]> git.pld-linux.org Git - packages/polkit.git/blame - systemd-fallback.patch
projects / packages / polkit.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
up to 0.119 (fixes CVE-2021-3560)
[packages/polkit.git] / systemd-fallback.patch
CommitLineData
b20b0410
AO		 1diff -ruN polkit-0.113.orig/configure.ac polkit-0.113/configure.ac
2--- polkit-0.113.orig/configure.ac 2015-06-19 22:31:02.000000000 +0200
3+++ polkit-0.113/configure.ac 2015-09-26 23:40:21.669982142 +0200
77f30838
JB		 4@@ -200,7 +200,7 @@
5 [have_libsystemd=yes],
6 dnl if libsystemd is not available, fall back to the older libsystemd-login
7 [PKG_CHECK_MODULES([LIBSYSTEMD_LOGIN],
8- [libsystemd-login],
9+ [libsystemd-login libsystemd-daemon],
10 [
11 have_libsystemd=yes
12 LIBSYSTEMD_CFLAGS="$LIBSYSTEMD_LOGIN_CFLAGS"
b20b0410
AO		 13diff -ruN polkit-0.113.orig/src/polkit/Makefile.am polkit-0.113/src/polkit/Makefile.am
14--- polkit-0.113.orig/src/polkit/Makefile.am 2015-06-19 22:31:02.000000000 +0200
15+++ polkit-0.113/src/polkit/Makefile.am 2015-09-26 23:40:21.669982142 +0200
77f30838 16@@ -79,15 +79,7 @@
186114f9
ŁK		 17 polkitimplicitauthorization.c polkitimplicitauthorization.h \
18 polkittemporaryauthorization.c polkittemporaryauthorization.h \
19 polkitpermission.c polkitpermission.h \
20- $(NULL)
21-
77f30838 22-if HAVE_LIBSYSTEMD
186114f9
ŁK		 23-libpolkit_gobject_1_la_SOURCES += \
24- polkitunixsession-systemd.c polkitunixsession.h
25-else
26-libpolkit_gobject_1_la_SOURCES += \
77f30838 27 polkitunixsession.c polkitunixsession.h
186114f9 28-endif
186114f9
ŁK		 29
30 libpolkit_gobject_1_la_CFLAGS = \
31 -D_POLKIT_COMPILATION \
c5786473
JB		 32--- polkit-0.114/src/polkit/polkitunixsession.c.orig 2018-03-23 16:09:30.000000000 +0100
33+++ polkit-0.114/src/polkit/polkitunixsession.c 2018-04-12 19:03:50.775644785 +0200
9c761957
JB		 34@@ -29,6 +29,12 @@
35 #include "polkiterror.h"
36 #include "polkitprivate.h"
37
38+#ifdef HAVE_LIBSYSTEMD
39+# include <stdlib.h>
40+# include <systemd/sd-daemon.h>
41+# include <systemd/sd-login.h>
42+#endif
43+
44 /**
45 * SECTION:polkitunixsession
46 * @title: PolkitUnixSession
c5786473 47@@ -363,35 +369,49 @@ polkit_unix_session_exists_sync (PolkitS
9c761957
JB		 48 {
49 PolkitUnixSession *session = POLKIT_UNIX_SESSION (subject);
50 GDBusConnection *connection;
51- GVariant *result;
52+ GVariant *result = NULL;
53 gboolean ret;
54
55+ connection = NULL;
56 ret = FALSE;
57
58- connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, cancellable, error);
59- if (connection == NULL)
60- goto out;
61+#ifdef HAVE_LIBSYSTEMD
62+ uid_t uid;
63
64- result = g_dbus_connection_call_sync (connection,
65- "org.freedesktop.ConsoleKit", /* name */
66- session->session_id, /* object path */
67- "org.freedesktop.ConsoleKit.Session", /* interface name */
68- "GetUser", /* method */
69- NULL, /* parameters */
70- G_VARIANT_TYPE ("(u)"),
71- G_DBUS_CALL_FLAGS_NONE,
72- -1,
73- cancellable,
74- error);
75- if (result == NULL)
76- goto out;
77+ if (sd_booted () > 0)
78+ {
79+ if (sd_session_get_uid (session->session_id, &uid) == 0)
80+ ret = TRUE;
81+ }
82+ else
83+#endif /* HAVE_LIBSYSTEMD */
84+ {
85+ connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, cancellable, error);
86+ if (connection == NULL)
87+ goto out;
88+
89+ result = g_dbus_connection_call_sync (connection,
90+ "org.freedesktop.ConsoleKit", /* name */
91+ session->session_id, /* object path */
92+ "org.freedesktop.ConsoleKit.Session", /* interface name */
93+ "GetUser", /* method */
94+ NULL, /* parameters */
95+ G_VARIANT_TYPE ("(u)"),
96+ G_DBUS_CALL_FLAGS_NONE,
97+ -1,
98+ cancellable,
99+ error);
100+ if (result == NULL)
101+ goto out;
102
103- ret = TRUE;
104- g_variant_unref (result);
105+ ret = TRUE;
106+ g_variant_unref (result);
107+ }
108
109 out:
110 if (connection != NULL)
111 g_object_unref (connection);
112+
113 return ret;
114 }
115
c5786473 116@@ -474,6 +494,7 @@ polkit_unix_session_initable_init (GInit
9c761957
JB		 117 GVariant *result;
118 gboolean ret;
119
120+ result = NULL;
121 connection = NULL;
122 ret = FALSE;
123
c5786473 124@@ -484,28 +505,65 @@ polkit_unix_session_initable_init (GInit
9c761957
JB		 125 goto out;
126 }
127
128- connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, cancellable, error);
129- if (connection == NULL)
130- goto out;
c5786473
JB		 131+#ifdef HAVE_LIBSYSTEMD
132+ char *s;
133+ uid_t uid;
134+
135+ if (sd_booted () > 0)
136+ {
137+ if (sd_pid_get_session (session->pid, &s) == 0)
138+ {
139+ session->session_id = g_strdup (s);
140+ free (s);
141+ ret = TRUE;
142+ goto out;
143+ }
144+
145+ /* Now do process -> uid -> graphical session (systemd version 213)*/
146+ if (sd_pid_get_owner_uid (session->pid, &uid) < 0)
147+ goto error;
148
9c761957
JB		 149- result = g_dbus_connection_call_sync (connection,
150- "org.freedesktop.ConsoleKit", /* name */
151- "/org/freedesktop/ConsoleKit/Manager", /* object path */
152- "org.freedesktop.ConsoleKit.Manager", /* interface name */
153- "GetSessionForUnixProcess", /* method */
154- g_variant_new ("(u)", session->pid), /* parameters */
155- G_VARIANT_TYPE ("(o)"),
156- G_DBUS_CALL_FLAGS_NONE,
157- -1,
158- cancellable,
159- error);
160- if (result == NULL)
161- goto out;
c5786473 162+ if (sd_uid_get_display (uid, &s) >= 0)
9c761957 163+ {
c5786473
JB		 164+ session->session_id = g_strdup (s);
165+ free (s);
166+ ret = TRUE;
167+ goto out;
168+ }
169
170- g_variant_get (result, "(o)", &session->session_id);
171- g_variant_unref (result);
172+error:
9c761957
JB		 173+ g_set_error (error,
174+ POLKIT_ERROR,
175+ POLKIT_ERROR_FAILED,
176+ "No session for pid %d",
177+ (gint) session->pid);
178+ }
179+ else
180+#endif /* HAVE_LIBSYSTEMD */
181+ {
182+ connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, cancellable, error);
183+ if (connection == NULL)
184+ goto out;
185+
186+ result = g_dbus_connection_call_sync (connection,
187+ "org.freedesktop.ConsoleKit", /* name */
188+ "/org/freedesktop/ConsoleKit/Manager", /* object path */
189+ "org.freedesktop.ConsoleKit.Manager", /* interface name */
190+ "GetSessionForUnixProcess", /* method */
191+ g_variant_new ("(u)", session->pid), /* parameters */
192+ G_VARIANT_TYPE ("(o)"),
193+ G_DBUS_CALL_FLAGS_NONE,
194+ -1,
195+ cancellable,
196+ error);
197+ if (result == NULL)
198+ goto out;
199
c5786473 200- ret = TRUE;
9c761957
JB		 201+ g_variant_get (result, "(o)", &session->session_id);
202+ g_variant_unref (result);
c5786473 203+
9c761957
JB		 204+ ret = TRUE;
205+ }
206
207 out:
208 if (connection != NULL)
c5786473
JB		 209--- polkit-0.114/src/polkit/polkitunixsession-systemd.c.orig 2018-04-12 18:55:30.995650493 +0200
210+++ polkit-0.114/src/polkit/polkitunixsession-systemd.c 1970-01-01 01:00:00.000000000 +0100
211@@ -1,504 +0,0 @@
186114f9
ŁK		 212-/*
213- * Copyright (C) 2011 Red Hat, Inc.
