powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity

polkit package update 

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
master
basebuilder_pel7x64builder0 2018-11-27 13:01:04 +01:00
parent 213d04edfd
commit 5873ce3f50
12 changed files with 1737 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

578
SOURCES/polkit-0.112-CVE-2015-3256.patch Normal file
View File

@ -0,0 +1,578 @@
commit 983e8ec37b0ec1cc5114cb9ca49cf558dedfb31e
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Don't pass an uninitialized JS parameter
Don't pass argc==3 when using a 2-member array in
polkit_backend_js_authority_check_authorization_sync . To avoid such
problems in the future, use G_N_ELEMENTS in both similar callers.
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index c232573..c7a29e0 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -1074,7 +1074,7 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
if (!call_js_function_with_runaway_killer (authority,
"_runAdminRules",
- 2,
+ G_N_ELEMENTS (argv),
argv,
&rval))
{
@@ -1179,7 +1179,7 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu
if (!call_js_function_with_runaway_killer (authority,
"_runRules",
- 3,
+ G_N_ELEMENTS (argv),
argv,
&rval))
{

commit a97672540c66c03ed392fc072f0c682281f08989
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Don't add extra NULL group to subject.groups
The NULL “terminator” of groups was being passed to JavaScript. Drop
it, and simplify by leting set_property_strv use the GPtrArray directly
instead of the extra conversions “into” a strv and a completely dead
g_strv_length().
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index c7a29e0..efb07a9 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -659,26 +659,22 @@ static void
set_property_strv (PolkitBackendJsAuthority *authority,
JSObject *obj,
const gchar *name,
- const gchar *const *value,
- gssize len)
+ GPtrArray *value)
{
jsval value_jsval;
JSObject *array_object;
jsval *jsvals;
guint n;
- if (len < 0)
- len = g_strv_length ((gchar **) value);
-
- jsvals = g_new0 (jsval, len);
- for (n = 0; n < len; n++)
+ jsvals = g_new0 (jsval, value->len);
+ for (n = 0; n < value->len; n++)
{
JSString *jsstr;
- jsstr = JS_NewStringCopyZ (authority->priv->cx, value[n]);
+ jsstr = JS_NewStringCopyZ (authority->priv->cx, g_ptr_array_index(value, n));
jsvals[n] = STRING_TO_JSVAL (jsstr);
}
- array_object = JS_NewArrayObject (authority->priv->cx, (gint32) len, jsvals);
+ array_object = JS_NewArrayObject (authority->priv->cx, value->len, jsvals);
value_jsval = OBJECT_TO_JSVAL (array_object);
JS_SetProperty (authority->priv->cx, obj, name, &value_jsval);
@@ -818,11 +814,9 @@ subject_to_jsval (PolkitBackendJsAuthority *authority,
}
}
- g_ptr_array_add (groups, NULL);
-
set_property_int32 (authority, obj, "pid", pid);
set_property_str (authority, obj, "user", user_name);
- set_property_strv (authority, obj, "groups", (const gchar* const *) groups->pdata, groups->len);
+ set_property_strv (authority, obj, "groups", groups);
set_property_str (authority, obj, "seat", seat_str);
set_property_str (authority, obj, "session", session_str);
set_property_bool (authority, obj, "local", subject_is_local);

commit cbad0d5721804a4b7c2d998b00da9e70dc623820
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Don't store unrooted jsvals on heap
Don't create a temporary array of jsvals on heap; the GC is not looking
for GC roots there.
Compare
https://developer.mozilla.org/en-US/docs/SpiderMonkey/GC_Rooting_Guide
and
https://web.archive.org/web/20140305233124/https://developer.mozilla.org/en-US/docs/SpiderMonkey_Garbage_Collection_Tips
.
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index efb07a9..d02e5e3 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -663,23 +663,22 @@ set_property_strv (PolkitBackendJsAuthority *authority,
{
jsval value_jsval;
JSObject *array_object;
- jsval *jsvals;
guint n;
- jsvals = g_new0 (jsval, value->len);
+ array_object = JS_NewArrayObject (authority->priv->cx, 0, NULL);
+
for (n = 0; n < value->len; n++)
{
JSString *jsstr;
+ jsval val;
+
jsstr = JS_NewStringCopyZ (authority->priv->cx, g_ptr_array_index(value, n));
- jsvals[n] = STRING_TO_JSVAL (jsstr);
+ val = STRING_TO_JSVAL (jsstr);
+ JS_SetElement (authority->priv->cx, array_object, n, &val);
}
- array_object = JS_NewArrayObject (authority->priv->cx, value->len, jsvals);
-
value_jsval = OBJECT_TO_JSVAL (array_object);
JS_SetProperty (authority->priv->cx, obj, name, &value_jsval);
-
- g_free (jsvals);
}

commit 0f5852a4bdabe377ddcdbed09a0c1f95710e17fe
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Fix a per-authorization memory leak
We were leaking PolkitAuthorizationResult on every request, primarily on
the success path, but also on various error paths as well.
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index a09d667..14eea99 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -714,6 +714,7 @@ check_auth_cb (GObject *source_object,
g_variant_ref_sink (value);
g_dbus_method_invocation_return_value (data->invocation, g_variant_new ("(@(bba{ss}))", value));
g_variant_unref (value);
+ g_object_unref (result);
}
check_auth_data_free (data);
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 96725f7..7019356 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -1022,7 +1022,7 @@ polkit_backend_interactive_authority_check_authorization (PolkitBackendAuthority
/* Otherwise just return the result */
g_simple_async_result_set_op_res_gpointer (simple,
- result,
+ g_object_ref (result),
g_object_unref);
g_simple_async_result_complete (simple);
g_object_unref (simple);
@@ -1039,6 +1039,9 @@ polkit_backend_interactive_authority_check_authorization (PolkitBackendAuthority
g_free (subject_str);
g_free (user_of_caller_str);
g_free (user_of_subject_str);
+
+ if (result != NULL)
+ g_object_unref (result);
}
/* ---------------------------------------------------------------------------------------------------- */

commit ec039f9d7ede5b839f5511e26d5cd6ae9107cb2e
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Fix a memory leak when registering an authentication agent
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 14eea99..64560e1 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -900,6 +900,7 @@ server_handle_register_authentication_agent (Server *server,
g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
out:
+ g_variant_unref (subject_gvariant);
if (subject != NULL)
g_object_unref (subject);
}

