polkit/0001-Fix-ConsoleKit-interaction-bug.patch

133 lines
4.3 KiB
Diff
Raw Normal View History

2010-08-18 17:23:20 +00:00
From 22363658629553e04277259ccac8dbf4e33839ea Mon Sep 17 00:00:00 2001
From: David Zeuthen <davidz@redhat.com>
Date: Wed, 18 Aug 2010 12:24:04 -0400
Subject: [PATCH] Fix ConsoleKit interaction bug
First of all, there was a glaring bug where we forgot to load the
GKeyFile for /var/run/ConsoleKit/database resulting in criticals like
this:
(lt-polkitd:17984): GLib-CRITICAL **: g_key_file_get_boolean: assertion `key_file != NULL' failed
(lt-polkitd:17984): GLib-CRITICAL **: g_key_file_get_boolean: assertion `key_file != NULL' failed
Furthermore, this resulted in the Authority returning "not authorized"
for subjects that should have been authorized. For an example, see
https://bugzilla.redhat.com/show_bug.cgi?id=624125
Fix this bug by calling ensure_database() to make sure the GKeyFile
contains information from /var/run/ConsoleKit/database. Also, since
there is a race (theoretical at least, but see
https://bugzilla.gnome.org/show_bug.cgi?id=627285 ) with file
monitoring, also ensure that we are using the latest and greatest
version of /var/run/ConsoleKit/database.
Signed-off-by: David Zeuthen <davidz@redhat.com>
---
src/polkitbackend/polkitbackendsessionmonitor.c | 52 ++++++++++++++++++++--
1 files changed, 47 insertions(+), 5 deletions(-)
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index 2b63f3c..877d69e 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -47,6 +47,7 @@ struct _PolkitBackendSessionMonitor
GKeyFile *database;
GFileMonitor *database_monitor;
+ time_t database_mtime;
};
struct _PolkitBackendSessionMonitorClass
@@ -74,17 +75,34 @@ reload_database (PolkitBackendSessionMonitor *monitor,
GError **error)
{
gboolean ret;
+ struct stat statbuf;
ret = FALSE;
+ if (monitor->database != NULL)
+ {
+ g_key_file_free (monitor->database);
+ monitor->database = NULL;
+ }
+
+ if (stat (CKDB_PATH, &statbuf) != 0)
+ {
+ g_set_error (error,
+ G_IO_ERROR,
+ g_io_error_from_errno (errno),
+ "Error statting file " CKDB_PATH ": %s",
+ strerror (errno));
+ goto out;
+ }
+
+ monitor->database_mtime = statbuf.st_mtime;
+
monitor->database = g_key_file_new ();
if (!g_key_file_load_from_file (monitor->database,
CKDB_PATH,
G_KEY_FILE_NONE,
error))
{
- g_key_file_free (monitor->database);
- monitor->database = NULL;
goto out;
}
@@ -102,8 +120,22 @@ ensure_database (PolkitBackendSessionMonitor *monitor,
if (monitor->database != NULL)
{
- ret = TRUE;
- goto out;
+ struct stat statbuf;
+
+ if (stat (CKDB_PATH, &statbuf) != 0)
+ {
+ g_set_error (error,
+ G_IO_ERROR,
+ g_io_error_from_errno (errno),
+ "Error statting file " CKDB_PATH " to check timestamp: %s",
+ strerror (errno));
+ goto out;
+ }
+ if (statbuf.st_mtime == monitor->database_mtime)
+ {
+ ret = TRUE;
+ goto out;
+ }
}
ret = reload_database (monitor, error);
@@ -266,7 +298,6 @@ polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor
if (local_error != NULL)
{
g_propagate_prefixed_error (error, local_error, "Error getting user for process: ");
- g_error_free (local_error);
goto out;
}
@@ -427,6 +458,17 @@ get_boolean (PolkitBackendSessionMonitor *monitor,
group = g_strdup_printf ("Session %s", polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session)));
error = NULL;
+ if (!ensure_database (monitor, &error))
+ {
+ g_printerr ("Error getting boolean `%s' in group `%s': Error ensuring CK database at " CKDB_PATH ": %s",
+ key_name,
+ group,
+ error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ error = NULL;
ret = g_key_file_get_boolean (monitor->database, group, key_name, &error);
if (error != NULL)
{
--
1.7.2.1