Related to rhbz#973125
Signed-off-by: Jakub Filak jfilak@redhat.com --- src/include/problem_api.h | 31 ++++++++++++++++++++++++++++++- src/lib/problem_api.c | 31 ++++++++++++++++++++++++++++++- 2 files changed, 60 insertions(+), 2 deletions(-)
diff --git a/src/include/problem_api.h b/src/include/problem_api.h index 99d832c..60a76d0 100644 --- a/src/include/problem_api.h +++ b/src/include/problem_api.h @@ -20,9 +20,29 @@ #include <glib.h> #include <libabrt.h>
+ +/* + * Function called for each problem directory in @for_each_problem_in_dir + * + * @param dd A dump directory + * @param arg User's arguments + * @returns 0 if everything is OK, a non zero value in order to break the iterator + */ +typedef int (* for_each_problem_in_dir_callback)(struct dump_dir *dd, void *arg); + +/* + * Iterates over all dump directories placed in @path and call @callback. + * + * @param path Dump directories location + * @param caller_uid UID for access check. -1 for disabling this check + * @param callback Called for each applicable dump directory. Non zero + * value returned from @callback will breaks the iteration. + * @param arg User's arguments passed to @callback + * @returns 0 or the first non zero value returned from @callback + */ int for_each_problem_in_dir(const char *path, uid_t caller_uid, - int (*callback)(struct dump_dir *dd, void *arg), + for_each_problem_in_dir_callback callback, void *arg);
/* Retrieves the list of directories currently used as a problem storage @@ -31,3 +51,12 @@ int for_each_problem_in_dir(const char *path, */ GList *get_problem_storages(void); GList *get_problem_dirs_for_uid(uid_t uid, const char *dump_location); + +/* + * Gets list of problem directories not accessible by user + * + * @param uid User's uid + * @param dump_location Dump directories location + * @returns GList with mallocated absolute paths to dump directories + */ +GList *get_problem_dirs_not_accessible_by_uid(uid_t uid, const char *dump_location); diff --git a/src/lib/problem_api.c b/src/lib/problem_api.c index 3bb114f..7523efb 100644 --- a/src/lib/problem_api.c +++ b/src/lib/problem_api.c @@ -46,7 +46,7 @@ int for_each_problem_in_dir(const char *path, continue; /* skip "." and ".." */
char *full_name = concat_path_file(path, dent->d_name); - if (dump_dir_accessible_by_uid(full_name, caller_uid)) + if (caller_uid == -1 || dump_dir_accessible_by_uid(full_name, caller_uid)) { /* Silently ignore *any* errors, not only EACCES. * We saw "lock file is locked by process PID" error @@ -91,6 +91,35 @@ GList *get_problem_dirs_for_uid(uid_t uid, const char *dump_location) return g_list_reverse(list); }
+/* get_problem_dirs_not_accessible_by_uid and its helpers */ +struct add_dirname_to_GList_if_not_accessible_args +{ + uid_t uid; + GList *list; +}; + +static int add_dirname_to_GList_if_not_accessible(struct dump_dir *dd, void *args) +{ + struct add_dirname_to_GList_if_not_accessible_args *param = (struct add_dirname_to_GList_if_not_accessible_args *)args; + /* Append if not accessible */ + if (!dump_dir_accessible_by_uid(dd->dd_dirname, param->uid)) + param->list = g_list_prepend(param->list, xstrdup(dd->dd_dirname)); + + return 0; +} + +GList *get_problem_dirs_not_accessible_by_uid(uid_t uid, const char *dump_location) +{ + struct add_dirname_to_GList_if_not_accessible_args args = { + .uid = uid, + .list = NULL, + }; + + for_each_problem_in_dir(dump_location, /*disable default uid check*/-1, add_dirname_to_GList_if_not_accessible, &args); + return g_list_reverse(args.list); +} + + /* get_problem_storages */
GList *get_problem_storages(void)
Returns a list of problem ids whose data are not accessible without authorization.
The method itself doesn't require any authorization because it is not an security issue to see other's problem ids.
Related to rhbz#973125
Signed-off-by: Jakub Filak jfilak@redhat.com --- doc/problems-service/org.freedesktop.Problems.xml.in | 11 +++++++++++ src/dbus/abrt-dbus.c | 13 +++++++++++++ 2 files changed, 24 insertions(+)
diff --git a/doc/problems-service/org.freedesktop.Problems.xml.in b/doc/problems-service/org.freedesktop.Problems.xml.in index d4cd816..c6c1337 100644 --- a/doc/problems-service/org.freedesktop.Problems.xml.in +++ b/doc/problems-service/org.freedesktop.Problems.xml.in @@ -157,6 +157,17 @@ prblms = problems.GetProblems()
</method>
+ <method name='GetForeignProblems'> + tp:docstringGets a list of problem identifiers for problems not directly accessible by the caller.</tp:docstring> + + <arg type='as' name='response' direction='out'> + tp:docstringList of problem identifiers</tp:docstring> + </arg> + + </method> + + + <method name='GetAllProblems'> tp:docstringGets a list of problems visible by the caller.</tp:docstring>
diff --git a/src/dbus/abrt-dbus.c b/src/dbus/abrt-dbus.c index 421822f..968890e 100644 --- a/src/dbus/abrt-dbus.c +++ b/src/dbus/abrt-dbus.c @@ -32,6 +32,9 @@ static const gchar introspection_xml[] = " <method name='GetAllProblems'>" " <arg type='as' name='response' direction='out'/>" " </method>" + " <method name='GetForeignProblems'>" + " <arg type='as' name='response' direction='out'/>" + " </method>" " <method name='GetInfo'>" " <arg type='s' name='problem_dir' direction='in'/>" " <arg type='as' name='element_names' direction='in'/>" @@ -389,6 +392,16 @@ static void handle_method_call(GDBusConnection *connection, return; }
+ if (g_strcmp0(method_name, "GetForeignProblems") == 0) + { + GList * dirs = get_problem_dirs_not_accessible_by_uid(caller_uid, g_settings_dump_location); + response = variant_from_string_list(dirs); + list_free_with_free(dirs); + + g_dbus_method_invocation_return_value(invocation, response); + return; + } + if (g_strcmp0(method_name, "ChownProblemDir") == 0) { const gchar *problem_dir;
crash-catcher@lists.fedorahosted.org