syslog: use PassCred=yes for the /dev/log socket

Both kmsg-syslogd and the real syslog service want to receive
SCM_CREDENTIALS. With socket activation it is too late to set
SO_PASSCRED in the services.

diff --git a/src/kmsg-syslogd.c b/src/kmsg-syslogd.c
index 0901a0e49bffb47965918f9f38fbaa6d11dad9cb..7fd69f858428f79380f047aa448d5bfb463b3014 100644 (file)
--- a/src/kmsg-syslogd.c
+++ b/src/kmsg-syslogd.c
@@ -91,7 +91,7 @@ static int server_init(Server *s, unsigned n_sockets) {
         }
 
         for (i = 0; i < n_sockets; i++) {
-                int fd, one = 1;
+                int fd;
 
                 fd = SD_LISTEN_FDS_START+i;
 
@@ -106,9 +106,6 @@ static int server_init(Server *s, unsigned n_sockets) {
                         goto fail;
                 }
 
-                if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
-                        log_error("SO_PASSCRED failed: %m");
-
                 zero(ev);
                 ev.events = EPOLLIN;
                 ev.data.fd = fd;

diff --git a/units/syslog.socket b/units/syslog.socket
index 500bb7c3149b3ef653b1b7bc9fb6271d1d5755ae..e74b55948e8d4baa47282ea4fdf1edec19ea79de 100644 (file)
--- a/units/syslog.socket
+++ b/units/syslog.socket
@@ -18,6 +18,7 @@ Wants=syslog.target
 [Socket]
 ListenDatagram=/dev/log
 SocketMode=0666
+PassCred=yes
 
 # The service we activate on incoming traffic is
 # systemd-kmsg-syslogd.service. That doesn't mean however, that this