From dcf02f80656da21db501b8c9605ad9c67d7c4dc9 Mon Sep 17 00:00:00 2001
From: Laurent Bigonville <bigon@bigon.be>
Date: Tue, 6 Jun 2017 16:06:11 +0200
Subject: Return the dbus-daemon SELinux context when asking about
 org.freedesktop.DBus

Currently when asked the SELinux context of the owner of
org.freedesktop.DBus, the dbus-daemon is returning an error.

In the same situation when asked about the Unix user or the PID, the
daemon would return its own user or pid. Do the same for the SELinux
context by returning the daemon one.

In particular this avoids an issue seen with systemd --user, where
dbus-daemon responds to UpdateActivationEnvironment() by passing on the
new environment to systemd with o.fd.systemd1.Manager.SetEnvironment(),
but systemd cannot get the caller's SELinux context and so rejects the
SetEnvironment() call.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101315
[smcv: Extend commit message to describe the symptom this fixes]
Reviewed-by: Simon McVittie <smcv@collabora.com>
---
 bus/selinux.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'bus/selinux.h')

diff --git a/bus/selinux.h b/bus/selinux.h
index 8c7cb0a3..a0383cdd 100644
--- a/bus/selinux.h
+++ b/bus/selinux.h
@@ -33,6 +33,8 @@ void        bus_selinux_shutdown (void);
 
 dbus_bool_t bus_selinux_enabled  (void);
 
+BusSELinuxID *bus_selinux_get_self (void);
+
 DBusHashTable* bus_selinux_id_table_new    (void);
 BusSELinuxID*  bus_selinux_id_table_lookup (DBusHashTable    *service_table,
                                             const DBusString *service_name);
-- 
cgit v1.2.1