colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: drop root requirement for load_connection(s)/set_logging D-Bus calls

Browse Source 
The D-Bus configuration already ensures that only root can do that;
enforcing the permission at policy level seems better than doing it in
the daemon itself because it allows users to change the policy and
also because callers can exit immediately after issuing the request.
This commit is contained in:
Beniamino Galvani
2016-08-19 11:51:00 +02:00
parent 2750714802
commit 4c7fa8dfdc
2 changed files with 0 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/nm-manager.c
View File

@@ -4474,30 +4474,13 @@ impl_manager_set_logging (NMManager *self,
const char *level,
const char *domains)
{
NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self);
GError *error = NULL;
gulong caller_uid = G_MAXULONG;
if (!nm_bus_manager_get_caller_info (priv->dbus_mgr, context, NULL, &caller_uid, NULL)) {
error = g_error_new_literal (NM_MANAGER_ERROR,
NM_MANAGER_ERROR_PERMISSION_DENIED,
"Failed to get request UID.");
goto done;
}
if (0 != caller_uid) {
error = g_error_new_literal (NM_MANAGER_ERROR,
NM_MANAGER_ERROR_PERMISSION_DENIED,
"Permission denied");
goto done;
}
if (nm_logging_setup (level, domains, NULL, &error)) {
_LOGI (LOGD_CORE, "logging: level '%s' domains '%s'",
nm_logging_level_to_string (), nm_logging_domains_to_string ());
}
done:
if (error)
g_dbus_method_invocation_take_error (context, error);
else

8
src/settings/nm-settings.c
View File

@@ -1522,10 +1522,6 @@ impl_settings_load_connections (NMSettings *self,
GSList *iter;
int i;
if (!nm_bus_manager_ensure_root (nm_bus_manager_get (), context,
NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_PERMISSION_DENIED))
return;
failures = g_ptr_array_new ();
for (i = 0; filenames[i]; i++) {
@@ -1559,10 +1555,6 @@ impl_settings_reload_connections (NMSettings *self,
NMSettingsPrivate *priv = NM_SETTINGS_GET_PRIVATE (self);
GSList *iter;
if (!nm_bus_manager_ensure_root (nm_bus_manager_get (), context,
NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_PERMISSION_DENIED))
return;
for (iter = priv->plugins; iter; iter = g_slist_next (iter)) {
NMSettingsPlugin *plugin = NM_SETTINGS_PLUGIN (iter->data);