fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-05-18 08:08:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

core: merge branch 'juspence:main' (parts)

Browse source 
Merge a subset of merge-request 1031, with a few follow-up fixes.

See-also: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/843

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1031
This commit is contained in:
Thomas Haller 2022-01-18 19:07:27 +01:00
commit 4122534b6e
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
7 changed files with 66 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/core/main-utils.c
View file

@ -209,15 +209,6 @@ nm_main_utils_ensure_not_running_pidfile(const char *pidfile)
}
}
void
nm_main_utils_ensure_root()
{
if (getuid() != 0) {
fprintf(stderr, _("You must be root to run %s!\n"), g_get_prgname() ?: "");
exit(1);
}
}
gboolean
nm_main_utils_early_setup(const char *progname,
int *argc,

2
src/core/main-utils.h
View file

@ -6,8 +6,6 @@
#ifndef __MAIN_UTILS_H__
#define __MAIN_UTILS_H__
void nm_main_utils_ensure_root(void);
void nm_main_utils_setup_signals(GMainLoop *main_loop);
void nm_main_utils_ensure_statedir(void);

2
src/core/main.c
View file

@ -328,8 +328,6 @@ main(int argc, char *argv[])
exit(result);
}
nm_main_utils_ensure_root();
nm_main_utils_ensure_not_running_pidfile(global_opt.pidfile);
nm_main_utils_ensure_statedir();

56
src/core/nm-core-utils.c
View file

@ -5145,3 +5145,59 @@ nm_utils_spawn_helper_finish(GAsyncResult *result, GError **error)
return g_task_propagate_pointer(task, error);
}
/*****************************************************************************/
/**
* nm_utils_get_nm_uid:
*
* Checks what EUID NetworkManager is running as.
* Saves the EUID so it can be reused without making many syscalls.
*/
uid_t
nm_utils_get_nm_uid(void)
{
static int u_static = -1;
int u;
again:
if ((u = g_atomic_int_get(&u_static)) == -1) {
uid_t u2;
u2 = geteuid();
u = u2;
nm_assert(u == u2);
nm_assert(u >= 0);
if (!g_atomic_int_compare_and_exchange(&u_static, -1, u))
goto again;
}
return u;
}
/**
* nm_utils_get_nm_gid:
*
* Checks what EGID NetworkManager is running as.
* Saves the EGID so it can be reused without making many syscalls.
*/
gid_t
nm_utils_get_nm_gid(void)
{
static int g_static = -1;
int g;
again:
if ((g = g_atomic_int_get(&g_static)) == -1) {
gid_t g2;
g2 = geteuid();
g = g2;
nm_assert(g == g2);
nm_assert(g >= 0);
if (!g_atomic_int_compare_and_exchange(&g_static, -1, g))
goto again;
}
return g;
}

7
src/core/nm-core-utils.h
View file

@ -9,6 +9,7 @@
#include <stdio.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include "nm-connection.h"
@ -470,4 +471,10 @@ void nm_utils_spawn_helper(const char *const *args,
char *nm_utils_spawn_helper_finish(GAsyncResult *result, GError **error);
/*****************************************************************************/
uid_t nm_utils_get_nm_uid(void);
gid_t nm_utils_get_nm_gid(void);
#endif /* __NM_CORE_UTILS_H__ */

2
src/core/settings/plugins/keyfile/nms-keyfile-utils.c
View file

@ -337,7 +337,7 @@ nms_keyfile_utils_check_file_permissions_stat(NMSKeyfileFiletype filetype,
g_return_val_if_reached(FALSE);
if (!NM_FLAGS_HAS(nm_utils_get_testing(), NM_UTILS_TEST_NO_KEYFILE_OWNER_CHECK)) {
if (st->st_uid != 0) {
if (!NM_IN_SET(st->st_uid, 0, nm_utils_get_nm_uid())) {
g_set_error(error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_CONNECTION,

4
src/core/settings/plugins/keyfile/nms-keyfile-writer.c
View file

@ -444,8 +444,8 @@ nms_keyfile_writer_connection(NMConnection *connection,
keyfile_dir,
profile_dir,
TRUE,
0,
0,
nm_utils_get_nm_uid(),
nm_utils_get_nm_gid(),
existing_path,
existing_path_read_only,
force_rename,