[systemd-commits] 2 commits - src/core src/libsystemd

Lennart Poettering lennart at kemper.freedesktop.org
Wed Nov 26 10:03:17 PST 2014 

 src/core/dbus.c                |    8 ++++++++
 src/core/selinux-access.c      |    3 ++-
 src/libsystemd/sd-bus/sd-bus.c |    4 +++-
 3 files changed, 13 insertions(+), 2 deletions(-)

New commits:
commit cf226cfc24fec9d47a0c822188737656150356bb
Author: Lennart Poettering <lennart at poettering.net>
Date:   Wed Nov 26 18:59:31 2014 +0100

    sd-bus: make sure that when we connect to the system bus we have enough creds to make security decisions

diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 6b01c0c..ea056d8 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -1096,7 +1096,8 @@ _public_ int sd_bus_open(sd_bus **ret) {
         /* We don't know whether the bus is trusted or not, so better
          * be safe, and authenticate everything */
         b->trusted = false;
-        b->attach_flags |= KDBUS_ATTACH_CAPS | KDBUS_ATTACH_CREDS | KDBUS_ATTACH_PIDS;
+        b->attach_flags |= KDBUS_ATTACH_CAPS | KDBUS_ATTACH_CREDS;
+        b->creds_mask |= SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_EFFECTIVE_CAPS;
 
         r = sd_bus_start(b);
         if (r < 0)
@@ -1142,6 +1143,7 @@ _public_ int sd_bus_open_system(sd_bus **ret) {
          * need the caller's UID and capability set for that. */
         b->trusted = false;
         b->attach_flags |= KDBUS_ATTACH_CAPS | KDBUS_ATTACH_CREDS;
+        b->creds_mask |= SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_EFFECTIVE_CAPS;
 
         r = sd_bus_start(b);
         if (r < 0)

commit 8fd00193803fd20bed163832ec4d0d5ba2958b87
Author: Lennart Poettering <lennart at poettering.net>
Date:   Wed Nov 26 18:57:37 2014 +0100

    core: make sure we have enough information when doing selinux decisions
    
    Let's ask for the security relevant bits in a race-free way, and augment
    the rest from /proc.

diff --git a/src/core/dbus.c b/src/core/dbus.c
index ec1c0d4..e23d36f 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -776,6 +776,14 @@ static int bus_setup_api(Manager *m, sd_bus *bus) {
         assert(m);
         assert(bus);
 
+        /* Let's make sure we have enough credential bits so that we can make security and selinux decisions */
+        r = sd_bus_negotiate_creds(bus, 1,
+                                   SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
+                                   SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
+                                   SD_BUS_CREDS_SELINUX_CONTEXT);
+        if (r < 0)
+                log_warning("Failed to enable credential passing, ignoring: %s", strerror(-r));
+
         r = bus_setup_api_vtables(m, bus);
         if (r < 0)
                 return r;
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index a4694b3..a50dec3 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -207,7 +207,8 @@ int mac_selinux_generic_access_check(
                         message,
                         SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|SD_BUS_CREDS_GID|
                         SD_BUS_CREDS_CMDLINE|SD_BUS_CREDS_AUDIT_LOGIN_UID|
-                        SD_BUS_CREDS_SELINUX_CONTEXT,
+                        SD_BUS_CREDS_SELINUX_CONTEXT|
+                        SD_BUS_CREDS_AUGMENT /* get more bits from /proc */,
                         &creds);
         if (r < 0)
                 goto finish;

More information about the systemd-commits mailing list