diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..279824a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/polkit-0.112.tar.gz diff --git a/.polkit.metadata b/.polkit.metadata new file mode 100644 index 0000000..e375f18 --- /dev/null +++ b/.polkit.metadata @@ -0,0 +1 @@ +374397f1c32fa1290be0fce378fe9bab541ee4bf SOURCES/polkit-0.112.tar.gz diff --git a/SOURCES/polkit-0.112-CVE-2015-3256.patch b/SOURCES/polkit-0.112-CVE-2015-3256.patch new file mode 100644 index 0000000..1ea1640 --- /dev/null +++ b/SOURCES/polkit-0.112-CVE-2015-3256.patch @@ -0,0 +1,578 @@ +commit 983e8ec37b0ec1cc5114cb9ca49cf558dedfb31e +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Don't pass an uninitialized JS parameter + + Don't pass argc==3 when using a 2-member array in + polkit_backend_js_authority_check_authorization_sync . To avoid such + problems in the future, use G_N_ELEMENTS in both similar callers. + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index c232573..c7a29e0 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -1074,7 +1074,7 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA + + if (!call_js_function_with_runaway_killer (authority, + "_runAdminRules", +- 2, ++ G_N_ELEMENTS (argv), + argv, + &rval)) + { +@@ -1179,7 +1179,7 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu + + if (!call_js_function_with_runaway_killer (authority, + "_runRules", +- 3, ++ G_N_ELEMENTS (argv), + argv, + &rval)) + { + +commit a97672540c66c03ed392fc072f0c682281f08989 +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Don't add extra NULL group to subject.groups + + The NULL “terminator” of ‘groups’ was being passed to JavaScript. Drop + it, and simplify by leting set_property_strv use the GPtrArray directly + instead of the extra conversions “into” a strv and a completely dead + g_strv_length(). + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index c7a29e0..efb07a9 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -659,26 +659,22 @@ static void + set_property_strv (PolkitBackendJsAuthority *authority, + JSObject *obj, + const gchar *name, +- const gchar *const *value, +- gssize len) ++ GPtrArray *value) + { + jsval value_jsval; + JSObject *array_object; + jsval *jsvals; + guint n; + +- if (len < 0) +- len = g_strv_length ((gchar **) value); +- +- jsvals = g_new0 (jsval, len); +- for (n = 0; n < len; n++) ++ jsvals = g_new0 (jsval, value->len); ++ for (n = 0; n < value->len; n++) + { + JSString *jsstr; +- jsstr = JS_NewStringCopyZ (authority->priv->cx, value[n]); ++ jsstr = JS_NewStringCopyZ (authority->priv->cx, g_ptr_array_index(value, n)); + jsvals[n] = STRING_TO_JSVAL (jsstr); + } + +- array_object = JS_NewArrayObject (authority->priv->cx, (gint32) len, jsvals); ++ array_object = JS_NewArrayObject (authority->priv->cx, value->len, jsvals); + + value_jsval = OBJECT_TO_JSVAL (array_object); + JS_SetProperty (authority->priv->cx, obj, name, &value_jsval); +@@ -818,11 +814,9 @@ subject_to_jsval (PolkitBackendJsAuthority *authority, + } + } + +- g_ptr_array_add (groups, NULL); +- + set_property_int32 (authority, obj, "pid", pid); + set_property_str (authority, obj, "user", user_name); +- set_property_strv (authority, obj, "groups", (const gchar* const *) groups->pdata, groups->len); ++ set_property_strv (authority, obj, "groups", groups); + set_property_str (authority, obj, "seat", seat_str); + set_property_str (authority, obj, "session", session_str); + set_property_bool (authority, obj, "local", subject_is_local); + +commit cbad0d5721804a4b7c2d998b00da9e70dc623820 +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Don't store unrooted jsvals on heap + + Don't create a temporary array of jsvals on heap; the GC is not looking + for GC roots there. + + Compare + https://developer.mozilla.org/en-US/docs/SpiderMonkey/GC_Rooting_Guide + and + https://web.archive.org/web/20140305233124/https://developer.mozilla.org/en-US/docs/SpiderMonkey_Garbage_Collection_Tips + . + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index efb07a9..d02e5e3 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -663,23 +663,22 @@ set_property_strv (PolkitBackendJsAuthority *authority, + { + jsval value_jsval; + JSObject *array_object; +- jsval *jsvals; + guint n; + +- jsvals = g_new0 (jsval, value->len); ++ array_object = JS_NewArrayObject (authority->priv->cx, 0, NULL); ++ + for (n = 0; n < value->len; n++) + { + JSString *jsstr; ++ jsval val; ++ + jsstr = JS_NewStringCopyZ (authority->priv->cx, g_ptr_array_index(value, n)); +- jsvals[n] = STRING_TO_JSVAL (jsstr); ++ val = STRING_TO_JSVAL (jsstr); ++ JS_SetElement (authority->priv->cx, array_object, n, &val); + } + +- array_object = JS_NewArrayObject (authority->priv->cx, value->len, jsvals); +- + value_jsval = OBJECT_TO_JSVAL (array_object); + JS_SetProperty (authority->priv->cx, obj, name, &value_jsval); +- +- g_free (jsvals); + } + + + +commit 0f5852a4bdabe377ddcdbed09a0c1f95710e17fe +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Fix a per-authorization memory leak + + We were leaking PolkitAuthorizationResult on every request, primarily on + the success path, but also on various error paths as well. + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c +index a09d667..14eea99 100644 +--- a/src/polkitbackend/polkitbackendauthority.c ++++ b/src/polkitbackend/polkitbackendauthority.c +@@ -714,6 +714,7 @@ check_auth_cb (GObject *source_object, + g_variant_ref_sink (value); + g_dbus_method_invocation_return_value (data->invocation, g_variant_new ("(@(bba{ss}))", value)); + g_variant_unref (value); ++ g_object_unref (result); + } + + check_auth_data_free (data); +diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c +index 96725f7..7019356 100644 +--- a/src/polkitbackend/polkitbackendinteractiveauthority.c ++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c +@@ -1022,7 +1022,7 @@ polkit_backend_interactive_authority_check_authorization (PolkitBackendAuthority + + /* Otherwise just return the result */ + g_simple_async_result_set_op_res_gpointer (simple, +- result, ++ g_object_ref (result), + g_object_unref); + g_simple_async_result_complete (simple); + g_object_unref (simple); +@@ -1039,6 +1039,9 @@ polkit_backend_interactive_authority_check_authorization (PolkitBackendAuthority + g_free (subject_str); + g_free (user_of_caller_str); + g_free (user_of_subject_str); ++ ++ if (result != NULL) ++ g_object_unref (result); + } + + /* ---------------------------------------------------------------------------------------------------- */ + +commit ec039f9d7ede5b839f5511e26d5cd6ae9107cb2e +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Fix a memory leak when registering an authentication agent + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c +index 14eea99..64560e1 100644 +--- a/src/polkitbackend/polkitbackendauthority.c ++++ b/src/polkitbackend/polkitbackendauthority.c +@@ -900,6 +900,7 @@ server_handle_register_authentication_agent (Server *server, + g_dbus_method_invocation_return_value (invocation, g_variant_new ("()")); + + out: ++ g_variant_unref (subject_gvariant); + if (subject != NULL) + g_object_unref (subject); + } + +commit 57e2d86edc2630cac1812a3285715dad795a4bd6 +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Wrap all JS usage within “requests” + + Required by + https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_THREADSAFE + ; lack of requests causes assertion failures with a debug build of + mozjs17. + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index d02e5e3..88f31bd 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -239,6 +239,7 @@ rules_file_name_cmp (const gchar *a, + return ret; + } + ++/* authority->priv->cx must be within a request */ + static void + load_scripts (PolkitBackendJsAuthority *authority) + { +@@ -339,6 +340,8 @@ reload_scripts (PolkitBackendJsAuthority *authority) + jsval argv[1] = {JSVAL_NULL}; + jsval rval = JSVAL_NULL; + ++ JS_BeginRequest (authority->priv->cx); ++ + if (!JS_CallFunctionName(authority->priv->cx, + authority->priv->js_polkit, + "_deleteRules", +@@ -364,7 +367,7 @@ reload_scripts (PolkitBackendJsAuthority *authority) + /* Let applications know we have new rules... */ + g_signal_emit_by_name (authority, "changed"); + out: +- ; ++ JS_EndRequest (authority->priv->cx); + } + + static void +@@ -447,6 +450,7 @@ static void + polkit_backend_js_authority_constructed (GObject *object) + { + PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (object); ++ gboolean entered_request = FALSE; + + authority->priv->rt = JS_NewRuntime (8L * 1024L * 1024L); + if (authority->priv->rt == NULL) +@@ -466,6 +470,9 @@ polkit_backend_js_authority_constructed (GObject *object) + JS_SetErrorReporter(authority->priv->cx, report_error); + JS_SetContextPrivate (authority->priv->cx, authority); + ++ JS_BeginRequest(authority->priv->cx); ++ entered_request = TRUE; ++ + authority->priv->js_global = + #if JS_VERSION == 186 + JS_NewGlobalObject (authority->priv->cx, &js_global_class, NULL); +@@ -526,10 +533,15 @@ polkit_backend_js_authority_constructed (GObject *object) + setup_file_monitors (authority); + load_scripts (authority); + ++ JS_EndRequest (authority->priv->cx); ++ entered_request = FALSE; ++ + G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->constructed (object); + return; + + fail: ++ if (entered_request) ++ JS_EndRequest (authority->priv->cx); + g_critical ("Error initializing JavaScript environment"); + g_assert_not_reached (); + } +@@ -642,6 +654,7 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass) + + /* ---------------------------------------------------------------------------------------------------- */ + ++/* authority->priv->cx must be within a request */ + static void + set_property_str (PolkitBackendJsAuthority *authority, + JSObject *obj, +@@ -655,6 +668,7 @@ set_property_str (PolkitBackendJsAuthority *authority, + JS_SetProperty (authority->priv->cx, obj, name, &value_jsval); + } + ++/* authority->priv->cx must be within a request */ + static void + set_property_strv (PolkitBackendJsAuthority *authority, + JSObject *obj, +@@ -681,7 +695,7 @@ set_property_strv (PolkitBackendJsAuthority *authority, + JS_SetProperty (authority->priv->cx, obj, name, &value_jsval); + } + +- ++/* authority->priv->cx must be within a request */ + static void + set_property_int32 (PolkitBackendJsAuthority *authority, + JSObject *obj, +@@ -693,6 +707,7 @@ set_property_int32 (PolkitBackendJsAuthority *authority, + JS_SetProperty (authority->priv->cx, obj, name, &value_jsval); + } + ++/* authority->priv->cx must be within a request */ + static void + set_property_bool (PolkitBackendJsAuthority *authority, + JSObject *obj, +@@ -706,6 +721,7 @@ set_property_bool (PolkitBackendJsAuthority *authority, + + /* ---------------------------------------------------------------------------------------------------- */ + ++/* authority->priv->cx must be within a request */ + static gboolean + subject_to_jsval (PolkitBackendJsAuthority *authority, + PolkitSubject *subject, +@@ -838,6 +854,7 @@ subject_to_jsval (PolkitBackendJsAuthority *authority, + + /* ---------------------------------------------------------------------------------------------------- */ + ++/* authority->priv->cx must be within a request */ + static gboolean + action_and_details_to_jsval (PolkitBackendJsAuthority *authority, + const gchar *action_id, +@@ -1041,6 +1058,8 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA + gchar *ret_str = NULL; + gchar **ret_strs = NULL; + ++ JS_BeginRequest (authority->priv->cx); ++ + if (!action_and_details_to_jsval (authority, action_id, details, &argv[0], &error)) + { + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), +@@ -1120,6 +1139,8 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA + + JS_MaybeGC (authority->priv->cx); + ++ JS_EndRequest (authority->priv->cx); ++ + return ret; + } + +@@ -1146,6 +1167,8 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu + gchar *ret_str = NULL; + gboolean good = FALSE; + ++ JS_BeginRequest (authority->priv->cx); ++ + if (!action_and_details_to_jsval (authority, action_id, details, &argv[0], &error)) + { + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), +@@ -1222,6 +1245,8 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu + + JS_MaybeGC (authority->priv->cx); + ++ JS_EndRequest (authority->priv->cx); ++ + return ret; + } + + +commit 5c668722320eb363f713a0998934aa48fecd56cb +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Register heap-based JSObject pointers to GC + + This is necessary so that the GC can move the objects (though I haven't + so far encountered this in testing). + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index 88f31bd..39f7060 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -482,6 +482,7 @@ polkit_backend_js_authority_constructed (GObject *object) + + if (authority->priv->js_global == NULL) + goto fail; ++ JS_AddObjectRoot (authority->priv->cx, &authority->priv->js_global); + + if (!JS_InitStandardClasses (authority->priv->cx, authority->priv->js_global)) + goto fail; +@@ -494,6 +495,7 @@ polkit_backend_js_authority_constructed (GObject *object) + JSPROP_ENUMERATE); + if (authority->priv->js_polkit == NULL) + goto fail; ++ JS_AddObjectRoot (authority->priv->cx, &authority->priv->js_polkit); + + if (!JS_DefineFunctions (authority->priv->cx, + authority->priv->js_polkit, +@@ -572,6 +574,11 @@ polkit_backend_js_authority_finalize (GObject *object) + g_free (authority->priv->dir_monitors); + g_strfreev (authority->priv->rules_dirs); + ++ JS_BeginRequest (authority->priv->cx); ++ JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_polkit); ++ JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_global); ++ JS_EndRequest (authority->priv->cx); ++ + JS_DestroyContext (authority->priv->cx); + JS_DestroyRuntime (authority->priv->rt); + /* JS_ShutDown (); */ + +commit 2881f8b260c03df29afb0e35e6d1707240f95ad7 +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Prevent builds against SpiderMonkey with exact stack rooting + + “Exact stack rooting” means that every on-stack pointer to a JavaScript + value needs to be registered with the runtime. The current code doesn't + do this, so it is not safe to use against a runtime with this + configuration. Luckily this configuration is not default. + + See + https://developer.mozilla.org/en-US/docs/SpiderMonkey/Internals/GC/Exact_Stack_Rooting + and other pages in the wiki for what the conversion would require. + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index 39f7060..22812a6 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -43,6 +43,13 @@ + + #include "initjs.h" /* init.js */ + ++#ifdef JSGC_USE_EXACT_ROOTING ++/* See https://developer.mozilla.org/en-US/docs/SpiderMonkey/Internals/GC/Exact_Stack_Rooting ++ * for more information about exact stack rooting. ++ */ ++#error "This code is not safe in SpiderMonkey exact stack rooting configurations" ++#endif ++ + /** + * SECTION:polkitbackendjsauthority + * @title: PolkitBackendJsAuthority + +commit b544f10dd469ae3cfedc026db71ee76e9ef511a2 +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Clear the JS operation callback before invoking JS in the callback + + Setting the callback to NULL is required by + https://developer.mozilla.org/en-US/docs/SpiderMonkey/JSAPI_Reference/JS_SetOperationCallback + to avoid the possibility of recursion. + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index 22812a6..8a0a097 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -961,9 +961,11 @@ js_operation_callback (JSContext *cx) + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), "Terminating runaway script"); + + /* Throw an exception - this way the JS code can ignore the runaway script handling */ ++ JS_SetOperationCallback (authority->priv->cx, NULL); + val_str = JS_NewStringCopyZ (cx, "Terminating runaway script"); + val = STRING_TO_JSVAL (val_str); + JS_SetPendingException (authority->priv->cx, val); ++ JS_SetOperationCallback (authority->priv->cx, js_operation_callback); + return JS_FALSE; + } + + +commit d7da6a23766e9c95fa333a0a9c742f7397c0ad22 +Author: Miloslav Trmač +Date: Tue Jul 1 20:00:48 2014 +0200 + + Fix spurious timeout exceptions on GC + + The JS “Operation callback” can be called by the runtime for other + reasons, not only when we trigger it by a timeout—notably as part of GC. + So, make sure to only raise an exception if there actually was a + timeout. + + Adding a whole extra mutex to protect a single boolean is somewhat of an + overkill, but better than worrying about “subtle bugs and occasionally + undefined behaviour” the g_atomic_* API is warning about. + + https://bugs.freedesktop.org/show_bug.cgi?id=69501 + also + https://bugs.freedesktop.org/show_bug.cgi?id=77524 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index 8a0a097..097dcc5 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -80,6 +80,8 @@ struct _PolkitBackendJsAuthorityPrivate + GMainContext *rkt_context; + GMainLoop *rkt_loop; + GSource *rkt_source; ++ GMutex rkt_timeout_pending_mutex; ++ gboolean rkt_timeout_pending; + + /* A list of JSObject instances */ + GList *scripts; +@@ -528,6 +530,7 @@ polkit_backend_js_authority_constructed (GObject *object) + + g_mutex_init (&authority->priv->rkt_init_mutex); + g_cond_init (&authority->priv->rkt_init_cond); ++ g_mutex_init (&authority->priv->rkt_timeout_pending_mutex); + + authority->priv->runaway_killer_thread = g_thread_new ("runaway-killer-thread", + runaway_killer_thread_func, +@@ -563,6 +566,7 @@ polkit_backend_js_authority_finalize (GObject *object) + + g_mutex_clear (&authority->priv->rkt_init_mutex); + g_cond_clear (&authority->priv->rkt_init_cond); ++ g_mutex_clear (&authority->priv->rkt_timeout_pending_mutex); + + /* shut down the killer thread */ + g_assert (authority->priv->rkt_loop != NULL); +@@ -957,6 +961,18 @@ js_operation_callback (JSContext *cx) + JSString *val_str; + jsval val; + ++ /* This callback can be called by the runtime at any time without us causing ++ * it by JS_TriggerOperationCallback(). ++ */ ++ g_mutex_lock (&authority->priv->rkt_timeout_pending_mutex); ++ if (!authority->priv->rkt_timeout_pending) ++ { ++ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex); ++ return JS_TRUE; ++ } ++ authority->priv->rkt_timeout_pending = FALSE; ++ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex); ++ + /* Log that we are terminating the script */ + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), "Terminating runaway script"); + +@@ -974,6 +990,10 @@ rkt_on_timeout (gpointer user_data) + { + PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (user_data); + ++ g_mutex_lock (&authority->priv->rkt_timeout_pending_mutex); ++ authority->priv->rkt_timeout_pending = TRUE; ++ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex); ++ + /* Supposedly this is thread-safe... */ + #if JS_VERSION == 186 + JS_TriggerOperationCallback (authority->priv->rt); +@@ -993,6 +1013,9 @@ runaway_killer_setup (PolkitBackendJsAuthority *authority) + g_assert (authority->priv->rkt_source == NULL); + + /* set-up timer for runaway scripts, will be executed in runaway_killer_thread */ ++ g_mutex_lock (&authority->priv->rkt_timeout_pending_mutex); ++ authority->priv->rkt_timeout_pending = FALSE; ++ g_mutex_unlock (&authority->priv->rkt_timeout_pending_mutex); + authority->priv->rkt_source = g_timeout_source_new_seconds (15); + g_source_set_callback (authority->priv->rkt_source, rkt_on_timeout, authority, NULL); + g_source_attach (authority->priv->rkt_source, authority->priv->rkt_context); diff --git a/SOURCES/polkit-0.112-CVE-2018-19788.patch b/SOURCES/polkit-0.112-CVE-2018-19788.patch new file mode 100644 index 0000000..932975c --- /dev/null +++ b/SOURCES/polkit-0.112-CVE-2018-19788.patch @@ -0,0 +1,291 @@ +diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c +index c57a1aaacbb13c4e4297dd812cf5904f2f427b03..309f68918895e0f8b547f8c06f89c6fb1326fe20 100644 +--- a/src/polkit/polkitunixgroup.c ++++ b/src/polkit/polkitunixgroup.c +@@ -71,6 +71,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixGroup, polkit_unix_group, G_TYPE_OBJECT, + static