since multiple users with the same uid are considered * to be "the same user", invalidate the old path, * allowing the correct new path to be set below. * * Note that there may be a possibility of trouble if * the scenario relates to a deleted user and that original * user still has jobs running. However, if that were the * case, those jobs would likely fail anyway since they * would have no working directory due to the original * users home directory being deleted/changed/made inaccessible. */ if (unix_user && conf_path && session->conf_path && strcmp (conf_path, session->conf_path)) { nih_free (session->conf_path); session->conf_path = NULL; } if (! session->conf_path) session_create_conf_source (session); return session; }
BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy, DBusConnection *connection, DBusError *error) { BusClientPolicy *client; dbus_uid_t uid; dbus_bool_t at_console; _dbus_assert (dbus_connection_get_is_authenticated (connection)); _DBUS_ASSERT_ERROR_IS_CLEAR (error); client = bus_client_policy_new (); if (client == NULL) goto nomem; if (!add_list_to_client (&policy->default_rules, client)) goto nomem; /* we avoid the overhead of looking up user's groups * if we don't have any group rules anyway */ if (_dbus_hash_table_get_n_entries (policy->rules_by_gid) > 0) { unsigned long *groups; int n_groups; int i; if (!bus_connection_get_groups (connection, &groups, &n_groups, error)) goto failed; i = 0; while (i < n_groups) { DBusList **list; list = _dbus_hash_table_lookup_ulong (policy->rules_by_gid, groups[i]); if (list != NULL) { if (!add_list_to_client (list, client)) { dbus_free (groups); goto nomem; } } ++i; } dbus_free (groups); } if (!dbus_connection_get_unix_user (connection, &uid)) { dbus_set_error (error, DBUS_ERROR_FAILED, "No user ID known for connection, cannot determine security policy\n"); goto failed; } if (_dbus_hash_table_get_n_entries (policy->rules_by_uid) > 0) { DBusList **list; list = _dbus_hash_table_lookup_ulong (policy->rules_by_uid, uid); if (list != NULL) { if (!add_list_to_client (list, client)) goto nomem; } } /* Add console rules */ at_console = _dbus_is_console_user (uid, error); if (at_console) { if (!add_list_to_client (&policy->at_console_true_rules, client)) goto nomem; } else if (dbus_error_is_set (error) == TRUE) { goto failed; } else if (!add_list_to_client (&policy->at_console_false_rules, client)) { goto nomem; } if (!add_list_to_client (&policy->mandatory_rules, client)) goto nomem; bus_client_policy_optimize (client); return client; nomem: BUS_SET_OOM (error); failed: _DBUS_ASSERT_ERROR_IS_SET (error); if (client) bus_client_policy_unref (client); return NULL; }