[Pkg-utopia-maintainers] Bug#521756: policykit: FTBFS on systems without inotify

Samuel Thibault samuel.thibault at ens-lyon.org
Sun Mar 29 21:50:34 UTC 2009


Package: policykit
Severity: important
Tags: patch

Hello,

policykit currently FTBFS on hurd-i386 because it does not support
inotify and although policykit has a few ifdefs, some are missing, and
there are some unconditional use of the PATH_MAX limit which hurd-i386
does not have, here is a patch.

Samuel

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.29 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

-- 
Samuel
 Les roots ne sont plus ce qu'ils étaient...Maintenant il sont dioxinés,
 c'est de la m... ! Avant on les élevaient avec du bon unix mais ça été
 remplacé par des farines industrielles nouvelles technologies (NT).
 -+- JdK in NPC : Exigez un root élevé sous la mère ! -+-
-------------- next part --------------
--- src/polkit/polkit-context.c.orig	2009-03-29 13:36:48.000000000 +0100
+++ src/polkit/polkit-context.c	2009-03-29 13:39:23.230000000 +0100
@@ -308,7 +308,7 @@
 			goto error;
 		}
 	}
-#else
+#elif defined(HAVE_INOTIFY)
         if (pk_context->io_add_watch_func != NULL) {
                 pk_context->inotify_fd = inotify_init ();
                 if (pk_context->inotify_fd < 0) {
@@ -571,7 +571,7 @@
 			polkit_debug ("failed to read kqueue event: %s", strerror (errno));
 		}
 	}
-#else
+#elif defined(HAVE_INOTIFY)
         if (fd == pk_context->inotify_fd) {
 /* size of the event structure, not counting name */
 #define EVENT_SIZE  (sizeof (struct inotify_event))
--- src/polkit/polkit-authorization-constraint.c.orig	2009-03-29 13:45:10.330000000 +0100
+++ src/polkit/polkit-authorization-constraint.c	2009-03-29 14:32:42.490000000 +0100
@@ -256,7 +256,6 @@
         int n;
         pid_t pid;
         char *selinux_context;
-        char buf[PATH_MAX];
         polkit_bool_t ret;
         PolKitSession *session;
 
@@ -278,19 +277,33 @@
 
         case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE:
                 if (polkit_caller_get_pid (caller, &pid)) {
+                        int allocated = 128;
+                        char *buf;
+
+retry:
+                        if (!(buf = kit_malloc(allocated)))
+                                break;
 
                         /* we may be running unprivileged.. so optionally use the helper. Requires the calling
                          * process (this one) to have the org.freedesktop.policykit.read authorization.
                          *
                          * An example of this is HAL (running as user 'haldaemon').
                          */
-                        n = polkit_sysdeps_get_exe_for_pid_with_helper (pid, buf, sizeof (buf));
+                        n = polkit_sysdeps_get_exe_for_pid_with_helper (pid, buf, allocated);
+
+                        if (n >= allocated) {
+                                kit_free(buf);
+                                allocated *= 2;
+                                goto retry;
+                        }
 
-                        if (n != -1 && n < (int) sizeof (buf)) {
+                        if (n != -1) {
                                 if (strcmp (authc->data.exe.path, buf) == 0) {
                                         ret = TRUE;
                                 }
                         }
+
+                        kit_free(buf);
                 }
 
                 break;
@@ -584,7 +597,6 @@
         polkit_bool_t is_local;
         polkit_bool_t is_active;
         PolKitSession *session;
-        char path[PATH_MAX];
         int n;
 
         kit_return_val_if_fail (caller != NULL, 0);
@@ -613,6 +625,13 @@
 
         /* constrain to callers program */
         if (polkit_caller_get_pid (caller, &pid)) {
+                int allocated = 128;
+                char *path;
+
+retry:
+                if (!(path = kit_malloc(allocated)))
+                        goto oom;
+
                 /* So the program to receive a constraint may besetuid root... so we may need some
                  * help to get the exepath.. Therefore use _with_helper().
                  *
@@ -621,8 +640,15 @@
                  *
                  * An example of this is pulseaudio...
                  */
-                n = polkit_sysdeps_get_exe_for_pid_with_helper (pid, path, sizeof (path));
-                if (n != -1 && n < (int) sizeof (path)) {
+                n = polkit_sysdeps_get_exe_for_pid_with_helper (pid, path, allocated);
+
+                if (n >= allocated) {
+                        kit_free(path);
+                        allocated *= 2;
+                        goto retry;
+                }
+
+                if (n != -1) {
                         PolKitAuthorizationConstraint *c;
 