void + polkit_unix_group_init (PolkitUnixGroup *unix_group) + { ++ unix_group->gid = -1; /* (git_t) -1 is not a valid GID under Linux */ + } + + static void +@@ -100,11 +101,14 @@ polkit_unix_group_set_property (GObject *object, + GParamSpec *pspec) + { + PolkitUnixGroup *unix_group = POLKIT_UNIX_GROUP (object); ++ gint val; + + switch (prop_id) + { + case PROP_GID: +- unix_group->gid = g_value_get_int (value); ++ val = g_value_get_int (value); ++ g_return_if_fail (val != -1); ++ unix_group->gid = val; + break; + + default: +@@ -131,9 +135,9 @@ polkit_unix_group_class_init (PolkitUnixGroupClass *klass) + g_param_spec_int ("gid", + "Group ID", + "The UNIX group ID", +- 0, ++ G_MININT, + G_MAXINT, +- 0, ++ -1, + G_PARAM_CONSTRUCT | + G_PARAM_READWRITE | + G_PARAM_STATIC_NAME | +@@ -166,9 +170,10 @@ polkit_unix_group_get_gid (PolkitUnixGroup *group) + */ + void + polkit_unix_group_set_gid (PolkitUnixGroup *group, +- gint gid) ++ gint gid) + { + g_return_if_fail (POLKIT_IS_UNIX_GROUP (group)); ++ g_return_if_fail (gid != -1); + group->gid = gid; + } + +@@ -183,6 +188,8 @@ polkit_unix_group_set_gid (PolkitUnixGroup *group, + PolkitIdentity * + polkit_unix_group_new (gint gid) + { ++ g_return_val_if_fail (gid != -1, NULL); ++ + return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_GROUP, + "gid", gid, + NULL)); +diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c +index 972b7776825d5ccf677ed12ed620fc0c52352547..b02b25894ad120d88ea21d4c96ac8dca1821fcf2 100644 +--- a/src/polkit/polkitunixprocess.c ++++ b/src/polkit/polkitunixprocess.c +@@ -159,9 +159,14 @@ polkit_unix_process_set_property (GObject *object, + polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); + break; + +- case PROP_UID: +- polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); ++ case PROP_UID: { ++ gint val; ++ ++ val = g_value_get_int (value); ++ g_return_if_fail (val != -1); ++ polkit_unix_process_set_uid (unix_process, val); + break; ++ } + + case PROP_START_TIME: + polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); +@@ -239,7 +244,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + g_param_spec_int ("uid", + "User ID", + "The UNIX user ID", +- -1, ++ G_MININT, + G_MAXINT, + -1, + G_PARAM_CONSTRUCT | +@@ -303,7 +308,6 @@ polkit_unix_process_set_uid (PolkitUnixProcess *process, + gint uid) + { + g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); +- g_return_if_fail (uid >= -1); + process->uid = uid; + } + +diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c +index 8bfd3a1fb05ddb56adebd097569a9977b7b922f3..234a6976c573ac65200ee08228cd50111f0c769b 100644 +--- a/src/polkit/polkitunixuser.c ++++ b/src/polkit/polkitunixuser.c +@@ -72,6 +72,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT, + static void + polkit_unix_user_init (PolkitUnixUser *unix_user) + { ++ unix_user->uid = -1; /* (uid_t) -1 is not a valid UID under Linux */ + unix_user->name = NULL; + } + +@@ -112,11 +113,14 @@ polkit_unix_user_set_property (GObject *object, + GParamSpec *pspec) + { + PolkitUnixUser *unix_user = POLKIT_UNIX_USER (object); ++ gint val; + + switch (prop_id) + { + case PROP_UID: +- unix_user->uid = g_value_get_int (value); ++ val = g_value_get_int (value); ++ g_return_if_fail (val != -1); ++ unix_user->uid = val; + break; + + default: +@@ -144,9 +148,9 @@ polkit_unix_user_class_init (PolkitUnixUserClass *klass) + g_param_spec_int ("uid", + "User ID", + "The UNIX user ID", +- 0, ++ G_MININT, + G_MAXINT, +- 0, ++ -1, + G_PARAM_CONSTRUCT | + G_PARAM_READWRITE | + G_PARAM_STATIC_NAME | +@@ -182,6 +186,7 @@ polkit_unix_user_set_uid (PolkitUnixUser *user, + gint uid) + { + g_return_if_fail (POLKIT_IS_UNIX_USER (user)); ++ g_return_if_fail (uid != -1); + user->uid = uid; + } + +@@ -196,6 +201,8 @@ polkit_unix_user_set_uid (PolkitUnixUser *user, + PolkitIdentity * + polkit_unix_user_new (gint uid) + { ++ g_return_val_if_fail (uid != -1, NULL); ++ + return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_USER, + "uid", uid, + NULL)); +diff --git a/test/data/etc/group b/test/data/etc/group +index 12ef328b21b346ee3828ce3aaf15cca83858bd1d..b9acab97211fdf7db521dc0939b2dcfc2c9e350b 100644 +--- a/test/data/etc/group ++++ b/test/data/etc/group +@@ -5,3 +5,4 @@ john:x:500: + jane:x:501: + sally:x:502: + henry:x:503: ++highuid2:x:4000000000: +diff --git a/test/data/etc/passwd b/test/data/etc/passwd +index 8544febcd8b1720e5577dfb3f0672a6fef29e701..5cf14a5620259f79806192ca935fee84a29ac96d 100644 +--- a/test/data/etc/passwd ++++ b/test/data/etc/passwd +@@ -3,3 +3,5 @@ john:x:500:500:John Done:/home/john:/bin/bash + jane:x:501:501:Jane Smith:/home/jane:/bin/bash + sally:x:502:502:Sally Derp:/home/sally:/bin/bash + henry:x:503:503:Henry Herp:/home/henry:/bin/bash ++highuid1:x:2147483648:2147483648:The first high uid:/home/highuid1:/sbin/nologin ++highuid2:x:4000000000:4000000000:An example high uid:/home/example:/sbin/nologin +diff --git a/test/data/etc/polkit-1/rules.d/10-testing.rules b/test/data/etc/polkit-1/rules.d/10-testing.rules +index 446e62291b7fe4c5bacdceb1045350af1a9dc245..98bf062a08cb11fddb7df95d0bcdec1b1ac3587d 100644 +--- a/test/data/etc/polkit-1/rules.d/10-testing.rules ++++ b/test/data/etc/polkit-1/rules.d/10-testing.rules +@@ -53,6 +53,27 @@ polkit.addRule(function(action, subject) { + } + }); + ++polkit.addRule(function(action, subject) { ++ if (action.id == "net.company.john_action") { ++ if (subject.user == "john") { ++ return polkit.Result.YES; ++ } else { ++ return polkit.Result.NO; ++ } ++ } ++}); ++ ++polkit.addRule(function(action, subject) { ++ if (action.id == "net.company.highuid2_action") { ++ if (subject.user == "highuid2") { ++ return polkit.Result.YES; ++ } else { ++ return polkit.Result.NO; ++ } ++ } ++}); ++ ++ + // --------------------------------------------------------------------- + // variables + +diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c +index b484a26600dbde074ee7d8491f88624fdc83c39c..71aad23e2f5d1a7b15e138f23e6581a31498bad6 100644 +--- a/test/polkitbackend/test-polkitbackendjsauthority.c ++++ b/test/polkitbackend/test-polkitbackendjsauthority.c +@@ -330,6 +330,78 @@ static const RulesTestCase rules_test_cases[] = { + NULL, + POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, + }, ++ ++ { ++ /* highuid1 is not a member of group 'users', see test/data/etc/group */ ++ "group_membership_with_non_member(highuid22)", ++ "net.company.group.only_group_users", ++ "unix-user:highuid2", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, ++ }, ++ ++ { ++ /* highuid2 is not a member of group 'users', see test/data/etc/group */ ++ "group_membership_with_non_member(highuid21)", ++ "net.company.group.only_group_users", ++ "unix-user:highuid2", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, ++ }, ++ ++ { ++ /* highuid1 is not a member of group 'users', see test/data/etc/group */ ++ "group_membership_with_non_member(highuid24)", ++ "net.company.group.only_group_users", ++ "unix-user:2147483648", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, ++ }, ++ ++ { ++ /* highuid2 is not a member of group 'users', see test/data/etc/group */ ++ "group_membership_with_non_member(highuid23)", ++ "net.company.group.only_group_users", ++ "unix-user:4000000000", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, ++ }, ++ ++ { ++ /* john is authorized to do this, see 10-testing.rules */ ++ "john_action", ++ "net.company.john_action", ++ "unix-user:john", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, ++ }, ++ ++ { ++ /* only john is authorized to do this, see 10-testing.rules */ ++ "jane_action", ++ "net.company.john_action", ++ "unix-user:jane", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, ++ }, ++ ++ { ++ /* highuid2 is authorized to do this, see 10-testing.rules */ ++ "highuid2_action", ++ "net.company.highuid2_action", ++ "unix-user:highuid2", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, ++ }, ++ ++ { ++ /* only highuid2 is authorized to do this, see 10-testing.rules */ ++ "highuid1_action", ++ "net.company.highuid2_action", ++ "unix-user:highuid1", ++ NULL, ++ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, ++ }, + }; + + /* ---------------------------------------------------------------------------------------------------- */ + diff --git a/SOURCES/polkit-0.112-CVE-2019-6133.patch b/SOURCES/polkit-0.112-CVE-2019-6133.patch new file mode 100644 index 0000000..19bed5a --- /dev/null +++ b/SOURCES/polkit-0.112-CVE-2019-6133.patch @@ -0,0 +1,155 @@ +diff -up ./src/polkitbackend/polkitbackendinteractiveauthority.c.ori ./src/polkitbackend/polkitbackendinteractiveauthority.c +--- ./src/polkitbackend/polkitbackendinteractiveauthority.c.ori 2019-01-21 17:30:43.468115782 +0100 ++++ ./src/polkitbackend/polkitbackendinteractiveauthority.c 2019-01-21 17:31:03.220029178 +0100 +@@ -2904,6 +2904,43 @@ temporary_authorization_store_free (Temp + g_free (store); + } + ++/* See the comment at the top of polkitunixprocess.c */ ++static gboolean ++subject_equal_for_authz (PolkitSubject *a, ++ PolkitSubject *b) ++{ ++ if (!polkit_subject_equal (a, b)) ++ return FALSE; ++ ++ /* Now special case unix processes, as we want to protect against ++ * pid reuse by including the UID. ++ */ ++ if (POLKIT_IS_UNIX_PROCESS (a) && POLKIT_IS_UNIX_PROCESS (b)) { ++ PolkitUnixProcess *ap = (PolkitUnixProcess*)a; ++ int uid_a = polkit_unix_process_get_uid ((PolkitUnixProcess*)a); ++ PolkitUnixProcess *bp = (PolkitUnixProcess*)b; ++ int uid_b = polkit_unix_process_get_uid ((PolkitUnixProcess*)b); ++ ++ if (uid_a != -1 && uid_b != -1) ++ { ++ if (uid_a == uid_b) ++ { ++ return TRUE; ++ } ++ else ++ { ++ g_printerr ("denying slowfork; pid %d uid %d != %d!