X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fmanager.c;h=6a755975fb6d6739d05e8c7340b12bb89a340ecc;hb=08c6f819cb0ed435649583da02fa0de965b32dbe;hp=a168589e389725ed5ec7be089e7de1bb138e4b0f;hpb=e3dd987cfc395848256fc6eae637ed0eaf5f1635;p=elogind.git

diff --git a/src/core/manager.c b/src/core/manager.c
index a168589e3..6a755975f 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -22,9 +22,7 @@
 #include <assert.h>
 #include <errno.h>
 #include <string.h>
-#include <sys/epoll.h>
 #include <signal.h>
-#include <sys/signalfd.h>
 #include <sys/wait.h>
 #include <unistd.h>
 #include <sys/poll.h>
@@ -414,6 +412,7 @@ static int manager_setup_kdbus(Manager *m) {
 
         assert(m);
 
+#ifdef ENABLE_KDBUS
         if (m->kdbus_fd >= 0)
                 return 0;
 
@@ -421,13 +420,21 @@ static int manager_setup_kdbus(Manager *m) {
         if (m->running_as == SYSTEMD_USER && getenv("DBUS_SESSION_BUS_ADDRESS"))
                 return 0;
 
-        m->kdbus_fd = bus_kernel_create(m->running_as == SYSTEMD_SYSTEM ? "system" : "user", &p);
+        m->kdbus_fd = bus_kernel_create_bus(m->running_as == SYSTEMD_SYSTEM ? "system" : "user", &p);
         if (m->kdbus_fd < 0) {
                 log_debug("Failed to set up kdbus: %s", strerror(-m->kdbus_fd));
                 return m->kdbus_fd;
         }
 
-        log_info("Successfully set up kdbus on %s", p);
+        log_debug("Successfully set up kdbus on %s", p);
+
+        /* Create the namespace directory here, so that the contents
+         * of that directory is not visible to non-root users. This is
+         * necessary to ensure that users cannot get access to busses
+         * of virtualized users when no UID namespacing is used. */
+        mkdir_p_label("/dev/kdbus/ns", 0700);
+#endif
+
         return 0;
 }
 
@@ -1075,7 +1082,7 @@ int manager_load_unit_prepare(
                 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
 
         if (!name)
-                name = path_get_file_name(path);
+                name = basename(path);
 
         t = unit_name_to_type(name);
 
@@ -1630,7 +1637,7 @@ static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t
         }
 
         if (sigchld)
-                return manager_dispatch_sigchld(m);
+                manager_dispatch_sigchld(m);
 
         return 0;
 }
@@ -2169,7 +2176,7 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
                 } else if (startswith(l, "kdbus-fd=")) {
                         int fd;
 
-                        if (safe_atoi(l + 9, &fd) < 0 || !fdset_contains(fds, fd))
+                        if (safe_atoi(l + 9, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
                                 log_debug("Failed to parse kdbus fd: %s", l + 9);
                         else {
                                 if (m->kdbus_fd >= 0)
@@ -2208,10 +2215,8 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
         }
 
 finish:
-        if (ferror(f)) {
+        if (ferror(f))
                 r = -EIO;
-                goto finish;
-        }
 
         assert(m->n_reloading > 0);
         m->n_reloading --;