| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
It corrrectly handles both positive and negative errno values.
|
|
As a followup to 086891e5c1 "log: add an "error" parameter to all
low-level logging calls and intrdouce log_error_errno() as log calls
that take error numbers", use sed to convert the simple cases to use
the new macros:
find . -name '*.[ch]' | xargs sed -r -i -e \
's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/'
Multi-line log_*() invocations are not covered.
And we also should add log_unit_*_errno().
|
|
- actually return permission errors to clients
- use the right ucreds field
- fix error paths when we cannot keep track of locally acquired names
due to OOM
- avoid unnecessary global variables
- log when the policy denies access
- enforce correct policy rule order
- always request all the metadata its we need to make decisions
|
|
|
|
it passes with the bus proxy enforcement
|
|
|
|
We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.
Test cases amended accordingly.
|
|
Just some cleanups around policy checks that came up during review.
The code is still not productive.
|
|
|
|
Both as documentation, and to make Coverity happy.
Fixes CID #1241495 and #1241496.
|
|
Instead of operating on an sd_bus_message object, expose an API that has 4
functions:
policy_check_own()
policy_check_hello()
policy_check_recv()
policy_check_send()
This also allows dropping extra code to parse message contents - the bus
proxy already has dedicated code paths for that, and we can hook into
those later.
Tests amended accordingly.
|
|
Add policy_check() to actually check whether an incoming message is allowed
by the policy. The code is not yet used from the proxy daemon, though.
|
|
|
|
This function is quite useful for debugging. Exiting from it seems
unnecessary.
|
|
Instead of making the function call itself recursively.
|
|
Do the lookup during parsing already, and set i->uid, or i->gid to the
numerical values.
|
|
|
|
In the D-Bus policy, the order of items matters, so make sure to store them
in the same order as they are parsed by the sax parser.
|
|
|
|
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
|
|
One missing string found.
A few things had to be moved around to make it possible to test them.
|
|
|
|
|
|
|
|
Lets allow LC_ALL=C without corrupted output
|
|
|
|
|
|
Enforcement is still missing, but at least we can parse it now.
|
