RESPONDER: check that configured sockets match

Check if the sockets defined in systemd unit and sssd.conf match. If they don't, then print a warning message. Moreover, change man page regarding socket_path option to indicate that it will be overwritten by systemd's unit file. Resolves: #5406 Reviewed-by: Pavel Březina <[email protected]>
SSSD · Feb 19, 2021 · f890fc4 · f890fc4
1 parent fd7ce7b
commit f890fc4
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/src/man/sssd-kcm.8.xml b/src/man/sssd-kcm.8.xml
@@ -203,6 +203,13 @@ systemctl restart sssd-kcm.service
                     <para>
                         Default: <replaceable>/var/run/.heim_org.h5l.kcm-socket</replaceable>
                     </para>
+                    <para>
+                        <phrase condition="have_systemd">
+                            Note: on platforms where systemd is supported, the
+                            socket path is overwritten by the one defined in
+                            the sssd-kcm.socket unit file.
+                        </phrase>
+                    </para>
                 </listitem>
             </varlistentry>
             <varlistentry>

diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
@@ -1001,6 +1001,8 @@ int activate_unix_sockets(struct resp_ctx *rctx,
                           connection_setup_t conn_setup)
 {
     int ret;
+    struct sockaddr_un sockaddr;
+    socklen_t sockaddr_len = sizeof(sockaddr);
 
 #ifdef HAVE_SYSTEMD
     if (rctx->lfd == -1 && rctx->priv_lfd == -1) {
@@ -1032,6 +1034,15 @@ int activate_unix_sockets(struct resp_ctx *rctx,
                 goto done;
             }
 
+            ret = getsockname(rctx->lfd, (struct sockaddr *) &sockaddr, &sockaddr_len);
+            if (ret == EOK) {
+                if (memcmp(rctx->sock_name, sockaddr.sun_path, strlen(rctx->sock_name)) != 0) {
+                    DEBUG(SSSDBG_CONF_SETTINGS,
+                          "Warning: socket path defined in systemd unit (%s) and sssd.conf (%s) don't match\n",
+                          sockaddr.sun_path, rctx->sock_name);
+                }
+            }
+
             ret = sss_fd_nonblocking(rctx->lfd);
             if (ret != EOK) goto done;
             if (numfds == 2) {