diff options
author | Martin Pitt <martin.pitt@ubuntu.com> | 2016-04-05 10:30:45 +0200 |
---|---|---|
committer | Martin Pitt <martin.pitt@ubuntu.com> | 2016-04-05 12:18:55 +0200 |
commit | 89d034822075dfa8d18af8182019028cc428a1b5 (patch) | |
tree | 9599f7df7c69843fe1dfc17737760de6579089d4 | |
parent | 356a5696b4deb90ab3e3eb1a2da6ddbc8b49c5a2 (diff) |
polkit: don't start polkit agent when running as root
On the server side we already bypass the polkit checks if the caller is root
(see the sd_bus_query_sender_privilege() call in bus_verify_polkit_async()). So
there is no reason to invoke polkit when running
systemctl/machinectl/loginctl/timedatectl as root.
Fixes #2748
-rw-r--r-- | src/shared/spawn-polkit-agent.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/shared/spawn-polkit-agent.c b/src/shared/spawn-polkit-agent.c index cf3c8ad5a3..7dae4d14fe 100644 --- a/src/shared/spawn-polkit-agent.c +++ b/src/shared/spawn-polkit-agent.c @@ -44,6 +44,10 @@ int polkit_agent_open(void) { if (agent_pid > 0) return 0; + /* Clients that run as root don't need to activate/query polkit */ + if (geteuid() == 0) + return 0; + /* We check STDIN here, not STDOUT, since this is about input, * not output */ if (!isatty(STDIN_FILENO)) |