Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / eff27476badc5d48b544a07f9f4748a96506c8d7 / . / meta-openembedded / meta-oe / recipes-extended / polkit / polkit / 0003-make-netgroup-support-optional.patch
blob: 1a268f2d0db02216727b9fc8c035aa4a5404bd3f [file] [log] [blame]
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]1From 0c1debb380fee7f5b2bc62406e45856dc9c9e1a1 Mon Sep 17 00:00:00 2001
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]2From: Khem Raj <raj.khem@gmail.com>
3Date: Wed, 22 May 2019 13:18:55 -0700
4Subject: [PATCH] make netgroup support optional
5
6On at least Linux/musl and Linux/uclibc, netgroup
7support is not available. PolKit fails to compile on these systems
8for that reason.
9
10This change makes netgroup support conditional on the presence of the
11setnetgrent(3) function which is required for the support to work. If
12that function is not available on the system, an error will be returned
13to the administrator if unix-netgroup: is specified in configuration.
14
15Fixes bug 50145.
16
17Closes polkit/polkit#14.
18Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com>
19Signed-off-by: Khem Raj <raj.khem@gmail.com>
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]20
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]21---
22 configure.ac | 2 +-
23 src/polkit/polkitidentity.c | 16 ++++++++++++++++
24 src/polkit/polkitunixnetgroup.c | 3 +++
25 .../polkitbackendinteractiveauthority.c | 14 ++++++++------
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]26 src/polkitbackend/polkitbackendjsauthority.cpp | 3 +++
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]27 test/polkit/polkitidentitytest.c | 9 ++++++++-
28 test/polkit/polkitunixnetgrouptest.c | 3 +++
29 .../test-polkitbackendjsauthority.c | 2 ++
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]30 8 files changed, 44 insertions(+), 8 deletions(-)
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]31
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]32diff --git a/configure.ac b/configure.ac
33index b625743..d807086 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]34--- a/configure.ac
35+++ b/configure.ac
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]36@@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"],
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]37 [AC_MSG_ERROR([Can't find expat library. Please install expat.])])
38 AC_SUBST(EXPAT_LIBS)
39
40-AC_CHECK_FUNCS(clearenv fdatasync)
41+AC_CHECK_FUNCS(clearenv fdatasync setnetgrent)
42
43 if test "x$GCC" = "xyes"; then
44 LDFLAGS="-Wl,--as-needed $LDFLAGS"
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]45diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c
46index 3aa1f7f..10e9c17 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]47--- a/src/polkit/polkitidentity.c
48+++ b/src/polkit/polkitidentity.c
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]49@@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]50 }
51 else if (g_str_has_prefix (str, "unix-netgroup:"))
52 {
53+#ifndef HAVE_SETNETGRENT
54+ g_set_error (error,
55+ POLKIT_ERROR,
56+ POLKIT_ERROR_FAILED,
57+ "Netgroups are not available on this machine ('%s')",
58+ str);
59+#else
60 identity = polkit_unix_netgroup_new (str + sizeof "unix-netgroup:" - 1);
61+#endif
62 }
63
64 if (identity == NULL && (error != NULL && *error == NULL))
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]65@@ -344,6 +352,13 @@ polkit_identity_new_for_gvariant (GVariant *variant,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]66 GVariant *v;
67 const char *name;
68
69+#ifndef HAVE_SETNETGRENT
70+ g_set_error (error,
71+ POLKIT_ERROR,
72+ POLKIT_ERROR_FAILED,
73+ "Netgroups are not available on this machine");
74+ goto out;
75+#else
76 v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error);
77 if (v == NULL)
78 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]79@@ -353,6 +368,7 @@ polkit_identity_new_for_gvariant (GVariant *variant,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]80 name = g_variant_get_string (v, NULL);
81 ret = polkit_unix_netgroup_new (name);
82 g_variant_unref (v);
83+#endif
84 }
85 else
86 {
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]87diff --git a/src/polkit/polkitunixnetgroup.c b/src/polkit/polkitunixnetgroup.c
88index 8a2b369..83f8d4a 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]89--- a/src/polkit/polkitunixnetgroup.c
90+++ b/src/polkit/polkitunixnetgroup.c
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]91@@ -194,6 +194,9 @@ polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]92 PolkitIdentity *
93 polkit_unix_netgroup_new (const gchar *name)
94 {
95+#ifndef HAVE_SETNETGRENT
96+ g_assert_not_reached();
97+#endif
98 g_return_val_if_fail (name != NULL, NULL);
99 return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_NETGROUP,
100 "name", name,
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]101diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
102index 056d9a8..36c2f3d 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]103--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
104+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]105@@ -2233,25 +2233,26 @@ get_users_in_net_group (PolkitIdentity *group,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]106 GList *ret;
107
108 ret = NULL;
