summaryrefslogtreecommitdiff
path: root/src/socket.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2010-06-19 16:57:54 +0200
committerLennart Poettering <lennart@poettering.net>2010-06-19 16:57:54 +0200
commit4d0e5dbd52291ae49740adb006bfc2595b953ec5 (patch)
treeee8b72d08b0945914b8aaf652222987cc33935e9 /src/socket.c
parent399ab2b1ac07be5afa9708b3280d4e1a4cceb5b8 (diff)
service: require KillMode=control-group when PAM is enabled
Diffstat (limited to 'src/socket.c')
-rw-r--r--src/socket.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/socket.c b/src/socket.c
index ccbe4326c1..7a8624c848 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -153,7 +153,12 @@ static int socket_verify(Socket *s) {
}
if (s->accept && s->max_connections <= 0) {
- log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->meta.id);
+ log_error("%s's MaxConnection setting too small. Refusing.", s->meta.id);
+ return -EINVAL;
+ }
+
+ if (s->exec_context.pam_name && s->kill_mode != KILL_CONTROL_GROUP) {
+ log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", s->meta.id);
return -EINVAL;
}