commit 57e2d86edc2630cac1812a3285715dad795a4bd6
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Wrap all JS usage within “requests”
Required by
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_THREADSAFE
; lack of requests causes assertion failures with a debug build of
mozjs17.
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index d02e5e3..88f31bd 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -239,6 +239,7 @@ rules_file_name_cmp (const gchar *a,
return ret;
}
+/* authority->priv->cx must be within a request */
static void
load_scripts (PolkitBackendJsAuthority *authority)
{
@@ -339,6 +340,8 @@ reload_scripts (PolkitBackendJsAuthority *authority)
jsval argv[1] = {JSVAL_NULL};
jsval rval = JSVAL_NULL;
+ JS_BeginRequest (authority->priv->cx);
+
if (!JS_CallFunctionName(authority->priv->cx,
authority->priv->js_polkit,
"_deleteRules",
@@ -364,7 +367,7 @@ reload_scripts (PolkitBackendJsAuthority *authority)
/* Let applications know we have new rules... */
g_signal_emit_by_name (authority, "changed");
out:
- ;
+ JS_EndRequest (authority->priv->cx);
}
static void
@@ -447,6 +450,7 @@ static void
polkit_backend_js_authority_constructed (GObject *object)
{
PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (object);
+ gboolean entered_request = FALSE;
authority->priv->rt = JS_NewRuntime (8L * 1024L * 1024L);
if (authority->priv->rt == NULL)
@@ -466,6 +470,9 @@ polkit_backend_js_authority_constructed (GObject *object)
JS_SetErrorReporter(authority->priv->cx, report_error);
JS_SetContextPrivate (authority->priv->cx, authority);
+ JS_BeginRequest(authority->priv->cx);
+ entered_request = TRUE;
+
authority->priv->js_global =
#if JS_VERSION == 186
JS_NewGlobalObject (authority->priv->cx, &js_global_class, NULL);
@@ -526,10 +533,15 @@ polkit_backend_js_authority_constructed (GObject *object)
setup_file_monitors (authority);
load_scripts (authority);
+ JS_EndRequest (authority->priv->cx);
+ entered_request = FALSE;
+
G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->constructed (object);
return;
fail:
+ if (entered_request)
+ JS_EndRequest (authority->priv->cx);
g_critical ("Error initializing JavaScript environment");
g_assert_not_reached ();
}
@@ -642,6 +654,7 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass)
/* ---------------------------------------------------------------------------------------------------- */
+/* authority->priv->cx must be within a request */
static void
set_property_str (PolkitBackendJsAuthority *authority,
JSObject *obj,
@@ -655,6 +668,7 @@ set_property_str (PolkitBackendJsAuthority *authority,
JS_SetProperty (authority->priv->cx, obj, name, &value_jsval);
}
+/* authority->priv->cx must be within a request */
static void
set_property_strv (PolkitBackendJsAuthority *authority,
JSObject *obj,
@@ -681,7 +695,7 @@ set_property_strv (PolkitBackendJsAuthority *authority,
JS_SetProperty (authority->priv->cx, obj, name, &value_jsval);
}
-
+/* authority->priv->cx must be within a request */
static void
set_property_int32 (PolkitBackendJsAuthority *authority,
JSObject *obj,
@@ -693,6 +707,7 @@ set_property_int32 (PolkitBackendJsAuthority *authority,
JS_SetProperty (authority->priv->cx, obj, name, &value_jsval);
}
+/* authority->priv->cx must be within a request */
static void
set_property_bool (PolkitBackendJsAuthority *authority,
JSObject *obj,
@@ -706,6 +721,7 @@ set_property_bool (PolkitBackendJsAuthority *authority,
/* ---------------------------------------------------------------------------------------------------- */
+/* authority->priv->cx must be within a request */
static gboolean
subject_to_jsval (PolkitBackendJsAuthority *authority,
PolkitSubject *subject,
@@ -838,6 +854,7 @@ subject_to_jsval (PolkitBackendJsAuthority *authority,
/* ---------------------------------------------------------------------------------------------------- */
+/* authority->priv->cx must be within a request */
static gboolean
action_and_details_to_jsval (PolkitBackendJsAuthority *authority,
const gchar *action_id,
@@ -1041,6 +1058,8 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
gchar *ret_str = NULL;
gchar **ret_strs = NULL;
+ JS_BeginRequest (authority->priv->cx);
+
if (!action_and_details_to_jsval (authority, action_id, details, &argv[0], &error))
{
polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
@@ -1120,6 +1139,8 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
JS_MaybeGC (authority->priv->cx);
+ JS_EndRequest (authority->priv->cx);
+
return ret;
}
@@ -1146,6 +1167,8 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu
gchar *ret_str = NULL;
gboolean good = FALSE;
+ JS_BeginRequest (authority->priv->cx);
+
if (!action_and_details_to_jsval (authority, action_id, details, &argv[0], &error))
{
polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
@@ -1222,6 +1245,8 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu
JS_MaybeGC (authority->priv->cx);
+ JS_EndRequest (authority->priv->cx);
+
return ret;
}

commit 5c668722320eb363f713a0998934aa48fecd56cb
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Register heap-based JSObject pointers to GC
This is necessary so that the GC can move the objects (though I haven't
so far encountered this in testing).
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 88f31bd..39f7060 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -482,6 +482,7 @@ polkit_backend_js_authority_constructed (GObject *object)
if (authority->priv->js_global == NULL)
goto fail;
+ JS_AddObjectRoot (authority->priv->cx, &authority->priv->js_global);
if (!JS_InitStandardClasses (authority->priv->cx, authority->priv->js_global))
goto fail;
@@ -494,6 +495,7 @@ polkit_backend_js_authority_constructed (GObject *object)
JSPROP_ENUMERATE);
if (authority->priv->js_polkit == NULL)
goto fail;
+ JS_AddObjectRoot (authority->priv->cx, &authority->priv->js_polkit);
if (!JS_DefineFunctions (authority->priv->cx,
authority->priv->js_polkit,
@@ -572,6 +574,11 @@ polkit_backend_js_authority_finalize (GObject *object)
g_free (authority->priv->dir_monitors);
g_strfreev (authority->priv->rules_dirs);
+ JS_BeginRequest (authority->priv->cx);
+ JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_polkit);
+ JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_global);
+ JS_EndRequest (authority->priv->cx);
+
JS_DestroyContext (authority->priv->cx);
JS_DestroyRuntime (authority->priv->rt);
/* JS_ShutDown (); */

commit 2881f8b260c03df29afb0e35e6d1707240f95ad7
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Prevent builds against SpiderMonkey with exact stack rooting
“Exact stack rooting” means that every on-stack pointer to a JavaScript
value needs to be registered with the runtime. The current code doesn't
do this, so it is not safe to use against a runtime with this
configuration. Luckily this configuration is not default.
See
https://developer.mozilla.org/en-US/docs/SpiderMonkey/Internals/GC/Exact_Stack_Rooting
and other pages in the wiki for what the conversion would require.
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 39f7060..22812a6 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -43,6 +43,13 @@
#include "initjs.h" /* init.js */
+#ifdef JSGC_USE_EXACT_ROOTING
+/* See https://developer.mozilla.org/en-US/docs/SpiderMonkey/Internals/GC/Exact_Stack_Rooting
+ * for more information about exact stack rooting.
+ */
+#error "This code is not safe in SpiderMonkey exact stack rooting configurations"
+#endif
+
/**
* SECTION:polkitbackendjsauthority
* @title: PolkitBackendJsAuthority

commit b544f10dd469ae3cfedc026db71ee76e9ef511a2
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Clear the JS operation callback before invoking JS in the callback
Setting the callback to NULL is required by
https://developer.mozilla.org/en-US/docs/SpiderMonkey/JSAPI_Reference/JS_SetOperationCallback
to avoid the possibility of recursion.
https://bugs.freedesktop.org/show_bug.cgi?id=69501

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 22812a6..8a0a097 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -961,9 +961,11 @@ js_operation_callback (JSContext *cx)
polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), "Terminating runaway script");
/* Throw an exception - this way the JS code can ignore the runaway script handling */
+ JS_SetOperationCallback (authority->priv->cx, NULL);
val_str = JS_NewStringCopyZ (cx, "Terminating runaway script");
val = STRING_TO_JSVAL (val_str);
JS_SetPendingException (authority->priv->cx, val);
+ JS_SetOperationCallback (authority->priv->cx, js_operation_callback);
return JS_FALSE;
}

commit d7da6a23766e9c95fa333a0a9c742f7397c0ad22
Author: Miloslav Trmač <mitr@redhat.com>
Date: Tue Jul 1 20:00:48 2014 +0200

Fix spurious timeout exceptions on GC
The JS “Operation callback” can be called by the runtime for other
reasons, not only when we trigger it by a timeout—notably as part of GC.
So, make sure to only raise an exception if there actually was a
timeout.
Adding a whole extra mutex to protect a single boolean is somewhat of an
overkill, but better than worrying about “subtle bugs and occasionally
undefined behaviour” the g_atomic_* API is warning about.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
also
https://bugs.freedesktop.org/show_bug.cgi?id=77524

