Implement SocketUser= and SocketGroup= for [Socket]

[elogind.git] / src / core / dbus-socket.c

diff --git a/src/core/dbus-socket.c b/src/core/dbus-socket.c
index b2045225d71d154aee58fdbfa128bb9613dfc8e4..887c80eb893605a54a47f1960a8771174da1cbe5 100644 (file)
--- a/src/core/dbus-socket.c
+++ b/src/core/dbus-socket.c
@@ -26,6 +26,7 @@
 #include "dbus-execute.h"
 #include "dbus-kill.h"
 #include "dbus-common.h"
 #include "dbus-execute.h"
 #include "dbus-kill.h"
 #include "dbus-common.h"

+#include "selinux-access.h"

 
 #define BUS_SOCKET_INTERFACE                                            \
         " <interface name=\"org.freedesktop.systemd1.Socket\">\n"       \
 
 #define BUS_SOCKET_INTERFACE                                            \
         " <interface name=\"org.freedesktop.systemd1.Socket\">\n"       \


@@ -42,6 +43,8 @@
         "  <property name=\"BindToDevice\" type=\"s\" access=\"read\"/>\n" \
         "  <property name=\"DirectoryMode\" type=\"u\" access=\"read\"/>\n" \
         "  <property name=\"SocketMode\" type=\"u\" access=\"read\"/>\n" \
         "  <property name=\"BindToDevice\" type=\"s\" access=\"read\"/>\n" \
         "  <property name=\"DirectoryMode\" type=\"u\" access=\"read\"/>\n" \
         "  <property name=\"SocketMode\" type=\"u\" access=\"read\"/>\n" \

+        "  <property name=\"SocketUser\" type=\"s\" access=\"read\"/>\n" \
+        "  <property name=\"SocketGroup\" type=\"s\" access=\"read\"/>\n" \

         "  <property name=\"Accept\" type=\"b\" access=\"read\"/>\n"    \
         "  <property name=\"KeepAlive\" type=\"b\" access=\"read\"/>\n" \
         "  <property name=\"Priority\" type=\"i\" access=\"read\"/>\n"  \
         "  <property name=\"Accept\" type=\"b\" access=\"read\"/>\n"    \
         "  <property name=\"KeepAlive\" type=\"b\" access=\"read\"/>\n" \
         "  <property name=\"Priority\" type=\"i\" access=\"read\"/>\n"  \


@@ -62,6 +65,9 @@
         "  <property name=\"MessageQueueMaxMessages\" type=\"x\" access=\"read\"/>\n" \
         "  <property name=\"MessageQueueMessageSize\" type=\"x\" access=\"read\"/>\n" \
         "  <property name=\"Result\" type=\"s\" access=\"read\"/>\n"    \
         "  <property name=\"MessageQueueMaxMessages\" type=\"x\" access=\"read\"/>\n" \
         "  <property name=\"MessageQueueMessageSize\" type=\"x\" access=\"read\"/>\n" \
         "  <property name=\"Result\" type=\"s\" access=\"read\"/>\n"    \

+        "  <property name=\"SmackLabel\" type=\"s\" access=\"read\"/>\n" \
+        "  <property name=\"SmackLabelIPIn\" type=\"s\" access=\"read\"/>\n" \
+        "  <property name=\"SmackLabelIPOut\" type=\"s\" access=\"read\"/>\n" \

         " </interface>\n"                                               \
 
 #define INTROSPECTION                                                   \
         " </interface>\n"                                               \
 
 #define INTROSPECTION                                                   \


@@ -105,6 +111,8 @@ static const BusProperty bus_socket_properties[] = {
         { "BindToDevice",   bus_property_append_string,        "s", offsetof(Socket, bind_to_device), true },
         { "DirectoryMode",  bus_property_append_mode,          "u", offsetof(Socket, directory_mode)  },
         { "SocketMode",     bus_property_append_mode,          "u", offsetof(Socket, socket_mode)     },
         { "BindToDevice",   bus_property_append_string,        "s", offsetof(Socket, bind_to_device), true },
         { "DirectoryMode",  bus_property_append_mode,          "u", offsetof(Socket, directory_mode)  },
         { "SocketMode",     bus_property_append_mode,          "u", offsetof(Socket, socket_mode)     },

+        { "SocketUser",     bus_property_append_string,        "s", offsetof(Socket, socket_user),    true },
+        { "SocketGroup",    bus_property_append_string,        "s", offsetof(Socket, socket_group),   true },

         { "Accept",         bus_property_append_bool,          "b", offsetof(Socket, accept)          },
         { "KeepAlive",      bus_property_append_bool,          "b", offsetof(Socket, keep_alive)      },
         { "Priority",       bus_property_append_int,           "i", offsetof(Socket, priority)        },
         { "Accept",         bus_property_append_bool,          "b", offsetof(Socket, accept)          },
         { "KeepAlive",      bus_property_append_bool,          "b", offsetof(Socket, keep_alive)      },
         { "Priority",       bus_property_append_int,           "i", offsetof(Socket, priority)        },


@@ -125,6 +133,9 @@ static const BusProperty bus_socket_properties[] = {
         { "MessageQueueMaxMessages", bus_property_append_long, "x", offsetof(Socket, mq_maxmsg)       },
         { "MessageQueueMessageSize", bus_property_append_long, "x", offsetof(Socket, mq_msgsize)      },
         { "Result",         bus_socket_append_socket_result,   "s", offsetof(Socket, result)          },
         { "MessageQueueMaxMessages", bus_property_append_long, "x", offsetof(Socket, mq_maxmsg)       },
         { "MessageQueueMessageSize", bus_property_append_long, "x", offsetof(Socket, mq_msgsize)      },
         { "Result",         bus_socket_append_socket_result,   "s", offsetof(Socket, result)          },

+        { "SmackLabel",     bus_property_append_string,        "s", offsetof(Socket, smack),          true },
+        { "SmackLabelIPIn", bus_property_append_string,        "s", offsetof(Socket, smack_ip_in),    true },
+        { "SmackLabelIPOut",bus_property_append_string,        "s", offsetof(Socket, smack_ip_out),   true },

         { NULL, }
 };
 
         { NULL, }
 };
 


@@ -138,5 +149,7 @@ DBusHandlerResult bus_socket_message_handler(Unit *u, DBusConnection *c, DBusMes
                 { NULL, }
         };
 
                 { NULL, }
         };
 

+        SELINUX_UNIT_ACCESS_CHECK(u, c, message, "status");
+

         return bus_default_message_handler(c, message, INTROSPECTION, INTERFACES_LIST, bps);
 }
         return bus_default_message_handler(c, message, INTROSPECTION, INTERFACES_LIST, bps);
 }