Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Pacho Ramos (pacho)" <pacho@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in sys-apps/accountsservice/files: accountsservice-0.6.35-nondelete-root.patch accountsservice-0.6.35-user-logic.patch accountsservice-0.6.35-older-glib.patch accountsservice-0.6.35-gentoo-system-users.patch accountsservice-0.6.30-xsession-typo.patch accountsservice-0.6.30-login-history-variant.patch
Date: Wed, 04 Dec 2013 19:38:36
Message-Id: 20131204193830.DBA502004B@flycatcher.gentoo.org
1 pacho 13/12/04 19:38:30
2
3 Added: accountsservice-0.6.35-nondelete-root.patch
4 accountsservice-0.6.35-user-logic.patch
5 accountsservice-0.6.35-older-glib.patch
6 accountsservice-0.6.35-gentoo-system-users.patch
7 Removed: accountsservice-0.6.30-xsession-typo.patch
8 accountsservice-0.6.30-login-history-variant.patch
9 Log:
10 Version bump, drop old
11
12 (Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key A188FBD4)
13
14 Revision Changes Path
15 1.1 sys-apps/accountsservice/files/accountsservice-0.6.35-nondelete-root.patch
16
17 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-nondelete-root.patch?rev=1.1&view=markup
18 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-nondelete-root.patch?rev=1.1&content-type=text/plain
19
20 Index: accountsservice-0.6.35-nondelete-root.patch
21 ===================================================================
22 From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001
23 From: Matthias Clasen <mclasen@××××××.com>
24 Date: Fri, 01 Nov 2013 21:09:25 +0000
25 Subject: Avoid deleting the root user
26
27 The check we have in place against deleting the root user can
28 be tricked by exploiting the fact that we are checking a gint64,
29 and then later cast it to a uid_t. This can be seen with the
30 following test, which will delete your root account:
31
32 qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \
33 org.freedesktop.Accounts.DeleteUser -9223372036854775808 true
34
35 Found with the dfuzzer tool,
36 https://github.com/matusmarhefka/dfuzzer
37 ---
38 diff --git a/src/daemon.c b/src/daemon.c
39 index ea75190..9c7001b 100644
40 --- a/src/daemon.c
41 +++ b/src/daemon.c
42 @@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts,
43 }
44
45 typedef struct {
46 - gint64 uid;
47 + uid_t uid;
48 gboolean remove_files;
49 } DeleteUserData;
50
51 @@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts,
52 Daemon *daemon = (Daemon*)accounts;
53 DeleteUserData *data;
54
55 - if (uid == 0) {
56 + if ((uid_t)uid == 0) {
57 throw_error (context, ERROR_FAILED, "Refuse to delete root user");
58 return TRUE;
59 }
60
61 data = g_new0 (DeleteUserData, 1);
62 - data->uid = uid;
63 + data->uid = (uid_t)uid;
64 data->remove_files = remove_files;
65
66 daemon_local_check_auth (daemon,
67 --
68 cgit v0.9.0.2-2-gbebe
69
70
71
72 1.1 sys-apps/accountsservice/files/accountsservice-0.6.35-user-logic.patch
73
74 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-user-logic.patch?rev=1.1&view=markup
75 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-user-logic.patch?rev=1.1&content-type=text/plain
76
77 Index: accountsservice-0.6.35-user-logic.patch
78 ===================================================================
79 From ba13b59cb91ec67c86b3e3fb390d91db01df8963 Mon Sep 17 00:00:00 2001
80 From: Ray Strode <rstrode@××××××.com>
81 Date: Fri, 15 Nov 2013 15:11:15 +0000
82 Subject: Change up user classification logic again
83
84 relying on login.defs is fragile, and the
85 user heuristics are fragile.
86
87 This commit requires an explicit uid minimum
88 get configured, and heuristics now only get
89 applied to the specific problematic range
90 they were added to address.
