swap: restore support for nofail

[elogind.git] / src / core / dbus.c

diff --git a/src/core/dbus.c b/src/core/dbus.c
index 185057b624e31d1ac2fea781fc145a6d3ae0806f..e23d36fddcd1bb8f3a81b6dddc4d4103bc1fb9e9 100644 (file)
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -776,6 +776,14 @@ static int bus_setup_api(Manager *m, sd_bus *bus) {
         assert(m);
         assert(bus);
 
+        /* Let's make sure we have enough credential bits so that we can make security and selinux decisions */
+        r = sd_bus_negotiate_creds(bus, 1,
+                                   SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
+                                   SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
+                                   SD_BUS_CREDS_SELINUX_CONTEXT);
+        if (r < 0)
+                log_warning("Failed to enable credential passing, ignoring: %s", strerror(-r));
+
         r = bus_setup_api_vtables(m, bus);
         if (r < 0)
                 return r;
@@ -974,11 +982,10 @@ static int bus_init_private(Manager *m) {
                 left = strpcpy(&p, left, "/systemd/private");
 
                 salen = sizeof(sa.un) - left;
-
-                mkdir_parents_label(sa.un.sun_path, 0755);
         }
 
-        unlink(sa.un.sun_path);
+        (void) mkdir_parents_label(sa.un.sun_path, 0755);
+        (void) unlink(sa.un.sun_path);
 
         fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
         if (fd < 0) {
@@ -1181,7 +1188,7 @@ int bus_track_deserialize_item(char ***l, const char *line) {
 
         e = startswith(line, "subscribed=");
         if (!e)
-                return 0;
+                return -EINVAL;
 
         return strv_extend(l, e);
 }