Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
|
@ -1 +1 @@
|
|||
bab4f37144196d8ba06195bc72b4a9937c62b9fd SOURCES/accountsservice-0.6.55.tar.xz
|
||||
bab4f37144196d8ba06195bc72b4a9937c62b9fd accountsservice-0.6.55.tar.xz
|
||||
|
|
|
@ -1 +1 @@
|
|||
SOURCES/accountsservice-0.6.55.tar.xz
|
||||
/accountsservice-*.tar.xz
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
From c7fa612023a163e8b2352e1170c6df3fceb19b27 Mon Sep 17 00:00:00 2001
|
||||
From: Ray Strode <rstrode@redhat.com>
|
||||
Date: Thu, 19 Jul 2018 13:14:09 -0400
|
||||
Subject: [PATCH 1/3] lib: don't set loaded state until seat is fetched
|
||||
|
||||
At the moment we set is-loaded on the user-manager
|
||||
object as soon as we start fetching the seat, but
|
||||
we should waiting until the seat is fetched, so
|
||||
that can_switch() will return the correct value
|
||||
if the caller waited until the loaded signal
|
||||
to use it.
|
||||
|
||||
This commit changes the >= to > which I believe
|
||||
was the original intention anyway.
|
||||
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=107298
|
||||
---
|
||||
src/libaccountsservice/act-user-manager.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/libaccountsservice/act-user-manager.c b/src/libaccountsservice/act-user-manager.c
|
||||
index 325421b..e7e26b1 100644
|
||||
--- a/src/libaccountsservice/act-user-manager.c
|
||||
+++ b/src/libaccountsservice/act-user-manager.c
|
||||
@@ -2382,7 +2382,7 @@ maybe_set_is_loaded (ActUserManager *manager)
|
||||
/* Don't set is_loaded yet unless the seat is already loaded enough
|
||||
* or failed to load.
|
||||
*/
|
||||
- if (manager->priv->seat.state >= ACT_USER_MANAGER_SEAT_STATE_GET_ID) {
|
||||
+ if (manager->priv->seat.state > ACT_USER_MANAGER_SEAT_STATE_GET_ID) {
|
||||
g_debug ("ActUserManager: Seat loaded, so now setting loaded property");
|
||||
} else if (manager->priv->seat.state == ACT_USER_MANAGER_SEAT_STATE_UNLOADED) {
|
||||
g_debug ("ActUserManager: Seat wouldn't load, so giving up on it and setting loaded property");
|
||||
--
|
||||
2.19.0
|
||||
|
|
@ -0,0 +1,195 @@
|
|||
From ae9937addf1e6c75c540b3cd033bc2b17ac6cc59 Mon Sep 17 00:00:00 2001
|
||||
From: Ray Strode <rstrode@redhat.com>
|
||||
Date: Thu, 9 Sep 2021 09:40:49 -0400
|
||||
Subject: [PATCH] main: Allow cache files to be marked immutable
|
||||
|
||||
At the moment, at start up we unconditionally reset permission of all
|
||||
cache files in /var/lib/AccountsService/users. If the mode of the files
|
||||
can't be reset, accountsservice fails to start.
|
||||
|
||||
But there's a situation where we should proceed anyway: If the
|
||||
mode is already correct, and the file is read-only, there is no reason
|
||||
to refuse to proceed.
|
||||
|
||||
This commit changes the code to explicitly validate the permissions of
|
||||
the file before failing.
