X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Flogin%2Flogind-acl.c;h=2df2ba2c17fb0b38f0d3d81efe39390ecda18f2a;hb=5a330cda0ce47bd333a4cf2c559031788a26e62a;hp=eb8a48d191f03189df4ed1a243dc3d0352811780;hpb=4bba9156da3e1df2cee24d10d7cd88c776ef4179;p=elogind.git
diff --git a/src/login/logind-acl.c b/src/login/logind-acl.c
index eb8a48d19..2df2ba2c1 100644
--- a/src/login/logind-acl.c
+++ b/src/login/logind-acl.c
@@ -6,28 +6,29 @@
Copyright 2011 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+ Lesser General Public License for more details.
- You should have received a copy of the GNU General Public License
+ You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see .
***/
#include
-#include
-#include
#include
#include
+#include
+#include
-#include "logind-acl.h"
#include "util.h"
#include "acl-util.h"
+#include "set.h"
+#include "logind-acl.h"
static int flush_acl(acl_t acl) {
acl_entry_t i;
@@ -179,23 +180,33 @@ int devnode_acl_all(struct udev *udev,
struct udev_list_entry *item = NULL, *first = NULL;
struct udev_enumerate *e;
+ Set *nodes;
+ Iterator i;
+ char *n;
+ _cleanup_closedir_ DIR *dir = NULL;
+ struct dirent *dent;
int r;
assert(udev);
- if (isempty(seat))
- seat = "seat0";
+ nodes = set_new(string_hash_func, string_compare_func);
+ if (!nodes)
+ return -ENOMEM;
e = udev_enumerate_new(udev);
- if (!e)
- return -ENOMEM;
+ if (!e) {
+ r = -ENOMEM;
+ goto finish;
+ }
+
+ if (isempty(seat))
+ seat = "seat0";
/* We can only match by one tag in libudev. We choose
* "uaccess" for that. If we could match for two tags here we
* could add the seat name as second match tag, but this would
* be hardly optimizable in libudev, and hence checking the
* second tag manually in our loop is a good solution. */
-
r = udev_enumerate_add_match_tag(e, "uaccess");
if (r < 0)
goto finish;
@@ -231,18 +242,52 @@ int devnode_acl_all(struct udev *udev,
continue;
}
- log_debug("Fixing up %s for seat %s...", node, sn);
-
- r = devnode_acl(node, flush, del, old_uid, add, new_uid);
+ n = strdup(node);
udev_device_unref(d);
+ if (!n)
+ goto finish;
+ log_debug("Found udev node %s for seat %s", n, seat);
+ r = set_put(nodes, n);
if (r < 0)
goto finish;
}
-finish:
- if (e)
- udev_enumerate_unref(e);
+ /* udev exports "dead" device nodes to allow module on-demand loading,
+ * these devices are not known to the kernel at this moment */
+ dir = opendir("/run/udev/static_node-tags/uaccess");
+ if (dir) {
+ FOREACH_DIRENT(dent, dir, r = -errno; goto finish) {
+ _cleanup_free_ char *unescaped_devname = NULL;
+
+ unescaped_devname = cunescape(dent->d_name);
+ if (unescaped_devname == NULL) {
+ r = -ENOMEM;
+ goto finish;
+ }
+
+ n = strappend("/dev/", unescaped_devname);
+ if (!n) {
+ r = -ENOMEM;
+ goto finish;
+ }
+
+ log_debug("Found static node %s for seat %s", n, seat);
+ r = set_put(nodes, n);
+ if (r < 0 && r != -EEXIST)
+ goto finish;
+ else
+ r = 0;
+ }
+ }
+
+ SET_FOREACH(n, nodes, i) {
+ log_debug("Fixing up ACLs at %s for seat %s", n, seat);
+ r = devnode_acl(n, flush, del, old_uid, add, new_uid);
+ }
+finish:
+ udev_enumerate_unref(e);
+ set_free_free(nodes);
return r;
}