assert(link);
assert(parameters);
- r = sd_varlink_set_allow_fd_passing_output(link, true);
- if (r < 0)
- return log_error_errno(r, "Failed to enable varlink fd passing for write: %m");
-
r = sd_varlink_dispatch(link, parameters, dispatch_table, &p);
if (r != 0)
return r;
}
ptmx_fd_idx = sd_varlink_push_fd(link, ptmx_fd);
- /* no need to handle -EPERM because we do sd_varlink_set_allow_fd_passing_output() above */
+ if (ERRNO_IS_PRIVILEGE(ptmx_fd_idx))
+ return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, NULL);
if (ptmx_fd_idx < 0)
return log_debug_errno(ptmx_fd_idx, "Failed to push file descriptor over varlink: %m");
return log_debug_errno(fd, "Failed to open root directory of machine '%s': %m", machine->name);
int fd_idx = sd_varlink_push_fd(link, fd);
- /* no need to handle -EPERM because server has SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT */
+ if (ERRNO_IS_PRIVILEGE(fd_idx))
+ return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, NULL);
if (fd_idx < 0)
return log_debug_errno(fd_idx, "Failed to push file descriptor over varlink: %m");
if (m->varlink_machine_server)
return 0;
- r = varlink_server_new(&s, SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA, m);
+ r = varlink_server_new(
+ &s,
+ SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA|
+ SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT,
+ m);
if (r < 0)
return log_error_errno(r, "Failed to allocate varlink server object: %m");
projects / thirdparty / systemd.git / commitdiff
