From 20ce9fecaa85a32de40f4a71b634e4288597be74 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Tue, 26 Mar 2024 20:36:28 +0800
Subject: [PATCH 1/3] units: sort lists in meson.build

---
 units/meson.build      | 4 ++--
 units/user/meson.build | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/units/meson.build b/units/meson.build
index 953f8b0341..6fecbea0a1 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -7,6 +7,8 @@ units = [
         { 'file' : 'blockdev@.target' },
         { 'file' : 'bluetooth.target' },
         { 'file' : 'boot-complete.target' },
+        { 'file' : 'capsule@.service.in' },
+        { 'file' : 'capsule.slice' },
         { 'file' : 'console-getty.service.in' },
         { 'file' : 'container-getty@.service.in' },
         {
@@ -746,8 +748,6 @@ units = [
         { 'file' : 'user-runtime-dir@.service.in' },
         { 'file' : 'user.slice' },
         { 'file' : 'user@.service.in' },
-        { 'file' : 'capsule@.service.in' },
-        { 'file' : 'capsule.slice' },
         {
           'file' : 'var-lib-machines.mount',
           'conditions' : ['ENABLE_MACHINED'],
diff --git a/units/user/meson.build b/units/user/meson.build
index 248745d933..21070f7ef8 100644
--- a/units/user/meson.build
+++ b/units/user/meson.build
@@ -5,13 +5,13 @@ units = [
         'background.slice',
         'basic.target',
         'bluetooth.target',
+        'capsule@.target',
         'default.target',
         'exit.target',
         'graphical-session-pre.target',
         'graphical-session.target',
         'paths.target',
         'printer.target',
-        'capsule@.target',
         'session.slice',
         'shutdown.target',
         'smartcard.target',

From 2a17866bbd65df6b5d6a5b285d8da6c94fdedde9 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Tue, 26 Mar 2024 20:48:46 +0800
Subject: [PATCH 2/3] systemctl,busctl: sort includes

Follow-up for 56cb74c3cd1358d7d0b3f613feaf2eeab601a6bd
and 00431b2b66cb59540deda4ea018170a289673585
---
 src/busctl/busctl.c       | 2 +-
 src/systemctl/systemctl.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/busctl/busctl.c b/src/busctl/busctl.c
index ec00ed54a2..8db9076997 100644
--- a/src/busctl/busctl.c
+++ b/src/busctl/busctl.c
@@ -13,6 +13,7 @@
 #include "bus-type.h"
 #include "bus-util.h"
 #include "busctl-introspect.h"
+#include "capsule-util.h"
 #include "escape.h"
 #include "fd-util.h"
 #include "fileio.h"
@@ -28,7 +29,6 @@
 #include "parse-util.h"
 #include "path-util.h"
 #include "pretty-print.h"
-#include "capsule-util.h"
 #include "runtime-scope.h"
 #include "set.h"
 #include "sort-util.h"
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 00452cac2c..3c9eeef3d7 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -8,6 +8,7 @@
 
 #include "build.h"
 #include "bus-util.h"
+#include "capsule-util.h"
 #include "dissect-image.h"
 #include "install.h"
 #include "main-func.h"
@@ -18,7 +19,6 @@
 #include "path-util.h"
 #include "pretty-print.h"
 #include "process-util.h"
-#include "capsule-util.h"
 #include "reboot-util.h"
 #include "rlimit-util.h"
 #include "sigbus.h"

From 8e34fdb884cc2dd7396313748193fed632fedd56 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Tue, 26 Mar 2024 20:59:32 +0800
Subject: [PATCH 3/3] bus-util: dedup bus_set_address_capsule

Follow-up for ad963c3f5680796ccd094b81f35ff7aa20b57247
---
 src/shared/bus-util.c | 83 +++++++++++++++++++------------------------
 1 file changed, 37 insertions(+), 46 deletions(-)

diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
index 842e747c50..9a480aa0e3 100644
--- a/src/shared/bus-util.c
+++ b/src/shared/bus-util.c
@@ -280,6 +280,8 @@ static int pin_capsule_socket(const char *capsule, const char *suffix, uid_t *re
 
         assert(capsule);
         assert(suffix);
+        assert(ret_uid);
+        assert(ret_gid);
 
         p = path_join("/run/capsules", capsule, suffix);
         if (!p)
@@ -291,7 +293,7 @@ static int pin_capsule_socket(const char *capsule, const char *suffix, uid_t *re
                 return r;
 
         if (fstat(inode_fd, &st) < 0)
-                return -errno;
+                return negative_errno();
 
