diff options
| author | Alan Jenkins <alan.christopher.jenkins@gmail.com> | 2017-09-15 17:35:02 +0100 |
|---|---|---|
| committer | Alan Jenkins <alan.christopher.jenkins@gmail.com> | 2017-11-14 18:15:33 +0000 |
| commit | 34160d91953da7074e40341b6a29d216f36b6045 (patch) | |
| tree | 1355baa13024ae6fecc275c679ebf787f8356088 /man/loginctl.xml | |
| parent | 545f779f5c5cfac557442910f4182708750facbb (diff) | |
| download | systemd-34160d91953da7074e40341b6a29d216f36b6045.tar.gz | |
logind: fix SetLinger to authorize by client's effective User ID
SetLinger is authorized by the PolicyKit action "set-self-linger", if it is
not passed an explicit UID.
According to comments we were determining the default UID from the client's
session. However, user processes e.g. which are run from a terminal
emulator do not necessarily belong to a session scope unit. They may
equally be started from the systemd user manager [1][2]. Actually the
comment was wrong, and it would also have worked for processes
started from the systemd user manager.
Nevertheless it seems to involve fetching "augmented credentials" i.e.
it's using a racy method, so we shouldn't have been authenticating based
on it.
We could change the default UID, but that raises issues especially for
consistency between the methods. Instead we can just use the clients
effective UID for authorization.
This commit also fixes `loginctl enable-linger $USER` to match the docs
that say it was equivalent to `loginctl enable-linger` (given that $USER
matches the callers user and owner_uid). Previously, the former would not
have suceeded for unpriviliged users in the default configuration.
[1] It seems the main meaning of per-session scopes is tracking the PAM
login process. Killing that provokes logind to revoke device access. Less
circularly, killing it provokes getty to hangup the TTY.
[2] User units may be started with an environment which includes
XDG_SESSION_ID (presuambly GNOME does this?). Or not.
Diffstat (limited to 'man/loginctl.xml')
| -rw-r--r-- | man/loginctl.xml | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/man/loginctl.xml b/man/loginctl.xml index 534a0d961e..617852dfa7 100644 --- a/man/loginctl.xml +++ b/man/loginctl.xml @@ -280,11 +280,10 @@ one or more logged in users, followed by the most recent log data from the journal. Takes one or more user names or numeric user IDs as parameters. If no parameters are passed, the status - of the caller's user is shown. This function is intended to - generate human-readable output. If you are looking for - computer-parsable output, use <command>show-user</command> - instead. Users may be specified by their usernames or numeric - user IDs. </para></listitem> + is shown for the user of the session of the caller. This + function is intended to generate human-readable output. If you + are looking for computer-parsable output, use + <command>show-user</command> instead.</para></listitem> </varlistentry> <varlistentry> |