Re: NM and pm-utils sleep hook

From: Michael Biebl <biebl debian org>
To: networkmanager-list gnome org
Subject: Re: NM and pm-utils sleep hook
Date: Thu, 13 Jan 2011 03:43:13 +0100

On 11.01.2011 20:03, Dan Williams wrote:
> On Sat, 2010-12-18 at 10:01 -0600, Robby Workman wrote:
>> Hi Dan, 
>>
>> Re this commit:
>>
>>   commit 8310593ce48a85aa82d4a2adf805662f2b019ef5
>>   Author: Dan Williams <dcbw redhat com>
>>   Date:   Fri Oct 15 10:28:38 2010 -0500
>>   
>>       core: ignore authorization for sleep/wake requests (but restrict to root) (rh #638640)
>>       
>>       Everyone uses pm-utils still for sleep/wake support, and that's
>>       traditionally how NM was put to sleep and woken up.  But pm-utils
>>       uses dbus-send without --print-reply so dbus-send quits immediately
>>       after sending the message.  That doesn't give NM enough time to
>>       get the senders UID and thus validate the request, so the request
>>       gets denied, and sometimes NM stays asleep after the machine is
>>       woken up.
>>       
>>       Instead, don't get the sender's UID and try to authorize it, but
>>       just let the request go through.  Rely on D-Bus permissions to
>>       make sure that only root can call sleep/wake methods.
>>
>> Why not have NM ship the pm-utils sleep hook instead of having to
>> work around what they ship?  Last I checked, NM is the only app
>> for which upstream pm-utils ships a sleep hook, and Victor (the
>> lead dev there) was hoping to have apps ship their own so that
>> he didn't have to maintain stuff that he may not be familiar with.
> 
> I'm happy to ship the hooks in NM.  I've talked about doing that for a
> couple years already, it's just never happened :)

Just put them into NM and I make sure the next pm-utils upstream release has
those hooks removed (I have commit rights for pm-utils).

If you want to make sure NM also works with oder pm-utils versions, you can do a
neat trick:
Run "disablehook 55NetworkManager" in your hook and install it as say
50NetworkManager.

On the other hand, I can also just add the --print-reply option to upstream
pm-utils.

Just let me know what you prefer.

FWIW, this change had an unfortunate side-effect, when root is looged in and the
at_console policy is used, see [1]


Cheers,
Michael

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608301



-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

Attachment: signature.asc
Description: OpenPGP digital signature

References:
- Re: NM and pm-utils sleep hook
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]