6355e75610a8d47fc3ba5ab8bd442172a2cfe574 |
|
27-Nov-2015 |
Lennart Poettering <lennart@poettering.net> |
selinux: split up mac_selinux_have() from mac_selinux_use()
Let's distuingish the cases where our code takes an active role in
selinux management, or just passively reports whatever selinux
properties are set.
mac_selinux_have() now checks whether selinux is around for the passive
stuff, and mac_selinux_use() for the active stuff. The latter checks the
former, plus also checks UID == 0, under the assumption that only when
we run priviliged selinux management really makes sense.
Fixes: #1941 |
a0f5ab70f367aa105bee3be4b1bb5fa27ec522d1 |
|
16-Sep-2015 |
Michal Schmidt <mschmidt@redhat.com> |
sd-bus: correct size calculation in DBus fd receive
The size of the allocated array for received file descriptors was
incorrectly calculated. This did not matter when a single file
descriptor was received, but for more descriptors the allocation was
insufficient. |
30494563f235b21c6583f7476b8ee35e9f5f8048 |
|
12-Jul-2015 |
Tom Gundersen <teg@jklm.no> |
basic: util - fix errorhandling in unhexmem()
We were ignoring failures from unhexchar, which meant that invalid
hex characters were being turned into garbage rather than the string
rejected.
Fix this by making unhexmem return an error code, also change the API
slightly, to return the size of the returned memory, reflecting the
fact that the memory is a binary blob,and not a string.
For convenience, still append a trailing NULL byte to the returned
memory (not included in the returned size), allowing callers to
treat it as a string without doing a second copy. |
d868f2a3a1cc97b1e081b7692e80a1182efccda4 |
|
10-Jun-2015 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
sd-bus: do not use per-datagram auxiliary information
SELinux information cannot be retrieved this way, since we are
using stream unix sockets and SCM_SECURITY does not work for
them.
SCM_CREDENTIALS use dropped to be consistent. We also should
get this information at connection time.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
"SCM_SECURITY was only added for datagram sockets." |
0674bbea9ce0958512411962c2d1623d88dad0b4 |
|
23-Apr-2015 |
Lennart Poettering <lennart@poettering.net> |
core: explicitly specify credentials for direct connections, too
So far we authenticate direct connections primarily at connection time,
but let's also do this for each method individually, by attaching the
creds we need for that right away. |
f8294e4175918117ca6c131720bcf287eadcd029 |
|
16-Mar-2014 |
Josh Triplett <josh@joshtriplett.org> |
Use strlen even for constant strings
GCC optimizes strlen("string constant") to a constant, even with -O0.
Thus, replace patterns like sizeof("string constant")-1 with
strlen("string constant") where possible, for clarity. In particular,
for expressions intended to add up the lengths of components going into
a string, this often makes it clearer that the expression counts the
trailing '\0' exactly once, by putting the +1 for the '\0' at the end of
the expression, rather than hidden in a sizeof in the middle of the
expression. |