From: David Herrmann <dh.herrmann@gmail.com>
Date: Sat, 17 Jan 2015 17:23:33 +0000 (+0100)
Subject: bus-proxy: drop privileges if run as root
X-Git-Tag: v219~464
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=a80a3a7543975d1268692937d9d1884c6ee6e301

bus-proxy: drop privileges if run as root

We cannot use "User=" in unit-files if we want to retain privileges. So
make bus-proxy.c explicitly drop privileges. However, only do that if
we're root, as there is no need to drop it on the user-bus.
---

diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 72e11467b..3cf35f408 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -292,12 +292,29 @@ static int parse_argv(int argc, char *argv[]) {
 }
 
 int main(int argc, char *argv[]) {
+        const char *user = "systemd-bus-proxy";
         int r, accept_fd;
+        uid_t uid;
+        gid_t gid;
 
         log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
         log_parse_environment();
         log_open();
 
+        if (geteuid() == 0) {
+                r = get_user_creds(&user, &uid, &gid, NULL, NULL);
+                if (r < 0) {
+                        log_error_errno(r, "Cannot resolve user name %s: %m", user);
+                        goto finish;
+                }
+
+                r = drop_privileges(uid, gid, 1ULL << CAP_IPC_OWNER);
+                if (r < 0) {
+                        log_error_errno(r, "Cannot drop privileges: %m");
+                        goto finish;
+                }
+        }
+
         r = parse_argv(argc, argv);
         if (r <= 0)
                 goto finish;