From 5960687483a5d3d99093c9d6ab64e11c9bde7f7b Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Tue, 7 Oct 2014 11:30:01 +0200
Subject: SBUS: Chown the sbus socket if needed

When setting up the sbus server, we might need to chown the sbus socket
to make sure non-root peers, running as the SSSD user are able to access
the file.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
---
 src/monitor/monitor.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/monitor')

diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
index df1cd5ca1..b6777784c 100644
--- a/src/monitor/monitor.c
+++ b/src/monitor/monitor.c
@@ -515,7 +515,11 @@ static int monitor_dbus_init(struct mt_ctx *ctx)
         return ret;
     }
 
-    ret = sbus_new_server(ctx, ctx->ev, monitor_address,
+    /* If a service is running as unprivileged user, we need to make sure this
+     * user can access the monitor sbus server. root is still king, so we don't
+     * lose any access.
+     */
+    ret = sbus_new_server(ctx, ctx->ev, monitor_address, ctx->uid, ctx->gid,
                           false, &ctx->sbus_srv, monitor_service_init, ctx);
 
     talloc_free(monitor_address);
-- 
cgit