summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Mack <daniel@zonque.org>2014-09-20 04:34:30 +0200
committerDaniel Mack <daniel@zonque.org>2014-09-20 18:47:45 +0200
commit9eacea6b51bb86fb2c066bd4fa7cba28a17d12f3 (patch)
treeada9f65368f33a075850fa4e59343396710c1afe
parentc3502b59ec4e58a877003050e6c2fc668eee3129 (diff)
bus-policy: resolve [ug]id of POLICY_ITEM_{USER,GROUP}
Do the lookup during parsing already, and set i->uid, or i->gid to the numerical values.
-rw-r--r--src/bus-proxyd/bus-policy.c28
1 files changed, 28 insertions, 0 deletions
diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c
index 2c4708dd77..ab16cda32b 100644
--- a/src/bus-proxyd/bus-policy.c
+++ b/src/bus-proxyd/bus-policy.c
@@ -525,8 +525,36 @@ static int file_load(Policy *p, const char *path) {
return -EINVAL;
}
+ switch (i->class) {
+ case POLICY_ITEM_USER:
+ if (!streq(name, "*")) {
+ const char *u = name;
+
+ r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
+ if (r < 0)
+ log_error("Failed to resolve user %s: %s", name, strerror(-r));
+ else
+ i->uid_valid = true;
+ }
+ break;
+ case POLICY_ITEM_GROUP:
+ if (!streq(name, "*")) {
+ const char *g = name;
+
+ r = get_group_creds(&g, &i->gid);
+ if (r < 0)
+ log_error("Failed to resolve group %s: %s", name, strerror(-r));
+ else
+ i->gid_valid = true;
+ }
+ break;
+ default:
+ break;
+ }
+
i->name = name;
name = NULL;
+
state = STATE_ALLOW_DENY;
} else {
log_error("Unexpected token (14) in %s:%u.", path, line);