91
92 https://bugs.freedesktop.org/show_bug.cgi?id=71801
93 ---
94 diff --git a/configure.ac b/configure.ac
95 index cb1fcda..39c5b92 100644
96 --- a/configure.ac
97 +++ b/configure.ac
98 @@ -55,11 +55,17 @@ AS_IF([test x$enable_admin_group = xauto], [
99 AC_DEFINE_UNQUOTED([ADMIN_GROUP], ["$enable_admin_group"], [Define to the group for administrator users])
100
101 AC_ARG_ENABLE(user-heuristics,
102 - [AS_HELP_STRING([--enable-user-heuristics],[Enable heuristics for guessing system vs. human users])],
103 + [AS_HELP_STRING([--enable-user-heuristics],[Enable heuristics for guessing system vs. human users in the range 500-minimum-uid])],
104 [if test "$enableval" = yes; then
105 AC_DEFINE([ENABLE_USER_HEURISTICS], , [System vs. human user heuristics enabled])
106 fi])
107
108 +AC_ARG_WITH(minimum-uid,
109 + [AS_HELP_STRING([--with-minimum-uid],[Set minimum uid for human users])],
110 + ,with_minimum_uid=1000)
111 +
112 +AC_DEFINE_UNQUOTED([MINIMUM_UID], $with_minimum_uid, [Define to the minumum UID of human users])
113 +
114 dnl ---------------------------------------------------------------------------
115 dnl - coverage
116 dnl ---------------------------------------------------------------------------
117 diff --git a/src/user-classify.c b/src/user-classify.c
118 index b68c9ae..69e6809 100644
119 --- a/src/user-classify.c
120 +++ b/src/user-classify.c
121 @@ -26,7 +26,6 @@
122
123 #include <string.h>
124
125 -#ifdef ENABLE_USER_HEURISTICS
126 static const char *default_excludes[] = {
127 "bin",
128 "root",
129 @@ -57,16 +56,10 @@ static const char *default_excludes[] = {
130 "gnome-initial-setup"
131 };
132
133 -#define PATH_NOLOGIN "/sbin/nologin"
134 -#define PATH_FALSE "/bin/false"
135 -
136 static gboolean
137 -user_classify_is_excluded_by_heuristics (const gchar *username,
138 - const gchar *shell,
139 - const gchar *password_hash)
140 +user_classify_is_blacklisted (const char *username)
141 {
142 static GHashTable *exclusions;
143 - gboolean ret = FALSE;
144
145 if (exclusions == NULL) {
146 guint i;
147 @@ -82,6 +75,20 @@ user_classify_is_excluded_by_heuristics (const gchar *username,
148 return TRUE;
149 }
150
151 + return FALSE;
152 +}
153 +
154 +#define PATH_NOLOGIN "/sbin/nologin"
155 +#define PATH_FALSE "/bin/false"
156 +
157 +#ifdef ENABLE_USER_HEURISTICS
158 +static gboolean
159 +user_classify_is_excluded_by_heuristics (const gchar *username,
160 + const gchar *shell,
161 + const gchar *password_hash)
162 +{
163 + gboolean ret = FALSE;
164 +
165 if (shell != NULL) {
166 char *basename, *nologin_basename, *false_basename;
167
168 @@ -139,99 +146,6 @@ user_classify_is_excluded_by_heuristics (const gchar *username,
169
170 return ret;
171 }
172 -
173 -#else /* ENABLE_USER_HEURISTICS */
174 -
175 -static gboolean
176 -user_classify_parse_login_defs_field (const gchar *contents,
177 - const gchar *key,
178 - uid_t *result)
179 -{
180 - gsize key_len;
181 - gint64 value;
182 - gchar *end;
183 -
184 - key_len = strlen (key);
185 -
186 - for (;;) {
187 - /* Our key has to be at the start of the line, followed by whitespace */
188 - if (strncmp (contents, key, key_len) == 0 && g_ascii_isspace (contents[key_len])) {
189 - /* Found it. Move contents past the key itself and break out. */
190 - contents += key_len;
191 - break;
192 - }
193 -
194 - /* Didn't find it. Find the end of the line. */
195 - contents = strchr (contents, '\n');
196 -
197 - /* EOF? */
198 - if (!contents) {
199 - /* We didn't find the field... */
200 - return FALSE;
201 - }
202 -
203 - /* Start at the beginning of the next line on next iteration. */
204 - contents++;
205 - }
206 -
207 - /* 'contents' now points at the whitespace character just after
208 - * the field name. strtoll can deal with that.
