summaryrefslogtreecommitdiff
path: root/src/timedate
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-02-18 12:55:25 +0100
committerLennart Poettering <lennart@poettering.net>2015-02-18 12:55:25 +0100
commitc529695e7a30b300fdaa61ace4a8a4ed0e94ad1c (patch)
treeb8613d0df12627f161c4be274378329bea2e72fc /src/timedate
parent2723b3b51d409340558e46e37e90525d4f880fe1 (diff)
downloadsystemd-c529695e7a30b300fdaa61ace4a8a4ed0e94ad1c.tar.gz
systemd-c529695e7a30b300fdaa61ace4a8a4ed0e94ad1c.tar.bz2
systemd-c529695e7a30b300fdaa61ace4a8a4ed0e94ad1c.zip
logind: open up most bus calls for unpriviliged processes, using PolicyKit
Also, allow clients to alter their own objects without any further priviliges. i.e. this allows clients to kill and lock their own sessions without involving PK.
Diffstat (limited to 'src/timedate')
-rw-r--r--src/timedate/timedated.c36
1 files changed, 32 insertions, 4 deletions
diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c
index 753c3d1d65..23efe832a7 100644
--- a/src/timedate/timedated.c
+++ b/src/timedate/timedated.c
@@ -397,7 +397,14 @@ static int method_set_timezone(sd_bus *bus, sd_bus_message *m, void *userdata, s
if (streq_ptr(z, c->zone))
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-timezone", interactive, &c->polkit_registry, error);
+ r = bus_verify_polkit_async(
+ m,
+ CAP_SYS_TIME,
+ "org.freedesktop.timedate1.set-timezone",
+ interactive,
+ UID_INVALID,
+ &c->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)
@@ -458,7 +465,14 @@ static int method_set_local_rtc(sd_bus *bus, sd_bus_message *m, void *userdata,
if (lrtc == c->local_rtc)
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-local-rtc", interactive, &c->polkit_registry, error);
+ r = bus_verify_polkit_async(
+ m,
+ CAP_SYS_TIME,
+ "org.freedesktop.timedate1.set-local-rtc",
+ interactive,
+ UID_INVALID,
+ &c->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)
@@ -563,7 +577,14 @@ static int method_set_time(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bu
} else
timespec_store(&ts, (usec_t) utc);
- r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-time", interactive, &c->polkit_registry, error);
+ r = bus_verify_polkit_async(
+ m,
+ CAP_SYS_TIME,
+ "org.freedesktop.timedate1.set-time",
+ interactive,
+ UID_INVALID,
+ &c->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)
@@ -603,7 +624,14 @@ static int method_set_ntp(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus
if ((bool)ntp == c->use_ntp)
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-ntp", interactive, &c->polkit_registry, error);
+ r = bus_verify_polkit_async(
+ m,
+ CAP_SYS_TIME,
+ "org.freedesktop.timedate1.set-ntp",
+ interactive,
+ UID_INVALID,
+ &c->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)