summaryrefslogtreecommitdiffstats
path: root/src/bus-proxyd
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-12-26 16:07:38 +0100
committerLennart Poettering <lennart@poettering.net>2013-12-26 17:16:56 +0100
commitc2595875c64381b0c8a9699e6cfb48422c9026dd (patch)
treebb6ed099fa7d507b7f89c5ca6737e2f3199697bd /src/bus-proxyd
parentbus: always show messages we send (diff)
downloadsystemd-c2595875c64381b0c8a9699e6cfb48422c9026dd.tar.xz
systemd-c2595875c64381b0c8a9699e6cfb48422c9026dd.zip
bus: add a temporary hard-coded policy to proxyd to make gdm work
gdm relies on the policy to deny its own requests to not deadlock. Given that we currently do not enforce any policy in the dbus1 compat proxy service this means that gdm will necessarily deadlock on our systems. To work around this, enforce a fixed policy teomporarily, until we interpret the legacy XML policy in full. Booh, gdm, booh, for requring this and making me waste two days on tracking this brokenness down.
Diffstat (limited to 'src/bus-proxyd')
-rw-r--r--src/bus-proxyd/bus-proxyd.c45
1 files changed, 45 insertions, 0 deletions
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 27122a5d71..fa52a387b6 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -258,6 +258,45 @@ static int synthesize_name_acquired(sd_bus *a, sd_bus *b, sd_bus_message *m) {
return sd_bus_send(b, n, NULL);
}
+static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m) {
+ _cleanup_bus_message_unref_ sd_bus_message *n = NULL;
+ int r;
+
+ assert(a);
+ assert(b);
+ assert(m);
+
+ if (!sd_bus_message_is_method_call(m, "org.freedesktop.DBus.Properties", "GetAll"))
+ return 0;
+
+ if (!streq_ptr(m->path, "/org/gnome/DisplayManager/Slave"))
+ return 0;
+
+ r = sd_bus_message_new_method_errorf(m, &n, SD_BUS_ERROR_ACCESS_DENIED, "gdm, you are stupid");
+ if (r < 0)
+ return r;
+
+ r = bus_message_append_sender(n, "org.freedesktop.DBus");
+ if (r < 0) {
+ log_error("Failed to append sender to gdm reply: %s", strerror(-r));
+ return r;
+ }
+
+ r = bus_seal_synthetic_message(b, n);
+ if (r < 0) {
+ log_error("Failed to seal gdm reply: %s", strerror(-r));
+ return r;
+ }
+
+ r = sd_bus_send(b, n, NULL);
+ if (r < 0) {
+ log_error("Failed to send gdm reply: %s", strerror(-r));
+ return r;
+ }
+
+ return 1;
+}
+
static int process_hello(sd_bus *a, sd_bus *b, sd_bus_message *m, bool *got_hello) {
_cleanup_bus_message_unref_ sd_bus_message *n = NULL;
bool is_hello;
@@ -614,6 +653,12 @@ int main(int argc, char *argv[]) {
if (k > 0)
r = k;
else {
+ k = process_policy(a, b, m);
+ if (k < 0) {
+ r = k;
+ goto finish;
+ }
+
k = sd_bus_send(a, m, NULL);
if (k < 0) {
r = k;