summaryrefslogtreecommitdiff
path: root/src/login
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-03-17 18:14:26 +0100
committerLennart Poettering <lennart@poettering.net>2014-03-17 18:15:57 +0100
commitbf34ab149f3038686bc75e1592179abac1700322 (patch)
tree42a953b9e17ef1614a890f699f245c84bd6a831b /src/login
parent7366b080b324caf66e2ca1671f8ce7f57ace7553 (diff)
sd-login: add calls that retrieve credentials of peers connected to AF_UNIX peers
This is supposed to be an extension of SO_PEERCRED and SO_PEERSEC, except for cgroup information.
Diffstat (limited to 'src/login')
-rw-r--r--src/login/sd-login.c91
-rw-r--r--src/login/test-login.c7
2 files changed, 93 insertions, 5 deletions
diff --git a/src/login/sd-login.c b/src/login/sd-login.c
index 4ad250eb37..d24b2ed1fd 100644
--- a/src/login/sd-login.c
+++ b/src/login/sd-login.c
@@ -81,8 +81,93 @@ _public_ int sd_pid_get_owner_uid(pid_t pid, uid_t *uid) {
return cg_pid_get_owner_uid(pid, uid);
}
+_public_ int sd_peer_get_session(int fd, char **session) {
+ struct ucred ucred;
+ int r;
+
+ assert_return(fd >= 0, -EINVAL);
+ assert_return(session, -EINVAL);
+
+ r = getpeercred(fd, &ucred);
+ if (r < 0)
+ return r;
+
+ return cg_pid_get_session(ucred.pid, session);
+}
+
+_public_ int sd_peer_get_owner_uid(int fd, uid_t *uid) {
+ struct ucred ucred;
+ int r;
+
+ assert_return(fd >= 0, -EINVAL);
+ assert_return(uid, -EINVAL);
+
+ r = getpeercred(fd, &ucred);
+ if (r < 0)
+ return r;
+
+ return cg_pid_get_owner_uid(ucred.pid, uid);
+}
+
+_public_ int sd_peer_get_unit(int fd, char **unit) {
+ struct ucred ucred;
+ int r;
+
+ assert_return(fd >= 0, -EINVAL);
+ assert_return(unit, -EINVAL);
+
+ r = getpeercred(fd, &ucred);
+ if (r < 0)
+ return r;
+
+ return cg_pid_get_unit(ucred.pid, unit);
+}
+
+_public_ int sd_peer_get_user_unit(int fd, char **unit) {
+ struct ucred ucred;
+ int r;
+
+ assert_return(fd >= 0, -EINVAL);
+ assert_return(unit, -EINVAL);
+
+ r = getpeercred(fd, &ucred);
+ if (r < 0)
+ return r;
+
+ return cg_pid_get_user_unit(ucred.pid, unit);
+}
+
+_public_ int sd_peer_get_machine_name(int fd, char **machine) {
+ struct ucred ucred;
+ int r;
+
+ assert_return(fd >= 0, -EINVAL);
+ assert_return(machine, -EINVAL);
+
+ r = getpeercred(fd, &ucred);
+ if (r < 0)
+ return r;
+
+ return cg_pid_get_machine_name(ucred.pid, machine);
+}
+
+_public_ int sd_peer_get_slice(int fd, char **slice) {
+ struct ucred ucred;
+ int r;
+
+ assert_return(fd >= 0, -EINVAL);
+ assert_return(slice, -EINVAL);
+
+ r = getpeercred(fd, &ucred);
+ if (r < 0)
+ return r;
+
+ return cg_pid_get_slice(ucred.pid, slice);
+}
+
_public_ int sd_uid_get_state(uid_t uid, char**state) {
- char *p, *s = NULL;
+ _cleanup_free_ char *p = NULL;
+ char *s = NULL;
int r;
assert_return(state, -EINVAL);
@@ -91,16 +176,12 @@ _public_ int sd_uid_get_state(uid_t uid, char**state) {
return -ENOMEM;
r = parse_env_file(p, NEWLINE, "STATE", &s, NULL);
- free(p);
-
if (r == -ENOENT) {
free(s);
s = strdup("offline");
if (!s)
return -ENOMEM;
- *state = s;
- return 0;
} else if (r < 0) {
free(s);
return r;
diff --git a/src/login/test-login.c b/src/login/test-login.c
index d78cea46af..2ab083bb71 100644
--- a/src/login/test-login.c
+++ b/src/login/test-login.c
@@ -28,6 +28,8 @@
#include "strv.h"
static void test_login(void) {
+ _cleanup_close_pipe_ int pair[2] = { -1, -1 };
+ _cleanup_free_ char *pp = NULL, *qq = NULL;
int r, k;
uid_t u, u2;
char *seat, *type, *class, *display, *remote_user, *remote_host;
@@ -47,6 +49,11 @@ static void test_login(void) {
assert_se(sd_pid_get_owner_uid(0, &u2) == 0);
printf("user = %lu\n", (unsigned long) u2);
+ assert_se(socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == 0);
+ sd_peer_get_session(pair[0], &pp);
+ sd_peer_get_session(pair[1], &qq);
+ assert_se(streq_ptr(pp, qq));
+
r = sd_uid_get_sessions(u2, false, &sessions);
assert_se(r >= 0);
assert_se(r == (int) strv_length(sessions));