ipc: Get socket dir via secure_getenv()
Using /var/run means needing privilege to run.
This commit is contained in:
@@ -339,7 +339,8 @@ connect_unix(struct path_ctx *s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
common_path_init(const char *service,
|
common_path_init(const char *base,
|
||||||
|
const char *service,
|
||||||
const char *file,
|
const char *file,
|
||||||
void **ctx)
|
void **ctx)
|
||||||
{
|
{
|
||||||
@@ -350,7 +351,7 @@ common_path_init(const char *service,
|
|||||||
return ENOMEM;
|
return ENOMEM;
|
||||||
s->fd = -1;
|
s->fd = -1;
|
||||||
|
|
||||||
if (asprintf(&s->path, "/var/run/.heim_%s-%s", service, file) == -1) {
|
if (asprintf(&s->path, "%s/.heim_%s-%s", base, service, file) == -1) {
|
||||||
free(s);
|
free(s);
|
||||||
return ENOMEM;
|
return ENOMEM;
|
||||||
}
|
}
|
||||||
@@ -363,9 +364,10 @@ static int
|
|||||||
unix_socket_init(const char *service,
|
unix_socket_init(const char *service,
|
||||||
void **ctx)
|
void **ctx)
|
||||||
{
|
{
|
||||||
|
const char *base = secure_getenv("HEIM_IPC_DIR");
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
ret = common_path_init(service, "socket", ctx);
|
ret = common_path_init(base ? base : _PATH_VARRUN, service, "socket", ctx);
|
||||||
if (ret)
|
if (ret)
|
||||||
return ret;
|
return ret;
|
||||||
ret = connect_unix(*ctx);
|
ret = connect_unix(*ctx);
|
||||||
@@ -438,10 +440,11 @@ static int
|
|||||||
door_init(const char *service,
|
door_init(const char *service,
|
||||||
void **ctx)
|
void **ctx)
|
||||||
{
|
{
|
||||||
|
const char *base = secure_getenv("HEIM_IPC_DIR");
|
||||||
int ret;
|
int ret;
|
||||||
struct path_ctx *d;
|
struct path_ctx *d;
|
||||||
|
|
||||||
ret = common_path_init(service, "door", ctx);
|
ret = common_path_init(base ? base : _PATH_VARRUN, service, "door", ctx);
|
||||||
if (ret)
|
if (ret)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
|
@@ -1094,12 +1094,15 @@ heim_sipc_service_unix(const char *service,
|
|||||||
void *user, heim_sipc *ctx)
|
void *user, heim_sipc *ctx)
|
||||||
{
|
{
|
||||||
struct sockaddr_un un;
|
struct sockaddr_un un;
|
||||||
|
const char *d = secure_getenv("HEIM_IPC_DIR");
|
||||||
int fd, ret;
|
int fd, ret;
|
||||||
|
|
||||||
un.sun_family = AF_UNIX;
|
un.sun_family = AF_UNIX;
|
||||||
|
|
||||||
snprintf(un.sun_path, sizeof(un.sun_path),
|
if (snprintf(un.sun_path, sizeof(un.sun_path),
|
||||||
"/var/run/.heim_%s-socket", service);
|
"%s/.heim_%s-socket", d ? d : _PATH_VARRUN,
|
||||||
|
service) > sizeof(un.sun_path) + sizeof("-s") - 1)
|
||||||
|
return ENAMETOOLONG;
|
||||||
fd = socket(AF_UNIX, SOCK_STREAM, 0);
|
fd = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return errno;
|
return errno;
|
||||||
@@ -1276,7 +1279,11 @@ heim_sipc_service_door(const char *service,
|
|||||||
ct->userctx = user;
|
ct->userctx = user;
|
||||||
ct->callback = callback;
|
ct->callback = callback;
|
||||||
|
|
||||||
snprintf(path, sizeof(path), "/var/run/.heim_%s-door", service);
|
if (snprintf(path, sizeof(path), "/var/run/.heim_%s-door",
|
||||||
|
service) >= sizeof(path) + sizeof("-d") - 1) {
|
||||||
|
ret = ENAMETOOLONG;
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
fd = door_create(door_callback, ct, DOOR_REFUSE_DESC | DOOR_NO_CANCEL);
|
fd = door_create(door_callback, ct, DOOR_REFUSE_DESC | DOOR_NO_CANCEL);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
ret = errno;
|
ret = errno;
|
||||||
|
Reference in New Issue
Block a user