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 8a0a097..097dcc5 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -80,6 +80,8 @@ struct _PolkitBackendJsAuthorityPrivate
GMainContext *rkt_context;
GMainLoop *rkt_loop;
GSource *rkt_source;
+ GMutex rkt_timeout_pending_mutex;
+ gboolean rkt_timeout_pending;
/* A list of JSObject instances */
GList *scripts;
@@ -528,6 +530,7 @@ polkit_backend_js_authority_constructed (GObject *object)
g_mutex_init (&authority->priv->rkt_init_mutex);
g_cond_init (&authority->priv->rkt_init_cond);
+ g_mutex_init (&authority->priv->rkt_timeout_pending_mutex);
authority->priv->runaway_killer_thread = g_thread_new ("runaway-killer-thread",
runaway_killer_thread_func,
@@ -563,6 +566,7 @@ polkit_backend_js_authority_finalize (GObject *object)
g_mutex_clear (&authority->priv->rkt_init_mutex);
g_cond_clear (&authority->priv->rkt_init_cond);
+ g_mutex_clear (&authority->priv->rkt_timeout_pending_mutex);
/* shut down the killer thread */
g_assert (authority->priv->rkt_loop != NULL);
@@ -957,6 +961,18 @@ js_operation_callback (JSContext *cx)
JSString *val_str;
jsval val;
+ /* This callback can be called by the runtime at any time without us causing
+ * it by JS_TriggerOperationCallback().
+ */
+ g_mutex_lock (&authority->priv->rkt_timeout_pending_mutex);
+ if (!authority->priv->rkt_timeout_pending)
+ {
+ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex);
+ return JS_TRUE;
+ }
+ authority->priv->rkt_timeout_pending = FALSE;
+ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex);
+
/* Log that we are terminating the script */
polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), "Terminating runaway script");
@@ -974,6 +990,10 @@ rkt_on_timeout (gpointer user_data)
{
PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (user_data);
+ g_mutex_lock (&authority->priv->rkt_timeout_pending_mutex);
+ authority->priv->rkt_timeout_pending = TRUE;
+ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex);
+
/* Supposedly this is thread-safe... */
#if JS_VERSION == 186
JS_TriggerOperationCallback (authority->priv->rt);
@@ -993,6 +1013,9 @@ runaway_killer_setup (PolkitBackendJsAuthority *authority)
g_assert (authority->priv->rkt_source == NULL);
/* set-up timer for runaway scripts, will be executed in runaway_killer_thread */
+ g_mutex_lock (&authority->priv->rkt_timeout_pending_mutex);
+ authority->priv->rkt_timeout_pending = FALSE;
+ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex);
authority->priv->rkt_source = g_timeout_source_new_seconds (15);
g_source_set_callback (authority->priv->rkt_source, rkt_on_timeout, authority, NULL);
g_source_attach (authority->priv->rkt_source, authority->priv->rkt_context);

24
SOURCES/polkit-0.112-EnumerateActions-leak.patch Normal file
View File

@ -0,0 +1,24 @@
commit f4d71e0de885010494b8b0b8d62ca910011d7544
Author: Max A. Dednev <dednev@rambler.ru>
Date: Sun Jan 11 20:00:44 2015 -0500

authority: Fix memory leak in EnumerateActions call results handler
Policykit-1 doesn't release reference counters of GVariant data for
org.freedesktop.PolicyKit1.Authority.EnumerateActions dbus call. This
patch fixed reference counting and following memory leak.
https://bugs.freedesktop.org/show_bug.cgi?id=88288

diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 75619ab..ab6d3cd 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -715,7 +715,6 @@ polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
while ((child = g_variant_iter_next_value (&iter)) != NULL)
{
ret = g_list_prepend (ret, polkit_action_description_new_for_gvariant (child));
- g_variant_ref_sink (child);
g_variant_unref (child);
}
ret = g_list_reverse (ret);

20
SOURCES/polkit-0.112-Polkit.spawn-leak.patch Normal file
View File

@ -0,0 +1,20 @@
commit 1986e443b170240e9ce4a34726b7fa6c55b3601c
Author: Miloslav Trmač <mitr@redhat.com>
Date: Sat Dec 7 04:21:10 2013 +0100

Fix a memory leak
https://bugs.freedesktop.org/show_bug.cgi?id=72426

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index bc2fe22..c3885a9 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -1363,7 +1363,6 @@ js_polkit_spawn (JSContext *cx,
goto out;
}
s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val));
- s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val));
argv[n] = g_strdup (s);
JS_free (cx, s);
}

120
SOURCES/polkit-0.112-PolkitAgentSession-race.patch Normal file
View File

@ -0,0 +1,120 @@
From 7650ad1e08ab13bdb461783c4995d186d9392840 Mon Sep 17 00:00:00 2001
From: Rui Matos <tiagomatos@gmail.com>
Date: Thu, 6 Feb 2014 18:41:18 +0100
Subject: [PATCH] PolkitAgentSession: fix race between child and io watches

The helper flushes and fdatasyncs stdout and stderr before terminating
but this doesn't guarantee that our io watch is called before our
child watch. This means that we can end up with a successful return
from the helper which we still report as a failure.

If we add G_IO_HUP and G_IO_ERR to the conditions we look for in the
io watch and the child terminates we still run the io watch handler
which will complete the session.

This means that the child watch is in fact needless and we can remove
it.

https://bugs.freedesktop.org/show_bug.cgi?id=60847
---
src/polkitagent/polkitagentsession.c | 47 +++++++++---------------------------
1 file changed, 11 insertions(+), 36 deletions(-)

diff --git a/src/polkitagent/polkitagentsession.c b/src/polkitagent/polkitagentsession.c
index 1c7a2dc..f014773 100644
--- a/src/polkitagent/polkitagentsession.c
+++ b/src/polkitagent/polkitagentsession.c
@@ -92,7 +92,6 @@ struct _PolkitAgentSession
int child_stdout;
GPid child_pid;
- GSource *child_watch_source;
GSource *child_stdout_watch_source;
GIOChannel *child_stdout_channel;
@@ -377,13 +376,6 @@ kill_helper (PolkitAgentSession *session)
session->child_pid = 0;
}
- if (session->child_watch_source != NULL)
- {
- g_source_destroy (session->child_watch_source);
- g_source_unref (session->child_watch_source);
- session->child_watch_source = NULL;
- }
-
if (session->child_stdout_watch_source != NULL)
{
g_source_destroy (session->child_stdout_watch_source);
@@ -429,26 +421,6 @@ complete_session (PolkitAgentSession *session,
}
}
-static void
-child_watch_func (GPid pid,
- gint status,
- gpointer user_data)
-{
- PolkitAgentSession *session = POLKIT_AGENT_SESSION (user_data);
-
- if (G_UNLIKELY (_show_debug ()))
- {
- g_print ("PolkitAgentSession: in child_watch_func for pid %d (WIFEXITED=%d WEXITSTATUS=%d)\n",
- (gint) pid,
- WIFEXITED(status),
- WEXITSTATUS(status));
- }
-
- /* kill all the watches we have set up, except for the child since it has exited already */
- session->child_pid = 0;
- complete_session (session, FALSE);
-}
-
static gboolean
io_watch_have_data (GIOChannel *channel,
GIOCondition condition,
@@ -475,10 +447,13 @@ io_watch_have_data (GIOChannel *channel,
NULL,
NULL,
&error);
- if (error != NULL)
+ if (error != NULL || line == NULL)
{
- g_warning ("Error reading line from helper: %s", error->message);
- g_error_free (error);
+ /* In case we get just G_IO_HUP, line is NULL but error is
+ unset.*/
+ g_warning ("Error reading line from helper: %s",
+ error ? error->message : "nothing to read");
+ g_clear_error (&error);
complete_session (session, FALSE);
goto out;
@@ -540,6 +515,9 @@ io_watch_have_data (GIOChannel *channel,
g_free (line);
g_free (unescaped);
+ if (condition & (G_IO_ERR | G_IO_HUP))
+ complete_session (session, FALSE);
+
/* keep the IOChannel around */
return TRUE;
}
@@ -650,12 +628,9 @@ polkit_agent_session_initiate (PolkitAgentSession *session)
if (G_UNLIKELY (_show_debug ()))
g_print ("PolkitAgentSession: spawned helper with pid %d\n", (gint) session->child_pid);
- session->child_watch_source = g_child_watch_source_new (session->child_pid);
- g_source_set_callback (session->child_watch_source, (GSourceFunc) child_watch_func, session, NULL);
- g_source_attach (session->child_watch_source, g_main_context_get_thread_default ());
-
session->child_stdout_channel = g_io_channel_unix_new (session->child_stdout);
- session->child_stdout_watch_source = g_io_create_watch (session->child_stdout_channel, G_IO_IN);
+ session->child_stdout_watch_source = g_io_create_watch (session->child_stdout_channel,
+ G_IO_IN | G_IO_ERR | G_IO_HUP);
g_source_set_callback (session->child_stdout_watch_source, (GSourceFunc) io_watch_have_data, session, NULL);
g_source_attach (session->child_stdout_watch_source, g_main_context_get_thread_default ());
--
1.8.3.1

