core: do not propagate polkit error to caller

If we fail to start polkit, we get a message like "org.freedesktop.DBus.Error.NameHasNoOwner: Could not activate remote peer.", which has no meaning for the caller of our StartUnit method. Let's just return -EACCES. $ systemctl start apache Failed to start apache.service: Could not activate remote peer. (before) Failed to start apache.service: Access denied (after) Fixes #13865.
2025-02-15 05:57:26 +03:00 · 2019-11-14 14:28:05 +01:00 · 2019-11-14 14:28:05 +01:00 · 7edd8fb198
commit 7edd8fb198
parent 4df8fe8415
1 changed files with 2 additions and 2 deletions
--- a/src/shared/bus-util.c
+++ b/src/shared/bus-util.c
@ -411,7 +411,8 @@ int bus_verify_polkit_async(
                        e = sd_bus_message_get_error(q->reply);

                        /* Treat no PK available as access denied */
-                        if (sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN))
+                        if (sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN) ||
+                            sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER))
                                return -EACCES;

                        /* Copy error from polkit reply */
@ -422,7 +423,6 @@ int bus_verify_polkit_async(
                r = sd_bus_message_enter_container(q->reply, 'r', "bba{ss}");
                if (r >= 0)
                        r = sd_bus_message_read(q->reply, "bb", &authorized, &challenge);
-
                if (r < 0)
                        return r;