diff options
author | Ondrej Holy <oholy@redhat.com> | 2021-03-30 10:34:11 +0200 |
---|---|---|
committer | Ondrej Holy <oholy@redhat.com> | 2021-04-15 07:12:32 +0000 |
commit | 5f9cffd11dc69a9422726a059c7c31bae4b46338 (patch) | |
tree | a7d8f2115191360a16d9a7e437672dd4a04845a4 /daemon | |
parent | 06f90d2800048c5d52cf46adc882a49fe0707bcd (diff) | |
download | gvfs-5f9cffd11dc69a9422726a059c7c31bae4b46338.tar.gz |
daemon: Fix socket owner for gvfsd-admin
Recently, GVfs switched from abstract sockets to named sockets. The
named sockets honors file permissions and thus the socket owner is root
in the case `gvfsd-admin`. This obviously prevents client from connecting.
Let's change the owner to the value of `PKEXEC_UID` to ensure that the
socket is usable by the client.
https://gitlab.gnome.org/GNOME/gvfs/-/issues/552
Diffstat (limited to 'daemon')
-rw-r--r-- | daemon/gvfsdaemon.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/daemon/gvfsdaemon.c b/daemon/gvfsdaemon.c index b29bba13..a6d6236c 100644 --- a/daemon/gvfsdaemon.c +++ b/daemon/gvfsdaemon.c @@ -780,6 +780,7 @@ handle_get_connection (GVfsDBusDaemon *object, gchar *address1; gchar *socket_path; gchar *guid; + const char *pkexec_uid; generate_address (&address1, &socket_path); @@ -803,6 +804,18 @@ handle_get_connection (GVfsDBusDaemon *object, g_dbus_server_start (server); + /* This is needed for gvfsd-admin to ensure correct ownership. */ + pkexec_uid = g_getenv ("PKEXEC_UID"); + if (pkexec_uid != NULL) + { + uid_t uid; + + uid = strtol (pkexec_uid, NULL, 10); + if (uid != 0) + if (chown (socket_path, uid, (gid_t)-1) < 0) + g_warning ("Failed to change socket ownership: %s", g_strerror (errno)); + } + g_signal_connect (server, "new-connection", G_CALLBACK (daemon_new_connection_func), daemon); gvfs_dbus_daemon_complete_get_connection (object, |