Skip to content

Commit

Permalink
Revert "logind-dbus: check auth. for all inhibitor operations"
Browse files Browse the repository at this point in the history
This has been reported to cause a regression.
Fixes systemd#447

This reverts commit 75aefdd.
  • Loading branch information
bluca committed Oct 9, 2024
1 parent ec8b60c commit 6c643d7
Showing 1 changed file with 20 additions and 25 deletions.
45 changes: 20 additions & 25 deletions src/login/logind-dbus.c
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@

#include "alloc-util.h"
#include "audit-util.h"
#include "bitfield.h"
#include "bootspec.h"
#include "bus-common-errors.h"
#include "bus-error.h"
Expand Down Expand Up @@ -3236,30 +3235,26 @@ static int method_inhibit(sd_bus_message *message, void *userdata, sd_bus_error
return sd_bus_error_setf(error, BUS_ERROR_OPERATION_IN_PROGRESS,
"The operation inhibition has been requested for is already running");

BIT_FOREACH(i, w) {
const InhibitWhat v = 1U << i;

r = bus_verify_polkit_async(
message,
CAP_SYS_BOOT,
v == INHIBIT_SHUTDOWN ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-shutdown" : "org.freedesktop.login1.inhibit-delay-shutdown") :
v == INHIBIT_SLEEP ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-sleep" : "org.freedesktop.login1.inhibit-delay-sleep") :
v == INHIBIT_IDLE ? "org.freedesktop.login1.inhibit-block-idle" :
v == INHIBIT_HANDLE_POWER_KEY ? "org.freedesktop.login1.inhibit-handle-power-key" :
v == INHIBIT_HANDLE_SUSPEND_KEY ? "org.freedesktop.login1.inhibit-handle-suspend-key" :
v == INHIBIT_HANDLE_REBOOT_KEY ? "org.freedesktop.login1.inhibit-handle-reboot-key" :
v == INHIBIT_HANDLE_HIBERNATE_KEY ? "org.freedesktop.login1.inhibit-handle-hibernate-key" :
"org.freedesktop.login1.inhibit-handle-lid-switch",
/* details= */ NULL,
false,
UID_INVALID,
&m->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
}
r = bus_verify_polkit_async(
message,
CAP_SYS_BOOT,
w == INHIBIT_SHUTDOWN ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-shutdown" : "org.freedesktop.login1.inhibit-delay-shutdown") :
w == INHIBIT_SLEEP ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-sleep" : "org.freedesktop.login1.inhibit-delay-sleep") :
w == INHIBIT_IDLE ? "org.freedesktop.login1.inhibit-block-idle" :
w == INHIBIT_HANDLE_POWER_KEY ? "org.freedesktop.login1.inhibit-handle-power-key" :
w == INHIBIT_HANDLE_SUSPEND_KEY ? "org.freedesktop.login1.inhibit-handle-suspend-key" :
w == INHIBIT_HANDLE_REBOOT_KEY ? "org.freedesktop.login1.inhibit-handle-reboot-key" :
w == INHIBIT_HANDLE_HIBERNATE_KEY ? "org.freedesktop.login1.inhibit-handle-hibernate-key" :
"org.freedesktop.login1.inhibit-handle-lid-switch",
NULL,
false,
UID_INVALID,
&m->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */

r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID, &creds);
if (r < 0)
Expand Down

0 comments on commit 6c643d7

Please sign in to comment.