From 177da7f3a27227ea94b6397811150c9b1040b77a Mon Sep 17 00:00:00 2001 From: Kevin Yue Date: Thu, 26 May 2022 11:56:06 +0800 Subject: [PATCH] Revert "Revert "fix: improve the dbus security"" This reverts commit ffa99d3783641b72a9ed96b187a38c59d3f67472. --- GPService/CMakeLists.txt | 8 +++++++- GPService/dbus/com.yuezk.qt.GPService.conf | 18 ----------------- GPService/dbus/com.yuezk.qt.GPService.conf.in | 20 +++++++++++++++++++ debian/rules | 2 ++ packaging/aur/gp.install | 5 ++++- packaging/obs/globalprotect-openconnect.spec | 2 ++ 6 files changed, 35 insertions(+), 20 deletions(-) delete mode 100644 GPService/dbus/com.yuezk.qt.GPService.conf create mode 100644 GPService/dbus/com.yuezk.qt.GPService.conf.in diff --git a/GPService/CMakeLists.txt b/GPService/CMakeLists.txt index 98e6b9b..7f20655 100644 --- a/GPService/CMakeLists.txt +++ b/GPService/CMakeLists.txt @@ -4,6 +4,12 @@ project(GPService) set(gpservice_GENERATED_SOURCES) +execute_process(COMMAND logname OUTPUT_VARIABLE CMAKE_LOGNAME) +string(STRIP "${CMAKE_LOGNAME}" CMAKE_LOGNAME) + +message(STATUS "CMAKE_LOGNAME: ${CMAKE_LOGNAME}") + +configure_file(dbus/com.yuezk.qt.GPService.conf.in dbus/com.yuezk.qt.GPService.conf) configure_file(dbus/com.yuezk.qt.GPService.service.in dbus/com.yuezk.qt.GPService.service) configure_file(systemd/gpservice.service.in systemd/gpservice.service) @@ -65,7 +71,7 @@ target_link_libraries(gpservice target_compile_definitions(gpservice PUBLIC QAPPLICATION_CLASS=QCoreApplication) install(TARGETS gpservice DESTINATION bin) -install(FILES "dbus/com.yuezk.qt.GPService.conf" DESTINATION share/dbus-1/system.d ) +install(FILES "${CMAKE_CURRENT_BINARY_DIR}/dbus/com.yuezk.qt.GPService.conf" DESTINATION share/dbus-1/system.d ) install(FILES "${CMAKE_CURRENT_BINARY_DIR}/dbus/com.yuezk.qt.GPService.service" DESTINATION share/dbus-1/system-services) install(FILES "gp.conf" DESTINATION /etc/gpservice) diff --git a/GPService/dbus/com.yuezk.qt.GPService.conf b/GPService/dbus/com.yuezk.qt.GPService.conf deleted file mode 100644 index 41069f1..0000000 --- a/GPService/dbus/com.yuezk.qt.GPService.conf +++ /dev/null @@ -1,18 +0,0 @@ - - - - - - - - - - - - diff --git a/GPService/dbus/com.yuezk.qt.GPService.conf.in b/GPService/dbus/com.yuezk.qt.GPService.conf.in new file mode 100644 index 0000000..7e4d36c --- /dev/null +++ b/GPService/dbus/com.yuezk.qt.GPService.conf.in @@ -0,0 +1,20 @@ + + + + + + + + + + + + + + + + + + diff --git a/debian/rules b/debian/rules index 6637bfa..5e1130b 100755 --- a/debian/rules +++ b/debian/rules @@ -10,4 +10,6 @@ export DEBIAN_PACKAGE=1 %: dh $@ override_dh_installsystemd: + # Update the the dbus user to logname + sed -i "/LOGNAME/N;s/user=\".*\"/user=\"$(logname)\"/" /usr/share/dbus-1/system.d/com.yuezk.qt.GPService.conf dh_installsystemd gpservice.service diff --git a/packaging/aur/gp.install b/packaging/aur/gp.install index e2cabbc..7ae9062 100755 --- a/packaging/aur/gp.install +++ b/packaging/aur/gp.install @@ -1,8 +1,11 @@ post_install() { + # Update the the dbus user to logname + sed -i "/LOGNAME/N;s/user=\".*\"/user=\"$(logname)\"/" /usr/share/dbus-1/system.d/com.yuezk.qt.GPService.conf + systemctl enable gpservice.service systemctl restart gpservice.service } post_upgrade() { post_install -} \ No newline at end of file +} diff --git a/packaging/obs/globalprotect-openconnect.spec b/packaging/obs/globalprotect-openconnect.spec index 51936f4..2bd5047 100644 --- a/packaging/obs/globalprotect-openconnect.spec +++ b/packaging/obs/globalprotect-openconnect.spec @@ -33,6 +33,8 @@ A GlobalProtect VPN client (GUI) for Linux based on OpenConnect and built with Q %post +sed -i "/LOGNAME/N;s/user=\".*\"/user=\"$(logname)\"/" /usr/share/dbus-1/system.d/com.yuezk.qt.GPService.conf + %if 0%{?suse_version} %service_add_post gpservice.service %else