diff --git a/common/xdg-app-run.c b/common/xdg-app-run.c index eecba6fb..8492496e 100644 --- a/common/xdg-app-run.c +++ b/common/xdg-app-run.c @@ -1681,15 +1681,14 @@ job_removed_cb (SystemdManager *manager, g_main_loop_quit (data->main_loop); } -void -xdg_app_run_in_transient_unit (const char *appid) +gboolean +xdg_app_run_in_transient_unit (const char *appid, GError **error) { - GDBusConnection *conn = NULL; - GError *error = NULL; - char *path = NULL; - char *address = NULL; - char *name = NULL; - char *job = NULL; + g_autoptr(GDBusConnection) conn = NULL; + g_autofree char *path = NULL; + g_autofree char *address = NULL; + g_autofree char *name = NULL; + g_autofree char *job = NULL; SystemdManager *manager = NULL; GVariantBuilder builder; GVariant *properties = NULL; @@ -1698,40 +1697,35 @@ xdg_app_run_in_transient_unit (const char *appid) GMainContext *main_context = NULL; GMainLoop *main_loop = NULL; struct JobData data; + gboolean res = FALSE; path = g_strdup_printf ("/run/user/%d/systemd/private", getuid()); if (!g_file_test (path, G_FILE_TEST_EXISTS)) - goto out; + return xdg_app_fail (error, + "No systemd user session available, sandboxing not available"); main_context = g_main_context_new (); main_loop = g_main_loop_new (main_context, FALSE); g_main_context_push_thread_default (main_context); - address = g_strconcat ("unix:path=", path, NULL); conn = g_dbus_connection_new_for_address_sync (address, G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT, NULL, - NULL, &error); + NULL, error); if (!conn) - { - g_warning ("Can't connect to systemd: %s\n", error->message); - goto out; - } + goto out; manager = systemd_manager_proxy_new_sync (conn, G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES, NULL, "/org/freedesktop/systemd1", - NULL, &error); + NULL, error); if (!manager) - { - g_warning ("Can't create manager proxy: %s\n", error->message); - goto out; - } + goto out; name = g_strdup_printf ("xdg-app-%s-%d.scope", appid, getpid()); @@ -1755,11 +1749,8 @@ xdg_app_run_in_transient_unit (const char *appid) aux, &job, NULL, - &error)) - { - g_warning ("Can't start transient unit: %s\n", error->message); - goto out; - } + error)) + goto out; data.job = job; data.main_loop = main_loop; @@ -1767,6 +1758,8 @@ xdg_app_run_in_transient_unit (const char *appid) g_main_loop_run (main_loop); + res = TRUE; + out: if (main_context) { @@ -1775,16 +1768,10 @@ xdg_app_run_in_transient_unit (const char *appid) } if (main_loop) g_main_loop_unref (main_loop); - if (error) - g_error_free (error); if (manager) g_object_unref (manager); - if (conn) - g_object_unref (conn); - g_free (path); - g_free (address); - g_free (job); - g_free (name); + + return res; } static void @@ -2153,7 +2140,8 @@ xdg_app_run_app (const char *app_ref, /* Must run this before spawning the dbus proxy, to ensure it ends up in the app cgroup */ - xdg_app_run_in_transient_unit (app_ref_parts[1]); + if (!xdg_app_run_in_transient_unit (app_ref_parts[1], error)) + return FALSE; if (!add_dbus_proxy_args (argv_array, dbus_proxy_argv, error)) return FALSE; diff --git a/common/xdg-app-run.h b/common/xdg-app-run.h index a06c2b3f..fad0957b 100644 --- a/common/xdg-app-run.h +++ b/common/xdg-app-run.h @@ -25,7 +25,8 @@ #include "dbus-proxy/xdg-app-proxy.h" #include "xdg-app-common-types.h" -void xdg_app_run_in_transient_unit (const char *app_id); +gboolean xdg_app_run_in_transient_unit (const char *app_id, + GError **error); #define XDG_APP_METADATA_GROUP_CONTEXT "Context" #define XDG_APP_METADATA_GROUP_SESSION_BUS_POLICY "Session Bus Policy" diff --git a/common/xdg-app-utils.c b/common/xdg-app-utils.c index 18f26659..812ff963 100644 --- a/common/xdg-app-utils.c +++ b/common/xdg-app-utils.c @@ -970,8 +970,7 @@ got_credentials_cb (GObject *source_object, info->app_id = g_strdup (name); } } - else if (g_str_has_prefix (scope, "session-") && - g_str_has_suffix (scope, ".scope")) + else info->app_id = g_strdup (""); } }