From: Lennart Poettering Date: Wed, 22 Apr 2015 22:37:47 +0000 (+0200) Subject: core: explicitly specify credentials for direct connections, too X-Git-Tag: v220~335 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0674bbea9ce0958512411962c2d1623d88dad0b4;p=thirdparty%2Fsystemd.git core: explicitly specify credentials for direct connections, too So far we authenticate direct connections primarily at connection time, but let's also do this for each method individually, by attaching the creds we need for that right away. --- diff --git a/src/core/dbus.c b/src/core/dbus.c index 18754f606e4..02b998c6d18 100644 --- a/src/core/dbus.c +++ b/src/core/dbus.c @@ -670,6 +670,15 @@ static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void return 0; } + r = sd_bus_negotiate_creds(bus, 1, + SD_BUS_CREDS_PID|SD_BUS_CREDS_UID| + SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS| + SD_BUS_CREDS_SELINUX_CONTEXT); + if (r < 0) { + log_warning_errno(r, "Failed to enable credentials for new connection: %m"); + return 0; + } + r = sd_bus_start(bus); if (r < 0) { log_warning_errno(r, "Failed to start new connection bus: %m"); diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c index f97e15d5d2c..6a55f9bfb48 100644 --- a/src/libsystemd/sd-bus/bus-socket.c +++ b/src/libsystemd/sd-bus/bus-socket.c @@ -916,7 +916,7 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) { bus->rbuffer, size, bus->fds, bus->n_fds, !bus->bus_client && bus->ucred_valid ? &bus->ucred : NULL, - !bus->bus_client && bus->label[0] ? bus->label : NULL, + !bus->bus_client && !isempty(bus->label) ? bus->label : NULL, &t); if (r < 0) { free(b);