2018-03-09 16:50:59 +01:00
|
|
|
From: Andreas Schwab <schwab@suse.de>
|
|
|
|
Subject: pkexec: allow --version and --help even if not setuid
|
|
|
|
|
|
|
|
Don't check for setuid invocation until after parsing command line, to allow
|
|
|
|
running uninstalled pkexec with --help or --version. This also helps
|
|
|
|
building packages that want to check for pkexec in an emulated environment
|
|
|
|
that does not support setuid invocation (eg. QEMU linux-user).
|
|
|
|
|
2019-06-13 21:54:52 +02:00
|
|
|
Index: polkit-0.116/src/programs/pkexec.c
|
2018-03-09 16:50:59 +01:00
|
|
|
===================================================================
|
2019-06-13 21:54:52 +02:00
|
|
|
--- polkit-0.116.orig/src/programs/pkexec.c 2018-05-31 13:52:53.000000000 +0200
|
|
|
|
+++ polkit-0.116/src/programs/pkexec.c 2019-05-31 22:55:58.014504104 +0200
|
2018-04-10 10:51:08 +02:00
|
|
|
@@ -504,27 +504,6 @@ main (int argc, char *argv[])
|
|
|
|
/* Disable remote file access from GIO. */
|
|
|
|
setenv ("GIO_USE_VFS", "local", 1);
|
2018-03-09 16:50:59 +01:00
|
|
|
|
|
|
|
- /* check for correct invocation */
|
|
|
|
- if (geteuid () != 0)
|
|
|
|
- {
|
|
|
|
- g_printerr ("pkexec must be setuid root\n");
|
|
|
|
- goto out;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- original_user_name = g_strdup (g_get_user_name ());
|
|
|
|
- if (original_user_name == NULL)
|
|
|
|
- {
|
|
|
|
- g_printerr ("Error getting user name.\n");
|
|
|
|
- goto out;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- if ((original_cwd = g_get_current_dir ()) == NULL)
|
|
|
|
- {
|
|
|
|
- g_printerr ("Error getting cwd: %s\n",
|
|
|
|
- g_strerror (errno));
|
|
|
|
- goto out;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
/* First process options and find the command-line to invoke. Avoid using fancy library routines
|
|
|
|
* that depend on environtment variables since we haven't cleared the environment just yet.
|
|
|
|
*/
|
2018-04-10 10:51:08 +02:00
|
|
|
@@ -580,6 +559,27 @@ main (int argc, char *argv[])
|
2018-03-09 16:50:59 +01:00
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
+ /* check for correct invocation */
|
|
|
|
+ if (geteuid () != 0)
|
|
|
|
+ {
|
|
|
|
+ g_printerr ("pkexec must be setuid root\n");
|
|
|
|
+ goto out;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ original_user_name = g_strdup (g_get_user_name ());
|
|
|
|
+ if (original_user_name == NULL)
|
|
|
|
+ {
|
|
|
|
+ g_printerr ("Error getting user name.\n");
|
|
|
|
+ goto out;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if ((original_cwd = g_get_current_dir ()) == NULL)
|
|
|
|
+ {
|
|
|
|
+ g_printerr ("Error getting cwd: %s\n",
|
|
|
|
+ g_strerror (errno));
|
|
|
|
+ goto out;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
if (opt_user == NULL)
|
|
|
|
opt_user = g_strdup ("root");
|
|
|
|
|