Ubuntu
policykit-1 package

polkitd crashes with segfault with specific config file

Bug #1959103 reported by Ralf Schulze
22
This bug affects 4 people
Affects Status Importance Assigned to Milestone
policykit-1 (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

The following config file in `/etc/polkit-1/localauthority.conf.d/02-allow-colord.conf` can cause a segfault in `polkitd`.

```
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.color-manager.create-device" ||
action.id == "org.freedesktop.color-manager.create-profile" ||
action.id == "org.freedesktop.color-manager.delete-device" ||
action.id == "org.freedesktop.color-manager.delete-profile" ||
action.id == "org.freedesktop.color-manager.modify-device" ||
action.id == "org.freedesktop.color-manager.modify-profile") &&
subject.isInGroup("{group}")) {
return polkit.Result.YES;
}
});
```

1. As normal user: `systemctl restart cron.service`
2. Error message `Failed to restart cron.service: Message recipient disconnected from message bus without replying`
3. `dmesg` reports:

```
   58.003893] polkitd[963]: segfault at 8 ip 0000558a96789856 sp 00007ffda31e45f0 error 4 in polkitd[558a96784000+f000]
[ 58.003899] Code: 50 c7 ff ff 4d 89 e5 48 89 44 24 08 eb 53 66 0f 1f 44 00 00 48 8b 44 24 10 48 89 e9 be 10 00 00 00 31 ff 48 8d 15 0b af 00 00 <4c> 8b 40 08 31 c0 e8 af cb ff ff 48 8b 7c 24 10 e8 65 c9 ff ff 4c
``

If you remove the 02-allow-colord.conf the segfault goes away and you are normally prompted for a password. You can also find a couple of references in the internet, e.g http://c-nergy.be/blog/?p=12043.

Tags: patch
Revision history for this message
Ralf Schulze (ralf-schulze) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in policykit-1 (Ubuntu):
status: New → Confirmed
Revision history for this message
Lukasz Klimek (lklimek) wrote :

I had similar issue with the following config:

[steam-network-perm]
Identity unix-user:gry
Action org.freedesktop.NetworkManager.settings.modify.system
ResultActive no
ResultInactive no
ResultAny no

This is due to some programming bug when handling config files. Attached patch fixes the issue for me.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "fix-config-error-handling.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Ryan Friedman (ryanf55) wrote (last edit ):

I also have this bug on Ubuntu 22.04 following this guide, aside from setting it to my user.
https://code.luasoftware.com/tutorials/linux/ubuntu-prompt-system-policy-prevents-modification-of-network-settings-for-all-users

[Let all users modify system settings for network]
Identity=unix-user:ryan
Action=org.freedesktop.NetworkManager.settings.modify.system
ResultAny=no
ResultInactive=no
ResultActive=yes

Version: libpolkit-agent-1-0/jammy,now 0.105-33 amd64 [installed,automatic]

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.