diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-07 19:44:44 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 15:44:21 +0200 |
commit | aa871e019f00493dfa53b48f906132bf94eeae9f (patch) | |
tree | 4e3d060f9727e21349d07aa9b6c36f4e8ecef5d7 /src/monitor | |
parent | 5960687483a5d3d99093c9d6ab64e11c9bde7f7b (diff) | |
download | sssd-aa871e019f00493dfa53b48f906132bf94eeae9f.tar.gz sssd-aa871e019f00493dfa53b48f906132bf94eeae9f.tar.xz sssd-aa871e019f00493dfa53b48f906132bf94eeae9f.zip |
SBUS: Allow connections from other UIDs
Unless dbus_connection_set_unix_user_function() is used, D-Bus only
allows connections from UID 0. This patch adds a custom checker function
that allows either UID 0 or the pre-configured SSSD user ID.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/monitor')
-rw-r--r-- | src/monitor/monitor.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index b6777784c..fc6b2963f 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -2392,6 +2392,9 @@ static int monitor_service_init(struct sbus_connection *conn, void *data) mini->ctx = ctx; mini->conn = conn; + /* Allow access from the SSSD user */ + sbus_allow_uid(conn, &ctx->uid); + /* 10 seconds should be plenty */ tv = tevent_timeval_current_ofs(10, 0); |