diff options
Diffstat (limited to 'dbus/dbus-sysdeps-unix.c')
| -rw-r--r-- | dbus/dbus-sysdeps-unix.c | 52 |
1 files changed, 48 insertions, 4 deletions
diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 19858dd3..64d925d9 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -71,6 +71,10 @@ #include <ucred.h> #endif +#ifdef HAVE_ADT +#include <bsm/adt.h> +#endif + #ifndef O_BINARY #define O_BINARY 0 #endif @@ -1260,6 +1264,37 @@ _dbus_read_credentials_socket (int client_fd, { pid_read = ucred_getpid (ucred); uid_read = ucred_geteuid (ucred); +#ifdef HAVE_ADT + /* generate audit session data based on socket ucred */ + adt_session_data_t *adth = NULL; + adt_export_data_t *data = NULL; + size_t size = 0; + if (adt_start_session (&adth, NULL, 0) || (adth == NULL)) + { + _dbus_verbose ("Failed to adt_start_session(): %s\n", _dbus_strerror (errno)); + } + else + { + if (adt_set_from_ucred (adth, ucred, ADT_NEW)) + { + _dbus_verbose ("Failed to adt_set_from_ucred(): %s\n", _dbus_strerror (errno)); + } + else + { + size = adt_export_session_data (adth, &data); + if (size <= 0) + { + _dbus_verbose ("Failed to adt_export_session_data(): %s\n", _dbus_strerror (errno)); + } + else + { + _dbus_credentials_add_adt_audit_data (credentials, data, size); + free (data); + } + } + (void) adt_end_session (adth); + } +#endif /* HAVE_ADT */ } else { @@ -2848,7 +2883,10 @@ _dbus_get_autolaunch_address (DBusString *address, if (pid == 0) { /* child process */ - int fd = open ("/dev/null", O_RDWR); + int maxfds; + int fd; + + fd = open ("/dev/null", O_RDWR); if (fd == -1) /* huh?! can't open /dev/null? */ _exit (1); @@ -2869,9 +2907,15 @@ _dbus_get_autolaunch_address (DBusString *address, if (dup2 (errors_pipe[WRITE_END], 2) == -1) _exit (1); - close (fd); - close (address_pipe[WRITE_END]); - close (errors_pipe[WRITE_END]); + maxfds = sysconf (_SC_OPEN_MAX); + /* Pick something reasonable if for some reason sysconf + * says unlimited. + */ + if (maxfds < 0) + maxfds = 1024; + /* close all inherited fds */ + for (i = 3; i < maxfds; i++) + close (i); execv (DBUS_BINDIR "/dbus-launch", argv); |