From 634fb6b688ff14875134883f3e9a44fe02e9df5b Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 6 Apr 2015 20:25:56 +0200
Subject: [PATCH] polkit: rename bus_verify_polkit() to bus_test_polkit() and
 make it strictly non-interactive

Interactive authorization should only happen asynchronously, hence
disallow it in synchronous bus_verify_polkit(), and rename it to
bus_test_polkit(). This way even if the bus message header asks for
interactive authorization, we'll ask for non-interactive authorization
which is actually the desired behaviour if CanSuspend, CanHibernate and
friends, which call this function.
---
 src/libelogind/sd-bus/bus-util.c | 15 +++++----------
 src/libelogind/sd-bus/bus-util.h |  2 +-
 src/login/logind-dbus.c          |  6 +++---
 3 files changed, 9 insertions(+), 14 deletions(-)

diff --git a/src/libelogind/sd-bus/bus-util.c b/src/libelogind/sd-bus/bus-util.c
index 164fbf8f8..4bc16aa90 100644
--- a/src/libelogind/sd-bus/bus-util.c
+++ b/src/libelogind/sd-bus/bus-util.c
@@ -211,11 +211,10 @@ static int check_good_user(sd_bus_message *m, uid_t good_user) {
         return sender_uid == good_user;
 }
 
-int bus_verify_polkit(
+int bus_test_polkit(
                 sd_bus_message *call,
                 int capability,
                 const char *action,
-                bool interactive,
                 uid_t good_user,
                 bool *_challenge,
                 sd_bus_error *e) {
@@ -225,6 +224,8 @@ int bus_verify_polkit(
         assert(call);
         assert(action);
 
+        /* Tests non-interactively! */
+
         r = check_good_user(call, good_user);
         if (r != 0)
                 return r;
@@ -237,19 +238,13 @@ int bus_verify_polkit(
 #ifdef ENABLE_POLKIT
         else {
                 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
-                int authorized = false, challenge = false, c;
+                int authorized = false, challenge = false;
                 const char *sender;
 
                 sender = sd_bus_message_get_sender(call);
                 if (!sender)
                         return -EBADMSG;
 
-                c = sd_bus_message_get_allow_interactive_authorization(call);
-                if (c < 0)
-                        return c;
-                if (c > 0)
-                        interactive = true;
-
                 r = sd_bus_call_method(
                                 call->bus,
                                 "org.freedesktop.PolicyKit1",
@@ -262,7 +257,7 @@ int bus_verify_polkit(
                                 "system-bus-name", 1, "name", "s", sender,
                                 action,
                                 0,
-                                !!interactive,
+                                0,
                                 "");
 
                 if (r < 0) {
diff --git a/src/libelogind/sd-bus/bus-util.h b/src/libelogind/sd-bus/bus-util.h
index 9f048711d..cc16a9d69 100644
--- a/src/libelogind/sd-bus/bus-util.h
+++ b/src/libelogind/sd-bus/bus-util.h
@@ -69,7 +69,7 @@ int bus_name_has_owner(sd_bus *c, const char *name, sd_bus_error *error);
 
 int bus_check_peercred(sd_bus *c);
 
-int bus_verify_polkit(sd_bus_message *call, int capability, const char *action, bool interactive, uid_t good_user, bool *_challenge, sd_bus_error *e);
+int bus_test_polkit(sd_bus_message *call, int capability, const char *action, uid_t good_user, bool *_challenge, sd_bus_error *e);
 
 int bus_verify_polkit_async(sd_bus_message *call, int capability, const char *action, bool interactive, uid_t good_user, Hashmap **registry, sd_bus_error *error);
 void bus_verify_polkit_async_registry_free(Hashmap *registry);
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index e929e22de..8bdb2457d 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -1729,7 +1729,7 @@ static int method_can_shutdown_or_sleep(
         blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL);
 
         if (multiple_sessions) {
-                r = bus_verify_polkit(message, CAP_SYS_BOOT, action_multiple_sessions, false, UID_INVALID, &challenge, error);
+                r = bus_test_polkit(message, CAP_SYS_BOOT, action_multiple_sessions, UID_INVALID, &challenge, error);
                 if (r < 0)
                         return r;
 
@@ -1742,7 +1742,7 @@ static int method_can_shutdown_or_sleep(
         }
 
         if (blocked) {
-                r = bus_verify_polkit(message, CAP_SYS_BOOT, action_ignore_inhibit, false, UID_INVALID, &challenge, error);
+                r = bus_test_polkit(message, CAP_SYS_BOOT, action_ignore_inhibit, UID_INVALID, &challenge, error);
                 if (r < 0)
                         return r;
 
@@ -1758,7 +1758,7 @@ static int method_can_shutdown_or_sleep(
                 /* If neither inhibit nor multiple sessions
                  * apply then just check the normal policy */
 
-                r = bus_verify_polkit(message, CAP_SYS_BOOT, action, false, UID_INVALID, &challenge, error);
+                r = bus_test_polkit(message, CAP_SYS_BOOT, action, UID_INVALID, &challenge, error);
                 if (r < 0)
                         return r;
 
-- 
2.30.2