From unknown Wed Jun 18 23:10:05 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#71969 <71969@debbugs.gnu.org> To: bug#71969 <71969@debbugs.gnu.org> Subject: Status: [PATCH] Support interactive D-Bus authentication Reply-To: bug#71969 <71969@debbugs.gnu.org> Date: Thu, 19 Jun 2025 06:10:05 +0000 retitle 71969 [PATCH] Support interactive D-Bus authentication reassign 71969 emacs submitter 71969 Steven Allen severity 71969 wishlist tag 71969 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Sat Jul 06 03:54:14 2024 Received: (at submit) by debbugs.gnu.org; 6 Jul 2024 07:54:14 +0000 Received: from localhost ([127.0.0.1]:45530 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ0FJ-0005mL-FU for submit@debbugs.gnu.org; Sat, 06 Jul 2024 03:54:14 -0400 Received: from lists.gnu.org ([209.51.188.17]:37548) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ0FH-0005mD-FS for submit@debbugs.gnu.org; Sat, 06 Jul 2024 03:54:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ0FD-0001QU-JZ for bug-gnu-emacs@gnu.org; Sat, 06 Jul 2024 03:54:07 -0400 Received: from fhigh5-smtp.messagingengine.com ([103.168.172.156]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ0FB-0001Tk-7C for bug-gnu-emacs@gnu.org; Sat, 06 Jul 2024 03:54:07 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailfhigh.nyi.internal (Postfix) with ESMTP id E31531140323 for ; Sat, 6 Jul 2024 03:54:01 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 06 Jul 2024 03:54:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:content-type:content-type:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:subject:subject:to:to; s=fm1; t=1720252441; x=1720338841; bh=/FjzX4G7yDhf4rp9HpwPZoW9CRpM/yC3 X5XJjjUef/A=; b=FTUY0j6dr7c0D2R4Yr8IezMxyEabb3aaR8fDkOe0GSgva6/i EeDzOs9FfzbH82jyRrkjJFXORL0bgtruRposMJlI0REPgaLKnuhZAojF76dCUwEf BAvs2DEX56b/arwkrRQbkNQncdFzpjIsCU+bOHI5b+7lvNrPIB+rz/g7EpThABjy d5EpR9wzybpMU9HPw4oDfmDD553ETeT6kB8QWBe4fSm/r2zrnrrORE2GWFJ+nnnH n99ood8hUZhotrfTYDLKqlyPXmVd90r4c5TCSa+Io0x+uaMES+kyQTH7Wz9In2xl VivJhDZI1p5AaHFjxPjQ7mr6eGJI5vHmjdhoiw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1720252441; x=1720338841; bh=/FjzX4G7yDhf4rp9HpwPZoW9CRpM/yC3X5X JjjUef/A=; b=FaUmdmwtISRhq5/DFxyPHwTMo+7hoacR6K3AeTD7zGQjyhXCayL jRUZC3eFzpYBk9rssFIYkO9bu9Va8zxYQzjgl79XjWidl6q8Oii/iHbgfmaTzRid Aq+VGsRyYFepwPPWbTN8Zq2x5BclhnakMnPvWccvZmJEqBRBt+3s32JcJ1L1piSg UI++c/3U6b+ICClI3GrYXXx440rlj/YXNRNX4pzj97tTF1XXhJW43qkl69GJY/Sv 0BZbC4TmZOVfn0qhQT/RCzDZCWLVC62YspcIUyID/r2yj9q1sZpESR1UzDOJc13y y6YUTnIrwT946+YSErrxyMSO4j8Phj2MYpQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvddvgdduvdegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkgggtsehmtderredttd dtnecuhfhrohhmpefuthgvvhgvnhcutehllhgvnhcuoehsthgvvhgvnhesshhtvggsrghl ihgvnhdrtghomheqnecuggftrfgrthhtvghrnhepkefffffgveethedtieffleffgeekvd eiieegheeftdetjeekfefhvedttdekfeffnecuvehluhhsthgvrhfuihiivgeptdenucfr rghrrghmpehmrghilhhfrhhomhepshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhm X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sat, 6 Jul 2024 03:54:01 -0400 (EDT) From: Steven Allen To: bug-gnu-emacs@gnu.org Subject: [PATCH] Support interactive D-Bus authentication Date: Sat, 06 Jul 2024 09:53:58 +0200 Message-ID: <877cdzklbd.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Received-SPF: pass client-ip=103.168.172.156; envelope-from=steven@stebalien.com; helo=fhigh5-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.6 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.6 (--) --=-=-= Content-Type: text/plain When invoking D-Bus methods, let the user enable interactive authorization by passing an :authenticate t parameter. This makes it possible to D-Bus methods that require polkit authorization. Alternatively, we could allow interactive authorization unconditionally, but I'd prefer to leave it up to the caller. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Support-interactive-D-Bus-authentication.patch >From fa996a3363e9bcefb547c2a587d55b279d44c5dd Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Thu, 4 Jul 2024 20:45:07 +0200 Subject: [PATCH] Support interactive D-Bus authentication When invoking D-Bus methods, let the user enable interactive authorization by passing an :authenticate t parameter. This makes it possible to D-Bus methods that require polkit authorization. * src/dbusbind.c (dbus-message-internal): Allow interactive authorization by passing :authenticate t. * lisp/net/dbus.el (dbus-call-method-asynchronously): Document the new parameter. * doc/misc/dbus.texi (Synchronous Methods, Asynchronous Methods): Document the new parameter. --- doc/misc/dbus.texi | 12 ++++++++++-- etc/NEWS | 6 ++++++ lisp/net/dbus.el | 8 ++++++++ src/dbusbind.c | 26 ++++++++++++++++++++------ 4 files changed, 44 insertions(+), 8 deletions(-) diff --git a/doc/misc/dbus.texi b/doc/misc/dbus.texi index e5d867acd40..9bde8cbc76b 100644 --- a/doc/misc/dbus.texi +++ b/doc/misc/dbus.texi @@ -1208,7 +1208,7 @@ Synchronous Methods be called, and a reply message returning the resulting output parameters from the object. -@defun dbus-call-method bus service path interface method &optional :timeout timeout &rest args +@defun dbus-call-method bus service path interface method &optional :timeout timeout :authenticate auth &rest args @anchor{dbus-call-method} This function calls @var{method} on the D-Bus @var{bus}. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1223,6 +1223,10 @@ Synchronous Methods call doesn't return in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authenticate} is given and the following +@var{auth} is non-nil, the invoked method may interactively prompt the +user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. @@ -1302,7 +1306,7 @@ Asynchronous Methods @cindex method calls, asynchronous @cindex asynchronous method calls -@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout &rest args +@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout :authenticate auth &rest args This function calls @var{method} on the D-Bus @var{bus} asynchronously. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1321,6 +1325,10 @@ Asynchronous Methods no reply message in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authenticate} is given and the following +@var{auth} is non-nil, the invoked method may interactively prompt the +user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. diff --git a/etc/NEWS b/etc/NEWS index 3d2b86cfb6a..fd6e3737eb8 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom-image'. * Lisp Changes in Emacs 31.1 ++++ +*** Support interactive D-Bus authentication +A new ':authenticate t' parameter has been added to 'dbus-call-method' +and 'dbus-call-method-asynchronously' to allow the invoked D-Bus method +to interactively authenticate the user (e.g., via polkit). + * Changes in Emacs 31.1 on Non-Free Operating Systems diff --git a/lisp/net/dbus.el b/lisp/net/dbus.el index dd5f0e88859..749a12b5368 100644 --- a/lisp/net/dbus.el +++ b/lisp/net/dbus.el @@ -297,6 +297,10 @@ dbus-call-method method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authenticate' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: @@ -427,6 +431,10 @@ dbus-call-method-asynchronously method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authenticate' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: diff --git a/src/dbusbind.c b/src/dbusbind.c index 35ce03c7911..6037112cfe7 100644 --- a/src/dbusbind.c +++ b/src/dbusbind.c @@ -1314,7 +1314,7 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, `dbus-call-method', `dbus-call-method-asynchronously': (dbus-message-internal dbus-message-type-method-call BUS SERVICE PATH INTERFACE METHOD HANDLER - &optional :timeout TIMEOUT &rest ARGS) + &optional :timeout TIMEOUT :authenticate AUTH &rest ARGS) `dbus-send-signal': (dbus-message-internal @@ -1512,12 +1512,23 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, XD_SIGNAL1 (build_string ("Unable to create an error message")); } - /* Check for timeout parameter. */ - if ((count + 2 <= nargs) && EQ (args[count], QCtimeout)) + while ((count + 2 <= nargs)) { - CHECK_FIXNAT (args[count+1]); - timeout = min (XFIXNAT (args[count+1]), INT_MAX); - count = count+2; + /* Check for timeout parameter. */ + if (EQ (args[count], QCtimeout)) + { + CHECK_FIXNAT (args[count+1]); + timeout = min (XFIXNAT (args[count+1]), INT_MAX); + count = count+2; + } + /* Check for authenticate parameter. */ + else if (EQ (args[count], QCauthenticate)) + { + dbus_message_set_allow_interactive_authorization + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); + count = count+2; + } + else break; } /* Initialize parameter list of message. */ @@ -1895,6 +1906,9 @@ syms_of_dbusbind (void) /* Lisp symbol for method call timeout. */ DEFSYM (QCtimeout, ":timeout"); + /* Lisp symbol for method interactive authentication. */ + DEFSYM (QCauthenticate, ":authenticate"); + /* Lisp symbols of D-Bus types. */ DEFSYM (QCbyte, ":byte"); DEFSYM (QCboolean, ":boolean"); -- 2.45.2 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sat Jul 06 07:55:17 2024 Received: (at submit) by debbugs.gnu.org; 6 Jul 2024 11:55:17 +0000 Received: from localhost ([127.0.0.1]:45697 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ40b-0006eY-3C for submit@debbugs.gnu.org; Sat, 06 Jul 2024 07:55:17 -0400 Received: from lists.gnu.org ([209.51.188.17]:42316) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ40Z-0006eQ-Rg for submit@debbugs.gnu.org; Sat, 06 Jul 2024 07:55:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ40V-0005Pe-R2 for bug-gnu-emacs@gnu.org; Sat, 06 Jul 2024 07:55:11 -0400 Received: from mout.gmx.net ([212.227.17.22]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ40P-0005hS-7A for bug-gnu-emacs@gnu.org; Sat, 06 Jul 2024 07:55:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720266892; x=1720871692; i=michael.albinus@gmx.de; bh=IEgc5gFpGRXTXnDj3rlnBW44OBFtvjPk5h1l1fAQGpY=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=j1+hqYbDZ77qpQOH2XnpBCPqnIkfJVEgwl2Q8MDtDol7cft+2vVkLgsv8Se3jmT6 c7BGnQfbRoxO3dT1YftU0PS1HwJXgqNSzn8FjE5E1RG7DUXI103JhkLevOpLGvZzR 1uUhOdhDSj8MDf+mM38uTJOo8ap4Ot7KB/IyM+ze4HgB7DzxLD5Q+yrrbxjwZWXia e2XRuEjtyBEVRSlMGaPC0cDGNwVwp14wjDMj9Sj60N4lfFmOjP8Tt720dlsnQ1hwX 3wWoVcCtoRlNQWhFn3lkdbo3+haWmc2zDQIBP25vmm5ur3kLRiJqbqrsttQht+6Fp je79AT+WU4x9A/9/OA== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MeCtj-1rsNwZ08xT-00cYqs; Sat, 06 Jul 2024 13:54:52 +0200 From: Michael Albinus To: Steven Allen via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <877cdzklbd.fsf@stebalien.com> (Steven Allen via's message of "Sat, 06 Jul 2024 09:53:58 +0200") References: <877cdzklbd.fsf@stebalien.com> Date: Sat, 06 Jul 2024 13:54:49 +0200 Message-ID: <87o77a20s6.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:eU3YT0G4wnixyfcrVmERJldADaW+M6qU3MOcMbRGpVirVGMvHAM /U0GphpC1iEKjy5OB+yKGNrDc9k+MaXmLMLEqKQg1jjbCPKRbJDnw+xKdPNrmv5gROVVw/C gv8tczR6yY1Uw3wp700g8s53LNm4Vcw0PItW+GNRUXiz8nJThbfYwtuU/EsEXa1z/SnK3HO gJj7/TY4gWiLPBPYO68dg== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:PjR5cygnNyE=;Vma6Tk1Zo97mz8zYN8f17hVTcTL t2vvEQl3q0drlsIJteABE7KwtBhpHM67juXctwPAMcOCAh2QyOTUWdQ21XnUsyih2uMcVxbwK IjWz1Cynp13NkoV1jP5m5VVnjmToqplNbkiMoLi9WpYlSmBWw1y7WSPrJnszX0PFyAumdjUq/ gFMMQp42ioJri/FoL6uJRgzCDITKxBXwg/GGiKCcIB81DOE4eJIZP4kiJjtBIuZLeSjTl0Wqw zW3Vdiaxh29DbGpiYQTMdv0Pp33Gv3jGd11oXoCgIZV1jAcntnoxoHJ/5a8Ybl9MgBFLkwXZi c4HByFk1f3EaK6ILR/JYOMrCv6n7Fxn+skKl+XH02t7d95brBUjH+ubBnnsWI6s9NBoochz8G jD26Hl7LLBoWKUZTCkOGruNy0+nI+7LO8C99hskILs6jnuEtIhwugn5xm3mUmK5JO3djTRZSG s7pxp+N8MrgSG9zh0VW5Ao258GAfSqAsSy0MYA5Mw/VClzq/JNnNHoCB8JK6xu1lBGbqubfzf CD60K1nP0kyfzOIoiI1FWFUYQP45TW9PhXZ3f6MFgk0vFLYrMemAbXT52rwxWsgYlNiGNe7zk FcD7vlIZeiyJ3/FJRgQjfmfCTANSszEe5zinrFDvBNyu1puLcdncLHl3cfq5bMbfjHSjw/wQv ECM+9bT5cWU5ogdKcM8upaF15Ps52voc+WwlefG1PvzTpzDo+OkN3VmmCwwCd9kXMN2xzeEKM Acjt8cuDeAJQOnFC2x1Bkaahwo9/lkeExbJ3CAsFI24mtkqUZd7G7imQKT1i9Cv/T0eQF1F64 GS2ct+GsiYqk5s3HOoRP4NSjtfbseFVXoxRmP8Bjz2jmQ= Received-SPF: pass client-ip=212.227.17.22; envelope-from=michael.albinus@gmx.de; helo=mout.gmx.net X-Spam_score_int: 12 X-Spam_score: 1.2 X-Spam_bar: + X-Spam_report: (1.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: 2.2 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen via "Bug reports for GNU Emacs, the Swiss army knife of text editors" writes: Hi Steven, > When invoking D-Bus methods, let the user enable interactive > authorization by passing an :authenticate t parameter. This makes it > possible to D-Bus methods that require polkit authorization. Content analysis details: (2.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [209.51.188.17 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) X-Debbugs-Envelope-To: submit Cc: 71969@debbugs.gnu.org, Steven Allen X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.2 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen via "Bug reports for GNU Emacs, the Swiss army knife of text editors" writes: Hi Steven, > When invoking D-Bus methods, let the user enable interactive > authorization by passing an :authenticate t parameter. This makes it > possible to D-Bus methods that require polkit authorization. Content analysis details: (1.