X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;ds=sidebyside;f=src%2Fcore%2Fmanager.c;h=6a755975fb6d6739d05e8c7340b12bb89a340ecc;hb=08c6f819cb0ed435649583da02fa0de965b32dbe;hp=badf19e9548c91b4f801169d8244e97f406f200f;hpb=626851be97b4332fc0401d754c81ae7bbc0f5dc4;p=elogind.git

diff --git a/src/core/manager.c b/src/core/manager.c
index badf19e95..6a755975f 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -22,9 +22,7 @@
 #include <assert.h>
 #include <errno.h>
 #include <string.h>
-#include <sys/epoll.h>
 #include <signal.h>
-#include <sys/signalfd.h>
 #include <sys/wait.h>
 #include <unistd.h>
 #include <sys/poll.h>
@@ -428,7 +426,13 @@ static int manager_setup_kdbus(Manager *m) {
                 return m->kdbus_fd;
         }
 
-        log_info("Successfully set up kdbus on %s", p);
+        log_debug("Successfully set up kdbus on %s", p);
+
+        /* Create the namespace directory here, so that the contents
+         * of that directory is not visible to non-root users. This is
+         * necessary to ensure that users cannot get access to busses
+         * of virtualized users when no UID namespacing is used. */
+        mkdir_p_label("/dev/kdbus/ns", 0700);
 #endif
 
         return 0;
@@ -1078,7 +1082,7 @@ int manager_load_unit_prepare(
                 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
 
         if (!name)
-                name = path_get_file_name(path);
+                name = basename(path);
 
         t = unit_name_to_type(name);
 
@@ -1633,7 +1637,7 @@ static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t
         }
 
         if (sigchld)
-                return manager_dispatch_sigchld(m);
+                manager_dispatch_sigchld(m);
 
         return 0;
 }
@@ -2172,7 +2176,7 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
                 } else if (startswith(l, "kdbus-fd=")) {
                         int fd;
 
-                        if (safe_atoi(l + 9, &fd) < 0 || !fdset_contains(fds, fd))
+                        if (safe_atoi(l + 9, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
                                 log_debug("Failed to parse kdbus fd: %s", l + 9);
                         else {
                                 if (m->kdbus_fd >= 0)
@@ -2211,10 +2215,8 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
         }
 
 finish:
-        if (ferror(f)) {
+        if (ferror(f))
                 r = -EIO;
-                goto finish;
-        }
 
         assert(m->n_reloading > 0);
         m->n_reloading --;