chiark / gitweb /
~ianmdlvl / elogind.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9c3349e) | patch
journal: call connect() with dropped privileges
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Thu, 1 Jan 2015 03:40:41 +0000 (04:40 +0100)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Mon, 5 Jan 2015 19:12:58 +0000 (14:12 -0500)
commit524daa8c3e2bd63ad9dbc24711cdcfb45a65b2db
tree2a15cff09799dca02bf99580a89a28da8f94d691tree | snapshot
parent9c3349e23b14db27e7ba45f82cf647899c563ea9commit | diff
journal: call connect() with dropped privileges

When systemd starts a service, it first opened /run/systemd/journal/stdout
socket, and only later switched to the right user.group (if they are
specified). Later on, journald looked at the credentials, and saw
root.root, because credentials are stored at the time the socket is
opened. As a result, all messages passed over _TRANSPORT=stdout were
logged with _UID=0, _GID=0.

Drop real uid and gid temporarily to fix the issue.
src/core/execute.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.