chiark / gitweb /
bus: add a temporary hard-coded policy to proxyd to make gdm work
authorLennart Poettering <lennart@poettering.net>
Thu, 26 Dec 2013 15:07:38 +0000 (16:07 +0100)
committerLennart Poettering <lennart@poettering.net>
Thu, 26 Dec 2013 16:16:56 +0000 (17:16 +0100)
gdm relies on the policy to deny its own requests to not deadlock. Given
that we currently do not enforce any policy in the dbus1 compat proxy
service this means that gdm will necessarily deadlock on our systems.

To work around this, enforce a fixed policy teomporarily, until we
interpret the legacy XML policy in full.

Booh, gdm, booh, for requring this and making me waste two days on
tracking this brokenness down.

src/bus-proxyd/bus-proxyd.c

index 27122a5..fa52a38 100644 (file)
@@ -258,6 +258,45 @@ static int synthesize_name_acquired(sd_bus *a, sd_bus *b, sd_bus_message *m) {
         return sd_bus_send(b, n, NULL);
 }
 
+static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m) {
+        _cleanup_bus_message_unref_ sd_bus_message *n = NULL;
+        int r;
+
+        assert(a);
+        assert(b);
+        assert(m);
+
+        if (!sd_bus_message_is_method_call(m, "org.freedesktop.DBus.Properties", "GetAll"))
+                return 0;
+
+        if (!streq_ptr(m->path, "/org/gnome/DisplayManager/Slave"))
+                return 0;
+
+        r = sd_bus_message_new_method_errorf(m, &n, SD_BUS_ERROR_ACCESS_DENIED, "gdm, you are stupid");
+        if (r < 0)
+                return r;
+
+        r = bus_message_append_sender(n, "org.freedesktop.DBus");
+        if (r < 0) {
+                log_error("Failed to append sender to gdm reply: %s", strerror(-r));
+                return r;
+        }
+
+        r = bus_seal_synthetic_message(b, n);
+        if (r < 0) {
+                log_error("Failed to seal gdm reply: %s", strerror(-r));
+                return r;
+        }
+
+        r = sd_bus_send(b, n, NULL);
+        if (r < 0) {
+                log_error("Failed to send gdm reply: %s", strerror(-r));
+                return r;
+        }
+
+        return 1;
+}
+
 static int process_hello(sd_bus *a, sd_bus *b, sd_bus_message *m, bool *got_hello) {
         _cleanup_bus_message_unref_ sd_bus_message *n = NULL;
         bool is_hello;
@@ -614,6 +653,12 @@ int main(int argc, char *argv[]) {
                         if (k > 0)
                                 r = k;
                         else {
+                                k = process_policy(a, b, m);
+                                if (k < 0) {
+                                        r = k;
+                                        goto finish;
+                                }
+
                                 k = sd_bus_send(a, m, NULL);
                                 if (k < 0) {
                                         r = k;