\n", ++ polkit_unix_process_get_pid (ap), ++ uid_a, uid_b); ++ return FALSE; ++ } ++ } ++ /* Fall through; one of the uids is unset so we can't reliably compare */ ++ } ++ ++ return TRUE; ++} ++ + static gboolean + temporary_authorization_store_has_authorization (TemporaryAuthorizationStore *store, + PolkitSubject *subject, +@@ -2946,7 +2983,7 @@ temporary_authorization_store_has_author + TemporaryAuthorization *authorization = l->data; + + if (strcmp (action_id, authorization->action_id) == 0 && +- polkit_subject_equal (subject_to_use, authorization->subject)) ++ subject_equal_for_authz (subject_to_use, authorization->subject)) + { + ret = TRUE; + if (out_tmp_authz_id != NULL) +diff -up ./src/polkit/polkitsubject.c.ori ./src/polkit/polkitsubject.c +--- ./src/polkit/polkitsubject.c.ori 2013-05-29 16:51:37.000000000 +0200 ++++ ./src/polkit/polkitsubject.c 2019-01-21 17:31:03.218029187 +0100 +@@ -99,6 +99,8 @@ polkit_subject_hash (PolkitSubject *subj + * @b: A #PolkitSubject. + * + * Checks if @a and @b are equal, ie. represent the same subject. ++ * However, avoid calling polkit_subject_equal() to compare two processes; ++ * for more information see the `PolkitUnixProcess` documentation. + * + * This function can be used in e.g. g_hash_table_new(). + * +diff -up ./src/polkit/polkitunixprocess.c.ori ./src/polkit/polkitunixprocess.c +--- ./src/polkit/polkitunixprocess.c.ori 2019-01-21 17:30:43.477115743 +0100 ++++ ./src/polkit/polkitunixprocess.c 2019-01-21 17:31:03.219029182 +0100 +@@ -44,13 +44,82 @@ + * @title: PolkitUnixProcess + * @short_description: Unix processs + * +- * An object for representing a UNIX process. ++ * An object for representing a UNIX process. NOTE: This object as ++ * designed is now known broken; a mechanism to exploit a delay in ++ * start time in the Linux kernel was identified. Avoid ++ * calling polkit_subject_equal() to compare two processes. + * + * To uniquely identify processes, both the process id and the start + * time of the process (a monotonic increasing value representing the + * time since the kernel was started) is used. + */ + ++/* See https://gitlab.freedesktop.org/polkit/polkit/issues/75 ++ ++ But quoting the original email in full here to ensure it's preserved: ++ ++ From: Jann Horn ++ Subject: [SECURITY] polkit: temporary auth hijacking via PID reuse and non-atomic fork ++ Date: Wednesday, October 10, 2018 5:34 PM ++ ++When a (non-root) user attempts to e.g. control systemd units in the system ++instance from an active session over DBus, the access is gated by a polkit ++policy that requires "auth_admin_keep" auth. This results in an auth prompt ++being shown to the user, asking the user to confirm the action by entering the ++password of an administrator account. ++ ++After the action has been confirmed, the auth decision for "auth_admin_keep" is ++cached for up to five minutes. Subject to some restrictions, similar actions can ++then be performed in this timespan without requiring re-auth: ++ ++ - The PID of the DBus client requesting the new action must match the PID of ++ the DBus client requesting the old action (based on SO_PEERCRED information ++ forwarded by the DBus daemon). ++ - The "start time" of the client's PID (as seen in /proc/$pid/stat, field 22) ++ must not have changed. The granularity of this timestamp is in the ++ millisecond range. ++ - polkit polls every two seconds whether a process with the expected start time ++ still exists. If not, the temporary auth entry is purged. ++ ++Without the start time check, this would obviously be buggy because an attacker ++could simply wait for the legitimate client to disappear, then create a new ++client with the same PID. ++ ++Unfortunately, the start time check is bypassable because fork() is not atomic. ++Looking at the source code of copy_process() in the kernel: ++ ++ p->start_time = ktime_get_ns(); ++ p->real_start_time = ktime_get_boot_ns(); ++ [...] ++ retval = copy_thread_tls(clone_flags, stack_start, stack_size, p, tls); ++ if (retval) ++ goto bad_fork_cleanup_io; ++ ++ if (pid != &init_struct_pid) { ++ pid = alloc_pid(p->nsproxy->pid_ns_for_children); ++ if (IS_ERR(pid)) { ++ retval = PTR_ERR(pid); ++ goto bad_fork_cleanup_thread; ++ } ++ } ++ ++The ktime_get_boot_ns() call is where the "start time" of the process is ++recorded. The alloc_pid() call is where a free PID is allocated. In between ++these, some time passes; and because the copy_thread_tls() call between them can ++access userspace memory when sys_clone() is invoked through the 32-bit syscall ++entry point, an attacker can even stall the kernel arbitrarily long at this ++point (by supplying a pointer into userspace memory that is associated with a ++userfaultfd or is backed by a custom FUSE filesystem). ++ ++This means that an attacker can immediately call sys_clone() when the victim ++process is created, often resulting in a process that has the exact same start ++time reported in procfs; and then the attacker can delay the alloc_pid() call ++until after the victim process has died and the PID assignment has cycled ++around. This results in an attacker process that polkit can't distinguish from ++the victim process. ++*/ ++ ++ + /** + * PolkitUnixProcess: + * diff --git a/SOURCES/polkit-0.112-EnumerateActions-leak.patch b/SOURCES/polkit-0.112-EnumerateActions-leak.patch new file mode 100644 index 0000000..e4c5b09 --- /dev/null +++ b/SOURCES/polkit-0.112-EnumerateActions-leak.patch @@ -0,0 +1,24 @@ +commit f4d71e0de885010494b8b0b8d62ca910011d7544 +Author: Max A. Dednev +Date: Sun Jan 11 20:00:44 2015 -0500 + + authority: Fix memory leak in EnumerateActions call results handler + + Policykit-1 doesn't release reference counters of GVariant data for + org.freedesktop.PolicyKit1.Authority.EnumerateActions dbus call. This + patch fixed reference counting and following memory leak. + + https://bugs.freedesktop.org/show_bug.cgi?id=88288 + +diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c +index 75619ab..ab6d3cd 100644 +--- a/src/polkit/polkitauthority.c ++++ b/src/polkit/polkitauthority.c +@@ -715,7 +715,6 @@ polkit_authority_enumerate_actions_finish (PolkitAuthority *authority, + while ((child = g_variant_iter_next_value (&iter)) != NULL) + { + ret = g_list_prepend (ret, polkit_action_description_new_for_gvariant (child)); +- g_variant_ref_sink (child); + g_variant_unref (child); + } + ret = g_list_reverse (ret); diff --git a/SOURCES/polkit-0.112-Polkit.spawn-leak.patch b/SOURCES/polkit-0.112-Polkit.spawn-leak.patch new file mode 100644 index 0000000..8a69cf1 --- /dev/null +++ b/SOURCES/polkit-0.112-Polkit.spawn-leak.patch @@ -0,0 +1,20 @@ +commit 1986e443b170240e9ce4a34726b7fa6c55b3601c +Author: Miloslav Trmač +Date: Sat Dec 7 04:21:10 2013 +0100 + + Fix a memory leak + + https://bugs.freedesktop.org/show_bug.cgi?id=72426 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index bc2fe22..c3885a9 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -1363,7 +1363,6 @@ js_polkit_spawn (JSContext *cx, + goto out; + } + s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val)); +- s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val)); + argv[n] = g_strdup (s); + JS_free (cx, s); + } diff --git a/SOURCES/polkit-0.112-PolkitAgentSession-race.patch b/SOURCES/polkit-0.112-PolkitAgentSession-race.patch new file mode 100644 index 0000000..d6e16b2 --- /dev/null +++ b/SOURCES/polkit-0.112-PolkitAgentSession-race.patch @@ -0,0 +1,120 @@ +From 7650ad1e08ab13bdb461783c4995d186d9392840 Mon Sep 17 00:00:00 2001 +From: Rui Matos +Date: Thu, 6 Feb 2014 18:41:18 +0100 +Subject: [PATCH] PolkitAgentSession: fix race between child and io watches + +The helper flushes and fdatasyncs stdout and stderr before terminating +but this doesn't guarantee that our io watch is called before our +child watch. This means that we can end up with a successful return +from the helper which we still report as a failure. + +If we add G_IO_HUP and G_IO_ERR to the conditions we look for in the +io watch and the child terminates we still run the io watch handler +which will complete the session. + +This means that the child watch is in fact needless and we can remove +it. + +https://bugs.freedesktop.org/show_bug.cgi?id=60847 +--- + src/polkitagent/polkitagentsession.c | 47 +++++++++--------------------------- + 1 file changed, 11 insertions(+), 36 deletions(-) + +diff --git a/src/polkitagent/polkitagentsession.c b/src/polkitagent/polkitagentsession.c +index 1c7a2dc..f014773 100644 +--- a/src/polkitagent/polkitagentsession.c ++++ b/src/polkitagent/polkitagentsession.c +@@ -92,7 +92,6 @@ struct _PolkitAgentSession + int child_stdout; + GPid child_pid; + +- GSource *child_watch_source; + GSource *child_stdout_watch_source; + GIOChannel *child_stdout_channel; + +@@ -377,13 +376,6 @@ kill_helper (PolkitAgentSession *session) + session->child_pid = 0; + } + +- if (session->child_watch_source != NULL) +- { +- g_source_destroy (session->child_watch_source); +- g_source_unref (session->child_watch_source); +- session->child_watch_source = NULL; +- } +- + if (session->child_stdout_watch_source != NULL) + { + g_source_destroy (session->child_stdout_watch_source); +@@ -429,26 +421,6 @@ complete_session (PolkitAgentSession *session, + } + } + +-static void +-child_watch_func (GPid pid, +- gint status, +- gpointer user_data) +-{ +- PolkitAgentSession *session = POLKIT_AGENT_SESSION (user_data); +- +- if (G_UNLIKELY (_show_debug ())) +- { +- g_print ("PolkitAgentSession: in child_watch_func for pid %d (WIFEXITED=%d WEXITSTATUS=%d)\n", +- (gint) pid, +- WIFEXITED(status), +- WEXITSTATUS(status)); +- } +- +- /* kill all the watches we have set up, except for the child since it has exited already */ +- session->child_pid = 0; +- complete_session (session, FALSE); +-} +- + static gboolean + io_watch_have_data (GIOChannel *channel, + GIOCondition condition, +@@ -475,10 +447,13 @@ io_watch_have_data (GIOChannel *channel, + NULL, + NULL, + &error); +- if (error != NULL) ++ if (error != NULL || line == NULL) + { +- g_warning ("Error reading line from helper: %s", error->message); +- g_error_free (error); ++ /* In case we get just G_IO_HUP, line is NULL but error is ++ unset.