Hi, I'd like a review for my fix for bug
6699794 <http://monaco.sfbay/detail.jsf?cr=6699794> [vermillion tjds] double clicking on computer icon in labeled workspace reports error Analysis: --------- The problem is that the D-Bus session environment variable is being inherited from the global zone into the user's labeled zones. The gvfs modules that provide the computer view, trash view etc. require a dbus session socket and try to access the dbus session socket which is defined by the environment variabe "DBUS_SESSION_BUS_ADDRESS" which looks something like this: DBUS_SESSION_BUS_ADDRESS=unix:path=/tmp/dbus-xcCQa2PVBL,guid=4a6a0cfee620120f6d2ea3c2482aeb38 This is is the socket that exists in the global zone however and is not accessible inside a labeled zone so gvfsd fails. A separate dbus session daemon needs to be running in each labeled zone the user operates in and DBUS_SESSION_BUS_ADDRESS should not be inherited from the global zone. The fix requires changes to both the trusted stripe and tsoljds-xagent that the stripe launches. The changes for tsoljds-tstripe were already committed to the tsoljds-tstripe module yesterday. The xagent changes complete the fix. tsoljds-tstripe --------------- Before starting an xagent-proxy for labelled zones or an xagent for role accounts in the global zone all DBUS related environment variables need to be unset to avoid the xagent inheriting them incorrectly. Index: xagent-management.c =================================================================== --- xagent-management.c (revision 9) +++ xagent-management.c (working copy) @@ -832,9 +832,8 @@ umask (deflogin.umask); /* get the global zone hostname */ - /* FIXME - we are not tsoldtwm */ if (uname (&uname_ent) == -1) { - perror ("tsoldtwm: uname failed"); + perror ("tsoljds-tstripe: uname failed"); } /* * User just added a new workspace at different SL so, we @@ -899,12 +898,18 @@ if (agent->role_user) { g_unsetenv ("SESSION_MANAGER"); g_unsetenv ("GNOME_KEYRING_SOCKET"); + g_unsetenv ("DBUS_SESSION_BUS_ADDRESS"); + g_unsetenv ("DBUS_SESSION_BUS_PID"); + g_unsetenv ("DBUS_SESSION_BUS_WINDOWID"); execl ("/usr/bin/tsoljds-xagent", "tsoljds-xagent", "--defaultsession", 0); } else { execl ("/usr/bin/tsoljds-xagent", "tsoljds-xagent", "--nosession", 0); } } else { g_unsetenv ("SESSION_MANAGER"); + g_unsetenv ("DBUS_SESSION_BUS_ADDRESS"); + g_unsetenv ("DBUS_SESSION_BUS_PID"); + g_unsetenv ("DBUS_SESSION_BUS_WINDOWID"); escalate_inherited_privs (); if (agent->role_user) execl ("/usr/bin/tsoljds-xagent-proxy", "tsoljds-xagent-proxy", zoneidstr, "role", 0); tsoljds-xagent: --------------- Because dbus-daemon will initially not be running, the xagent needs to launch the dbus session daemon. Convenience functions for launching and terminating dbus-daemon already exist so we use those. They also export DBUS_SESSION_BUS_ADDRESS correctly into the user's environment in the labeled zone. > SUNWtgnome-xagent/gnome-session-2.22.1.1/gnome-session bash-3.2$ diff -u Makefile.am Makefile.am-new --- Makefile.am 2008-05-16 15:57:24.500618000 +0100 +++ Makefile.am-new 2008-05-16 16:09:15.879308000 +0100 @@ -146,6 +146,8 @@ remote.h \ ice.c \ ice.h \ + gsm-dbus.c \ + gsm-dbus.h \ gsm-keyring.c \ gsm-keyring.h \ splash-widget.c \ bash-3.2$ diff -u tsoljds-xagent.c tsoljds-xagent.c-new --- tsoljds-xagent.c 2008-05-16 15:57:24.501917000 +0100 +++ tsoljds-xagent.c-new 2008-05-16 16:07:36.020084000 +0100 @@ -37,6 +37,7 @@ #include "ice.h" #include "headers.h" #include "save.h" +#include "gsm-dbus.h" #include "gsm-keyring.h" gint purge_delay = 30000; @@ -265,6 +266,7 @@ GIOChannel *channel; guint result; Session *session; + gboolean dbus_daemon_owner; static gboolean first_startup= TRUE; /* redirect stdout and stderr to /dev/null */ @@ -280,6 +282,8 @@ atexit (AtExit); } + dbus_daemon_owner = gsm_dbus_daemon_start (); + if ((argc > 1) && !(strcmp (argv[1], "--defaultsession"))) default_session = TRUE; @@ -388,6 +392,10 @@ (GIOFunc)handle_pipe_input, NULL, so_long_pipe); gtk_main (); + if (dbus_daemon_owner) { + gsm_dbus_daemon_stop (); + } + return 0; } Thanks, Niall.
