From: Michal Schmidt <mschmidt@redhat.com>
Date: Tue, 29 Nov 2011 22:14:36 +0000 (+0100)
Subject: shutdownd: use PassCred=yes in the socket unit
X-Git-Tag: v38~184
X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=75d3fc60f88e08bf953063819a8a04b881d6db23;p=systemd

shutdownd: use PassCred=yes in the socket unit

Since Linux 3.2 in order to receive SCM_CREDENTIALS it is not sufficient
to set SO_PASSCRED just before recvmsg(). The option has to be already
set when the sender sends the message.

With socket activation it is too late to set the option in the service.
It must be set on the socket right from the start.

See the kernel commit:
16e57262 af_unix: dont send SCM_CREDENTIALS by default

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=757628
---

diff --git a/src/shutdownd.c b/src/shutdownd.c
index 0ffa8b28..46856b01 100644
--- a/src/shutdownd.c
+++ b/src/shutdownd.c
@@ -173,7 +173,6 @@ int main(int argc, char *argv[]) {
         };
 
         int r = EXIT_FAILURE, n_fds;
-        int one = 1;
         struct shutdownd_command c;
         struct pollfd pollfd[_FD_MAX];
         bool exec_shutdown = false, unlink_nologin = false, failed = false;
@@ -205,11 +204,6 @@ int main(int argc, char *argv[]) {
                 return EXIT_FAILURE;
         }
 
-        if (setsockopt(SD_LISTEN_FDS_START, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) {
-                log_error("SO_PASSCRED failed: %m");
-                return EXIT_FAILURE;
-        }
-
         zero(c);
         zero(pollfd);
 
diff --git a/units/systemd-shutdownd.socket b/units/systemd-shutdownd.socket
index bc0358a3..13b6c7a5 100644
--- a/units/systemd-shutdownd.socket
+++ b/units/systemd-shutdownd.socket
@@ -15,3 +15,4 @@ Before=sockets.target
 [Socket]
 ListenDatagram=/run/systemd/shutdownd
 SocketMode=0600
+PassCred=yes