*/ ++ g_warning ("Error reading line from helper: %s", ++ error ? error->message : "nothing to read"); ++ g_clear_error (&error); + + complete_session (session, FALSE); + goto out; +@@ -540,6 +515,9 @@ io_watch_have_data (GIOChannel *channel, + g_free (line); + g_free (unescaped); + ++ if (condition & (G_IO_ERR | G_IO_HUP)) ++ complete_session (session, FALSE); ++ + /* keep the IOChannel around */ + return TRUE; + } +@@ -650,12 +628,9 @@ polkit_agent_session_initiate (PolkitAgentSession *session) + if (G_UNLIKELY (_show_debug ())) + g_print ("PolkitAgentSession: spawned helper with pid %d\n", (gint) session->child_pid); + +- session->child_watch_source = g_child_watch_source_new (session->child_pid); +- g_source_set_callback (session->child_watch_source, (GSourceFunc) child_watch_func, session, NULL); +- g_source_attach (session->child_watch_source, g_main_context_get_thread_default ()); +- + session->child_stdout_channel = g_io_channel_unix_new (session->child_stdout); +- session->child_stdout_watch_source = g_io_create_watch (session->child_stdout_channel, G_IO_IN); ++ session->child_stdout_watch_source = g_io_create_watch (session->child_stdout_channel, ++ G_IO_IN | G_IO_ERR | G_IO_HUP); + g_source_set_callback (session->child_stdout_watch_source, (GSourceFunc) io_watch_have_data, session, NULL); + g_source_attach (session->child_stdout_watch_source, g_main_context_get_thread_default ()); + +-- +1.8.3.1 + diff --git a/SOURCES/polkit-0.112-XDG_RUNTIME_DIR.patch b/SOURCES/polkit-0.112-XDG_RUNTIME_DIR.patch new file mode 100644 index 0000000..f8c2e77 --- /dev/null +++ b/SOURCES/polkit-0.112-XDG_RUNTIME_DIR.patch @@ -0,0 +1,78 @@ +From 8635ffc16aeff6a07d675f861fe0dea03ea81d7e Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Thu, 21 Nov 2013 17:39:37 -0500 +Subject: [PATCH] pkexec: Work around systemd injecting broken XDG_RUNTIME_DIR + +This workaround isn't too much code, and it's often better to fix bugs +in two places anyways. + +For more information: + +See https://bugzilla.redhat.com/show_bug.cgi?id=753882 +See http://lists.freedesktop.org/archives/systemd-devel/2013-November/014370.html +--- + src/programs/pkexec.c | 33 ++++++++++++++++++++++++++++++--- + 1 file changed, 30 insertions(+), 3 deletions(-) + +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index 005e1fe..a7ca8e0 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -143,8 +143,22 @@ pam_conversation_function (int n, + return PAM_CONV_ERR; + } + ++/* A work around for: ++ * https://bugzilla.redhat.com/show_bug.cgi?id=753882 ++ */ ++static gboolean ++xdg_runtime_dir_is_owned_by (const char *path, ++ uid_t target_uid) ++{ ++ struct stat stbuf; ++ ++ return stat (path, &stbuf) == 0 && ++ stbuf.st_uid == target_uid; ++} ++ + static gboolean +-open_session (const gchar *user_to_auth) ++open_session (const gchar *user_to_auth, ++ uid_t target_uid) + { + gboolean ret; + gint rc; +@@ -186,7 +200,19 @@ open_session (const gchar *user_to_auth) + { + guint n; + for (n = 0; envlist[n]; n++) +- putenv (envlist[n]); ++ { ++ const char *envitem = envlist[n]; ++ ++ if (g_str_has_prefix (envitem, "XDG_RUNTIME_DIR=")) ++ { ++ const char *eq = strchr (envitem, '='); ++ g_assert (eq); ++ if (!xdg_runtime_dir_is_owned_by (eq + 1, target_uid)) ++ continue; ++ } ++ ++ putenv (envlist[n]); ++ } + free (envlist); + } + +@@ -913,7 +939,8 @@ main (int argc, char *argv[]) + * As evident above, neither su(1) (and, for that matter, nor sudo(8)) does this. + */ + #ifdef POLKIT_AUTHFW_PAM +- if (!open_session (pw->pw_name)) ++ if (!open_session (pw->pw_name, ++ pw->pw_uid)) + { + goto out; + } +-- +1.8.3.1 + diff --git a/SOURCES/polkit-0.112-add-its-files.patch b/SOURCES/polkit-0.112-add-its-files.patch new file mode 100644 index 0000000..e812b0f --- /dev/null +++ b/SOURCES/polkit-0.112-add-its-files.patch @@ -0,0 +1,37 @@ +diff -up ./data/Makefile.am.ori ./data/Makefile.am +--- ./data/Makefile.am.ori 2013-04-29 19:28:57.000000000 +0200 ++++ ./data/Makefile.am 2018-05-31 14:33:50.164626183 +0200 +@@ -36,6 +36,11 @@ pkgconfig_DATA = polkit-gobject-1.pc pol + + # ---------------------------------------------------------------------------------------------------- + ++itsdir = $(datadir)/gettext/its ++its_DATA = polkit.loc polkit.its ++ ++# ---------------------------------------------------------------------------------------------------- ++ + systemdservice_in_files = polkit.service.in + + if HAVE_SYSTEMD +diff -up ./data/polkit.its.ori ./data/polkit.its +--- ./data/polkit.its.ori 2018-05-31 14:33:50.164626183 +0200 ++++ ./data/polkit.its 2018-05-31 14:33:50.164626183 +0200 +@@ -0,0 +1,8 @@ ++ ++ ++ ++ ++ +diff -up ./data/polkit.loc.ori ./data/polkit.loc +--- ./data/polkit.loc.ori 2018-05-31 14:33:50.165626179 +0200 ++++ ./data/polkit.loc 2018-05-31 14:33:50.164626183 +0200 +@@ -0,0 +1,6 @@ ++ ++ ++ ++ ++ ++ diff --git a/SOURCES/polkit-0.112-agent-leaks.patch b/SOURCES/polkit-0.112-agent-leaks.patch new file mode 100644 index 0000000..77f0671 --- /dev/null +++ b/SOURCES/polkit-0.112-agent-leaks.patch @@ -0,0 +1,79 @@ +A part of commit 7ecf29a9db86f7161e2ff48e7bb8ea46a90f954f +Author: Miloslav Trmač +Date: Wed Feb 8 22:57:21 2017 +0100 + + Fix a memory leak in server_handle_authentication_agent_response{,2} + + Signed-off-by: Miloslav Trmač + +diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c +index 2bcad62..cad3f74 100644 +--- a/src/polkitbackend/polkitbackendauthority.c ++++ b/src/polkitbackend/polkitbackendauthority.c +@@ -1054,6 +1054,7 @@ server_handle_authentication_agent_response (Server *server, + g_dbus_method_invocation_return_value (invocation, g_variant_new ("()")); + + out: ++ g_variant_unref (identity_gvariant); + if (identity != NULL) + g_object_unref (identity); + } +commit d9efd2673d73214e7990e3e67cdddfa77c6a8226 +Author: Miloslav Trmač +Date: Wed Feb 8 22:55:10 2017 +0100 + + Fix a memory leak in server_handle_unregister_authentication_agent + + Signed-off-by: Miloslav Trmač + +diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c +index 7e08e57..2bcad62 100644 +--- a/src/polkitbackend/polkitbackendauthority.c ++++ b/src/polkitbackend/polkitbackendauthority.c +@@ -1003,6 +1003,7 @@ server_handle_unregister_authentication_agent (Server *server, + g_dbus_method_invocation_return_value (invocation, g_variant_new ("()")); + + out: ++ g_variant_unref (subject_gvariant); + if (subject != NULL) + g_object_unref (subject); + } +commit af4566e1a7e9031b9a05f49c7d27bf379d822016 +Author: Miloslav Trmač +Date: Thu Feb 9 19:53:54 2017 +0100 + + Fix a memory leak per agent authentication + + Signed-off-by: Miloslav Trmač + +diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c +index bf0ee48..b8096b3 100644 +--- a/src/polkitbackend/polkitbackendinteractiveauthority.c ++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c +@@ -1906,15 +1906,15 @@ authentication_agent_begin_cb (GDBusProxy *proxy, + AuthenticationSession *session = user_data; + gboolean gained_authorization; + gboolean was_dismissed; ++ GVariant *result; + GError *error; + + was_dismissed = FALSE; + gained_authorization = FALSE; + + error = NULL; +- if (!g_dbus_proxy_call_finish (proxy, +- res, +- &error)) ++ result = g_dbus_proxy_call_finish (proxy, res, &error); ++ if (result == NULL) + { + g_printerr ("Error performing authentication: %s (%s %d)\n", + error->message, +@@ -1926,6 +1926,7 @@ authentication_agent_begin_cb (GDBusProxy *proxy, + } + else + { ++ g_variant_unref (result); + gained_authorization = session->is_authenticated; + g_debug ("Authentication complete, is_authenticated = %d", session->is_authenticated); + } diff --git a/SOURCES/polkit-0.112-allow-uid-of-1.patch b/SOURCES/polkit-0.112-allow-uid-of-1.patch new file mode 100644 index 0000000..9500a5d --- /dev/null +++ b/SOURCES/polkit-0.112-allow-uid-of-1.patch @@ -0,0 +1,20 @@ +diff -up ./src/polkit/polkitunixprocess.c.ori ./src/polkit/polkitunixprocess.c +--- ./src/polkit/polkitunixprocess.c.ori 2019-02-06 16:47:23.460666237 +0100 ++++ ./src/polkit/polkitunixprocess.c 2019-02-06 16:47:43.846573792 +0100 +@@ -211,14 +211,9 @@ polkit_unix_process_set_property (GObjec + polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); + break; + +- case PROP_UID: { +- gint val; +- +- val = g_value_get_int (value); +- g_return_if_fail (val != -1); +- polkit_unix_process_set_uid (unix_process, val); ++ case PROP_UID: ++ polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); + break; +- } + + case PROP_START_TIME: + polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); diff --git a/SOURCES/polkit-0.112-bus-conn-msg-ssh.patch b/SOURCES/polkit-0.112-bus-conn-msg-ssh.patch new file mode 100644 index 0000000..f2dcb1a --- /dev/null +++ b/SOURCES/polkit-0.112-bus-conn-msg-ssh.patch @@ -0,0 +1,60 @@ +From 0ce0a7b3298d7b0fd5ce8c6775bcef9b0caf1bdb Mon Sep 17 00:00:00 2001 +From: David Herrmann +Date: Wed, 4 Jul 2018 13:51:24 +0200 +Subject: [PATCH] polkitagent: suppress disconnect messages + +The polkitagent may be used by pkexec and friends. These might very +well survive until very late during system shutdown. Hence, a +disconnect of polkitd during runtime might be expected [1]. + +This patch silences the disconnect/reconnect messages and turns them +into debug messages. This only affects the polkit-agent, it does not +affect the polkit-daemon implementation. + +[1] https://bugzilla.redhat.com/show_bug.cgi?id=1249627 +--- + src/polkitagent/polkitagentlistener.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/polkitagent/polkitagentlistener.c b/src/polkitagent/polkitagentlistener.c +index debd1bb..1c8b666 100644 +--- a/src/polkitagent/polkitagentlistener.c ++++ b/src/polkitagent/polkitagentlistener.c +@@ -178,10 +178,10 @@ on_notify_authority_owner (GObject *object, + owner = polkit_authority_get_owner (server->authority); + if (owner == NULL) + { +- g_printerr ("PolicyKit daemon disconnected from the bus.\n"); ++ g_debug ("PolicyKit daemon disconnected from the bus.\n"); + + if (server->is_registered) +- g_printerr ("We are no longer a registered authentication agent.\n"); ++ g_debug ("We are no longer a registered authentication agent.