|
||||
---
|
||||
src/main.c | 29 +++++++++++++++++++++++++----
|
||||
1 file changed, 25 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/main.c b/src/main.c
|
||||
index 2163fa6..cf88da0 100644
|
||||
--- a/src/main.c
|
||||
+++ b/src/main.c
|
||||
@@ -16,143 +16,164 @@
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
*
|
||||
* Written by: Matthias Clasen <mclasen@redhat.com>
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdarg.h>
|
||||
#include <locale.h>
|
||||
#include <libintl.h>
|
||||
#include <syslog.h>
|
||||
#include <sys/stat.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <glib.h>
|
||||
#include <glib/gi18n.h>
|
||||
#include <glib/gstdio.h>
|
||||
#include <glib-unix.h>
|
||||
|
||||
#include "daemon.h"
|
||||
|
||||
#define NAME_TO_CLAIM "org.freedesktop.Accounts"
|
||||
|
||||
static gboolean
|
||||
ensure_directory (const char *path,
|
||||
gint mode,
|
||||
GError **error)
|
||||
{
|
||||
+ GStatBuf stat_buffer = { 0 };
|
||||
+
|
||||
if (g_mkdir_with_parents (path, mode) < 0) {
|
||||
g_set_error (error,
|
||||
G_FILE_ERROR,
|
||||
g_file_error_from_errno (errno),
|
||||
"Failed to create directory %s: %m",
|
||||
path);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
- if (g_chmod (path, mode) < 0) {
|
||||
+ g_chmod (path, mode);
|
||||
+
|
||||
+ if (g_stat (path, &stat_buffer) < 0) {
|
||||
+ g_clear_error (&error);
|
||||
+
|
||||
g_set_error (error,
|
||||
G_FILE_ERROR,
|
||||
g_file_error_from_errno (errno),
|
||||
- "Failed to change permissions of directory %s: %m",
|
||||
+ "Failed to validate permissions of directory %s: %m",
|
||||
path);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
+ if (stat_buffer.st_mode != mode) {
|
||||
+ g_set_error (error,
|
||||
+ G_FILE_ERROR,
|
||||
+ g_file_error_from_errno (errno),
|
||||
+ "Directory %s has wrong mode %o; it should be %o",
|
||||
+ path, stat_buffer.st_mode, mode);
|
||||
+ return FALSE;
|
||||
+ }
|
||||
+
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
static gboolean
|
||||
ensure_file_permissions (const char *dir_path,
|
||||
gint file_mode,
|
||||
GError **error)
|
||||
{
|
||||
GDir *dir = NULL;
|
||||
const gchar *filename;
|
||||
gint errsv = 0;
|
||||
|
||||
dir = g_dir_open (dir_path, 0, error);
|
||||
if (dir == NULL)
|
||||
return FALSE;
|
||||
|
||||
while ((filename = g_dir_read_name (dir)) != NULL) {
|
||||
+ GStatBuf stat_buffer = { 0 };
|
||||
+
|
||||
gchar *file_path = g_build_filename (dir_path, filename, NULL);
|
||||
|
||||
g_debug ("Changing permission of %s to %04o", file_path, file_mode);
|
||||
- if (g_chmod (file_path, file_mode) < 0)
|
||||
+ g_chmod (file_path, file_mode);
|
||||
+
|
||||
+ if (g_stat (path, &stat_buffer) < 0)
|
||||
errsv = errno;
|
||||
|
||||
+ if (stat_buffer.st_mode != file_mode)
|
||||
+ errsv = EACCESS;
|
||||
+
|
||||
g_free (file_path);
|
||||
}
|
||||
|
||||
g_dir_close (dir);
|
||||
|
||||
/* Report any errors after all chmod()s have been attempted. */
|
||||
if (errsv != 0) {
|
||||
g_set_error (error,
|
||||
G_FILE_ERROR,
|
||||
g_file_error_from_errno (errsv),
|
||||
"Failed to change permissions of files in directory %s: %m",
|
||||
dir_path);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
static void
|
||||
on_bus_acquired (GDBusConnection *connection,
|
||||
const gchar *name,
|
||||
gpointer user_data)
|
||||
{
|
||||
GMainLoop *loop = user_data;
|
||||
Daemon *daemon;
|
||||
g_autoptr(GError) error = NULL;
|
||||
|
||||
if (!ensure_directory (ICONDIR, 0775, &error) ||
|
||||
!ensure_directory (USERDIR, 0700, &error) ||
