From 3e67131815f78e1a8b22c720addf59a6df4361f6 Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Fri, 15 Oct 2010 14:19:39 -0500 Subject: [PATCH] fix suspend/resume and nmcli issues - core: fix suspend/resume regression (rh #638640) - core: fix issue causing some nmcli requests to be ignored --- NetworkManager.spec | 10 ++- nm-libnm-glib-prop-set-delay.patch | 50 ++++++++++++ nm-sleep-wake-no-auth.patch | 122 +++++++++++++++++++++++++++++ 3 files changed, 181 insertions(+), 1 deletion(-) create mode 100644 nm-libnm-glib-prop-set-delay.patch create mode 100644 nm-sleep-wake-no-auth.patch diff --git a/NetworkManager.spec b/NetworkManager.spec index 94c7d3a..b34e57e 100644 --- a/NetworkManager.spec +++ b/NetworkManager.spec @@ -20,7 +20,7 @@ Name: NetworkManager Summary: Network connection manager and user applications Epoch: 1 Version: 0.8.1 -Release: 8%{snapshot}%{?dist} +Release: 9%{snapshot}%{?dist} Group: System Environment/Base License: GPLv2+ URL: http://www.gnome.org/projects/NetworkManager/ @@ -34,6 +34,8 @@ Patch3: nm-applet-no-notifications.patch Patch4: nm-remove-stale-hosts-mappings.patch Patch5: nm-preserve-custom-hostnames.patch Patch6: nm-prevent-hostname-dup.patch +Patch7: nm-sleep-wake-no-auth.patch +Patch8: nm-libnm-glib-prop-set-delay.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires(post): chkconfig @@ -167,6 +169,8 @@ tar -xjf %{SOURCE1} %patch4 -p1 -b .remove-stale-hosts-mappings %patch5 -p1 -b .preserve-custom-hostnames %patch6 -p1 -b .prevent-hostname-dup +%patch7 -p1 -b .sleep-wake +%patch8 -p1 -b .prop-set-delay %build @@ -420,6 +424,10 @@ fi %{_datadir}/gtk-doc/html/libnm-util/* %changelog +* Fri Oct 15 2010 Dan Williams - 0.8.1-9 +- core: fix suspend/resume regression (rh #638640) +- core: fix issue causing some nmcli requests to be ignored + * Thu Oct 7 2010 Dan Williams - 0.8.1-8 - core: preserve custom local-mapped hostnames in /etc/hosts (rh #627269) diff --git a/nm-libnm-glib-prop-set-delay.patch b/nm-libnm-glib-prop-set-delay.patch new file mode 100644 index 0000000..ea60d8a --- /dev/null +++ b/nm-libnm-glib-prop-set-delay.patch @@ -0,0 +1,50 @@ +commit 8d7b9a4ef56d3ca0c06c8d655e71698bdab04d9f +Author: Jiří Klimeš +Date: Fri Oct 15 09:41:34 2010 +0200 + + libnm-glib: call D-Bus with a timeout when Set()ting properties + + The caller needs to be authenticated, so wait a bit to be sure + it didn't quit too quickly. + +diff --git a/libnm-glib/Makefile.am b/libnm-glib/Makefile.am +index 008cc6d..ec21a32 100644 +--- a/libnm-glib/Makefile.am ++++ b/libnm-glib/Makefile.am +@@ -132,7 +132,7 @@ libnm_glib_la_LIBADD = \ + $(GUDEV_LIBS) + + libnm_glib_la_LDFLAGS = -Wl,--version-script=$(srcdir)/libnm-glib.ver \ +- -version-info "6:1:4" ++ -version-info "6:2:4" + + noinst_PROGRAMS = libnm-glib-test + +diff --git a/libnm-glib/nm-object.c b/libnm-glib/nm-object.c +index 72ea050..85cb6b7 100644 +--- a/libnm-glib/nm-object.c ++++ b/libnm-glib/nm-object.c +@@ -527,12 +527,17 @@ _nm_object_set_property (NMObject *object, + g_return_if_fail (prop_name != NULL); + g_return_if_fail (G_IS_VALUE (value)); + +- dbus_g_proxy_call_no_reply (NM_OBJECT_GET_PRIVATE (object)->properties_proxy, +- "Set", +- G_TYPE_STRING, interface, +- G_TYPE_STRING, prop_name, +- G_TYPE_VALUE, value, +- G_TYPE_INVALID); ++ if (!dbus_g_proxy_call_with_timeout (NM_OBJECT_GET_PRIVATE (object)->properties_proxy, ++ "Set", 2000, NULL, ++ G_TYPE_STRING, interface, ++ G_TYPE_STRING, prop_name, ++ G_TYPE_VALUE, value, ++ G_TYPE_INVALID)) { ++ ++ /* Ignore errors. dbus_g_proxy_call_with_timeout() is called instead of ++ * dbus_g_proxy_call_no_reply() to give NM chance to authenticate the caller. ++ */ ++ } + } + + char * diff --git a/nm-sleep-wake-no-auth.patch b/nm-sleep-wake-no-auth.patch new file mode 100644 index 0000000..9c90a08 --- /dev/null +++ b/nm-sleep-wake-no-auth.patch @@ -0,0 +1,122 @@ +commit 878f6c4074acfdee42c320680f5529e01b909ba2 +Author: Dan Williams +Date: Fri Oct 15 10:28:38 2010 -0500 + + core: ignore authorization for sleep/wake requests (but restrict to root) (rh #638640) + + Everyone uses pm-utils still for sleep/wake support, and that's + traditionally how NM was put to sleep and woken up. But pm-utils + uses dbus-send without --print-reply so dbus-send quits immediately + after sending the message. That doesn't give NM enough time to + get the senders UID and thus validate the request, so the request + gets denied, and sometimes NM stays asleep after the machine is + woken up. + + Instead, don't get the sender's UID and try to authorize it, but + just let the request go through. Rely on D-Bus permissions to + make sure that only root can call sleep/wake methods. + +diff --git a/src/NetworkManager.conf b/src/NetworkManager.conf +index 8d08314..1f1ed49 100644 +--- a/src/NetworkManager.conf ++++ b/src/NetworkManager.conf +@@ -60,6 +60,18 @@ + ++ ++ ++ ++ ++ ++ + + + +@@ -72,6 +84,18 @@ + send_interface="org.freedesktop.NetworkManager" + send_member="SetLogging"/> + ++ ++ ++ ++ ++ ++ + +diff --git a/src/nm-manager.c b/src/nm-manager.c +index 758a082..4a3e499 100644 +--- a/src/nm-manager.c ++++ b/src/nm-manager.c +@@ -3369,6 +3369,7 @@ _internal_sleep (NMManager *self, gboolean do_sleep) + g_object_notify (G_OBJECT (self), NM_MANAGER_SLEEPING); + } + ++#if 0 + static void + sleep_auth_done_cb (NMAuthChain *chain, + GError *error, +@@ -3407,6 +3408,7 @@ sleep_auth_done_cb (NMAuthChain *chain, + + nm_auth_chain_unref (chain); + } ++#endif + + static void + impl_manager_sleep (NMManager *self, +@@ -3414,10 +3416,12 @@ impl_manager_sleep (NMManager *self, + DBusGMethodInvocation *context) + { + NMManagerPrivate *priv; +- NMAuthChain *chain; + GError *error = NULL; ++#if 0 ++ NMAuthChain *chain; + gulong sender_uid = G_MAXULONG; + const char *error_desc = NULL; ++#endif + + g_return_if_fail (NM_IS_MANAGER (self)); + +@@ -3432,6 +3436,19 @@ impl_manager_sleep (NMManager *self, + return; + } + ++ /* Unconditionally allow the request. Previously it was polkit protected ++ * but unfortunately that doesn't work for short-lived processes like ++ * pm-utils. It uses dbus-send without --print-reply, which quits ++ * immediately after sending the request, and NM is unable to obtain the ++ * sender's UID as dbus-send has already dropped off the bus. Thus NM ++ * fails the request. Instead, don't validate the request, but rely on ++ * D-Bus permissions to restrict the call to root. ++ */ ++ _internal_sleep (self, do_sleep); ++ dbus_g_method_return (context); ++ return; ++ ++#if 0 + if (!nm_auth_get_caller_uid (context, priv->dbus_mgr, &sender_uid, &error_desc)) { + error = g_error_new_literal (NM_MANAGER_ERROR, + NM_MANAGER_ERROR_PERMISSION_DENIED, +@@ -3457,6 +3474,7 @@ impl_manager_sleep (NMManager *self, + + nm_auth_chain_set_data (chain, "sleep", GUINT_TO_POINTER (do_sleep), NULL); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SLEEP_WAKE, TRUE); ++#endif + } + + static void