From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michal Schmidt <mschmidt@redhat.com>
Date: Wed, 04 Aug 2010 09:53:25 +0000
Subject: [PATCH] udev-acl: really fix ACL assignment in CK events
Message-Id: <20100804115325.6599879e@hammerfall>
List-Id: <linux-hotplug.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: linux-hotplug@vger.kernel.org

The previous fix for udev-acl was incomplete. The ACL were not properly
assigned to the new user when switching from root's session because of
the test for 'uid !=3D 0'.

Centralize the special handling of root to a single place (in set_facl).

(Also remove repeated #includes.)

https://bugzilla.redhat.com/show_bug.cgi?id`8712
---
 extras/udev-acl/udev-acl.c |   37 +++++++++++++++++++------------------
 1 files changed, 19 insertions(+), 18 deletions(-)

diff --git a/extras/udev-acl/udev-acl.c b/extras/udev-acl/udev-acl.c
index f2b5005..31e9991 100644
--- a/extras/udev-acl/udev-acl.c
+++ b/extras/udev-acl/udev-acl.c
@@ -12,20 +12,18 @@
  * General Public License for more details:
  */
=20
-#include <stdio.h>
-#include <errno.h>
-#include <string.h>
-#include <inttypes.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
+#include <acl/libacl.h>
+#include <sys/stat.h>
 #include <errno.h>
 #include <getopt.h>
-#include <sys/stat.h>
 #include <glib.h>
-#include <acl/libacl.h>
+#include <inttypes.h>
 #include <libudev.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
=20
 static int debug;
=20
@@ -45,6 +43,10 @@ static int set_facl(const char* filename, uid_t uid, int=
 add)
 	acl_permset_t permset;
 	int ret;
=20
+	/* don't touch ACLs for root */
+	if (uid =3D 0)
+		return 0;
+
 	/* read current record */
 	acl =3D acl_get_file(filename, ACL_TYPE_ACCESS);
 	if (!acl)
@@ -190,8 +192,6 @@ static int consolekit_called(const char *ck_action, uid=
_t *uid, uid_t *uid2, con
 		if (s =3D NULL)
 			return -1;
 		u =3D strtoul(s, NULL, 10);
-		if (u =3D 0)
-			return 0;
=20
 		s =3D getenv("CK_SEAT_SESSION_IS_LOCAL");
 		if (s =3D NULL)
@@ -205,8 +205,6 @@ static int consolekit_called(const char *ck_action, uid=
_t *uid, uid_t *uid2, con
 		if (s =3D NULL)
 			return -1;
 		u =3D strtoul(s, NULL, 10);
-		if (u =3D 0)
-			return 0;
=20
 		s =3D getenv("CK_SEAT_OLD_SESSION_IS_LOCAL");
 		if (s =3D NULL)
@@ -331,6 +329,7 @@ int main (int argc, char* argv[])
 	};
 	int action =3D -1;
 	const char *device =3D NULL;
+	bool uid_given =3D false;
 	uid_t uid =3D 0;
 	uid_t uid2 =3D 0;
 	const char* remove_session_id =3D NULL;
@@ -357,6 +356,7 @@ int main (int argc, char* argv[])
 			device =3D optarg;
 			break;
 		case 'u':
+			uid_given =3D true;
 			uid =3D strtoul(optarg, NULL, 10);
 			break;
 		case 'd':
@@ -369,8 +369,9 @@ int main (int argc, char* argv[])
 		}
 	}
=20
-	if (action < 0 && device =3D NULL && uid =3D 0)
-		consolekit_called(argv[optind], &uid, &uid2, &remove_session_id, &action=
);
+	if (action < 0 && device =3D NULL && !uid_given)
+		if (!consolekit_called(argv[optind], &uid, &uid2, &remove_session_id, &a=
ction))
+			uid_given =3D true;
=20
 	if (action < 0) {
 		fprintf(stderr, "missing action\n\n");
@@ -378,13 +379,13 @@ int main (int argc, char* argv[])
 		goto out;
 	}
=20
-	if (device !=3D NULL && uid !=3D 0) {
+	if (device !=3D NULL && uid_given) {
 		fprintf(stderr, "only one option, --device=DEVICEFILE or --user=3DUID ex=
pected\n\n");
 		rc =3D 3;
 		goto out;
 	}
=20
-	if (uid !=3D 0) {
+	if (uid_given) {
 		switch (action) {
 		case ACTION_ADD:
 			/* Add ACL for given uid to all matching devices. */
--=20
1.7.2