Hello community, here is the log from the commit of package kauth for openSUSE:Factory checked in at 2014-07-21 21:39:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kauth (Old) and /work/SRC/openSUSE:Factory/.kauth.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kauth" Changes: -------- --- /work/SRC/openSUSE:Factory/kauth/kauth.changes 2014-07-15 08:00:21.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.kauth.new/kauth.changes 2014-07-21 22:34:16.000000000 +0200 @@ -1,0 +2,10 @@ +Fri Jul 18 08:12:36 UTC 2014 - [email protected] + +- Install org.kde.kf5auth.conf, now that it's whitelisted + +------------------------------------------------------------------- +Wed Jul 16 21:31:42 UTC 2014 - [email protected] + +- Added 0001-Fix-race-condition.patch for resolving bnc#864716 + +------------------------------------------------------------------- New: ---- 0001-Fix-race-condition.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kauth.spec ++++++ --- /var/tmp/diff_new_pack.3JKad0/_old 2014-07-21 22:34:18.000000000 +0200 +++ /var/tmp/diff_new_pack.3JKad0/_new 2014-07-21 22:34:18.000000000 +0200 @@ -40,6 +40,8 @@ Patch0: polkit-qt5-support.patch # PATCH-FIX-UPSTREAM 0001-Pass-trailing-slash-to-searched-backend-helper-plugi.patch Patch1: 0001-Pass-trailing-slash-to-searched-backend-helper-plugi.patch +# PATCH-FIX-UPSTREAM 0001-Fix-race-condition.patch -- https://git.reviewboard.kde.org/r/119323/ +Patch2: 0001-Fix-race-condition.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -70,6 +72,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 %build %cmake_kf5 -d build -- -DSYSCONF_INSTALL_DIR=%{_kf5_sysconfdir} @@ -81,8 +84,10 @@ %find_lang %{name}5 --with-qt --without-mo -# Comment out until security review is done! -# echo "setBadness('suse-dbus-unauthorized-service', 0)" > $RPM_SOURCE_DIR/%name-rpmlintrc +%if 0%{?suse_version} <= 1310 +# we need this for older oS releases; only Factory/13.2 has the whitelist +echo "setBadness('suse-dbus-unauthorized-service', 0)" > $RPM_SOURCE_DIR/%name-rpmlintrc +%endif %post -n %lname -p /sbin/ldconfig @@ -97,8 +102,7 @@ %{_kf5_plugindir}/ %dir %{_kf5_libdir}/libexec %{_kf5_libdir}/libexec/kauth -# Until security review is done! -%exclude %{_kf5_sysconfdir}/dbus-1/system.d/org.kde.kf5auth.conf +%config %{_kf5_sysconfdir}/dbus-1/system.d/org.kde.kf5auth.conf %files devel %defattr(-,root,root) ++++++ 0001-Fix-race-condition.patch ++++++ commit 2ccf7af0bfd9ee1c3e5699eb0f5d6d65a6fb834e Author: Martin Sandsmark <[email protected]> Date: Wed Jul 16 17:58:49 2014 +0200 Fix race condition. Using the PID based method in polkit is deprecated because of PID reuse races. diff --git a/src/backends/polkit-1/Polkit1Backend.cpp b/src/backends/polkit-1/Polkit1Backend.cpp index 165f7bb..5cac3fb 100644 --- a/src/backends/polkit-1/Polkit1Backend.cpp +++ b/src/backends/polkit-1/Polkit1Backend.cpp @@ -142,7 +142,7 @@ void Polkit1Backend::setupAction(const QString &action) Action::AuthStatus Polkit1Backend::actionStatus(const QString &action) { - PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid()); + PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID())); PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject, PolkitQt1::Authority::None); switch (r) { @@ -158,21 +158,12 @@ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action) QByteArray Polkit1Backend::callerID() const { - QByteArray a; - QDataStream s(&a, QIODevice::WriteOnly); - s << QCoreApplication::applicationPid(); - - return a; + return QDBusConnection::systemBus().baseService().toUtf8(); } bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID) { - QDataStream s(&callerID, QIODevice::ReadOnly); - qint64 pid; - - s >> pid; - - PolkitQt1::UnixProcessSubject subject(pid); + PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID)); PolkitQt1::Authority *authority = PolkitQt1::Authority::instance(); PolkitResultEventLoop e; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
