diff options
author | Ondrej Holy <oholy@redhat.com> | 2021-03-30 10:34:11 +0200 |
---|---|---|
committer | Ondrej Holy <oholy@redhat.com> | 2021-03-31 15:56:31 +0200 |
commit | 8af5e1ba9a63224f30a5dc9d91c9cce711dd16da (patch) | |
tree | ba609382036b0cf20622f44df8ba45ea8bab49c6 | |
parent | 303675c98c399790560c80c792dd9a28bd6a4c69 (diff) | |
download | gvfs-8af5e1ba9a63224f30a5dc9d91c9cce711dd16da.tar.gz |
daemon: Fix socket owner for gvfsd-admin
Recently, GVfs switched from abstract sockets to named sockets. The
named sockets honors file permissions and thus the socket owner is root
in the case `gvfsd-admin`. This obviously prevents client from connecting.
Let's change the owner to the value of `PKEXEC_UID` to ensure that the
socket is usable by the client.
https://gitlab.gnome.org/GNOME/gvfs/-/issues/552
-rw-r--r-- | daemon/gvfsdaemon.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/daemon/gvfsdaemon.c b/daemon/gvfsdaemon.c index b29bba13..a6d6236c 100644 --- a/daemon/gvfsdaemon.c +++ b/daemon/gvfsdaemon.c @@ -780,6 +780,7 @@ handle_get_connection (GVfsDBusDaemon *object, gchar *address1; gchar *socket_path; gchar *guid; + const char *pkexec_uid; generate_address (&address1, &socket_path); @@ -803,6 +804,18 @@ handle_get_connection (GVfsDBusDaemon *object, g_dbus_server_start (server); + /* This is needed for gvfsd-admin to ensure correct ownership. */ + pkexec_uid = g_getenv ("PKEXEC_UID"); + if (pkexec_uid != NULL) + { + uid_t uid; + + uid = strtol (pkexec_uid, NULL, 10); + if (uid != 0) + if (chown (socket_path, uid, (gid_t)-1) < 0) + g_warning ("Failed to change socket ownership: %s", g_strerror (errno)); + } + g_signal_connect (server, "new-connection", G_CALLBACK (daemon_new_connection_func), daemon); gvfs_dbus_daemon_complete_get_connection (object, |