[systemd-commits] src/core
Zbigniew Jędrzejewski-Szmek
zbyszek at kemper.freedesktop.org
Sat Apr 19 20:28:32 PDT 2014
src/core/socket.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
New commits:
commit d38f6e34a618e2d100b06888e0810f776eb83510
Author: Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
Date: Sat Apr 19 21:58:03 2014 -0400
Handle Unix domain socket connections from outside our namespace v2
This is a second attempt at 9754d56, reverted in 2f20a8e, because
I lost a 'break;' when moving chunks around.
diff --git a/src/core/socket.c b/src/core/socket.c
index 7c18a2b..536904f 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -663,16 +663,22 @@ static int instance_from_socket(int fd, unsigned nr, char **instance) {
int k;
k = getpeercred(fd, &ucred);
- if (k < 0)
+ if (k >= 0) {
+ if (asprintf(&r,
+ "%u-"PID_FMT"-"UID_FMT,
+ nr, ucred.pid, ucred.uid) < 0)
+ return -ENOMEM;
+ } else if (k == -ENODATA) {
+ /* This handles the case where somebody is
+ * connecting from another pid/uid namespace
+ * (e.g. from outside of our container). */
+ if (asprintf(&r,
+ "%u-unknown",
+ nr) < 0)
+ return -ENOMEM;
+ } else
return k;
- if (asprintf(&r,
- "%u-%lu-%lu",
- nr,
- (unsigned long) ucred.pid,
- (unsigned long) ucred.uid) < 0)
- return -ENOMEM;
-
break;
}
More information about the systemd-commits
mailing list