78
SOURCES/polkit-0.112-XDG_RUNTIME_DIR.patch Normal file
View File

@ -0,0 +1,78 @@
From 8635ffc16aeff6a07d675f861fe0dea03ea81d7e Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 21 Nov 2013 17:39:37 -0500
Subject: [PATCH] pkexec: Work around systemd injecting broken XDG_RUNTIME_DIR

This workaround isn't too much code, and it's often better to fix bugs
in two places anyways.

For more information:

See https://bugzilla.redhat.com/show_bug.cgi?id=753882
See http://lists.freedesktop.org/archives/systemd-devel/2013-November/014370.html
---
src/programs/pkexec.c | 33 ++++++++++++++++++++++++++++++---
1 file changed, 30 insertions(+), 3 deletions(-)

diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c
index 005e1fe..a7ca8e0 100644
--- a/src/programs/pkexec.c
+++ b/src/programs/pkexec.c
@@ -143,8 +143,22 @@ pam_conversation_function (int n,
return PAM_CONV_ERR;
}
+/* A work around for:
+ * https://bugzilla.redhat.com/show_bug.cgi?id=753882
+ */
+static gboolean
+xdg_runtime_dir_is_owned_by (const char *path,
+ uid_t target_uid)
+{
+ struct stat stbuf;
+
+ return stat (path, &stbuf) == 0 &&
+ stbuf.st_uid == target_uid;
+}
+
static gboolean
-open_session (const gchar *user_to_auth)
+open_session (const gchar *user_to_auth,
+ uid_t target_uid)
{
gboolean ret;
gint rc;
@@ -186,7 +200,19 @@ open_session (const gchar *user_to_auth)
{
guint n;
for (n = 0; envlist[n]; n++)
- putenv (envlist[n]);
+ {
+ const char *envitem = envlist[n];
+
+ if (g_str_has_prefix (envitem, "XDG_RUNTIME_DIR="))
+ {
+ const char *eq = strchr (envitem, '=');
+ g_assert (eq);
+ if (!xdg_runtime_dir_is_owned_by (eq + 1, target_uid))
+ continue;
+ }
+
+ putenv (envlist[n]);
+ }
free (envlist);
}
@@ -913,7 +939,8 @@ main (int argc, char *argv[])
* As evident above, neither su(1) (and, for that matter, nor sudo(8)) does this.
*/
#ifdef POLKIT_AUTHFW_PAM
- if (!open_session (pw->pw_name))
+ if (!open_session (pw->pw_name,
+ pw->pw_uid))
{
goto out;
}
--
1.8.3.1

37
SOURCES/polkit-0.112-add-its-files.patch Normal file
View File

@ -0,0 +1,37 @@
diff -up ./data/Makefile.am.ori ./data/Makefile.am
--- ./data/Makefile.am.ori 2013-04-29 19:28:57.000000000 +0200
+++ ./data/Makefile.am 2018-05-31 14:33:50.164626183 +0200
@@ -36,6 +36,11 @@ pkgconfig_DATA = polkit-gobject-1.pc pol
# ----------------------------------------------------------------------------------------------------
+itsdir = $(datadir)/gettext/its
+its_DATA = polkit.loc polkit.its
+
+# ----------------------------------------------------------------------------------------------------
+
systemdservice_in_files = polkit.service.in
if HAVE_SYSTEMD
diff -up ./data/polkit.its.ori ./data/polkit.its
--- ./data/polkit.its.ori 2018-05-31 14:33:50.164626183 +0200
+++ ./data/polkit.its 2018-05-31 14:33:50.164626183 +0200
@@ -0,0 +1,8 @@
+<?xml version="1.0"?>
+<its:rules xmlns:its="http://www.w3.org/2005/11/its"
+ version="2.0">
+ <its:translateRule selector="//*" translate="no"/>
+ <its:translateRule selector="//action/description |
+ //action/message"
+ translate="yes"/>
+</its:rules>
diff -up ./data/polkit.loc.ori ./data/polkit.loc
--- ./data/polkit.loc.ori 2018-05-31 14:33:50.165626179 +0200
+++ ./data/polkit.loc 2018-05-31 14:33:50.164626183 +0200
@@ -0,0 +1,6 @@
+<?xml version="1.0"?>
+<locatingRules>
+ <locatingRule name="polkit policy" pattern="*.policy">
+ <documentRule localName="policyconfig" target="polkit.its"/>
+ </locatingRule>
+</locatingRules>

79
SOURCES/polkit-0.112-agent-leaks.patch Normal file
View File

@ -0,0 +1,79 @@
A part of commit 7ecf29a9db86f7161e2ff48e7bb8ea46a90f954f
Author: Miloslav Trmač <mitr@redhat.com>
Date: Wed Feb 8 22:57:21 2017 +0100

Fix a memory leak in server_handle_authentication_agent_response{,2}
Signed-off-by: Miloslav Trmač <mitr@redhat.com>

diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 2bcad62..cad3f74 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -1054,6 +1054,7 @@ server_handle_authentication_agent_response (Server *server,
g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
out:
+ g_variant_unref (identity_gvariant);
if (identity != NULL)
g_object_unref (identity);
}
commit d9efd2673d73214e7990e3e67cdddfa77c6a8226
Author: Miloslav Trmač <mitr@redhat.com>
Date: Wed Feb 8 22:55:10 2017 +0100

Fix a memory leak in server_handle_unregister_authentication_agent
Signed-off-by: Miloslav Trmač <mitr@redhat.com>

diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 7e08e57..2bcad62 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -1003,6 +1003,7 @@ server_handle_unregister_authentication_agent (Server *server,
g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
out:
+ g_variant_unref (subject_gvariant);
if (subject != NULL)
g_object_unref (subject);
}
commit af4566e1a7e9031b9a05f49c7d27bf379d822016
Author: Miloslav Trmač <mitr@redhat.com>
Date: Thu Feb 9 19:53:54 2017 +0100

Fix a memory leak per agent authentication
Signed-off-by: Miloslav Trmač <mitr@redhat.com>

diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index bf0ee48..b8096b3 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -1906,15 +1906,15 @@ authentication_agent_begin_cb (GDBusProxy *proxy,
AuthenticationSession *session = user_data;
gboolean gained_authorization;
gboolean was_dismissed;
+ GVariant *result;
GError *error;
was_dismissed = FALSE;
gained_authorization = FALSE;
error = NULL;
- if (!g_dbus_proxy_call_finish (proxy,
- res,
- &error))
+ result = g_dbus_proxy_call_finish (proxy, res, &error);
+ if (result == NULL)
{
g_printerr ("Error performing authentication: %s (%s %d)\n",
error->message,
@@ -1926,6 +1926,7 @@ authentication_agent_begin_cb (GDBusProxy *proxy,
}
else
{
+ g_variant_unref (result);
gained_authorization = session->is_authenticated;
g_debug ("Authentication complete, is_authenticated = %d", session->is_authenticated);
}

60
SOURCES/polkit-0.112-bus-conn-msg-ssh.patch Normal file
View File

@ -0,0 +1,60 @@
From 0ce0a7b3298d7b0fd5ce8c6775bcef9b0caf1bdb Mon Sep 17 00:00:00 2001
From: David Herrmann <dh.herrmann@gmail.com>
Date: Wed, 4 Jul 2018 13:51:24 +0200
Subject: [PATCH] polkitagent: suppress disconnect messages

The polkitagent may be used by pkexec and friends. These might very
well survive until very late during system shutdown. Hence, a
disconnect of polkitd during runtime might be expected [1].

