diff options
author | Lennart Poettering <lennart@poettering.net> | 2013-12-26 16:07:38 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2013-12-26 17:16:56 +0100 |
commit | c2595875c64381b0c8a9699e6cfb48422c9026dd (patch) | |
tree | bb6ed099fa7d507b7f89c5ca6737e2f3199697bd | |
parent | 90911bb63ec1b535017f5d9df2b5465c8a72c474 (diff) |
bus: add a temporary hard-coded policy to proxyd to make gdm work
gdm relies on the policy to deny its own requests to not deadlock. Given
that we currently do not enforce any policy in the dbus1 compat proxy
service this means that gdm will necessarily deadlock on our systems.
To work around this, enforce a fixed policy teomporarily, until we
interpret the legacy XML policy in full.
Booh, gdm, booh, for requring this and making me waste two days on
tracking this brokenness down.
-rw-r--r-- | src/bus-proxyd/bus-proxyd.c | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c index 27122a5d71..fa52a387b6 100644 --- a/src/bus-proxyd/bus-proxyd.c +++ b/src/bus-proxyd/bus-proxyd.c @@ -258,6 +258,45 @@ static int synthesize_name_acquired(sd_bus *a, sd_bus *b, sd_bus_message *m) { return sd_bus_send(b, n, NULL); } +static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m) { + _cleanup_bus_message_unref_ sd_bus_message *n = NULL; + int r; + + assert(a); + assert(b); + assert(m); + + if (!sd_bus_message_is_method_call(m, "org.freedesktop.DBus.Properties", "GetAll")) + return 0; + + if (!streq_ptr(m->path, "/org/gnome/DisplayManager/Slave")) + return 0; + + r = sd_bus_message_new_method_errorf(m, &n, SD_BUS_ERROR_ACCESS_DENIED, "gdm, you are stupid"); + if (r < 0) + return r; + + r = bus_message_append_sender(n, "org.freedesktop.DBus"); + if (r < 0) { + log_error("Failed to append sender to gdm reply: %s", strerror(-r)); + return r; + } + + r = bus_seal_synthetic_message(b, n); + if (r < 0) { + log_error("Failed to seal gdm reply: %s", strerror(-r)); + return r; + } + + r = sd_bus_send(b, n, NULL); + if (r < 0) { + log_error("Failed to send gdm reply: %s", strerror(-r)); + return r; + } + + return 1; +} + static int process_hello(sd_bus *a, sd_bus *b, sd_bus_message *m, bool *got_hello) { _cleanup_bus_message_unref_ sd_bus_message *n = NULL; bool is_hello; @@ -614,6 +653,12 @@ int main(int argc, char *argv[]) { if (k > 0) r = k; else { + k = process_policy(a, b, m); + if (k < 0) { + r = k; + goto finish; + } + k = sd_bus_send(a, m, NULL); if (k < 0) { r = k; |