|
||||
!ensure_file_permissions (USERDIR, 0600, &error)) {
|
||||
g_printerr ("%s\n", error->message);
|
||||
g_main_loop_quit (loop);
|
||||
return;
|
||||
}
|
||||
|
||||
daemon = daemon_new ();
|
||||
if (daemon == NULL) {
|
||||
g_printerr ("Failed to initialize daemon\n");
|
||||
g_main_loop_quit (loop);
|
||||
return;
|
||||
}
|
||||
-
|
||||
openlog ("accounts-daemon", LOG_PID, LOG_DAEMON);
|
||||
syslog (LOG_INFO, "started daemon version %s", VERSION);
|
||||
closelog ();
|
||||
openlog ("accounts-daemon", 0, LOG_AUTHPRIV);
|
||||
}
|
||||
|
||||
static void
|
||||
on_name_lost (GDBusConnection *connection,
|
||||
const gchar *name,
|
||||
gpointer user_data)
|
||||
{
|
||||
GMainLoop *loop = user_data;
|
||||
|
||||
g_debug ("got NameLost, exiting");
|
||||
g_main_loop_quit (loop);
|
||||
}
|
||||
|
||||
static gboolean debug;
|
||||
|
||||
static void
|
||||
on_log_debug (const gchar *log_domain,
|
||||
GLogLevelFlags log_level,
|
||||
const gchar *message,
|
||||
gpointer user_data)
|
||||
{
|
||||
g_autoptr(GString) string = NULL;
|
||||
const gchar *progname;
|
||||
int ret G_GNUC_UNUSED;
|
||||
|
||||
string = g_string_new (NULL);
|
||||
--
|
||||
2.31.1
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
From 74fed8d975fd2e2cba644eeb8021393fc81b7151 Mon Sep 17 00:00:00 2001
|
||||
From: Ray Strode <rstrode@redhat.com>
|
||||
Date: Fri, 10 Aug 2018 15:15:51 -0400
|
||||
Subject: [PATCH 3/3] lib: don't fail loading if logind isn't working right
|
||||
|
||||
At the moment if logind can fail in two ways when
|
||||
asking the session associated with the current pid:
|
||||
|
||||
1) ENOENT, the process isn't part of a registered session
|
||||
2) ENODATA, the mechanism for checking which session a
|
||||
process is registered with isn't working.
|
||||
|
||||
If we hit the second case then wefail loading the user manager
|
||||
entirely. This leads to the dbus proxy associated with a user
|
||||
from loading and the user getting stuck with defaults like a
|
||||
NULL xsession and systemaccount=TRUE
|
||||
|
||||
This commit changes the behavior for the second case to be
|
||||
like the first. Namely, to accept there's no associated
|
||||
session and carry on as best we can.
|
||||
---
|
||||
src/libaccountsservice/act-user-manager.c | 5 +----
|
||||
1 file changed, 1 insertion(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/libaccountsservice/act-user-manager.c b/src/libaccountsservice/act-user-manager.c
|
||||
index e7e26b1..6dc1d15 100644
|
||||
--- a/src/libaccountsservice/act-user-manager.c
|
||||
+++ b/src/libaccountsservice/act-user-manager.c
|
||||
@@ -1139,12 +1139,9 @@ _get_current_systemd_session_id (ActUserManager *manager)
|
||||
res = sd_pid_get_session (0, &session_id);
|
||||
|
||||
if (res == -ENOENT) {
|
||||
- session_id = NULL;
|
||||
- } else if (res < 0) {
|
||||
g_debug ("Failed to identify the current session: %s",
|
||||
strerror (-res));
|
||||
- unload_seat (manager);
|
||||
- return;
|
||||
+ session_id = NULL;
|
||||
}
|
||||
|
||||
manager->priv->seat.session_id = g_strdup (session_id);
|
||||
--
|
||||
2.19.0
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
Name: accountsservice
|
||||
Version: 0.6.55
|
||||
Release: 4%{?dist}
|
||||
Release: 10%{?dist}
|
||||
Summary: D-Bus interfaces for querying and manipulating user account information
|
||||
License: GPLv3+
|
||||
URL: https://www.freedesktop.org/wiki/Software/AccountsService/
|
||||
|
@ -67,10 +67,10 @@ files needed to build applications that use accountsservice-libs.
