forked from pool/libvirt
1c1fa4f3a7
- Update to libvirt 8.2.0 - CVE-2022-0897 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v8-2-0-2022-04-01 - Dropped patches: 823a62ec-qemu-fix-undefine-crash.patch OBS-URL: https://build.opensuse.org/request/show/966486 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=927
35 lines
1.4 KiB
Diff
35 lines
1.4 KiB
Diff
From 306f15c98fb5626f35f876b1f3fa39dee37e5810 Mon Sep 17 00:00:00 2001
|
|
From: Martin Kletzander <mkletzan@redhat.com>
|
|
Date: Sat, 11 Dec 2021 14:23:11 +0100
|
|
Subject: [PATCH] util: Don't spawn pkttyagent when stdin is not a tty
|
|
|
|
My idea was that running pkttyagent unconditionally, modulo checks that
|
|
pkttyagent itself does to make sure it does not fail, is not going to be an
|
|
issue turned out to be wrong. Adding back the original check for stdin being a
|
|
tty helps in some testing scenarios as reported by Jim Fehlig and does not
|
|
really cause any issues. I originally wanted it in because it also made
|
|
pkttyagent auth work with redirected input into virsh (with a connection that
|
|
requires polkit authentication and without a session-wide polkit tty agent,
|
|
basically making pkttyagent necessary to succeed). But anyone running virsh
|
|
like that is asking for problems already anyway =)
|
|
|
|
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
|
|
---
|
|
src/util/virpolkit.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
Index: libvirt-8.2.0/src/util/virpolkit.c
|
|
===================================================================
|
|
--- libvirt-8.2.0.orig/src/util/virpolkit.c
|
|
+++ libvirt-8.2.0/src/util/virpolkit.c
|
|
@@ -237,6 +237,9 @@ virPolkitAgentAvailable(void)
|
|
const char *termid = ctermid(NULL);
|
|
VIR_AUTOCLOSE fd = -1;
|
|
|
|
+ if (!isatty(STDIN_FILENO))
|
|
+ return false;
|
|
+
|
|
if (!virFileIsExecutable(PKTTYAGENT))
|
|
return false;
|
|
|