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [209.51.188.17 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Steven Allen via "Bug reports for GNU Emacs, the Swiss army knife of text editors" writes: Hi Steven, > When invoking D-Bus methods, let the user enable interactive > authorization by passing an :authenticate t parameter. This makes it > possible to D-Bus methods that require polkit authorization. Thanks for the patch, it looks interesting. Since I've never used D-Bus interactive authentication, could you pls provide an example that I could see it in action? I'm running Fedora 40, if that matters. Bonus point, if you could add a test to dbus-tests.el. > Alternatively, we could allow interactive authorization unconditionally, > but I'd prefer to leave it up to the caller. Agreed. > From fa996a3363e9bcefb547c2a587d55b279d44c5dd Mon Sep 17 00:00:00 2001 > From: Steven Allen > Date: Thu, 4 Jul 2024 20:45:07 +0200 > Subject: [PATCH] Support interactive D-Bus authentication > > When invoking D-Bus methods, let the user enable interactive > authorization by passing an :authenticate t parameter. This makes it > possible to D-Bus methods that require polkit authorization. Do you mean authorization or authentication? I guess authorization. Pls change all places consistently. > +++ b/src/dbusbind.c > @@ -1512,12 +1512,23 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, > XD_SIGNAL1 (build_string ("Unable to create an error message")); > } > > - /* Check for timeout parameter. */ > - if ((count + 2 <= nargs) && EQ (args[count], QCtimeout)) > + while ((count + 2 <= nargs)) > { > - CHECK_FIXNAT (args[count+1]); > - timeout = min (XFIXNAT (args[count+1]), INT_MAX); > - count = count+2; > + /* Check for timeout parameter. */ > + if (EQ (args[count], QCtimeout)) > + { > + CHECK_FIXNAT (args[count+1]); > + timeout = min (XFIXNAT (args[count+1]), INT_MAX); > + count = count+2; > + } > + /* Check for authenticate parameter. */ > + else if (EQ (args[count], QCauthenticate)) > + { > + dbus_message_set_allow_interactive_authorization > + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); > + count = count+2; > + } > + else break; I guess, we shall check only in case the message type is DBUS_MESSAGE_TYPE_METHOD_CALL. Otherwise, if there is a :timeout or :authorize keyword, we shall raise an error. Furthermore, does exist dbus_message_set_allow_interactive_authorization "since ever"? Or shall we check for the existence in configure.ac, like we do it with other dbus_* functions? Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Sat Jul 06 10:54:14 2024 Received: (at submit) by debbugs.gnu.org; 6 Jul 2024 14:54:14 +0000 Received: from localhost ([127.0.0.1]:46549 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ6nm-0003Br-6Y for submit@debbugs.gnu.org; Sat, 06 Jul 2024 10:54:14 -0400 Received: from lists.gnu.org ([209.51.188.17]:37650) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ6nk-0003Bj-41 for submit@debbugs.gnu.org; Sat, 06 Jul 2024 10:54:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ6nf-0003oJ-Ry for bug-gnu-emacs@gnu.org; Sat, 06 Jul 2024 10:54:07 -0400 Received: from mout.gmx.net ([212.227.17.21]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ6ne-0008LU-03 for bug-gnu-emacs@gnu.org; Sat, 06 Jul 2024 10:54:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720277633; x=1720882433; i=michael.albinus@gmx.de; bh=+CkVfHiYQkJgN4/m+rTIcABv/9fCUABxCjN24kETU8Q=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=gF5A9CP1X5n7Lxtf8/7XnDFpT/FZgFAEeXzvpFu1hrWo4s8t3gTX+4JJ0y1++zyX V0rxDbKzVBIrbgd3sKlI1EpjRs8/a31C5WBEBzLqwhNxpifNBalKJY34GHX/uTmP+ zlIywreSNcPvWbuBi9Mu4C1suX4faZYXAlBIqv+MtPiqXKgNChagXm95Do4JRxLS/ MUYB3c98B5/MPK9i3GOS2bK1OEbKkyfZutreR1GsRL8lM4UEx2XzctJq9+74QTtE6 FutMrfRtG0Jm8HtX2soICue7bB4z43l5uUqCa0c7SNlx9VMHUZrnuaylgxIWmIyN5 gdM3t5U4NAcvTCIrOQ== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MNt0C-1sjoTp2DTk-00SHlM; Sat, 06 Jul 2024 16:53:53 +0200 From: Michael Albinus To: Steven Allen via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87o77a20s6.fsf@gmx.de> (Michael Albinus's message of "Sat, 06 Jul 2024 13:54:49 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> Date: Sat, 06 Jul 2024 16:53:50 +0200 Message-ID: <87frsm1sht.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:P7kMmqK0dmgsXw19BOS3AqqZJcy1iVepziX2KfRHLnodCn2378Q PveOZ+paIArHwCpnvN2IU3dM2f/EIFV92T+tDVmIzVeaiDR5Sn7dPsm4fs9a9LSZrwGnIsa L5P8b3/RDd0uMeK6epSR4QQbh8QQLiBQTwGhKOYkDNL83D9y+69bQe84Km0ISyKtAo30QPw POXluOYOZ96fwTCg0I7yA== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:+o7hn02KmI4=;/zQF+Ll7PmAd+cxp+0VbFA5TeZT MvfWb9rbxAx0/sgi5WiOGSovQLAVJg2X8HO6oJtWvkhEtteVpf7+cpd8Wbv9mlLLZ+OHWPPmJ gpM0icgFuWbiA7CC0DKLIPCOfnF/mtuNSaOUL2gsP0P2xQPR3TJoF9cfwMKUCfTvBtfKGA3jH vL5FYs5Ad7qN+aBARez+NIzqW4TleX0wlchDUqC13oPU1w7tZKNrEt1Pz7yidYqStsNf/XbT7 n3ju6jNZLUCVAgZ25fRYbqz/T7W55RZ9SLiMQq2wb/2l9h6XmVZtwsQ624hVJoiobocTX1sNG z4OJCxs7/+MMaG/JTDNKJdv+9w9VmQuauTbCuXBJsg7ZREcPnylG65MOdd8LNIudsb9dywiHV fpwH0EFDYdXJ2r1tf6y5uQjXGLzWRt202BnEPbZmiuuzqE4hsB6cJi1Vv4HZlbBdXN7ikp4WQ lQDhURCpUDdvafBfCNMHlBj1579rcpIryatwIK2rClPo5KzIK8vgH3IIIyU8R0k3T3xnWix+g ygGdAnbZ5JXlNSmdGUGA1PMgbhYk/FOxuI6eIOOI3B0F8ptVI98fdja4Oh0uOd69LrzCRxqIq QyV4OkbrsgbQeCsf44rmk7KZDpjsOxOfI75cR+/VHtSwsFaYBnWcPNCj5KMZsBQXjTH6rtZVg U/Q/wdVaJOD4RxFz61LLhEo6UjIGSf8bZGPefqWAETe9bqKaXReSq8sIWTpFXNMQOoqz2TpZ4 +RccR57KX4K3XaQMdbrjlGwKHnpMKdZq/q2Vh6ZjIU6vfG0SrKDlD7bKRtVTBNmL8uNrTMLAt qzRhoFSeaHxcKMUf5+sznv2m4GU7k5Z2b0iNvHor4R++Q= Received-SPF: pass client-ip=212.227.17.21; envelope-from=michael.albinus@gmx.de; helo=mout.gmx.net X-Spam_score_int: 5 X-Spam_score: 0.5 X-Spam_bar: / X-Spam_report: (0.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: 2.2 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Michael Albinus writes: Hi Steven, > Furthermore, does exist dbus_message_set_allow_interactive_authorization > "since ever"? Or shall we check for the existence in configure.ac, like > we do it with other dbus_* functions? Content analysis details: (2.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [209.51.188.17 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) X-Debbugs-Envelope-To: submit Cc: 71969@debbugs.gnu.org, Steven Allen X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.2 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Michael Albinus writes: Hi Steven, > Furthermore, does exist dbus_message_set_allow_interactive_authorization > "since ever"? Or shall we check for the existence in configure.ac, like > we do it with other dbus_* functions? Content analysis details: (1.2 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [209.51.188.17 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Michael Albinus writes: Hi Steven, > Furthermore, does exist dbus_message_set_allow_interactive_authorization > "since ever"? Or shall we check for the existence in configure.ac, like > we do it with other dbus_* functions? I've just checked the dbus git repo. dbus_message_set_allow_interactive_authorization was added in D-Bus 1.8.10, so we need a check in configure.ac. Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Sat Jul 06 10:58:09 2024 Received: (at 71969) by debbugs.gnu.org; 6 Jul 2024 14:58:09 +0000 Received: from localhost ([127.0.0.1]:46555 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ6rZ-0003Hv-2m for submit@debbugs.gnu.org; Sat, 06 Jul 2024 10:58:09 -0400 Received: from eggs.gnu.org ([209.51.188.92]:60802) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ6rY-0003Hj-39 for 71969@debbugs.gnu.org; Sat, 06 Jul 2024 10:58:08 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQ6rO-0000iW-Ib; Sat, 06 Jul 2024 10:57:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=5+tx4XFMou+wbR4VaKsGvMpnqIl+qkmx1mbqwX3tpQA=; b=jCoB6NdJAOta /FwDL40/Vfr3/1dZrXpGFnec+cguZfUWCrnLvd6ucb7Tf+oqMcaDH9hOBgs0vAuEVb0BxYdDMLI+e tKjr+EQo92uRw3ZBRczAVIqTg+TH3lvSI4LqKi8xNIvk6Knp06r+wgrzLICL5BbrHMX4C4WqGuiUf gri8UERba7t/74NHP2ba5fBlpUmL2fbqZFaPh3yr5LM9vf5jyVA+MU/lmxxbVhJFW+9OlLB/5552X nsF2go+t8ox3oTApNJjwCIsqz4ycaCZyJgfpKC4aFIzbdHDu6ArJeu5N7rZPbaEZbeDcW1rCpst75 43oKpHphjdXuCRTW/xqsjw==; Date: Sat, 06 Jul 2024 17:57:54 +0300 Message-Id: <86v81i36vh.fsf@gnu.org> From: Eli Zaretskii To: Michael Albinus In-Reply-To: <87frsm1sht.fsf@gmx.de> (bug-gnu-emacs@gnu.org) Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 71969 Cc: 71969@debbugs.gnu.org, steven@stebalien.com X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > Cc: steven@stebalien.com > Date: Sat, 06 Jul 2024 16:53:50 +0200 > From: Michael Albinus via "Bug reports for GNU Emacs, > the Swiss army knife of text editors" > > > Furthermore, does exist dbus_message_set_allow_interactive_authorization > > "since ever"? Or shall we check for the existence in configure.ac, like > > we do it with other dbus_* functions? > > I've just checked the dbus git repo. > dbus_message_set_allow_interactive_authorization was added in > D-Bus 1.8.10, so we need a check in configure.ac. Is this really a build-time condition, not a run-time condition? Can we know in advance which version of D-Bus will be used at run time? From debbugs-submit-bounces@debbugs.gnu.org Sat Jul 06 11:25:14 2024 Received: (at 71969) by debbugs.gnu.org; 6 Jul 2024 15:25:14 +0000 Received: from localhost ([127.0.0.1]:46578 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ7Ha-00045R-Jp for submit@debbugs.gnu.org; Sat, 06 Jul 2024 11:25:14 -0400 Received: from mout.gmx.net ([212.227.17.21]:33365) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQ7HX-00044o-AC for 71969@debbugs.gnu.org; Sat, 06 Jul 2024 11:25:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720279487; x=1720884287; i=michael.albinus@gmx.de; bh=XR9NtQdSv7dlfDI2SIBEUauulETwSqWs5E7o0Us/lAQ=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=GHouT+7xNUTmghm40YWMpPqBKEr1/A0KmAEHIxOUSk53d8K1fHNy6zTDQcihSPoU 6AKz+ORLOC7irTB8lzDxM5qi08gCa3Xp0CVtm4hsDkp3NClELFpKjenNxzNd5zKBV p9QnAptwf/9xo4hL3G1yKGnYzLS15FdVorjxma3irXg62bsbPbXbw8Tc4CkjFJriL yadDkTHhRRqh7Hz8hywosuxoNFyM6AiMS+sT0vRglFDkNnsXy/pKfc/Y3zYAuCgop 7Aw9mbrv14aPc35EJcmcJH1wgpxylxLzgjQDduzDi6JWrqgaMD/UZYIQprVWjAFWc 7mtl1OC//aWspPYLxQ== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1N3se8-1sHLos3bgu-012iX9; Sat, 06 Jul 2024 17:24:47 +0200 From: Michael Albinus To: Eli Zaretskii Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <86v81i36vh.fsf@gnu.org> (Eli Zaretskii's message of "Sat, 06 Jul 2024 17:57:54 +0300") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> Date: Sat, 06 Jul 2024 17:24:45 +0200 Message-ID: <877cdy1r2a.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:L/h3HoadxsAiS2B8hFqzrJzMK6GatW5gHIwcrT7QbhM8y4F1uhI 3GP6+O6GqFlpEgW+3E8O8eikPX/oVWI6jwDR+VTxC+/ViO4dlFyL5nYXgIQDNExl6wzKywh eHGzDU75/r0pC4c16Dqh/5ufK5CkWSEmlpcqf+ZZ95/7XX3AEGGBLHXmzspSoPTPGwFgJMw hVJp6WQB9lI19Y6QN2BZw== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:73ZwmCKs2Fk=;GG1IqFFQxM2Q6cMk5/ppAwOFZIM uNJlxs9WQTfQ1LkEC4HPAOBNtnPNOlaohpyawkSn+koGSVVGsjc1g2O6RAGNCzFlyNxoh5/R3 rhDhLGhL130edl2bKuV6l7ztgspoCCcuVcfp2lUrxO8JgUThTcSZWzv3jKgjA9wQxR4ds4qKQ hj8CKU/DZpznmaOMPha9s4AF24YIjkjbc8NOM/TLYr2cSMWPVmkUPIuZIt4bPXNVzWv38u+HF 7gJ49jmtzacUB8Y0L16/snmJwZP+L9uAnPHZlhu0FKHF4Q901HzX+7Xx4MKY5nzhD3ad9jdrW NIUBoRSda8c6waA5cEAc+lIEyxDVvSfTHGV694BTUlt98LoO4fEheB4hIaGzhEpRi4zQZ5cQ6 yNNQdJmUQMsIh0Tqb43pcRdrvZOv8Ls1vnzTLosL87ubB5K+FahiS6kdfrxC9T4xGU5sb4k03 rIFmCpNyRquRCyXFmvc8Y2R2YSyG9G/RliOA+MXxTzwN4D69xsZHE4BkaJ9UEFHPvv3Aqyzdy hWAw6aEyfQj4IpnPXJc0+P1c60aQDX/GGpG3CuRjnFDcfGG7Hz9t9qVIKRxcCJ8817LjUuZ+t HswgkiNdgbVVjLc5G0P9rAeV6TjHozvXyRyK+ccMP1OkQo4NJYJrah34uukkmN1pCZ5qTZniv 0+jOh1MZfkdYJpPWrIba93gplgTFxjN609fEADiihWEYzLHPsPgx3nWRZ0kph3TE1JwEAsUPP lKSUT6huus52I7yIXNh5UXBTzrB8kLG1zJvj4Taqka2fCDWOo3QOiW834IaK8mBdjitEZADuP nBXzjrFkDfeQoGAJ7XKs1YO7mIXhGAaxDWTXyyuogBjI0= Content-Transfer-Encoding: quoted-printable X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Eli Zaretskii writes: Hi Eli, >> > Furthermore, does exist dbus_message_set_allow_interactive_authorization >> > "since ever"? Or shall we check for the existence in configure.ac, like >> > we do it with other dbus_* functions? >> [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] X-Debbugs-Envelope-To: 71969 Cc: 71969@debbugs.gnu.org, steven@stebalien.com X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Eli Zaretskii writes: Hi Eli, >> > Furthermore, does exist dbus_message_set_allow_interactive_authorizat= ion >> > "since ever"? Or shall we check for the existence in configure.ac, li= ke >> > we do it with other dbus_* functions? >> >> I've just checked the dbus git repo. >> dbus_message_set_allow_interactive_authorization was added in >> D-Bus 1.8.10, so we need a check in configure.ac. > > Is this really a build-time condition, not a run-time condition? Can > we know in advance which version of D-Bus will be used at run time? Well, we must call this function, or not, in dbusbind.c. Of course it depends on the libdbus-1.so version whether it is available at runtime. But we must know already at build time, whether the function is offered via /usr/include/dbus-1.0/dbus/dbus-message.h. Otherwise, the function call would result in a compiler error. So it is a build time dependency. We do a similar check for other D-Bus functions in configure.ac, see this snippet: =2D-8<---------------cut here---------------start------------->8--- AC_CHECK_FUNCS([dbus_watch_get_unix_fd \ dbus_type_is_valid \ dbus_validate_bus_name \ dbus_validate_path \ dbus_validate_interface \ dbus_validate_member]) =2D-8<---------------cut here---------------end--------------->8--- And in dbusbind.c, we have then code like =2D-8<---------------cut here---------------start------------->8--- #if HAVE_DBUS_WATCH_GET_UNIX_FD /* TODO: Reverse these on w32, which prefers the opposite. */ int fd =3D dbus_watch_get_unix_fd (watch); if (fd =3D=3D -1) fd =3D dbus_watch_get_socket (watch); #else int fd =3D dbus_watch_get_fd (watch); #endif =2D-8<---------------cut here---------------end--------------->8--- Of course there is the risk, that Emacs is compiled with a function call (based on an include file), which does not exist at runtime, because the Emacs program runs somewhere else. OTOH, D-Bus 1.8.10 was tagged in the D-Bus git on "Thu Nov 6 15:39:51 2014 +0000". The likelihood, that we run into problems, is small, and the check in configure.ac is just "to be sure". Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Sun Jul 07 06:29:45 2024 Received: (at control) by debbugs.gnu.org; 7 Jul 2024 10:29:45 +0000 Received: from localhost ([127.0.0.1]:47457 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQP9N-0005Uo-8e for submit@debbugs.gnu.org; Sun, 07 Jul 2024 06:29:45 -0400 Received: from mout.gmx.net ([212.227.17.21]:51361) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQP9K-0005UY-UQ for control@debbugs.gnu.org; Sun, 07 Jul 2024 06:29:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720348172; x=1720952972; i=michael.albinus@gmx.de; bh=2R2vKUJ2MQMMnJEczd/kcf9OKOoUEMK7MWHNM/PSsoQ=; h=X-UI-Sender-Class:Date:Message-Id:To:From:Subject:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=osQQrnkeISq8u6Qs+ra1Yb/szgKNQQfXaxGSYxX0xQoP4YIZ9dPKcbBqr+AE0u0f ytsvuANVkf7VBK/4PvajTcY5EaYIJy58WLwYuqjELh+sihZRtF8l1mZP4muZTr6NR mYNLN9Z9N3X8OMqhvtvINCcV1PwCXxetcjT/B0nucSOl5xE7ESTRI+bhOi/e5tHr1 4OiDV4fnzcozGIfLQloS7KkerCP3Fwp5Vy+V5TwvtlGrI31afsMSoPM5NhdfeAMcu GnnX2pIOe8wroaQkpRAUqPgXS1Maii0sLzOYQHfMBHFCTETXLBewnSjahgP39fKrT 5g7+osDvfgJluDZUpg== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MRCOK-1snRoO2YvE-00TNyK for ; Sun, 07 Jul 2024 12:29:32 +0200 Date: Sun, 07 Jul 2024 12:29:31 +0200 Message-Id: <87tth1ze9g.fsf@gmx.de> To: control@debbugs.gnu.org From: Michael Albinus Subject: control message for bug #71969 X-Provags-ID: V03:K1:KNL+nbVjBwDwXGqYcZbgybfFU/2ZdbMPfc/ZVztuz981b5EjaPb SRxPvtYK+jqASdi82kD4pTatLYYIlw4WX4l78HVydStCR+rTHo/SmqA4XSg2i8g37KOf5qc 5pbW0lR4+HgdNUGnogrRpq2qAJX5H83GyohdoBdOD7jZpJQNb+bHHdhoYJt8y09l39OWzX4 x79ANAsSl8Gjnt12pTkeg== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:H3ndw8I/ctY=;eK5wm1EpvnkcmrFFB4H9O9WWBkR wI5wDBtcc3c4Mjqi/80pqmFeEZLc/5hj4zwKTG40PjWQlmy4foR0B/p0dTdTYRGADMW/vcltw bQcdE4tE5h7MIjRHyTmwTAZnjAWJVRYmNwLWP7ml+E63/ldLpAjek2DQ8DmibW2uK2cpwxmXc 2nladi6D3Y1uvf6srnycF2v0AvvTlXsz/xIo8Qxx6lCENfrwcV6iXbnGpma1q6N9v9YHeCAqO PPdOxMlpmpMzhuJu9eJF30+Mu40v3IBeiTvcx1+ny+WqTDUgXHTqEIaEtju/rfCyJssBUsQKN rSLyMWkJ4GzI+AjRa5mwHzN9sVviezKAMj8NIUgfQQ8d3La613hTP1vDbHF4QygA8Xvux3jOC E3hnGnvd2JrMoMERCoqHpgG0HVXbLJAHyVpXXlDMLMeaq044C914Xh+kVeJUltZA6RQ8Pb9tu v2zJ2qOQ5r3YRtbBTUsD5XH6huvTI9f456w657y1zC5ar6YE3Dk4sl8aiQ/h+Y2+QRIOfdy05 h2nTLxB+rk51TzjSAA0P2HT6IdavYrilkdvLfoX6bjAtpp/AZhXG5SHW5C7uhSgV3VMKQXrHy 1MhFQgrhijfhb2Tsw/XL1tebY0VNp6QL8mG1aaQ/uT2MeqHbuwXMZIY+EHOB/x6uyvSjkfdvc HpAmYavvnuLc+J/Zd3YnXd/G0ItQTm4QvpVVI3WeubiFOGugRZunoFPRo+ialOG5yiRFmOKtP eyeY0bjPr7b3svAtAphUGU6mOcd3sc9aK7QvdnDAhA9ykQhmG+GvCinJ7c58j3nZ61KYRfj1+ 1MLZFCej9HZBUbpk9qK+9ZcKeBUmkPYQUh8LRqMyrDUIY= X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: severity 71969 wishlist quit Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: severity 71969 wishlist quit Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager severity 71969 wishlist quit From debbugs-submit-bounces@debbugs.gnu.org Sun Jul 07 07:53:32 2024 Received: (at 71969) by debbugs.gnu.org; 7 Jul 2024 11:53:32 +0000 Received: from localhost ([127.0.0.1]:47513 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQQSR-0004uC-HB for submit@debbugs.gnu.org; Sun, 07 Jul 2024 07:53:32 -0400 Received: from fhigh6-smtp.messagingengine.com ([103.168.172.157]:49731) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQQSO-0004tv-VB for 71969@debbugs.gnu.org; Sun, 07 Jul 2024 07:53:29 -0400 Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailfhigh.nyi.internal (Postfix) with ESMTP id 882F211403AD; Sun, 7 Jul 2024 07:53:19 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Sun, 07 Jul 2024 07:53:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1720353199; x= 1720439599; bh=vTcyHPMGcFmN0yXtiIN6N5XxGPopm0p9hlKmKWm65t0=; b=q tBsXHiOWp/Kkl12hfZT5LWoPAAb9a8j5ds/LM9VEb74xnajJePOJKoNL0jQPALkx /gUPhEnmb1X9c01qpSI6WK5xYIPbZKq5JwkOyEMgzG7lsR/JP3LBfz6hmHsuix1q ONtLp6yBKirURITS24rYFbV/8TXNdBNnhSb9TaxiMW0tdpaGp9rwg9vXlgXfvDGn ypdaLQnWEElYWLISp1PK/6RL0/hQe3o0s5Dsw+F31JPCOC+3dGCF1V7R1st8u6kB VgsfR21etsfyn8b14Ht9R+Zkx70lRTnLVMxmYoBYuvrisTfuiPOotviqNaMLmPDn xlyrPCsiuLlYLCxIzUMHg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1720353199; x=1720439599; bh=vTcyHPMGcFmN0yXtiIN6N5XxGPop m0p9hlKmKWm65t0=; b=LLn1AzmJOlLiE241TY1rdYStmuXcCoOyLOFMxMAPZ6T2 bZ0+M+q1DJST0w8BvKl9ksWupFqhT2WU9e41Gs23dvzBiY335rwPOZhwJx2YzHqh 8jYGR/mn+iHT3VNgEZTPByTzLtjsO/quuJt4kEThOwcMJrBhkSlsMxNBzmIbcdGs LYyv3RgGEqa2MbH0wfM4+yr8zzNsBr2CndBcNfNbc8w9J24JZq111q1gKgGMlJcn lbuC8cnEla7ee8S4/kNa6Xm4IOMrhAaQwcYVC7FlngmsBUqvVwmku6wEFWqnb6S2 kIzmx2BA/aqaxvPR82+yVsTFW0qgC9TquVSTE4vsrQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdehgdegjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhvfevufgjfhffkfggtgesmhdtreertddttdenucfhrhhomhepufhtvghvvghn ucetlhhlvghnuceoshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhmqeenucggtffrrg htthgvrhhnpeejudefvdeijeeukedttdegudegffevjeehheeiueelgfffhfelffehfeev hfdvgeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpe hsthgvvhgvnhesshhtvggsrghlihgvnhdrtghomh X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 7 Jul 2024 07:53:18 -0400 (EDT) From: Steven Allen To: Michael Albinus , Eli Zaretskii Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <877cdy1r2a.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> Date: Sun, 07 Jul 2024 13:53:16 +0200 Message-ID: <874j91ifkj.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71969 Cc: 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain I've attached a patch that addresses the feedback so far: 1. Defines HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION and uses it. 2. Renames :authenticate to :authorize for consistency. 3. Signals an error when either :timeout or :authorize are passed when not invoking a method. Remaining questions: 1. I'm not sure if :authorize is quite correct either. Really, the key part is that it allows /interactive/ authorization. I wonder if :interactive-authorization or :interactive might be better (although they're kind of long). 2. Am I correctly signaling the error? I just copied that code from other parts of debusbind.c. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Support-interactive-D-Bus-authorization.patch >From 14a6c82848ebc02e98ca76aa8f7465209960c227 Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Thu, 4 Jul 2024 20:45:07 +0200 Subject: [PATCH] Support interactive D-Bus authorization When invoking D-Bus methods, let the user enable interactive authorization by passing an :authorize t parameter. This makes it possible to D-Bus methods that require polkit authorization. * src/dbusbind.c (dbus-message-internal): Allow interactive authorization by passing :authorize t. * lisp/net/dbus.el (dbus-call-method-asynchronously): Document the new parameter. * doc/misc/dbus.texi (Synchronous Methods, Asynchronous Methods): Document the new parameter. * configure.ac (HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION): Set a new variable if `dbus_message_set_allow_interactive_authorization' is available. --- configure.ac | 5 ++++- doc/misc/dbus.texi | 12 ++++++++++-- etc/NEWS | 6 ++++++ lisp/net/dbus.el | 8 ++++++++ src/dbusbind.c | 37 +++++++++++++++++++++++++++++++------ 5 files changed, 59 insertions(+), 9 deletions(-) diff --git a/configure.ac b/configure.ac index 909f5786c9a..ee2ef1c60fb 100644 --- a/configure.ac +++ b/configure.ac @@ -3943,6 +3943,8 @@ AC_DEFUN dnl dbus_watch_get_unix_fd has been introduced in D-Bus 1.1.1. dnl dbus_type_is_valid and dbus_validate_* have been introduced in dnl D-Bus 1.5.12. + dnl dbus_message_set_allow_interactive_authorization was introduced + dnl in D-Bus 1.8.10. OLD_LIBS=$LIBS LIBS="$LIBS $DBUS_LIBS" AC_CHECK_FUNCS([dbus_watch_get_unix_fd \ @@ -3950,7 +3952,8 @@ AC_DEFUN dbus_validate_bus_name \ dbus_validate_path \ dbus_validate_interface \ - dbus_validate_member]) + dbus_validate_member \ + dbus_message_set_allow_interactive_authorization]) LIBS=$OLD_LIBS DBUS_OBJ=dbusbind.o fi diff --git a/doc/misc/dbus.texi b/doc/misc/dbus.texi index e5d867acd40..6c02546508a 100644 --- a/doc/misc/dbus.texi +++ b/doc/misc/dbus.texi @@ -1208,7 +1208,7 @@ Synchronous Methods be called, and a reply message returning the resulting output parameters from the object. -@defun dbus-call-method bus service path interface method &optional :timeout timeout &rest args +@defun dbus-call-method bus service path interface method &optional :timeout timeout :authorize auth &rest args @anchor{dbus-call-method} This function calls @var{method} on the D-Bus @var{bus}. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1223,6 +1223,10 @@ Synchronous Methods call doesn't return in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authorize} is given and the following +@var{auth} is non-nil, the invoked method may interactively prompt the +user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. @@ -1302,7 +1306,7 @@ Asynchronous Methods @cindex method calls, asynchronous @cindex asynchronous method calls -@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout &rest args +@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout :authorize auth &rest args This function calls @var{method} on the D-Bus @var{bus} asynchronously. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1321,6 +1325,10 @@ Asynchronous Methods no reply message in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authorize} is given and the following +@var{auth} is non-nil, the invoked method may interactively prompt the +user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. diff --git a/etc/NEWS b/etc/NEWS index 3d2b86cfb6a..d6128cc078e 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom-image'. * Lisp Changes in Emacs 31.1 ++++ +*** Support interactive D-Bus authorization +A new ':authorization t' parameter has been added to 'dbus-call-method' +and 'dbus-call-method-asynchronously' to allow the user to interactively +authorize the invoked D-Bus method (e.g., via polkit). + * Changes in Emacs 31.1 on Non-Free Operating Systems diff --git a/lisp/net/dbus.el b/lisp/net/dbus.el index dd5f0e88859..d526423e089 100644 --- a/lisp/net/dbus.el +++ b/lisp/net/dbus.el @@ -297,6 +297,10 @@ dbus-call-method method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authorize' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: @@ -427,6 +431,10 @@ dbus-call-method-asynchronously method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authorize' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: diff --git a/src/dbusbind.c b/src/dbusbind.c index 35ce03c7911..827411644ec 100644 --- a/src/dbusbind.c +++ b/src/dbusbind.c @@ -1314,7 +1314,7 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, `dbus-call-method', `dbus-call-method-asynchronously': (dbus-message-internal dbus-message-type-method-call BUS SERVICE PATH INTERFACE METHOD HANDLER - &optional :timeout TIMEOUT &rest ARGS) + &optional :timeout TIMEOUT :authorize AUTH &rest ARGS) `dbus-send-signal': (dbus-message-internal @@ -1512,12 +1512,34 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, XD_SIGNAL1 (build_string ("Unable to create an error message")); } - /* Check for timeout parameter. */ - if ((count + 2 <= nargs) && EQ (args[count], QCtimeout)) + while ((count + 2 <= nargs)) { - CHECK_FIXNAT (args[count+1]); - timeout = min (XFIXNAT (args[count+1]), INT_MAX); - count = count+2; + /* Check for timeout parameter. */ + if (EQ (args[count], QCtimeout)) + { + if (mtype != DBUS_MESSAGE_TYPE_METHOD_CALL) + XD_SIGNAL2 (build_string (":timeout is only supported on method calls"), bus); + + CHECK_FIXNAT (args[count+1]); + timeout = min (XFIXNAT (args[count+1]), INT_MAX); + count = count+2; + } + /* Check for authorize parameter. */ + else if (EQ (args[count], QCauthorize)) + { + if (mtype != DBUS_MESSAGE_TYPE_METHOD_CALL) + XD_SIGNAL2 (build_string (":authorize is only supported on method calls"), bus); + + /* Ignore this keyword if unsupported. */ + #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION + dbus_message_set_allow_interactive_authorization + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); + #endif + + count = count+2; + } + else break; + } /* Initialize parameter list of message. */ @@ -1895,6 +1917,9 @@ syms_of_dbusbind (void) /* Lisp symbol for method call timeout. */ DEFSYM (QCtimeout, ":timeout"); + /* Lisp symbol for method interactive authorization. */ + DEFSYM (QCauthorize, ":authorize"); + /* Lisp symbols of D-Bus types. */ DEFSYM (QCbyte, ":byte"); DEFSYM (QCboolean, ":boolean"); -- 2.45.2 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun Jul 07 10:51:04 2024 Received: (at 71969) by debbugs.gnu.org; 7 Jul 2024 14:51:04 +0000 Received: from localhost ([127.0.0.1]:48943 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQTEF-0001VJ-T4 for submit@debbugs.gnu.org; Sun, 07 Jul 2024 10:51:04 -0400 Received: from mout.gmx.net ([212.227.17.21]:56115) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQTED-0001Uo-G0 for 71969@debbugs.gnu.org; Sun, 07 Jul 2024 10:51:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720363846; x=1720968646; i=michael.albinus@gmx.de; bh=Dx++pZEWlUMUSD8mCV6BfwEd8MJ2tdzconBPUB5W2Fc=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=ajlUh03t+UTPAryTXHGGrIGWokhasfwwj81h+CQPi1qvdon06kiIKW7o3ioj8VqH rJ2Kp3zJkL8R4WYOm/M4CXiRNslGDGrHe2bv+xso9MGyJXyDuP/9Qr3aUpx04Hnfy 91WnsG9wK/JcqaAf/ZbSlc6BD/LAY7+F7CoKFl+M2YR8CSIRGhC7fo1D3hdE/ameT 348cqDLJaBXT53Q/TRVKPOnHbhsitEp1RSaUJwzepaITSlAKOvg7RP0RvRquzOeG5 XjB6jZUMQ0NH0nmhKRt9fgErXU2SGUtALeHOf9w6+jB5kiLxr3etH00bckFjUJuK9 efGfIjFTh/PA1HOdqw== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1Mzyuc-1sDlvk1Rd0-00ytET; Sun, 07 Jul 2024 16:50:46 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <874j91ifkj.fsf@stebalien.com> (Steven Allen's message of "Sun, 07 Jul 2024 13:53:16 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> Date: Sun, 07 Jul 2024 16:50:43 +0200 Message-ID: <87msmtz264.