[polkit/f18] Authenticate as root if e.g. the wheel group is empty (#834494)
David Zeuthen
davidz at fedoraproject.org
Tue Sep 18 18:56:47 UTC 2012
commit 952de8f0b2fd21654285ad8b65f85a1330af3cdf
Author: David Zeuthen <zeuthen at gmail.com>
Date: Tue Sep 18 14:56:20 2012 -0400
Authenticate as root if e.g. the wheel group is empty (#834494)
...k-to-uid0-if-no-admin-users-are-available.patch | 52 ++++++++++++++++++++
polkit.spec | 8 +++-
2 files changed, 59 insertions(+), 1 deletions(-)
---
diff --git a/polkit-0.107-fall-back-to-uid0-if-no-admin-users-are-available.patch b/polkit-0.107-fall-back-to-uid0-if-no-admin-users-are-available.patch
new file mode 100644
index 0000000..37c0bfe
--- /dev/null
+++ b/polkit-0.107-fall-back-to-uid0-if-no-admin-users-are-available.patch
@@ -0,0 +1,52 @@
+From fa04223240d46641b0773dbf9f7d72f529046bea Mon Sep 17 00:00:00 2001
+From: David Zeuthen <zeuthen at gmail.com>
+Date: Tue, 18 Sep 2012 14:47:06 -0400
+Subject: [PATCH] Fall back to authenticating as uid 0 if the list of admin
+ identities is empty
+
+For example, this can happen if the wheel group has no members. This
+was reported in Red Hat bug 834494, see
+
+ https://bugzilla.redhat.com/show_bug.cgi?id=834494
+
+Signed-off-by: David Zeuthen <zeuthen at gmail.com>
+---
+ src/polkitbackend/polkitbackendinteractiveauthority.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
+index 1d4a555..3bd2f0b 100644
+--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
+@@ -1293,15 +1293,11 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
+ PolkitDetails *details)
+ {
+ PolkitBackendInteractiveAuthorityClass *klass;
+- GList *ret;
++ GList *ret = NULL;
+
+ klass = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_CLASS (authority);
+
+- if (klass->get_admin_identities == NULL)
+- {
+- ret = g_list_prepend (NULL, polkit_unix_user_new (0));
+- }
+- else
++ if (klass->get_admin_identities != NULL)
+ {
+ ret = klass->get_admin_identities (authority,
+ caller,
+@@ -2257,6 +2253,10 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
+ }
+ }
+
++ /* Fall back to uid 0 if no users are available (rhbz #834494) */
++ if (user_identities == NULL)
++ user_identities = g_list_prepend (NULL, polkit_unix_user_new (0));
++
+ session = authentication_session_new (agent,
+ cookie,
+ subject,
+--
+1.7.12
+
diff --git a/polkit.spec b/polkit.spec
index 4dc3db6..ba7fa50 100644
--- a/polkit.spec
+++ b/polkit.spec
@@ -1,7 +1,7 @@
Summary: polkit Authorization Framework
Name: polkit
Version: 0.107
-Release: 2%{?dist}
+Release: 3%{?dist}
License: LGPLv2+
URL: http://www.freedesktop.org/wiki/Software/polkit
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
@@ -29,6 +29,8 @@ Conflicts: polkit-gnome < 0.97
Obsoletes: polkit-desktop-policy < 0.103
Provides: polkit-desktop-policy = 0.103
+Patch0: polkit-0.107-fall-back-to-uid0-if-no-admin-users-are-available.patch
+
%description
polkit is a toolkit for defining and handling authorizations. It is
used for allowing unprivileged processes to speak to privileged
@@ -59,6 +61,7 @@ Development documentation for polkit.
%prep
%setup -q
+%patch0 -p1 -b .fall-back-to-uid-0
%build
%configure --enable-gtk-doc \
@@ -127,6 +130,9 @@ exit 0
%{_datadir}/gtk-doc
%changelog
+* Tue Sep 18 2012 David Zeuthen <davidz at redhat.com> 0.107-3%{?dist}
+- Authenticate as root if e.g. the wheel group is empty (#834494)
+
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.107-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
More information about the scm-commits
mailing list