maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nix-daemon: Only print connection info if we have SO_PEERCRED

Browse source
This commit is contained in:
Eelco Dolstra 2014-07-17 15:41:11 +02:00
parent 8f72e702a1
commit 77c972c898
1 changed files with 12 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

21
src/nix-daemon/nix-daemon.cc
View file

@ -854,22 +854,25 @@ static void daemonLoop()
closeOnExec(remote);
/* Get the identity of the caller, if possible. */
uid_t clientUid = -1;
pid_t clientPid = -1;
bool trusted = false;
pid_t clientPid = -1;
#if defined(SO_PEERCRED)
/* Get the identity of the caller, if possible. */
uid_t clientUid = -1;
ucred cred;
socklen_t credLen = sizeof(cred);
if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) != -1) {
clientPid = cred.pid;
clientUid = cred.uid;
if (clientUid == 0) trusted = true;
}
#endif
if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1)
throw SysError("getting peer credentials");
clientPid = cred.pid;
clientUid = cred.uid;
if (clientUid == 0) trusted = true;
printMsg(lvlInfo, format("accepted connection from pid %1%, uid %2%") % clientPid % clientUid);
#endif
/* Fork a child to handle the connection. */
startProcess([&]() {