]>
Commit | Line | Data |
---|---|---|
b012e921 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
6e866b33 | 2 | #pragma once |
b012e921 MB |
3 | |
4 | #include "sd-bus.h" | |
5 | ||
6 | #include "machine-image.h" | |
7 | #include "portabled.h" | |
8 | ||
9 | int bus_image_common_get_os_release(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error); | |
10 | int bus_image_common_get_metadata(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error); | |
11 | int bus_image_common_attach(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error); | |
12 | int bus_image_common_remove(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error); | |
13 | int bus_image_common_mark_read_only(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error); | |
14 | int bus_image_common_set_limit(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, sd_bus_error *error); | |
15 | ||
16 | extern const sd_bus_vtable image_vtable[]; | |
17 | ||
18 | int bus_image_path(Image *image, char **ret); | |
19 | ||
20 | /* So here's some complexity: some of operations can either take an image name, or a fully qualified file system path | |
21 | * to an image. We need to authenticate differently when processing these two: images referenced via simple image names | |
22 | * mean the images are located in the image search path and thus safe for limited read access for unprivileged | |
23 | * clients. For operations on images located anywhere else we need explicit authentication however, so that | |
24 | * unprivileged clients can't make us open arbitrary files in the file system. | |
25 | * | |
26 | * The "Image" bus objects directly represent images in the image search path, but do not exist for path-referenced | |
27 | * images. Hence, when requesting a bus object we need to refuse references by file system path, but still allow | |
28 | * references by image name. Depending on the operation to execute potentially we need to authenticate in all cases. */ | |
29 | ||
30 | typedef enum ImageAcquireMode { | |
31 | BUS_IMAGE_REFUSE_BY_PATH, /* allow by name + prohibit by path */ | |
32 | BUS_IMAGE_AUTHENTICATE_BY_PATH, /* allow by name + polkit by path */ | |
33 | BUS_IMAGE_AUTHENTICATE_ALL, /* polkit by name + polkit by path */ | |
34 | _BUS_IMAGE_ACQUIRE_MODE_MAX, | |
35 | _BUS_IMAGE_ACQUIRE_MODE_INVALID = -1 | |
36 | } ImageAcquireMode; | |
37 | ||
38 | int bus_image_acquire(Manager *m, sd_bus_message *message, const char *name_or_path, Image *image, ImageAcquireMode mode, const char *polkit_action, Image **ret, sd_bus_error *error); | |
39 | ||
40 | int bus_image_object_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error); | |
41 | int bus_image_node_enumerator(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error); |