commit 878f6c4074acfdee42c320680f5529e01b909ba2
Author: Dan Williams <dcbw@redhat.com>
Date: Fri Oct 15 10:28:38 2010 -0500
core: ignore authorization for sleep/wake requests (but restrict to root) (rh #638640)
Everyone uses pm-utils still for sleep/wake support, and that's
traditionally how NM was put to sleep and woken up. But pm-utils
uses dbus-send without --print-reply so dbus-send quits immediately
after sending the message. That doesn't give NM enough time to
get the senders UID and thus validate the request, so the request
gets denied, and sometimes NM stays asleep after the machine is
woken up.
Instead, don't get the sender's UID and try to authorize it, but
just let the request go through. Rely on D-Bus permissions to
make sure that only root can call sleep/wake methods.
diff --git a/src/NetworkManager.conf b/src/NetworkManager.conf
index 8d08314..1f1ed49 100644
--- a/src/NetworkManager.conf
+++ b/src/NetworkManager.conf
@@ -60,6 +60,18 @@
<deny send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
+
+ <deny send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager"
+ send_member="Sleep"/>
+
+ <deny send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager"
+ send_member="sleep"/>
+
+ <deny send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager"
+ send_member="wake"/>
</policy>
<policy context="default">
<deny own="org.freedesktop.NetworkManager"/>
@@ -72,6 +84,18 @@
send_interface="org.freedesktop.NetworkManager"
send_member="SetLogging"/>
+ <deny send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager"
+ send_member="Sleep"/>
+
+ <deny send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager"
+ send_member="sleep"/>
+
+ <deny send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager"
+ send_member="wake"/>
+
<!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
interface is secured via PolicyKit.
-->
diff --git a/src/nm-manager.c b/src/nm-manager.c
index 758a082..4a3e499 100644
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -3369,6 +3369,7 @@ _internal_sleep (NMManager *self, gboolean do_sleep)
g_object_notify (G_OBJECT (self), NM_MANAGER_SLEEPING);
}
+#if 0
static void
sleep_auth_done_cb (NMAuthChain *chain,
GError *error,
@@ -3407,6 +3408,7 @@ sleep_auth_done_cb (NMAuthChain *chain,
nm_auth_chain_unref (chain);
}
+#endif
static void
impl_manager_sleep (NMManager *self,
@@ -3414,10 +3416,12 @@ impl_manager_sleep (NMManager *self,
DBusGMethodInvocation *context)
{
NMManagerPrivate *priv;
- NMAuthChain *chain;
GError *error = NULL;
+#if 0
+ NMAuthChain *chain;
gulong sender_uid = G_MAXULONG;
const char *error_desc = NULL;
+#endif
g_return_if_fail (NM_IS_MANAGER (self));
@@ -3432,6 +3436,19 @@ impl_manager_sleep (NMManager *self,
return;
}
+ /* Unconditionally allow the request. Previously it was polkit protected
+ * but unfortunately that doesn't work for short-lived processes like
+ * pm-utils. It uses dbus-send without --print-reply, which quits
+ * immediately after sending the request, and NM is unable to obtain the
+ * sender's UID as dbus-send has already dropped off the bus. Thus NM
+ * fails the request. Instead, don't validate the request, but rely on
+ * D-Bus permissions to restrict the call to root.
+ */
+ _internal_sleep (self, do_sleep);
+ dbus_g_method_return (context);
+ return;
+
+#if 0
if (!nm_auth_get_caller_uid (context, priv->dbus_mgr, &sender_uid, &error_desc)) {
error = g_error_new_literal (NM_MANAGER_ERROR,
NM_MANAGER_ERROR_PERMISSION_DENIED,
@@ -3457,6 +3474,7 @@ impl_manager_sleep (NMManager *self,
nm_auth_chain_set_data (chain, "sleep", GUINT_TO_POINTER (do_sleep), NULL);
nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SLEEP_WAKE, TRUE);
+#endif
}
static void