This patch silences the disconnect/reconnect messages and turns them
into debug messages. This only affects the polkit-agent, it does not
affect the polkit-daemon implementation.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1249627
---
src/polkitagent/polkitagentlistener.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/polkitagent/polkitagentlistener.c b/src/polkitagent/polkitagentlistener.c
index debd1bb..1c8b666 100644
--- a/src/polkitagent/polkitagentlistener.c
+++ b/src/polkitagent/polkitagentlistener.c
@@ -178,10 +178,10 @@ on_notify_authority_owner (GObject *object,
owner = polkit_authority_get_owner (server->authority);
if (owner == NULL)
{
- g_printerr ("PolicyKit daemon disconnected from the bus.\n");
+ g_debug ("PolicyKit daemon disconnected from the bus.\n");
if (server->is_registered)
- g_printerr ("We are no longer a registered authentication agent.\n");
+ g_debug ("We are no longer a registered authentication agent.\n");
server->is_registered = FALSE;
}
@@ -192,17 +192,17 @@ on_notify_authority_owner (GObject *object,
{
GError *error;
- g_printerr ("PolicyKit daemon reconnected to bus.\n");
- g_printerr ("Attempting to re-register as an authentication agent.\n");
+ g_debug ("PolicyKit daemon reconnected to bus.\n");
+ g_debug ("Attempting to re-register as an authentication agent.\n");
error = NULL;
if (server_register (server, &error))
{
- g_printerr ("We are now a registered authentication agent.\n");
+ g_debug ("We are now a registered authentication agent.\n");
}
else
{
- g_printerr ("Failed to register as an authentication agent: %s\n", error->message);
+ g_debug ("Failed to register as an authentication agent: %s\n", error->message);
g_error_free (error);
}
}
--
2.18.0

13
SOURCES/polkit-0.112-pkttyagent-auth-errmsg-debug.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up ./src/programs/pkttyagent.c.ori ./src/programs/pkttyagent.c
--- ./src/programs/pkttyagent.c.ori 2018-08-01 15:51:28.495910434 +0200
+++ ./src/programs/pkttyagent.c 2018-08-02 15:51:45.126311197 +0200
@@ -150,7 +150,8 @@ main (int argc, char *argv[])
authority = polkit_authority_get_sync (NULL /* GCancellable* */, &error);
if (authority == NULL)
{
- g_printerr ("Error getting authority: %s (%s, %d)\n",
+ g_printerr ("Authorization not available. Check if polkit service is running or see debug message for more information.\n");
+ g_debug ("Error getting authority: %s (%s, %d)\n",
error->message, g_quark_to_string (error->domain), error->code);
g_error_free (error);
ret = 127;

27
SOURCES/polkit-0.112-polkitpermission-leak.patch Normal file
View File

@ -0,0 +1,27 @@
From dfd2c165447029c32510842350e924ef5ac3f679 Mon Sep 17 00:00:00 2001
From: Rui Matos <tiagomatos@gmail.com>
Date: Thu, 2 Mar 2017 14:50:31 +0100
Subject: [PATCH] polkitpermission: Fix a memory leak on authority changes

Signed-off-by: Rui Matos <tiagomatos@gmail.com>

https://bugs.freedesktop.org/show_bug.cgi?id=99741
---
src/polkit/polkitpermission.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/src/polkit/polkitpermission.c b/src/polkit/polkitpermission.c
index f8a666e..f264094 100644
--- a/src/polkit/polkitpermission.c
+++ b/src/polkit/polkitpermission.c
@@ -454,6 +454,7 @@ changed_check_cb (GObject *source_object,
if (result != NULL)
{
process_result (permission, result);
+ g_object_unref (result);
}
else
{
--
2.9.3

181
SOURCES/polkit-0.112-spawning-zombie-processes.patch Normal file
View File

@ -0,0 +1,181 @@
From a028743f5c88dd7c27c102c34535f25b42ea2c5f Mon Sep 17 00:00:00 2001
From: Kyle Walker <kwalker@redhat.com>
Date: Mon, 23 Apr 2018 13:07:37 -0400
Subject: [PATCH] Backport of:
https://bugs.freedesktop.org/attachment.cgi?id=138819

Signed-off-by: Kyle Walker <kwalker@redhat.com>
---
src/polkitbackend/polkitbackendjsauthority.c | 76 +++++++++++++++++++++++++++-
1 file changed, 74 insertions(+), 2 deletions(-)

diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index 39ed718..fd1dbfd 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -83,6 +83,13 @@ struct _PolkitBackendJsAuthorityPrivate
GMutex rkt_timeout_pending_mutex;
gboolean rkt_timeout_pending;
+ /* avoid zombies by reap child in a new thread */
+ GThread *child_reaper_thread;
+ GMutex crt_init_mutex;
+ GCond crt_init_cond;
+ GMainContext *crt_context;
+ GMainLoop *crt_loop;
+
/* A list of JSObject instances */
GList *scripts;
};
@@ -124,6 +131,7 @@ enum
/* ---------------------------------------------------------------------------------------------------- */
static gpointer runaway_killer_thread_func (gpointer user_data);
+static gpointer child_reaper_thread_func (gpointer user_data);
static GList *polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
@@ -461,6 +469,18 @@ polkit_backend_js_authority_constructed (GObject *object)
PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (object);
gboolean entered_request = FALSE;
+ g_mutex_init (&authority->priv->crt_init_mutex);
+ g_cond_init (&authority->priv->crt_init_cond);
+
+ authority->priv->child_reaper_thread = g_thread_new ("reap-child-thread",
+ child_reaper_thread_func,
+ authority);
+ /* wait for child_reaper_thread to set up its GMainContext */
+ g_mutex_lock (&authority->priv->crt_init_mutex);
+ while (authority->priv->crt_context == NULL)
+ g_cond_wait (&authority->priv->crt_init_cond, &authority->priv->crt_init_mutex);
+ g_mutex_unlock (&authority->priv->crt_init_mutex);
+
authority->priv->rt = JS_NewRuntime (8L * 1024L * 1024L);
if (authority->priv->rt == NULL)
goto fail;
@@ -585,6 +605,15 @@ polkit_backend_js_authority_finalize (GObject *object)
g_free (authority->priv->dir_monitors);
g_strfreev (authority->priv->rules_dirs);
+ g_mutex_clear (&authority->priv->crt_init_mutex);
+ g_cond_clear (&authority->priv->crt_init_cond);
+
+ /* shut down the child reaper thread */
+ g_assert (authority->priv->crt_loop != NULL);
+ g_main_loop_quit (authority->priv->crt_loop);
+ g_thread_join (authority->priv->child_reaper_thread);
+ g_assert (authority->priv->crt_loop == NULL);
+
JS_BeginRequest (authority->priv->cx);
JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_polkit);
JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_global);
@@ -1360,6 +1389,7 @@ get_signal_name (gint signal_number)
typedef struct
{
+ PolkitBackendJsAuthority *authority;
GMainLoop *loop;
GAsyncResult *res;
} SpawnData;
@@ -1379,7 +1409,7 @@ js_polkit_spawn (JSContext *cx,
unsigned js_argc,
jsval *vp)
{
- /* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */
+ PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx));
JSBool ret = JS_FALSE;
JSObject *array_object;
gchar *standard_output = NULL;
@@ -1424,6 +1454,8 @@ js_polkit_spawn (JSContext *cx,
JS_free (cx, s);
}
+ data.authority = authority;
+
context = g_main_context_new ();
loop = g_main_loop_new (context, FALSE);
@@ -1540,6 +1572,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
typedef struct
{
+ PolkitBackendJsAuthority *authority;
+
GSimpleAsyncResult *simple; /* borrowed reference */
GMainContext *main_context; /* may be NULL */
@@ -1572,11 +1606,43 @@ utils_child_watch_from_release_cb (GPid pid,
gint status,
gpointer user_data)
{
+ g_print("Child(pid: %d) has been reaped!\n", pid);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static gpointer
+child_reaper_thread_func (gpointer user_data)
+{
+ PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (user_data);
+
+ g_mutex_lock (&authority->priv->crt_init_mutex);
+
+ authority->priv->crt_context = g_main_context_new ();
+ authority->priv->crt_loop = g_main_loop_new (authority->priv->crt_context, FALSE);
+ g_main_context_push_thread_default (authority->priv->crt_context);
+
+ /* Signal the main thread that we're done constructing */
+ g_cond_signal (&authority->priv->crt_init_cond);
+ g_mutex_unlock (&authority->priv->crt_init_mutex);
+
+ g_main_loop_run (authority->priv->crt_loop);
+
+ g_main_context_pop_thread_default (authority->priv->crt_context);
+
+ g_main_loop_unref (authority->priv->crt_loop);
+ authority->priv->crt_loop = NULL;
+ g_main_context_unref (authority->priv->crt_context);
+ authority->priv->crt_context = NULL;
+
+ return NULL;
}
+/* ---------------------------------------------------------------------------------------------------- */
static void
utils_spawn_data_free (UtilsSpawnData *data)
{
+ PolkitBackendJsAuthority *authority = data->authority;
if (data->timeout_source != NULL)
{
g_source_destroy (data->timeout_source);
@@ -1604,12 +1670,17 @@ utils_spawn_data_free (UtilsSpawnData *data)
* Avoid taking a references to ourselves. but note that we need
* to pass the GSource so we can nuke it once handled.
*/
+
+ /* avoid zombies by reaping child in a new thread
+ * add source to reap thread context
+ */
+ GMainContext *reap_context = authority->priv->crt_context;
source = g_child_watch_source_new (data->child_pid);
g_source_set_callback (source,
(GSourceFunc) utils_child_watch_from_release_cb,
source,
(GDestroyNotify) g_source_destroy);
- g_source_attach (source, data->main_context);
+ g_source_attach (source, reap_context);
g_source_unref (source);
data->child_pid = 0;
}
@@ -1776,6 +1847,7 @@ utils_spawn (const gchar *const *argv,
GError *error;
data = g_slice_new0 (UtilsSpawnData);
+ data->authority = ((SpawnData *)user_data)->authority;
data->timeout_seconds = timeout_seconds;
data->simple = g_simple_async_result_new (NULL,
callback,
--
2.14.3

