diff options
author | Lennart Poettering <lennart@poettering.net> | 2010-06-19 16:57:54 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2010-06-19 16:57:54 +0200 |
commit | 4d0e5dbd52291ae49740adb006bfc2595b953ec5 (patch) | |
tree | ee8b72d08b0945914b8aaf652222987cc33935e9 /src/socket.c | |
parent | 399ab2b1ac07be5afa9708b3280d4e1a4cceb5b8 (diff) |
service: require KillMode=control-group when PAM is enabled
Diffstat (limited to 'src/socket.c')
-rw-r--r-- | src/socket.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/socket.c b/src/socket.c index ccbe4326c1..7a8624c848 100644 --- a/src/socket.c +++ b/src/socket.c @@ -153,7 +153,12 @@ static int socket_verify(Socket *s) { } if (s->accept && s->max_connections <= 0) { - log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->meta.id); + log_error("%s's MaxConnection setting too small. Refusing.", s->meta.id); + return -EINVAL; + } + + if (s->exec_context.pam_name && s->kill_mode != KILL_CONTROL_GROUP) { + log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", s->meta.id); return -EINVAL; } |