109+#ifdef HAVE_SETNETGRENT
110 name = polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (group));
111
112-#ifdef HAVE_SETNETGRENT_RETURN
113+# ifdef HAVE_SETNETGRENT_RETURN
114 if (setnetgrent (name) == 0)
115 {
116 g_warning ("Error looking up net group with name %s: %s", name, g_strerror (errno));
117 goto out;
118 }
119-#else
120+# else
121 setnetgrent (name);
122-#endif
123+# endif /* HAVE_SETNETGRENT_RETURN */
124
125 for (;;)
126 {
127-#if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD)
128+# if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD)
129 const char *hostname, *username, *domainname;
130-#else
131+# else
132 char *hostname, *username, *domainname;
133-#endif
134+# endif /* defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) */
135 PolkitIdentity *user;
136 GError *error = NULL;
137
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]138@@ -2282,6 +2283,7 @@ get_users_in_net_group (PolkitIdentity *group,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]139
140 out:
141 endnetgrent ();
142+#endif /* HAVE_SETNETGRENT */
143 return ret;
144 }
145
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]146diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
147index ca17108..41d8d5c 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]148--- a/src/polkitbackend/polkitbackendjsauthority.cpp
149+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]150@@ -1520,6 +1520,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]151
152 JS::CallArgs args = JS::CallArgsFromVp (argc, vp);
153
154+#ifdef HAVE_SETNETGRENT
155 JS::RootedString usrstr (authority->priv->cx);
156 usrstr = args[0].toString();
157 user = JS_EncodeStringToUTF8 (cx, usrstr);
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]158@@ -1535,6 +1536,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
159 is_in_netgroup = true;
160 }
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]161
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]162+#endif
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]163+
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]164 ret = true;
165
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]166 args.rval ().setBoolean (is_in_netgroup);
167diff --git a/test/polkit/polkitidentitytest.c b/test/polkit/polkitidentitytest.c
168index e91967b..e829aaa 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]169--- a/test/polkit/polkitidentitytest.c
170+++ b/test/polkit/polkitidentitytest.c
171@@ -19,6 +19,7 @@
172 * Author: Nikki VonHollen <vonhollen@google.com>
173 */
174
175+#include "config.h"
176 #include "glib.h"
177 #include <polkit/polkit.h>
178 #include <polkit/polkitprivate.h>
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]179@@ -145,11 +146,15 @@ struct ComparisonTestData comparison_test_data [] = {
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]180 {"unix-group:root", "unix-group:jane", FALSE},
181 {"unix-group:jane", "unix-group:jane", TRUE},
182
183+#ifdef HAVE_SETNETGRENT
184 {"unix-netgroup:foo", "unix-netgroup:foo", TRUE},
185 {"unix-netgroup:foo", "unix-netgroup:bar", FALSE},
186+#endif
187
188 {"unix-user:root", "unix-group:root", FALSE},
189+#ifdef HAVE_SETNETGRENT
190 {"unix-user:jane", "unix-netgroup:foo", FALSE},
191+#endif
192
193 {NULL},
194 };
195@@ -181,11 +186,13 @@ main (int argc, char *argv[])
196 g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string);
197 g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string);
198
199+#ifdef HAVE_SETNETGRENT
200 g_test_add_data_func ("/PolkitIdentity/netgroup_string", "unix-netgroup:foo", test_string);
201+ g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant);
202+#endif
203
204 g_test_add_data_func ("/PolkitIdentity/user_gvariant", "unix-user:root", test_gvariant);
205 g_test_add_data_func ("/PolkitIdentity/group_gvariant", "unix-group:root", test_gvariant);
206- g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant);
207
208 add_comparison_tests ();
209
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]210diff --git a/test/polkit/polkitunixnetgrouptest.c b/test/polkit/polkitunixnetgrouptest.c
211index 3701ba1..e3352eb 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]212--- a/test/polkit/polkitunixnetgrouptest.c
213+++ b/test/polkit/polkitunixnetgrouptest.c
214@@ -19,6 +19,7 @@
215 * Author: Nikki VonHollen <vonhollen@google.com>
216 */
217
218+#include "config.h"
219 #include "glib.h"
220 #include <polkit/polkit.h>
221 #include <string.h>
222@@ -69,7 +70,9 @@ int
223 main (int argc, char *argv[])
224 {
225 g_test_init (&argc, &argv, NULL);
226+#ifdef HAVE_SETNETGRENT
227 g_test_add_func ("/PolkitUnixNetgroup/new", test_new);
228 g_test_add_func ("/PolkitUnixNetgroup/set_name", test_set_name);
229+#endif
230 return g_test_run ();
231 }
Andrew Geisslereff27472021-10-29 15:35:00 -0500[diff] [blame^]232diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
233index f97e0e0..fc52149 100644
Brad Bishop15ae2502019-06-18 21:44:24 -0400[diff] [blame]234--- a/test/polkitbackend/test-polkitbackendjsauthority.c
235+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
236@@ -137,12 +137,14 @@ test_get_admin_identities (void)
237 "unix-group:users"
238 }
239 },
240+#ifdef HAVE_SETNETGRENT
241 {
242 "net.company.action3",
243 {
244 "unix-netgroup:foo"
245 }
246 },
247+#endif
248 };
249 guint n;
250