Bug 544534 - Parallel authorization calls fail as not authorized + challenge
Parallel authorization calls fail as not authorized + challenge
Status: CLOSED DUPLICATE of bug 526053
Product: Fedora
Classification: Fedora
Component: polkit (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: David Zeuthen
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-12-05 04:15 EST by Dan Williams
Modified: 2013-03-05 23:00 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-12-07 02:20:13 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Dan Williams 2009-12-05 04:15:23 EST
Steps to reproduce the issue:

pkcheck --action-id org.freedesktop.network-manager-settings.system.modify --process 1863 --allow-user-interaction

(use some pid of your process there instead of 1863) and instead of typing in the password, run that command again in another terminal.

Actual result: second pkcheck command fails with "not authorized"

Expected result: second pkcheck command blocks until the authorization from the first pkcheck command completes, then returns the same result as the first command

Basically, if there's an authorization request already in progress for a specific privilege, it's pretty inconvenient for subsequent requests for that same privilege to actually return before the authorization is done and before the first auth request completes.  That means the client application has to serialize all authorization calls for the same privilege internally.  Which is icky; I guess I had expected polkit to do that for me...

Is having polkit internally serialize the auth requests an acceptable proposal for polkit behavior?  Makes it a lot easier on the app writers.
Comment 1 Dan Williams 2009-12-07 02:20:13 EST

*** This bug has been marked as a duplicate of bug 526053 ***

Note You need to log in before you can comment on or make changes to this bug.