diff options
Diffstat (limited to 'src/timesync/timesyncd.c')
-rw-r--r-- | src/timesync/timesyncd.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c index 962285f7b1..bea800171b 100644 --- a/src/timesync/timesyncd.c +++ b/src/timesync/timesyncd.c @@ -66,6 +66,7 @@ static int load_clock_timestamp(uid_t uid, gid_t gid) { if (r < 0) return log_error_errno(errno, "Failed to change file access mode: %m"); r = fchown(fd, uid, gid); + if (r < 0) return log_error_errno(errno, "Failed to change file owner: %m"); } @@ -96,7 +97,7 @@ static int load_clock_timestamp(uid_t uid, gid_t gid) { int main(int argc, char *argv[]) { _cleanup_(manager_freep) Manager *m = NULL; const char *user = "systemd-timesync"; - uid_t uid; + uid_t uid, uid_current; gid_t gid; int r; @@ -113,10 +114,15 @@ int main(int argc, char *argv[]) { goto finish; } - r = get_user_creds(&user, &uid, &gid, NULL, NULL); - if (r < 0) { - log_error_errno(r, "Cannot resolve user name %s: %m", user); - goto finish; + uid = uid_current = geteuid(); + gid = getegid(); + + if (uid_current == 0) { + r = get_user_creds(&user, &uid, &gid, NULL, NULL); + if (r < 0) { + log_error_errno(r, "Cannot resolve user name %s: %m", user); + goto finish; + } } r = load_clock_timestamp(uid, gid); @@ -125,7 +131,7 @@ int main(int argc, char *argv[]) { /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all * privileges are already dropped. */ - if (geteuid() == 0) { + if (uid_current == 0) { r = drop_privileges(uid, gid, (1ULL << CAP_SYS_TIME)); if (r < 0) goto finish; |