         /* Paranoid safety check */
         if (uid_is_system(st.st_uid) || gid_is_system(st.st_gid))
@@ -303,67 +305,28 @@ static int pin_capsule_socket(const char *capsule, const char *suffix, uid_t *re
         return TAKE_FD(inode_fd);
 }
 
-int bus_connect_capsule_systemd(const char *capsule, sd_bus **ret_bus) {
-        _cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
+static int bus_set_address_capsule(sd_bus *bus, const char *capsule, const char *suffix, int *ret_pin_fd) {
         _cleanup_close_ int inode_fd = -EBADF;
         _cleanup_free_ char *pp = NULL;
         uid_t uid;
         gid_t gid;
         int r;
 
-        assert(capsule);
-        assert(ret_bus);
-
-        r = capsule_name_is_valid(capsule);
-        if (r < 0)
-                return r;
-        if (r == 0)
-                return -EINVAL;
-
-        /* Connects to a capsule's user bus. We need to do so under the capsule's UID/GID, otherwise the
-         * the service manager might refuse our connection. Hence fake it. */
-
-        inode_fd = pin_capsule_socket(capsule, "systemd/private", &uid, &gid);
-        if (inode_fd < 0)
-                return inode_fd;
-
-        pp = bus_address_escape(FORMAT_PROC_FD_PATH(inode_fd));
-        if (!pp)
-                return -ENOMEM;
-
-        r = sd_bus_new(&bus);
-        if (r < 0)
-                return r;
-
-        if (asprintf(&bus->address, "unix:path=%s,uid=" UID_FMT ",gid=" GID_FMT, pp, uid, gid) < 0)
-                return -ENOMEM;
-
-        r = sd_bus_start(bus);
-        if (r < 0)
-                return r;
-
-        *ret_bus = TAKE_PTR(bus);
-        return 0;
-}
-
-int bus_set_address_capsule_bus(sd_bus *bus, const char *capsule, int *ret_pin_fd) {
-        _cleanup_free_ char *pp = NULL;
-        _cleanup_close_ int inode_fd = -EBADF;
-        uid_t uid;
-        gid_t gid;
-        int r;
-
         assert(bus);
         assert(capsule);
+        assert(suffix);
         assert(ret_pin_fd);
 
+        /* Connects to a capsule's user bus. We need to do so under the capsule's UID/GID, otherwise
+         * the service manager might refuse our connection. Hence fake it. */
+
         r = capsule_name_is_valid(capsule);
         if (r < 0)
                 return r;
         if (r == 0)
                 return -EINVAL;
 
-        inode_fd = pin_capsule_socket(capsule, "bus", &uid, &gid);
+        inode_fd = pin_capsule_socket(capsule, suffix, &uid, &gid);
         if (inode_fd < 0)
                 return inode_fd;
 
@@ -378,6 +341,34 @@ int bus_set_address_capsule_bus(sd_bus *bus, const char *capsule, int *ret_pin_f
         return 0;
 }
 
+int bus_set_address_capsule_bus(sd_bus *bus, const char *capsule, int *ret_pin_fd) {
+        return bus_set_address_capsule(bus, capsule, "bus", ret_pin_fd);
+}
+
+int bus_connect_capsule_systemd(const char *capsule, sd_bus **ret_bus) {
+        _cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
+        _cleanup_close_ int inode_fd = -EBADF;
+        int r;
+
+        assert(capsule);
+        assert(ret_bus);
+
+        r = sd_bus_new(&bus);
+        if (r < 0)
+                return r;
+
+        r = bus_set_address_capsule(bus, capsule, "systemd/private", &inode_fd);
+        if (r < 0)
+                return r;
+
+        r = sd_bus_start(bus);
+        if (r < 0)
+                return r;
+
+        *ret_bus = TAKE_PTR(bus);
+        return 0;
+}
+
 int bus_connect_capsule_bus(const char *capsule, sd_bus **ret_bus) {
         _cleanup_(sd_bus_close_unrefp) sd_bus *bus = NULL;
         _cleanup_close_ int inode_fd = -EBADF;