| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
This reverts commit 80a10b589fa606930b0dab2e2613e77b734d9a6b.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the D-Bus "user bus" model, all sessions of a user share the same
D-Bus instance, a polkit requesting process might live outside the
login session which registered the user's polkit agent.
In case a polkit requesting process is not part of the user's login
session, we ask systemd-logind for the the user's "display" session
instead.
https://bugs.freedesktop.org/show_bug.cgi?id=78905
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=77167
|
|
|
|
|
|
|
|
|
|
| |
1. Fallback to fsync() if fdatasync() is not available.
2. Check whether setnetgrent() has a return value.
3. Check whether the system has SIGPOLL.
4. Add configure option to disable test. mocklibc cannot be built on FreeBSD
because of function prototype conflict.
https://bugs.freedesktop.org/show_bug.cgi?id=73821
|
|
|
|
|
|
|
|
| |
I use "pkexec bash" a lot, and it'd be nice to be able to just type
"pkexec" and have it do what I want. Like how "su" will run the shell
by default.
https://bugs.freedesktop.org/show_bug.cgi?id=74933
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The helper flushes and fdatasyncs stdout and stderr before terminating
but this doesn't guarantee that our io watch is called before our
child watch. This means that we can end up with a successful return
from the helper which we still report as a failure.
If we add G_IO_HUP and G_IO_ERR to the conditions we look for in the
io watch and the child terminates we still run the io watch handler
which will complete the session.
This means that the child watch is in fact needless and we can remove
it.
https://bugs.freedesktop.org/show_bug.cgi?id=60847
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=72426
|
|
|
|
|
|
|
|
|
|
| |
This workaround isn't too much code, and it's often better to fix bugs
in two places anyways.
For more information:
See https://bugzilla.redhat.com/show_bug.cgi?id=753882
See http://lists.freedesktop.org/archives/systemd-devel/2013-November/014370.html
|
|
|
|
|
|
|
|
|
| |
In these cases, we can't every drop use of our API which we deprecated
for external callers; for example where a (deprecated) command line is
invoking the deprecated API.
This patch avoids having polkit developers get spammed by unfixable
warnings.
|
|
|
|
|
| |
We can't port everything, but in PolkitPermission and these test
cases, we can use _for_owner() with the right information.
|
|
|
|
|
|
|
|
|
|
|
|
| |
For polkit_system_bus_name_get_process_sync(), as pointed out by
Miloslav Trmac, we can securely retrieve the owner uid as well from
the system bus, rather than (racily) looking it up internally.
This avoids use of a deprecated API.
However, this is not a security fix because nothing in the polkit
codebase itself actually retrieves the uid from the result of this API
call. But, it might be useful in the future.
|
|
|
|
|
|
|
|
|
|
| |
We had the code to go from pid -> session duplicated. If we have a
PolkitSystemBusName, convert it to a PolkitUnixProcess.
Then we can do PolkitUnixProcess -> pid -> session in one place.
This is just a code cleanup.
https://bugs.freedesktop.org/show_bug.cgi?id=69538
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=71458
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is just an uninstalled example, but it needed the same fix as was
done for pkexec with the 3b12cfac29dddd27f1f166a7574d8374cc1dccf2
commit.
This drops use of deprecated API.
https://bugs.freedesktop.org/show_bug.cgi?id=69538
|
|
|
|
|
|
|
|
|
| |
And change the duplicated code in the backend session monitors to use
it. This just a code cleanup resulting from review after
CVE-2013-4288. There's no security impact from this patch, it just
removes duplicated code.
https://bugs.freedesktop.org/show_bug.cgi?id=69538
|
| |
|
|
|
|
| |
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The uid is a new addition; this allows callers such as libvirt to
close a race condition in reading the uid of the process talking to
them. They can read it via getsockopt(SO_PEERCRED) or equivalent,
rather than having pkcheck look at /proc later after the fact.
