From 144715efed149cf7d0bb16a9c404f05222b71159 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Tue, 24 Jul 2018 10:44:23 +0200 Subject: [PATCH] Add log for invalid system service owner id System services (uid < 5000) should always use "/System" owner id. Eiter by explicitly adding it to the alias or by running with "System" label. Add log to make the reason of the failure more apparent. Change-Id: I1be9861eadcae6eadd6d682b4cc66972c93d1728 --- src/manager/service/ckm-logic.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index 635f8b9..f3c2154 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -1224,8 +1224,10 @@ int CKMLogic::saveDataHelper( const ClientId &owner = explicitOwner.empty() ? cred.client : explicitOwner; if (m_accessControl.isSystemService(cred) && - owner.compare(CLIENT_ID_SYSTEM) != 0) + owner.compare(CLIENT_ID_SYSTEM) != 0) { + LogError("System services can only use " << CLIENT_ID_SYSTEM << " as owner id") ; return CKM_API_ERROR_INPUT_PARAM; + } // check if save is possible DB::Crypto::Transaction transaction(&handler.database); -- 2.7.4