209 - */
210 - value = g_ascii_strtoll (contents, &end, 10);
211 -
212 - if (*end && !g_ascii_isspace (*end)) {
213 - g_warning ("Trailing junk after '%s' field in login.defs", key);
214 - return FALSE;
215 - }
216 -
217 - if (value <= 0 || value >= G_MAXINT32) {
218 - g_warning ("Value for '%s' field out of range", key);
219 - return FALSE;
220 - }
221 -
222 - *result = value;
223 -
224 - return TRUE;
225 -}
226 -
227 -static void
228 -user_classify_read_login_defs (uid_t *min_uid,
229 - uid_t *max_uid)
230 -{
231 - GError *error = NULL;
232 - char *contents;
233 -
234 - if (!g_file_get_contents ("/etc/login.defs", &contents, NULL, &error)) {
235 - g_warning ("Could not open /etc/login.defs: %s. Falling back to default human uid range of %d to %d",
236 - error->message, (int) *min_uid, (int) *max_uid);
237 - g_error_free (error);
238 - return;
239 - }
240 -
241 - if (!user_classify_parse_login_defs_field (contents, "UID_MIN", min_uid)) {
242 - g_warning ("Could not find UID_MIN value in login.defs. Using default of %d", (int) *min_uid);
243 - }
244 -
245 - if (!user_classify_parse_login_defs_field (contents, "UID_MAX", max_uid)) {
246 - g_warning ("Could not find UID_MIN value in login.defs. Using default of %d", (int) *max_uid);
247 - }
248 -
249 - g_free (contents);
250 -}
251 -
252 -static gboolean
253 -user_classify_is_in_human_range (uid_t uid)
254 -{
255 - static uid_t min_uid = 1000, max_uid = 60000;
256 - static gboolean initialised;
257 -
258 - if (!initialised) {
259 - user_classify_read_login_defs (&min_uid, &max_uid);
260 - initialised = TRUE;
261 - }
262 -
263 - return min_uid <= uid && uid <= max_uid;
264 -}
265 #endif /* ENABLE_USER_HEURISTICS */
266
267 gboolean
268 @@ -240,9 +154,16 @@ user_classify_is_human (uid_t uid,
269 const gchar *shell,
270 const gchar *password_hash)
271 {
272 + if (user_classify_is_blacklisted (username))
273 + return FALSE;
274 +
275 #ifdef ENABLE_USER_HEURISTICS
276 - return !user_classify_is_excluded_by_heuristics (username, shell, password_hash);
277 -#else
278 - return user_classify_is_in_human_range (uid);
279 + /* only do heuristics on the range 500-1000 to catch one off migration problems in Fedora */
280 + if (uid >= 500 && uid < MINIMUM_UID) {
281 + if (!user_classify_is_excluded_by_heuristics (username, shell, password_hash))
282 + return TRUE;
283 + }
284 #endif
285 +
286 + return uid >= MINIMUM_UID;
287 }
288 --
289 cgit v0.9.0.2-2-gbebe
290
291
292
293 1.1 sys-apps/accountsservice/files/accountsservice-0.6.35-older-glib.patch
294
295 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-older-glib.patch?rev=1.1&view=markup
296 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-older-glib.patch?rev=1.1&content-type=text/plain
297
298 Index: accountsservice-0.6.35-older-glib.patch
299 ===================================================================
300 From f86c93014e698d81d43fe1ebaf805fa794e5a984 Mon Sep 17 00:00:00 2001
301 From: Ray Strode <rstrode@××××××.com>
302 Date: Tue, 22 Oct 2013 19:42:16 +0000
303 Subject: daemon: rip out extension interface
304
305 It requires newer glib than we're shipping
306 ---
307 diff --git a/configure.ac b/configure.ac
308 index cb1fcda..a7f4e20 100644
309 --- a/configure.ac
310 +++ b/configure.ac
