GNOME Bugzilla – Bug 702588
broken dbus access control
Last modified: 2018-05-24 10:52:58 UTC
in daemon/gdm-display.c we have: display->priv->slave_bus_proxy = GDM_DBUS_SLAVE (gdm_dbus_slave_proxy_new_sync (display->priv->connection, G_DBUS_PROXY_FLAGS_NONE, ...); This is denied by the current DBus policy because nothing permits us to send_interface=org.freedesktop.DBus.Properties on the slaves. Really gdm should ditch the broken DBus access control and switch to checking caller == uid0 per method call. That aside, so this code doesn't work now: g_object_bind_property (G_OBJECT (display->priv->slave_bus_proxy), "session-id", G_OBJECT (display), "session-id", G_BINDING_DEFAULT); I guess the idea was that the slave determines its session-id and exports that on the bus, but...needs investigation.
Also, if we allow that interface through then GDM stops working (maybe because of the session-id thing)
*** Bug 704377 has been marked as a duplicate of this bug. ***
Oh, I forgot to mention on the other bug; I have bisected the error message "gdm[11439]: Failed to give slave programs access to the display. Trying to proceed." to the commit https://mail.gnome.org/archives/commits-list/2012-October/msg00304.html Is this information of any use? Reverse applying that commit removes that error.
Oh that message is harmless these days. it was harmful in the commit you mentioned and harmless since: https://git.gnome.org/browse/gdm/commit/?id=2bd38e811f7f8194898ab4321eba36737729a493 We should probably make it a debug message now, so it doesn't trigger any alarms for people looking through the logs.
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gdm/issues/146.