Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New elevate system #493

Merged
merged 5 commits into from
Jul 21, 2023
Merged

New elevate system #493

merged 5 commits into from
Jul 21, 2023

Conversation

lievenhey
Copy link
Contributor

@lievenhey lievenhey commented Jun 30, 2023
edited
Loading

I updated the original pr by @zeno-endemann-kdab but I can't edit the original, so I had to recreate it.

@lievenhey lievenhey requested a review from milianw June 30, 2023 09:15
@lievenhey lievenhey mentioned this pull request Jun 30, 2023
Closed
@GitMensch GitMensch mentioned this pull request Jul 4, 2023
Merged
milianw
milianw requested changes Jul 7, 2023
View reviewed changes
Copy link
Member

@milianw milianw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some small nits, mostly around error handling, otherwise this lgtm and can go in then

src/perfcontrolfifowrapper.cpp Outdated Show resolved Hide resolved
src/perfcontrolfifowrapper.cpp Outdated Show resolved Hide resolved
src/perfcontrolfifowrapper.cpp Outdated Show resolved Hide resolved
src/perfcontrolfifowrapper.cpp Outdated Show resolved Hide resolved
src/perfcontrolfifowrapper.cpp Outdated Show resolved Hide resolved
src/initiallystoppedprocess.cpp Outdated Show resolved Hide resolved
src/initiallystoppedprocess.cpp Outdated Show resolved Hide resolved
src/initiallystoppedprocess.cpp Outdated Show resolved Hide resolved
src/perfcontrolfifowrapper.h Show resolved Hide resolved
src/perfrecord.cpp Outdated Show resolved Hide resolved
zeno-endemann-kdab and others added 5 commits July 21, 2023 14:37
@zeno-endemann-kdab @milianw
Unify perf binary path handling
2244bb8 
For running perf with pkexec we need to get the full path to the binary,
so handle this consistently. This has the nice side effect of showing
clearly which perf binary is being used in the output console.
@zeno-endemann-kdab @milianw
Remove KAuth support
5a6280b 
The new previlige handling will call perf directly without a helper, so
KAuth does not make sense for that anymore.
@zeno-endemann-kdab @milianw
Implement new perf elevated privilege system
ab73817 
Instead of using a script that changes system configuration
temporarily, just run perf as root.

To properly synchronize with a launched app (that itself should not
run as root), launch the app in a separate, initially stopped process,
and use the control fifo feature of perf to properly synchronize with
it.

The control fifos are also needed to be able to stop sudo-perf, as one
does not have permission to SIGINT it anymore.
@milianw
Remove ALLOW_PRIVILEGE_ESCALATION
7341da9 
The new elevation system is not prone to the security issues of
the old system, as such we no longer need to have users opt-in
to this functionality anymore.
@milianw
Remove last remnants of kdesu/kdesudo in the code
357cfec 
We now always use pkexec, so we shouldn't even mention kdesu/kdesudo
anywhere.
@milianw milianw merged commit 867fff9 into master Jul 21, 2023
19 checks passed
@milianw milianw deleted the new-elevate-system branch July 21, 2023 12:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zeno-endemann-kdab zeno-endemann-kdab zeno-endemann-kdab left review comments

@milianw milianw milianw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@lievenhey @milianw @zeno-endemann-kdab