214- *
215- * This library is free software; you can redistribute it and/or
216- * modify it under the terms of the GNU Lesser General Public
217- * License as published by the Free Software Foundation; either
218- * version 2 of the License, or (at your option) any later version.
219- *
220- * This library is distributed in the hope that it will be useful,
221- * but WITHOUT ANY WARRANTY; without even the implied warranty of
222- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
223- * Lesser General Public License for more details.
224- *
225- * You should have received a copy of the GNU Lesser General
226- * Public License along with this library; if not, write to the
227- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
228- * Boston, MA 02111-1307, USA.
229- *
230- * Author: Matthias Clasen
231- */
232-
233-#ifdef HAVE_CONFIG_H
234-# include "config.h"
235-#endif
236-
a7e49982 237-#include <stdlib.h>
186114f9
ŁK		 238-#include <string.h>
239-#include "polkitunixsession.h"
240-#include "polkitsubject.h"
241-#include "polkiterror.h"
242-#include "polkitprivate.h"
243-
244-#include <systemd/sd-login.h>
245-
246-/**
247- * SECTION:polkitunixsession
248- * @title: PolkitUnixSession
249- * @short_description: Unix sessions
250- *
251- * An object that represents an user session.
252- *
253- * The session id is an opaque string obtained from ConsoleKit.
254- */
255-
256-/**
257- * PolkitUnixSession:
258- *
259- * The #PolkitUnixSession struct should not be accessed directly.
260- */
261-struct _PolkitUnixSession
262-{
263- GObject parent_instance;
264-
265- gchar *session_id;
266-
267- gint pid;
268-};
269-
270-struct _PolkitUnixSessionClass
271-{
272- GObjectClass parent_class;
273-};
274-
275-enum
276-{
277- PROP_0,
278- PROP_SESSION_ID,
279- PROP_PID,
280-};
281-
282-static void subject_iface_init (PolkitSubjectIface *subject_iface);
283-static void initable_iface_init (GInitableIface *initable_iface);
284-static void async_initable_iface_init (GAsyncInitableIface *async_initable_iface);
285-
286-G_DEFINE_TYPE_WITH_CODE (PolkitUnixSession, polkit_unix_session, G_TYPE_OBJECT,
287- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
288- G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE, initable_iface_init)
289- G_IMPLEMENT_INTERFACE (G_TYPE_ASYNC_INITABLE, async_initable_iface_init)
290- );
291-
292-static void
293-polkit_unix_session_init (PolkitUnixSession *session)
294-{
295-}
296-
297-static void
298-polkit_unix_session_finalize (GObject *object)
299-{
300- PolkitUnixSession *session = POLKIT_UNIX_SESSION (object);
301-
302- g_free (session->session_id);
303-
304- if (G_OBJECT_CLASS (polkit_unix_session_parent_class)->finalize != NULL)
305- G_OBJECT_CLASS (polkit_unix_session_parent_class)->finalize (object);
306-}
307-
308-static void
309-polkit_unix_session_get_property (GObject *object,
310- guint prop_id,
311- GValue *value,
312- GParamSpec *pspec)
313-{
314- PolkitUnixSession *session = POLKIT_UNIX_SESSION (object);
315-
316- switch (prop_id)
317- {
318- case PROP_SESSION_ID:
319- g_value_set_string (value, session->session_id);
320- break;
321-
322- default:
323- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
324- break;
325- }
326-}
327-
328-static void
329-polkit_unix_session_set_property (GObject *object,
330- guint prop_id,
331- const GValue *value,
332- GParamSpec *pspec)
333-{
334- PolkitUnixSession *session = POLKIT_UNIX_SESSION (object);
335-
336- switch (prop_id)
337- {
338- case PROP_SESSION_ID:
339- polkit_unix_session_set_session_id (session, g_value_get_string (value));
340- break;
341-
342- case PROP_PID:
343- session->pid = g_value_get_int (value);
344- break;
345-
346- default:
347- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
348- break;
349- }
350-}
351-
352-static void
353-polkit_unix_session_class_init (PolkitUnixSessionClass *klass)
354-{
355- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
356-
357- gobject_class->finalize = polkit_unix_session_finalize;
358- gobject_class->get_property = polkit_unix_session_get_property;
359- gobject_class->set_property = polkit_unix_session_set_property;
360-
361- /**
362- * PolkitUnixSession:session-id:
363- *
364- * The UNIX session id.
365- */
366- g_object_class_install_property (gobject_class,
367- PROP_SESSION_ID,
368- g_param_spec_string ("session-id",
369- "Session ID",
370- "The UNIX session ID",
371- NULL,
372- G_PARAM_CONSTRUCT |
373- G_PARAM_READWRITE |
374- G_PARAM_STATIC_NAME |
375- G_PARAM_STATIC_BLURB |
376- G_PARAM_STATIC_NICK));
377-
378-
379- /**
380- * PolkitUnixSession:pid:
381- *
382- * The UNIX process id to look up the session.
383- */
384- g_object_class_install_property (gobject_class,
385- PROP_PID,
386- g_param_spec_int ("pid",
387- "Process ID",
388- "Process ID to use for looking up the session",
389- 0,
390- G_MAXINT,
391- 0,
392- G_PARAM_CONSTRUCT_ONLY |
393- G_PARAM_WRITABLE |
394- G_PARAM_STATIC_NAME |
395- G_PARAM_STATIC_BLURB |
396- G_PARAM_STATIC_NICK));
397-
398-}
399-
400-/**
401- * polkit_unix_session_get_session_id:
402- * @session: A #PolkitUnixSession.
403- *
404- * Gets the session id for @session.
405- *
406- * Returns: The session id for @session. Do not free this string, it
407- * is owned by @session.
408- **/
409-const gchar *
410-polkit_unix_session_get_session_id (PolkitUnixSession *session)
411-{
412- g_return_val_if_fail (POLKIT_IS_UNIX_SESSION (session), NULL);
413- return session->session_id;
414-}
415-
416-/**
417- * polkit_unix_session_set_session_id:
418- * @session: A #PolkitUnixSession.
419- * @session_id: The session id.
420- *
421- * Sets the session id for @session to @session_id.
