From d1c37d3b616131801447ac97e6231e7614094414 Mon Sep 17 00:00:00 2001 From: Kay Sievers Date: Mon, 19 May 2014 10:19:49 +0900 Subject: [PATCH] sessionmonitor-systemd: prepare for D-Bus "user bus" model In the D-Bus "user bus" model, all sessions of a user share the same D-Bus instance, a polkit requesting process might live outside the login session which registered the user's polkit agent. In case a polkit requesting process is not part of the user's login session, we ask systemd-logind for the the user's "display" session instead. --- configure.ac | 4 ++++ .../polkitbackendsessionmonitor-systemd.c | 27 ++++++++++++++++++---- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index a7b0148..e783ea5 100644 --- a/configure.ac +++ b/configure.ac @@ -202,6 +202,10 @@ if test "$enable_libsystemd_login" != "no"; then if test "$have_libsystemd_login" = "yes"; then SESSION_TRACKING=libsystemd-login AC_DEFINE([HAVE_LIBSYSTEMD_LOGIN], 1, [Define to 1 if libsystemd-login is available]) + save_LIBS=$LIBS + LIBS=$LIBSYSTEMD_LOGIN_LIBS + AC_CHECK_FUNCS(sd_uid_get_display) + LIBS=$save_LIBS else if test "$enable_libsystemd_login" = "yes"; then AC_MSG_ERROR([libsystemd-login support requested but libsystemd-login library not found]) diff --git a/src/polkitbackend/polkitbackendsessionmonitor-systemd.c b/src/polkitbackend/polkitbackendsessionmonitor-systemd.c index 756b728..9995f87 100644 --- a/src/polkitbackend/polkitbackendsessionmonitor-systemd.c +++ b/src/polkitbackend/polkitbackendsessionmonitor-systemd.c @@ -318,6 +318,9 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni PolkitSubject *session = NULL; char *session_id = NULL; pid_t pid; +#if HAVE_SD_UID_GET_DISPLAY + uid_t uid; +#endif if (POLKIT_IS_UNIX_PROCESS (subject)) process = POLKIT_UNIX_PROCESS (subject); /* We already have a process */ @@ -338,16 +341,30 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni g_type_name (G_TYPE_FROM_INSTANCE (subject))); } - /* Now do process -> pid -> session */ + /* Now do process -> pid -> same session */ g_assert (process != NULL); pid = polkit_unix_process_get_pid (process); - if (sd_pid_get_session (pid, &session_id) < 0) + if (sd_pid_get_session (pid, &session_id) >= 0) + { + session = polkit_unix_session_new (session_id); + goto out; + } + +#if HAVE_SD_UID_GET_DISPLAY + /* Now do process -> uid -> graphical session (systemd version 213)*/ + if (sd_pid_get_owner_uid (pid, &uid) < 0) goto out; - - session = polkit_unix_session_new (session_id); - free (session_id); + + if (sd_uid_get_display (uid, &session_id) >= 0) + { + session = polkit_unix_session_new (session_id); + goto out; + } +#endif + out: + free (session_id); if (tmp_process) g_object_unref (tmp_process); return session; } -- 1.9.0