Possible PolicyKit issues

Joe Marcus Clarke marcus at FreeBSD.org
Wed Apr 30 17:50:37 PDT 2008 

On Wed, 2008-04-30 at 16:30 -0400, David Zeuthen wrote:
> On Wed, 2008-04-30 at 16:21 -0400, Joe Marcus Clarke wrote:
> > David Zeuthen wrote:
> > > On Wed, 2008-04-30 at 13:52 -0400, Joe Marcus Clarke wrote:
> > >> David Zeuthen wrote:
> > >>> On Wed, 2008-04-30 at 13:44 -0400, Joe Marcus Clarke wrote:
> > >>>> Correct.  I think it does read all the data, then the stream puts out 
> > >>>> EOF which causes the helper to be called ad infinitum.
> > >>> I see. Mmm.. In that case, polkit_grant_io_func() can detect EOF
> > >>> (getline() returning -1) and then call the remove_watch() method
> > >>> supplied by polkit-gnome-manager.c right?
> > >> It could, but what's the difference between that and returning FALSE in 
> > >> the caller?  Both would result in the watch being removed.  And since 
> > >> the io_func reads the entire amount of data (until EOF) that shouldn't 
> > >> be a problem.
> > > 
> > > The PAM conversation happens over that fd and for some cases I don't
> > > think we read all the data at once. So there may be multiple calls to
> > > polkit_grant_io_func(). As such, returning FALSE won't work for all
> > > cases.
> > 
> > It looks like it will (read all data).  The polkit_grant_io_func() runs 
> > in a while loop waiting for readline to return -1.  I don't see that 
> > this function ever returns to the caller until readline returns -1 
> > (signifying EOF or some other error).  Am I misunderstanding something?
> 
> No, you're right, that's how it works right now. But in the future this
> function might return control back to the application and then it needs
> to be called again by the watch when the application goes to process the
> main loop. 
> 
> Anyway, the other main reason I'd like polkit_grant_io_func() to call
> remove_watch() as opposed to making io_watch_have_data() in
> polkit-gnome-manager.c return FALSE is because of the fact that
> PolicyKit-gnome is just one of many users of libpolkit-grant (others
> right now are: polkit-auth(1), the PolicyKit-kde project that some
> people are working on)

That works.  Adding this hunk to polkit-grant.c fixes the problem:

@@ -419,6 +420,8 @@ polkit_grant_io_func (PolKitGrant *polki
 
         if (line != NULL)
                 free (line);
+
+        polkit_grant->func_remove_watch (polkit_grant, polkit_grant->io_watch_id);
 }
 
 /**

Joe

> 
>      David
> 
> 
> _______________________________________________
> hal mailing list
> hal at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/hal
-- 
Joe Marcus Clarke
FreeBSD GNOME Team      ::      gnome at FreeBSD.org
FreeNode / #freebsd-gnome
http://www.FreeBSD.org/gnome
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part
Url : https://lists.freedesktop.org/archives/hal/attachments/20080430/bc8880f3/attachment.pgp

More information about the hal mailing list
OSZAR »