diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-02-18 12:55:25 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-02-18 12:55:25 +0100 |
commit | c529695e7a30b300fdaa61ace4a8a4ed0e94ad1c (patch) | |
tree | b8613d0df12627f161c4be274378329bea2e72fc /src/hostname | |
parent | 2723b3b51d409340558e46e37e90525d4f880fe1 (diff) | |
download | systemd-c529695e7a30b300fdaa61ace4a8a4ed0e94ad1c.tar.gz |
logind: open up most bus calls for unpriviliged processes, using PolicyKit
Also, allow clients to alter their own objects without any further
priviliges. i.e. this allows clients to kill and lock their own sessions
without involving PK.
Diffstat (limited to 'src/hostname')
-rw-r--r-- | src/hostname/hostnamed.c | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c index 7cd4a1d001..ede8185788 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c @@ -427,7 +427,14 @@ static int method_set_hostname(sd_bus *bus, sd_bus_message *m, void *userdata, s if (streq_ptr(name, c->data[PROP_HOSTNAME])) return sd_bus_reply_method_return(m, NULL); - r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.hostname1.set-hostname", interactive, &c->polkit_registry, error); + r = bus_verify_polkit_async( + m, + CAP_SYS_ADMIN, + "org.freedesktop.hostname1.set-hostname", + interactive, + UID_INVALID, + &c->polkit_registry, + error); if (r < 0) return r; if (r == 0) @@ -469,7 +476,14 @@ static int method_set_static_hostname(sd_bus *bus, sd_bus_message *m, void *user if (streq_ptr(name, c->data[PROP_STATIC_HOSTNAME])) return sd_bus_reply_method_return(m, NULL); - r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.hostname1.set-static-hostname", interactive, &c->polkit_registry, error); + r = bus_verify_polkit_async( + m, + CAP_SYS_ADMIN, + "org.freedesktop.hostname1.set-static-hostname", + interactive, + UID_INVALID, + &c->polkit_registry, + error); if (r < 0) return r; if (r == 0) @@ -534,10 +548,14 @@ static int set_machine_info(Context *c, sd_bus *bus, sd_bus_message *m, int prop * same time as the static one, use the same policy action for * both... */ - r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, - prop == PROP_PRETTY_HOSTNAME ? - "org.freedesktop.hostname1.set-static-hostname" : - "org.freedesktop.hostname1.set-machine-info", interactive, &c->polkit_registry, error); + r = bus_verify_polkit_async( + m, + CAP_SYS_ADMIN, + prop == PROP_PRETTY_HOSTNAME ? "org.freedesktop.hostname1.set-static-hostname" : "org.freedesktop.hostname1.set-machine-info", + interactive, + UID_INVALID, + &c->polkit_registry, + error); if (r < 0) return r; if (r == 0) |