[patch] Auth method for console users

John (J5) Palmieri johnp at redhat.com
Tue Jul 20 17:56:17 PDT 2004 

Finally had time to finish this.  Attach is a new patch.

On Tue, 2004-06-29 at 05:54 -0400, Havoc Pennington wrote:
> Hi,
> 
> Some comments:
> 
> - _dbus_is_console_user() args in prototype should align with 
>   function above it (get a copy of egtk-format-protos for emacs)
>
> - should not include unistd.h in dbus-userdb.c, only in 
>   dbus-sysdeps.c; suggest that all the stuff about /var/run
>   be in sysdeps

Put all system specific stuff in sysdeps.

> - dbus_is_console_user() has to indicate to its caller whether
>   it ran out of memory; the OOM error has to be handled, not 
>   ignored by assuming the user is not a console user.

It now takes an error pointer as an argument.  On returns of false the
error may be set and needs to be checked.

> - this isn't right, since you want to use the auth_on_user=true
>   items if it is the console user, and =false items if it isn't, 
>   so you have to go over each item:
> +  if (_dbus_is_console_user (uid))
> +    if (!add_list_to_client (&policy->console_rules,
> +                           client))
> +      goto nomem;
> +

This is now fixed and works for all permutations (at_console=true
(allow/deny) && at_console=false (allow/deny)) 

> - in list_allows_user() you have the same basic issue

Now compares the value of at_console to the results of is_console_user.

> - read over the man page for dbus-daemon on this; 
>   the arg "user" in "<policy user='foo'>" is a match rule.
>   So similarly <policy console='true'> would be a match rule,
>   i.e. the policy applies if you're on the console, and 
>   not otherwise

Done.

> - suggest s/auth_on_user/at_console/ or something like that

Done

> - would it be interesting to allow user="hp" console="true"

This would unnecessarily complicate the code and validation.  Using a
validated parser would clean the code up much more by not having to hard
code validation and may make this easier to implement though I don't
know if the bloat of a validating parser would be worth it.  However
since this can essentially be done by adding another policy it doesn't
seem worth the trouble (i.e. <policy user="hp">...</policy> <policy
at_console="true">...</policy>).

> 
> Havoc
> 
> 
-- 
John (J5) Palmieri
Associate Software Engineer
Desktop Group
Red Hat, Inc.
Blog: http://martianrock.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dbus.console-auth-2.patch
Type: text/x-patch
Size: 22575 bytes
Desc: not available
Url : http://freedesktop.org/pipermail/dbus/attachments/20040720/65a76cda/dbus.console-auth-2-0001.bin

More information about the dbus mailing list