Bug 94895 - Consider allow_inactive=yes for change-own-user-data
Summary: Consider allow_inactive=yes for change-own-user-data
Status: RESOLVED FIXED
Alias: None
Product: accountsservice
Classification: Unclassified
Component: general (show other bugs)
Version: unspecified
Hardware: All All
: medium normal
Assignee: Matthias Clasen
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-04-11 17:14 UTC by Alkis Georgopoulos
Modified: 2016-05-20 18:24 UTC (History)
4 users (show)

See Also:
i915 platform:
i915 features:


Attachments
Allow remote/inactive users to change their own data. (1022 bytes, patch)
2016-05-20 17:47 UTC, Alkis Georgopoulos
Details | Splinter Review

Description Alkis Georgopoulos 2016-04-11 17:14:30 UTC
Currently, data/org.freedesktop.accounts.policy.in specifies that a user must be active in order to set his own data.

X2go, LTSP etc users are considered remote, i.e. inactive, and they are not allowed to change their own user data without authentication.
This results in a different behaviour when they e.g. try to change their language in the `gnome-control-center user-accounts`.

Furthermore, in some distributions it has been observed that change-own-user-data authentication dialogs popup when changing VTs or when switching users or sometimes even with just gnome-screensaver, possibly because the distribution is trying to update the user data (e.g. to notify the UI that he has new mails) when the user's vt was not active.

Therefore I'd like to ask you to consider setting <allow_inactive>yes</allow_inactive> for change-own-user-data.

Ubuntu bug report: https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1512002

Thanks!
Comment 1 Alkis Georgopoulos 2016-05-20 14:40:00 UTC
Ubuntu ended up accepting this patch:

https://bugs.launchpad.net/ubuntu/+source/policykit-1-gnome/+bug/1512002/comments/44
- <allow_any>auth_self</allow_any>
- <allow_inactive>auth_self</allow_inactive>
+ <allow_any>yes</allow_any>
+ <allow_inactive>yes</allow_inactive>

...so that it works both for inactive local sessions, and for remote sessions like LTSP/ssh.

Could you please merge it upstream, or comment if it's not appropriate for some reason?

Thank you!
Comment 2 Ray Strode [halfline] 2016-05-20 15:21:09 UTC
seems okay to me.
Comment 3 Ray Strode [halfline] 2016-05-20 15:21:30 UTC
can you attach a git formatted patch and i'll push it?
Comment 4 Alkis Georgopoulos 2016-05-20 17:47:12 UTC
Created attachment 123943 [details] [review]
Allow remote/inactive users to change their own data.

I'm not very familiar with git, I hope the attached patch is OK.

Thank you!


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.