X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fload-fragment.c;h=06e3031d65cd51ed50e392c45ee3dac7e2aae74e;hb=fc6c7fe9becdd70ae6b671c396f2ad2db0b71cd7;hp=5628d8c910df94530471c462a33568feb08d5144;hpb=b5d742138f71e87312541a89aac5657015f50f48;p=elogind.git

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 5628d8c91..06e3031d6 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -33,6 +33,8 @@
 #include <sys/stat.h>
 #include <sys/time.h>
 #include <sys/resource.h>
+#include <sys/types.h>
+#include <grp.h>
 
 #ifdef HAVE_SECCOMP
 #include <seccomp.h>
@@ -1606,6 +1608,89 @@ int config_parse_busname_service(
         return 0;
 }
 
+int config_parse_bus_policy(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        _cleanup_free_ BusNamePolicy *p = NULL;
+        _cleanup_free_ char *id_str = NULL;
+        BusName *busname = data;
+        char *access_str;
+        int r;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+        assert(data);
+
+        p = new0(BusNamePolicy, 1);
+        if (!p)
+                return log_oom();
+
+        if (streq(lvalue, "AllowUser"))
+                p->type = BUSNAME_POLICY_TYPE_USER;
+        else if (streq(lvalue, "AllowGroup"))
+                p->type = BUSNAME_POLICY_TYPE_GROUP;
+        else if (streq(lvalue, "AllowWorld"))
+                p->type = BUSNAME_POLICY_TYPE_WORLD;
+        else
+                assert_not_reached("Unknown lvalue");
+
+        id_str = strdup(rvalue);
+        if (!id_str)
+                return log_oom();
+
+        if (p->type != BUSNAME_POLICY_TYPE_WORLD) {
+                access_str = strchr(id_str, ' ');
+                if (!access_str) {
+                        log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Invalid busname policy value '%s'", rvalue);
+                        return 0;
+                }
+
+                *access_str = '\0';
+                access_str++;
+
+                if (p->type == BUSNAME_POLICY_TYPE_USER) {
+                        const char *user = id_str;
+
+                        r = get_user_creds(&user, &p->uid, NULL, NULL, NULL);
+                        if (r < 0) {
+                                log_syntax(unit, LOG_ERR, filename, line, r, "Unable to parse uid from '%s'", id_str);
+                                return 0;
+                        }
+                } else {
+                        const char *group = id_str;
+
+                        r = get_group_creds(&group, &p->gid);
+                        if (r < 0) {
+                                log_syntax(unit, LOG_ERR, filename, line, -errno, "Unable to parse gid from '%s'", id_str);
+                                return 0;
+                        }
+                }
+        } else {
+                access_str = id_str;
+        }
+
+        p->access = busname_policy_access_from_string(access_str);
+        if (p->access < 0) {
+                log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Invalid busname policy access type '%s'", access_str);
+                return 0;
+        }
+
+        LIST_PREPEND(policy, busname->policy, p);
+        p = NULL;
+
+        return 0;
+}
+
 int config_parse_unit_env_file(const char *unit,
                                const char *filename,
                                unsigned line,
@@ -2122,7 +2207,10 @@ int config_parse_syscall_filter(
                         set_remove(c->syscall_filter, INT_TO_PTR(id + 1));
         }
 
-        c->no_new_privileges = true;
+        /* Turn on NNP, but only if it wasn't configured explicitly
+         * before, and only if we are in user mode. */
+        if (!c->no_new_privileges_set && u->manager->running_as == SYSTEMD_USER)
+                c->no_new_privileges = true;
 
         return 0;
 }
@@ -2902,6 +2990,38 @@ int config_parse_namespace_path_strv(
         return 0;
 }
 
+int config_parse_no_new_priviliges(
+                const char* unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        ExecContext *c = data;
+        int k;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+        assert(data);
+
+        k = parse_boolean(rvalue);
+        if (k < 0) {
+                log_syntax(unit, LOG_ERR, filename, line, -k, "Failed to parse boolean value, ignoring: %s", rvalue);
+                return 0;
+        }
+
+        c->no_new_privileges = !!k;
+        c->no_new_privileges_set = true;
+
+        return 0;
+}
+
 #define FOLLOW_MAX 8
 
 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {