diff options
| author | David Zeuthen <davidz@redhat.com> | 2010-08-18 12:24:04 -0400 |
|---|---|---|
| committer | David Zeuthen <davidz@redhat.com> | 2010-08-18 12:24:04 -0400 |
| commit | 22363658629553e04277259ccac8dbf4e33839ea (patch) | |
| tree | febb471aac7911e96fd93b2017d86cfc3be8c736 /src | |
| parent | 42177383585e1e01cd6150f891176afcd4538a82 (diff) | |
| download | polkit-22363658629553e04277259ccac8dbf4e33839ea.tar.gz | |
Fix ConsoleKit interaction bug
First of all, there was a glaring bug where we forgot to load the
GKeyFile for /var/run/ConsoleKit/database resulting in criticals like
this:
(lt-polkitd:17984): GLib-CRITICAL **: g_key_file_get_boolean: assertion `key_file != NULL' failed
(lt-polkitd:17984): GLib-CRITICAL **: g_key_file_get_boolean: assertion `key_file != NULL' failed
Furthermore, this resulted in the Authority returning "not authorized"
for subjects that should have been authorized. For an example, see
https://bugzilla.redhat.com/show_bug.cgi?id=624125
Fix this bug by calling ensure_database() to make sure the GKeyFile
contains information from /var/run/ConsoleKit/database. Also, since
there is a race (theoretical at least, but see
https://bugzilla.gnome.org/show_bug.cgi?id=627285 ) with file
monitoring, also ensure that we are using the latest and greatest
version of /var/run/ConsoleKit/database.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/polkitbackend/polkitbackendsessionmonitor.c | 52 |
1 files changed, 47 insertions, 5 deletions
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c index 2b63f3c..877d69e 100644 --- a/src/polkitbackend/polkitbackendsessionmonitor.c +++ b/src/polkitbackend/polkitbackendsessionmonitor.c @@ -47,6 +47,7 @@ struct _PolkitBackendSessionMonitor GKeyFile *database; GFileMonitor *database_monitor; + time_t database_mtime; }; struct _PolkitBackendSessionMonitorClass @@ -74,17 +75,34 @@ reload_database (PolkitBackendSessionMonitor *monitor, GError **error) { gboolean ret; + struct stat statbuf; ret = FALSE; + if (monitor->database != NULL) + { + g_key_file_free (monitor->database); + monitor->database = NULL; + } + + if (stat (CKDB_PATH, &statbuf) != 0) + { + g_set_error (error, + G_IO_ERROR, + g_io_error_from_errno (errno), + "Error statting file " CKDB_PATH ": %s", + strerror (errno)); + goto out; + } + + monitor->database_mtime = statbuf.st_mtime; + monitor->database = g_key_file_new (); if (!g_key_file_load_from_file (monitor->database, CKDB_PATH, G_KEY_FILE_NONE, error)) { - g_key_file_free (monitor->database); - monitor->database = NULL; goto out; } @@ -102,8 +120,22 @@ ensure_database (PolkitBackendSessionMonitor *monitor, if (monitor->database != NULL) { - ret = TRUE; - goto out; + struct stat statbuf; + + if (stat (CKDB_PATH, &statbuf) != 0) + { + g_set_error (error, + G_IO_ERROR, + g_io_error_from_errno (errno), + "Error statting file " CKDB_PATH " to check timestamp: %s", + strerror (errno)); + goto out; + } + if (statbuf.st_mtime == monitor->database_mtime) + { + ret = TRUE; + goto out; + } } ret = reload_database (monitor, error); @@ -266,7 +298,6 @@ polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor if (local_error != NULL) { g_propagate_prefixed_error (error, local_error, "Error getting user for process: "); - g_error_free (local_error); goto out; } @@ -427,6 +458,17 @@ get_boolean (PolkitBackendSessionMonitor *monitor, group = g_strdup_printf ("Session %s", polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session))); error = NULL; + if (!ensure_database (monitor, &error)) + { + g_printerr ("Error getting boolean `%s' in group `%s': Error ensuring CK database at " CKDB_PATH ": %s", + key_name, + group, + error->message); + g_error_free (error); + goto out; + } + + error = NULL; ret = g_key_file_get_boolean (monitor->database, group, key_name, &error); if (error != NULL) { |