|
Michal Schmidt |
e43452 |
From 6811dc0646d92f0c668cbf3ce5a6426e273c4abf Mon Sep 17 00:00:00 2001
|
|
Michal Schmidt |
e43452 |
From: Michal Schmidt <mschmidt@redhat.com>
|
|
Michal Schmidt |
e43452 |
Date: Tue, 29 Nov 2011 23:14:36 +0100
|
|
Michal Schmidt |
f1996e |
Subject: [PATCH] shutdownd: use PassCred=yes in the socket unit
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
Since Linux 3.2 in order to receive SCM_CREDENTIALS it is not sufficient
|
|
Michal Schmidt |
e43452 |
to set SO_PASSCRED just before recvmsg(). The option has to be already
|
|
Michal Schmidt |
e43452 |
set when the sender sends the message.
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
With socket activation it is too late to set the option in the service.
|
|
Michal Schmidt |
e43452 |
It must be set on the socket right from the start.
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
See the kernel commit:
|
|
Michal Schmidt |
e43452 |
16e57262 af_unix: dont send SCM_CREDENTIALS by default
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=757628
|
|
Michal Schmidt |
e43452 |
(cherry picked from commit 75d3fc60f88e08bf953063819a8a04b881d6db23)
|
|
Michal Schmidt |
e43452 |
---
|
|
Michal Schmidt |
e43452 |
src/shutdownd.c | 6 ------
|
|
Michal Schmidt |
e43452 |
units/systemd-shutdownd.socket | 1 +
|
|
Michal Schmidt |
e43452 |
2 files changed, 1 insertions(+), 6 deletions(-)
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
diff --git a/src/shutdownd.c b/src/shutdownd.c
|
|
Michal Schmidt |
e43452 |
index 0ffa8b2..46856b0 100644
|
|
Michal Schmidt |
e43452 |
--- a/src/shutdownd.c
|
|
Michal Schmidt |
e43452 |
+++ b/src/shutdownd.c
|
|
Michal Schmidt |
e43452 |
@@ -173,7 +173,6 @@ int main(int argc, char *argv[]) {
|
|
Michal Schmidt |
e43452 |
};
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
int r = EXIT_FAILURE, n_fds;
|
|
Michal Schmidt |
e43452 |
- int one = 1;
|
|
Michal Schmidt |
e43452 |
struct shutdownd_command c;
|
|
Michal Schmidt |
e43452 |
struct pollfd pollfd[_FD_MAX];
|
|
Michal Schmidt |
e43452 |
bool exec_shutdown = false, unlink_nologin = false, failed = false;
|
|
Michal Schmidt |
e43452 |
@@ -205,11 +204,6 @@ int main(int argc, char *argv[]) {
|
|
Michal Schmidt |
e43452 |
return EXIT_FAILURE;
|
|
Michal Schmidt |
e43452 |
}
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
- if (setsockopt(SD_LISTEN_FDS_START, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) {
|
|
Michal Schmidt |
e43452 |
- log_error("SO_PASSCRED failed: %m");
|
|
Michal Schmidt |
e43452 |
- return EXIT_FAILURE;
|
|
Michal Schmidt |
e43452 |
- }
|
|
Michal Schmidt |
e43452 |
-
|
|
Michal Schmidt |
e43452 |
zero(c);
|
|
Michal Schmidt |
e43452 |
zero(pollfd);
|
|
Michal Schmidt |
e43452 |
|
|
Michal Schmidt |
e43452 |
diff --git a/units/systemd-shutdownd.socket b/units/systemd-shutdownd.socket
|
|
Michal Schmidt |
e43452 |
index bc0358a..13b6c7a 100644
|
|
Michal Schmidt |
e43452 |
--- a/units/systemd-shutdownd.socket
|
|
Michal Schmidt |
e43452 |
+++ b/units/systemd-shutdownd.socket
|
|
Michal Schmidt |
e43452 |
@@ -15,3 +15,4 @@ Before=sockets.target
|
|
Michal Schmidt |
e43452 |
[Socket]
|
|
Michal Schmidt |
e43452 |
ListenDatagram=/run/systemd/shutdownd
|
|
Michal Schmidt |
e43452 |
SocketMode=0600
|
|
Michal Schmidt |
e43452 |
+PassCred=yes
|
|
Michal Schmidt |
e43452 |
--
|
|
Michal Schmidt |
e43452 |
1.7.7.5
|
|
Michal Schmidt |
e43452 |
|