static int session_take_control_fn(sd_bus *bus, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error) { sysview_session *session = userdata; int r, error; session->slot_take_control = sd_bus_slot_unref(session->slot_take_control); if (sd_bus_message_is_method_error(reply, NULL)) { const sd_bus_error *e = sd_bus_message_get_error(reply); log_debug("sysview: %s: TakeControl failed: %s: %s", session->name, e->name, e->message); error = -sd_bus_error_get_errno(e); } else { session->has_control = true; error = 0; } r = context_raise_session_control(session->seat->context, session, error); if (r < 0) log_debug_errno(r, "sysview: callback failed while signalling session control '%d' on session '%s': %m", error, session->name); return 0; }
static int session_take_control_fn(sd_bus *bus, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error) { sysview_session *session = userdata; int error; session->slot_take_control = sd_bus_slot_unref(session->slot_take_control); if (sd_bus_message_is_method_error(reply, NULL)) { const sd_bus_error *e = sd_bus_message_get_error(reply); log_debug("sysview: %s: TakeControl failed: %s: %s", session->name, e->name, e->message); error = sd_bus_error_get_errno(e); } else { session->has_control = true; error = 0; } return context_raise_session_control(session->seat->context, session, error); }
int bus_verify_polkit_async( sd_bus_message *call, int capability, const char *action, bool interactive, Hashmap **registry, sd_bus_error *error) { #ifdef ENABLE_POLKIT _cleanup_bus_message_unref_ sd_bus_message *pk = NULL; AsyncPolkitQuery *q; const char *sender; sd_bus_message_handler_t callback; void *userdata; #endif int r; assert(call); assert(action); assert(registry); #ifdef ENABLE_POLKIT q = hashmap_get(*registry, call); if (q) { int authorized, challenge; /* This is the second invocation of this function, and * there's already a response from polkit, let's * process it */ assert(q->reply); if (sd_bus_message_is_method_error(q->reply, NULL)) { const sd_bus_error *e; /* Copy error from polkit reply */ e = sd_bus_message_get_error(q->reply); sd_bus_error_copy(error, e); /* Treat no PK available as access denied */ if (sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN)) return -EACCES; return -sd_bus_error_get_errno(e); } r = sd_bus_message_enter_container(q->reply, 'r', "bba{ss}"); if (r >= 0) r = sd_bus_message_read(q->reply, "bb", &authorized, &challenge); if (r < 0) return r; if (authorized) return 1; return -EACCES; } #endif r = sd_bus_query_sender_privilege(call, capability); if (r < 0) return r; else if (r > 0) return 1; #ifdef ENABLE_POLKIT if (sd_bus_get_current_message(call->bus) != call) return -EINVAL; callback = sd_bus_get_current_handler(call->bus); if (!callback) return -EINVAL; userdata = sd_bus_get_current_userdata(call->bus); sender = sd_bus_message_get_sender(call); if (!sender) return -EBADMSG; r = hashmap_ensure_allocated(registry, trivial_hash_func, trivial_compare_func); if (r < 0) return r; r = sd_bus_message_new_method_call( call->bus, &pk, "org.freedesktop.PolicyKit1", "/org/freedesktop/PolicyKit1/Authority", "org.freedesktop.PolicyKit1.Authority", "CheckAuthorization"); if (r < 0) return r; r = sd_bus_message_append( pk, "(sa{sv})sa{ss}us", "system-bus-name", 1, "name", "s", sender, action, 0, interactive ? 1 : 0, NULL); if (r < 0) return r; q = new0(AsyncPolkitQuery, 1); if (!q) return -ENOMEM; q->request = sd_bus_message_ref(call); q->callback = callback; q->userdata = userdata; r = hashmap_put(*registry, call, q); if (r < 0) { async_polkit_query_free(q); return r; } q->registry = *registry; r = sd_bus_call_async(call->bus, &q->slot, pk, async_polkit_callback, q, 0); if (r < 0) { async_polkit_query_free(q); return r; } return 0; #endif return -EACCES; }
