[pulseaudio-discuss] [PATCH] core-util: Blame systemd for not setting up XDG_RUNTIME_DIR correctly
Tanu Kaskinen
tanu.kaskinen at linux.intel.com
Thu Jun 26 04:15:55 PDT 2014
Hi David,
Do you still plan to apply this patch? It looks good to me (except
writing SYSTEMD in all-caps in the log message). The commit message
probably needs some editing...
-- Tanu
On Tue, 2013-11-12 at 07:52 +0100, David Henningsson wrote:
> Hi Lennart,
>
> I think you're wrong about this bug:
> https://bugzilla.redhat.com/show_bug.cgi?id=753882
>
> You're claiming that PA will only work if XDG_RUNTIME_DIR remains the same
> as the original user. However, PA will use the PULSE_SERVER X11 property instead of
> using XDG_RUNTIME_DIR, so this environment variable does not matter. Usually.
>
> If this property is not available, or if one is using the pacmd cli protocol,
> the client will go ahead and call pa_make_secure_dir on XDG_RUNTIME_DIR/pulse.
> This will either fail (if you're another regular user), or succeed (if you're root).
> Both scenarios are bad - failing will cause the connection to fail, and succeeding
> is even worse, as it can cause *other* connections to fail (as the directory
> ownership has changed).
>
> Long story short, inserting the original user's XDG_RUNTIME_DIR does not help PA
> in any use case I can think of - it only makes things worse.
>
> Until this behaviour is changed, I suggest PulseAudio defend itself against
> this bug using the patch below.
>
> BugLink: https://bugs.launchpad.net/bugs/1197395
> Signed-off-by: David Henningsson <david.henningsson at canonical.com>
> ---
> src/pulsecore/core-util.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c
> index e925918..f8d01e0 100644
> --- a/src/pulsecore/core-util.c
> +++ b/src/pulsecore/core-util.c
> @@ -1758,6 +1758,14 @@ char *pa_get_runtime_dir(void) {
> /* Use the XDG standard for the runtime directory. */
> d = getenv("XDG_RUNTIME_DIR");
> if (d) {
> + struct stat st;
> + if (stat(d, &st) == 0 && st.st_uid != getuid()) {
> + pa_log("XDG_RUNTIME_DIR (%s) is not owned by us (uid %d), but by uid %d.\n"
> + "Most likely this is a bug in systemd. Please report this issue to the SYSTEMD developers.",
> + d, getuid(), st.st_uid);
> + goto fail;
> + }
> +
> k = pa_sprintf_malloc("%s" PA_PATH_SEP "pulse", d);
>
> if (pa_make_secure_dir(k, m, (uid_t) -1, (gid_t) -1, true) < 0) {
More information about the pulseaudio-discuss
mailing list