Add log for invalid system service owner id

System services (uid < 5000) should always use "/System" owner id.
Eiter by explicitly adding it to the alias or by running with "System"
label. Add log to make the reason of the failure more apparent.

Change-Id: I1be9861eadcae6eadd6d682b4cc66972c93d1728

diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp
index 635f8b9..f3c2154 100644 (file)
--- a/src/manager/service/ckm-logic.cpp
+++ b/src/manager/service/ckm-logic.cpp
@@ -1224,8 +1224,10 @@ int CKMLogic::saveDataHelper(
        const ClientId &owner = explicitOwner.empty() ? cred.client : explicitOwner;
 
        if (m_accessControl.isSystemService(cred) &&
-                       owner.compare(CLIENT_ID_SYSTEM) != 0)
+                       owner.compare(CLIENT_ID_SYSTEM) != 0) {
+               LogError("System services can only use " << CLIENT_ID_SYSTEM << " as owner id") ;
                return CKM_API_ERROR_INPUT_PARAM;
+       }
 
        // check if save is possible
        DB::Crypto::Transaction transaction(&handler.database);