Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
systemd
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
steam
systemd
Commits
4d0e5dbd
Commit
4d0e5dbd
authored
Jun 19, 2010
by
Lennart Poettering
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
service: require KillMode=control-group when PAM is enabled
parent
399ab2b1
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
17 additions
and
2 deletions
+17
-2
src/mount.c
src/mount.c
+5
-0
src/service.c
src/service.c
+6
-1
src/socket.c
src/socket.c
+6
-1
No files found.
src/mount.c
View file @
4d0e5dbd
...
...
@@ -303,6 +303,11 @@ static int mount_verify(Mount *m) {
return
-
EBADMSG
;
}
if
(
m
->
exec_context
.
pam_name
&&
m
->
kill_mode
!=
KILL_CONTROL_GROUP
)
{
log_error
(
"%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing."
,
m
->
meta
.
id
);
return
-
EINVAL
;
}
return
0
;
}
...
...
src/service.c
View file @
4d0e5dbd
...
...
@@ -817,7 +817,12 @@ static int service_verify(Service *s) {
}
if
(
s
->
type
==
SERVICE_DBUS
&&
!
s
->
bus_name
)
{
log_error
(
"%s is of type D-Bus but no D-Bus service name has been specified. Refusing."
,
UNIT
(
s
)
->
meta
.
id
);
log_error
(
"%s is of type D-Bus but no D-Bus service name has been specified. Refusing."
,
s
->
meta
.
id
);
return
-
EINVAL
;
}
if
(
s
->
exec_context
.
pam_name
&&
s
->
kill_mode
!=
KILL_CONTROL_GROUP
)
{
log_error
(
"%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing."
,
s
->
meta
.
id
);
return
-
EINVAL
;
}
...
...
src/socket.c
View file @
4d0e5dbd
...
...
@@ -153,7 +153,12 @@ static int socket_verify(Socket *s) {
}
if
(
s
->
accept
&&
s
->
max_connections
<=
0
)
{
log_error
(
"%s's MaxConnection setting too small. Refusing."
,
UNIT
(
s
)
->
meta
.
id
);
log_error
(
"%s's MaxConnection setting too small. Refusing."
,
s
->
meta
.
id
);
return
-
EINVAL
;
}
if
(
s
->
exec_context
.
pam_name
&&
s
->
kill_mode
!=
KILL_CONTROL_GROUP
)
{
log_error
(
"%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing."
,
s
->
meta
.
id
);
return
-
EINVAL
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment