core: explicitly specify credentials for direct connections, too

So far we authenticate direct connections primarily at connection time,
but let's also do this for each method individually, by attaching the
creds we need for that right away.

diff --git a/src/core/dbus.c b/src/core/dbus.c
index 18754f606e42059796d1593a1612e93ee9781e50..02b998c6d182139ba59da4c79fa68a5fdedffcb0 100644 (file)
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -670,6 +670,15 @@ static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void
                 return 0;
         }
 
+        r = sd_bus_negotiate_creds(bus, 1,
+                                   SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
+                                   SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
+                                   SD_BUS_CREDS_SELINUX_CONTEXT);
+        if (r < 0) {
+                log_warning_errno(r, "Failed to enable credentials for new connection: %m");
+                return 0;
+        }
+
         r = sd_bus_start(bus);
         if (r < 0) {
                 log_warning_errno(r, "Failed to start new connection bus: %m");

diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
index f97e15d5d2c8b8a2ca82462098eb1520625eb131..6a55f9bfb48554bce9aa4701481c999e6acb3ead 100644 (file)
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -916,7 +916,7 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) {
                                     bus->rbuffer, size,
                                     bus->fds, bus->n_fds,
                                     !bus->bus_client && bus->ucred_valid ? &bus->ucred : NULL,
-                                    !bus->bus_client && bus->label[0] ? bus->label : NULL,
+                                    !bus->bus_client && !isempty(bus->label) ? bus->label : NULL,
                                     &t);
         if (r < 0) {
                 free(b);