422- **/
423-void
424-polkit_unix_session_set_session_id (PolkitUnixSession *session,
425- const gchar *session_id)
426-{
427- g_return_if_fail (POLKIT_IS_UNIX_SESSION (session));
428- /*g_return_if_fail (session_id != NULL);*/
429- g_free (session->session_id);
430- session->session_id = g_strdup (session_id);
431-}
432-
433-/**
434- * polkit_unix_session_new:
435- * @session_id: The session id.
436- *
437- * Creates a new #PolkitUnixSession for @session_id.
438- *
439- * Returns: (transfer full): A #PolkitUnixSession. Free with g_object_unref().
440- **/
441-PolkitSubject *
442-polkit_unix_session_new (const gchar *session_id)
443-{
444- return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_SESSION,
445- "session-id", session_id,
446- NULL));
447-}
448-
449-/**
450- * polkit_unix_session_new_for_process:
451- * @pid: The process id of the process to get the session for.
452- * @cancellable: (allow-none): A #GCancellable or %NULL.
453- * @callback: A #GAsyncReadyCallback to call when the request is satisfied
454- * @user_data: The data to pass to @callback.
455- *
456- * Asynchronously creates a new #PolkitUnixSession object for the
457- * process with process id @pid.
458- *
459- * When the operation is finished, @callback will be invoked in the
460- * <link linkend="g-main-context-push-thread-default">thread-default
461- * main loop</link> of the thread you are calling this method
462- * from. You can then call
463- * polkit_unix_session_new_for_process_finish() to get the result of
464- * the operation.
465- *
466- * This method constructs the object asynchronously, for the synchronous and blocking version
467- * use polkit_unix_session_new_for_process_sync().
468- **/
469-void
470-polkit_unix_session_new_for_process (gint pid,
471- GCancellable *cancellable,
472- GAsyncReadyCallback callback,
473- gpointer user_data)
474-{
475- g_async_initable_new_async (POLKIT_TYPE_UNIX_SESSION,
476- G_PRIORITY_DEFAULT,
477- cancellable,
478- callback,
479- user_data,
480- "pid", pid,
481- NULL);
482-}
483-
484-/**
485- * polkit_unix_session_new_for_process_finish:
486- * @res: A #GAsyncResult obtained from the #GAsyncReadyCallback passed to polkit_unix_session_new_for_process().
487- * @error: (allow-none): Return location for error.
488- *
489- * Finishes constructing a #PolkitSubject for a process id.
490- *
491- * Returns: (transfer full) (allow-none): A #PolkitUnixSession for the @pid passed to
492- * polkit_unix_session_new_for_process() or %NULL if @error is
493- * set. Free with g_object_unref().
494- **/
495-PolkitSubject *
496-polkit_unix_session_new_for_process_finish (GAsyncResult *res,
497- GError **error)
498-{
499- GObject *object;
500- GObject *source_object;
501-
502- source_object = g_async_result_get_source_object (res);
503- g_assert (source_object != NULL);
504-
505- object = g_async_initable_new_finish (G_ASYNC_INITABLE (source_object),
506- res,
507- error);
508- g_object_unref (source_object);
509-
510- if (object != NULL)
511- return POLKIT_SUBJECT (object);
512- else
513- return NULL;
514-}
515-
516-
517-/**
518- * polkit_unix_session_new_for_process_sync:
519- * @pid: The process id of the process to get the session for.
520- * @cancellable: (allow-none): A #GCancellable or %NULL.
521- * @error: (allow-none): Return location for error.
522- *
523- * Creates a new #PolkitUnixSession for the process with process id @pid.
524- *
525- * This is a synchronous call - the calling thread is blocked until a
526- * reply is received. For the asynchronous version, see
527- * polkit_unix_session_new_for_process().
528- *
529- * Returns: (allow-none) (transfer full): A #PolkitUnixSession for
530- * @pid or %NULL if @error is set. Free with g_object_unref().
531- **/
532-PolkitSubject *
533-polkit_unix_session_new_for_process_sync (gint pid,
534- GCancellable *cancellable,
535- GError **error)
536-{
537- return POLKIT_SUBJECT (g_initable_new (POLKIT_TYPE_UNIX_SESSION,
538- cancellable,
539- error,
540- "pid", pid,
541- NULL));
542-}
543-
544-static guint
545-polkit_unix_session_hash (PolkitSubject *subject)
546-{
547- PolkitUnixSession *session = POLKIT_UNIX_SESSION (subject);
548-
549- return g_str_hash (session->session_id);
550-}
551-
552-static gboolean
553-polkit_unix_session_equal (PolkitSubject *a,
554- PolkitSubject *b)
555-{
556- PolkitUnixSession *session_a;
557- PolkitUnixSession *session_b;
558-
559- session_a = POLKIT_UNIX_SESSION (a);
560- session_b = POLKIT_UNIX_SESSION (b);
561-
562- return g_strcmp0 (session_a->session_id, session_b->session_id) == 0;
563-}
564-
565-static gchar *
566-polkit_unix_session_to_string (PolkitSubject *subject)
567-{
568- PolkitUnixSession *session = POLKIT_UNIX_SESSION (subject);
569-
570- return g_strdup_printf ("unix-session:%s", session->session_id);
571-}
572-
573-static gboolean
574-polkit_unix_session_exists_sync (PolkitSubject *subject,
a7e49982
MB		 575- GCancellable *cancellable,
576- GError **error)
186114f9
ŁK		 577-{
578- PolkitUnixSession *session = POLKIT_UNIX_SESSION (subject);
a7e49982 579- gboolean ret = FALSE;
186114f9
ŁK		 580- uid_t uid;
581-
a7e49982
MB		 582- if (sd_session_get_uid (session->session_id, &uid) == 0)
583- ret = TRUE;
186114f9
ŁK		 584-
585- return ret;
586-}
587-
588-static void
589-exists_in_thread_func (GSimpleAsyncResult *res,
590- GObject *object,
591- GCancellable *cancellable)
592-{
593- GError *error;
594- error = NULL;
595- if (!polkit_unix_session_exists_sync (POLKIT_SUBJECT (object),
596- cancellable,
597- &error))
598- {
599- g_simple_async_result_set_from_error (res, error);
