Fix Fedora Polkit #687
Open
Fix Fedora Polkit #687
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@principis What do you think of that? |
|
Works flawlessly, can confirm from Fedora 36. Thanks so much! |
|
So, do I only need to modify |
|
Yes, just change the line 44 of status = subprocess.call(["/usr/bin/python3 " + os.path.dirname(os.path.abspath(__file__)) + "/compare.py " + pamh.get_user() + " &> /dev/null"], shell=True) |
|
this is fantastic, thanks, +1 for merging or copr repo hotfix |
|
I can confirm that this also worked for my installation. |
|
I'll add this in the copr repo. |
|
Is polkit exclusive to Fedora, or is it a Gnome thing? |
|
The next release of Howdy will completely remove pam.py to move over to a compiled pam_howdy.so and drop the dependency on pam-python. This file is now gone on the beta branch. Is it worth merging this into master still? |
|
@wheelerlaw A Gnome thing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a fix for the issue #630
If think that on Fedora, polkit detect that the subprocess
compare.pyis created and to avoid security issue it is killed.However, if we run this subprocess through a shell instance, this is no more a problem.
So this fix is not really clean, but it works.
In order to provide a proper solution, I think we need to investigate polkit to create a policy or something like that. But personally, I don't know anything about it, and this seems complex. It is also possible that there is no such thing and that it is simply a bug.
I made the modification from the tag of the current version of Howdy: v2.6.1.
In order to provide this fix for Fedora users we have several choices:
fedora-polkitbranch of my fork, which is temporarily used as source. The version on Fedora would become 2.6.1-7