Re: [systemd-devel] Avoid polkit queries from systemctl in package maintainer scripts/when running as root?

Hello, Lennart Poettering [2016-04-04 21:28 +0200]: > We already bypass PK if the client is privileged. See > bus_verify_polkit_async() in src/shared/bus-util.c, the calls for > sd_bus_query_sender_privilege(). Are you saying that bypass doesn't > work for you? Right, it still calls Polkit as

Re: [systemd-devel] Avoid polkit queries from systemctl in package maintainer scripts/when running as root?

On Mon, Apr 4, 2016 at 10:28 PM, Lennart Poettering wrote: > On Mon, 04.04.16 17:31, Martin Pitt (martin.p...@ubuntu.com) wrote: > > > Hello all, > > > > a recent (mostly cosmetical) bug report [1] made me aware that we > > currently query polkit for a lot of systemctl >

Re: [systemd-devel] Avoid polkit queries from systemctl in package maintainer scripts/when running as root?

On Mon, 04.04.16 13:06, Colin Walters (walt...@verbum.org) wrote: > > > On Mon, Apr 4, 2016, at 11:31 AM, Martin Pitt wrote: > > > A more upstreamable approach would be to not query polkit at all if > > geteuid() == 0. Is there any legit scenario where root would be denied > > running

Re: [systemd-devel] Avoid polkit queries from systemctl in package maintainer scripts/when running as root?

On Mon, 04.04.16 17:31, Martin Pitt (martin.p...@ubuntu.com) wrote: > Hello all, > > a recent (mostly cosmetical) bug report [1] made me aware that we > currently query polkit for a lot of systemctl > enable/daemon-reload/etc. calls from package maintainer scripts. At > least in Debian,

Re: [systemd-devel] Avoid polkit queries from systemctl in package maintainer scripts/when running as root?

On Mon, Apr 4, 2016, at 11:31 AM, Martin Pitt wrote: > A more upstreamable approach would be to not query polkit at all if > geteuid() == 0. Is there any legit scenario where root would be denied > running systemctl directly, but a polkit rule would allow it > nevertheless? I can't think of