hal/hald Makefile.am,1.37,1.38 hald_dbus.c,1.15,1.16

Thu Oct 14 12:16:32 PDT 2004

Update of /cvs/hal/hal/hald
In directory gabe:/tmp/cvs-serv1586/hald

Modified Files:
	Makefile.am hald_dbus.c 
Log Message:
2004-10-14  David Zeuthen  <davidz at redhat.com>

	Patch from Sjoerd Simons <sjoerd at luon.net>.

	* hald/Makefile.am: Add -lm to hald_LDADD so it actually compiles
	on my debian system :)

2004-10-14  David Zeuthen  <davidz at redhat.com>

	Patch from Sjoerd Simons <sjoerd at luon.net>.

	* tools/lshal.c: include <dbus/dbus-glib-lowlevel.h> so the
	compiler doesn't complain about dbus_connection_setup_with_g_main
	not being declared.

2004-10-14  David Zeuthen  <davidz at redhat.com>

	Patch from Sjoerd Simons <sjoerd at luon.net>.

	* hald/hald_dbus.c: When hal is running with dropped priv's the
	callouts are currently too. So allow hal's euid. And fix a compile
	warning too.



Index: Makefile.am
===================================================================
RCS file: /cvs/hal/hal/hald/Makefile.am,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38

--- Makefile.am	12 Oct 2004 20:17:08 -0000	1.37
+++ Makefile.am	14 Oct 2004 19:16:30 -0000	1.38
@@ -78,7 +78,7 @@
 	linux/drive_id/drive_id_logging.h				\
 	linux/drive_id/drive_id.h	linux/drive_id/drive_id.c
 
-hald_LDADD = @PACKAGE_LIBS@ -lcap @EXPAT_LIB@
+hald_LDADD = @PACKAGE_LIBS@ -lm -lcap @EXPAT_LIB@
 
 if HAVE_SELINUX
 hald_LDADD += -lselinux

Index: hald_dbus.c
===================================================================
RCS file: /cvs/hal/hal/hald/hald_dbus.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- hald_dbus.c	13 Oct 2004 13:50:08 -0000	1.15
+++ hald_dbus.c	14 Oct 2004 19:16:30 -0000	1.16
@@ -30,6 +30,8 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
 
 #include <dbus/dbus.h>
 #include <dbus/dbus-glib-lowlevel.h>
@@ -911,7 +913,7 @@
 
 
 static dbus_bool_t 
-sender_has_superuser_privileges (DBusConnection *connection, DBusMessage *message)
+sender_has_privileges (DBusConnection *connection, DBusMessage *message)
 {
 	DBusError error;
 	unsigned long user_uid;
@@ -926,15 +928,16 @@
 	HAL_DEBUG (("base_svc = %s", user_base_svc));
 
 	dbus_error_init (&error);
-	if ((user_uid = dbus_bus_get_unix_user (connection, user_base_svc, &error)) == -1) {
+	if ((user_uid = dbus_bus_get_unix_user (connection, user_base_svc, &error)) 
+       == (unsigned long) -1) {
 		HAL_WARNING (("Could not get uid for connection"));
 		return FALSE;
 	}
 
 	HAL_INFO (("uid for caller is %ld", user_uid));
 
-	if (user_uid != 0) {
-		HAL_WARNING (("uid %d is not superuser", user_uid));
+	if (user_uid != 0 && user_uid != geteuid()) {
+		HAL_WARNING (("uid %d is doesn't have the right priviledges", user_uid));
 		return FALSE;
 	}
 
@@ -982,7 +985,7 @@
 	}
 	key = dbus_message_iter_get_string (&iter);
 
-	if (!sender_has_superuser_privileges (connection, message)) {
+	if (!sender_has_privileges (connection, message)) {
 		raise_permission_denied (connection, message, "SetProperty: not privileged");
 		return DBUS_HANDLER_RESULT_HANDLED;
 	}
@@ -1101,7 +1104,7 @@
 
 	HAL_TRACE (("entering"));
 
-	if (!sender_has_superuser_privileges (connection, message)) {
+	if (!sender_has_privileges (connection, message)) {
 		raise_permission_denied (connection, message, "AddCapability: not privileged");
 		return DBUS_HANDLER_RESULT_HANDLED;
 	}
@@ -1181,7 +1184,7 @@
 
 	udi = dbus_message_get_path (message);
 
-	if (!sender_has_superuser_privileges (connection, message)) {
+	if (!sender_has_privileges (connection, message)) {
 		raise_permission_denied (connection, message, "RemoveProperty: not privileged");
 		return DBUS_HANDLER_RESULT_HANDLED;
 	}