                         c = polkit_authorization_constraint_get_require_exe (path);
@@ -634,6 +660,8 @@
 
                         ret++;
                 }
+
+                kit_free(path);
         }
 
         /* constrain to callers SELinux context */
--- src/polkit-dbus/polkit-read-auth-helper.c.orig	2009-03-30 00:17:28.300000000 +0100
+++ src/polkit-dbus/polkit-read-auth-helper.c	2009-03-30 00:30:09.770000000 +0100
@@ -190,8 +190,8 @@
                 uid_t uid;
                 size_t name_len;
                 char *filename;
-                char username[PATH_MAX];
-                char path[PATH_MAX];
+                char *username;
+                char path[strlen(root) + 1 + strlen(d->d_name) + 1];
                 static const char suffix[] = ".auths";
                 struct passwd *pw;
                 struct stat statbuf;
@@ -199,10 +199,7 @@
                 if (d->d_name == NULL)
                         continue;
 
-                if (snprintf (path, sizeof (path), "%s/%s", root, d->d_name) >= (int) sizeof (path)) {
-                        fprintf (stderr, "polkit-read-auth-helper: string was truncated (1)\n");
-                        goto out;
-                }
+                sprintf (path, "%s/%s", root, d->d_name);
 
                 if (stat (path, &statbuf) != 0) {
                         fprintf (stderr, "polkit-read-auth-helper: cannot stat %s: %m\n", path);
@@ -240,8 +237,9 @@
                         fprintf (stderr, "polkit-read-auth-helper: file name '%s' is malformed (2)\n", filename);
                         continue;
                 }
-                if (n - m > sizeof (username) - 1) {
-                        fprintf (stderr, "polkit-read-auth-helper: file name '%s' is malformed (3)\n", filename);
+                username = kit_malloc (n - m + 1);
+                if (!username) {
+                        fprintf (stderr, "polkit-read-auth-helper: out of memory\n");
                         continue;
                 }
                 strncpy (username, filename + m, n - m);
@@ -250,8 +248,10 @@
                 pw = kit_getpwnam (username);
                 if (pw == NULL) {
                         fprintf (stderr, "polkit-read-auth-helper: cannot look up uid for username %s\n", username);
+                        free(username);
                         continue;
                 }
+                free(username);
                 uid = pw->pw_uid;
                 
                 if (!dump_auths_from_file (path, uid))
--- tools/polkit-auth.c.orig	2009-03-30 00:31:21.000000000 +0100
+++ tools/polkit-auth.c	2009-03-30 00:37:19.700000000 +0100
@@ -527,7 +527,6 @@
                 polkit_uint64_t pid_start_time;
                 PolKitAction *pk_action;
                 PolKitResult pk_result;
-                char exe[PATH_MAX];
 
                 printf ("%s\n", action_id);
 
@@ -539,17 +538,33 @@
 
                 switch (polkit_authorization_get_scope (auth)) {
                 case POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT:
-                case POLKIT_AUTHORIZATION_SCOPE_PROCESS:
+                case POLKIT_AUTHORIZATION_SCOPE_PROCESS: {
+                        char *exe;
+                        int allocated = 128, len;
                         polkit_authorization_scope_process_get_pid (auth, &pid, &pid_start_time);
-                        if (polkit_sysdeps_get_exe_for_pid (pid, exe, sizeof (exe)) == -1)
-                                strncpy (exe, "unknown", sizeof (exe));
+retry:
+                        exe = malloc (allocated);
+                        len = polkit_sysdeps_get_exe_for_pid (pid, exe, allocated);
+
+                        if (len >= allocated) {
+                                free (exe);
+                                allocated *= 2;
+                                exe = malloc(allocated);
+                                goto retry;
+                        }
+
+                        if (len == -1)
+                                strncpy (exe, "unknown", allocated);
 
                         if (polkit_authorization_get_scope (auth) == POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT) {
                                 printf ("  Scope:       Confined to single shot from pid %d (%s)\n", pid, exe);
                         } else {
                                 printf ("  Scope:       Confined to pid %d (%s)\n", pid, exe);
                         }
+
+                        free(exe);
                         break;
+                }
                 case POLKIT_AUTHORIZATION_SCOPE_SESSION:
                         printf ("  Scope:       Confined to session %s\n", polkit_authorization_scope_session_get_ck_objref (auth));
                         break;


More information about the Pkg-utopia-maintainers mailing list