int bus_scope_method_abandon(sd_bus_message *message, void *userdata, sd_bus_error *error) { Scope *s = userdata; int r; assert(message); assert(s); r = mac_selinux_unit_access_check(UNIT(s), message, "stop", error); if (r < 0) return r; r = bus_verify_manage_units_async(UNIT(s)->manager, message, error); if (r < 0) return r; if (r == 0) return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ r = scope_abandon(s); if (r == -ESTALE) return sd_bus_error_setf(error, BUS_ERROR_SCOPE_NOT_RUNNING, "Scope %s is not running, cannot abandon.", UNIT(s)->id); if (r < 0) return r; return sd_bus_reply_method_return(message, NULL); }
int bus_job_method_cancel(sd_bus_message *message, void *userdata, sd_bus_error *error) { Job *j = userdata; int r; assert(message); assert(j); r = mac_selinux_unit_access_check(j->unit, message, "stop", error); if (r < 0) return r; /* Access is granted to the job owner */ if (!sd_bus_track_contains(j->clients, sd_bus_message_get_sender(message))) { /* And for everybody else consult PolicyKit */ r = bus_verify_manage_units_async(j->unit->manager, message, error); if (r < 0) return r; if (r == 0) return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ } job_finish_and_invalidate(j, JOB_CANCELED, true); return sd_bus_reply_method_return(message, NULL); }
int bus_snapshot_method_remove(sd_bus_message *message, void *userdata, sd_bus_error *error) { Snapshot *s = userdata; int r; assert(message); assert(s); r = mac_selinux_unit_access_check(UNIT(s), message, "stop", error); if (r < 0) return r; r = bus_verify_manage_units_async(UNIT(s)->manager, message, error); if (r < 0) return r; if (r == 0) return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ snapshot_remove(s); return sd_bus_reply_method_return(message, NULL); }