Backport upstream D-Bus "user bus" changes

2014-06-05 17:17:06 +02:00 · 2014-06-05 17:17:06 +02:00 · 56a2b8b4c5
parent f3502e1334
commit 56a2b8b4c5
3 changed files with 206 additions and 3 deletions
--- a/polkit-0.112-systemd-Deduplicate-code-paths.patch
+++ b/polkit-0.112-systemd-Deduplicate-code-paths.patch
@ -0,0 +1,107 @@
+From 26d0c0578211fb96fc8fe75572aa11ad6ecbf9b8 Mon Sep 17 00:00:00 2001
+From: Colin Walters <walters@verbum.org>
+Date: Thu, 7 Nov 2013 15:57:50 -0500
+Subject: [PATCH] sessionmonitor-systemd: Deduplicate code paths
+
+We had the code to go from pid -> session duplicated.  If we have a
+PolkitSystemBusName, convert it to a PolkitUnixProcess.
+Then we can do PolkitUnixProcess -> pid -> session in one place.
+
+This is just a code cleanup.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=69538
+---
+ .../polkitbackendsessionmonitor-systemd.c          | 63 ++++++++--------------
+ 1 file changed, 22 insertions(+), 41 deletions(-)
+
+diff --git a/src/polkitbackend/polkitbackendsessionmonitor-systemd.c b/src/polkitbackend/polkitbackendsessionmonitor-systemd.c
+index 0185310..756b728 100644
+--- a/src/polkitbackend/polkitbackendsessionmonitor-systemd.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor-systemd.c
+@@ -313,61 +313,42 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni
+                                                         PolkitSubject               *subject,
+                                                         GError                     **error)
+ {
+-  PolkitSubject *session;
+-
+-  session = NULL;
+  PolkitUnixProcess *tmp_process = NULL;
+  PolkitUnixProcess *process = NULL;
+  PolkitSubject *session = NULL;
+  char *session_id = NULL;
+  pid_t pid;
+ 
+   if (POLKIT_IS_UNIX_PROCESS (subject))
+-    {
+-      gchar *session_id;
+-      pid_t pid;
+-
+-      pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject));
+-      if (sd_pid_get_session (pid, &session_id) < 0)
+-        goto out;
+-
+-      session = polkit_unix_session_new (session_id);
+-      free (session_id);
+-    }
+    process = POLKIT_UNIX_PROCESS (subject); /* We already have a process */
+   else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
+     {
+-      guint32 pid;
+-      gchar *session_id;
+-      GVariant *result;
+-
+-      result = g_dbus_connection_call_sync (monitor->system_bus,
+-                                            "org.freedesktop.DBus",
+-                                            "/org/freedesktop/DBus",
+-                                            "org.freedesktop.DBus",
+-                                            "GetConnectionUnixProcessID",
+-                                            g_variant_new ("(s)", polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject))),
+-                                            G_VARIANT_TYPE ("(u)"),
+-                                            G_DBUS_CALL_FLAGS_NONE,
+-                                            -1, /* timeout_msec */
+-                                            NULL, /* GCancellable */
+-                                            error);
+-      if (result == NULL)
+-        goto out;
+-      g_variant_get (result, "(u)", &pid);
+-      g_variant_unref (result);
+-
+-      if (sd_pid_get_session (pid, &session_id) < 0)
+-        goto out;
+-
+-      session = polkit_unix_session_new (session_id);
+-      free (session_id);
+      /* Convert bus name to process */
+      tmp_process = (PolkitUnixProcess*)polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME (subject), NULL, error);
+      if (!tmp_process)
+	goto out;
+      process = tmp_process;
+     }
+   else
+     {
+       g_set_error (error,
+                    POLKIT_ERROR,
+                    POLKIT_ERROR_NOT_SUPPORTED,
+-                   "Cannot get user for subject of type %s",
+                   "Cannot get session for subject of type %s",
+                    g_type_name (G_TYPE_FROM_INSTANCE (subject)));
+     }
+ 
+- out:
+  /* Now do process -> pid -> session */
+  g_assert (process != NULL);
+  pid = polkit_unix_process_get_pid (process);
+ 
+  if (sd_pid_get_session (pid, &session_id) < 0)
+    goto out;
+  
+  session = polkit_unix_session_new (session_id);
+  free (session_id);
+ out:
+  if (tmp_process) g_object_unref (tmp_process);
+   return session;
+ }
+ 
+-- 
+2.0.0
+
--- a/polkit-0.112-systemd-prepare-for-D-Bus-user-bus.patch
+++ b/polkit-0.112-systemd-prepare-for-D-Bus-user-bus.patch
@ -0,0 +1,87 @@
+From a68f5dfd7662767b7b9822090b70bc5bd145c50c Mon Sep 17 00:00:00 2001
+From: Kay Sievers <kay@vrfy.org>
+Date: Mon, 19 May 2014 10:19:49 +0900
+Subject: [PATCH] sessionmonitor-systemd: prepare for D-Bus "user bus" model
+
+In the D-Bus "user bus" model, all sessions of a user share the same
+D-Bus instance, a polkit requesting process might live outside the
+login session which registered the user's polkit agent.
+
+In case a polkit requesting process is not part of the user's login
+session, we ask systemd-logind for the the user's "display" session
+instead.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=78905
+---
+ configure.ac                                       |  4 ++++
+ .../polkitbackendsessionmonitor-systemd.c          | 27 ++++++++++++++++++----
+ 2 files changed, 26 insertions(+), 5 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index a7b0148..e783ea5 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -202,6 +202,10 @@ if test "$enable_libsystemd_login" != "no"; then
+   if test "$have_libsystemd_login" = "yes"; then
+     SESSION_TRACKING=libsystemd-login
+     AC_DEFINE([HAVE_LIBSYSTEMD_LOGIN], 1, [Define to 1 if libsystemd-login is available])
+    save_LIBS=$LIBS
+    LIBS=$LIBSYSTEMD_LOGIN_LIBS
+    AC_CHECK_FUNCS(sd_uid_get_display)
+    LIBS=$save_LIBS
+   else
+     if test "$enable_libsystemd_login" = "yes"; then
+       AC_MSG_ERROR([libsystemd-login support requested but libsystemd-login library not found])
+diff --git a/src/polkitbackend/polkitbackendsessionmonitor-systemd.c b/src/polkitbackend/polkitbackendsessionmonitor-systemd.c
+index 756b728..9995f87 100644
+--- a/src/polkitbackend/polkitbackendsessionmonitor-systemd.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor-systemd.c
+@@ -318,6 +318,9 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni
+   PolkitSubject *session = NULL;
+   char *session_id = NULL;
+   pid_t pid;
+#if HAVE_SD_UID_GET_DISPLAY
+  uid_t uid;
+#endif
+ 
+   if (POLKIT_IS_UNIX_PROCESS (subject))
+     process = POLKIT_UNIX_PROCESS (subject); /* We already have a process */
+@@ -338,16 +341,30 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni
+                    g_type_name (G_TYPE_FROM_INSTANCE (subject)));
+     }
+ 
+-  /* Now do process -> pid -> session */
+  /* Now do process -> pid -> same session */
+   g_assert (process != NULL);
+   pid = polkit_unix_process_get_pid (process);
+ 
+-  if (sd_pid_get_session (pid, &session_id) < 0)
+  if (sd_pid_get_session (pid, &session_id) >= 0)
+    {
+      session = polkit_unix_session_new (session_id);
+      goto out;
+    }
+
+#if HAVE_SD_UID_GET_DISPLAY
+  /* Now do process -> uid -> graphical session (systemd version 213)*/
+  if (sd_pid_get_owner_uid (pid, &uid) < 0)
+     goto out;
+-  
+-  session = polkit_unix_session_new (session_id);
+-  free (session_id);
+
+  if (sd_uid_get_display (uid, &session_id) >= 0)
+    {
+      session = polkit_unix_session_new (session_id);
+      goto out;
+    }
+#endif
+
+  out:
+  free (session_id);
+   if (tmp_process) g_object_unref (tmp_process);
+   return session;
+ }
+-- 
+2.0.0
+
--- a/polkit.spec
+++ b/polkit.spec
@ -1,12 +1,12 @@
 # Only enable if using patches that touches configure.ac,
 # Makefile.am or other build system related files
 #
-%define enable_autoreconf 0
+%define enable_autoreconf 1

