[gnome-session/benzea/systemd-fixes] util: Unset some environment variables on systemd
- From: Benjamin Berg <bberg src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-session/benzea/systemd-fixes] util: Unset some environment variables on systemd
- Date: Tue, 24 Sep 2019 09:27:49 +0000 (UTC)
commit b7b24627485c520f873db4e918e217a76ededd8c
Author: Benjamin Berg <bberg redhat com>
Date: Mon Sep 23 11:53:52 2019 +0200
util: Unset some environment variables on systemd
Variables like GNOME_SHELL_SESSION_MODE may not always be set at login,
causing them to survive between session. Add a list of variables that
need to be unset, and explicitly unset them on the systemd side.
The list is taken from GDMs list of variables.
gnome-session/gsm-util.c | 41 ++++++++++++++++++++++++++++++++++++-----
1 file changed, 36 insertions(+), 5 deletions(-)
---
diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
index 1528723c..ada12253 100644
--- a/gnome-session/gsm-util.c
+++ b/gnome-session/gsm-util.c
@@ -35,6 +35,12 @@
static gchar *_saved_session_dir = NULL;
static gchar **child_environment;
+/* These are variables that will not be passed on to subprocesses
+ * (either directly, via systemd or DBus).
+ * Some of these are blacklisted as they might end up in the wrong session
+ * (e.g. XDG_VTNR), others because they simply must never be passed on
+ * (NOTIFY_SOCKET).
+ */
static const char * const variable_blacklist[] = {
"NOTIFY_SOCKET",
"XDG_SEAT",
@@ -43,6 +49,24 @@ static const char * const variable_blacklist[] = {
NULL
};
+/* The following is copied from GDMs spawn_session function.
+ *
+ * Environment variables listed here will be copied into the user's service
+ * environments if they are set in gnome-session's environment. If they are
+ * not set in gnome-session's environment, they will be removed from the
+ * service environments. This is to protect against environment variables
+ * leaking from previous sessions (e.g. when switching from classic to
+ * default GNOME $GNOME_SHELL_SESSION_MODE will become unset).
+ */
+static const char * const variable_unsetlist[] = {
+ "DISPLAY",
+ "XAUTHORITY",
+ "WAYLAND_DISPLAY",
+ "WAYLAND_SOCKET",
+ "GNOME_SHELL_SESSION_MODE",
+ NULL
+};
+
char *
gsm_util_find_desktop_file_for_app_name (const char *name,
gboolean look_in_saved_session,
@@ -616,10 +640,17 @@ gsm_util_export_user_environment (GError **error)
entries = g_get_environ ();
- for (; variable_blacklist[i] != NULL; i++)
+ for (i = 0; variable_blacklist[i] != NULL; i++)
entries = g_environ_unsetenv (entries, variable_blacklist[i]);
- g_variant_builder_init (&builder, G_VARIANT_TYPE ("as"));
+ g_variant_builder_init (&builder, G_VARIANT_TYPE ("(asas)"));
+
+ g_variant_builder_open (&builder, G_VARIANT_TYPE ("as"));
+ for (i = 0; variable_unsetlist[i] != NULL; i++)
+ g_variant_builder_add (&builder, "s", variable_unsetlist[i]);
+ g_variant_builder_close (&builder);
+
+ g_variant_builder_open (&builder, G_VARIANT_TYPE ("as"));
for (i = 0; entries[i] != NULL; i++) {
const char *entry = entries[i];
@@ -631,6 +662,7 @@ gsm_util_export_user_environment (GError **error)
g_variant_builder_add (&builder, "s", entry);
}
+ g_variant_builder_close (&builder);
g_regex_unref (regex);
g_strfreev (entries);
@@ -639,9 +671,8 @@ gsm_util_export_user_environment (GError **error)
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
- "SetEnvironment",
- g_variant_new ("(@as)",
- g_variant_builder_end (&builder)),
+ "UnsetAndSetEnvironment",
+ g_variant_builder_end (&builder),
NULL,
G_DBUS_CALL_FLAGS_NONE,
-1, NULL, &bus_error);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