int main(int argc, char *argv[]) { _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL, second = SD_BUS_ERROR_NULL; const sd_bus_error const_error = SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_FILE_EXISTS, "const error"); const sd_bus_error temporarily_const_error = { .name = SD_BUS_ERROR_ACCESS_DENIED, .message = "oh! no", ._need_free = -1 }; assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set(&error, SD_BUS_ERROR_NOT_SUPPORTED, "xxx") == -ENOTSUP); assert_se(streq(error.name, SD_BUS_ERROR_NOT_SUPPORTED)); assert_se(streq(error.message, "xxx")); assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_NOT_SUPPORTED)); assert_se(sd_bus_error_get_errno(&error) == ENOTSUP); assert_se(sd_bus_error_is_set(&error)); sd_bus_error_free(&error); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_setf(&error, SD_BUS_ERROR_FILE_NOT_FOUND, "yyy %i", -1) == -ENOENT); assert_se(streq(error.name, SD_BUS_ERROR_FILE_NOT_FOUND)); assert_se(streq(error.message, "yyy -1")); assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_FILE_NOT_FOUND)); assert_se(sd_bus_error_get_errno(&error) == ENOENT); assert_se(sd_bus_error_is_set(&error)); assert_se(!sd_bus_error_is_set(&second)); assert_se(second._need_free == 0); assert_se(error._need_free > 0); assert_se(sd_bus_error_copy(&second, &error) == -ENOENT); assert_se(second._need_free > 0); assert_se(streq(error.name, second.name)); assert_se(streq(error.message, second.message)); assert_se(sd_bus_error_get_errno(&second) == ENOENT); assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_NOT_FOUND)); assert_se(sd_bus_error_is_set(&second)); sd_bus_error_free(&error); sd_bus_error_free(&second); assert_se(!sd_bus_error_is_set(&second)); assert_se(const_error._need_free == 0); assert_se(sd_bus_error_copy(&second, &const_error) == -EEXIST); assert_se(second._need_free == 0); assert_se(streq(const_error.name, second.name)); assert_se(streq(const_error.message, second.message)); assert_se(sd_bus_error_get_errno(&second) == EEXIST); assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_EXISTS)); assert_se(sd_bus_error_is_set(&second)); sd_bus_error_free(&second); assert_se(!sd_bus_error_is_set(&second)); assert_se(temporarily_const_error._need_free < 0); assert_se(sd_bus_error_copy(&second, &temporarily_const_error) == -EACCES); assert_se(second._need_free > 0); assert_se(streq(temporarily_const_error.name, second.name)); assert_se(streq(temporarily_const_error.message, second.message)); assert_se(sd_bus_error_get_errno(&second) == EACCES); assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_ACCESS_DENIED)); assert_se(sd_bus_error_is_set(&second)); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set_const(&error, "System.Error.EUCLEAN", "Hallo") == -EUCLEAN); assert_se(streq(error.name, "System.Error.EUCLEAN")); assert_se(streq(error.message, "Hallo")); assert_se(sd_bus_error_has_name(&error, "System.Error.EUCLEAN")); assert_se(sd_bus_error_get_errno(&error) == EUCLEAN); assert_se(sd_bus_error_is_set(&error)); sd_bus_error_free(&error); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set_errno(&error, EBUSY) == -EBUSY); assert_se(streq(error.name, "System.Error.EBUSY")); assert_se(streq(error.message, strerror(EBUSY))); assert_se(sd_bus_error_has_name(&error, "System.Error.EBUSY")); assert_se(sd_bus_error_get_errno(&error) == EBUSY); assert_se(sd_bus_error_is_set(&error)); sd_bus_error_free(&error); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set_errnof(&error, EIO, "Waldi %c", 'X') == -EIO); assert_se(streq(error.name, SD_BUS_ERROR_IO_ERROR)); assert_se(streq(error.message, "Waldi X")); assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_IO_ERROR)); assert_se(sd_bus_error_get_errno(&error) == EIO); assert_se(sd_bus_error_is_set(&error)); return 0; }
