-
Simon McVittie authored
In the well-known system dbus-daemon, it's desirable to avoid looking up non-numeric authorization identities in the user database, because that could deadlock with NSS modules that directly or indirectly require the system bus. Add a flag for whether the username will be looked up in the userdb, and don't set that flag for EXTERNAL auth (which is what we use on the system bus, and on the session bus if not configured otherwise). DBUS_COOKIE_SHA1 authentication is documented in terms of the username (although in fact libdbus sends a numeric uid there too, and GDBus only accepts a numeric uid) so continue to use the userdb for that mechanism. DBUS_COOKIE_SHA1 needs to use the userdb on Unix anyway, otherwise it won't find the user's home directory. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104588
356333e4