Commit 87b516ce authored by Sjoerd Simons's avatar Sjoerd Simons Committed by Sjoerd Simons
Browse files

Make unix socket binding a tad more robust

* d/p/core-Fix-bind-error-message.patch:
  + Added. Fix error message on bind failure to print the full path
* d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch:
  + Added. Be more robust when binding private unix sockets (Based on current
  upstream logic) (Closes: #761306)
parent 2e3f2d06
systemd (215-8) UNRELEASED; urgency=medium
[ Didier Roche ]
* Cherry-pick shared-add-readlink_value.patch, we will use that function in
the generator.
* Cherry-pick util-allow-strappenda-to-take-any-number-of-args.patch, we
......@@ -13,7 +14,15 @@ systemd (215-8) UNRELEASED; urgency=medium
boot.
- (Closes: #771287)
-- Didier Roche <didrocks@ubuntu.com> Fri, 28 Nov 2014 08:50:35 +0100
[ Sjoerd Simons ]
* d/p/core-Fix-bind-error-message.patch:
+ Added. Fix error message on bind failure to print the full path
* d/p/core-Make-binding-notify-private-dbus-socket-more-ro.patch:
+ Added. Be more robust when binding private unix sockets (Based on current
upstream logic) (Closes: #761306)
-- Sjoerd Simons <sjoerd@debian.org> Mon, 01 Dec 2014 22:44:48 +0100
systemd (215-7) unstable; urgency=medium
......
From: Sjoerd Simons <sjoerd@luon.net>
Date: Mon, 1 Dec 2014 22:32:39 +0100
Subject: core: Fix bind error message
The notify socket is no longer an abstract socket, so the full path
should be printed instead of skipping the first character.
Upstream has the same change as a side-effect in commit 70af4d17da
---
src/core/manager.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 454ae47..9c96750 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -554,7 +554,7 @@ static int manager_setup_notify(Manager *m) {
strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
if (r < 0) {
- log_error("bind(@%s) failed: %m", sa.un.sun_path+1);
+ log_error("bind(%s) failed: %m", sa.un.sun_path);
return -errno;
}
From: Sjoerd Simons <sjoerd@luon.net>
Date: Mon, 1 Dec 2014 22:34:34 +0100
Subject: core: Make binding notify & private dbus socket more robust
Use mkdir + unlink right before calling bind on private unix sockets to
prevent issues with stray sockets. This patch is based on a serie of
upstream commits with the net code change in this patch as a result
0c3f25e0c1f028d4da9cc5253abf0322230e6835
e7bc519620cb7bcdbe2166fc2a446453769d827e
498e87d6b7ef025fef2e089931f355b5cd3c7dad
f0e62e89970b8c38eb07a9beebd277ce13a5fcc2
Bug-Debian: https://bugs.debian.org/761306
---
src/core/dbus.c | 5 ++---
src/core/manager.c | 3 +++
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/core/dbus.c b/src/core/dbus.c
index fb8e496..1c9c0aa 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -974,11 +974,10 @@ static int bus_init_private(Manager *m) {
left = strpcpy(&p, left, "/systemd/private");
salen = sizeof(sa.un) - left;
-
- mkdir_parents_label(sa.un.sun_path, 0755);
}
- unlink(sa.un.sun_path);
+ (void) mkdir_parents_label(sa.un.sun_path, 0755);
+ (void) unlink(sa.un.sun_path);
fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
if (fd < 0) {
diff --git a/src/core/manager.c b/src/core/manager.c
index 9c96750..c99f6ec 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -551,6 +551,9 @@ static int manager_setup_notify(Manager *m) {
if (!m->notify_socket)
return log_oom();
+ (void) mkdir_parents_label(m->notify_socket, 0755);
+ (void) unlink(m->notify_socket);
+
strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
r = bind(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path));
if (r < 0) {
......@@ -169,3 +169,5 @@ udev-re-enable-mount-propagation-for-udevd.patch
Add-env-variable-for-machine-ID-path.patch
sysv-generator-Avoid-wrong-dependencies-for-failing-.patch
Prefer-etc-X11-default-display-manager-if-present.patch
core-Fix-bind-error-message.patch
core-Make-binding-notify-private-dbus-socket-more-ro.patch
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment