From 6811dc0646d92f0c668cbf3ce5a6426e273c4abf Mon Sep 17 00:00:00 2001
From: Michal Schmidt <mschmidt@redhat.com>
Date: Tue, 29 Nov 2011 23:14:36 +0100
Subject: [PATCH] shutdownd: use PassCred=yes in the socket unit

Since Linux 3.2 in order to receive SCM_CREDENTIALS it is not sufficient
to set SO_PASSCRED just before recvmsg(). The option has to be already
set when the sender sends the message.

With socket activation it is too late to set the option in the service.
It must be set on the socket right from the start.

See the kernel commit:
16e57262 af_unix: dont send SCM_CREDENTIALS by default

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=757628
(cherry picked from commit 75d3fc60f88e08bf953063819a8a04b881d6db23)
---
 src/shutdownd.c                |    6 ------
 units/systemd-shutdownd.socket |    1 +
 2 files changed, 1 insertions(+), 6 deletions(-)

diff --git a/src/shutdownd.c b/src/shutdownd.c
index 0ffa8b2..46856b0 100644
--- a/src/shutdownd.c
+++ b/src/shutdownd.c
@@ -173,7 +173,6 @@ int main(int argc, char *argv[]) {
         };
 
         int r = EXIT_FAILURE, n_fds;
-        int one = 1;
         struct shutdownd_command c;
         struct pollfd pollfd[_FD_MAX];
         bool exec_shutdown = false, unlink_nologin = false, failed = false;
@@ -205,11 +204,6 @@ int main(int argc, char *argv[]) {
                 return EXIT_FAILURE;
         }
 
-        if (setsockopt(SD_LISTEN_FDS_START, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) {
-                log_error("SO_PASSCRED failed: %m");
-                return EXIT_FAILURE;
-        }
-
         zero(c);
         zero(pollfd);
 
diff --git a/units/systemd-shutdownd.socket b/units/systemd-shutdownd.socket
index bc0358a..13b6c7a 100644
--- a/units/systemd-shutdownd.socket
+++ b/units/systemd-shutdownd.socket
@@ -15,3 +15,4 @@ Before=sockets.target
 [Socket]
 ListenDatagram=/run/systemd/shutdownd
 SocketMode=0600
+PassCred=yes
-- 
1.7.7.5