600- g_error_free (error);
601- }
602-}
603-
604-static void
605-polkit_unix_session_exists (PolkitSubject *subject,
606- GCancellable *cancellable,
607- GAsyncReadyCallback callback,
608- gpointer user_data)
609-{
610- GSimpleAsyncResult *simple;
611-
612- g_return_if_fail (POLKIT_IS_UNIX_SESSION (subject));
613-
614- simple = g_simple_async_result_new (G_OBJECT (subject),
615- callback,
616- user_data,
617- polkit_unix_session_exists);
618- g_simple_async_result_run_in_thread (simple,
619- exists_in_thread_func,
620- G_PRIORITY_DEFAULT,
621- cancellable);
622- g_object_unref (simple);
623-}
624-
625-static gboolean
626-polkit_unix_session_exists_finish (PolkitSubject *subject,
627- GAsyncResult *res,
628- GError **error)
629-{
630- GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (res);
631- gboolean ret;
632-
633- g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_unix_session_exists);
634-
635- ret = FALSE;
636-
637- if (g_simple_async_result_propagate_error (simple, error))
638- goto out;
639-
640- ret = g_simple_async_result_get_op_res_gboolean (simple);
641-
642- out:
643- return ret;
644-}
645-
646-static void
647-subject_iface_init (PolkitSubjectIface *subject_iface)
648-{
649- subject_iface->hash = polkit_unix_session_hash;
650- subject_iface->equal = polkit_unix_session_equal;
651- subject_iface->to_string = polkit_unix_session_to_string;
652- subject_iface->exists = polkit_unix_session_exists;
653- subject_iface->exists_finish = polkit_unix_session_exists_finish;
654- subject_iface->exists_sync = polkit_unix_session_exists_sync;
655-}
656-
657-static gboolean
658-polkit_unix_session_initable_init (GInitable *initable,
659- GCancellable *cancellable,
660- GError **error)
661-{
662- PolkitUnixSession *session = POLKIT_UNIX_SESSION (initable);
a7e49982
MB		 663- gboolean ret = FALSE;
664- char *s;
c5786473 665- uid_t uid;
186114f9
ŁK		 666-
667- if (session->session_id != NULL)
668- {
669- /* already set, nothing to do */
670- ret = TRUE;
671- goto out;
672- }
673-
a7e49982
MB		 674- if (sd_pid_get_session (session->pid, &s) == 0)
675- {
676- session->session_id = g_strdup (s);
677- free (s);
678- ret = TRUE;
679- goto out;
680- }
681-
c5786473
JB		 682- /* Now do process -> uid -> graphical session (systemd version 213)*/
683- if (sd_pid_get_owner_uid (session->pid, &uid) < 0)
684- goto error;
685-
686- if (sd_uid_get_display (uid, &s) >= 0)
687- {
688- session->session_id = g_strdup (s);
689- free (s);
690- ret = TRUE;
691- goto out;
692- }
693-
694-error:
a7e49982
MB		 695- g_set_error (error,
696- POLKIT_ERROR,
697- POLKIT_ERROR_FAILED,
698- "No session for pid %d",
699- (gint) session->pid);
186114f9
ŁK		 700-
701-out:
702- return ret;
703-}
704-
705-static void
706-initable_iface_init (GInitableIface *initable_iface)
707-{
708- initable_iface->init = polkit_unix_session_initable_init;
709-}
710-
711-static void
712-async_initable_iface_init (GAsyncInitableIface *async_initable_iface)
713-{
714- /* use default implementation to run GInitable code in a thread */
715-}
9c761957
JB		 716diff -ruN polkit-0.113.orig/src/polkitbackend/Makefile.am polkit-0.113/src/polkitbackend/Makefile.am
717--- polkit-0.113.orig/src/polkitbackend/Makefile.am 2015-06-19 22:31:02.000000000 +0200
718+++ polkit-0.113/src/polkitbackend/Makefile.am 2015-09-26 23:40:21.674982125 +0200
719@@ -36,15 +36,7 @@
15c70c7c 720 polkitbackendjsauthority.h polkitbackendjsauthority.cpp \
9c761957 721 polkitbackendactionpool.h polkitbackendactionpool.c \
9c761957
JB		 722 polkitbackendactionlookup.h polkitbackendactionlookup.c \
723- $(NULL)
724-
725-if HAVE_LIBSYSTEMD
726-libpolkit_backend_1_la_SOURCES += \
727- polkitbackendsessionmonitor.h polkitbackendsessionmonitor-systemd.c
728-else
729-libpolkit_backend_1_la_SOURCES += \
730 polkitbackendsessionmonitor.h polkitbackendsessionmonitor.c
731-endif
732
733 libpolkit_backend_1_la_CFLAGS = \
734 -D_POLKIT_COMPILATION \
c5786473
JB		 735--- polkit-0.114.orig/src/polkitbackend/polkitbackendjsauthority.cpp 2015-06-19 22:39:58.000000000 +0200
736+++ polkit-0.114/src/polkitbackend/polkitbackendjsauthority.cpp 2015-09-26 23:40:21.674982125 +0200
9c761957
JB		 737@@ -36,6 +36,7 @@
738 #include <polkit/polkitprivate.h>
739
740 #ifdef HAVE_LIBSYSTEMD
741+#include <systemd/sd-daemon.h>
742 #include <systemd/sd-login.h>
743 #endif /* HAVE_LIBSYSTEMD */
744
745@@ -794,6 +795,8 @@
746 }
747
748 #ifdef HAVE_LIBSYSTEMD
749+ if (sd_booted () > 0)
750+ {
751 if (sd_pid_get_session (pid, &session_str) == 0)
752 {
753 if (sd_session_get_seat (session_str, &seat_str) == 0)
754@@ -801,6 +804,7 @@
755 /* do nothing */
756 }
757 }
758+ }
759 #endif /* HAVE_LIBSYSTEMD */
760
761 g_assert (POLKIT_IS_UNIX_USER (user_for_subject));
4e85edc6
JB		 762--- polkit-0.115/src/polkitbackend/polkitbackendsessionmonitor.c.orig 2018-06-26 15:17:52.000000000 +0200
763+++ polkit-0.115/src/polkitbackend/polkitbackendsessionmonitor.c 2018-09-29 10:42:52.104190929 +0200
9c761957
JB		 764@@ -26,6 +26,12 @@
765 #include <string.h>
766 #include <glib/gstdio.h>
186114f9 767
77f30838 768+#ifdef HAVE_LIBSYSTEMD
a7e49982 769+# include <stdlib.h>
186114f9
ŁK		 770+# include <systemd/sd-daemon.h>
771+# include <systemd/sd-login.h>
9c761957 772+#endif /* HAVE_LIBSYSTEMD */
186114f9 773+
9c761957 774 #include <polkit/polkit.h>
4e85edc6 775 #include <polkit/polkitprivate.h>
9c761957 776 #include "polkitbackendsessionmonitor.h"
4e85edc6 777@@ -40,6 +46,88 @@
9c761957
JB		 778 * The #PolkitBackendSessionMonitor class is a utility class to track and monitor sessions.