520
SPECS/polkit.spec Normal file
View File

@ -0,0 +1,520 @@
# Only enable if using patches that touches configure.ac,
# Makefile.am or other build system related files
#
%define enable_autoreconf 1

Summary: An authorization framework
Name: polkit
Version: 0.112
Release: 18%{?dist}
License: LGPLv2+
URL: http://www.freedesktop.org/wiki/Software/polkit
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
# https://bugs.freedesktop.org/show_bug.cgi?id=71894
Patch0: polkit-0.112-XDG_RUNTIME_DIR.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=60847
Patch1: polkit-0.112-PolkitAgentSession-race.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=69501
Patch2: polkit-0.112-CVE-2015-3256.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=88288
Patch3: polkit-0.112-EnumerateActions-leak.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=72426
Patch4: polkit-0.112-Polkit.spawn-leak.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=99741
Patch5: polkit-0.112-agent-leaks.patch
# https://bugs.freedesktop.org/show_bug.cgi?id=99741
Patch6: polkit-0.112-polkitpermission-leak.patch
Patch7: polkit-0.112-add-its-files.patch
Patch8: polkit-0.112-spawning-zombie-processes.patch
Patch9: polkit-0.112-bus-conn-msg-ssh.patch
Patch10: polkit-0.112-pkttyagent-auth-errmsg-debug.patch

Group: System Environment/Libraries
BuildRequires: glib2-devel >= 2.30.0
BuildRequires: expat-devel
BuildRequires: pam-devel
BuildRequires: gtk-doc
BuildRequires: intltool
BuildRequires: gobject-introspection-devel
BuildRequires: systemd-devel
BuildRequires: mozjs17-devel

%if 0%{?enable_autoreconf}
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
%endif

Requires: dbus, polkit-pkla-compat

Requires(pre): shadow-utils
Requires(post): /sbin/ldconfig, systemd
Requires(preun): systemd
Requires(postun): /sbin/ldconfig, systemd

Obsoletes: PolicyKit <= 0.10
Provides: PolicyKit = 0.11

# polkit saw some API/ABI changes from 0.96 to 0.97 so require a
# sufficiently new polkit-gnome package
Conflicts: polkit-gnome < 0.97

Obsoletes: polkit-desktop-policy < 0.103
Provides: polkit-desktop-policy = 0.103

Obsoletes: polkit-js-engine < 0.110-4
Provides: polkit-js-engine = %{version}-%{release}

%description
polkit is a toolkit for defining and handling authorizations. It is
used for allowing unprivileged processes to speak to privileged
processes.

%package devel
Summary: Development files for polkit
Group: Development/Libraries
Requires: %name = %{version}-%{release}
Requires: %name-docs = %{version}-%{release}
Requires: glib2-devel
Obsoletes: PolicyKit-devel <= 0.10
Provides: PolicyKit-devel = 0.11

%description devel
Development files for polkit.

%package docs
Summary: Development documentation for polkit
Group: Development/Libraries
Requires: %name-devel = %{version}-%{release}
Obsoletes: PolicyKit-docs <= 0.10
Provides: PolicyKit-docs = 0.11
BuildArch: noarch

%description docs
Development documentation for polkit.

%prep
%setup -q
%patch0 -p1 -b .XDG_RUNTIME_DIR
%patch1 -p1 -b .PolkitAgentSession-race
%patch2 -p1 -b .CVE-2015-3256
%patch3 -p1 -b .EnumerateActions-leak
%patch4 -p1 -b .Polkit.spawn-leak
%patch5 -p1 -b .agent-leaks
%patch6 -p1 -b .polkitpermission-leak.patch
%patch7 -p1 -b .its-files.patch
%patch8 -p1
%patch9 -p1
%patch10 -p1

%build
%if 0%{?enable_autoreconf}
autoreconf
%endif
# we can't use _hardened_build here, see
# https://bugzilla.redhat.com/show_bug.cgi?id=962005
export CFLAGS='-fPIC %optflags'
export LDFLAGS='-pie -Wl,-z,now -Wl,-z,relro'
%configure --enable-gtk-doc \
--disable-static \
--enable-introspection \
--disable-examples \
--enable-libsystemd-login=yes --with-mozjs=mozjs-17.0
make V=1

%install
make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p'

rm -f $RPM_BUILD_ROOT%{_libdir}/*.la

%find_lang polkit-1

%pre
getent group polkitd >/dev/null || groupadd -r polkitd
getent passwd polkitd >/dev/null || useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd
exit 0

%post
/sbin/ldconfig
# The implied (systemctl preset) will fail and complain, but the macro hides
# and ignores the fact. This is in fact what we want, polkit.service does not
# have an [Install] section and it is always started on demand.
%systemd_post polkit.service
# Restart snould usually be done in %%postun, but that wasnt the case with
# polkit-0.112-5 and earlier. This is a workaround to ensure restarting on
# upgrades from earlier versions.
if [ $1 -gt 1 ]; then
/usr/bin/systemctl try-restart polkit.service >/dev/null 2>&1 || :
fi

%preun
%systemd_preun polkit.service

%postun
/sbin/ldconfig
%systemd_postun_with_restart polkit.service

%files -f polkit-1.lang
%defattr(-,root,root,-)
%doc COPYING NEWS README
%{_libdir}/lib*.so.*
%{_datadir}/man/man1/*
%{_datadir}/man/man8/*
%{_datadir}/dbus-1/system-services/*
%{_unitdir}/polkit.service
%dir %{_datadir}/polkit-1/
%dir %{_datadir}/polkit-1/actions
%attr(0700,polkitd,root) %dir %{_datadir}/polkit-1/rules.d
%{_datadir}/polkit-1/actions/org.freedesktop.policykit.policy
%dir %{_sysconfdir}/polkit-1
%{_sysconfdir}/polkit-1/rules.d/50-default.rules
%attr(0700,polkitd,root) %dir %{_sysconfdir}/polkit-1/rules.d
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
%{_sysconfdir}/pam.d/polkit-1
%{_bindir}/pkaction
%{_bindir}/pkcheck
%{_bindir}/pkttyagent
%dir %{_prefix}/lib/polkit-1
%{_prefix}/lib/polkit-1/polkitd
%{_libdir}/girepository-1.0/*.typelib

# see upstream docs for why these permissions are necessary
%attr(4755,root,root) %{_bindir}/pkexec
%attr(4755,root,root) %{_prefix}/lib/polkit-1/polkit-agent-helper-1

%files devel
%defattr(-,root,root,-)
%{_libdir}/lib*.so
%{_libdir}/pkgconfig/*.pc
%{_datadir}/gir-1.0/*.gir
%{_includedir}/*
%{_datadir}/gettext/its/polkit.its
%{_datadir}/gettext/its/polkit.loc

%files docs
%defattr(-,root,root,-)
%{_datadir}/gtk-doc

%changelog
* Wed Aug 01 2018 Jan Rybar <jrybar@redhat.com> - 0.112-18
- Error message about getting authority is too elaborate
- Resolves: rhbz#1342855

* Tue Jul 24 2018 Jan Rybar <jrybar@redhat.com> - 0.112-17
- Bus disconnection report moved to debug mode
- Resolves: rhbz#1249627

* Mon Jul 23 2018 Jan Rybar <jrybar@redhat.com> - 0.112-16
- polkit spawns zombie processes
- Authored by kwalker@redhat.com
- Resolves: rhbz#1570907

* Thu May 31 2018 Jan Rybar <jrybar@redhat.com> - 0.112-15
- Localization *its* files required by newest Gnome Shell packages
- Resolves: rhbz#1584533

* Tue Sep 19 2017 Yaakov Selkowitz <yselkowi@redhat.com> - 0.112-14
- Rebuilt for mozjs17 48-bit VA on aarch64
Resolves: #1436518

* Tue Apr 4 2017 Miloslav Trmač <mitr@redhat.com> - 0.112-12
- Fix a memory leak in PolkitPermission.
Patch by Rui Matos <tiagomatos@gmail.com>
Resolves: #1433915

* Thu Feb 9 2017 Miloslav Trmač <mitr@redhat.com> - 0.112-11
- Fix memory leaks when calling authentication agents
Resolves: #1380166

* Thu Feb 2 2017 Miloslav Trmač <mitr@redhat.com> - 0.112-10
- Fix a memory leak in Polkit.spawn calls from authorization rules
Resolves: #1380166

* Wed Jul 6 2016 Miloslav Trmač <mitr@redhat.com> - 0.112-9
- Update for another mozjs17 change, the pkg-config file name does not change.
Resolves: #1331776

* Mon Jul 4 2016 Miloslav Trmač <mitr@redhat.com> - 0.112-8
- Update for ABI change needed to fix use of 48-bit pointers on ARM64.
Resolves: #1331776

* Tue May 17 2016 Miloslav Trmač <mitr@redhat.com> - 0.112-7
- Fix a memory leak when processing the result of EnumerateActions
Resolves: #1310738

* Mon Oct 19 2015 Miloslav Trmač <mitr@redhat.com> - 0.112-6
- Fix CVE-2015-3256
Resolves: #1271790

* Mon Feb 10 2014 Miloslav Trmač <mitr@redhat.com> - 0.112-5
- Fix a PolkitAgentSession race condition
Resolves: #1063193

* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.112-4
- Mass rebuild 2014-01-24

* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.112-3
- Mass rebuild 2013-12-27

* Sat Dec 7 2013 Miloslav Trmač <mitr@redhat.com> - 0.112-2
- Workaround pam_systemd setting broken XDG_RUNTIME_DIR
Resolves: #1033774
- Always use mozjs-17.0 even if js-devel is installed

* Wed Sep 18 2013 Miloslav Trmač <mitr@redhat.com> - 0.112-1
- Update to polkit-0.112
- Resolves: #1005135, CVE-2013-4288

* Wed May 29 2013 Tomas Bzatek <tbzatek@redhat.com> - 0.111-2
- Fix a race on PolkitSubject type registration (#866718)

* Wed May 15 2013 Miloslav Trmač <mitr@redhat.com> - 0.111-1
- Update to polkit-0.111
Resolves: #917888
- Use SpiderMonkey from mozjs17 instead of js
- Ship the signature in the srpm
- Try to preserve timestamps in (make install)

* Fri May 10 2013 Miloslav Trmač <mitr@redhat.com> - 0.110-4
- Shut up rpmlint about Summary:
- Build with V=1
- Use %%{_unitdir} instead of hard-coding the path
- Use the new systemd macros, primarily to run (systemctl daemon-reload)
Resolves: #857382

* Fri May 10 2013 Miloslav Trmač <mitr@redhat.com> - 0.110-4
- Make the JavaScript engine mandatory. The polkit-js-engine package has been
removed, main polkit package Provides:polkit-js-engine for compatibility.
- Add Requires: polkit-pkla-compat
Resolves: #908808

* Wed Feb 13 2013 Miloslav Trmač <mitr@redhat.com> - 0.110-3
- Don't ship pk-example-frobnicate in the "live" configuration
Resolves: #878112

* Fri Feb 8 2013 Miloslav Trmač <mitr@redhat.com> - 0.110-2
- Own %%{_docdir}/polkit-js-engine-*
Resolves: #907668

* Wed Jan 9 2013 David Zeuthen <davidz@redhat.com> - 0.110-1%{?dist}
- Update to upstream release 0.110

* Mon Jan 7 2013 Matthias Clasen <mclasen@redhat.com> - 0.109-2%{?dist}
- Build with pie and stuff

* Wed Dec 19 2012 David Zeuthen <davidz@redhat.com> 0.109-1%{?dist}
- Update to upstream release 0.109
- Drop upstreamed patches

* Thu Nov 15 2012 David Zeuthen <davidz@redhat.com> 0.108-3%{?dist}
- Attempt to open the correct libmozjs185 library, otherwise polkit
authz rules will not work unless js-devel is installed (fdo #57146)

* Wed Nov 14 2012 David Zeuthen <davidz@redhat.com> 0.108-2%{?dist}
- Include gmodule-2.0 to avoid build error

* Wed Nov 14 2012 David Zeuthen <davidz@redhat.com> 0.108-1%{?dist}
- Update to upstream release 0.108
- Drop upstreamed patches
- This release dynamically loads the JavaScript interpreter and can
cope with it not being available. In this case, polkit authorization
rules are not processed and the defaults for an action - as defined
in its .policy file - are used for authorization decisions.
- Add new meta-package, polkit-js-engine, that pulls in the required
JavaScript bits to make polkit authorization rules work. The default
install - not the minimal install - should include this package

* Wed Oct 10 2012 Adam Jackson <ajax@redhat.com> 0.107-4
- Don't crash if initializing the server object fails

* Tue Sep 18 2012 David Zeuthen <davidz@redhat.com> 0.107-3%{?dist}
- Authenticate as root if e.g. the wheel group is empty (#834494)

* Fri Jul 27 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.107-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Wed Jul 11 2012 David Zeuthen <davidz@redhat.com> 0.107-1%{?dist}
- Update to upstream release 0.107

* Fri Jun 29 2012 David Zeuthen <davidz@redhat.com> 0.106-2%{?dist}
- Add forgotten Requires(pre): shadow-utils

