SBUS: Chown the sbus socket if needed

When setting up the sbus server, we might need to chown the sbus socket to make sure non-root peers, running as the SSSD user are able to access the file. Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2014-10-07 11:30:01 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2014-10-22 15:44:17 +0200
commit: 5960687483a5d3d99093c9d6ab64e11c9bde7f7b (patch)
tree: e5b06570880583f579635b7112eae16dee235ed5 /src/monitor
parent: a10ac1d0a7210def232205a48c53a075930e82f6 (diff)
download: sssd-5960687483a5d3d99093c9d6ab64e11c9bde7f7b.tar.gz
sssd-5960687483a5d3d99093c9d6ab64e11c9bde7f7b.tar.xz
sssd-5960687483a5d3d99093c9d6ab64e11c9bde7f7b.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
index df1cd5ca1..b6777784c 100644
--- a/src/monitor/monitor.c
+++ b/src/monitor/monitor.c
@@ -515,7 +515,11 @@ static int monitor_dbus_init(struct mt_ctx *ctx)
         return ret;
     }
 
-    ret = sbus_new_server(ctx, ctx->ev, monitor_address,
+    /* If a service is running as unprivileged user, we need to make sure this
+     * user can access the monitor sbus server. root is still king, so we don't
+     * lose any access.
+     */
+    ret = sbus_new_server(ctx, ctx->ev, monitor_address, ctx->uid, ctx->gid,
                           false, &ctx->sbus_srv, monitor_service_init, ctx);
 
     talloc_free(monitor_address);
author	Jakub Hrozek <jhrozek@redhat.com>	2014-10-07 11:30:01 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2014-10-22 15:44:17 +0200
commit	5960687483a5d3d99093c9d6ab64e11c9bde7f7b (patch)
tree	e5b06570880583f579635b7112eae16dee235ed5 /src/monitor
parent	a10ac1d0a7210def232205a48c53a075930e82f6 (diff)
download	sssd-5960687483a5d3d99093c9d6ab64e11c9bde7f7b.tar.gz sssd-5960687483a5d3d99093c9d6ab64e11c9bde7f7b.tar.xz sssd-5960687483a5d3d99093c9d6ab64e11c9bde7f7b.zip