static void test_error(void) { _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL, second = SD_BUS_ERROR_NULL; const sd_bus_error const_error = SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_FILE_EXISTS, "const error"); const sd_bus_error temporarily_const_error = { .name = SD_BUS_ERROR_ACCESS_DENIED, .message = "oh! no", ._need_free = -1 }; assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set(&error, SD_BUS_ERROR_NOT_SUPPORTED, "xxx") == -EOPNOTSUPP); assert_se(streq(error.name, SD_BUS_ERROR_NOT_SUPPORTED)); assert_se(streq(error.message, "xxx")); assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_NOT_SUPPORTED)); assert_se(sd_bus_error_get_errno(&error) == EOPNOTSUPP); assert_se(sd_bus_error_is_set(&error)); sd_bus_error_free(&error); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_setf(&error, SD_BUS_ERROR_FILE_NOT_FOUND, "yyy %i", -1) == -ENOENT); assert_se(streq(error.name, SD_BUS_ERROR_FILE_NOT_FOUND)); assert_se(streq(error.message, "yyy -1")); assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_FILE_NOT_FOUND)); assert_se(sd_bus_error_get_errno(&error) == ENOENT); assert_se(sd_bus_error_is_set(&error)); assert_se(!sd_bus_error_is_set(&second)); assert_se(second._need_free == 0); assert_se(error._need_free > 0); assert_se(sd_bus_error_copy(&second, &error) == -ENOENT); assert_se(second._need_free > 0); assert_se(streq(error.name, second.name)); assert_se(streq(error.message, second.message)); assert_se(sd_bus_error_get_errno(&second) == ENOENT); assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_NOT_FOUND)); assert_se(sd_bus_error_is_set(&second)); sd_bus_error_free(&error); sd_bus_error_free(&second); assert_se(!sd_bus_error_is_set(&second)); assert_se(const_error._need_free == 0); assert_se(sd_bus_error_copy(&second, &const_error) == -EEXIST); assert_se(second._need_free == 0); assert_se(streq(const_error.name, second.name)); assert_se(streq(const_error.message, second.message)); assert_se(sd_bus_error_get_errno(&second) == EEXIST); assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_EXISTS)); assert_se(sd_bus_error_is_set(&second)); sd_bus_error_free(&second); assert_se(!sd_bus_error_is_set(&second)); assert_se(temporarily_const_error._need_free < 0); assert_se(sd_bus_error_copy(&second, &temporarily_const_error) == -EACCES); assert_se(second._need_free > 0); assert_se(streq(temporarily_const_error.name, second.name)); assert_se(streq(temporarily_const_error.message, second.message)); assert_se(sd_bus_error_get_errno(&second) == EACCES); assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_ACCESS_DENIED)); assert_se(sd_bus_error_is_set(&second)); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set_const(&error, "System.Error.EUCLEAN", "Hallo") == -EUCLEAN); assert_se(streq(error.name, "System.Error.EUCLEAN")); assert_se(streq(error.message, "Hallo")); assert_se(sd_bus_error_has_name(&error, "System.Error.EUCLEAN")); assert_se(sd_bus_error_get_errno(&error) == EUCLEAN); assert_se(sd_bus_error_is_set(&error)); sd_bus_error_free(&error); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set_errno(&error, EBUSY) == -EBUSY); assert_se(streq(error.name, "System.Error.EBUSY")); assert_se(streq(error.message, strerror(EBUSY))); assert_se(sd_bus_error_has_name(&error, "System.Error.EBUSY")); assert_se(sd_bus_error_get_errno(&error) == EBUSY); assert_se(sd_bus_error_is_set(&error)); sd_bus_error_free(&error); assert_se(!sd_bus_error_is_set(&error)); assert_se(sd_bus_error_set_errnof(&error, EIO, "Waldi %c", 'X') == -EIO); assert_se(streq(error.name, SD_BUS_ERROR_IO_ERROR)); assert_se(streq(error.message, "Waldi X")); assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_IO_ERROR)); assert_se(sd_bus_error_get_errno(&error) == EIO); assert_se(sd_bus_error_is_set(&error)); } extern const sd_bus_error_map __start_BUS_ERROR_MAP[]; extern const sd_bus_error_map __stop_BUS_ERROR_MAP[]; static void dump_mapping_table(void) { const sd_bus_error_map *m; printf("----- errno mappings ------\n"); m = __start_BUS_ERROR_MAP; while (m < __stop_BUS_ERROR_MAP) { if (m->code == BUS_ERROR_MAP_END_MARKER) { m = ALIGN8_PTR(m+1); continue; } printf("%s -> %i/%s\n", strna(m->name), m->code, strna(errno_to_name(m->code))); m ++; } printf("---------------------------\n"); } static void test_errno_mapping_standard(void) { assert_se(sd_bus_error_set(NULL, "System.Error.EUCLEAN", NULL) == -EUCLEAN); assert_se(sd_bus_error_set(NULL, "System.Error.EBUSY", NULL) == -EBUSY); assert_se(sd_bus_error_set(NULL, "System.Error.EINVAL", NULL) == -EINVAL); assert_se(sd_bus_error_set(NULL, "System.Error.WHATSIT", NULL) == -EIO); }
int bus_verify_polkit_async( sd_bus *bus, Hashmap **registry, sd_bus_message *m, const char *action, bool interactive, sd_bus_error *error, sd_bus_message_handler_t callback, void *userdata) { #ifdef ENABLE_POLKIT _cleanup_bus_message_unref_ sd_bus_message *pk = NULL; AsyncPolkitQuery *q; #endif const char *sender; uid_t uid; int r; assert(bus); assert(registry); assert(m); assert(action); #ifdef ENABLE_POLKIT q = hashmap_remove(*registry, m); if (q) { unsigned authorized, challenge; /* This is the second invocation of this function, and * there's already a response from polkit, let's * process it */ assert(q->reply); if (sd_bus_message_is_method_error(q->reply, NULL)) { const sd_bus_error *e; /* Treat no PK available as access denied */ if (sd_bus_message_is_method_error(q->reply, SD_BUS_ERROR_SERVICE_UNKNOWN)) { async_polkit_query_free(bus, q); return -EACCES; } e = sd_bus_message_get_error(q->reply); sd_bus_error_copy(error, e); r = sd_bus_error_get_errno(e); async_polkit_query_free(bus, q); return r; } r = sd_bus_message_enter_container(q->reply, 'r', "bba{ss}"); if (r >= 0) r = sd_bus_message_read(q->reply, "bb", &authorized, &challenge); async_polkit_query_free(bus, q); if (r < 0) return r; if (authorized) return 1; return -EACCES; } #endif sender = sd_bus_message_get_sender(m); if (!sender) return -EBADMSG; r = sd_bus_get_owner_uid(bus, sender, &uid); if (r < 0) return r; if (uid == 0) return 1; #ifdef ENABLE_POLKIT r = hashmap_ensure_allocated(registry, trivial_hash_func, trivial_compare_func); if (r < 0) return r; r = sd_bus_message_new_method_call( bus, "org.freedesktop.PolicyKit1", "/org/freedesktop/PolicyKit1/Authority", "org.freedesktop.PolicyKit1.Authority", "CheckAuthorization", &pk); if (r < 0) return r; r = sd_bus_message_append( pk, "(sa{sv})sa{ss}us", "system-bus-name", 1, "name", "s", sender, action, 0, interactive ? 1 : 0, ""); if (r < 0) return r; q = new0(AsyncPolkitQuery, 1); if (!q) return -ENOMEM; q->request = sd_bus_message_ref(m); q->callback = callback; q->userdata = userdata; r = hashmap_put(*registry, m, q); if (r < 0) { async_polkit_query_free(bus, q); return r; } r = sd_bus_send_with_reply(bus, pk, async_polkit_callback, q, 0, &q->serial); if (r < 0) return r; return 0; #endif return -EACCES; }