auth: don't enforce user session

Access to connection configuration should not be blocked by absence of a user session tracked using logind or consolekit. Access control based on UID is sufficient. This patch ensures that the user can always access connections even if he doesn't have a session tracked by logind or consolekit and even when NetworkManager is not built with logind or consolekit support. Please note that presence or absence of a session tracked by logind or consolekit doesn't carry any security information. Acked-By: Thomas Haller <thaller@redhat.com> Acked-By: Dan Williams <dcbw@redhat.com>
2015-01-02 18:19:07 +01:00
parent 75221bbc1b
commit cd5d5655ba
1 changed files with 0 additions and 7 deletions
--- a/src/nm-auth-utils.c
+++ b/src/nm-auth-utils.c
@@ -439,13 +439,6 @@ nm_auth_is_subject_in_acl (NMConnection *connection,
 	if (0 == uid)
 		return TRUE;

-	/* Reject the request if the request comes from no session at all */
-	if (!nm_session_monitor_session_exists (uid, FALSE)) {
-		if (out_error_desc)
-			*out_error_desc = g_strdup_printf ("No session found for uid %lu", uid);
-		return FALSE;
-	}
-
 	if (!nm_session_monitor_uid_to_user (uid, &user)) {
 		if (out_error_desc)
 			*out_error_desc = g_strdup_printf ("Could not determine username for uid %lu", uid);