123 lines
4.7 KiB
Diff
123 lines
4.7 KiB
Diff
|
commit 878f6c4074acfdee42c320680f5529e01b909ba2
|
||
|
Author: Dan Williams <dcbw@redhat.com>
|
||
|
Date: Fri Oct 15 10:28:38 2010 -0500
|
||
|
|
||
|
core: ignore authorization for sleep/wake requests (but restrict to root) (rh #638640)
|
||
|
|
||
|
Everyone uses pm-utils still for sleep/wake support, and that's
|
||
|
traditionally how NM was put to sleep and woken up. But pm-utils
|
||
|
uses dbus-send without --print-reply so dbus-send quits immediately
|
||
|
after sending the message. That doesn't give NM enough time to
|
||
|
get the senders UID and thus validate the request, so the request
|
||
|
gets denied, and sometimes NM stays asleep after the machine is
|
||
|
woken up.
|
||
|
|
||
|
Instead, don't get the sender's UID and try to authorize it, but
|
||
|
just let the request go through. Rely on D-Bus permissions to
|
||
|
make sure that only root can call sleep/wake methods.
|
||
|
|
||
|
diff --git a/src/NetworkManager.conf b/src/NetworkManager.conf
|
||
|
index 8d08314..1f1ed49 100644
|
||
|
--- a/src/NetworkManager.conf
|
||
|
+++ b/src/NetworkManager.conf
|
||
|
@@ -60,6 +60,18 @@
|
||
|
<deny send_destination="org.freedesktop.NetworkManager"
|
||
|
send_interface="org.freedesktop.NetworkManager"
|
||
|
send_member="SetLogging"/>
|
||
|
+
|
||
|
+ <deny send_destination="org.freedesktop.NetworkManager"
|
||
|
+ send_interface="org.freedesktop.NetworkManager"
|
||
|
+ send_member="Sleep"/>
|
||
|
+
|
||
|
+ <deny send_destination="org.freedesktop.NetworkManager"
|
||
|
+ send_interface="org.freedesktop.NetworkManager"
|
||
|
+ send_member="sleep"/>
|
||
|
+
|
||
|
+ <deny send_destination="org.freedesktop.NetworkManager"
|
||
|
+ send_interface="org.freedesktop.NetworkManager"
|
||
|
+ send_member="wake"/>
|
||
|
</policy>
|
||
|
<policy context="default">
|
||
|
<deny own="org.freedesktop.NetworkManager"/>
|
||
|
@@ -72,6 +84,18 @@
|
||
|
send_interface="org.freedesktop.NetworkManager"
|
||
|
send_member="SetLogging"/>
|
||
|
|
||
|
+ <deny send_destination="org.freedesktop.NetworkManager"
|
||
|
+ send_interface="org.freedesktop.NetworkManager"
|
||
|
+ send_member="Sleep"/>
|
||
|
+
|
||
|
+ <deny send_destination="org.freedesktop.NetworkManager"
|
||
|
+ send_interface="org.freedesktop.NetworkManager"
|
||
|
+ send_member="sleep"/>
|
||
|
+
|
||
|
+ <deny send_destination="org.freedesktop.NetworkManager"
|
||
|
+ send_interface="org.freedesktop.NetworkManager"
|
||
|
+ send_member="wake"/>
|
||
|
+
|
||
|
<!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
|
||
|
interface is secured via PolicyKit.
|
||
|
-->
|
||
|
diff --git a/src/nm-manager.c b/src/nm-manager.c
|
||
|
index 758a082..4a3e499 100644
|
||
|
--- a/src/nm-manager.c
|
||
|
+++ b/src/nm-manager.c
|
||
|
@@ -3369,6 +3369,7 @@ _internal_sleep (NMManager *self, gboolean do_sleep)
|
||
|
g_object_notify (G_OBJECT (self), NM_MANAGER_SLEEPING);
|
||
|
}
|
||
|
|
||
|
+#if 0
|
||
|
static void
|
||
|
sleep_auth_done_cb (NMAuthChain *chain,
|
||
|
GError *error,
|
||
|
@@ -3407,6 +3408,7 @@ sleep_auth_done_cb (NMAuthChain *chain,
|
||
|
|
||
|
nm_auth_chain_unref (chain);
|
||
|
}
|
||
|
+#endif
|
||
|
|
||
|
static void
|
||
|
impl_manager_sleep (NMManager *self,
|
||
|
@@ -3414,10 +3416,12 @@ impl_manager_sleep (NMManager *self,
|
||
|
DBusGMethodInvocation *context)
|
||
|
{
|
||
|
NMManagerPrivate *priv;
|
||
|
- NMAuthChain *chain;
|
||
|
GError *error = NULL;
|
||
|
+#if 0
|
||
|
+ NMAuthChain *chain;
|
||
|
gulong sender_uid = G_MAXULONG;
|
||
|
const char *error_desc = NULL;
|
||
|
+#endif
|
||
|
|
||
|
g_return_if_fail (NM_IS_MANAGER (self));
|
||
|
|
||
|
@@ -3432,6 +3436,19 @@ impl_manager_sleep (NMManager *self,
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
+ /* Unconditionally allow the request. Previously it was polkit protected
|
||
|
+ * but unfortunately that doesn't work for short-lived processes like
|
||
|
+ * pm-utils. It uses dbus-send without --print-reply, which quits
|
||
|
+ * immediately after sending the request, and NM is unable to obtain the
|
||
|
+ * sender's UID as dbus-send has already dropped off the bus. Thus NM
|
||
|
+ * fails the request. Instead, don't validate the request, but rely on
|
||
|
+ * D-Bus permissions to restrict the call to root.
|
||
|
+ */
|
||
|
+ _internal_sleep (self, do_sleep);
|
||
|
+ dbus_g_method_return (context);
|
||
|
+ return;
|
||
|
+
|
||
|
+#if 0
|
||
|
if (!nm_auth_get_caller_uid (context, priv->dbus_mgr, &sender_uid, &error_desc)) {
|
||
|
error = g_error_new_literal (NM_MANAGER_ERROR,
|
||
|
NM_MANAGER_ERROR_PERMISSION_DENIED,
|
||
|
@@ -3457,6 +3474,7 @@ impl_manager_sleep (NMManager *self,
|
||
|
|
||
|
nm_auth_chain_set_data (chain, "sleep", GUINT_TO_POINTER (do_sleep), NULL);
|
||
|
nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SLEEP_WAKE, TRUE);
|
||
|
+#endif
|
||
|
}
|
||
|
|
||
|
static void
|