Programs which invoke pkcheck but need to know beforehand (i.e. at
compile time) whether or not it supports passing the uid can
use:
pkcheck_supports_uid=$($PKG_CONFIG --variable pkcheck_supports_uid polkit-gobject-1)
test x$pkcheck_supports_uid = xyes
|
|
|
|
|
|
| |
It's only safe for processes to be created with their owning uid,
(without kernel support, which we don't have). Anything else is
subject to clients exec()ing setuid binaries after the fact.
|
|
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=65313
Signed-off-by: Tomas Chvatal <tomas.chvatal@gmail.com>
|
|
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=65313
Signed-off-by: Tomas Chvatal <tomas.chvatal@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Static local variable may not be enough since it doesn't provide locking.
Related to these udisksd warnings:
GLib-GObject-WARNING **: cannot register existing type `PolkitSubject'
Thanks to Hans de Goede for spotting this!
https://bugs.freedesktop.org/show_bug.cgi?id=65130
|
| |
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=64197
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=29936
|
|
|
|
|
|
| |
(Inconsistent options are still accepted.)
https://bugs.freedesktop.org/show_bug.cgi?id=29936
|
|
|
|
|
|
| |
... as required by GNU coding standards.
https://bugs.freedesktop.org/show_bug.cgi?id=29936
|
|
|
|
|
|
|
|
|
|
| |
PACKAGE_VERSION curently contains the mailing list address as well; this
leaks into output of --version and other places.
While at it, update AM_INIT_AUTOMAKE to the new form and use correct m4
quoting at least for these lines.
https://bugs.freedesktop.org/show_bug.cgi?id=29936
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert pkaction and pkttyagent to use GOptionContext.
Don't convert pkcheck and only add --help output text because its
non-standard --details(which requires two arguments) can't be
implemented using GOptionContext.
Don't touch pkexec, in a (futile?) attempt to minimize the amount
of complex code running before authentication.
This leaves the option processing lax as it was (e.g. accepting
contradicting options, ignoring non-option arguments), and should only
affect the handling of --help and behavior when invalid arguments are
detected.
https://bugs.freedesktop.org/show_bug.cgi?id=29936
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=64336
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=64336
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=64336
|
|
|
|
|
|
|
|
|
|
|
| |
Using integers or floating-point numbers could have resulted in a crash.
Use JSVAL_IS_STRING() instead of implicit conversion through
JS_ValueToString(); hopefully this will nudge the rule writer toward
thinking more about the string conversion and the format of the
resulting string.
https://bugs.freedesktop.org/show_bug.cgi?id=63575
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=63575
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=63575
|
|
|
|
|
|
| |
Suggested by Colin Walters.
https://bugs.freedesktop.org/show_bug.cgi?id=57284
|
|
|
|
|
|
|
|
| |
From time to time, application developers just copy example
configuration without examining it in details. Because polkit is
typically used to control access to system-level operations, the policy
(and therefore the examples) should limit access to system
administrators only.
|
|
|
|
| |
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641527
|
|
|
|
|
|
|
| |
Based on work by Tim Lunn <tim@feathertop.org>, reworked on top of a
regular dynamically-linked js.
https://bugs.freedesktop.org/show_bug.cgi?id=59830
|
|
|
|
|
|
|
|
|
|
| |
The new plan is to hard-require JS. See discussion in
https://bugs.freedesktop.org/show_bug.cgi?id=59830
This reverts commit 34cb6353b9affd6c04ea480df5fc39d0ca72319d.
Conflicts:
src/polkitbackend/polkitbackendjsauthority.c
|
|
|
|
|
|
| |
This is future compatible with mozjs-17.0.
https://bugs.freedesktop.org/show_bug.cgi?id=59830
|
|
|
|
|
| |
JSVAL_TO_STRING would barf on a null value, so don't
claim to handle it.
|
|
|
|
| |
See discussion in https://bugs.freedesktop.org/show_bug.cgi?id=63573 .
|
|
|
|
|
|
| |
... to silence warnings when g-ir-scanner warnings are enabled.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
|
|
|
|
|
|
| |
Fold PolkitImplicitAuthorization and PolkitCheckAuthorizationFlags
into the relevant classes in the section list; polkit-1-docs.xml is
already not including the enum documents.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
|
|
|
|
|
|
| |
All of these are a part of public API with some external users. Do the
minimum to avoid a warning; ideally we should also add a
*_DISABLE_DEPRECATED macro etc.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|