X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=udevd.c;h=efcb65bb53f3d78da04a723d213f90e0e3332fd9;hb=d1fb871d99db38c7704d8e583ff5e0a00e713837;hp=104cb2b9877c92894190b7de93cc6e40637b7e5c;hpb=f8911dbb0404902502085c7bb204f2f9c5bc1b9c;p=elogind.git

diff --git a/udevd.c b/udevd.c
index 104cb2b98..efcb65bb5 100644
--- a/udevd.c
+++ b/udevd.c
@@ -51,12 +51,17 @@ LIST_HEAD(running_list);
 static void exec_queue_manager(void);
 static void msg_queue_manager(void);
 
-unsigned char logname[42];
-
-int log_ok(void)
+#ifdef LOG
+unsigned char logname[LOGNAME_SIZE];
+void log_message (int level, const char *format, ...)
 {
-	return 1;
+	va_list	args;
+
+	va_start(args, format);
+	vsyslog(level, format, args);
+	va_end(args);
 }
+#endif
 
 static void msg_dump_queue(void)
 {
@@ -114,8 +119,8 @@ static void msg_queue_insert(struct hotplug_msg *msg)
 static void udev_run(struct hotplug_msg *msg)
 {
 	pid_t pid;
-	char action[32];
-	char devpath[256];
+	char action[ACTION_SIZE];
+	char devpath[DEVPATH_SIZE];
 	char *env[] = { action, devpath, NULL };
 
 	snprintf(action, sizeof(action), "ACTION=%s", msg->action);
@@ -222,6 +227,11 @@ static void handle_msg(int sock)
 {
 	struct hotplug_msg *msg;
 	int retval;
+	struct msghdr smsg;
+	struct cmsghdr *cmsg;
+	struct iovec iov;
+	struct ucred *cred;
+	char cred_msg[CMSG_SPACE(sizeof(struct ucred))];
 
 	msg = msg_create();
 	if (msg == NULL) {
@@ -229,17 +239,37 @@ static void handle_msg(int sock)
 		return;
 	}
 
-	retval = recv(sock, msg, sizeof(struct hotplug_msg), 0);
+	iov.iov_base = msg;
+	iov.iov_len = sizeof(struct hotplug_msg);
+
+	memset(&smsg, 0x00, sizeof(struct msghdr));
+	smsg.msg_iov = &iov;
+	smsg.msg_iovlen = 1;
+	smsg.msg_control = cred_msg;
+	smsg.msg_controllen = sizeof(cred_msg);
+
+	retval = recvmsg(sock, &smsg, 0);
 	if (retval <  0) {
 		if (errno != EINTR)
 			dbg("unable to receive message");
 		return;
 	}
-	
+	cmsg = CMSG_FIRSTHDR(&smsg);
+	cred = (struct ucred *) CMSG_DATA(cmsg);
+
+	if (cmsg == NULL || cmsg->cmsg_type != SCM_CREDENTIALS) {
+		dbg("no sender credentials received, message ignored");
+		goto skip;
+	}
+
+	if (cred->uid != 0) {
+		dbg("sender uid=%i, message ignored", cred->uid);
+		goto skip;
+	}
+
 	if (strncmp(msg->magic, UDEV_MAGIC, sizeof(UDEV_MAGIC)) != 0 ) {
 		dbg("message magic '%s' doesn't match, ignore it", msg->magic);
-		free(msg);
-		return;
+		goto skip;
 	}
 
 	/* if no seqnum is given, we move straight to exec queue */
@@ -249,6 +279,11 @@ static void handle_msg(int sock)
 	} else {
 		msg_queue_insert(msg);
 	}
+	return;
+
+skip:
+	free(msg);
+	return;
 }
 
 static void sig_handler(int signum)
@@ -289,9 +324,16 @@ int main(int argc, char *argv[])
 	struct sockaddr_un saddr;
 	socklen_t addrlen;
 	int retval;
+	const int on = 1;
 	struct sigaction act;
 
 	init_logging("udevd");
+	dbg("version %s", UDEV_VERSION);
+
+	if (getuid() != 0) {
+		dbg("need to be root, exit");
+		exit(1);
+	}
 
 	/* set signal handler */
 	act.sa_handler = sig_handler;
@@ -313,17 +355,20 @@ int main(int argc, char *argv[])
 
 	ssock = socket(AF_LOCAL, SOCK_DGRAM, 0);
 	if (ssock == -1) {
-		dbg("error getting socket");
+		dbg("error getting socket, exit");
 		exit(1);
 	}
 
 	/* the bind takes care of ensuring only one copy running */
 	retval = bind(ssock, (struct sockaddr *) &saddr, addrlen);
 	if (retval < 0) {
-		dbg("bind failed\n");
+		dbg("bind failed, exit");
 		goto exit;
 	}
 
+	/* enable receiving of the sender credentials */
+	setsockopt(ssock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on));
+
 	while (1) {
 		handle_msg(ssock);