From 24546142552d7a48bbf929b5994d6171514b88ec Mon Sep 17 00:00:00 2001 From: Denis Bychkov Date: Fri, 3 Jul 2015 03:32:09 -0400 Subject: [PATCH] Add permissions to the sockets acquired from systemd during the socket activation process --- src/rrd_daemon.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/rrd_daemon.c b/src/rrd_daemon.c index 755a340e..c71ae9a6 100644 --- a/src/rrd_daemon.c +++ b/src/rrd_daemon.c @@ -3453,6 +3453,12 @@ static int open_listen_sockets_systemd(void) /* {{{ */ listen_fds[listen_fds_num].fd = sd_fd; listen_fds[listen_fds_num].family = sa.sun_family; + /* Add permissions to the socket */ + if (default_socket.permissions != 0) + socket_permission_copy(&listen_fds[listen_fds_num], &default_socket); + else + /* Add permission for ALL commands to the socket. */ + socket_permission_set_all(&listen_fds[listen_fds_num]); listen_fds_num++; } -- 2.47.2