311 @@ -25,7 +25,7 @@ AC_SUBST(LT_CURRENT)
312 AC_SUBST(LT_REVISION)
313 AC_SUBST(LT_AGE)
314
315 -PKG_CHECK_MODULES(GIO, gio-2.0 >= 2.37.3 gio-unix-2.0)
316 +PKG_CHECK_MODULES(GIO, gio-2.0 gio-unix-2.0)
317 PKG_CHECK_MODULES(POLKIT, gio-unix-2.0 polkit-gobject-1)
318
319 AM_MAINTAINER_MODE([enable])
320 diff --git a/src/Makefile.am b/src/Makefile.am
321 index 6940f2d..de57e7a 100644
322 --- a/src/Makefile.am
323 +++ b/src/Makefile.am
324 @@ -34,7 +34,6 @@ accounts_daemon_SOURCES = \
325 types.h \
326 daemon.h \
327 daemon.c \
328 - extensions.c \
329 user-classify.h \
330 user-classify.c \
331 user.h \
332 diff --git a/src/daemon.c b/src/daemon.c
333 index 9c9f617..ea75190 100644
334 --- a/src/daemon.c
335 +++ b/src/daemon.c
336 @@ -80,7 +80,6 @@ struct DaemonPrivate {
337 guint autologin_id;
338
339 PolkitAuthority *authority;
340 - GHashTable *extension_ifaces;
341 };
342
343 typedef struct passwd * (* EntryGeneratorFunc) (GHashTable *, gpointer *);
344 @@ -683,8 +682,6 @@ daemon_init (Daemon *daemon)
345 {
346 daemon->priv = DAEMON_GET_PRIVATE (daemon);
347
348 - daemon->priv->extension_ifaces = daemon_read_extension_ifaces ();
349 -
350 daemon->priv->users = create_users_hash_table ();
351
352 daemon->priv->passwd_monitor = setup_monitor (daemon,
353 @@ -728,8 +725,6 @@ daemon_finalize (GObject *object)
354
355 g_hash_table_destroy (daemon->priv->users);
356
357 - g_hash_table_unref (daemon->priv->extension_ifaces);
358 -
359 G_OBJECT_CLASS (daemon_parent_class)->finalize (object);
360 }
361
362 @@ -1553,12 +1548,6 @@ daemon_local_set_automatic_login (Daemon *daemon,
363 return TRUE;
364 }
365
366 -GHashTable *
367 -daemon_get_extension_ifaces (Daemon *daemon)
368 -{
369 - return daemon->priv->extension_ifaces;
370 -}
371 -
372 static void
373 get_property (GObject *object,
374 guint prop_id,
375 diff --git a/src/daemon.h b/src/daemon.h
376 index b7e072e..e036407 100644
377 --- a/src/daemon.h
378 +++ b/src/daemon.h
379 @@ -96,9 +96,6 @@ gboolean daemon_local_set_automatic_login (Daemon *daemon,
380 gboolean enabled,
381 GError **error);
382
383 -GHashTable * daemon_read_extension_ifaces (void);
384 -GHashTable * daemon_get_extension_ifaces (Daemon *daemon);
385 -
386 G_END_DECLS
387
388 #endif /* __DAEMON_H__ */
389 diff --git a/src/user.c b/src/user.c
390 index 1698eeb..163d136 100644
391 --- a/src/user.c
392 +++ b/src/user.c
393 @@ -104,9 +104,6 @@ struct User {
394 gboolean automatic_login;
395 gboolean system_account;
396 gboolean local_account;
397 -
398 - guint *extension_ids;
399 - guint n_extension_ids;
400 };
401
402 typedef struct UserClass
403 @@ -463,259 +460,6 @@ move_extra_data (const gchar *old_name,
404 g_free (new_filename);
405 }
406
407 -static GVariant *
408 -user_extension_get_value (User *user,
409 - GDBusInterfaceInfo *interface,
410 - const GDBusPropertyInfo *property)
411 -{
412 - const GVariantType *type = G_VARIANT_TYPE (property->signature);
413 - GVariant *value;
414 - gchar *printed;
415 - gint i;
416 -
417 - /* First, try to get the value from the keyfile */
418 - printed = g_key_file_get_value (user->keyfile, interface->name, property->name, NULL);
419 - if (printed) {
420 - value = g_variant_parse (type, printed, NULL, NULL, NULL);
421 - g_free (printed);
422 -
423 - if (value != NULL)
