From aa871e019f00493dfa53b48f906132bf94eeae9f Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Tue, 7 Oct 2014 19:44:44 +0200
Subject: SBUS: Allow connections from other UIDs

Unless dbus_connection_set_unix_user_function() is used, D-Bus only
allows connections from UID 0. This patch adds a custom checker function
that allows either UID 0 or the pre-configured SSSD user ID.

Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
---
 src/monitor/monitor.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/monitor')

diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
index b6777784..fc6b2963 100644
--- a/src/monitor/monitor.c
+++ b/src/monitor/monitor.c
@@ -2392,6 +2392,9 @@ static int monitor_service_init(struct sbus_connection *conn, void *data)
     mini->ctx = ctx;
     mini->conn = conn;
 
+    /* Allow access from the SSSD user */
+    sbus_allow_uid(conn, &ctx->uid);
+
     /* 10 seconds should be plenty */
     tv = tevent_timeval_current_ofs(10, 0);
 
-- 
cgit