diff options
| author | Lennart Poettering <lennart@poettering.net> | 2023-11-22 18:56:19 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-12-21 21:27:36 +0100 |
| commit | 7b36fb9f96fd5c1f63b9f0f9e75194e3e4dd6a8d (patch) | |
| tree | 44961376a5e0a1da8e3614bfb7531acbc6dd0912 /src/portable | |
| parent | Merge pull request #30567 from yuwata/hashmap_isempty (diff) | |
| download | systemd-7b36fb9f96fd5c1f63b9f0f9e75194e3e4dd6a8d.tar.xz systemd-7b36fb9f96fd5c1f63b9f0f9e75194e3e4dd6a8d.zip | |
polkit: simplify bus_verify_polkit_async() + drop auth-by-cap dbus feature
This simplifies bus_verify_polkit_async() and related calls quite a bit:
1. This removes any support for authentication-by-Linux-capability. This
is ultimately a kdbus leftover: with classic AF_UNIX transports we
cannot authenticate by capabilities securely (because we cannot
acquire it from the peer without races), hence we never actually did.
Since the necessary kernel work didn't materialize in the last 10y,
and is unlikely to be added, let's just kill this context. We cannot
quite remove the caps stuff from sd-bus for API compat, but for our
polkit logic let's kill it.
2. The "good_uid" and "interactive" params are only necessary in very
few cases, hence let's move them to a new call
bus_verify_polkit_async_full() and make bus_verify_polkit_async() a
wrapper around it without those two parameters.
This also fixes a bunch of wrong uses of the "interactive" bool. The
bool makes no sense today as the ALLOW_INTERACTIVE_AUTHORIZATION field
in the D-Bus message header replaces it fully. We only need it to
implement method calls we introduced prior to that header field becoming
available in D-Bus. And it should only be used on such old method calls,
and otherwise always be set to false.
This does not change behaviour in any way. Just simplifies stuff.
Fixes: #21586
Diffstat (limited to 'src/portable')
| -rw-r--r-- | src/portable/portabled-bus.c | 10 | ||||
| -rw-r--r-- | src/portable/portabled-image-bus.c | 15 |
2 files changed, 5 insertions, 20 deletions
diff --git a/src/portable/portabled-bus.c b/src/portable/portabled-bus.c index 0d5518060e..4f239e2b12 100644 --- a/src/portable/portabled-bus.c +++ b/src/portable/portabled-bus.c @@ -320,11 +320,8 @@ static int method_detach_image(sd_bus_message *message, void *userdata, sd_bus_e r = bus_verify_polkit_async( message, - CAP_SYS_ADMIN, "org.freedesktop.portable1.attach-images", - NULL, - false, - UID_INVALID, + /* details= */ NULL, &m->polkit_registry, error); if (r < 0) @@ -377,11 +374,8 @@ static int method_set_pool_limit(sd_bus_message *message, void *userdata, sd_bus r = bus_verify_polkit_async( message, - CAP_SYS_ADMIN, "org.freedesktop.portable1.manage-images", - NULL, - false, - UID_INVALID, + /* details= */ NULL, &m->polkit_registry, error); if (r < 0) diff --git a/src/portable/portabled-image-bus.c b/src/portable/portabled-image-bus.c index 1f61c3b8c4..63f177eb74 100644 --- a/src/portable/portabled-image-bus.c +++ b/src/portable/portabled-image-bus.c @@ -451,11 +451,8 @@ static int bus_image_method_detach( r = bus_verify_polkit_async( message, - CAP_SYS_ADMIN, "org.freedesktop.portable1.attach-images", - NULL, - false, - UID_INVALID, + /* details= */ NULL, &m->polkit_registry, error); if (r < 0) @@ -1010,11 +1007,8 @@ int bus_image_acquire( if (mode == BUS_IMAGE_AUTHENTICATE_ALL) { r = bus_verify_polkit_async( message, - CAP_SYS_ADMIN, polkit_action, - NULL, - false, - UID_INVALID, + /* details= */ NULL, &m->polkit_registry, error); if (r < 0) @@ -1064,11 +1058,8 @@ int bus_image_acquire( if (mode == BUS_IMAGE_AUTHENTICATE_BY_PATH) { r = bus_verify_polkit_async( message, - CAP_SYS_ADMIN, polkit_action, - NULL, - false, - UID_INVALID, + /* details= */ NULL, &m->polkit_registry, error); if (r < 0) |