424 - return value;
425 - }
426 -
427 - /* If that didn't work, try for a default value annotation */
428 - for (i = 0; property->annotations && property->annotations[i]; i++) {
429 - GDBusAnnotationInfo *annotation = property->annotations[i];
430 -
431 - if (g_str_equal (annotation->key, "org.freedesktop.Accounts.DefaultValue.String")) {
432 - if (g_str_equal (property->signature, "s"))
433 - return g_variant_ref_sink (g_variant_new_string (annotation->value));
434 - }
435 - else if (g_str_equal (annotation->key, "org.freedesktop.Accounts.DefaultValue")) {
436 - value = g_variant_parse (type, annotation->value, NULL, NULL, NULL);
437 - if (value != NULL)
438 - return value;
439 - }
440 - }
441 -
442 - /* Nothing found... */
443 - return NULL;
444 -}
445 -
446 -static void
447 -user_extension_get_property (User *user,
448 - Daemon *daemon,
449 - GDBusInterfaceInfo *interface,
450 - GDBusMethodInvocation *invocation)
451 -{
452 - const GDBusPropertyInfo *property = g_dbus_method_invocation_get_property_info (invocation);
453 - GVariant *value;
454 -
455 - value = user_extension_get_value (user, interface, property);
456 -
457 - if (value) {
458 - g_dbus_method_invocation_return_value (invocation, g_variant_new ("(v)", value));
459 - g_variant_unref (value);
460 - }
461 - else {
462 - g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS,
463 - "Key '%s' is not set and has no default value",
464 - property->name);
465 - }
466 -}
467 -
468 -static void
469 -user_extension_get_all_properties (User *user,
470 - Daemon *daemon,
471 - GDBusInterfaceInfo *interface,
472 - GDBusMethodInvocation *invocation)
473 -{
474 - GVariantBuilder builder;
475 - gint i;
476 -
477 - g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT);
478 - for (i = 0; interface->properties && interface->properties[i]; i++) {
479 - GDBusPropertyInfo *property = interface->properties[i];
480 - GVariant *value;
481 -
482 - value = user_extension_get_value (user, interface, property);
483 -
484 - if (value) {
485 - g_variant_builder_add (&builder, "{sv}", property->name, value);
486 - g_variant_unref (value);
487 - }
488 - }
489 -
490 - g_dbus_method_invocation_return_value (invocation, g_variant_new ("(a{sv})", &builder));
491 -}
492 -
493 -static void
494 -user_extension_set_property (User *user,
495 - Daemon *daemon,
496 - GDBusInterfaceInfo *interface,
497 - GDBusMethodInvocation *invocation)
498 -{
499 - const GDBusPropertyInfo *property = g_dbus_method_invocation_get_property_info (invocation);
500 - GVariant *value;
501 - gchar *printed;
502 - gchar *prev;
503 -
504 - g_variant_get_child (g_dbus_method_invocation_get_parameters (invocation), 2, "v", &value);
505 -
506 - /* We'll always have the type when we parse it back so
507 - * we don't need it to be printed with annotations.
508 - */
509 - printed = g_variant_print (value, FALSE);
510 -
511 - /* May as well try to avoid the thrashing... */
512 - prev = g_key_file_get_value (user->keyfile, interface->name, property->name, NULL);
513 -
514 - if (!prev || !g_str_equal (printed, prev)) {
515 - g_key_file_set_value (user->keyfile, interface->name, property->name, printed);
516 -
517 - /* Emit a change signal. Use invalidation
518 - * because the data may not be world-readable.
