]>
Commit | Line | Data |
---|---|---|
663996b3 MS |
1 | /* |
2 | * manage device node user ACL | |
3 | * | |
4 | * Copyright 2010-2012 Kay Sievers <kay@vrfy.org> | |
5 | * Copyright 2010 Lennart Poettering | |
6 | * | |
7 | * This program is free software: you can redistribute it and/or modify | |
8 | * it under the terms of the GNU General Public License as published by | |
9 | * the Free Software Foundation, either version 2 of the License, or | |
10 | * (at your option) any later version. | |
11 | * | |
12 | * This program is distributed in the hope that it will be useful, | |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
15 | * GNU General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU General Public License | |
18 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
19 | */ | |
20 | ||
21 | #include <stdio.h> | |
22 | #include <stdlib.h> | |
23 | #include <stdarg.h> | |
24 | #include <unistd.h> | |
25 | #include <string.h> | |
26 | #include <ctype.h> | |
27 | #include <fcntl.h> | |
28 | #include <errno.h> | |
29 | #include <dirent.h> | |
30 | #include <getopt.h> | |
31 | ||
5eef597e | 32 | #include "systemd/sd-login.h" |
663996b3 MS |
33 | #include "logind-acl.h" |
34 | #include "udev.h" | |
35 | #include "util.h" | |
36 | ||
5eef597e | 37 | static int builtin_uaccess(struct udev_device *dev, int argc, char *argv[], bool test) { |
663996b3 MS |
38 | int r; |
39 | const char *path = NULL, *seat; | |
40 | bool changed_acl = false; | |
41 | uid_t uid; | |
42 | ||
663996b3 MS |
43 | umask(0022); |
44 | ||
45 | /* don't muck around with ACLs when the system is not running systemd */ | |
46 | if (!logind_running()) | |
47 | return 0; | |
48 | ||
49 | path = udev_device_get_devnode(dev); | |
50 | seat = udev_device_get_property_value(dev, "ID_SEAT"); | |
51 | if (!seat) | |
52 | seat = "seat0"; | |
53 | ||
54 | r = sd_seat_get_active(seat, NULL, &uid); | |
55 | if (r == -ENOENT) { | |
56 | /* No active session on this seat */ | |
57 | r = 0; | |
58 | goto finish; | |
59 | } else if (r < 0) { | |
60 | log_error("Failed to determine active user on seat %s.", seat); | |
61 | goto finish; | |
62 | } | |
63 | ||
64 | r = devnode_acl(path, true, false, 0, true, uid); | |
65 | if (r < 0) { | |
66 | log_error("Failed to apply ACL on %s: %s", path, strerror(-r)); | |
67 | goto finish; | |
68 | } | |
69 | ||
70 | changed_acl = true; | |
71 | r = 0; | |
72 | ||
73 | finish: | |
74 | if (path && !changed_acl) { | |
75 | int k; | |
76 | ||
77 | /* Better be safe than sorry and reset ACL */ | |
78 | k = devnode_acl(path, true, false, 0, false, 0); | |
79 | if (k < 0) { | |
80 | log_error("Failed to apply ACL on %s: %s", path, strerror(-k)); | |
81 | if (r >= 0) | |
82 | r = k; | |
83 | } | |
84 | } | |
85 | ||
86 | return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; | |
87 | } | |
88 | ||
89 | const struct udev_builtin udev_builtin_uaccess = { | |
90 | .name = "uaccess", | |
91 | .cmd = builtin_uaccess, | |
92 | .help = "manage device node user ACL", | |
93 | }; |