chiark / gitweb /
bus-proxy: make sure sure eavesdrop= XML attributes are properly handled
[elogind.git] / src / bus-proxyd / bus-xml-policy.c
index ac0e14b..9e4cc45 100644 (file)
@@ -279,9 +279,8 @@ static int file_load(Policy *p, const char *path) {
                                         ic = POLICY_ITEM_GROUP;
                                 else if (streq(name, "eavesdrop")) {
                                         log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
-                                        i->class = POLICY_ITEM_IGNORE;
                                         state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
-                                        break;
+                                        ic = POLICY_ITEM_RECV; /* eavesdrop is a type of receive attribute match! */
                                 } else {
                                         log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
                                         state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
@@ -289,7 +288,7 @@ static int file_load(Policy *p, const char *path) {
                                 }
 
                                 if (i->class != _POLICY_ITEM_CLASS_UNSET && ic != i->class) {
-                                        log_error("send_ and receive_ fields mixed on same tag at %s:%u.", path, line);
+                                        log_error("send_, receive_/eavesdrop fields mixed on same tag at %s:%u.", path, line);
                                         return -EINVAL;
                                 }
 
@@ -838,7 +837,7 @@ bool policy_check_recv(Policy *p,
         verdict = policy_check(p, &filter);
 
         log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
-                 "Recieve permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s interface=%s path=%s member=%s: %s",
+                 "Receive permission check for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s interface=%s path=%s member=%s: %s",
                  uid, gid, bus_message_type_to_string(message_type), strna(name), strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
 
         return verdict == ALLOW;