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:7hIqTG6QHvn07MXADRyNVKy46VtuRNeJRMXPdcrtSVBM1rhZ5iz ReB05f56hC7qV8rU32vHN0dTMjOmapBW8cRMEoVqyqQba2BaTYLdc+np3yl+DirLjg3aSk6 a9MKOguadTbHNYRAtPkxa6SwNUU88UGI47uTPnHeX0l0tVW6uH4OiGH0Nj6YoH7pV/NvFht Mpx52OstwLCQwe4r3rYEA== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:IaLGtK2hEQc=;9n7DAkYGz1DkYAysSvQCEIMYiW9 tRx2SnfLcZQpiL7AwyXspzp0CAnFVidcD8g9wVbuHNwsUhM+k63kOgUMCPNtIhEvHzEGePESU KJHfG7+1G8AcGToJ2j3DoXeSu7mJZdkrjJmafwBp8vLq2yoknP6wVRDAhZePSKmMruxXc00EY 3LbBaQRXaYB2TjWDJrXaO0tDr3fELWO0G24l3kBoJzsBHdPnkd7sTQUI5VnCk/9v0W4xbH65H QZzPe2ege1jfam7qWncomk1ZKTn+xi4Sx9M43uaCC/oEGTL9Mxh9zzWkkshALKD7qssSa9/0G bZxTys1rFNGdJnnEev9fiE7Rth+d67MF362cVSzrcnxKJZHGf/uXpH0cAS2MIr487rjdxtuDG Exy2NzoWljaV6QFtjx1rjQ8iFgT0qEDB6VacWz/2uSkkXGdCE7OmRo1cqNgFruEIVCmp3+Plx m2VgYYBBjlftS+NeiDX+yIOcb+Lp7QBIAcRDd3w2h5rotP55RAhokBSCBewgg1YKTrs3pO66n i6hE8lhkQDrmduTpD3Ovd1BMpPWbXpbOT9wgA3zi5itZwYkNpVzsJ5J3d3HYGm/EZ/t6J7Tm0 5q8C3UC6pq8hrRtJLC9xebw8Aj4zqSaSozDV/ukP2ep2aL4R8wZOi1l9cJOukd7U7NgQg0+76 Zx/hyA60gB1rMMJeLfZOK/N0PFip6vxlX3KyuaXDFfTon5HxKp1VfrQ8EO9j4m+ANfkSlc+nb uYI8qdlCXnasxYJKnxryTtZByraRe8KHlq1pMrJE7HRCzkJJ1qKKOzqSX6CzmwhiNeI5bX/Cm 8BKvTl/IKZO212ebhQ4Dl38g+km4gzVko5SOB5P0U1Wx8= Content-Transfer-Encoding: quoted-printable X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, > I've attached a patch that addresses the feedback so far: > > 1. Defines HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION and > uses it. > 2. Renames :authenticate to :authorize for consistency [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, > I've attached a patch that addresses the feedback so far: > > 1. Defines HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION and > uses it. > 2. Renames :authenticate to :authorize for consistency [...] Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Steven Allen writes: Hi Steven, > I've attached a patch that addresses the feedback so far: > > 1. Defines HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION and > uses it. > 2. Renames :authenticate to :authorize for consistency. > 3. Signals an error when either :timeout or :authorize are passed when > not invoking a method. Thanks! > Remaining questions: > > 1. I'm not sure if :authorize is quite correct either. Really, the key > part is that it allows /interactive/ authorization. I wonder if > :interactive-authorization or :interactive might be better (although > they're kind of long). I believe :authorize is OK. In the docstrings as well as in the D-Bus manual, interactive authorization is mentioned, so a user shall know what's about. > 2. Am I correctly signaling the error? I just copied that code from > other parts of debusbind.c. I guess the better call would be =2D-8<---------------cut here---------------start------------->8--- XD_SIGNAL1 (build_string (":timeout is only supported on method calls= ")); =2D-8<---------------cut here---------------end--------------->8--- The bus argument isn't needed. Furthermore, you haven't given an example. I really would like to see how it works in practice. Some remarks: > --- a/doc/misc/dbus.texi > +++ b/doc/misc/dbus.texi > @@ -1223,6 +1223,10 @@ Synchronous Methods > call doesn't return in time, a D-Bus error is raised (@pxref{Errors > and Events}). > > +If the parameter @code{:authorize} is given and the following > +@var{auth} is non-nil, the invoked method may interactively prompt the non-@code{nil} > @@ -1321,6 +1325,10 @@ Asynchronous Methods > no reply message in time, a D-Bus error is raised (@pxref{Errors and > Events}). > > +If the parameter @code{:authorize} is given and the following > +@var{auth} is non-nil, the invoked method may interactively prompt the ditto > --- a/etc/NEWS > +++ b/etc/NEWS > @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom= -image'. > =0C > * Lisp Changes in Emacs 31.1 > > ++++ > +*** Support interactive D-Bus authorization Please add a trailing period. > +A new ':authorization t' parameter has been added to 'dbus-call-method' ':authorize t' > --- a/src/dbusbind.c > +++ b/src/dbusbind.c > @@ -1512,12 +1512,34 @@ DEFUN ("dbus-message-internal", Fdbus_message_in= ternal, Sdbus_message_internal, > + XD_SIGNAL2 (build_string (":timeout is only supported on method ca= lls"), bus); XD_SIGNAL1 > + XD_SIGNAL2 (build_string (":authorize is only supported on method = calls"), bus); XD_SIGNAL1 > + /* Ignore this keyword if unsupported. */ > + #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION > + dbus_message_set_allow_interactive_authorization > + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); > + #endif #ifdef end #endif shall start in column 1. Futhermore, we need an #else clause. There shall be an error or a warning, that :authorize is not suppo= rted. Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 08 05:24:18 2024 Received: (at 71969) by debbugs.gnu.org; 8 Jul 2024 09:24:18 +0000 Received: from localhost ([127.0.0.1]:49683 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQkbZ-0000IN-R8 for submit@debbugs.gnu.org; Mon, 08 Jul 2024 05:24:18 -0400 Received: from fout7-smtp.messagingengine.com ([103.168.172.150]:51121) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQkbX-0000I9-Do for 71969@debbugs.gnu.org; Mon, 08 Jul 2024 05:24:16 -0400 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailfout.nyi.internal (Postfix) with ESMTP id 54332138062D; Mon, 8 Jul 2024 05:24:05 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Mon, 08 Jul 2024 05:24:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1720430645; x= 1720517045; bh=6Af2HtzOLcyN2XvzoRCtbCpyPYYdm8oUYsDhh4x8lPI=; b=A 6FdlPJR84mmia9rJxfOarDkkcgpnNawOlb3txh6WSLmruQg2rUp+Z5MoTLE5HNxO 0/DHrcybEIa+40BphqgMVUem7OZZ6pqCjLfaR5MubM1H9biYjkI7lRScw1kYSoO1 nH0RbbPta6eQBbxSAi/z+d0qTA5lVkn3ikeVh5Sf2XzcTr9rmYwDjStfJssa7UtT xt+C1/rUsz5Tjoz3Epm0YEvwjvIp5GeqSIPet6PHoKtoI655wR/5bIheDdNMlgVl q13zdsr8r/zNRRJbLvxXiMubUArtpse9/OYEyzZXEXBemjXWULXd7ai41oYkcJSX yOF8Si3BF1s2DC0tv2tWQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1720430645; x=1720517045; bh=6Af2HtzOLcyN2XvzoRCtbCpyPYYd m8oUYsDhh4x8lPI=; b=Oklq/miv7RB0WxKV0TsiZRW0QtXhZ8TIKkGg3ZxJtkUh R/TeRDzneqIQXTxtI8jXy0T/z8rEyCH9lPfrgheuxSirmYW18h+aFMUrBGvTPtqi twTJpAyYtjVcvUb6AMEtZWq59WPTv4J/ro3ER1OsuRGyx+wuwdfQvOQCkeg6Vbpu g6E1tN14ZRF9rIzfMq3Al3zxqh5QqKD9AO9FAwpx50PZCsvj2Y2upLQy3vn6Q8cS gtd909kgsxJnenZTM2ylnN32c0slhweUIK5pGqo3swQJvA5Q+bq5HcAdBHnvsUOt ePYyRzG9J+Sj5I2BkJfVV7KSRjCsa34cXGUcLPJcWw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdejgddugecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhvfevufgjfhffkfggtgesmhdtreertddttdenucfhrhhomhepufhtvghvvghn ucetlhhlvghnuceoshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhmqeenucggtffrrg htthgvrhhnpeejudefvdeijeeukedttdegudegffevjeehheeiueelgfffhfelffehfeev hfdvgeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpe hsthgvvhgvnhesshhtvggsrghlihgvnhdrtghomh X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 8 Jul 2024 05:24:03 -0400 (EDT) From: Steven Allen To: Michael Albinus Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87msmtz264.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> Date: Mon, 08 Jul 2024 11:24:02 +0200 Message-ID: <87sewk2q4t.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Michael Albinus writes: > Steven Allen writes: > > Hi Steven, > >> I've attached a patch that addresses the feedback so far: >> >> 1. Defines HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION and >> uses it. >> 2. Renames :authenticate to :authorize for consistency. >> 3. Signals an error when either :timeout or :authorize are passed when >> not invoking a method. > > Thanks! > >> Remaining questions: >> >> 1. I'm not sure if :authorize is quite correct either. Really, the key >> part is that it allows /interactive/ authorization. I wonder if >> :interactive-authorization or :interactive might be better (although >> they're kind of long). > > I believe :authorize is OK. In the docstrings as well as in the D-Bus > manual, interactive authorization is mentioned, so a user shall know > what's about. Hm, it's still bugging me. We're _not_ authorizing the request, we're telling D-Bus that it's ok to ask the user if they want to authorize it. I'm hoping the example below will make this clearer. >> 2. Am I correctly signaling the error? I just copied that code from >> other parts of debusbind.c. > > I guess the better call would be > > --8<---------------cut here---------------start------------->8--- > XD_SIGNAL1 (build_string (":timeout is only supported on method calls")); > --8<---------------cut here---------------end--------------->8--- > > The bus argument isn't needed. > > Furthermore, you haven't given an example. I really would like to see > how it works in practice. Sorry about that. To restart the bluetooth service, execute: (dbus-call-method :system "org.freedesktop.systemd1" "/org/freedesktop/systemd1" "org.freedesktop.systemd1.Manager" "RestartUnit" :authorize t "bluetooth.service" "replace") Assuming you have a polkit agent running (most DEs will run one by default, but agents like mate-polkit work pretty well standalone), you'll be prompted to authorize the operation and the bluetooth service will be restarted. > Some remarks: > >> --- a/doc/misc/dbus.texi >> +++ b/doc/misc/dbus.texi >> @@ -1223,6 +1223,10 @@ Synchronous Methods >> call doesn't return in time, a D-Bus error is raised (@pxref{Errors >> and Events}). >> >> +If the parameter @code{:authorize} is given and the following >> +@var{auth} is non-nil, the invoked method may interactively prompt the > > non-@code{nil} > >> @@ -1321,6 +1325,10 @@ Asynchronous Methods >> no reply message in time, a D-Bus error is raised (@pxref{Errors and >> Events}). >> >> +If the parameter @code{:authorize} is given and the following >> +@var{auth} is non-nil, the invoked method may interactively prompt the > > ditto > Done and done (the info manuals are pretty inconsistent in this regard...). >> --- a/etc/NEWS >> +++ b/etc/NEWS >> @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom-image'. >> >> * Lisp Changes in Emacs 31.1 >> >> ++++ >> +*** Support interactive D-Bus authorization > > Please add a trailing period. > >> +A new ':authorization t' parameter has been added to 'dbus-call-method' > > ':authorize t' > done and done. >> --- a/src/dbusbind.c >> +++ b/src/dbusbind.c >> @@ -1512,12 +1512,34 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, >> + XD_SIGNAL2 (build_string (":timeout is only supported on method calls"), bus); > > XD_SIGNAL1 Ah... I was wondering about the difference between the different signals. I didn't even notice the bus argument... Thanks! >> + XD_SIGNAL2 (build_string (":authorize is only supported on method calls"), bus); > > XD_SIGNAL1 > >> + /* Ignore this keyword if unsupported. */ >> + #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION >> + dbus_message_set_allow_interactive_authorization >> + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); >> + #endif > > #ifdef end #endif shall start in column 1. Futhermore, we need an #else > clause. There shall be an error or a warning, that :authorize is not supported. I'm going to disagree on this last point. The flag is specifying whether or not the D-Bus is _allowed_ to ask the user to ask the user to authorize requests which can fail for multiple reasons anyways (e.g., if no polkit agent is running, the user rejects the interactive authorization, etc.). If authorization is required and wasn't possible for some reason, D-Bus will return an error to the user anyways. So the user will get their warning either way _if_ something actually goes wrong. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Support-interactive-D-Bus-authorization.patch >From 62ea28d5d3b34ddd83bdcf5357ebfa0b24d8688e Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Thu, 4 Jul 2024 20:45:07 +0200 Subject: [PATCH] Support interactive D-Bus authorization When invoking D-Bus methods, let the user enable interactive authorization by passing an :authorize t parameter. This makes it possible to D-Bus methods that require polkit authorization. * src/dbusbind.c (dbus-message-internal): Allow interactive authorization by passing :authorize t. * lisp/net/dbus.el (dbus-call-method-asynchronously): Document the new parameter. * doc/misc/dbus.texi (Synchronous Methods, Asynchronous Methods): Document the new parameter. * configure.ac (HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION): Set a new variable if `dbus_message_set_allow_interactive_authorization' is available. --- configure.ac | 5 ++++- doc/misc/dbus.texi | 12 ++++++++++-- etc/NEWS | 6 ++++++ lisp/net/dbus.el | 8 ++++++++ src/dbusbind.c | 37 +++++++++++++++++++++++++++++++------ 5 files changed, 59 insertions(+), 9 deletions(-) diff --git a/configure.ac b/configure.ac index 909f5786c9a..ee2ef1c60fb 100644 --- a/configure.ac +++ b/configure.ac @@ -3943,6 +3943,8 @@ AC_DEFUN dnl dbus_watch_get_unix_fd has been introduced in D-Bus 1.1.1. dnl dbus_type_is_valid and dbus_validate_* have been introduced in dnl D-Bus 1.5.12. + dnl dbus_message_set_allow_interactive_authorization was introduced + dnl in D-Bus 1.8.10. OLD_LIBS=$LIBS LIBS="$LIBS $DBUS_LIBS" AC_CHECK_FUNCS([dbus_watch_get_unix_fd \ @@ -3950,7 +3952,8 @@ AC_DEFUN dbus_validate_bus_name \ dbus_validate_path \ dbus_validate_interface \ - dbus_validate_member]) + dbus_validate_member \ + dbus_message_set_allow_interactive_authorization]) LIBS=$OLD_LIBS DBUS_OBJ=dbusbind.o fi diff --git a/doc/misc/dbus.texi b/doc/misc/dbus.texi index e5d867acd40..46a666084bb 100644 --- a/doc/misc/dbus.texi +++ b/doc/misc/dbus.texi @@ -1208,7 +1208,7 @@ Synchronous Methods be called, and a reply message returning the resulting output parameters from the object. -@defun dbus-call-method bus service path interface method &optional :timeout timeout &rest args +@defun dbus-call-method bus service path interface method &optional :timeout timeout :authorize auth &rest args @anchor{dbus-call-method} This function calls @var{method} on the D-Bus @var{bus}. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1223,6 +1223,10 @@ Synchronous Methods call doesn't return in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authorize} is given and the following +@var{auth} is non-@code{nil}, the invoked method may interactively +prompt the user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. @@ -1302,7 +1306,7 @@ Asynchronous Methods @cindex method calls, asynchronous @cindex asynchronous method calls -@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout &rest args +@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout :authorize auth &rest args This function calls @var{method} on the D-Bus @var{bus} asynchronously. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1321,6 +1325,10 @@ Asynchronous Methods no reply message in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authorize} is given and the following +@var{auth} is non-@code{nil}, the invoked method may interactively +prompt the user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. diff --git a/etc/NEWS b/etc/NEWS index 3d2b86cfb6a..4705b28238c 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom-image'. * Lisp Changes in Emacs 31.1 ++++ +*** Support interactive D-Bus authorization. +A new ':authorize t' parameter has been added to 'dbus-call-method' +and 'dbus-call-method-asynchronously' to allow the user to interactively +authorize the invoked D-Bus method (e.g., via polkit). + * Changes in Emacs 31.1 on Non-Free Operating Systems diff --git a/lisp/net/dbus.el b/lisp/net/dbus.el index dd5f0e88859..d526423e089 100644 --- a/lisp/net/dbus.el +++ b/lisp/net/dbus.el @@ -297,6 +297,10 @@ dbus-call-method method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authorize' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: @@ -427,6 +431,10 @@ dbus-call-method-asynchronously method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authorize' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: diff --git a/src/dbusbind.c b/src/dbusbind.c index 35ce03c7911..67a1a30dc55 100644 --- a/src/dbusbind.c +++ b/src/dbusbind.c @@ -1314,7 +1314,7 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, `dbus-call-method', `dbus-call-method-asynchronously': (dbus-message-internal dbus-message-type-method-call BUS SERVICE PATH INTERFACE METHOD HANDLER - &optional :timeout TIMEOUT &rest ARGS) + &optional :timeout TIMEOUT :authorize AUTH &rest ARGS) `dbus-send-signal': (dbus-message-internal @@ -1512,12 +1512,34 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, XD_SIGNAL1 (build_string ("Unable to create an error message")); } - /* Check for timeout parameter. */ - if ((count + 2 <= nargs) && EQ (args[count], QCtimeout)) + while ((count + 2 <= nargs)) { - CHECK_FIXNAT (args[count+1]); - timeout = min (XFIXNAT (args[count+1]), INT_MAX); - count = count+2; + /* Check for timeout parameter. */ + if (EQ (args[count], QCtimeout)) + { + if (mtype != DBUS_MESSAGE_TYPE_METHOD_CALL) + XD_SIGNAL1 (build_string (":timeout is only supported on method calls")); + + CHECK_FIXNAT (args[count+1]); + timeout = min (XFIXNAT (args[count+1]), INT_MAX); + count = count+2; + } + /* Check for authorize parameter. */ + else if (EQ (args[count], QCauthorize)) + { + if (mtype != DBUS_MESSAGE_TYPE_METHOD_CALL) + XD_SIGNAL1 (build_string (":authorize is only supported on method calls")); + + /* Ignore this keyword if unsupported. */ +#ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION + dbus_message_set_allow_interactive_authorization + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); +#endif + + count = count+2; + } + else break; + } /* Initialize parameter list of message. */ @@ -1895,6 +1917,9 @@ syms_of_dbusbind (void) /* Lisp symbol for method call timeout. */ DEFSYM (QCtimeout, ":timeout"); + /* Lisp symbol for method interactive authorization. */ + DEFSYM (QCauthorize, ":authorize"); + /* Lisp symbols of D-Bus types. */ DEFSYM (QCbyte, ":byte"); DEFSYM (QCboolean, ":boolean"); -- 2.45.2 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 08 08:30:17 2024 Received: (at 71969) by debbugs.gnu.org; 8 Jul 2024 12:30:17 +0000 Received: from localhost ([127.0.0.1]:49875 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQnVY-0002I1-VW for submit@debbugs.gnu.org; Mon, 08 Jul 2024 08:30:17 -0400 Received: from mout.gmx.net ([212.227.17.20]:55737) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQnVU-0002Gc-8n for 71969@debbugs.gnu.org; Mon, 08 Jul 2024 08:30:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720441798; x=1721046598; i=michael.albinus@gmx.de; bh=URRwpb0D/QKWlchY7/BhHxIu99z6z0bDGcUGYcw5yIg=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=pxoxwZhGUpwGLI78H6pZ/Fr8BiNcYCkJ3z2S8iaZdAUuHa/V7LCNrxmJBrVg4iHn pVZAY2nCDUEs4HByYhDcraXCtOLe641hOLb69y3xt9k1iFVflfHQpkA+mbMaggQND KIb0FvnVNkXp2k7AvQdU4RDYmY57sdiHkCQ2uhQW+SDFTAvmu2scytOXFZ9/QCids CVwGXXnQmwqSq3VPVlr3RiAVLaLxg6sWHrZQrtVQpugw2SCmQSMMKLrVT1CgjS3HP kvj5XqKyaRSLpksLBTBfozfPdlRxt8rX4gaLIHcetPdua1CssGHwaNc7G+WBso5JS hIRBzJOQYCXpetCS+g== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1M4Jqb-1sQWO71B3Z-002ws5; Mon, 08 Jul 2024 14:29:58 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87sewk2q4t.fsf@stebalien.com> (Steven Allen's message of "Mon, 08 Jul 2024 11:24:02 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> Date: Mon, 08 Jul 2024 14:29:55 +0200 Message-ID: <87le2coym4.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:dX1HjNwcCSBTLkiTk1I6DbazjJ+WDr6USELTt8CiJBy7rWJ2L5z ZsyrOCXVb+GqB2DrQy8SbZvzcNNTXLpvM824ipEqqCB/kEJyucunPuF4NlvkqN7NpEgAqpd el1cE6KzKV8Uv7yi7X5wpgTmbgMak50I0pEWMNuwBQ65D7QUaEZHpFDQnetiljW7FZstynM A2f0qQAnLi8MUN3tADlmQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:CNCaB5XD+Z8=;wJ1qCZ4sSAchOSIxwjXClKG5cmG woPi/3er9HbDwg4qRQndUE7r9LJtinPfTDPhQlBrt/hTGl1t8d1HbbpZ64WM6Wrx21ucfmNM2 8V1ZEhtANo1F1zGCguRgVYeLON7KxYEidzVN591lkeEJ/KKLpTYsZxOhdtuHNj/IWKEJu4Pev Q5RjneQQCJvzGKlsVYXeU9t2JojXQzFuPjGI9woUu/aDL7VeIDjJV5ORSeFIpzH16q6TN8K3a F1FktKy/r4qVKLHw09KTKC0On6/YIq2s7ihXL6sVHkUFEO5kBd3ZJvF/tA5iqorPg1N7AAC3f OBjftVoybBXYKPF3sTTUd/bOJHIDHUOQUD+IVHOtSkqHr0cOsnrNg225Zf5qATATcLHhHlDYv Se7m1NTbmqzGO5UeRaOTVvz+pp1hWe7ZkjssAD6QxTE7lI3MGD2v1xJqvRVArNUU6Oe1wXjmj Q4GVK/DyDDmtPqUzLxOKU6EqnbKh+jvLWhlLnw+PTc3wAMYAacWQnpD0WauaHjRmqyIRrwxIL PDpIqGvfoH8g2YqMrfkQAuTQwSHeu8qWl2FawGYoNHrSw1lI5zVKaQx7oWAYYWcKQgIgyJiW4 iC5dRSIfY9nrXnpzM9eZA0PIf71Gc2wdW3FM//ToDFom89RiZJ8ffEO+lK4/Rxwkt07qR0gJa lixur9RTWanbIS0hW4R9/Ky81TV1WzM07SWTdF5u8SHQf7iMngsbrrmWVb+AUQnYu4vRH+HdY fUZZ7lGMwz3fJug+ufGYs/s122EG2Q2wzNgLltc3YeIDS6K9gBsDOcPRL/xjJpxUmUlemuUSE Eh6Jzm8cDrvLJl4Xzr7d0XRpfkQNvkBDxcuF/dKH8u0qc= X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, >>> Remaining questions: >>> >>> 1. I'm not sure if :authorize is quite correct either. Really, the key >>> part is that it allows /interactive/ authorization. I wonder if >>> :interactive-authorizati [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.20 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, >>> Remaining questions: >>> >>> 1. I'm not sure if :authorize is quite correct either. Really, the key >>> part is that it allows /interactive/ authorization. I wonder if >>> :interactive-authorizati [...] Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.20 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Steven Allen writes: Hi Steven, >>> Remaining questions: >>> >>> 1. I'm not sure if :authorize is quite correct either. Really, the key >>> part is that it allows /interactive/ authorization. I wonder if >>> :interactive-authorization or :interactive might be better (although >>> they're kind of long). >> >> I believe :authorize is OK. In the docstrings as well as in the D-Bus >> manual, interactive authorization is mentioned, so a user shall know >> what's about. > > Hm, it's still bugging me. We're _not_ authorizing the request, we're > telling D-Bus that it's ok to ask the user if they want to authorize it. > I'm hoping the example below will make this clearer. What about :authorizable? I don't like the alternative :interactive-authorize; it's too long to type, and it's also not obvious w/o knowing the context. >> Furthermore, you haven't given an example. I really would like to see >> how it works in practice. > > Sorry about that. To restart the bluetooth service, execute: > > (dbus-call-method > :system > "org.freedesktop.systemd1" "/org/freedesktop/systemd1" > "org.freedesktop.systemd1.Manager" "RestartUnit" > :authorize t > "bluetooth.service" "replace") > > Assuming you have a polkit agent running (most DEs will run one by > default, but agents like mate-polkit work pretty well standalone), > you'll be prompted to authorize the operation and the bluetooth service > will be restarted. Nice. I get an authorization prompt. However, on my Fedora 40 / Gnome 46 / systemd 255 system, it doesn't matter, whether I use ':authorize t', ':authorize nil', or none of them. Is interactive authorization enabled by default, and we don't need to care about? >>> +If the parameter @code{:authorize} is given and the following >>> +@var{auth} is non-nil, the invoked method may interactively prompt the >> >> non-@code{nil} > Done and done (the info manuals are pretty inconsistent in this regard...). If you see it somewhere else in the manuals, it is an error. The rule is to use @code{nil}, non-@code{nil}, and @code{t}. Feel free to correct this. >>> + /* Ignore this keyword if unsupported. */ >>> + #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION >>> + dbus_message_set_allow_interactive_authorization >>> + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); >>> + #endif >> >> #ifdef end #endif shall start in column 1. Futhermore, we need an #else >> clause. There shall be an error or a warning, that :authorize is not supported. > > I'm going to disagree on this last point. The flag is specifying whether > or not the D-Bus is _allowed_ to ask the user to ask the user to > authorize requests which can fail for multiple reasons anyways (e.g., if > no polkit agent is running, the user rejects the interactive > authorization, etc.). > > If authorization is required and wasn't possible for some reason, > D-Bus will return an error to the user anyways. So the user will get > their warning either way _if_ something actually goes wrong. Good point. However, we shall support developers if they run into this case. What about a debug message like --8<---------------cut here---------------start------------->8--- #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION dbus_message_set_allow_interactive_authorization (dmessage, NILP (args[count+1]) ? FALSE : TRUE); #else XD_DEBUG_MESSAGE (":authorize not supported"); #endif --8<---------------cut here---------------end--------------->8--- Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 08 08:51:05 2024 Received: (at 71969) by debbugs.gnu.org; 8 Jul 2024 12:51:06 +0000 Received: from localhost ([127.0.0.1]:49885 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQnph-0002wE-IE for submit@debbugs.gnu.org; Mon, 08 Jul 2024 08:51:05 -0400 Received: from mout.gmx.net ([212.227.17.20]:40859) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQnpf-0002vd-Ct for 71969@debbugs.gnu.org; Mon, 08 Jul 2024 08:51:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720443050; x=1721047850; i=michael.albinus@gmx.de; bh=k4vXJqCvO3+dNBjRuGfSzhKiNYdCEkwDC/lNF24yN7w=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=S50yFIfZ8vVe8thExbQj3XzFwP3QOHXB2FkWlD8MQe0MyfeiGNYvstKqiWNSmUcY Fqb1LAd59AAWWanE6uWC3Z+pUXb5tB+QefsZixeJjyTaZ5Unt4MFLOfqycJztw+Fx bLRxIEH4AR0x8bjY19uCOsgfCCjqrdBsRUH1qLBdgcC2P2hYj5pyKzK2LlLNHRhg+ 3zCGhjJVes2oXAh4mbmyax3caqGk+cUMISwvQCWIRsL4nC8HXSHFAKbTy3NJSCftQ 4qwt4F+qB2gHydK07sWTfFv/2AqjXF1cvOU23z+7tjq9W+shZWdLCsqSdkgTAbOlc Y5D6PYqOX4BUk9Euyg== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1Msq24-1s6o2D3xrU-00rl1G; Mon, 08 Jul 2024 14:50:50 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87le2coym4.fsf@gmx.de> (Michael Albinus's message of "Mon, 08 Jul 2024 14:29:55 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> Date: Mon, 08 Jul 2024 14:50:49 +0200 Message-ID: <87h6d0oxna.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:eZy4BBXd01vuX8214Y6HivBSUqCKC/n41bDdeQPCCilyrbCKqXP OjM4neKABUV94lefPF+RQUwyLci6B/4yiT89IoN9vrnjAI3fvp+13rkauuGeU7JMHcotsTa HlLfuILzyiTPbviS6iIuZ08EIQwak1zf1g9VNHLlAXWGedk3ZP2eaKKsyYXBck1DYbXo/vS rTw5FIsr9Dj0lgmrdiQ6Q== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:dSWV6W6ApuI=;KxZ4p58bQ5sCa6YWi7hp5xH1QvE JnpfOrbRc46vzORKta0XVWcT/7nThcN2U+DNyb+1Am0nT3kkVNWZJa0zs/8bs1DmWKDBp4DlM nDUb52jwk+XSiIjEGiFDclesXA2hZ2q8dYXnApGzJT7mzJdmPNXyiHCD07PtZZPEiQpgPJafD yijyGqbZWhQecTj/7ZptLtHOo5QBmhFWN2vMhLdFZYusXcFoVUYnAnuIiPtCoaF8soM3L+/Ju /xb+2OW3vuoV+mCp2ogIzGyCDrSNSmXNUmnlJWzZ2moR8YMXntPGj/BaYKsoKLFLwE8LQ64Sz G6ukWNbXxjRifph4ciCoRxMulKHP+bbmxTV+XZwJpIhzXfObjUYo8L9/x2GLlCex3uAGEzk6F 8n2XTxPXH18swweNrfqEw/ElQLAssUKj0meLnybQA/0NezWdw170wd/xs184qAvw5u8Ge33NT zmrz8+nBJVVHNRukx1idLMVN2xRvmkRWNyQWjg+OBjoFq2KcAHI79odZ/LI6GgYBzCYAoJ9H9 Y1oFRSWFjrHvpIm42Dt1ccjzr7L7RuAtxR5ITctAFgbS4Pme2L7Fp3cLSIlgSpNY7BhLQdQ6k sgfz59o+jsqzRCbdhfXnj8K/TsTDYBGX66OmH2y+WNpVrCt0wUI8QeEIZYQMLOQlNIAmXSR6u jwk0Zni9IXQaYFepeyimNoUUSfSsLf0IA/qmYiAkDSUoc1Qtgs31cQUnLhj6rD0lGTVRPaijC sOiE6/jVI1Kk+7o4F+3lHZx3y5ZOKmp6n9kfzu89ChvvqMnFhV2SdIP7JFHhiPE87TAk4jWps cfo4KNZbZLI7SqhXAzp/3ZjE15DdYfuiaoRwXW6y0xJX0= X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Michael Albinus writes: Hi Steven, >> (dbus-call-method >> :system >> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >> "org.freedesktop.systemd1.Manager" "RestartUnit" >> :authorize t >> "bluetooth.service" "replace") >> >> As [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.20 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Michael Albinus writes: Hi Steven, >> (dbus-call-method >> :system >> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >> "org.freedesktop.systemd1.Manager" "RestartUnit" >> :authorize t >> "bluetooth.service" "replace") >> >> As [...] Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.20 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Michael Albinus writes: Hi Steven, >> (dbus-call-method >> :system >> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >> "org.freedesktop.systemd1.Manager" "RestartUnit" >> :authorize t >> "bluetooth.service" "replace") >> >> Assuming you have a polkit agent running (most DEs will run one by >> default, but agents like mate-polkit work pretty well standalone), >> you'll be prompted to authorize the operation and the bluetooth service >> will be restarted. > > Nice. I get an authentication prompt. > > However, on my Fedora 40 / Gnome 46 / systemd 255 system, it doesn't > matter, whether I use ':authorize t', ':authorize nil', or none of > them. Is interactive authorization enabled by default, and we don't need > to care about? Perhaps this is due to the example. I'm asked for "Authentication Required". This is not interactive authorization. Do you have another example? Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Mon Jul 08 09:21:49 2024 Received: (at 71969) by debbugs.gnu.org; 8 Jul 2024 13:21:49 +0000 Received: from localhost ([127.0.0.1]:49908 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQoJQ-0003mC-Jr for submit@debbugs.gnu.org; Mon, 08 Jul 2024 09:21:49 -0400 Received: from fhigh6-smtp.messagingengine.com ([103.168.172.157]:59851) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQoJO-0003lq-8h for 71969@debbugs.gnu.org; Mon, 08 Jul 2024 09:21:47 -0400 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfhigh.nyi.internal (Postfix) with ESMTP id AF71211400F8; Mon, 8 Jul 2024 09:21:34 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Mon, 08 Jul 2024 09:21:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1720444894; x= 1720531294; bh=Mrz96mmoVkqvVjAu6XIvhozPgZO6uzn4tXdBt1LfDas=; b=U H1Wfc/Y3ui6uWxTyl9fTnrmJ2gB9zGeYBARRGFyHuEjf+aGL6bPvh+YTXK89yet8 lcQ+9NItmNLkCWM6s8CA41FEXTZbvqTx6a6Qc/edvQJSHJFbosR3l27YYJE9f8TF fqf9kxW+tw0e0rAM/+Qkjyso6PP5V5HxEHz3qLSuLHvXaRBNywkL0TL2IGW059XY 8WyCToj+0LRhGY46w4gfu8jmeSUYqH4ZjUBgtBhbDVU8ggZIu2PGDfZgZFOUdGe3 s8g2c4GMabhKV8eH3iKjXHN4FxgsElirxzvf6Bkqj9YFWOLXFmCgg92EKQ5YRAVT LxJlIrAPbqZZGmpkZTl7Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1720444894; x=1720531294; bh=Mrz96mmoVkqvVjAu6XIvhozPgZO6 uzn4tXdBt1LfDas=; b=LIdO+WqXAeMLgA5ZPUrvoZHlYjzBiyFnq+bue/1M2zLv ew1FsZS3+c9MXXS1IeFfHZIqSpLHn+OVOy5bhJRKZ2oQ9EyQbwyD1DvNMvbhk3sT ILH8Oz92DUmk9RXissCuDSi1ifXB4e7kfMNNft8whtcWI52Ka7PRcRPHNl0re6tz SdO8YOzSmN/6BnZN7bFX3hehKRfyG4yANqIUvbeaW/MaDd3GE/q39JMn5HKi58Cc /+Pf7P5WkuIPPuc0yvD+xMOAPwuPs4x+82GmEiW4zZR3LDBORRc545UxBbD/WiXN XxtNnuxwraIYqUkm1XF/e6oQ+ooXCTXPBs6syyw4Uw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdejgdeifecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhvfevufgjfhffkfggtgesmhdtreertddttdenucfhrhhomhepufhtvghvvghn ucetlhhlvghnuceoshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhmqeenucggtffrrg htthgvrhhnpeejudefvdeijeeukedttdegudegffevjeehheeiueelgfffhfelffehfeev hfdvgeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpe hsthgvvhgvnhesshhtvggsrghlihgvnhdrtghomh X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 8 Jul 2024 09:21:32 -0400 (EDT) From: Steven Allen To: Michael Albinus Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87le2coym4.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> Date: Mon, 08 Jul 2024 15:21:30 +0200 Message-ID: <87sewk9fz9.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Michael Albinus writes: > Steven Allen writes: > > Hi Steven, > >>>> Remaining questions: >>>> >>>> 1. I'm not sure if :authorize is quite correct either. Really, the key >>>> part is that it allows /interactive/ authorization. I wonder if >>>> :interactive-authorization or :interactive might be better (although >>>> they're kind of long). >>> >>> I believe :authorize is OK. In the docstrings as well as in the D-Bus >>> manual, interactive authorization is mentioned, so a user shall know >>> what's about. >> >> Hm, it's still bugging me. We're _not_ authorizing the request, we're >> telling D-Bus that it's ok to ask the user if they want to authorize it. >> I'm hoping the example below will make this clearer. > > What about :authorizable? I don't like the alternative > :interactive-authorize; it's too long to type, and it's also not obvious > w/o knowing the context. It's a bit funky but good enough. Thanks! > >>> Furthermore, you haven't given an example. I really would like to see >>> how it works in practice. >> >> Sorry about that. To restart the bluetooth service, execute: >> >> (dbus-call-method >> :system >> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >> "org.freedesktop.systemd1.Manager" "RestartUnit" >> :authorize t >> "bluetooth.service" "replace") >> >> Assuming you have a polkit agent running (most DEs will run one by >> default, but agents like mate-polkit work pretty well standalone), >> you'll be prompted to authorize the operation and the bluetooth service >> will be restarted. > > Nice. I get an authorization prompt. > > However, on my Fedora 40 / Gnome 46 / systemd 255 system, it doesn't > matter, whether I use ':authorize t', ':authorize nil', or none of > them. Is interactive authorization enabled by default, and we don't need > to care about? It worked for me as well until a recent update (likely polkit 124 or systemd 256). I'm guessing one of these projects fixed a bug somewhere as it sounds like this flag should always have been required. >>>> +If the parameter @code{:authorize} is given and the following >>>> +@var{auth} is non-nil, the invoked method may interactively prompt the >>> >>> non-@code{nil} > >> Done and done (the info manuals are pretty inconsistent in this regard...). > > If you see it somewhere else in the manuals, it is an error. The rule is > to use @code{nil}, non-@code{nil}, and @code{t}. Feel free to correct this. I'll submit a separate patch. >>>> + /* Ignore this keyword if unsupported. */ >>>> + #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION >>>> + dbus_message_set_allow_interactive_authorization >>>> + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); >>>> + #endif >>> >>> #ifdef end #endif shall start in column 1. Futhermore, we need an #else >>> clause. There shall be an error or a warning, that :authorize is not supported. >> >> I'm going to disagree on this last point. The flag is specifying whether >> or not the D-Bus is _allowed_ to ask the user to ask the user to >> authorize requests which can fail for multiple reasons anyways (e.g., if >> no polkit agent is running, the user rejects the interactive >> authorization, etc.). >> >> If authorization is required and wasn't possible for some reason, >> D-Bus will return an error to the user anyways. So the user will get >> their warning either way _if_ something actually goes wrong. > > Good point. However, we shall support developers if they run into this > case. What about a debug message like > > --8<---------------cut here---------------start------------->8--- > #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION > dbus_message_set_allow_interactive_authorization > (dmessage, NILP (args[count+1]) ? FALSE : TRUE); > #else > XD_DEBUG_MESSAGE (":authorize not supported"); > #endif > --8<---------------cut here---------------end--------------->8--- Fair enough. I don't want to be too noisy (I want to be able to just add a blanket ":authorize t" to all my potentially privileged D-Bus calls), but we add the debug message and see what feedback we get. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-Support-interactive-D-Bus-authorization.patch >From 56ff5d1ed55303526f5789bab7ce2abf968f9bfb Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Thu, 4 Jul 2024 20:45:07 +0200 Subject: [PATCH] Support interactive D-Bus authorization When invoking D-Bus methods, let the user enable interactive authorization by passing an :authorizable t parameter. This makes it possible to D-Bus methods that require polkit authorization. * src/dbusbind.c (dbus-message-internal): Allow interactive authorization by passing :authorizable t. * lisp/net/dbus.el (dbus-call-method-asynchronously): Document the new parameter. * doc/misc/dbus.texi (Synchronous Methods, Asynchronous Methods): Document the new parameter. * configure.ac (HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION): Set a new variable if `dbus_message_set_allow_interactive_authorization' is available. --- configure.ac | 5 ++++- doc/misc/dbus.texi | 12 ++++++++++-- etc/NEWS | 6 ++++++ lisp/net/dbus.el | 8 ++++++++ src/dbusbind.c | 39 +++++++++++++++++++++++++++++++++------ 5 files changed, 61 insertions(+), 9 deletions(-) diff --git a/configure.ac b/configure.ac index 909f5786c9a..ee2ef1c60fb 100644 --- a/configure.ac +++ b/configure.ac @@ -3943,6 +3943,8 @@ AC_DEFUN dnl dbus_watch_get_unix_fd has been introduced in D-Bus 1.1.1. dnl dbus_type_is_valid and dbus_validate_* have been introduced in dnl D-Bus 1.5.12. + dnl dbus_message_set_allow_interactive_authorization was introduced + dnl in D-Bus 1.8.10. OLD_LIBS=$LIBS LIBS="$LIBS $DBUS_LIBS" AC_CHECK_FUNCS([dbus_watch_get_unix_fd \ @@ -3950,7 +3952,8 @@ AC_DEFUN dbus_validate_bus_name \ dbus_validate_path \ dbus_validate_interface \ - dbus_validate_member]) + dbus_validate_member \ + dbus_message_set_allow_interactive_authorization]) LIBS=$OLD_LIBS DBUS_OBJ=dbusbind.o fi diff --git a/doc/misc/dbus.texi b/doc/misc/dbus.texi index e5d867acd40..20d26c80d38 100644 --- a/doc/misc/dbus.texi +++ b/doc/misc/dbus.texi @@ -1208,7 +1208,7 @@ Synchronous Methods be called, and a reply message returning the resulting output parameters from the object. -@defun dbus-call-method bus service path interface method &optional :timeout timeout &rest args +@defun dbus-call-method bus service path interface method &optional :timeout timeout :authorizable auth &rest args @anchor{dbus-call-method} This function calls @var{method} on the D-Bus @var{bus}. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1223,6 +1223,10 @@ Synchronous Methods call doesn't return in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authorizable} is given and the following +@var{auth} is non-@code{nil}, the invoked method may interactively +prompt the user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. @@ -1302,7 +1306,7 @@ Asynchronous Methods @cindex method calls, asynchronous @cindex asynchronous method calls -@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout &rest args +@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout :authorizable auth &rest args This function calls @var{method} on the D-Bus @var{bus} asynchronously. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1321,6 +1325,10 @@ Asynchronous Methods no reply message in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authorizable} is given and the following +@var{auth} is non-@code{nil}, the invoked method may interactively +prompt the user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. diff --git a/etc/NEWS b/etc/NEWS index 3d2b86cfb6a..75771b0c05a 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom-image'. * Lisp Changes in Emacs 31.1 ++++ +*** Support interactive D-Bus authorization. +A new ':authorizable t' parameter has been added to 'dbus-call-method' +and 'dbus-call-method-asynchronously' to allow the user to interactively +authorizable the invoked D-Bus method (e.g., via polkit). + * Changes in Emacs 31.1 on Non-Free Operating Systems diff --git a/lisp/net/dbus.el b/lisp/net/dbus.el index dd5f0e88859..a50f3a93938 100644 --- a/lisp/net/dbus.el +++ b/lisp/net/dbus.el @@ -297,6 +297,10 @@ dbus-call-method method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authorizable' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: @@ -427,6 +431,10 @@ dbus-call-method-asynchronously method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authorizable' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: diff --git a/src/dbusbind.c b/src/dbusbind.c index 35ce03c7911..cf292944531 100644 --- a/src/dbusbind.c +++ b/src/dbusbind.c @@ -1314,7 +1314,7 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, `dbus-call-method', `dbus-call-method-asynchronously': (dbus-message-internal dbus-message-type-method-call BUS SERVICE PATH INTERFACE METHOD HANDLER - &optional :timeout TIMEOUT &rest ARGS) + &optional :timeout TIMEOUT :authorizable AUTH &rest ARGS) `dbus-send-signal': (dbus-message-internal @@ -1512,12 +1512,36 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, XD_SIGNAL1 (build_string ("Unable to create an error message")); } - /* Check for timeout parameter. */ - if ((count + 2 <= nargs) && EQ (args[count], QCtimeout)) + while ((count + 2 <= nargs)) { - CHECK_FIXNAT (args[count+1]); - timeout = min (XFIXNAT (args[count+1]), INT_MAX); - count = count+2; + /* Check for timeout parameter. */ + if (EQ (args[count], QCtimeout)) + { + if (mtype != DBUS_MESSAGE_TYPE_METHOD_CALL) + XD_SIGNAL1 (build_string (":timeout is only supported on method calls")); + + CHECK_FIXNAT (args[count+1]); + timeout = min (XFIXNAT (args[count+1]), INT_MAX); + count = count+2; + } + /* Check for authorizable parameter. */ + else if (EQ (args[count], QCauthorizable)) + { + if (mtype != DBUS_MESSAGE_TYPE_METHOD_CALL) + XD_SIGNAL1 (build_string (":authorizable is only supported on method calls")); + + /* Ignore this keyword if unsupported. */ +#ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION + dbus_message_set_allow_interactive_authorization + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); +#else + XD_DEBUG_MESSAGE (":authorizable not supported"); +#endif + + count = count+2; + } + else break; + } /* Initialize parameter list of message. */ @@ -1895,6 +1919,9 @@ syms_of_dbusbind (void) /* Lisp symbol for method call timeout. */ DEFSYM (QCtimeout, ":timeout"); + /* Lisp symbol for method interactive authorization. */ + DEFSYM (QCauthorizable, ":authorizable"); + /* Lisp symbols of D-Bus types. */ DEFSYM (QCbyte, ":byte"); DEFSYM (QCboolean, ":boolean"); -- 2.45.2 --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 03:53:12 2024 Received: (at 71969) by debbugs.gnu.org; 9 Jul 2024 07:53:12 +0000 Received: from localhost ([127.0.0.1]:52051 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sR5ex-0002Pl-NL for submit@debbugs.gnu.org; Tue, 09 Jul 2024 03:53:11 -0400 Received: from mout.gmx.net ([212.227.15.15]:40987) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sR5ev-0002PU-Uz for 71969@debbugs.gnu.org; Tue, 09 Jul 2024 03:53:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720511573; x=1721116373; i=michael.albinus@gmx.de; bh=OtdIvwwPOPd2l6J7fKaiVzYK1lvSv1o7v5qHzETRVJ8=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=Nvohu6//X/Yjv5ZVT25C9LO42JRRBSmyAMRqnNS9E4nQvZAJsNopIU9tdNZuHQPX N9aX08mIAw0B0PBz37/ZUP7MR+MZs77LGX5gpzhkgdQeBwAT+dmH4eHtHCALYGF0H 2kgqiPZEdhkXMnOr0Et5VYl30dEd+GemE4cfm9BdXBLwFaGfUKv+UYv1xk5ESqUiw QBIAC5qAeUBTkncFWwWHxomJr7yQ6AVjPiL9Nv7PPsotw/Yj7N2hElpEVMpKXR1nx Ft93kIzZUy5FMYE7MzGfrFfG4Gt7350GzN6PgsjHnwM0oc0RVxoyXMHtz/0tJ4wtk tXzdOOym1FI/DMib4Q== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1ML9yS-1sjAjn1WBW-00X6kw; Tue, 09 Jul 2024 09:52:53 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87sewk9fz9.fsf@stebalien.com> (Steven Allen's message of "Mon, 08 Jul 2024 15:21:30 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> Date: Tue, 09 Jul 2024 09:52:50 +0200 Message-ID: <871q43xar1.