779 */
186114f9 780
77f30838 781+#ifdef HAVE_LIBSYSTEMD
9c761957
JB		 782+typedef struct
783+{
784+ GSource source;
785+ GPollFD pollfd;
786+ sd_login_monitor *monitor;
787+} SdSource;
788+
789+static gboolean
790+sd_source_prepare (GSource *source,
791+ gint *timeout)
792+{
793+ *timeout = -1;
794+ return FALSE;
795+}
796+
797+static gboolean
798+sd_source_check (GSource *source)
799+{
800+ SdSource *sd_source = (SdSource *)source;
801+
802+ return sd_source->pollfd.revents != 0;
803+}
804+
805+static gboolean
806+sd_source_dispatch (GSource *source,
807+ GSourceFunc callback,
808+ gpointer user_data)
809+
810+{
811+ SdSource *sd_source = (SdSource *)source;
812+ gboolean ret;
813+
814+ g_warn_if_fail (callback != NULL);
815+
816+ ret = (*callback) (user_data);
817+
818+ sd_login_monitor_flush (sd_source->monitor);
819+
820+ return ret;
821+}
822+
823+static void
824+sd_source_finalize (GSource *source)
825+{
826+ SdSource *sd_source = (SdSource*)source;
827+
828+ sd_login_monitor_unref (sd_source->monitor);
829+}
830+
831+static GSourceFuncs sd_source_funcs = {
832+ sd_source_prepare,
833+ sd_source_check,
834+ sd_source_dispatch,
835+ sd_source_finalize
836+};
837+
838+static GSource *
839+sd_source_new (void)
840+{
841+ GSource *source;
842+ SdSource *sd_source;
843+ int ret;
844+
845+ source = g_source_new (&sd_source_funcs, sizeof (SdSource));
846+ sd_source = (SdSource *)source;
847+
848+ if ((ret = sd_login_monitor_new (NULL, &sd_source->monitor)) < 0)
186114f9 849+ {
9c761957 850+ g_printerr ("Error getting login monitor: %d", ret);
186114f9
ŁK		 851+ }
852+ else
b20b0410 853+ {
9c761957
JB		 854+ sd_source->pollfd.fd = sd_login_monitor_get_fd (sd_source->monitor);
855+ sd_source->pollfd.events = G_IO_IN;
856+ g_source_add_poll (source, &sd_source->pollfd);
b20b0410 857+ }
a7e49982 858+
9c761957
JB		 859+ return source;
860+}
861+#endif /* HAVE_LIBSYSTEMD */
862+
863 struct _PolkitBackendSessionMonitor
864 {
865 GObject parent_instance;
4e85edc6 866@@ -49,6 +137,10 @@
9c761957
JB		 867 GKeyFile *database;
868 GFileMonitor *database_monitor;
869 time_t database_mtime;
870+
871+#ifdef HAVE_LIBSYSTEMD
872+ GSource *sd_source;
873+#endif /* HAVE_LIBSYSTEMD */
874 };
186114f9 875
9c761957 876 struct _PolkitBackendSessionMonitorClass
4e85edc6 877@@ -71,6 +163,18 @@
a7e49982 878
9c761957 879 /* ---------------------------------------------------------------------------------------------------- */
186114f9 880
9c761957
JB		 881+#ifdef HAVE_LIBSYSTEMD
882+static gboolean
883+sessions_changed (gpointer user_data)
884+{
885+ PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
886+
887+ g_signal_emit (monitor, signals[CHANGED_SIGNAL], 0);
888+
889+ return TRUE;
890+}
891+#endif /* HAVE_LIBSYSTEMD */
892+
893 static gboolean
894 reload_database (PolkitBackendSessionMonitor *monitor,
895 GError **error)
4e85edc6 896@@ -177,31 +281,47 @@
9c761957 897 g_error_free (error);
186114f9
ŁK		 898 }
899
9c761957
JB		 900- error = NULL;
901- if (!ensure_database (monitor, &error))
77f30838 902+#ifdef HAVE_LIBSYSTEMD
9c761957
JB		 903+ monitor->sd_source = NULL;
904+
186114f9 905+ if (sd_booted () > 0)
9c761957
JB		 906 {
907- g_printerr ("Error loading " CKDB_PATH ": %s", error->message);
908- g_error_free (error);
909+ monitor->sd_source = sd_source_new ();
910+ g_source_set_callback (monitor->sd_source, sessions_changed, monitor, NULL);
911+ g_source_attach (monitor->sd_source, NULL);
a7e49982 912+
9c761957
JB		 913+ monitor->database_monitor = NULL;
914+ monitor->database = NULL;
915 }
a7e49982 916+ else
77f30838 917+#endif /* HAVE_LIBSYSTEMD */
a7e49982 918+ {
9c761957
JB		 919+ error = NULL;
920+ if (!ensure_database (monitor, &error))
921+ {
922+ g_printerr ("Error loading " CKDB_PATH ": %s", error->message);
923+ g_error_free (error);
924+ }
186114f9 925
9c761957
JB		 926- error = NULL;
927- file = g_file_new_for_path (CKDB_PATH);
928- monitor->database_monitor = g_file_monitor_file (file,
929+ error = NULL;
930+ file = g_file_new_for_path (CKDB_PATH);
931+ monitor->database_monitor = g_file_monitor_file (file,
932 G_FILE_MONITOR_NONE,
933 NULL,
934 &error);
935- g_object_unref (file);
936- if (monitor->database_monitor == NULL)
937- {
938- g_printerr ("Error monitoring " CKDB_PATH ": %s", error->message);
939- g_error_free (error);
940- }
941- else
942- {
943- g_signal_connect (monitor->database_monitor,
944- "changed",
945- G_CALLBACK (on_file_monitor_changed),
946- monitor);
947+ g_object_unref (file);
948+ if (monitor->database_monitor == NULL)
949+ {
950+ g_printerr ("Error monitoring " CKDB_PATH ": %s", error->message);
951+ g_error_free (error);
952+ }
953+ else
954+ {
955+ g_signal_connect (monitor->database_monitor,
956+ "changed",
957+ G_CALLBACK (on_file_monitor_changed),
958+ monitor);
959+ }
960 }
961 }
186114f9 962
4e85edc6 963@@ -219,6 +339,12 @@
9c761957
JB		 964 if (monitor->database != NULL)
965 g_key_file_free (monitor->database);
b20b0410 966
9c761957
JB		 967+ if (monitor->sd_source != NULL)
968+ {
969+ g_source_destroy (monitor->sd_source);
970+ g_source_unref (monitor->sd_source);
971+ }
972+
973 if (G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize != NULL)
974 G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize (object);
975 }
4e85edc6 976@@ -332,6 +458,26 @@
77f30838 977 }
9c761957 978 else if (POLKIT_IS_UNIX_SESSION (subject))
77f30838 979 {
9c761957
JB		 980+#ifdef HAVE_LIBSYSTEMD
981+ if (monitor->sd_source != NULL)
4e85edc6
JB		 982+ {
983+ uid_t uid;
984+
985+ if (sd_session_get_uid (polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (subject)), &uid) < 0)
986+ {
987+ g_set_error (error,
988+ POLKIT_ERROR,
989+ POLKIT_ERROR_FAILED,
990+ "Error getting uid for session");
991+ goto out;
992+ }
993+
994+ ret = polkit_unix_user_new (uid);
995+ matches = TRUE;
996+ }
9c761957
JB		 997+ else
998+#endif /* HAVE_LIBSYSTEMD */
4e85edc6
JB		 999+ {
1000 gint uid;
1001 gchar *group;
1002
1003@@ -354,6 +500,7 @@
9c761957
JB		 1004
1005 ret = polkit_unix_user_new (uid);
4e85edc6
JB		 1006 matches = TRUE;
1007+ }
9c761957 1008 }
4e85edc6
JB		 1009
1010 out:
1011@@ -379,35 +526,26 @@
9c761957
JB		 1012 PolkitSubject *subject,
1013 GError **error)
1014 {
1015- PolkitSubject *session;
186114f9 1016-
9c761957
JB		 1017- session = NULL;
1018+ PolkitSubject *session = NULL;
1019+ pid_t pid;
1020
1021 if (POLKIT_IS_UNIX_PROCESS (subject))
186114f9 1022- {
9c761957
JB		 1023- const gchar *session_id;
1024- GVariant *result;
1025- result = g_dbus_connection_call_sync (monitor->system_bus,
1026- "org.freedesktop.ConsoleKit",
1027- "/org/freedesktop/ConsoleKit/Manager",
1028- "org.freedesktop.ConsoleKit.Manager",
1029- "GetSessionForUnixProcess",
1030- g_variant_new ("(u)", polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject))),
1031- G_VARIANT_TYPE ("(o)"),
1032- G_DBUS_CALL_FLAGS_NONE,
1033- -1, /* timeout_msec */
1034- NULL, /* GCancellable */
1035- error);
1036- if (result == NULL)
1037- goto out;
1038- g_variant_get (result, "(&o)", &session_id);
1039- session = polkit_unix_session_new (session_id);
1040- g_variant_unref (result);
1041+ { /* We already have a process; now do process -> pid */
1042+ pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject));
1043 }
1044 else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
1045- {
1046- guint32 pid;
1047- const gchar *session_id;
1048+ { /* Convert bus name to process / pid */
1049+#ifdef HAVE_LIBSYSTEMD
1050+ if (monitor->sd_source != NULL)
1051+ {
1052+ PolkitUnixProcess *process = (PolkitUnixProcess*)polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME(subject), NULL, error);
1053+ if (!process)
1054+ goto out;
1055+ pid = polkit_unix_process_get_pid (process);
1056+ g_object_unref (process);
1057+ } else
1058+#endif
1059+ {
1060 GVariant *result;
1061
1062 result = g_dbus_connection_call_sync (monitor->system_bus,
4e85edc6 1063@@ -425,23 +563,7 @@
9c761957
JB		 1064 goto out;
1065 g_variant_get (result, "(u)", &pid);
1066 g_variant_unref (result);
186114f9 1067-
9c761957
JB		 1068- result = g_dbus_connection_call_sync (monitor->system_bus,
1069- "org.freedesktop.ConsoleKit",
1070- "/org/freedesktop/ConsoleKit/Manager",
1071- "org.freedesktop.ConsoleKit.Manager",
1072- "GetSessionForUnixProcess",
1073- g_variant_new ("(u)", pid),
1074- G_VARIANT_TYPE ("(o)"),
1075- G_DBUS_CALL_FLAGS_NONE,
1076- -1, /* timeout_msec */
1077- NULL, /* GCancellable */
1078- error);
1079- if (result == NULL)
1080- goto out;
1081- g_variant_get (result, "(&o)", &session_id);
1082- session = polkit_unix_session_new (session_id);
1083- g_variant_unref (result);
1084+ }
1085 }
1086 else
1087 {
4e85edc6 1088@@ -450,8 +572,57 @@
9c761957
JB		 1089 POLKIT_ERROR_NOT_SUPPORTED,
1090 "Cannot get user for subject of type %s",
1091 g_type_name (G_TYPE_FROM_INSTANCE (subject)));
1092+ goto out;
1093 }
1094
1095+ /* Now do pid -> same session */
1096+#ifdef HAVE_LIBSYSTEMD
1097+ if (monitor->sd_source != NULL)
1098+ {
1099+ gchar *session_id;
1100+ if (sd_pid_get_session (pid, &session_id) >= 0)
1101+ {
1102+ session = polkit_unix_session_new (session_id);
1103+ free (session_id);
1104+ goto out;
1105+ }
1106+#if HAVE_SD_UID_GET_DISPLAY
1107+ uid_t uid;
1108+ /* Now do pid -> uid -> graphical session (systemd version 213)*/
1109+ if (sd_pid_get_owner_uid (pid, &uid) < 0)
1110+ goto out;
1111+
1112+ if (sd_uid_get_display (uid, &session_id) >= 0)
1113+ {
1114+ session = polkit_unix_session_new (session_id);
1115+ free (session_id);
1116+ goto out;
1117+ }
1118+#endif
1119+ }
1120+ else
1121+#endif /* HAVE_LIBSYSTEMD */
1122+ {
1123+ gchar *session_id;
1124+ GVariant *result;
1125+ result = g_dbus_connection_call_sync (monitor->system_bus,
1126+ "org.freedesktop.ConsoleKit",
1127+ "/org/freedesktop/ConsoleKit/Manager",
1128+ "org.freedesktop.ConsoleKit.Manager",
1129+ "GetSessionForUnixProcess",
1130+ g_variant_new ("(u)", pid),
1131+ G_VARIANT_TYPE ("(o)"),
1132+ G_DBUS_CALL_FLAGS_NONE,
1133+ -1, /* timeout_msec */
1134+ NULL, /* GCancellable */
1135+ error);
1136+ if (result == NULL)
1137+ goto out;
1138+ g_variant_get (result, "(&o)", &session_id);
1139+ session = polkit_unix_session_new (session_id);
1140+ g_variant_unref (result);
1141+ }
1142+
1143 out:
1144
1145 return session;
4e85edc6 1146@@ -502,7 +673,22 @@
9c761957
JB		 1147 polkit_backend_session_monitor_is_session_local (PolkitBackendSessionMonitor *monitor,
1148 PolkitSubject *session)
1149 {
1150- return get_boolean (monitor, session, "is_local");
1151+#ifdef HAVE_LIBSYSTEMD
1152+ if (monitor->sd_source != NULL)
1153+ {
1154+ char *seat;
1155+
1156+ if (!sd_session_get_seat (polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session)), &seat))
1157+ {
1158+ free (seat);
1159+ return TRUE;
1160+ }
1161+
1162+ return FALSE;
1163+ }
1164+ else
1165+#endif /* HAVE_LIBSYSTEMD */
1166+ return get_boolean (monitor, session, "is_local");
1167 }
1168
1169
4e85edc6 1170@@ -510,6 +696,44 @@
9c761957
JB		 1171 polkit_backend_session_monitor_is_session_active (PolkitBackendSessionMonitor *monitor,
1172 PolkitSubject *session)
1173 {
1174- return get_boolean (monitor, session, "is_active");
1175+#ifdef HAVE_LIBSYSTEMD
1176+ if (monitor->sd_source != NULL)
1177+ {
1178+ const char *session_id;
1179+ char *state;
1180+ uid_t uid;
1181+ gboolean is_active = FALSE;
1182+
1183+ session_id = polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session));
1184+
1185+ g_debug ("Checking whether session %s is active.", session_id);
1186+
1187+ /* Check whether *any* of the user's current sessions are active. */
1188+ if (sd_session_get_uid (session_id, &uid) < 0)
1189+ goto fallback;
1190+
1191+ g_debug ("Session %s has UID %u.", session_id, uid);
1192+
1193+ if (sd_uid_get_state (uid, &state) < 0)
1194+ goto fallback;
1195+
1196+ g_debug ("UID %u has state %s.", uid, state);
1197+
1198+ is_active = (g_strcmp0 (state, "active") == 0);
1199+ free (state);
1200+
1201+ return is_active;
1202+
1203+fallback:
1204+ /* Fall back to checking the session. This is not ideal, since the user
1205+ * might have multiple sessions, and we cannot guarantee to have chosen
1206+ * the active one.
1207+ *
1208+ * See: https://bugs.freedesktop.org/show_bug.cgi?id=76358. */
1209+ return sd_session_is_active (session_id);
1210+ }
1211+ else
1212+#endif /* HAVE_LIBSYSTEMD */
1213+ return get_boolean (monitor, session, "is_active");
1214 }
1215
4e85edc6
JB		 1216--- polkit-0.115/src/polkitbackend/polkitbackendsessionmonitor-systemd.c.orig 2018-09-29 09:48:19.240894967 +0200
1217+++ polkit-0.115/src/polkitbackend/polkitbackendsessionmonitor-systemd.c 1970-01-01 01:00:00.000000000 +0100
1218@@ -1,455 +0,0 @@
9c761957
JB		 1219-/*
1220- * Copyright (C) 2011 Red Hat, Inc.
1221- *
1222- * This library is free software; you can redistribute it and/or
1223- * modify it under the terms of the GNU Lesser General Public
1224- * License as published by the Free Software Foundation; either
1225- * version 2 of the License, or (at your option) any later version.
1226- *
1227- * This library is distributed in the hope that it will be useful,
1228- * but WITHOUT ANY WARRANTY; without even the implied warranty of
1229- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1230- * Lesser General Public License for more details.
1231- *
1232- * You should have received a copy of the GNU Lesser General
1233- * Public License along with this library; if not, write to the
1234- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
1235- * Boston, MA 02111-1307, USA.
1236- *
1237- * Author: Matthias Clasen
1238- */
186114f9 1239-
9c761957
JB		 1240-#include "config.h"
1241-#include <errno.h>
1242-#include <pwd.h>
1243-#include <grp.h>
1244-#include <string.h>
1245-#include <glib/gstdio.h>
1246-#include <systemd/sd-login.h>
1247-#include <stdlib.h>
186114f9 1248-
9c761957 1249-#include <polkit/polkit.h>
4e85edc6 1250-#include <polkit/polkitprivate.h>
9c761957 1251-#include "polkitbackendsessionmonitor.h"
186114f9 1252-
9c761957
JB		 1253-/* <internal>
1254- * SECTION:polkitbackendsessionmonitor
1255- * @title: PolkitBackendSessionMonitor
1256- * @short_description: Monitor sessions
1257- *
1258- * The #PolkitBackendSessionMonitor class is a utility class to track and monitor sessions.
1259- */
186114f9 1260-
9c761957
JB		 1261-typedef struct
1262-{
1263- GSource source;
1264- GPollFD pollfd;
1265- sd_login_monitor *monitor;
1266-} SdSource;
186114f9
ŁK		 1267-
1268-static gboolean
9c761957
JB		 1269-sd_source_prepare (GSource *source,
1270- gint *timeout)
186114f9 1271-{
9c761957
JB		 1272- *timeout = -1;
1273- return FALSE;
1274-}
1275-
1276-static gboolean
1277-sd_source_check (GSource *source)
1278-{
1279- SdSource *sd_source = (SdSource *)source;
1280-
1281- return sd_source->pollfd.revents != 0;
1282-}
1283-
1284-static gboolean
1285-sd_source_dispatch (GSource *source,
1286- GSourceFunc callback,
1287- gpointer user_data)
1288-
1289-{
1290- SdSource *sd_source = (SdSource *)source;
1291- gboolean ret;
1292-
1293- g_warn_if_fail (callback != NULL);
1294-
1295- ret = (*callback) (user_data);
1296-
1297- sd_login_monitor_flush (sd_source->monitor);
1298-
1299- return ret;
1300-}
1301-
1302-static void
1303-sd_source_finalize (GSource *source)
1304-{
1305- SdSource *sd_source = (SdSource*)source;
1306-
1307- sd_login_monitor_unref (sd_source->monitor);
1308-}
1309-
1310-static GSourceFuncs sd_source_funcs = {
1311- sd_source_prepare,
1312- sd_source_check,
1313- sd_source_dispatch,
1314- sd_source_finalize
1315-};
1316-
1317-static GSource *
1318-sd_source_new (void)
1319-{
1320- GSource *source;
1321- SdSource *sd_source;
1322- int ret;
1323-
1324- source = g_source_new (&sd_source_funcs, sizeof (SdSource));
1325- sd_source = (SdSource *)source;
1326-
1327- if ((ret = sd_login_monitor_new (NULL, &sd_source->monitor)) < 0)
1328- {
1329- g_printerr ("Error getting login monitor: %d", ret);
1330- }
1331- else
1332- {
1333- sd_source->pollfd.fd = sd_login_monitor_get_fd (sd_source->monitor);
1334- sd_source->pollfd.events = G_IO_IN;
1335- g_source_add_poll (source, &sd_source->pollfd);
1336- }
1337-
1338- return source;
1339-}
1340-
1341-struct _PolkitBackendSessionMonitor
1342-{
1343- GObject parent_instance;
1344-
1345- GDBusConnection *system_bus;
1346-
1347- GSource *sd_source;
1348-};
1349-
1350-struct _PolkitBackendSessionMonitorClass
1351-{
1352- GObjectClass parent_class;
1353-
1354- void (*changed) (PolkitBackendSessionMonitor *monitor);
1355-};
1356-
1357-
1358-enum
1359-{
1360- CHANGED_SIGNAL,
1361- LAST_SIGNAL,
1362-};
1363-
1364-static guint signals[LAST_SIGNAL] = {0};
1365-
1366-G_DEFINE_TYPE (PolkitBackendSessionMonitor, polkit_backend_session_monitor, G_TYPE_OBJECT);
1367-
1368-/* ---------------------------------------------------------------------------------------------------- */
1369-
1370-static gboolean
1371-sessions_changed (gpointer user_data)
1372-{
1373- PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
1374-
1375- g_signal_emit (monitor, signals[CHANGED_SIGNAL], 0);
186114f9
ŁK		 1376-
1377- return TRUE;
1378-}
1379-
1380-
1381-static void
1382-polkit_backend_session_monitor_init (PolkitBackendSessionMonitor *monitor)
1383-{
1384- GError *error;
1385-
1386- error = NULL;
1387- monitor->system_bus = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, &error);
1388- if (monitor->system_bus == NULL)
1389- {
1390- g_printerr ("Error getting system bus: %s", error->message);
1391- g_error_free (error);
1392- }
1393-
1394- monitor->sd_source = sd_source_new ();
1395- g_source_set_callback (monitor->sd_source, sessions_changed, monitor, NULL);
1396- g_source_attach (monitor->sd_source, NULL);
1397-}
1398-
1399-static void
1400-polkit_backend_session_monitor_finalize (GObject *object)
1401-{
1402- PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (object);
1403-
1404- if (monitor->system_bus != NULL)
1405- g_object_unref (monitor->system_bus);
1406-
1407- if (monitor->sd_source != NULL)
1408- {
1409- g_source_destroy (monitor->sd_source);
1410- g_source_unref (monitor->sd_source);
1411- }
1412-
1413- if (G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize != NULL)
1414- G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize (object);
1415-}
1416-
1417-static void
1418-polkit_backend_session_monitor_class_init (PolkitBackendSessionMonitorClass *klass)
1419-{
1420- GObjectClass *gobject_class;
1421-
1422- gobject_class = G_OBJECT_CLASS (klass);
1423-
1424- gobject_class->finalize = polkit_backend_session_monitor_finalize;
1425-
1426- /**
1427- * PolkitBackendSessionMonitor::changed:
1428- * @monitor: A #PolkitBackendSessionMonitor
1429- *
1430- * Emitted when something changes.
1431- */
1432- signals[CHANGED_SIGNAL] = g_signal_new ("changed",
1433- POLKIT_BACKEND_TYPE_SESSION_MONITOR,
1434- G_SIGNAL_RUN_LAST,
1435- G_STRUCT_OFFSET (PolkitBackendSessionMonitorClass, changed),
1436- NULL, /* accumulator */
1437- NULL, /* accumulator data */
1438- g_cclosure_marshal_VOID__VOID,
1439- G_TYPE_NONE,
1440- 0);
1441-}
1442-
1443-PolkitBackendSessionMonitor *
1444-polkit_backend_session_monitor_new (void)
1445-{
1446- PolkitBackendSessionMonitor *monitor;
1447-
1448- monitor = POLKIT_BACKEND_SESSION_MONITOR (g_object_new (POLKIT_BACKEND_TYPE_SESSION_MONITOR, NULL));
1449-
1450- return monitor;
1451-}
1452-
1453-/* ---------------------------------------------------------------------------------------------------- */
1454-
1455-GList *
1456-polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor)
1457-{
1458- /* TODO */
1459- return NULL;
1460-}
1461-
1462-/* ---------------------------------------------------------------------------------------------------- */
1463-
1464-/**
1465- * polkit_backend_session_monitor_get_user:
1466- * @monitor: A #PolkitBackendSessionMonitor.
1467- * @subject: A #PolkitSubject.
4e85edc6 1468- * @result_matches: If not %NULL, set to indicate whether the return value matches current (RACY) state.
186114f9
ŁK		 1469- * @error: Return location for error.
1470- *
1471- * Gets the user corresponding to @subject or %NULL if no user exists.
1472- *
4e85edc6
JB		 1473- * NOTE: For a #PolkitUnixProcess, the UID is read from @subject (which may
1474- * come from e.g. a D-Bus client), so it may not correspond to the actual UID
1475- * of the referenced process (at any point in time). This is indicated by
1476- * setting @result_matches to %FALSE; the caller may reject such subjects or
1477- * require additional privileges. @result_matches == %TRUE only indicates that
1478- * the UID matched the underlying process at ONE point in time, it may not match
1479- * later.
1480- *
186114f9
ŁK		 1481- * Returns: %NULL if @error is set otherwise a #PolkitUnixUser that should be freed with g_object_unref().
1482- */
1483-PolkitIdentity *
1484-polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor,
1485- PolkitSubject *subject,
4e85edc6 1486- gboolean *result_matches,
186114f9
ŁK		 1487- GError **error)
1488-{
1489- PolkitIdentity *ret;
4e85edc6 1490- gboolean matches;
186114f9
ŁK		 1491-
1492- ret = NULL;
4e85edc6 1493- matches = FALSE;
186114f9
ŁK		 1494-
1495- if (POLKIT_IS_UNIX_PROCESS (subject))
1496- {
4e85edc6
JB		 1497- gint subject_uid, current_uid;
1498- GError *local_error;
1499-
1500- subject_uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject));
1501- if (subject_uid == -1)
186114f9
ŁK		 1502- {
1503- g_set_error (error,
1504- POLKIT_ERROR,
1505- POLKIT_ERROR_FAILED,
1506- "Unix process subject does not have uid set");
1507- goto out;
1508- }
4e85edc6
JB		 1509- local_error = NULL;
1510- current_uid = polkit_unix_process_get_racy_uid__ (POLKIT_UNIX_PROCESS (subject), &local_error);
1511- if (local_error != NULL)
1512- {
1513- g_propagate_error (error, local_error);
1514- goto out;
1515- }
1516- ret = polkit_unix_user_new (subject_uid);
1517- matches = (subject_uid == current_uid);
186114f9
ŁK		 1518- }
1519- else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
1520- {
77f30838 1521- ret = (PolkitIdentity*)polkit_system_bus_name_get_user_sync (POLKIT_SYSTEM_BUS_NAME (subject), NULL, error);
4e85edc6 1522- matches = TRUE;
186114f9
ŁK		 1523- }
1524- else if (POLKIT_IS_UNIX_SESSION (subject))
1525- {
4e85edc6 1526- uid_t uid;
186114f9
ŁK		 1527-
1528- if (sd_session_get_uid (polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (subject)), &uid) < 0)
1529- {
1530- g_set_error (error,
1531- POLKIT_ERROR,
1532- POLKIT_ERROR_FAILED,
1533- "Error getting uid for session");
1534- goto out;
1535- }
1536-
1537- ret = polkit_unix_user_new (uid);
4e85edc6 1538- matches = TRUE;
186114f9
ŁK		 1539- }
1540-
1541- out:
4e85edc6
JB		 1542- if (result_matches != NULL)
1543- {
1544- *result_matches = matches;
1545- }
186114f9
ŁK		 1546- return ret;
1547-}
1548-
1549-/**
1550- * polkit_backend_session_monitor_get_session_for_subject:
1551- * @monitor: A #PolkitBackendSessionMonitor.
1552- * @subject: A #PolkitSubject.
1553- * @error: Return location for error.
1554- *
1555- * Gets the session corresponding to @subject or %NULL if no session exists.
1556- *
1557- * Returns: %NULL if @error is set otherwise a #PolkitUnixSession that should be freed with g_object_unref().
1558- */
1559-PolkitSubject *
1560-polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMonitor *monitor,
1561- PolkitSubject *subject,
1562- GError **error)
1563-{
77f30838
JB		 1564- PolkitUnixProcess *tmp_process = NULL;
1565- PolkitUnixProcess *process = NULL;
1566- PolkitSubject *session = NULL;
1567- char *session_id = NULL;
1568- pid_t pid;
1569-#if HAVE_SD_UID_GET_DISPLAY
1570- uid_t uid;
1571-#endif
186114f9
ŁK		 1572-
1573- if (POLKIT_IS_UNIX_PROCESS (subject))
77f30838 1574- process = POLKIT_UNIX_PROCESS (subject); /* We already have a process */
186114f9
ŁK		 1575- else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
1576- {
77f30838
JB		 1577- /* Convert bus name to process */
1578- tmp_process = (PolkitUnixProcess*)polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME (subject), NULL, error);
1579- if (!tmp_process)
1580- goto out;
1581- process = tmp_process;
186114f9
ŁK		 1582- }
1583- else
1584- {
1585- g_set_error (error,
1586- POLKIT_ERROR,
1587- POLKIT_ERROR_NOT_SUPPORTED,
77f30838 1588- "Cannot get session for subject of type %s",
186114f9
ŁK		 1589- g_type_name (G_TYPE_FROM_INSTANCE (subject)));
1590- }
1591-
77f30838
JB		 1592- /* Now do process -> pid -> same session */
1593- g_assert (process != NULL);
1594- pid = polkit_unix_process_get_pid (process);
186114f9 1595-
77f30838
JB		 1596- if (sd_pid_get_session (pid, &session_id) >= 0)
1597- {
1598- session = polkit_unix_session_new (session_id);
1599- goto out;
1600- }
1601-
1602-#if HAVE_SD_UID_GET_DISPLAY
1603- /* Now do process -> uid -> graphical session (systemd version 213)*/
1604- if (sd_pid_get_owner_uid (pid, &uid) < 0)
1605- goto out;
1606-
1607- if (sd_uid_get_display (uid, &session_id) >= 0)
1608- {
1609- session = polkit_unix_session_new (session_id);
1610- goto out;
1611- }
1612-#endif
1613-
1614- out:
1615- free (session_id);
1616- if (tmp_process) g_object_unref (tmp_process);
186114f9
ŁK		 1617- return session;
1618-}
1619-
1620-gboolean
1621-polkit_backend_session_monitor_is_session_local (PolkitBackendSessionMonitor *monitor,
1622- PolkitSubject *session)
1623-{
1624- char *seat;
1625-
1626- if (!sd_session_get_seat (polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session)), &seat))
1627- {
1628- free (seat);
1629- return TRUE;
1630- }
1631-
1632- return FALSE;
1633-}
1634-
1635-
1636-gboolean
1637-polkit_backend_session_monitor_is_session_active (PolkitBackendSessionMonitor *monitor,
1638- PolkitSubject *session)
1639-{
77f30838
JB		 1640- const char *session_id;
1641- char *state;
1642- uid_t uid;
1643- gboolean is_active = FALSE;
1644-
1645- session_id = polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session));
1646-
1647- g_debug ("Checking whether session %s is active.", session_id);
1648-
1649- /* Check whether *any* of the user's current sessions are active. */
1650- if (sd_session_get_uid (session_id, &uid) < 0)
1651- goto fallback;
1652-
1653- g_debug ("Session %s has UID %u.", session_id, uid);
1654-
1655- if (sd_uid_get_state (uid, &state) < 0)
1656- goto fallback;
1657-
1658- g_debug ("UID %u has state %s.", uid, state);
1659-
1660- is_active = (g_strcmp0 (state, "active") == 0);
1661- free (state);
1662-
1663- return is_active;
1664-
1665-fallback:
1666- /* Fall back to checking the session. This is not ideal, since the user
1667- * might have multiple sessions, and we cannot guarantee to have chosen
1668- * the active one.
1669- *
1670- * See: https://bugs.freedesktop.org/show_bug.cgi?id=76358. */
1671- return sd_session_is_active (session_id);
186114f9
ŁK		 1672-}
1673-
A framework for defining policy for system-wide components
This page took 0.420809 seconds and 4 git commands to generate.