X-Git-Url: https://glassweightruler.freedombox.rocks/gitweb/waydroid.git/blobdiff_plain/fb92d3a016a956e8520e938b59f55bd0fe9c2deb..ebe075c0d1a4924329386fd29341d08af1c59f33:/tools/actions/container_manager.py

diff --git a/tools/actions/container_manager.py b/tools/actions/container_manager.py
index 29ba552..38b0040 100644
--- a/tools/actions/container_manager.py
+++ b/tools/actions/container_manager.py
@@ -22,13 +22,18 @@ class DbusContainerManager(dbus.service.Object):
         self.looper = looper
         dbus.service.Object.__init__(self, bus, object_path)
 
-    @dbus.service.method("id.waydro.ContainerManager", in_signature='a{ss}', out_signature='')
-    def Start(self, session):
+    @dbus.service.method("id.waydro.ContainerManager", in_signature='a{ss}', out_signature='', sender_keyword="sender", connection_keyword="conn")
+    def Start(self, session, sender, conn):
+        if session["user_id"] != "0":
+            dbus_info = dbus.Interface(conn.get_object("org.freedesktop.DBus", "/org/freedesktop/DBus/Bus", False), "org.freedesktop.DBus")
+            uid = dbus_info.GetConnectionUnixUser(sender)
+            if str(uid) != session["user_id"]:
+                raise RuntimeError("Cannot start a session on behalf of another user")
         do_start(self.args, session)
 
-    @dbus.service.method("id.waydro.ContainerManager", in_signature='', out_signature='')
-    def Stop(self):
-        stop(self.args)
+    @dbus.service.method("id.waydro.ContainerManager", in_signature='b', out_signature='')
+    def Stop(self, quit_session):
+        stop(self.args, quit_session)
 
     @dbus.service.method("id.waydro.ContainerManager", in_signature='', out_signature='')
     def Freeze(self):
@@ -123,15 +128,12 @@ def start(args):
 
 def do_start(args, session):
     if "session" in args:
-        logging.info("Already tracking a session")
-        return
-
-    args.session = session
+        raise RuntimeError("Already tracking a session")
 
     # Networking
     command = [tools.config.tools_src +
                "/data/scripts/waydroid-net.sh", "start"]
-    tools.helpers.run.user(args, command, check=False)
+    tools.helpers.run.user(args, command)
 
     # Sensors
     if which("waydroid-sensord"):
@@ -140,12 +142,12 @@ def do_start(args, session):
 
     # Mount rootfs
     cfg = tools.config.load(args)
-    helpers.images.mount_rootfs(args, cfg["waydroid"]["images_path"], args.session)
+    helpers.images.mount_rootfs(args, cfg["waydroid"]["images_path"], session)
 
     helpers.protocol.set_aidl_version(args)
 
     # Mount data
-    helpers.mount.bind(args, args.session["waydroid_data"],
+    helpers.mount.bind(args, session["waydroid_data"],
                        tools.config.defaults["data"])
 
     # Cgroup hacks
@@ -167,7 +169,9 @@ def do_start(args, session):
     helpers.lxc.start(args)
     services.hardware_manager.start(args)
 
-def stop(args):
+    args.session = session
+
+def stop(args, quit_session=True):
     try:
         services.hardware_manager.stop(args)
         status = helpers.lxc.status(args)
@@ -201,10 +205,11 @@ def stop(args):
         helpers.mount.umount_all(args, tools.config.defaults["data"])
 
         if "session" in args:
-            try:
-                os.kill(int(args.session["pid"]), signal.SIGUSR1)
-            except:
-                pass
+            if quit_session:
+                try:
+                    os.kill(int(args.session["pid"]), signal.SIGUSR1)
+                except:
+                    pass
             del args.session
     except:
         pass