Commit a822056b authored by Lennart Poettering's avatar Lennart Poettering
Browse files

initctl: check peer credentials after connection

parent f4579ce7
...@@ -453,7 +453,8 @@ systemd_logger_LDADD = \ ...@@ -453,7 +453,8 @@ systemd_logger_LDADD = \
systemd_initctl_SOURCES = \ systemd_initctl_SOURCES = \
src/initctl.c \ src/initctl.c \
src/sd-daemon.c src/sd-daemon.c \
src/dbus-common.c
systemd_initctl_CFLAGS = \ systemd_initctl_CFLAGS = \
$(AM_CFLAGS) \ $(AM_CFLAGS) \
......
...@@ -41,6 +41,7 @@ ...@@ -41,6 +41,7 @@
#include "initreq.h" #include "initreq.h"
#include "special.h" #include "special.h"
#include "sd-daemon.h" #include "sd-daemon.h"
#include "dbus-common.h"
#define SERVER_FD_MAX 16 #define SERVER_FD_MAX 16
#define TIMEOUT ((int) (10*MSEC_PER_SEC)) #define TIMEOUT ((int) (10*MSEC_PER_SEC))
...@@ -300,6 +301,10 @@ static int server_init(Server *s, unsigned n_sockets) { ...@@ -300,6 +301,10 @@ static int server_init(Server *s, unsigned n_sockets) {
log_error("Failed to get D-Bus connection: %s", error.message); log_error("Failed to get D-Bus connection: %s", error.message);
goto fail; goto fail;
} }
if ((r = bus_check_peercred(s->bus)) < 0) {
log_error("Bus connection failed peer credential check: %s", strerror(-r));
goto fail;
}
return 0; return 0;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment