core: ignore authorization for sleep/wake requests (but restrict to root) (rh #638640)

Everyone uses pm-utils still for sleep/wake support, and that's traditionally how NM was put to sleep and woken up. But pm-utils uses dbus-send without --print-reply so dbus-send quits immediately after sending the message. That doesn't give NM enough time to get the senders UID and thus validate the request, so the request gets denied, and sometimes NM stays asleep after the machine is woken up. Instead, don't get the sender's UID and try to authorize it, but just let the request go through. Rely on D-Bus permissions to make sure that only root can call sleep/wake methods.
2025-12-26 19:20:12 +01:00 · 2010-10-15 10:28:38 -05:00 · 2010-10-15 10:28:38 -05:00 · 8310593ce4
commit 8310593ce4
parent 9f2b48ef08
2 changed files with 43 additions and 1 deletions
--- a/src/NetworkManager.conf
+++ b/src/NetworkManager.conf
@ -60,6 +60,18 @@
                <deny send_destination="org.freedesktop.NetworkManager"
                       send_interface="org.freedesktop.NetworkManager"
                       send_member="SetLogging"/>
+
+                <deny send_destination="org.freedesktop.NetworkManager"
+                       send_interface="org.freedesktop.NetworkManager"
+                       send_member="Sleep"/>
+
+                <deny send_destination="org.freedesktop.NetworkManager"
+                       send_interface="org.freedesktop.NetworkManager"
+                       send_member="sleep"/>
+
+                <deny send_destination="org.freedesktop.NetworkManager"
+                       send_interface="org.freedesktop.NetworkManager"
+                       send_member="wake"/>
        </policy>
        <policy context="default">
                <deny own="org.freedesktop.NetworkManager"/>
@ -72,6 +84,18 @@
                       send_interface="org.freedesktop.NetworkManager"
                       send_member="SetLogging"/>

+                <deny send_destination="org.freedesktop.NetworkManager"
+                       send_interface="org.freedesktop.NetworkManager"
+                       send_member="Sleep"/>
+
+                <deny send_destination="org.freedesktop.NetworkManager"
+                       send_interface="org.freedesktop.NetworkManager"
+                       send_member="sleep"/>
+
+                <deny send_destination="org.freedesktop.NetworkManager"
+                       send_interface="org.freedesktop.NetworkManager"
+                       send_member="wake"/>
+
                <!-- The org.freedesktop.NetworkManagerSettings.Connection.Secrets
                     interface is secured via PolicyKit.
                  -->
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@ -3369,6 +3369,7 @@ _internal_sleep (NMManager *self, gboolean do_sleep)
 	g_object_notify (G_OBJECT (self), NM_MANAGER_SLEEPING);
 }

+#if 0
 static void
 sleep_auth_done_cb (NMAuthChain *chain,
                    GError *error,
@ -3407,6 +3408,7 @@ sleep_auth_done_cb (NMAuthChain *chain,

 	nm_auth_chain_unref (chain);
 }
+#endif

 static void
 impl_manager_sleep (NMManager *self,
@ -3414,10 +3416,12 @@ impl_manager_sleep (NMManager *self,
                    DBusGMethodInvocation *context)
 {
 	NMManagerPrivate *priv;
-	NMAuthChain *chain;
 	GError *error = NULL;
+#if 0
+	NMAuthChain *chain;
 	gulong sender_uid = G_MAXULONG;
 	const char *error_desc = NULL;
+#endif

 	g_return_if_fail (NM_IS_MANAGER (self));

@ -3432,6 +3436,19 @@ impl_manager_sleep (NMManager *self,
 		return;
 	}

+	/* Unconditionally allow the request.  Previously it was polkit protected
+	 * but unfortunately that doesn't work for short-lived processes like
+	 * pm-utils.  It uses dbus-send without --print-reply, which quits
+	 * immediately after sending the request, and NM is unable to obtain the
+	 * sender's UID as dbus-send has already dropped off the bus.  Thus NM
+	 * fails the request.  Instead, don't validate the request, but rely on
+	 * D-Bus permissions to restrict the call to root.
+	 */
+	_internal_sleep (self, do_sleep);
+	dbus_g_method_return (context);
+	return;
+
+#if 0
 	if (!nm_auth_get_caller_uid (context, priv->dbus_mgr, &sender_uid, &error_desc)) {
 		error = g_error_new_literal (NM_MANAGER_ERROR,
 		                             NM_MANAGER_ERROR_PERMISSION_DENIED,
@ -3457,6 +3474,7 @@ impl_manager_sleep (NMManager *self,

 	nm_auth_chain_set_data (chain, "sleep", GUINT_TO_POINTER (do_sleep), NULL);
 	nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SLEEP_WAKE, TRUE);
+#endif
 }

 static void