\n"); + + server->is_registered = FALSE; + } +@@ -192,17 +192,17 @@ on_notify_authority_owner (GObject *object, + { + GError *error; + +- g_printerr ("PolicyKit daemon reconnected to bus.\n"); +- g_printerr ("Attempting to re-register as an authentication agent.\n"); ++ g_debug ("PolicyKit daemon reconnected to bus.\n"); ++ g_debug ("Attempting to re-register as an authentication agent.\n"); + + error = NULL; + if (server_register (server, &error)) + { +- g_printerr ("We are now a registered authentication agent.\n"); ++ g_debug ("We are now a registered authentication agent.\n"); + } + else + { +- g_printerr ("Failed to register as an authentication agent: %s\n", error->message); ++ g_debug ("Failed to register as an authentication agent: %s\n", error->message); + g_error_free (error); + } + } +-- +2.18.0 + diff --git a/SOURCES/polkit-0.112-pkttyagent-auth-errmsg-debug.patch b/SOURCES/polkit-0.112-pkttyagent-auth-errmsg-debug.patch new file mode 100644 index 0000000..0b66c49 --- /dev/null +++ b/SOURCES/polkit-0.112-pkttyagent-auth-errmsg-debug.patch @@ -0,0 +1,13 @@ +diff -up ./src/programs/pkttyagent.c.ori ./src/programs/pkttyagent.c +--- ./src/programs/pkttyagent.c.ori 2018-08-01 15:51:28.495910434 +0200 ++++ ./src/programs/pkttyagent.c 2018-08-02 15:51:45.126311197 +0200 +@@ -150,7 +150,8 @@ main (int argc, char *argv[]) + authority = polkit_authority_get_sync (NULL /* GCancellable* */, &error); + if (authority == NULL) + { +- g_printerr ("Error getting authority: %s (%s, %d)\n", ++ g_printerr ("Authorization not available. Check if polkit service is running or see debug message for more information.\n"); ++ g_debug ("Error getting authority: %s (%s, %d)\n", + error->message, g_quark_to_string (error->domain), error->code); + g_error_free (error); + ret = 127; diff --git a/SOURCES/polkit-0.112-pkttyagent-tty-echo-off-on-fail.patch b/SOURCES/polkit-0.112-pkttyagent-tty-echo-off-on-fail.patch new file mode 100644 index 0000000..dbedc7f --- /dev/null +++ b/SOURCES/polkit-0.112-pkttyagent-tty-echo-off-on-fail.patch @@ -0,0 +1,85 @@ +diff -up ./src/programs/pkttyagent.c.ori ./src/programs/pkttyagent.c +--- ./src/programs/pkttyagent.c.ori 2019-03-21 15:28:00.058408349 +0100 ++++ ./src/programs/pkttyagent.c 2019-03-21 15:32:55.499744167 +0100 +@@ -24,11 +24,44 @@ + #endif + + #include ++#include ++#include + #include + #include + #define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE + #include + ++ ++static volatile sig_atomic_t tty_flags_saved; ++struct termios ts; ++FILE *tty = NULL; ++struct sigaction savesigterm, savesigint, savesigtstp; ++ ++ ++static void tty_handler(int signal) ++{ ++ switch (signal) ++ { ++ case SIGTERM: ++ sigaction (SIGTERM, &savesigterm, NULL); ++ break; ++ case SIGINT: ++ sigaction (SIGINT, &savesigint, NULL); ++ break; ++ case SIGTSTP: ++ sigaction (SIGTSTP, &savesigtstp, NULL); ++ break; ++ } ++ ++ if (tty_flags_saved) ++ { ++ tcsetattr (fileno (tty), TCSAFLUSH, &ts); ++ } ++ ++ kill(getpid(), signal); ++} ++ ++ + int + main (int argc, char *argv[]) + { +@@ -73,6 +106,8 @@ main (int argc, char *argv[]) + GMainLoop *loop = NULL; + guint ret = 126; + GVariantBuilder builder; ++ struct sigaction sa; ++ const char *tty_name = NULL; + + g_type_init (); + +@@ -202,6 +237,27 @@ main (int argc, char *argv[]) + } + } + ++/* Bash leaves tty echo disabled if SIGINT/SIGTERM comes to polkitagenttextlistener.c::on_request(), ++ but due to threading the handlers cannot take care of the signal there. ++ Though if controlling terminal cannot be found, the world won't stop spinning. ++*/ ++ tty_name = ctermid(NULL); ++ if (tty_name != NULL) ++ { ++ tty = fopen(tty_name, "r+"); ++ } ++ ++ if (tty != NULL && !tcgetattr (fileno (tty), &ts)) ++ { ++ tty_flags_saved = TRUE; ++ } ++ ++ memset (&sa, 0, sizeof (sa)); ++ sa.sa_handler = &tty_handler; ++ sigaction (SIGTERM, &sa, &savesigterm); ++ sigaction (SIGINT, &sa, &savesigint); ++ sigaction (SIGTSTP, &sa, &savesigtstp); ++ + loop = g_main_loop_new (NULL, FALSE); + g_main_loop_run (loop); + diff --git a/SOURCES/polkit-0.112-polkitpermission-leak.patch b/SOURCES/polkit-0.112-polkitpermission-leak.patch new file mode 100644 index 0000000..97f8c44 --- /dev/null +++ b/SOURCES/polkit-0.112-polkitpermission-leak.patch @@ -0,0 +1,27 @@ +From dfd2c165447029c32510842350e924ef5ac3f679 Mon Sep 17 00:00:00 2001 +From: Rui Matos +Date: Thu, 2 Mar 2017 14:50:31 +0100 +Subject: [PATCH] polkitpermission: Fix a memory leak on authority changes + +Signed-off-by: Rui Matos + +https://bugs.freedesktop.org/show_bug.cgi?id=99741 +--- + src/polkit/polkitpermission.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/polkit/polkitpermission.c b/src/polkit/polkitpermission.c +index f8a666e..f264094 100644 +--- a/src/polkit/polkitpermission.c ++++ b/src/polkit/polkitpermission.c +@@ -454,6 +454,7 @@ changed_check_cb (GObject *source_object, + if (result != NULL) + { + process_result (permission, result); ++ g_object_unref (result); + } + else + { +-- +2.9.3 + diff --git a/SOURCES/polkit-0.112-sigttou-if-bg-job.patch b/SOURCES/polkit-0.112-sigttou-if-bg-job.patch new file mode 100644 index 0000000..9336622 --- /dev/null +++ b/SOURCES/polkit-0.112-sigttou-if-bg-job.patch @@ -0,0 +1,16 @@ +diff --git a/src/programs/pkttyagent.c b/src/programs/pkttyagent.c +index 3c8d502..acbc3ab 100644 +--- a/src/programs/pkttyagent.c ++++ b/src/programs/pkttyagent.c +@@ -262,8 +262,11 @@ main (int argc, char *argv[]) + tty_flags_saved = TRUE; + } + ++ + memset (&sa, 0, sizeof (sa)); + sa.sa_handler = &tty_handler; ++ sigemptyset(&sa.sa_mask); ++ sigaddset(&sa.sa_mask, SIGTTOU); + sigaction (SIGTERM, &sa, &savesigterm); + sigaction (SIGINT, &sa, &savesigint); + sigaction (SIGTSTP, &sa, &savesigtstp); diff --git a/SOURCES/polkit-0.112-spawning-zombie-processes.patch b/SOURCES/polkit-0.112-spawning-zombie-processes.patch new file mode 100644 index 0000000..2c2382a --- /dev/null +++ b/SOURCES/polkit-0.112-spawning-zombie-processes.patch @@ -0,0 +1,181 @@ +From a028743f5c88dd7c27c102c34535f25b42ea2c5f Mon Sep 17 00:00:00 2001 +From: Kyle Walker +Date: Mon, 23 Apr 2018 13:07:37 -0400 +Subject: [PATCH] Backport of: + https://bugs.freedesktop.org/attachment.cgi?id=138819 + +Signed-off-by: Kyle Walker +--- + src/polkitbackend/polkitbackendjsauthority.c | 76 +++++++++++++++++++++++++++- + 1 file changed, 74 insertions(+), 2 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index 39ed718..fd1dbfd 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -83,6 +83,13 @@ struct _PolkitBackendJsAuthorityPrivate + GMutex rkt_timeout_pending_mutex; + gboolean rkt_timeout_pending; + ++ /* avoid zombies by reap child in a new thread */ ++ GThread *child_reaper_thread; ++ GMutex crt_init_mutex; ++ GCond crt_init_cond; ++ GMainContext *crt_context; ++ GMainLoop *crt_loop; ++ + /* A list of JSObject instances */ + GList *scripts; + }; +@@ -124,6 +131,7 @@ enum + /* ---------------------------------------------------------------------------------------------------- */ + + static gpointer runaway_killer_thread_func (gpointer user_data); ++static gpointer child_reaper_thread_func (gpointer user_data); + + static GList *polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveAuthority *authority, + PolkitSubject *caller, +@@ -461,6 +469,18 @@ polkit_backend_js_authority_constructed (GObject *object) + PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (object); + gboolean entered_request = FALSE; + ++ g_mutex_init (&authority->priv->crt_init_mutex); ++ g_cond_init (&authority->priv->crt_init_cond); ++ ++ authority->priv->child_reaper_thread = g_thread_new ("reap-child-thread", ++ child_reaper_thread_func, ++ authority); ++ /* wait for child_reaper_thread to set up its GMainContext */ ++ g_mutex_lock (&authority->priv->crt_init_mutex); ++ while (authority->priv->crt_context == NULL) ++ g_cond_wait (&authority->priv->crt_init_cond, &authority->priv->crt_init_mutex); ++ g_mutex_unlock (&authority->priv->crt_init_mutex); ++ + authority->priv->rt = JS_NewRuntime (8L * 1024L * 1024L); + if (authority->priv->rt == NULL) + goto fail; +@@ -585,6 +605,15 @@ polkit_backend_js_authority_finalize (GObject *object) + g_free (authority->priv->dir_monitors); + g_strfreev (authority->priv->rules_dirs); + ++ g_mutex_clear (&authority->priv->crt_init_mutex); ++ g_cond_clear (&authority->priv->crt_init_cond); ++ ++ /* shut down the child reaper thread */ ++ g_assert (authority->priv->crt_loop != NULL); ++ g_main_loop_quit (authority->priv->crt_loop); ++ g_thread_join (authority->priv->child_reaper_thread); ++ g_assert (authority->priv->crt_loop == NULL); ++ + JS_BeginRequest (authority->priv->cx); + JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_polkit); + JS_RemoveObjectRoot (authority->priv->cx, &authority->priv->js_global); +@@ -1360,6 +1389,7 @@ get_signal_name (gint signal_number) + + typedef struct + { ++ PolkitBackendJsAuthority *authority; + GMainLoop *loop; + GAsyncResult *res; + } SpawnData; +@@ -1379,7 +1409,7 @@ js_polkit_spawn (JSContext *cx, + unsigned js_argc, + jsval *vp) + { +- /* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */ ++ PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); + JSBool ret = JS_FALSE; + JSObject *array_object; + gchar *standard_output = NULL; +@@ -1424,6 +1454,8 @@ js_polkit_spawn (JSContext *cx, + JS_free (cx, s); + } + ++ data.authority = authority; ++ + context = g_main_context_new (); + loop = g_main_loop_new (context, FALSE); + +@@ -1540,6 +1572,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + + typedef struct + { ++ PolkitBackendJsAuthority *authority; ++ + GSimpleAsyncResult *simple; /* borrowed reference */ + GMainContext *main_context; /* may be NULL */ + +@@ -1572,11 +1606,43 @@ utils_child_watch_from_release_cb (GPid pid, + gint status, + gpointer user_data) + { ++ g_print("Child(pid: %d) has been reaped!