diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-07 19:44:44 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 15:44:21 +0200 |
commit | aa871e019f00493dfa53b48f906132bf94eeae9f (patch) | |
tree | 4e3d060f9727e21349d07aa9b6c36f4e8ecef5d7 /src/sbus/sssd_dbus.h | |
parent | 5960687483a5d3d99093c9d6ab64e11c9bde7f7b (diff) | |
download | sssd-aa871e019f00493dfa53b48f906132bf94eeae9f.tar.gz sssd-aa871e019f00493dfa53b48f906132bf94eeae9f.tar.xz sssd-aa871e019f00493dfa53b48f906132bf94eeae9f.zip |
SBUS: Allow connections from other UIDs
Unless dbus_connection_set_unix_user_function() is used, D-Bus only
allows connections from UID 0. This patch adds a custom checker function
that allows either UID 0 or the pre-configured SSSD user ID.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/sbus/sssd_dbus.h')
-rw-r--r-- | src/sbus/sssd_dbus.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/sbus/sssd_dbus.h b/src/sbus/sssd_dbus.h index d01926368..5b128eaed 100644 --- a/src/sbus/sssd_dbus.h +++ b/src/sbus/sssd_dbus.h @@ -209,6 +209,10 @@ int sbus_conn_send(struct sbus_connection *conn, void sbus_conn_send_reply(struct sbus_connection *conn, DBusMessage *reply); +/* Set up D-BUS access control. If there is a SSSD user, we must allow + * him to connect. root is always allowed */ +void sbus_allow_uid(struct sbus_connection *conn, uid_t *uid); + /* * This structure is passed to all dbus method and property * handlers. It is a talloc context which will be valid until |