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:xvUd8tENIKa+t/lspMGbGvBMwa0eQDm+Wdnu+fJ7he3+i/hB75u h90u/UJtQtCs7t6zmwUTQVRl3dXdpTrPGtSWV/Umhr3caZp3auaeaXLM+weq+T7At/oH64B 8VdynMU56E8A+quzVzhzTT2Q2QE2DFt4D+UvpeDc2NkCHmWs9yZmPQ4FXdtl0CG/sEqgnAE iAgsnH5BOiUkf86xB/3KA== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:wcdHKdhU2A0=;1qGyzCu+a9I+SHNibKCNeLqehIc fXkPUCRlz9dc6GiNoLFhUrJkn4KKLcYIPukkblNcwY7YUxTGX287tfyfx5hd+O3TbZQXqCN9l LChHMdYMB4GE5/iR6EjRuQfVnnG3aTLlUL21zvooxXcBAGzxbcafu0JuBEgvJar+xg6nc0wpG NdyqWXQtnE+Unv4LFHhpJ10bsC/5SoC9ASTnQPbhMCPFbx5ebkfzrmIlhcVKPNDTVmnxUq5GY eTTUllo7sVvvL+o/1MzOrhk7Nio33Y0qTQYzUNbq014uO53C09zQOPmj5Jcjxc5QUvsD6K4cE 3FwCHW+7onGPt4wRincE3Wokc0R6fZYpSWkdD2EcrEKl5adXln0AeXK0xYr5MnY3XsRluFurS I4pQ0s1m0Upy5GVLRvjVfKoRxzEOl1nWchAV9le2II0BgqaUAsrFKZJNJqhq/TyDA5JazaGMD ThjBsCuCjBBjdS93jIr86VgXfoQX2XySLVaJzxPO4MoyKZLauCFacqGbHu7kyUnJV6KbKJing GO4EsmMV1DnAnRQpcv5SAn9ERrqDCqnJOturVXFo2vHDltWMNd6PzmVmuzAkrYo4+epA1YsUS Jz2NsQ4BFkliytzM08MWCPGYuUFl1kGGDh+ELykWGRjyBN2JWwhM+n1Zhik7DheXeODwL71WY M5hD42C9L0QN4elcTPXYIGr5vPKNgvX/4/487b8M6roRE+BSBFqzWW6ICfrhlC67MshWNriHp rNmwt+VRfdfihZM+SCOSw5qC/o9q9/vF+b64DkoTsZ2x7J/6PQDUuDqrxuMa1Ef7L8o29H4AX pH9Hpea8inprcwjykxke9dxp4BfxsneWy01mTMKedXO84= X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, >>> Sorry about that. To restart the bluetooth service, execute: >>> >>> (dbus-call-method >>> :system >>> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >>> "org.freedesktop.systemd1.Manager" [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.15.15 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, >>> Sorry about that. To restart the bluetooth service, execute: >>> >>> (dbus-call-method >>> :system >>> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >>> "org.freedesktop.systemd1.Manager" [...] Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.15.15 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Steven Allen writes: Hi Steven, >>> Sorry about that. To restart the bluetooth service, execute: >>> >>> (dbus-call-method >>> :system >>> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >>> "org.freedesktop.systemd1.Manager" "RestartUnit" >>> :authorize t >>> "bluetooth.service" "replace") >>> >>> Assuming you have a polkit agent running (most DEs will run one by >>> default, but agents like mate-polkit work pretty well standalone), >>> you'll be prompted to authorize the operation and the bluetooth service >>> will be restarted. >> >> Nice. I get an authorization prompt. >> >> However, on my Fedora 40 / Gnome 46 / systemd 255 system, it doesn't >> matter, whether I use ':authorize t', ':authorize nil', or none of >> them. Is interactive authorization enabled by default, and we don't need >> to care about? > > It worked for me as well until a recent update (likely polkit 124 or > systemd 256). I'm guessing one of these projects fixed a bug somewhere > as it sounds like this flag should always have been required. Hmm, I don't understand what you want to say. Anyway, I believe we shall add this feature to Emacs only when we have seen an example where it makes a difference. Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 05:09:42 2024 Received: (at 71969) by debbugs.gnu.org; 9 Jul 2024 09:09:42 +0000 Received: from localhost ([127.0.0.1]:52150 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sR6qz-0007EY-QA for submit@debbugs.gnu.org; Tue, 09 Jul 2024 05:09:42 -0400 Received: from fhigh2-smtp.messagingengine.com ([103.168.172.153]:56675) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sR6qk-0007E6-3T for 71969@debbugs.gnu.org; Tue, 09 Jul 2024 05:09:40 -0400 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailfhigh.nyi.internal (Postfix) with ESMTP id E62A51142294; Tue, 9 Jul 2024 05:09:14 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Tue, 09 Jul 2024 05:09:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1720516154; x= 1720602554; bh=xGEvUhjp7gj5mgxxZvvYu4J5DMwu8c833QsTa0xHRMI=; b=f SmcOB/nlKkSHnLiw+vkrjbYgEZn92WvN79lg3z+q928Glf/NGnjMo9CMVH3lRmlp WyOXJmYNkpE+a4w9tAOT9Q5ERkP2Icd263vyH3Q8BcIn73Gje8A0uVf2Ra4Fp8rV ApTTHsfLvD7SlzPWz2VaPlOQbLDH8QzLifTdwULdYR6v8TFTkgI/5COVIO+WU7j9 A1+E+IcX1KS9wU/jXewnEaPQay4J17gylbdlN/shsfk8iIEPabRW7UAKrPRerLjj GyFnWjFMT/mz91i1yZiS/w4xhGN+yldVgN5u8TNzsWm1s4zCYeHHHFCiul28YD58 Beyab7v2SVwwSOH5ok7Aw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1720516154; x=1720602554; bh=xGEvUhjp7gj5mgxxZvvYu4J5DMwu 8c833QsTa0xHRMI=; b=vZj8KsSyalueSjqADJ7ljaGSumxlhSDIlgTsC3msFIlq 9YVgiRSDoIcN5Mfq5+Bn9i2ucqdzQIwcjsTBRmewkhdJ+gHQwKkLCRlW1Ps4wDkw YvOIT7Gk1t8+S50ObeySQDcpey22prC0qgtebzXWBx24dfIs2zO8fCCWrwqPYi6q Ws9sbESxpoVx6wEr1bM6fvMii8AzpTab12R30jY6V86Gz4XJujSOdEVKLDWYQcmd 0a8kxzpC6otZqntnD1MgFpjMnllEVmqnldHWvkyBP1xDUea/TPvK1AHojWW2BmrR aRWxgqbsT77YxORBTa6IOE6BmBlXU8Zo2z7G286eHQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdelgdduvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhvfevufgjfhffkfggtgesthdtredttddttdenucfhrhhomhepufhtvghvvghn ucetlhhlvghnuceoshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhmqeenucggtffrrg htthgvrhhnpeejgfeuueeutdeikeffueevffejueffgeektefhhedvfffhgedtvdegieeh geejveenucffohhmrghinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepshhtvghvvghnsehsthgvsggrlhhivghn rdgtohhm X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 9 Jul 2024 05:09:13 -0400 (EDT) From: Steven Allen To: Michael Albinus Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <871q43xar1.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> <871q43xar1.fsf@gmx.de> Date: Tue, 09 Jul 2024 11:09:11 +0200 Message-ID: <87zfqr3pag.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Michael Albinus writes: > Steven Allen writes: > > Hi Steven, > >>>> Sorry about that. To restart the bluetooth service, execute: >>>> >>>> (dbus-call-method >>>> :system >>>> "org.freedesktop.systemd1" "/org/freedesktop/systemd1" >>>> "org.freedesktop.systemd1.Manager" "RestartUnit" >>>> :authorize t >>>> "bluetooth.service" "replace") >>>> >>>> Assuming you have a polkit agent running (most DEs will run one by >>>> default, but agents like mate-polkit work pretty well standalone), >>>> you'll be prompted to authorize the operation and the bluetooth service >>>> will be restarted. >>> >>> Nice. I get an authorization prompt. >>> >>> However, on my Fedora 40 / Gnome 46 / systemd 255 system, it doesn't >>> matter, whether I use ':authorize t', ':authorize nil', or none of >>> them. Is interactive authorization enabled by default, and we don't need >>> to care about? >> >> It worked for me as well until a recent update (likely polkit 124 or >> systemd 256). I'm guessing one of these projects fixed a bug somewhere >> as it sounds like this flag should always have been required. > > Hmm, I don't understand what you want to say. > > Anyway, I believe we shall add this feature to Emacs only when we have > seen an example where it makes a difference. > > Best regards, Michael. I meant that `dbus-method-call` worked without `:authorize t` for me as well until I updated my system. Testing both systemd and fwupd, it appears that the issue was caused by upgrading to systemd 256 (available on Arch Linux but not Fedora 40). That is, systemd 256 requires `:authorize t` while fwupd does not. >From what I can tell, this change was introduced in this [1] systemd PR. Specifically, this comment: This also fixes a bunch of wrong uses of the "interactive" bool. The bool makes no sense today as the ALLOW_INTERACTIVE_AUTHORIZATION field in the D-Bus message header replaces it fully. [1]: https://github.com/systemd/systemd/pull/30565 From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 08:10:38 2024 Received: (at 71969-done) by debbugs.gnu.org; 9 Jul 2024 12:10:38 +0000 Received: from localhost ([127.0.0.1]:52301 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sR9g5-0005yD-RZ for submit@debbugs.gnu.org; Tue, 09 Jul 2024 08:10:38 -0400 Received: from mout.gmx.net ([212.227.17.21]:58157) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sR9g3-0005xz-Ea for 71969-done@debbugs.gnu.org; Tue, 09 Jul 2024 08:10:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720527021; x=1721131821; i=michael.albinus@gmx.de; bh=/HmSQqzZthzmH2KaU9Oo8gDGt36wxGIjQJTBAKnqN0I=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=pd+sZDQUedxCUY8S9giQJ427rDeW9NJbR5lE31QCPrjs3c3JsTbLb5iEw2Y0Q1A0 L61vfHzHrIRX7qaW9OHknNbseOVMParZryrDzXSAhqf4BPqioHOOEYj9mkh+xnzrj 88LLHFJDC50d2H3ZlL0/vulFcsSYMiSRfmf+QnyQbo8ss5uV6N+APdDBiNNBEWo0X kT39etblJgcNLZ/CbX5i1LVz4WsStqzewvyLT7C7R2AWq3CLZ8xTR9L8x3GnnIq3H s9FseXrTBbBGoB/DxoLG9THrlVkJ72mHBXyQW7M+bb7wg2SBFqiLL0kY51IGspwSr PMhcsaoBgRbd8QdhTA== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1Mqb1c-1s5HBM3kXI-00d6V9; Tue, 09 Jul 2024 14:10:20 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87zfqr3pag.fsf@stebalien.com> (Steven Allen's message of "Tue, 09 Jul 2024 11:09:11 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> <871q43xar1.fsf@gmx.de> <87zfqr3pag.fsf@stebalien.com> Date: Tue, 09 Jul 2024 14:10:20 +0200 Message-ID: <871q42936b.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:PA36or0QN8pgr2uvipMozaX8hv+4v3U8fRrsVRgOxX2V+qmXX/e aiAtVsvfJ6gSIvQMCAPBQ3nmW3Ktctyw4wsc9qDfioqDcdYayQWTF8NsxpH9Lmk306jE1Tf TSFDSwV8t7/iijWOYZFx3ojp5jntbNtuvM8RMZMNxotd7lfSMr7cdwR+DvHyUJQWi61DCCb pxEncX7Gb2GOnUBp0fuKw== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:oxKngPQivVU=;HnGQ9rhI6TBT8cHjZJ4nfKGVAP/ k2jcb90IgajxjZoDL7SKggnQ8kT9QH6wvgszSciGrHfuYSdKckfhtrWh48zbvEC1Bon/G4nhE 39sYJcn3WypetoMRGuG7V3i1cL/OOPegJonbEbB3E0VFsrujzXcVZ/PxCG4s0FIulCvrjErrl QWb0ZJpAgJJsQwLeT7cv/LI/0WvpMdYV/YfUIOTb8KewV1+PwKF4pTMU1TfQfLpN/geetuWYE x5cvmlhf/fbz06GXSN8iqlSp3IQmpzuAbrBRnXsjccr7t3f/X3Mgw6b7qWz0ECtM1hasC26oQ gscbUhAGbwdm/H082I6OIfc9DkKm54As9hFJ+nR60fFXolqhJiWGwooM/xs2MbGY6TLywPFTF LaES85NK45UYpCDwtHE6w3cEvuwFuwcYCYsqW03lgXvtFQoObiNji67xN5nJ3Jztpu02+yB0a 1aM3esVHQtaNc6moFl6qzyJTPGCkVa+YhHW4CDAZNPHg9FYfu+0nNxp68Nv4/kTposAI5MAyz LkxvWYOuyUWbopJIbukJVdmf75ECDPW3ffF7f9ZmuZDOZSBeEoh3y+4ZMA+9ia57L06PSSKFp JUgpZbBAx4p2MG4wv60tXgsfphyDNaultAuRaN7WDbOm6OjnspvjNHkbv2iFiK0mCM/bThUiW b+Z7BuGQDr0QwUUjJ8C09V8iWdLgV16onK0pSHUFTF8UEquNsiGXfH2yqJYeitnZASQvLBlaL Lym7gcw/IMbcsdNVclJH6nj6JOMqWi3iaOdvDrQvsInyOMHOIGmZX62pdnWHWdk40l0KhPs3k 3DNNn/p7Jt8sGZZXoWooTUnwGqD3HjpqKgJJhPh0cxbG4= X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Version: 31.1 Steven Allen writes: Hi Steven, Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Debbugs-Envelope-To: 71969-done Cc: Eli Zaretskii , 71969-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Version: 31.1 Steven Allen writes: Hi Steven, Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Version: 31.1 Steven Allen writes: Hi Steven, > I meant that `dbus-method-call` worked without `:authorize t` for me as > well until I updated my system. Testing both systemd and fwupd, it > appears that the issue was caused by upgrading to systemd 256 (available > on Arch Linux but not Fedora 40). That is, systemd 256 requires > `:authorize t` while fwupd does not. > > From what I can tell, this change was introduced in this [1] systemd PR. > Specifically, this comment: > > This also fixes a bunch of wrong uses of the "interactive" bool. The > bool makes no sense today as the ALLOW_INTERACTIVE_AUTHORIZATION > field in the D-Bus message header replaces it fully. > > [1]: https://github.com/systemd/systemd/pull/30565 Thanks for the explanation. I've installed systemd 256 from Fedora rawhide on my system, and now I see the same behavior. I've installed your patch to the Emacs master branch. Closing the bug. Do we need to mention somewhere in the doc, that this is needed starting with systemd 256? Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 11:45:30 2024 Received: (at 71969) by debbugs.gnu.org; 9 Jul 2024 15:45:30 +0000 Received: from localhost ([127.0.0.1]:53914 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRD22-0006hL-60 for submit@debbugs.gnu.org; Tue, 09 Jul 2024 11:45:30 -0400 Received: from mout.gmx.net ([212.227.15.18]:48743) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRD1w-0006h2-IT for 71969@debbugs.gnu.org; Tue, 09 Jul 2024 11:45:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720539910; x=1721144710; i=michael.albinus@gmx.de; bh=2SxAO7S61sD1+x8cDZCbKbxmLmDVX8wbX3RlMkU6ld0=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=RQ4ShpJZ8PzEjAkzs5rEQRDMGDsuHVKfb3uFV9AGKQ8v6oZaYg1wjBLYsfHViU4t n0DkE+BnSRkLMhn8LIrnkCtA4cUB8FmTqWQPS+1PAkJlLqa1ojUdFuCxPn3bMQ1Uj JjJL27DCemqw9pB0/qMiufsXt/+zX84wO+tXiTx114SZEn3I6oiuj9kxSmdRIDIA2 uErxjBhpdGWLDCpQRNmYmWSFVwNqMZERaOD4qNP5KICvdzMDbcZRSaIbvaJn8XJX8 o81pVGWQrxpgNe575ObbFhslh62q/WMEHVFpGQpyWuT5rUkYZp8T/QgBkfOaBepV/ 5gYaqCD28NB8tJ0Wlw== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MeU4s-1rr3OU1H1A-00qQMT; Tue, 09 Jul 2024 17:45:10 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87sewk9fz9.fsf@stebalien.com> (Steven Allen's message of "Mon, 08 Jul 2024 15:21:30 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> Date: Tue, 09 Jul 2024 17:45:07 +0200 Message-ID: <87ttgy8t8c.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:j5S2n6RU0Qtvu4VHcGt8ojFnAGVwV06QA8NgVeSmXAQLHENJIpF NJ8eW4VVU+P0dVi/lLk2fNTHrweADHJ9raZr7zysg0XUl+HwfpMUID12oiudMuzMnbtYe7G oF3QMpSOCLb1i4RgRr3KMwPL2E5HK9ouX95A5vkNz74DgTTZTCm2MBPplSbzelsWCT2XwcN jdMs90mfxQnZ5joYy9++A== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:U3M8j6R9wWU=;JPEg3Ga1sohvIXXl3YwAU8zaIbD d9FSCSLpGDa2SrpJtOLeMVL/WEamHSwUMSDriOc7+esFgwIDML+LoltIYFsOgYQ97ZLA7pdj3 jdMVBKW2SGm+gRCUGmndGjgWqhk5EbZZu9BhQPuFiHsvrA/qenRT1KP83YyEyscDEZPTB/gVW p8Ow72Ry71KMXFdO3cJbw+PDQuL3ETPHVbWekPtPMvBkFEve7v81z2ValvRPkL73CmSEE4hh3 vZC1OlyKnpv66S9J5bQaGrR69k2DSy1v/KUCqSDhSl5p/vqYkf37YMgP0GNTcV7ZaWb6NS7Pq iSKvggx2ruAb+juki3O7WsxTc2TsdFLsU5H8W/yF2VwWYsGykdbuFKs9W9P+vecodVyXRSJmX 45h+E63mCqlgjEiM0mhtGZfmhN4kSvm9dXf2sEu9QeXyOGvwsq4FpLu48X1wO9r4SXM1T0hfR /jxjnogr6WI79g71k4TPmnPMPwKZy/ilRJkJzjeYEeI9Gnahi6ujHmv5bK5sDX8mHZiyiUIk6 9Je/v8x0/a3xTGe3fXgTCKp3G/bLWbrO1fJWCOwDmsnXSIxDNvHeVvBZyz2AKGnBX3Dw4LJbK A9kJPLIHZ+xGSriNb6+hzSQ25hUAYSuUn4EI39+98f+JAUqkEGYHEp5GLyIOQ1rn9X8bC2beA 6l/2Ot1tn1L/aDJRxN2361+i8PofGRn6nlYagcmH0FbeIzPFgPt3BcSxwxvpUHOc7IgdK//aO ofXSU3yHSdqixHELhho/2abOZvs1JpZj3dZECKw3jExTMk7CU4RsUa35Pt5EFfiHLHEEE4yM1 y+0oj0XsvA50X5NZ/fpaA/fQ== X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, > (I want to be able to just add a blanket ":authorize t" to all my > potentially privileged D-Bus calls) Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.15.18 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, > (I want to be able to just add a blanket ":authorize t" to all my > potentially privileged D-Bus calls) Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.15.18 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Steven Allen writes: Hi Steven, > (I want to be able to just add a blanket ":authorize t" to all my > potentially privileged D-Bus calls) That's not needed anymore. I've added a warning when we get "org.freedesktop.DBus.Error.InteractiveAuthorizationRequired", so you don't need to add the :authorizable argument proactively. Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 15:28:43 2024 Received: (at 71969) by debbugs.gnu.org; 9 Jul 2024 19:28:43 +0000 Received: from localhost ([127.0.0.1]:54133 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRGW3-00049t-3q for submit@debbugs.gnu.org; Tue, 09 Jul 2024 15:28:43 -0400 Received: from fhigh8-smtp.messagingengine.com ([103.168.172.159]:43707) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRGW1-00049e-4Q for 71969@debbugs.gnu.org; Tue, 09 Jul 2024 15:28:42 -0400 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailfhigh.nyi.internal (Postfix) with ESMTP id 526BA1140DEC; Tue, 9 Jul 2024 15:28:30 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 09 Jul 2024 15:28:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1720553310; x= 1720639710; bh=/Ub/ys3jFsqyss1jtISE9Dk6KpIJaFkBku3cKK4ARMw=; b=F l3GL7Nh6vMN/W/8h5J1lVDGRCd/KlyW/ZHNXYOyDkz9iIWzRncDQeDFTImDBWDjK UAu81+HKjFkf6QJylwVzQXh4xMAnlfqZJ5Sth11BnPk1g0G+QroaZdaoUQx1X75P zW8ELB3v7sfRh+DrRTWvT+9Aa1RJ46+618+BK9Jn07bSdDNCRX1XitFVgUqSFOgm DUtaUAuLO48QDQphaxXaGNCktPftaknNZxGWjxeli4NTTOhCXanRHDEKMpLlXN/r Azw9TcvemKnXnoJl6CJOkNkrfl7dqkVfJkz58WbfeVlHKBV6wdOz6WvSG/lIGc/D KfpEuWQeeqR5fg2Qlr4Ng== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1720553310; x=1720639710; bh=/Ub/ys3jFsqyss1jtISE9Dk6KpIJ aFkBku3cKK4ARMw=; b=DO/sB/Ju7HIko9QGRgLGqf4MP79XlMtuFaW0utdZQRb4 V6Znf4lvm9nTQqbIqFuVckvP32aS/jk9Lg4Xi2CmJlH8RHNd7wG1mazVl1WlxGVm 4eyDF2PBdNvNprJfgwQZffonmiTi24GdnEnh3SeHuqf3DJ3c4XAGtI5yQT/ZDluS CsUdhxk6qGwo2y8P/pXu1SQF0rxBSYMagFKJa0gLPH900HxPXlnVm9dkpbaAuAAj gKurVpfSUQRRyy8Glr7zZRox3BH8bciqzhjZlhfltOFr1uZCWZ9Q1ZC9PRbaynlL xwH104ymoQb5b0w+R5Np2+v00AWA38UexrzpUbPI7g== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdelgddufeelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefujghffffkgggtsehttdertddttddtnecuhfhrohhmpefuthgvvhgv nhcutehllhgvnhcuoehsthgvvhgvnhesshhtvggsrghlihgvnhdrtghomheqnecuggftrf grthhtvghrnhepvdekheekgeelheehgefgudelkeethffhgfeuffetkeegtddvfeduuddt tdejjedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhm X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 9 Jul 2024 15:28:28 -0400 (EDT) From: Steven Allen To: Michael Albinus Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87ttgy8t8c.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> <87ttgy8t8c.fsf@gmx.de> Date: Tue, 09 Jul 2024 21:28:26 +0200 Message-ID: <877cdugyat.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Michael Albinus writes: >> (I want to be able to just add a blanket ":authorize t" to all my >> potentially privileged D-Bus calls) > > That's not needed anymore. I've added a warning when we get > "org.freedesktop.DBus.Error.InteractiveAuthorizationRequired", so you > don't need to add the :authorizable argument proactively. > > Best regards, Michael. Ah, that's a good idea. IMO, that also addresses: Do we need to mention somewhere in the doc, that this is needed starting with systemd 256? (that is, no, we probably don't need to call it out explicitly) Thanks for getting this all merged and thanks for writing the tests (forgot you asked me to do that, sorry). - Steven From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 15:34:22 2024 Received: (at 71969) by debbugs.gnu.org; 9 Jul 2024 19:34:22 +0000 Received: from localhost ([127.0.0.1]:54146 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRGbV-0004K0-SZ for submit@debbugs.gnu.org; Tue, 09 Jul 2024 15:34:22 -0400 Received: from mout.gmx.net ([212.227.15.19]:41237) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRGbT-0004Jm-Fx for 71969@debbugs.gnu.org; Tue, 09 Jul 2024 15:34:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720553645; x=1721158445; i=michael.albinus@gmx.de; bh=k2kXqfx5FrMDE8i3vLAM+ea21W2qfCWszp1gyNVJ7zs=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=NhTe/e/u2zInYuZ59fSciqW1VebFTeyh7znA6T9d/6NYpmef1stCz5oNX0cvMSOM 3s5HYV8vhggruyTvg9CELfapMacvEfsOTrEb3kvubam9hh3l7eI6m+JjVxWHZBuwl 0AyDnFpUqFI62x1S+z03Gi48iw5vOXUy3bHbT5RqkOqvip379mLfvWpikVjk823ut mbfSCIytm+JDQGS8ePSWb0iVrdI6Sx/OJczHlKdgr9HWwSlDtXUo8mVAyQ/ujKcPt WRNNGdwPHw4RuZLYj9b96TysCC4sTHmfO4rHjrcwqqmCG4STlWg3aLXy2sExLzHtr mqRbwc2DpnuAi9cb2g== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MZCfD-1svsR20yZ7-00TCO3; Tue, 09 Jul 2024 21:34:05 +0200 From: Michael Albinus To: Steven Allen Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <877cdugyat.fsf@stebalien.com> (Steven Allen's message of "Tue, 09 Jul 2024 21:28:26 +0200") References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> <87ttgy8t8c.fsf@gmx.de> <877cdugyat.fsf@stebalien.com> Date: Tue, 09 Jul 2024 21:34:03 +0200 Message-ID: <87le2a8ims.fsf@gmx.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Provags-ID: V03:K1:VE+S5bqrdybOWRTNlJ9hdWOweHIjfXiHGdheRDBo/ZrQxK17Hie x2iGr+GsvXPkTSZxpWWXBrmIzFy76ocTkByZd1jA5KlPXubkEo/Rk27uoeiFUaa55zpIX1Q u6qEUvePyzfiVDUWWp2gU5B0oVBKI1tEje659Ph1unz23CFY76BjUwyApx+OCL15+nb5qc2 QiIJO+9qlN1MCM66iDAMA== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:v0dMVrGzDPY=;dT4MHx/XHtEcEXrzAy/CXZbG+La ykZlDhQSk0hKFWmuVhnU4o2jRlq/2r3xOitdF7SU5VqqUugnNQxTZ9uzSQt3CVc3tEMSE2XIo CtOIwlXwcas4bF9XrUsi5A9Qunq23GjohDafwqCwADukK5pDlrvUIkedA0m1mysaVnTzJCj1t fnutEQT05VIBR/uWmcJklvBkvvrJ2F1gvTcFTpSkO5u35eWkdJ9fXxm4gtqgbvHN6u85ZTBlD Y62wmIVluKsG94K2X98YFmtpeZVEQHZyknEgf1g80tYe2pwl3ltgD1bvEL8u0M8rbQ33autGz 8uPKPGsRIoMCeyxFNBRV9gEQ7NHq7Xb0RImW2qITt2XqKhv9NoxmFzhsuyoG7VkNdX9yQJNR+ U4BMypXyYFC7FToeY/TWDBsuGLQ+8rCTayakU3i1win7473FcAZ8B6c5TgBrZFELtXLCxdcht vZ9IKfA5UZVlbZ9RCOe2nVMJPJN5rrYsNxoAz+RGI0qCaCAu1+yiqQJFpr1avuItuB/wX4hn5 Y+Dm7vfQQ/+vyxu7w+pY4dtfk/gjxFRUwAjAT93v2omUpsAPaOawtjplqG5LPy6AqMh/dOLel g2r2RzsKadrcPM7fhhg3sRCmHgcymMG1j462bDBwkNXSi0foWUn6c/qq1JuxZ+r3SPxRC+tWS lTK4URwsI4BuYdIUOy9vS07vOqo+A7pkHbwQtOYoU5zHwsVtJBFo9kSMPx+UplcT05XzKvsUG VCkvTRd9UEv7/1Ezs1o+RNDPtvSSe9+h2L/Z9KyrIbT6N4uuz7Lt1ZSpArpVl8E7C7FAN7MMP 0jQXg/SrZKbdikc8Zv2asskdqE4t5Rev4EAyr72sgIKRE= X-Spam-Score: 2.9 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, > Ah, that's a good idea. IMO, that also addresses: > > Do we need to mention somewhere in the doc, that this is needed > starting with systemd 256? > > (that is, no, we probably don't need to call it [...] Content analysis details: (2.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.15.19 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [212.227.15.19 listed in wl.mailspike.net] X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.9 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Steven Allen writes: Hi Steven, > Ah, that's a good idea. IMO, that also addresses: > > Do we need to mention somewhere in the doc, that this is needed > starting with systemd 256? > > (that is, no, we probably don't need to call it [...] Content analysis details: (1.9 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.15.19 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [212.227.15.19 listed in wl.mailspike.net] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [185.89.38.155 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (michael.albinus[at]gmx.de) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager Steven Allen writes: Hi Steven, > Ah, that's a good idea. IMO, that also addresses: > > Do we need to mention somewhere in the doc, that this is needed > starting with systemd 256? > > (that is, no, we probably don't need to call it out explicitly) OK. But perhaps, you could add your bluez example to dbus.texi? It was very helpful for me, and other people might profit from it as well. > Thanks for getting this all merged and thanks for writing the tests > (forgot you asked me to do that, sorry). > > - Steven Best regards, Michael. From debbugs-submit-bounces@debbugs.gnu.org Tue Jul 09 15:54:36 2024 Received: (at 71969) by debbugs.gnu.org; 9 Jul 2024 19:54:36 +0000 Received: from localhost ([127.0.0.1]:54159 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRGv6-0004nQ-3R for submit@debbugs.gnu.org; Tue, 09 Jul 2024 15:54:36 -0400 Received: from fhigh1-smtp.messagingengine.com ([103.168.172.152]:36565) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sRGv4-0004n7-9U for 71969@debbugs.gnu.org; Tue, 09 Jul 2024 15:54:34 -0400 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailfhigh.nyi.internal (Postfix) with ESMTP id 5C6181140680; Tue, 9 Jul 2024 15:54:23 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 09 Jul 2024 15:54:23 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stebalien.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1720554863; x= 1720641263; bh=6Zr1ZqKu6Ve9UlV0nhOGsuik08vod8DUDUfKWUruU0o=; b=W vZSGwahbBf7Z91DgdWiRWIWv8zvFGA/3A6in6t4jEGe0PL68UsYwWeTw/Ng/WoSr nKoN4c96oHzHagPCW/XWHISs7liFS0E8+vuCAEN5pgmUrDtcRYplPmM/mtYyvObN fBGA1TRmozqL6q/NBRvSzqwRZJQc6VfYMLTuObBjt2xelBtqbq7NR7lX6lBURZGh c/nLKEa1l67Hbm0dL042zlEchtYpVcDXHR9RPOXUhY8RzGR8s10avixSRemdUNb3 ueqa7iniwUdtgvYe/7Yd18vTPJLUhIaR8lppinM5D6kw8e1yS0g0fUslSVC9Wenv 1WZrYqb9Auhp++TYxxdHQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1720554863; x=1720641263; bh=6Zr1ZqKu6Ve9UlV0nhOGsuik08vo d8DUDUfKWUruU0o=; b=Idc4aOeiNraemBNw/C3U7ZMRb7Dos7trsd9HYupweivv oPdFSdJWaeyYOOFt8ZKbZiyywNW/eMdsQP6CkwAlkEt9Md2W9b2dCX1Cs6pnrer6 2cM7dKWE8yw1qrB0Lj5JXov+T7+lh+HzwIgRPf0ygk1hqOaVbABXUalAej5P7M6q NEZaDFUEKlJL7oDHA+AoGa4unL6xPZde3zESwNRCsES3uQoBIQIYRnkwLz3TTPi+ JZg8B/cm+7qlD7fHaFdba4fDKCbA2rhyeVMPTuQz31UHiObMEpwkOocS4m5hheMP 0OFdEyn7xMOh9/5b9KRnQEqfrA8P8HQEiJP8fC3mYQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvdelgddugeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefujghffffkgggtsehttdertddttddtnecuhfhrohhmpefuthgvvhgv nhcutehllhgvnhcuoehsthgvvhgvnhesshhtvggsrghlihgvnhdrtghomheqnecuggftrf grthhtvghrnhepvdekheekgeelheehgefgudelkeethffhgfeuffetkeegtddvfeduuddt tdejjedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epshhtvghvvghnsehsthgvsggrlhhivghnrdgtohhm X-ME-Proxy: Feedback-ID: ie8a146a7:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 9 Jul 2024 15:54:21 -0400 (EDT) From: Steven Allen To: Michael Albinus Subject: Re: bug#71969: [PATCH] Support interactive D-Bus authentication In-Reply-To: <87le2a8ims.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> <87le2coym4.fsf@gmx.de> <87sewk9fz9.fsf@stebalien.com> <87ttgy8t8c.fsf@gmx.de> <877cdugyat.fsf@stebalien.com> <87le2a8ims.fsf@gmx.de> Date: Tue, 09 Jul 2024 21:54:19 +0200 Message-ID: <871q42batw.fsf@stebalien.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 71969 Cc: Eli Zaretskii , 71969@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Michael Albinus writes: > Steven Allen writes: > > Hi Steven, > >> Ah, that's a good idea. IMO, that also addresses: >> >> Do we need to mention somewhere in the doc, that this is needed >> starting with systemd 256? >> >> (that is, no, we probably don't need to call it out explicitly) > > OK. But perhaps, you could add your bluez example to dbus.texi? It was > very helpful for me, and other people might profit from it as well. Can do (that and fixing the non-nils), but I may not get to it for a few days. From unknown Wed Jun 18 23:10:05 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Wed, 07 Aug 2024 11:24:11 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator