Since Linux 3.2 in order to receive SCM_CREDENTIALS it is not sufficient
to set SO_PASSCRED just before recvmsg(). The option has to be already
set when the sender sends the message.
With socket activation it is too late to set the option in the service.
It must be set on the socket right from the start.
See the kernel commit:
16e57262 af_unix: dont send SCM_CREDENTIALS by default
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=757628
};
int r = EXIT_FAILURE, n_fds;
};
int r = EXIT_FAILURE, n_fds;
struct shutdownd_command c;
struct pollfd pollfd[_FD_MAX];
bool exec_shutdown = false, unlink_nologin = false, failed = false;
struct shutdownd_command c;
struct pollfd pollfd[_FD_MAX];
bool exec_shutdown = false, unlink_nologin = false, failed = false;
- if (setsockopt(SD_LISTEN_FDS_START, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) {
- log_error("SO_PASSCRED failed: %m");
- return EXIT_FAILURE;
- }
-
[Socket]
ListenDatagram=/run/systemd/shutdownd
SocketMode=0600
[Socket]
ListenDatagram=/run/systemd/shutdownd
SocketMode=0600