|
|||
%meson -Dgtk_doc=true -Dsystemd=true -Duser_heuristics=true
|
||||
%meson_build
|
||||
|
||||
|
||||
%install
|
||||
%meson_install
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{_datadir}/accountsservice/interfaces/
|
||||
mkdir -p $RPM_BUILD_ROOT%{_datadir}/accountsservice/user-templates $RPM_BUILD_ROOT%{_sysconfdir}/accountsservice/user-templates
|
||||
cp $RPM_SOURCE_DIR/user-template $RPM_BUILD_ROOT%{_datadir}/accountsservice/user-templates/standard
|
||||
cp $RPM_SOURCE_DIR/user-template $RPM_BUILD_ROOT%{_datadir}/accountsservice/user-templates/administrator
|
||||
|
@ -96,6 +96,8 @@ cp $RPM_SOURCE_DIR/user-template $RPM_BUILD_ROOT%{_datadir}/accountsservice/user
|
|||
%dir %{_sysconfdir}/accountsservice
|
||||
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.Accounts.conf
|
||||
%{_libexecdir}/accounts-daemon
|
||||
%dir %{_datadir}/accountsservice/
|
||||
%dir %{_datadir}/accountsservice/interfaces/
|
||||
%{_datadir}/dbus-1/interfaces/org.freedesktop.Accounts.xml
|
||||
%{_datadir}/dbus-1/interfaces/org.freedesktop.Accounts.User.xml
|
||||
%{_datadir}/dbus-1/system-services/org.freedesktop.Accounts.service
|
||||
|
@ -122,54 +124,82 @@ cp $RPM_SOURCE_DIR/user-template $RPM_BUILD_ROOT%{_datadir}/accountsservice/user
|
|||
%{_datadir}/gtk-doc/html/libaccountsservice/*
|
||||
|
||||
%changelog
|
||||
* Mon Oct 25 2021 Ray Strode <rstrode@redhat.com> - 0.6.55-4
|
||||
* Thu Feb 24 2022 Ray Strode <rstrode@redhat.com> - 0.6.55-10
|
||||
- Synchronize permissions and group ownership for icon and users dirs
|
||||
between rpm file manifest and daemon expectations
|
||||
Resolves: #1919300
|
||||
between rpm file manifest and daemon expectations.
|
||||
Resolves: #2057576
|
||||
|
||||
* Tue Oct 12 2021 Ray Strode <rstrode@redhat.com> - 0.6.55-3
|
||||
- Allow cache files to configure and override system accounts
|
||||
Resolves: #2012331
|
||||
* Mon Oct 25 2021 Ray Strode <rstrode@redhat.com> - 0.6.55-9
|
||||
- Bring in RHEL-8 patches
|
||||
Resolves: #2014692
|
||||
|
||||
* Wed Aug 04 2021 Ray Strode <rstrode@redhat.com> - 0.6.55-2
|
||||
- Add support for user templates so user can specify default session
|
||||
Resolves: #1812788
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.55-8
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Fri Jan 15 2021 Ray Strode <rstrode@redhat.com> - 0.6.55-1
|
||||
- Rebase to 0.6.55
|
||||
Resolves: #1846376
|
||||
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.6.55-7
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Sun Dec 15 2019 Ray Strode <rstrode@redhat.com> - 0.6.50-8
|
||||
- Don't set HasNoUsers=true if realmd has providers
|
||||
Related: #1750516
|
||||
* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.55-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Mon Jun 17 2019 Ray Strode <rstrode@redhat.com> - 0.6.50-7
|
||||
- Don't send change updates for login history changes
|
||||
Resolves: #1713080
|
||||
* Fri Sep 04 2020 Bastien Nocera <bnocera@redhat.com> - 0.6.55-5
|
||||
+ accountsservice-0.6.55-5
|
||||
- Own /usr/share/accountsservice
|
||||
|
||||
* Mon Nov 26 2018 Ray Strode <rstrode@redhat.com> - 0.6.50-6
|
||||
- Fix user switching before screen lock
|
||||
Resolves: #1653263
|
||||
* Fri Jul 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.55-4
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Oct 15 2018 Ray Strode <rstrode@redhat.com> - 0.6.50-5
|
||||
- Turn off aliasing optimizations until glib codegen is fixed
|
||||
Related: #1628060 1639428
|
||||
