search

vmihalko / t2_polkit

Other
0 stars 0 forks source link

Polkit service cannot be started after meson installation #152

Open vmihalko opened 3 years ago

vmihalko commented 3 years ago

In GitLab by @jrybar on Jul 22, 2021, 10:40

Due to lib64 propagated into data/org.freedesktop.PolicyKit1.service.in:libprivdir and later /usr/share/dbus-1/system-services/org.freedesktop.PolicyKit1.service, the polkit.service loses dbus name as soon as it starts and terminates.

For tracking purposes only.

vmihalko commented 3 years ago

In GitLab by @smcv on Jul 22, 2021, 18:31

Huh, the changes from !85 are working fine for me in Debian experimental: our equivalent of lib64 is lib/x86_64-linux-gnu or similar, and I correctly get Exec=/usr/lib/polkit-1/polkitd --no-debug.

vmihalko commented 3 years ago

In GitLab by @jrybar on Jul 26, 2021, 19:59

No, it doesn't relate to !85, I've tried that out too.

OK, after some investigation, I can see the problem lies in updated version of dbus-broker in Fedora 33 Vagrant image I use for testing. I haven't tried that in regular official Fedora 33 image in VM though.

The real problem is in dbus-broker unable to load config files dropped by polkit until the unit or machine is restarted. I don't remember this happening in older images of Fedora.

Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: Noticed file-system modification, trigger reload.
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: Read access denied for service file '/usr/share/dbus-1/system-services/org.freedesktop.PolicyKit1.service'
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: Noticed file-system modification, trigger reload.
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: ERROR config_parser_include @ ../src/launch/config.c +1271: Permission denied
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: config_parser_read @ ../src/launch/config.c +1340
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: launcher_parse_config @ ../src/launch/launcher.c +1021
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: launcher_reload_config @ ../src/launch/launcher.c +1236
Jul 26 17:33:07 localhost.localdomain dbus-broker-launch[475]: launcher_on_dirwatch @ ../src/launch/launcher.c +154

I need to find out whether it's a problem with the file we drop or not, either way it is a problem for polkit since it cannot be run without dbus service restarted, which kind of complicates polkit's distribution.
Setting SELinux to permissive has no effect.

PS: the problem with lib64 propagation looks like I didn't clean up the vagrant image properly earlier :-E :D