Commit 2b930b9d authored by Jussi Laakkonen's avatar Jussi Laakkonen

[storage] Limit user change reqs, vpnd crash recovery with timeouts. JB#49506

1) Record D-Bus pending call to restrict one user change call to be made
at a time. If there is a pending call report back EBUSY to differentiate
that process from the EALREADY reported when user is already set as the
one that is requested.

2) Send current uid to vpnd if it restarts after crash. This is achieved
by implementing a service watcher for vpnd that sets a bool for sending
the current uid to vpnd when it comes back to keep connmand and vpnd
synchronized. Removal detection is used to avoid sending the user change
when services are starting.

storage.c now also saves the current uid that was required for the vpnd
synchronization. This allows for more robust error replies in case the
uid is already set.

Added uid changed callback and use of it in uid changes. In order to
support both connmand and vpnd the notify functionality must be added as
a callback. Vpnd does not use notify, nor it does to save the uid.

When getting a reply from vpnd the uid in the request data may equal the
current_uid in case when vpnd has crashed and connmand has sent a user
change message after detecting vpnd to be back online. It is feasible to
stop processing at that point to avoid additional unnecessary calls to
be made.

In error cases when returning to root user use geteuid() instead of 0 as
uid.

3) Add functionality for sending a delayed user change when a) there is
already a pending user change waiting for a reply (timeout) b) a service
or D-Bus related error is reported back. This enables better error
tolerance and handling the potential crashes in between user change
process.
parent c0ae879d
......@@ -307,6 +307,9 @@ struct connman_storage_callbacks {
/* Additional data to be passed on finalize callback */
void *finalize_user_data;
/* Callback for notifying about user change. */
void (*uid_changed) (uid_t uid);
/* Callback to create access policy for connmand storage.*/
struct connman_access_storage_policy* (*access_policy_create)
(const char *spec);
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment