diff --git a/fix-autologin.patch b/fix-autologin.patch index a0efa4a..016612d 100644 --- a/fix-autologin.patch +++ b/fix-autologin.patch @@ -1,7 +1,7 @@ -From eb6d8d221b34a93e57c22cefa47d924350251c4c Mon Sep 17 00:00:00 2001 +From 662d241e78319b431d60be7a3b8d9eccb1cc7cf5 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Thu, 15 Oct 2015 14:37:33 -0400 -Subject: [PATCH] daemon: fork before threads are spawned +Subject: [PATCH 1/2] daemon: fork before threads are spawned It's not really a good idea to fork after glib has initialized, since it has helper threads that may have taken locks etc. @@ -9,11 +9,11 @@ since it has helper threads that may have taken locks etc. This commit forks really early to prevent locks from leaking and causing deadlock. --- - daemon/gkd-main.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++--------- - 1 file changed, 63 insertions(+), 12 deletions(-) + daemon/gkd-main.c | 88 +++++++++++++++++++++++++++++++++++++++++++------------ + 1 file changed, 69 insertions(+), 19 deletions(-) diff --git a/daemon/gkd-main.c b/daemon/gkd-main.c -index f567633..4cc8552 100644 +index f567633..4925ee2 100644 --- a/daemon/gkd-main.c +++ b/daemon/gkd-main.c @@ -98,60 +98,61 @@ EGG_SECURE_DECLARE (daemon_main); @@ -189,7 +189,7 @@ index f567633..4cc8552 100644 /* * The first control_directory is the environment one, always -@@ -577,136 +628,134 @@ discover_other_daemon (DiscoverFunc callback, gboolean acquire) +@@ -577,136 +628,126 @@ discover_other_daemon (DiscoverFunc callback, gboolean acquire) /* Or the default location when no evironment variable */ control_env = g_getenv ("XDG_RUNTIME_DIR"); @@ -226,7 +226,7 @@ index f567633..4cc8552 100644 { int status; pid_t pid; - int fd, i; +- int fd, i; + int wakeup_fds[2] = { -1, -1 }; - if (run_foreground) { @@ -295,13 +295,12 @@ index f567633..4cc8552 100644 } /* Here we are in the resulting daemon or background process. */ - - for (i = 0; i < 3; ++i) { - fd = open ("/dev/null", O_RDONLY); - sane_dup2 (fd, i); - close (fd); - } -+ +- +- for (i = 0; i < 3; ++i) { +- fd = open ("/dev/null", O_RDONLY); +- sane_dup2 (fd, i); +- close (fd); +- } + return wakeup_fds[1]; } @@ -333,7 +332,55 @@ index f567633..4cc8552 100644 return TRUE; } -@@ -849,112 +898,114 @@ main (int argc, char *argv[]) +@@ -802,159 +843,168 @@ gkd_main_complete_initialization (const gchar *components) + static gboolean + on_login_timeout (gpointer data) + { + if (!initialization_completed) + cleanup_and_exit (0); + return FALSE; + } + + int + main (int argc, char *argv[]) + { + /* + * The gnome-keyring startup is not as simple as I wish it could be. + * + * It's often started in the primordial stages of a session, where + * there's no DBus, and no proper X display. This is the strange world + * of PAM. + * + * When started with the --login option, we do as little initialization + * as possible. We expect a login password on the stdin, and unlock + * or create the login keyring. + * + * Then later we expect gnome-keyring-dameon to be run again with the + * --start option. This second gnome-keyring-daemon will hook the + * original daemon up with environment variables necessary to initialize + * itself and bring it into the session. This second daemon usually exits. + * + * Without either of these options, we follow a more boring and + * predictable startup. + */ ++ int fd, i; + + /* + * Before we do ANYTHING, we drop privileges so we don't become + * a security issue ourselves. + */ + gkd_capability_obtain_capability_and_drop_privileges (); + + #ifdef WITH_STRICT + g_setenv ("DBUS_FATAL_WARNINGS", "1", FALSE); + if (!g_getenv ("G_DEBUG")) + g_log_set_always_fatal (G_LOG_LEVEL_CRITICAL | G_LOG_LEVEL_WARNING); + #endif + + #if !GLIB_CHECK_VERSION(2,35,0) + g_type_init (); + #endif + #ifdef HAVE_LOCALE_H /* internationalisation */ setlocale (LC_ALL, ""); @@ -420,6 +467,12 @@ index f567633..4cc8552 100644 - /* The whole forking and daemonizing dance starts here. */ - fork_and_print_environment(); ++ for (i = 0; i < 3; ++i) { ++ fd = open ("/dev/null", O_RDONLY); ++ sane_dup2 (fd, i); ++ close (fd); ++ } ++ + send_environment_and_finish_parent (parent_wakeup_fd); g_unix_signal_add (SIGTERM, on_signal_term, loop); @@ -454,3 +507,96 @@ index f567633..4cc8552 100644 -- 2.5.0 + +From cfdb233e75f444ee7ab780b888f0928f175c4f73 Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Thu, 15 Oct 2015 16:07:22 -0400 +Subject: [PATCH 2/2] daemon: kill off foreground proceses when session dies + +Right now gnome-keyring will keep processes around forever +in some cases. They need to die when the session goes away, +at least. +--- + daemon/gkd-main.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/daemon/gkd-main.c b/daemon/gkd-main.c +index 4925ee2..db32fa2 100644 +--- a/daemon/gkd-main.c ++++ b/daemon/gkd-main.c +@@ -902,62 +902,70 @@ main (int argc, char *argv[]) + egg_libgcrypt_initialize (); + + /* Send all warning or error messages to syslog */ + prepare_logging (); + + parse_arguments (&argc, &argv); + + /* The --version option. This is machine parseable output */ + if (run_version) { + g_print ("gnome-keyring-daemon: %s\n", VERSION); + g_print ("testing: %s\n", + #ifdef WITH_DEBUG + "enabled"); + #else + "disabled"); + #endif + exit (0); + } + + /* The whole forking and daemonizing dance starts here. */ + parent_wakeup_fd = fork_and_print_environment(); + + /* The --start option */ + if (run_for_start) { + if (discover_other_daemon (initialize_daemon_at, TRUE)) { + /* + * Another daemon was initialized, print out environment + * for any callers, and quit or go comatose. + */ + send_environment_and_finish_parent (parent_wakeup_fd); +- if (run_foreground) +- while (sleep(0x08000000) == 0); ++ if (run_foreground) { ++ GDBusConnection *connection; ++ connection = g_bus_get_sync (G_BUS_TYPE_SESSION, ++ NULL, ++ NULL); ++ loop = g_main_loop_new (NULL, FALSE); ++ g_main_loop_run (loop); ++ g_main_loop_unref (loop); ++ loop = NULL; ++ } + cleanup_and_exit (0); + } + + /* The --replace option */ + } else if (run_for_replace) { + discover_other_daemon (replace_daemon_at, FALSE); + if (control_directory) + g_message ("Replacing daemon, using directory: %s", control_directory); + else + g_message ("Could not find daemon to replace, staring normally"); + } + + /* Initialize the main directory */ + gkd_util_init_master_directory (control_directory); + + /* Initialize our daemon main loop and threading */ + loop = g_main_loop_new (NULL, FALSE); + + /* Initialize our control socket */ + if (!gkd_control_listen ()) + return FALSE; + + if (perform_unlock) { + login_password = read_login_password (STDIN); + atexit (clear_login_password); + } + + /* The --login option. Delayed initialization */ + if (run_for_login) { + timeout_id = g_timeout_add_seconds (LOGIN_TIMEOUT, (GSourceFunc) on_login_timeout, NULL); +-- +2.5.0 + diff --git a/gnome-keyring.spec b/gnome-keyring.spec index 7207525..2ed9fc9 100644 --- a/gnome-keyring.spec +++ b/gnome-keyring.spec @@ -6,7 +6,7 @@ Summary: Framework for managing passwords and other secrets Name: gnome-keyring Version: 3.18.0 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ and LGPLv2+ Group: System Environment/Libraries #VCS: git:git://git.gnome.org/gnome-keyring @@ -72,7 +72,6 @@ make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" rm $RPM_BUILD_ROOT%{_libdir}/security/*.la rm $RPM_BUILD_ROOT%{_libdir}/pkcs11/*.la rm $RPM_BUILD_ROOT%{_libdir}/gnome-keyring/devel/*.la -rm -f $RPM_BUILD_ROOT%{_sysconfdir}/xdg/autostart/gnome-keyring-secrets.desktop %find_lang gnome-keyring @@ -112,6 +111,11 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas >&/dev/null || : %changelog +* Thu Oct 15 2015 Ray Strode 3.18.0-4 +- Fix password handoff in non-autologin case +- Remove unneccessary part of autologin fix + Related: #1269581 + * Thu Oct 15 2015 Ray Strode 3.18.0-3 - Fix deadlock in gnome-keyring when using autologin Resolves: #1269581