also raises the question whether such sessions shall be considered active or
not
-* Add PassPidFileDescriptor= similar in style to PassCredentials= to .socket
- units
-
* automatically reset specific EFI vars on factory reset (make this generic
enough so that infrac can be used to erase shim's mok vars?)
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
readonly b PassCredentials = ...;
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
+ readonly b PassPIDFD = ...;
+ @org.freedesktop.DBus.Property.EmitsChangedSignal("const")
readonly b PassSecurity = ...;
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
readonly b PassPacketInfo = ...;
<!--property PassCredentials is not documented!-->
+ <!--property PassPIDFD is not documented!-->
+
<!--property PassSecurity is not documented!-->
<!--property PassPacketInfo is not documented!-->
<variablelist class="dbus-property" generated="True" extra-ref="PassCredentials"/>
+ <variablelist class="dbus-property" generated="True" extra-ref="PassPIDFD"/>
+
<variablelist class="dbus-property" generated="True" extra-ref="PassSecurity"/>
<variablelist class="dbus-property" generated="True" extra-ref="PassPacketInfo"/>
<varname>ProtectControlGroupsEx</varname>, and
<varname>PrivatePIDs</varname> were added in version 257.</para>
<para><varname>ProtectHostnameEx</varname>,
+ <varname>PassPIDFD</varname>,
<varname>DelegateNamespaces</varname>, and
<function>RemoveSubgroup()</function> were added in version 258.</para>
</refsect2>
process in an ancillary message. Defaults to <option>false</option>.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>PassPIDFD=</varname></term>
+
+ <listitem><para>Takes a boolean value. This controls the <constant>SO_PASSPIDFD</constant> socket
+ option, which allows <constant>AF_UNIX</constant> sockets to receive the pidfd of the sending
+ process in an ancillary message. Defaults to <option>false</option>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v258"/></listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>PassSecurity=</varname></term>
<listitem><para>Takes a boolean value. This controls the <constant>SO_PASSSEC</constant> socket
SD_BUS_PROPERTY("Transparent", "b", bus_property_get_bool, offsetof(Socket, transparent), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("Broadcast", "b", bus_property_get_bool, offsetof(Socket, broadcast), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("PassCredentials", "b", bus_property_get_bool, offsetof(Socket, pass_cred), SD_BUS_VTABLE_PROPERTY_CONST),
+ SD_BUS_PROPERTY("PassPIDFD", "b", bus_property_get_bool, offsetof(Socket, pass_pidfd), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("PassSecurity", "b", bus_property_get_bool, offsetof(Socket, pass_sec), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("PassPacketInfo", "b", bus_property_get_bool, offsetof(Socket, pass_pktinfo), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("Timestamping", "s", property_get_timestamping, offsetof(Socket, timestamping), SD_BUS_VTABLE_PROPERTY_CONST),
if (streq(name, "PassCredentials"))
return bus_set_transient_bool(u, name, &s->pass_cred, message, flags, error);
+ if (streq(name, "PassPIDFD"))
+ return bus_set_transient_bool(u, name, &s->pass_pidfd, message, flags, error);
+
if (streq(name, "PassSecurity"))
return bus_set_transient_bool(u, name, &s->pass_sec, message, flags, error);
Socket.Transparent, config_parse_bool, 0, offsetof(Socket, transparent)
Socket.Broadcast, config_parse_bool, 0, offsetof(Socket, broadcast)
Socket.PassCredentials, config_parse_bool, 0, offsetof(Socket, pass_cred)
+Socket.PassPIDFD, config_parse_bool, 0, offsetof(Socket, pass_pidfd)
Socket.PassSecurity, config_parse_bool, 0, offsetof(Socket, pass_sec)
Socket.PassPacketInfo, config_parse_bool, 0, offsetof(Socket, pass_pktinfo)
Socket.Timestamping, config_parse_socket_timestamping, 0, offsetof(Socket, timestamping)
"%sTransparent: %s\n"
"%sBroadcast: %s\n"
"%sPassCredentials: %s\n"
+ "%sPassPIDFD: %s\n"
"%sPassSecurity: %s\n"
"%sPassPacketInfo: %s\n"
"%sTCPCongestion: %s\n"
prefix, yes_no(s->transparent),
prefix, yes_no(s->broadcast),
prefix, yes_no(s->pass_cred),
+ prefix, yes_no(s->pass_pidfd),
prefix, yes_no(s->pass_sec),
prefix, yes_no(s->pass_pktinfo),
prefix, strna(s->tcp_congestion),
log_socket_option_warning_errno(s, r, SO_PASSCRED);
}
+ if (s->pass_pidfd) {
+ r = setsockopt_int(fd, SOL_SOCKET, SO_PASSPIDFD, true);
+ if (r < 0)
+ log_unit_full_errno(UNIT(s), ERRNO_IS_NEG_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING, r,
+ SOCKET_OPTION_WARNING_FORMAT_STR, "SO_PASSPIDFD");
+ }
+
if (s->pass_sec) {
r = setsockopt_int(fd, SOL_SOCKET, SO_PASSSEC, true);
if (r < 0)
bool transparent;
bool broadcast;
bool pass_cred;
+ bool pass_pidfd;
bool pass_sec;
bool pass_pktinfo;
SocketTimestamping timestamping;
"Transparent",
"Broadcast",
"PassCredentials",
+ "PassPIDFD",
"PassSecurity",
"PassPacketInfo",
"ReusePort",
projects / thirdparty / systemd.git / commitdiff
