diff options
author | Daniel Mack <daniel@zonque.org> | 2014-09-20 04:34:30 +0200 |
---|---|---|
committer | Daniel Mack <daniel@zonque.org> | 2014-09-20 18:47:45 +0200 |
commit | 9eacea6b51bb86fb2c066bd4fa7cba28a17d12f3 (patch) | |
tree | ada9f65368f33a075850fa4e59343396710c1afe /src | |
parent | c3502b59ec4e58a877003050e6c2fc668eee3129 (diff) |
bus-policy: resolve [ug]id of POLICY_ITEM_{USER,GROUP}
Do the lookup during parsing already, and set i->uid, or i->gid to the
numerical values.
Diffstat (limited to 'src')
-rw-r--r-- | src/bus-proxyd/bus-policy.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c index 2c4708dd77..ab16cda32b 100644 --- a/src/bus-proxyd/bus-policy.c +++ b/src/bus-proxyd/bus-policy.c @@ -525,8 +525,36 @@ static int file_load(Policy *p, const char *path) { return -EINVAL; } + switch (i->class) { + case POLICY_ITEM_USER: + if (!streq(name, "*")) { + const char *u = name; + + r = get_user_creds(&u, &i->uid, NULL, NULL, NULL); + if (r < 0) + log_error("Failed to resolve user %s: %s", name, strerror(-r)); + else + i->uid_valid = true; + } + break; + case POLICY_ITEM_GROUP: + if (!streq(name, "*")) { + const char *g = name; + + r = get_group_creds(&g, &i->gid); + if (r < 0) + log_error("Failed to resolve group %s: %s", name, strerror(-r)); + else + i->gid_valid = true; + } + break; + default: + break; + } + i->name = name; name = NULL; + state = STATE_ALLOW_DENY; } else { log_error("Unexpected token (14) in %s:%u.", path, line); |