[systemd-devel] Avoid polkit queries from systemctl in package maintainer scripts/when running as root?

Mantas Mikulėnas grawity at gmail.com
Tue Apr 5 04:55:08 UTC 2016


On Mon, Apr 4, 2016 at 10:28 PM, Lennart Poettering <lennart at poettering.net>
wrote:

> On Mon, 04.04.16 17:31, Martin Pitt (martin.pitt at ubuntu.com) wrote:
>
> > Hello all,
> >
> > a recent (mostly cosmetical) bug report [1] made me aware that we
> > currently query polkit for a lot of systemctl
> > enable/daemon-reload/etc. calls from package maintainer scripts. At
> > least in Debian, installing a package with a .service usually does
> > something like "systemctl enable/start foo", and installing a package
> > with a SysV script runs "systemctl daemon-reload" to pick up the new
> > init script.
> >
> > In all those cases systemctl is guaranteed to run as root, and any
> > potential interactive PK prompt would be totally unexpected -- because
> > of root, and because package installation is supposed to be
> > non-interactive and not hang. So this introduces a potentially
> > unreliable moving part and also assumes that polkit actually works all
> > the time (cf. package upgrades).
>
> We already bypass PK if the client is privileged. See
> bus_verify_polkit_async() in src/shared/bus-util.c, the calls for
> sd_bus_query_sender_privilege(). Are you saying that bypass doesn't
> work for you?
>

Yes, apparently:

https://github.com/systemd/systemd/issues/2748

-- 
Mantas Mikulėnas <grawity at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20160405/aaacbe3c/attachment-0001.html>


More information about the systemd-devel mailing list