\n", pid); ++} ++ ++/* ---------------------------------------------------------------------------------------------------- */ ++ ++static gpointer ++child_reaper_thread_func (gpointer user_data) ++{ ++ PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (user_data); ++ ++ g_mutex_lock (&authority->priv->crt_init_mutex); ++ ++ authority->priv->crt_context = g_main_context_new (); ++ authority->priv->crt_loop = g_main_loop_new (authority->priv->crt_context, FALSE); ++ g_main_context_push_thread_default (authority->priv->crt_context); ++ ++ /* Signal the main thread that we're done constructing */ ++ g_cond_signal (&authority->priv->crt_init_cond); ++ g_mutex_unlock (&authority->priv->crt_init_mutex); ++ ++ g_main_loop_run (authority->priv->crt_loop); ++ ++ g_main_context_pop_thread_default (authority->priv->crt_context); ++ ++ g_main_loop_unref (authority->priv->crt_loop); ++ authority->priv->crt_loop = NULL; ++ g_main_context_unref (authority->priv->crt_context); ++ authority->priv->crt_context = NULL; ++ ++ return NULL; + } + ++/* ---------------------------------------------------------------------------------------------------- */ + static void + utils_spawn_data_free (UtilsSpawnData *data) + { ++ PolkitBackendJsAuthority *authority = data->authority; + if (data->timeout_source != NULL) + { + g_source_destroy (data->timeout_source); +@@ -1604,12 +1670,17 @@ utils_spawn_data_free (UtilsSpawnData *data) + * Avoid taking a references to ourselves. but note that we need + * to pass the GSource so we can nuke it once handled. + */ ++ ++ /* avoid zombies by reaping child in a new thread ++ * add source to reap thread context ++ */ ++ GMainContext *reap_context = authority->priv->crt_context; + source = g_child_watch_source_new (data->child_pid); + g_source_set_callback (source, + (GSourceFunc) utils_child_watch_from_release_cb, + source, + (GDestroyNotify) g_source_destroy); +- g_source_attach (source, data->main_context); ++ g_source_attach (source, reap_context); + g_source_unref (source); + data->child_pid = 0; + } +@@ -1776,6 +1847,7 @@ utils_spawn (const gchar *const *argv, + GError *error; + + data = g_slice_new0 (UtilsSpawnData); ++ data->authority = ((SpawnData *)user_data)->authority; + data->timeout_seconds = timeout_seconds; + data->simple = g_simple_async_result_new (NULL, + callback, +-- +2.14.3 + diff --git a/SOURCES/polkit-0.112.tar.gz.sign b/SOURCES/polkit-0.112.tar.gz.sign new file mode 100644 index 0000000..1a5c903 --- /dev/null +++ b/SOURCES/polkit-0.112.tar.gz.sign @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.14 (GNU/Linux) + +iEYEABECAAYFAlI53CgACgkQWjP2YLOEed/nVgCg3UZul+cjfinuTPkhBIqxdc6w +UIEAnjvkNKUVi3dvh3xNRcz9mCwkIXOf +=wNii +-----END PGP SIGNATURE----- diff --git a/SPECS/polkit.spec b/SPECS/polkit.spec new file mode 100644 index 0000000..4c47d68 --- /dev/null +++ b/SPECS/polkit.spec @@ -0,0 +1,550 @@ +# Only enable if using patches that touches configure.ac, +# Makefile.am or other build system related files +# +%define enable_autoreconf 1 + +Summary: An authorization framework +Name: polkit +Version: 0.112 +Release: 23%{?dist} +License: LGPLv2+ +URL: http://www.freedesktop.org/wiki/Software/polkit +Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz +Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign +# https://bugs.freedesktop.org/show_bug.cgi?id=71894 +Patch0: polkit-0.112-XDG_RUNTIME_DIR.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=60847 +Patch1: polkit-0.112-PolkitAgentSession-race.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=69501 +Patch2: polkit-0.112-CVE-2015-3256.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=88288 +Patch3: polkit-0.112-EnumerateActions-leak.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=72426 +Patch4: polkit-0.112-Polkit.spawn-leak.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=99741 +Patch5: polkit-0.112-agent-leaks.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=99741 +Patch6: polkit-0.112-polkitpermission-leak.patch +Patch7: polkit-0.112-add-its-files.patch +Patch8: polkit-0.112-spawning-zombie-processes.patch +Patch9: polkit-0.112-bus-conn-msg-ssh.patch +Patch10: polkit-0.112-pkttyagent-auth-errmsg-debug.patch +Patch11: polkit-0.112-CVE-2018-19788.patch +Patch12: polkit-0.112-CVE-2019-6133.patch +Patch13: polkit-0.112-allow-uid-of-1.patch +Patch14: polkit-0.112-pkttyagent-tty-echo-off-on-fail.patch +Patch15: polkit-0.112-sigttou-if-bg-job.patch + +Group: System Environment/Libraries +BuildRequires: glib2-devel >= 2.30.0 +BuildRequires: expat-devel +BuildRequires: pam-devel +BuildRequires: gtk-doc +BuildRequires: intltool +BuildRequires: gobject-introspection-devel +BuildRequires: systemd-devel +BuildRequires: mozjs17-devel + +%if 0%{?enable_autoreconf} +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool +%endif + +Requires: dbus, polkit-pkla-compat + +Requires(pre): shadow-utils +Requires(post): /sbin/ldconfig, systemd +Requires(preun): systemd +Requires(postun): /sbin/ldconfig, systemd + +Obsoletes: PolicyKit <= 0.10 +Provides: PolicyKit = 0.11 + +# polkit saw some API/ABI changes from 0.96 to 0.97 so require a +# sufficiently new polkit-gnome package +Conflicts: polkit-gnome < 0.97 + +Obsoletes: polkit-desktop-policy < 0.103 +Provides: polkit-desktop-policy = 0.103 + +Obsoletes: polkit-js-engine < 0.110-4 +Provides: polkit-js-engine = %{version}-%{release} + +%description +polkit is a toolkit for defining and handling authorizations. It is +used for allowing unprivileged processes to speak to privileged +processes. + +%package devel +Summary: Development files for polkit +Group: Development/Libraries +Requires: %name = %{version}-%{release} +Requires: %name-docs = %{version}-%{release} +Requires: glib2-devel +Obsoletes: PolicyKit-devel <= 0.10 +Provides: PolicyKit-devel = 0.11 + +%description devel +Development files for polkit. + +%package docs +Summary: Development documentation for polkit +Group: Development/Libraries +Requires: %name-devel = %{version}-%{release} +Obsoletes: PolicyKit-docs <= 0.10 +Provides: PolicyKit-docs = 0.11 +BuildArch: noarch + +%description docs +Development documentation for polkit. + +%prep +%setup -q +%patch0 -p1 -b .XDG_RUNTIME_DIR +%patch1 -p1 -b .PolkitAgentSession-race +%patch2 -p1 -b .CVE-2015-3256 +%patch3 -p1 -b .EnumerateActions-leak +%patch4 -p1 -b .Polkit.spawn-leak +%patch5 -p1 -b .agent-leaks +%patch6 -p1 -b .polkitpermission-leak.patch +%patch7 -p1 -b .its-files.patch +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 + +%build +%if 0%{?enable_autoreconf} +autoreconf +%endif +# we can't use _hardened_build here, see +# https://bugzilla.redhat.com/show_bug.cgi?id=962005 +export CFLAGS='-fPIC %optflags' +export LDFLAGS='-pie -Wl,-z,now -Wl,-z,relro' +%configure --enable-gtk-doc \ + --disable-static \ + --enable-introspection \ + --disable-examples \ + --enable-libsystemd-login=yes --with-mozjs=mozjs-17.0 +make V=1 + +%install +make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p' + +rm -f $RPM_BUILD_ROOT%{_libdir}/*.la + +%find_lang polkit-1 + +%pre +getent group polkitd >/dev/null || groupadd -r polkitd +getent passwd polkitd >/dev/null || useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd +exit 0 + +%post +/sbin/ldconfig +# The implied (systemctl preset) will fail and complain, but the macro hides +# and ignores the fact. This is in fact what we want, polkit.service does not +# have an [Install] section and it is always started on demand. +%systemd_post polkit.service +# Restart snould usually be done in %%postun, but that wasn’t the case with +# polkit-0.112-5 and earlier. This is a workaround to ensure restarting on +# upgrades from earlier versions. +if [ $1 -gt 1 ]; then + /usr/bin/systemctl try-restart polkit.service >/dev/null 2>&1 || : +fi + +%preun +%systemd_preun polkit.service + +%postun +/sbin/ldconfig +%systemd_postun_with_restart polkit.service + +%files -f polkit-1.lang +%defattr(-,root,root,-) +%doc COPYING NEWS README +%{_libdir}/lib*.so.* +%{_datadir}/man/man1/* +%{_datadir}/man/man8/* +%{_datadir}/dbus-1/system-services/* +%{_unitdir}/polkit.service +%dir %{_datadir}/polkit-1/ +%dir %{_datadir}/polkit-1/actions +%attr(0700,polkitd,root) %dir %{_datadir}/polkit-1/rules.d +%{_datadir}/polkit-1/actions/org.freedesktop.policykit.policy +%dir %{_sysconfdir}/polkit-1 +%{_sysconfdir}/polkit-1/rules.d/50-default.rules +%attr(0700,polkitd,root) %dir %{_sysconfdir}/polkit-1/rules.d +%{_sysconfdir}/dbus-1/system.d/org.freedesktop.PolicyKit1.conf +%{_sysconfdir}/pam.d/polkit-1 +%{_bindir}/pkaction +%{_bindir}/pkcheck +%{_bindir}/pkttyagent +%dir %{_prefix}/lib/polkit-1 +%{_prefix}/lib/polkit-1/polkitd +%{_libdir}/girepository-1.0/*.typelib + +# see upstream docs for why these permissions are necessary +%attr(4755,root,root) %{_bindir}/pkexec +%attr(4755,root,root) %{_prefix}/lib/polkit-1/polkit-agent-helper-1 + +%files devel +%defattr(-,root,root,-) +%{_libdir}/lib*.so +%{_libdir}/pkgconfig/*.pc +%{_datadir}/gir-1.0/*.gir +%{_includedir}/* +%{_datadir}/gettext/its/polkit.its +%{_datadir}/gettext/its/polkit.loc + +%files docs +%defattr(-,root,root,-) +%{_datadir}/gtk-doc + +%changelog +* Thu Jul 11 2019 Jan Rybar - 0.112-23 +- pkttyagent: process stopped by SIGTTOU if run in background job +- Resolves: rhbz#1724444 + +* Thu Mar 21 2019 Jan Rybar - 0.112-22 +- pkttyagent: polkit-agent-helper-1 timeout leaves tty echo disabled +- Resolves: rhbz#1325512 + +* Wed Feb 06 2019 Jan Rybar - 0.112-21 +- Mitigation of regression caused by fix of CVE-2018-19788 +- Resolves: rhbz#1656377 + +* Mon Jan 21 2019 Jan Rybar - 0.112-20 +- Fix of CVE-2019-6133, PID reuse via slow fork +- Resolves: rhbz#1667312 + +* Thu Dec 06 2018 Jan Rybar - 0.112-19 +- Fix of CVE-2018-19788, priv escalation with high UIDs +- Resolves: rhbz#1656377 + +* Wed Aug 01 2018 Jan Rybar - 0.112-18 +- Error message about getting authority is too elaborate +- Resolves: rhbz#1342855 + +* Tue Jul 24 2018 Jan Rybar - 0.112-17 +- Bus disconnection report moved to debug mode +- Resolves: rhbz#1249627 + +* Mon Jul 23 2018 Jan Rybar - 0.112-16 +- polkit spawns zombie processes +- Authored by kwalker@redhat.com +- Resolves: rhbz#1570907 + +* Thu May 31 2018 Jan Rybar - 0.112-15 +- Localization *its* files required