From 7820a56ccb6b164699f25fc00cbe3c38fbc182a4 Mon Sep 17 00:00:00 2001 From: Joshua Watt Date: Fri, 30 Oct 2020 08:15:43 -0500 Subject: [PATCH] logind: Restore chvt as non-root user without polkit 4acf0cfd2f ("logind: check PolicyKit before allowing VT switch") broke the ability to write user sessions that run graphical sessions (e.g. weston/X11). This was partially amended in 19bb87fbfa ("login: allow non-console sessions to change vt") by changing the default PolicyKit policy so that non-root users with a session are again allowed to switch the VT. This makes the policy when PolKit is not enabled (as on many embedded systems) closer the default PolKit policy and allows launching graphical sessions as a non-root user. Closes #17473 Signed-off-by: Joshua Watt --- src/login/logind-dbus.c | 11 ++------- src/login/logind-polkit.c | 24 +++++++++++++++++++ src/login/logind-polkit.h | 9 ++++++++ src/login/logind-seat-dbus.c | 41 ++++----------------------------- src/login/logind-session-dbus.c | 11 ++------- src/login/meson.build | 2 ++ 6 files changed, 44 insertions(+), 54 deletions(-) create mode 100644 src/login/logind-polkit.c create mode 100644 src/login/logind-polkit.h diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index 7e55173e27..b9b2524822 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -30,6 +30,7 @@ #include "format-util.h" #include "fs-util.h" #include "logind-dbus.h" +#include "logind-polkit.h" #include "logind-seat-dbus.h" #include "logind-session-dbus.h" #include "logind-user-dbus.h" @@ -1047,15 +1048,7 @@ static int method_activate_session_on_seat(sd_bus_message *message, void *userda return sd_bus_error_setf(error, BUS_ERROR_SESSION_NOT_ON_SEAT, "Session %s not on seat %s", session_name, seat_name); - r = bus_verify_polkit_async( - message, - CAP_SYS_ADMIN, - "org.freedesktop.login1.chvt", - NULL, - false, - UID_INVALID, - &m->polkit_registry, - error); + r = check_polkit_chvt(message, m, error); if (r < 0) return r; if (r == 0) diff --git a/src/login/logind-polkit.c b/src/login/logind-polkit.c new file mode 100644 index 0000000000..d221bee8cd --- /dev/null +++ b/src/login/logind-polkit.c @@ -0,0 +1,24 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ + +#include "bus-polkit.h" +#include "logind-polkit.h" +#include "missing_capability.h" +#include "user-util.h" + +int check_polkit_chvt(sd_bus_message *message, Manager *manager, sd_bus_error *error) { +#if ENABLE_POLKIT + return bus_verify_polkit_async( + message, + CAP_SYS_ADMIN, + "org.freedesktop.login1.chvt", + NULL, + false, + UID_INVALID, + &manager->polkit_registry, + error); +#else + /* Allow chvt when polkit is not present. This allows a service to start a graphical session as a + * non-root user when polkit is not compiled in, more closely matching the default polkit policy */ + return 1; +#endif +} diff --git a/src/login/logind-polkit.h b/src/login/logind-polkit.h new file mode 100644 index 0000000000..8c124f834d --- /dev/null +++ b/src/login/logind-polkit.h @@ -0,0 +1,9 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ +#pragma once + +#include "sd-bus.h" + +#include "bus-object.h" +#include "logind.h" + +int check_polkit_chvt(sd_bus_message *message, Manager *manager, sd_bus_error *error); diff --git a/src/login/logind-seat-dbus.c b/src/login/logind-seat-dbus.c index a60ed2d3c2..9c2625cdcc 100644 --- a/src/login/logind-seat-dbus.c +++ b/src/login/logind-seat-dbus.c @@ -9,6 +9,7 @@ #include "bus-polkit.h" #include "bus-util.h" #include "logind-dbus.h" +#include "logind-polkit.h" #include "logind-seat-dbus.h" #include "logind-seat.h" #include "logind-session-dbus.h" @@ -179,15 +180,7 @@ static int method_activate_session(sd_bus_message *message, void *userdata, sd_b if (session->seat != s) return sd_bus_error_setf(error, BUS_ERROR_SESSION_NOT_ON_SEAT, "Session %s not on seat %s", name, s->id); - r = bus_verify_polkit_async( - message, - CAP_SYS_ADMIN, - "org.freedesktop.login1.chvt", - NULL, - false, - UID_INVALID, - &s->manager->polkit_registry, - error); + r = check_polkit_chvt(message, s->manager, error); if (r < 0) return r; if (r == 0) @@ -215,15 +208,7 @@ static int method_switch_to(sd_bus_message *message, void *userdata, sd_bus_erro if (to <= 0) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid virtual terminal"); - r = bus_verify_polkit_async( - message, - CAP_SYS_ADMIN, - "org.freedesktop.login1.chvt", - NULL, - false, - UID_INVALID, - &s->manager->polkit_registry, - error); + r = check_polkit_chvt(message, s->manager, error); if (r < 0) return r; if (r == 0) @@ -243,15 +228,7 @@ static int method_switch_to_next(sd_bus_message *message, void *userdata, sd_bus assert(message); assert(s); - r = bus_verify_polkit_async( - message, - CAP_SYS_ADMIN, - "org.freedesktop.login1.chvt", - NULL, - false, - UID_INVALID, - &s->manager->polkit_registry, - error); + r = check_polkit_chvt(message, s->manager, error); if (r < 0) return r; if (r == 0) @@ -271,15 +248,7 @@ static int method_switch_to_previous(sd_bus_message *message, void *userdata, sd assert(message); assert(s); - r = bus_verify_polkit_async( - message, - CAP_SYS_ADMIN, - "org.freedesktop.login1.chvt", - NULL, - false, - UID_INVALID, - &s->manager->polkit_registry, - error); + r = check_polkit_chvt(message, s->manager, error); if (r < 0) return r; if (r == 0) diff --git a/src/login/logind-session-dbus.c b/src/login/logind-session-dbus.c index b5d240be6a..d342dc4193 100644 --- a/src/login/logind-session-dbus.c +++ b/src/login/logind-session-dbus.c @@ -11,6 +11,7 @@ #include "fd-util.h" #include "logind-brightness.h" #include "logind-dbus.h" +#include "logind-polkit.h" #include "logind-seat-dbus.h" #include "logind-session-dbus.h" #include "logind-session-device.h" @@ -192,15 +193,7 @@ int bus_session_method_activate(sd_bus_message *message, void *userdata, sd_bus_ assert(message); assert(s); - r = bus_verify_polkit_async( - message, - CAP_SYS_ADMIN, - "org.freedesktop.login1.chvt", - NULL, - false, - UID_INVALID, - &s->manager->polkit_registry, - error); + r = check_polkit_chvt(message, s->manager, error); if (r < 0) return r; if (r == 0) diff --git a/src/login/meson.build b/src/login/meson.build index ca64492383..156c391d8a 100644 --- a/src/login/meson.build +++ b/src/login/meson.build @@ -25,6 +25,8 @@ liblogind_core_sources = files(''' logind-device.h logind-inhibit.c logind-inhibit.h + logind-polkit.c + logind-polkit.h logind-seat-dbus.c logind-seat-dbus.h logind-seat.c