machine: introduce io.systemd.MachineImage.Remove method

2026-04-15 00:47:10 +09:00 · 2024-10-21 13:54:42 +02:00
parent 38a0cf4172
commit 1663455b63
4 changed files with 76 additions and 1 deletions
--- a/src/machine/image-varlink.c
+++ b/src/machine/image-varlink.c
@@ -171,3 +171,70 @@ int vl_method_clone_image(sd_varlink *link, sd_json_variant *parameters, sd_varl
        TAKE_FD(errno_pipe_fd[0]);
        return 1;
 }
+
+int vl_method_remove_image(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
+        static const sd_json_dispatch_field dispatch_table[] = {
+                { "name", SD_JSON_VARIANT_STRING, sd_json_dispatch_const_string, 0, SD_JSON_MANDATORY },
+                VARLINK_DISPATCH_POLKIT_FIELD,
+                {}
+        };
+
+        Manager *manager = ASSERT_PTR(userdata);
+        _cleanup_close_pair_ int errno_pipe_fd[2] = EBADF_PAIR;
+        const char *image_name;
+        Image *image;
+        pid_t child;
+        int r;
+
+        assert(link);
+        assert(parameters);
+
+        if (manager->n_operations >= OPERATIONS_MAX)
+                return sd_varlink_error(link, "io.systemd.MachineImage.TooManyOperations", NULL);
+
+        r = sd_varlink_dispatch(link, parameters, dispatch_table, &image_name);
+        if (r != 0)
+                return r;
+
+        if (!image_name_is_valid(image_name))
+                return sd_varlink_error_invalid_parameter_name(link, "name");
+
+        r = manager_acquire_image(manager, image_name, &image);
+        if (r == -ENOENT)
+                return sd_varlink_error(link, "io.systemd.MachineImage.NoSuchImage", NULL);
+        if (r < 0)
+                return r;
+
+        r = varlink_verify_polkit_async(
+                        link,
+                        manager->bus,
+                        "org.freedesktop.machine1.manage-images",
+                        (const char**) STRV_MAKE("image", image->name,
+                                                 "verb", "remove"),
+                        &manager->polkit_registry);
+        if (r <= 0)
+                return r;
+
+        if (pipe2(errno_pipe_fd, O_CLOEXEC|O_NONBLOCK) < 0)
+                return log_debug_errno(errno, "Failed to open pipe: %m");
+
+        r = safe_fork("(sd-imgrm)", FORK_RESET_SIGNALS, &child);
+        if (r < 0)
+                return log_debug_errno(r, "Failed to fork: %m");
+        if (r == 0) {
+                errno_pipe_fd[0] = safe_close(errno_pipe_fd[0]);
+                r = image_remove(image);
+                report_errno_and_exit(errno_pipe_fd[1], r);
+        }
+
+        errno_pipe_fd[1] = safe_close(errno_pipe_fd[1]);
+
+        r = operation_new_with_varlink_reply(manager, /* machine= */ NULL, child, link, errno_pipe_fd[0], /* ret= */ NULL);
+        if (r < 0) {
+                sigkill_wait(child);
+                return r;
+        }
+
+        TAKE_FD(errno_pipe_fd[0]);
+        return 1;
+}
--- a/src/machine/image-varlink.h
+++ b/src/machine/image-varlink.h
@@ -5,3 +5,4 @@

 int vl_method_update_image(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata);
 int vl_method_clone_image(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata);
+int vl_method_remove_image(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata);
--- a/src/machine/machined-varlink.c
+++ b/src/machine/machined-varlink.c
@@ -775,7 +775,8 @@ static int manager_varlink_init_machine(Manager *m) {
                        "io.systemd.Machine.Kill",        vl_method_kill,
                        "io.systemd.MachineImage.List",   vl_method_list_images,
                        "io.systemd.MachineImage.Update", vl_method_update_image,
-                        "io.systemd.MachineImage.Clone",  vl_method_clone_image);
+                        "io.systemd.MachineImage.Clone",  vl_method_clone_image,
+                        "io.systemd.MachineImage.Remove", vl_method_remove_image);
        if (r < 0)
                return log_error_errno(r, "Failed to register varlink methods: %m");

--- a/src/shared/varlink-io.systemd.MachineImage.c
+++ b/src/shared/varlink-io.systemd.MachineImage.c
@@ -78,6 +78,10 @@ static SD_VARLINK_DEFINE_METHOD(
                SD_VARLINK_FIELD_COMMENT("If non-null value of the read-only flag of the image"),
                SD_VARLINK_DEFINE_INPUT(readOnly, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE));

+static SD_VARLINK_DEFINE_METHOD(
+                Remove,
+                VARLINK_DEFINE_IMAGE_LOOKUP_AND_POLKIT_FIELDS);
+
 static SD_VARLINK_DEFINE_ERROR(NoSuchImage);
 static SD_VARLINK_DEFINE_ERROR(TooManyOperations);

@@ -92,6 +96,8 @@ SD_VARLINK_DEFINE_INTERFACE(
                &vl_method_Update,
                SD_VARLINK_SYMBOL_COMMENT("Clone image"),
                &vl_method_Clone,
+                SD_VARLINK_SYMBOL_COMMENT("Remove image"),
+                &vl_method_Remove,
                SD_VARLINK_SYMBOL_COMMENT("No matching image exists"),
                &vl_error_NoSuchImage,
                SD_VARLINK_SYMBOL_COMMENT("Too many ongoing background operations"),