by newest Gnome Shell packages +- Resolves: rhbz#1584533 + +* Tue Sep 19 2017 Yaakov Selkowitz - 0.112-14 +- Rebuilt for mozjs17 48-bit VA on aarch64 + Resolves: #1436518 + +* Tue Apr 4 2017 Miloslav Trmač - 0.112-12 +- Fix a memory leak in PolkitPermission. + Patch by Rui Matos + Resolves: #1433915 + +* Thu Feb 9 2017 Miloslav Trmač - 0.112-11 +- Fix memory leaks when calling authentication agents + Resolves: #1380166 + +* Thu Feb 2 2017 Miloslav Trmač - 0.112-10 +- Fix a memory leak in Polkit.spawn calls from authorization rules + Resolves: #1380166 + +* Wed Jul 6 2016 Miloslav Trmač - 0.112-9 +- Update for another mozjs17 change, the pkg-config file name does not change. + Resolves: #1331776 + +* Mon Jul 4 2016 Miloslav Trmač - 0.112-8 +- Update for ABI change needed to fix use of 48-bit pointers on ARM64. + Resolves: #1331776 + +* Tue May 17 2016 Miloslav Trmač - 0.112-7 +- Fix a memory leak when processing the result of EnumerateActions + Resolves: #1310738 + +* Mon Oct 19 2015 Miloslav Trmač - 0.112-6 +- Fix CVE-2015-3256 + Resolves: #1271790 + +* Mon Feb 10 2014 Miloslav Trmač - 0.112-5 +- Fix a PolkitAgentSession race condition + Resolves: #1063193 + +* Fri Jan 24 2014 Daniel Mach - 0.112-4 +- Mass rebuild 2014-01-24 + +* Fri Dec 27 2013 Daniel Mach - 0.112-3 +- Mass rebuild 2013-12-27 + +* Sat Dec 7 2013 Miloslav Trmač - 0.112-2 +- Workaround pam_systemd setting broken XDG_RUNTIME_DIR + Resolves: #1033774 +- Always use mozjs-17.0 even if js-devel is installed + +* Wed Sep 18 2013 Miloslav Trmač - 0.112-1 +- Update to polkit-0.112 +- Resolves: #1005135, CVE-2013-4288 + +* Wed May 29 2013 Tomas Bzatek - 0.111-2 +- Fix a race on PolkitSubject type registration (#866718) + +* Wed May 15 2013 Miloslav Trmač - 0.111-1 +- Update to polkit-0.111 + Resolves: #917888 +- Use SpiderMonkey from mozjs17 instead of js +- Ship the signature in the srpm +- Try to preserve timestamps in (make install) + +* Fri May 10 2013 Miloslav Trmač - 0.110-4 +- Shut up rpmlint about Summary: +- Build with V=1 +- Use %%{_unitdir} instead of hard-coding the path +- Use the new systemd macros, primarily to run (systemctl daemon-reload) + Resolves: #857382 + +* Fri May 10 2013 Miloslav Trmač - 0.110-4 +- Make the JavaScript engine mandatory. The polkit-js-engine package has been + removed, main polkit package Provides:polkit-js-engine for compatibility. +- Add Requires: polkit-pkla-compat + Resolves: #908808 + +* Wed Feb 13 2013 Miloslav Trmač - 0.110-3 +- Don't ship pk-example-frobnicate in the "live" configuration + Resolves: #878112 + +* Fri Feb 8 2013 Miloslav Trmač - 0.110-2 +- Own %%{_docdir}/polkit-js-engine-* + Resolves: #907668 + +* Wed Jan 9 2013 David Zeuthen - 0.110-1%{?dist} +- Update to upstream release 0.110 + +* Mon Jan 7 2013 Matthias Clasen - 0.109-2%{?dist} +- Build with pie and stuff + +* Wed Dec 19 2012 David Zeuthen 0.109-1%{?dist} +- Update to upstream release 0.109 +- Drop upstreamed patches + +* Thu Nov 15 2012 David Zeuthen 0.108-3%{?dist} +- Attempt to open the correct libmozjs185 library, otherwise polkit + authz rules will not work unless js-devel is installed (fdo #57146) + +* Wed Nov 14 2012 David Zeuthen 0.108-2%{?dist} +- Include gmodule-2.0 to avoid build error + +* Wed Nov 14 2012 David Zeuthen 0.108-1%{?dist} +- Update to upstream release 0.108 +- Drop upstreamed patches +- This release dynamically loads the JavaScript interpreter and can + cope with it not being available. In this case, polkit authorization + rules are not processed and the defaults for an action - as defined + in its .policy file - are used for authorization decisions. +- Add new meta-package, polkit-js-engine, that pulls in the required + JavaScript bits to make polkit authorization rules work. The default + install - not the minimal install - should include this package + +* Wed Oct 10 2012 Adam Jackson 0.107-4 +- Don't crash if initializing the server object fails + +* Tue Sep 18 2012 David Zeuthen 0.107-3%{?dist} +- Authenticate as root if e.g. the wheel group is empty (#834494) + +* Fri Jul 27 2012 Fedora Release Engineering - 0.107-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jul 11 2012 David Zeuthen 0.107-1%{?dist} +- Update to upstream release 0.107 + +* Fri Jun 29 2012 David Zeuthen 0.106-2%{?dist} +- Add forgotten Requires(pre): shadow-utils + +* Thu Jun 07 2012 David Zeuthen 0.106-1%{?dist} +- Update to upstream release 0.106 +- Authorizations are no longer controlled by .pkla files - from now + on, use the new .rules files described in the polkit(8) man page + +* Tue Apr 24 2012 David Zeuthen 0.105-1%{?dist} +- Update to upstream release 0.105 +- Nuke patches that are now upstream +- Change 'PolicyKit' to 'polkit' in summary and descriptions + +* Thu Mar 08 2012 David Zeuthen 0.104-6%{?dist} +- Don't leak file descriptors (bgo #671486) + +* Mon Feb 13 2012 Matthias Clasen - 0.104-5%{?dist} +- Make the -docs subpackage noarch + +* Mon Feb 06 2012 David Zeuthen 0.104-4%{?dist} +- Set error if we cannot obtain a PolkitUnixSession for a given PID (#787222) + +* Sat Jan 14 2012 Fedora Release Engineering - 0.104-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Jan 03 2012 David Zeuthen 0.104-2%{?dist} +- Nuke the ConsoleKit run-time requirement + +* Tue Jan 03 2012 David Zeuthen 0.104-1%{?dist} +- Update to upstream release 0.104 +- Force usage of systemd (instead of ConsoleKit) for session tracking + +* Tue Dec 06 2011 David Zeuthen 0.103-1%{?dist} +- Update to upstream release 0.103 +- Drop upstreamed patch +- Drop Fedora-specific policy, it is now upstream (fdo #41008) + +* Wed Oct 26 2011 Fedora Release Engineering - 0.102-3 +- Rebuilt for glibc bug#747377 + +* Tue Oct 18 2011 David Zeuthen 0.102-2%{?dist} +- Add patch to neuter the annoying systemd behavior where stdout/stderr + is sent to the system logs + +* Thu Aug 04 2011 David Zeuthen 0.102-1 +- Update to 0.102 release + +* Fri May 13 2011 Bastien Nocera 0.101-7 +- Allow setting the pretty hostname without a password for wheel, + change matches systemd in git + +* Mon May 2 2011 Matthias Clasen - 0.101-6 +- Update the action id of the datetime mechanism + +* Tue Apr 19 2011 David Zeuthen - 0.101-5 +- CVE-2011-1485 (#697951) + +* Tue Mar 22 2011 Kevin Kofler - 0.101-4 +- Also allow org.kde.kcontrol.kcmclock.save without password for wheel + +* Thu Mar 17 2011 David Zeuthen - 0.101-3 +- Fix typo in pkla file (thanks notting) + +* Thu Mar 17 2011 David Zeuthen - 0.101-2 +- Nuke desktop_admin_r and desktop_user_r groups - just use the + wheel group instead (#688363) +- Update the set of configuration directives that gives users + in the wheel group extra privileges + +* Thu Mar 03 2011 David Zeuthen - 0.101-1 +- New upstream version + +* Mon Feb 21 2011 David Zeuthen - 0.100-1 +- New upstream version + +* Wed Feb 09 2011 Fedora Release Engineering - 0.98-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Fri Jan 28 2011 Matthias Clasen - 0.98-6 +- Own /usr/libexec/polkit-1 + +* Fri Nov 12 2010 Matthias Clasen - 0.98-5 +- Enable introspection + +* Thu Sep 02 2010 David Zeuthen - 0.98-4 +- Fix #629515 in a way that doesn't require autoreconf + +* Thu Sep 02 2010 David Zeuthen - 0.98-2 +- Include polkitagentenumtypes.h (#629515) + +* Mon Aug 23 2010 Matthias Clasen - 0.98-1 +- Update to upstream release 0.98 +- Co-own /usr/share/gtk-doc (#604410) + +* Wed Aug 18 2010 Matthias Clasen - 0.97-5 +- Rebuid to work around bodhi limitations + +* Wed Aug 18 2010 Matthias Clasen - 0.97-4 +- Fix a ConsoleKit interaction bug + +* Fri Aug 13 2010 David Zeuthen - 0.97-3 +- Add a patch to make pkcheck(1) work the way libvirtd uses it (#623257) +- Require GLib >= 2.25.12 instead of 2.25.11 +- Ensure polkit-gnome packages earlier than 0.97 are not used with + these packages + +* Mon Aug 09 2010 David Zeuthen - 0.97-2 +- Rebuild + +* Mon Aug 09 2010 David Zeuthen - 0.97-1 +- Update to 0.97. This release contains a port from EggDBus to the + GDBus code available in recent GLib releases. + +* Fri Jan 15 2010 David Zeuthen - 0.96-1 +- Update to 0.96 +- Disable introspection support for the time being + +* Fri Nov 13 2009 David Zeuthen - 0.95-2 +- Rebuild + +* Fri Nov 13 2009 David Zeuthen - 0.95-1 +- Update to 0.95 +- Drop upstreamed patches + +* Tue Oct 20 2009 Matthias Clasen - 0.95-0.git20090913.3 +- Fix a typo in pklocalauthority(8) + +* Mon Sep 14 2009 David Zeuthen - 0.95-0.git20090913.2 +- Refine how Obsolete: is used and also add Provides: (thanks Jesse + Keating and nim-nim) + +* Mon Sep 14 2009 David Zeuthen - 0.95-0.git20090913.1 +- Add bugfix for polkit_unix_process_new_full() (thanks Bastien Nocera) +- Obsolete old PolicyKit packages + +* Sun Sep 13 2009 David Zeuthen - 0.95-0.git20090913 +- Update to git snapshot +- Drop upstreamed patches +- Turn on GObject introspection +- Don't delete desktop_admin_r and desktop_user_r groups when + uninstalling polkit-desktop-policy + +* Fri Sep 11 2009 David Zeuthen - 0.94-4 +- Add some patches from git master +- Sort pkaction(1) output +- Bug 23867 – UnixProcess vs. SystemBusName aliasing + +* Thu Aug 13 2009 David Zeuthen - 0.94-3 +- Add desktop_admin_r and desktop_user_r groups along with a first cut + of default authorizations for users in these groups. + +* Wed Aug 12 2009 David Zeuthen - 0.94-2 +- Disable GObject Introspection for now as it breaks the build + +* Wed Aug 12 2009 David Zeuthen - 0.94-1 +- Update to upstream release 0.94 + +* Sun Jul 26 2009 Fedora Release Engineering - 0.93-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Jul 20 2009 David Zeuthen - 0.93-2 +- Rebuild + +* Mon Jul 20 2009 David Zeuthen - 0.93-1 +- Update to 0.93 + +* Tue Jun 09 2009 David Zeuthen - 0.92-3 +- Don't make docs noarch (I *heart* multilib) +- Change license to LGPLv2+ + +* Mon Jun 08 2009 David Zeuthen - 0.92-2 +- Rebuild + +* Mon Jun 08 2009 David Zeuthen - 0.92-1 +- Update to 0.92 release + +* Wed May 27 2009 David Zeuthen - 0.92-0.git20090527 +- Update to 0.92 snapshot + +* Mon Feb 9 2009 David Zeuthen - 0.91-1 +- Initial spec file.