 Summary: An authorization framework
 Name: polkit
 Version: 0.112
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: LGPLv2+
 URL: http://www.freedesktop.org/wiki/Software/polkit
 Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
@ -15,6 +15,10 @@ Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.
 Patch0: polkit-0.112-XDG_RUNTIME_DIR.patch
 # https://bugs.freedesktop.org/show_bug.cgi?id=60847
 Patch1: polkit-0.112-PolkitAgentSession-race.patch
+# http://cgit.freedesktop.org/polkit/commit/?id=26d0c0578211fb96fc8fe75572aa11ad6ecbf9b8
+Patch2: polkit-0.112-systemd-Deduplicate-code-paths.patch
+# http://cgit.freedesktop.org/polkit/commit/?id=a68f5dfd7662767b7b9822090b70bc5bd145c50c
+Patch3: polkit-0.112-systemd-prepare-for-D-Bus-user-bus.patch
 Group: System Environment/Libraries
 BuildRequires: glib2-devel >= 2.30.0
 BuildRequires: expat-devel
@ -83,10 +87,12 @@ Development documentation for polkit.
 %setup -q
 %patch0 -p1 -b .XDG_RUNTIME_DIR
 %patch1 -p1 -b .PolkitAgentSession-race
+%patch2 -p1 -b .dbus-user-bus
+%patch3 -p1 -b .session-dedup-code

 %build
 %if 0%{?enable_autoreconf}
-autoreconf
+autoreconf -i
 %endif
 # we can't use _hardened_build here, see
 # https://bugzilla.redhat.com/show_bug.cgi?id=962005
@ -169,6 +175,9 @@ exit 0
 %{_datadir}/gtk-doc

 %changelog
+* Thu Jun  5 2014 Kay Sievers <kay@redhat.com> - 0.112-4
+- backport upstream D-Bus "user bus" changes
+
 * Mon Feb 10 2014 Miloslav Trmač <mitr@redhat.com> - 0.112-3
 - Fix a PolkitAgentSession race condition
  Resolves: #1063193