systemd: set User/Group and don't change uid/gid if already set

3 files changed, 12 insertions, 3 deletions

diff --git a/data/meson.build b/data/meson.build
index 27ab76a..651d2cf 100644
--- a/data/meson.build
+++ b/data/meson.build
@@ -1,4 +1,4 @@
-service_conf = {'libprivdir': pk_prefix / pk_libprivdir}
+service_conf = {'libprivdir': pk_prefix / pk_libprivdir, 'polkitd_user': polkitd_user}
 
 configure_file(
   input: 'org.freedesktop.PolicyKit1.service.in',
diff --git a/data/polkit.service.in b/data/polkit.service.in
index 9665043..88138e8 100644
--- a/data/polkit.service.in
+++ b/data/polkit.service.in
@@ -6,3 +6,5 @@ Documentation=man:polkit(8)
 Type=dbus
 BusName=org.freedesktop.PolicyKit1
 ExecStart=@libprivdir@/polkitd --no-debug
+User=@polkitd_user@
+Group=@polkitd_user@
diff --git a/src/polkitbackend/polkitd.c b/src/polkitbackend/polkitd.c
index c3ec32f..d63aae2 100644
--- a/src/polkitbackend/polkitd.c
+++ b/src/polkitbackend/polkitd.c
@@ -117,6 +117,14 @@ become_user (const gchar  *user,
       goto out;
     }
 
+  if ((geteuid () == pw->pw_uid) && (getuid () == pw->pw_uid) &&
+      (getegid () == pw->pw_gid) && (getgid () == pw->pw_gid))
+    {
+      /* already running as user */
+      ret = TRUE;
+      goto out;
+    }
+
   if (setgroups (0, NULL) != 0)
     {
       g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
@@ -151,6 +159,7 @@ become_user (const gchar  *user,
 
 
   ret = TRUE;
+  g_print ("Successfully changed to user %s\n", user);
 
  out:
   return ret;
@@ -212,8 +221,6 @@ main (int    argc,
       goto out;
     }
 
-  g_print ("Successfully changed to user %s\n", POLKITD_USER);
-
   if (g_getenv ("PATH") == NULL)
     g_setenv ("PATH", "/usr/bin:/bin:/usr/sbin:/sbin", TRUE);