© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Hi Bryan,
I advise against SRUing the current patch to focal, based on the following:
1) I have not been able to reproduce the original problem on focal - but could
see it on disco
2) The changelog for the fix states
- Wrap pkexec call in /bin/sh to workaround requirement
that PPID not be 1. (LP: #1821412)
- Don't use G_SPAWN_
zombie processes.
3) PPID == 1 is a valid concern, given this code from polkit-1 pkexec.c: /* Figure out the parent process */ pid_of_caller = getppid (); if (pid_of_caller == 1)
{
/* getppid() can return 1 if the parent died (meaning that we are reaped
* by /sbin/init); In that case we simpy bail.
*/
g_printerr ("Refusing to render service to dead parents.\n");
goto out;
}
4) Without the patch, ppid is the systemd pid (not 1)
5) With the patch, ppid is still systemd (and still not 1), which suggests that
the change doesn't make the situation any better - and extracting the
before/after usage of g_spawn_async into a test program provides equivalent
results.
Let's discuss further if you have any concerns.