519 - */
520 - g_dbus_connection_emit_signal (g_dbus_method_invocation_get_connection (invocation),
521 - NULL, /* destination_bus_name */
522 - g_dbus_method_invocation_get_object_path (invocation),
523 - "org.freedesktop.DBus.Properties", "PropertiesChanged",
524 - g_variant_new_parsed ("( %s, %a{sv}, [ %s ] )",
525 - interface->name, NULL, property->name),
526 - NULL);
527 -
528 - accounts_user_emit_changed (ACCOUNTS_USER (user));
529 - save_extra_data (user);
530 - }
531 -
532 - g_variant_unref (value);
533 - g_free (printed);
534 - g_free (prev);
535 -
536 - g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
537 -}
538 -
539 -static void
540 -user_extension_authentication_done (Daemon *daemon,
541 - User *user,
542 - GDBusMethodInvocation *invocation,
543 - gpointer user_data)
544 -{
545 - GDBusInterfaceInfo *interface = user_data;
546 - const gchar *method_name;
547 -
548 - method_name = g_dbus_method_invocation_get_method_name (invocation);
549 -
550 - if (g_str_equal (method_name, "Get"))
551 - user_extension_get_property (user, daemon, interface, invocation);
552 - else if (g_str_equal (method_name, "GetAll"))
553 - user_extension_get_all_properties (user, daemon, interface, invocation);
554 - else if (g_str_equal (method_name, "Set"))
555 - user_extension_set_property (user, daemon, interface, invocation);
556 - else
557 - g_assert_not_reached ();
558 -}
559 -
560 -static void
561 -user_extension_method_call (GDBusConnection *connection,
562 - const gchar *sender,
563 - const gchar *object_path,
564 - const gchar *interface_name,
565 - const gchar *method_name,
566 - GVariant *parameters,
567 - GDBusMethodInvocation *invocation,
568 - gpointer user_data)
569 -{
570 - User *user = user_data;
571 - GDBusInterfaceInfo *iface_info;
572 - const gchar *annotation_name;
573 - const gchar *action_id;
574 - gint uid;
575 - gint i;
576 -
577 - /* We don't allow method calls on extension interfaces, so we
578 - * should only ever see property calls here.
579 - */
580 - g_assert_cmpstr (interface_name, ==, "org.freedesktop.DBus.Properties");
581 -
582 - /* Now get the real interface name */
583 - g_variant_get_child (parameters, 0, "&s", &interface_name);
584 -
585 - if (get_caller_uid (invocation, &uid) && (uid_t) uid == user->uid) {
586 - /* Operation on sender's own User object */
587 - if (g_str_equal (method_name, "Set")) {
588 - annotation_name = "org.freedesktop.Accounts.Authentication.ChangeOwn";
589 - action_id = "org.freedesktop.accounts.change-own-user-data";
590 - }
591 - else {
592 - annotation_name = "org.freedesktop.Accounts.Authentication.ReadOwn";
593 - action_id = ""; /* reading allowed by default */
594 - }
595 - }
596 - else {
597 - /* Operation on someone else's User object */
598 - if (g_str_equal (method_name, "Set")) {
599 - annotation_name = "org.freedesktop.Accounts.Authentication.ChangeAny";
600 - action_id = "org.freedesktop.accounts.user-administration";
601 - }
602 - else {
603 - annotation_name = "org.freedesktop.Accounts.Authentication.ReadAny";
604 - action_id = ""; /* reading allowed by default */
605 - }
606 - }
607 -
608 - iface_info = g_hash_table_lookup (daemon_get_extension_ifaces (user->daemon), interface_name);
609 - g_assert (iface_info != NULL);
610 -
611 - for (i = 0; iface_info->annotations && iface_info->annotations[i]; i++) {
612 - if (g_str_equal (iface_info->annotations[i]->key, annotation_name)) {
613 - action_id = iface_info->annotations[i]->value;
614 - break;
615 - }
616 - }
617 -
618 - if (action_id[0] == '\0') {
619 - /* Should always allow this call, so just do it now */
620 - user_extension_authentication_done (user->daemon, user, invocation, iface_info);
621 - }
622 - else {
623 - daemon_local_check_auth (user->daemon, user, action_id, TRUE,
624 - user_extension_authentication_done,
625 - invocation, iface_info, NULL);
626 - }
627 -}
628 -
629 -static void
630 -user_register_extensions (User *user)
631 -{
632 - static const GDBusInterfaceVTable vtable = {
633 - user_extension_method_call,
634 - NULL /* get_property */,
635 - NULL /* set_property */
636 - };
637 - GHashTable *extensions;
638 - GHashTableIter iter;
639 - gpointer iface;
640 - gint i = 0;
641 -
642 - g_assert (user->extension_ids == NULL);
643 - g_assert (user->n_extension_ids == 0);
644 -
645 - extensions = daemon_get_extension_ifaces (user->daemon);
646 - user->n_extension_ids = g_hash_table_size (extensions);
647 - user->extension_ids = g_new (guint, user->n_extension_ids);
648 - g_hash_table_iter_init (&iter, extensions);
649 -
650 - /* Ignore errors when registering more interfaces because (a)
651 - * they won't happen and (b) even if they do, we still want to
652 - * publish the main user interface.