* Thu Jun 07 2012 David Zeuthen <davidz@redhat.com> 0.106-1%{?dist}
- Update to upstream release 0.106
- Authorizations are no longer controlled by .pkla files - from now
on, use the new .rules files described in the polkit(8) man page

* Tue Apr 24 2012 David Zeuthen <davidz@redhat.com> 0.105-1%{?dist}
- Update to upstream release 0.105
- Nuke patches that are now upstream
- Change 'PolicyKit' to 'polkit' in summary and descriptions

* Thu Mar 08 2012 David Zeuthen <davidz@redhat.com> 0.104-6%{?dist}
- Don't leak file descriptors (bgo #671486)

* Mon Feb 13 2012 Matthias Clasen <mclasen@redhat.com> - 0.104-5%{?dist}
- Make the -docs subpackage noarch

* Mon Feb 06 2012 David Zeuthen <davidz@redhat.com> 0.104-4%{?dist}
- Set error if we cannot obtain a PolkitUnixSession for a given PID (#787222)

* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.104-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Tue Jan 03 2012 David Zeuthen <davidz@redhat.com> 0.104-2%{?dist}
- Nuke the ConsoleKit run-time requirement

* Tue Jan 03 2012 David Zeuthen <davidz@redhat.com> 0.104-1%{?dist}
- Update to upstream release 0.104
- Force usage of systemd (instead of ConsoleKit) for session tracking

* Tue Dec 06 2011 David Zeuthen <davidz@redhat.com> 0.103-1%{?dist}
- Update to upstream release 0.103
- Drop upstreamed patch
- Drop Fedora-specific policy, it is now upstream (fdo #41008)

* Wed Oct 26 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.102-3
- Rebuilt for glibc bug#747377

* Tue Oct 18 2011 David Zeuthen <davidz@redhat.com> 0.102-2%{?dist}
- Add patch to neuter the annoying systemd behavior where stdout/stderr
is sent to the system logs

* Thu Aug 04 2011 David Zeuthen <davidz@redhat.com> 0.102-1
- Update to 0.102 release

* Fri May 13 2011 Bastien Nocera <bnocera@redhat.com> 0.101-7
- Allow setting the pretty hostname without a password for wheel,
change matches systemd in git

* Mon May 2 2011 Matthias Clasen <mclasen@redhat.com> - 0.101-6
- Update the action id of the datetime mechanism

* Tue Apr 19 2011 David Zeuthen <davidz@redhat.com> - 0.101-5
- CVE-2011-1485 (#697951)

* Tue Mar 22 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> - 0.101-4
- Also allow org.kde.kcontrol.kcmclock.save without password for wheel

* Thu Mar 17 2011 David Zeuthen <davidz@redhat.com> - 0.101-3
- Fix typo in pkla file (thanks notting)

* Thu Mar 17 2011 David Zeuthen <davidz@redhat.com> - 0.101-2
- Nuke desktop_admin_r and desktop_user_r groups - just use the
wheel group instead (#688363)
- Update the set of configuration directives that gives users
in the wheel group extra privileges

* Thu Mar 03 2011 David Zeuthen <davidz@redhat.com> - 0.101-1
- New upstream version

* Mon Feb 21 2011 David Zeuthen <davidz@redhat.com> - 0.100-1
- New upstream version

* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.98-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Fri Jan 28 2011 Matthias Clasen <mclasen@redhat.com> - 0.98-6
- Own /usr/libexec/polkit-1

* Fri Nov 12 2010 Matthias Clasen <mclasen@redhat.com> - 0.98-5
- Enable introspection

* Thu Sep 02 2010 David Zeuthen <davidz@redhat.com> - 0.98-4
- Fix #629515 in a way that doesn't require autoreconf

* Thu Sep 02 2010 David Zeuthen <davidz@redhat.com> - 0.98-2
- Include polkitagentenumtypes.h (#629515)

* Mon Aug 23 2010 Matthias Clasen <mclasen@redhat.com> - 0.98-1
- Update to upstream release 0.98
- Co-own /usr/share/gtk-doc (#604410)

* Wed Aug 18 2010 Matthias Clasen <mclasen@redhat.com> - 0.97-5
- Rebuid to work around bodhi limitations

* Wed Aug 18 2010 Matthias Clasen <mclasen@redhat.com> - 0.97-4
- Fix a ConsoleKit interaction bug

* Fri Aug 13 2010 David Zeuthen <davidz@redhat.com> - 0.97-3
- Add a patch to make pkcheck(1) work the way libvirtd uses it (#623257)
- Require GLib >= 2.25.12 instead of 2.25.11
- Ensure polkit-gnome packages earlier than 0.97 are not used with
these packages

* Mon Aug 09 2010 David Zeuthen <davidz@redhat.com> - 0.97-2
- Rebuild

* Mon Aug 09 2010 David Zeuthen <davidz@redhat.com> - 0.97-1
- Update to 0.97. This release contains a port from EggDBus to the
GDBus code available in recent GLib releases.

* Fri Jan 15 2010 David Zeuthen <davidz@redhat.com> - 0.96-1
- Update to 0.96
- Disable introspection support for the time being

* Fri Nov 13 2009 David Zeuthen <davidz@redhat.com> - 0.95-2
- Rebuild

* Fri Nov 13 2009 David Zeuthen <davidz@redhat.com> - 0.95-1
- Update to 0.95
- Drop upstreamed patches

* Tue Oct 20 2009 Matthias Clasen <mclasen@redhat.com> - 0.95-0.git20090913.3
- Fix a typo in pklocalauthority(8)

* Mon Sep 14 2009 David Zeuthen <davidz@redhat.com> - 0.95-0.git20090913.2
- Refine how Obsolete: is used and also add Provides: (thanks Jesse
Keating and nim-nim)

* Mon Sep 14 2009 David Zeuthen <davidz@redhat.com> - 0.95-0.git20090913.1
- Add bugfix for polkit_unix_process_new_full() (thanks Bastien Nocera)
- Obsolete old PolicyKit packages

* Sun Sep 13 2009 David Zeuthen <davidz@redhat.com> - 0.95-0.git20090913
- Update to git snapshot
- Drop upstreamed patches
- Turn on GObject introspection
- Don't delete desktop_admin_r and desktop_user_r groups when
uninstalling polkit-desktop-policy

* Fri Sep 11 2009 David Zeuthen <davidz@redhat.com> - 0.94-4
- Add some patches from git master
- Sort pkaction(1) output
- Bug 23867 UnixProcess vs. SystemBusName aliasing

* Thu Aug 13 2009 David Zeuthen <davidz@redhat.com> - 0.94-3
- Add desktop_admin_r and desktop_user_r groups along with a first cut
of default authorizations for users in these groups.

* Wed Aug 12 2009 David Zeuthen <davidz@redhat.com> - 0.94-2
- Disable GObject Introspection for now as it breaks the build

* Wed Aug 12 2009 David Zeuthen <davidz@redhat.com> - 0.94-1
- Update to upstream release 0.94

* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.93-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Mon Jul 20 2009 David Zeuthen <davidz@redhat.com> - 0.93-2
- Rebuild

* Mon Jul 20 2009 David Zeuthen <davidz@redhat.com> - 0.93-1
- Update to 0.93

* Tue Jun 09 2009 David Zeuthen <davidz@redhat.com> - 0.92-3
- Don't make docs noarch (I *heart* multilib)
- Change license to LGPLv2+

* Mon Jun 08 2009 David Zeuthen <davidz@redhat.com> - 0.92-2
- Rebuild

* Mon Jun 08 2009 David Zeuthen <davidz@redhat.com> - 0.92-1
- Update to 0.92 release

* Wed May 27 2009 David Zeuthen <davidz@redhat.com> - 0.92-0.git20090527
- Update to 0.92 snapshot

* Mon Feb 9 2009 David Zeuthen <davidz@redhat.com> - 0.91-1
- Initial spec file.