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.55-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Fri Oct 12 2018 Ray Strode <rstrode@redhat.com> - 0.6.50-4
|
||||
Correct rpmdiff complaints
|
||||
Related: #1628060
|
||||
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.55-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Fri Oct 12 2018 Ray Strode <rstrode@redhat.com> - 0.6.50-3
|
||||
- Record OS in user data when creating new users
|
||||
Related: #1628060
|
||||
* Thu Sep 26 2019 Benjamin Berg <bberg@redhat.com> - 0.6.55-1
|
||||
- Update to 0.6.55
|
||||
Resolves: #1755838
|
||||
|
||||
* Mon Aug 20 2018 Ray Strode <rstrode@redhat.com> - 0.6.50-2
|
||||
- add new api needed for handling upgrades from RHEL 7
|
||||
Related: #1612915 1595825
|
||||
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.54-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Fri Jul 13 2018 Ray Strode <rstrode@redhat.com> - 0.6.50-1
|
||||
- Update to 0.6.50
|
||||
Related: #1597499
|
||||
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.54-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Mon Jan 21 2019 Alexandru-Sever Horin <alex.sever.h@gmail.com> - 0.6.54-4
|
||||
- Add patch from upstream to fix UID detection
|
||||
Resolves: #1646418
|
||||
|
||||
* Thu Jan 17 2019 Adam Williamson <awilliam@redhat.com> - 0.6.54-3
|
||||
- Explicitly enable systemd support (#1576903) (Elliott Sales de Andrade)
|
||||
|
||||
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 0.6.54-2
|
||||
- Rebuilt for libcrypt.so.2 (#1666033)
|
||||
|
||||
* Sat Sep 29 2018 Ray Strode <rstrode@redhat.com> - 0.6.54-1
|
||||
- Update to 0.6.54
|
||||
|
||||
* Thu Sep 27 2018 Ray Strode <rstrode@redhat.com> - 0.6.53-1
|
||||
- Update to 0.6.53
|
||||
|
||||
* Mon Sep 24 2018 Adam Williamson <awilliam@redhat.com> - 0.6.50-1
|
||||
- Update to 0.6.50, plus a couple of backported patches
|
||||
Resolves: #1576903
|
||||
|
||||
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.49-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Thu May 10 2018 Ray Strode <rstrode@redhat.com> - 0.6.49-1
|
||||
- Update to 0.6.49 (brown bag release)
|
||||
|
||||
* Thu May 10 2018 Ray Strode <rstrode@redhat.com> - 0.6.48-1
|
||||
- Update to 0.6.48
|
||||
Resolves: #1575780
|
||||
|
||||
* Fri May 04 2018 Ray Strode <rstrode@redhat.com> - 0.6.47-2
|
||||
- fix crash on user deletion
|
||||
Resolves: #1573550
|
||||
|
||||
* Tue Apr 24 2018 Ray Strode <rstrode@redhat.com> - 0.6.47-1
|
||||
- Update to 0.6.47
|
||||
|
@ -303,7 +333,7 @@ cp $RPM_SOURCE_DIR/user-template $RPM_BUILD_ROOT%{_datadir}/accountsservice/user
|
|||
- Fixes CVE-2012-2737 - local file disclosure
|
||||
Related: #832532
|
||||
|
||||
* Thu May 31 2012 Matthias Clasen <mclasen@redhat.com> 0.6.21-1
|
||||
* Thu May 30 2012 Matthias Clasen <mclasen@redhatcom> 0.6.21-1
|
||||
- Update to 0.6.21
|
||||
|
||||
* Fri May 04 2012 Ray Strode <rstrode@redhat.com> 0.6.20-1
|
||||
|
@ -384,4 +414,4 @@ cp $RPM_SOURCE_DIR/user-template $RPM_BUILD_ROOT%{_datadir}/accountsservice/user
|
|||
- Add missing directories to the filelist
|
||||
|
||||
* Fri Jan 29 2010 Matthias Clasen <mclasen@redhat.com> 0.4-1
|
||||
- Initial packaging, based on work by Richard Hughes
|
||||
-
|
|
@ -0,0 +1,6 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-9
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional}
|
|
@ -0,0 +1 @@
|
|||
SHA512 (accountsservice-0.6.55.tar.xz) = c12e6a8e80f9b087f97238da4734d2d3a14a7c5cbd870a32a04b00116f176c818c39fb886f6dc72c3e93c136b0c2074ddf8f77e20431fa3bd54f138bea9d262d
|
Loading…
Reference in New Issue