653 - */
654 - while (g_hash_table_iter_next (&iter, NULL, &iface))
655 - user->extension_ids[i++] = g_dbus_connection_register_object (user->system_bus_connection,
656 - user->object_path, iface,
657 - &vtable, user, NULL, NULL);
658 -}
659 -
660 static gchar *
661 compute_object_path (User *user)
662 {
663 @@ -753,8 +497,6 @@ user_register (User *user)
664 }
665 return;
666 }
667 -
668 - user_register_extensions (user);
669 }
670
671 void
672 @@ -767,21 +509,6 @@ void
673 user_unregister (User *user)
674 {
675 g_dbus_interface_skeleton_unexport (G_DBUS_INTERFACE_SKELETON (user));
676 -
677 - if (user->extension_ids) {
678 - guint i;
679 -
680 - for (i = 0; i < user->n_extension_ids; i++) {
681 - /* In theory, if an error happened during registration, we could have 0 here. */
682 - if (user->extension_ids[i] == 0)
683 - continue;
684 -
685 - g_dbus_connection_unregister_object (user->system_bus_connection, user->extension_ids[i]);
686 - }
687 -
688 - g_clear_pointer (&user->extension_ids, g_free);
689 - user->n_extension_ids = 0;
690 - }
691 }
692
693 void
694 --
695 cgit v0.9.0.2-2-gbebe
696
697
698
699 1.1 sys-apps/accountsservice/files/accountsservice-0.6.35-gentoo-system-users.patch
700
701 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-gentoo-system-users.patch?rev=1.1&view=markup
702 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-apps/accountsservice/files/accountsservice-0.6.35-gentoo-system-users.patch?rev=1.1&content-type=text/plain
703
704 Index: accountsservice-0.6.35-gentoo-system-users.patch
705 ===================================================================
706 --- src/user-classify.c.old 2013-12-04 20:29:48.944454769 +0100
707 +++ src/user-classify.c 2013-12-04 20:32:59.728283477 +0100
708 @@ -55,6 +55,48 @@
709 "at",
710 "gdm",
711 "gnome-initial-setup"
712 + /* Additional Gentoo system users with non-trivial login shell */
713 + "amanda",
714 + "backuppc",
715 + "drqueue",
716 + "firebird",
717 + "flexlm",
718 + "foldingathome",
719 + "geneweb",
720 + "git",
721 + "gnump3d",
722 + "hacluster",
723 + "hg",
724 + "hsqldb",
725 + "infinote",
726 + "foldingathome",
727 + "geneweb",
728 + "git",
729 + "gnump3d",
730 + "hacluster",
731 + "hg",
732 + "hsqldb",
733 + "infinote",
734 + "jffnms",
735 + "klive",
736 + "mailman",
737 + "mpd",
738 + "mythtv",
739 + "nagios",
740 + "nx",
741 + "oneadmin",
742 + "openvpn",
743 + "p2p",
744 + "phxd",
745 + "resin",
746 + "rplayd",
747 + "scponly",
748 + "secoff",
749 + "tinyproxy",
750 + "ttrssd",
751 + "vboxguest",
752 + "vdr",
753 + "vdradmin",
754 };
755
756 #define PATH_NOLOGIN "/sbin/nologin"
Report Message
Find on MARC Find on Google Groups