diff options
| author | Beniamino Galvani <bgalvani@redhat.com> | 2016-08-19 11:51:00 +0200 |
|---|---|---|
| committer | Beniamino Galvani <bgalvani@redhat.com> | 2016-08-20 10:45:53 +0200 |
| commit | a77ed0de9729ebcc9cb96d5bd1f4bd4da9d4e0d5 (patch) | |
| tree | 619c7d2e8e91d960052599051ae981223f4753eb | |
| parent | 0944a86182e5c6be8d6b235917c5cdd79e9564e8 (diff) | |
| download | NetworkManager-a77ed0de9729ebcc9cb96d5bd1f4bd4da9d4e0d5.tar.gz | |
core: drop root requirement for load_connection(s)/set_logging D-Bus calls
The D-Bus configuration already ensures that only root can do that;
enforcing the permission at policy level seems better than doing it in
the daemon itself because it allows users to change the policy and
also because callers can exit immediately after issuing the request.
(cherry picked from commit 4c7fa8dfdcbf13f3633b565af53896ac79366912)
| -rw-r--r-- | src/nm-manager.c | 17 | ||||
| -rw-r--r-- | src/settings/nm-settings.c | 8 |
2 files changed, 0 insertions, 25 deletions
diff --git a/src/nm-manager.c b/src/nm-manager.c index 89dc736044..237a45537d 100644 --- a/src/nm-manager.c +++ b/src/nm-manager.c @@ -4474,30 +4474,13 @@ impl_manager_set_logging (NMManager *self, const char *level, const char *domains) { - NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self); GError *error = NULL; - gulong caller_uid = G_MAXULONG; - - if (!nm_bus_manager_get_caller_info (priv->dbus_mgr, context, NULL, &caller_uid, NULL)) { - error = g_error_new_literal (NM_MANAGER_ERROR, - NM_MANAGER_ERROR_PERMISSION_DENIED, - "Failed to get request UID."); - goto done; - } - - if (0 != caller_uid) { - error = g_error_new_literal (NM_MANAGER_ERROR, - NM_MANAGER_ERROR_PERMISSION_DENIED, - "Permission denied"); - goto done; - } if (nm_logging_setup (level, domains, NULL, &error)) { _LOGI (LOGD_CORE, "logging: level '%s' domains '%s'", nm_logging_level_to_string (), nm_logging_domains_to_string ()); } -done: if (error) g_dbus_method_invocation_take_error (context, error); else diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c index 529d7581de..59a4aa07e6 100644 --- a/src/settings/nm-settings.c +++ b/src/settings/nm-settings.c @@ -1522,10 +1522,6 @@ impl_settings_load_connections (NMSettings *self, GSList *iter; int i; - if (!nm_bus_manager_ensure_root (nm_bus_manager_get (), context, - NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_PERMISSION_DENIED)) - return; - failures = g_ptr_array_new (); for (i = 0; filenames[i]; i++) { @@ -1559,10 +1555,6 @@ impl_settings_reload_connections (NMSettings *self, NMSettingsPrivate *priv = NM_SETTINGS_GET_PRIVATE (self); GSList *iter; - if (!nm_bus_manager_ensure_root (nm_bus_manager_get (), context, - NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_PERMISSION_DENIED)) - return; - for (iter = priv->plugins; iter; iter = g_slist_next (iter)) { NMSettingsPlugin *plugin = NM_SETTINGS_PLUGIN (iter->data); |