Skip to content

WIP: gdbus-codegen: Use ALLOW_INTERACTIVE_AUTH flag

This commit changes each D-Bus method call in generated code so that it uses G_DBUS_CALL_FLAGS_ALLOW_INTERACTIVE_AUTHORIZATION rather than G_DBUS_CALL_FLAGS_NONE. This means that the receiver of the method call might choose to ask the user to authenticate, e.g. with a polkit dialog.

Before the ALLOW_INTERACTIVE_AUTH flag was introduced in GLib 2.45.3, it was assumed that the caller could do interactive auth even when only G_DBUS_CALL_FLAGS_NONE was specified, so the only way to maintain that behavior as we move toward actually respecting the flag, is to change generated code to default to allowing interactive auth. For example, libaccountsservice uses generated code to make D-Bus calls to its daemon, which currently asks for interactive auth despite the calls using G_DBUS_CALL_FLAGS_NONE. In order to change the daemon to respect the INTERACTIVE_AUTH flag without breaking the behavior of the existing code which uses libaccountsservice, we need to change the default flag here. Such changes to accountsservice are being proposed here: https://gitlab.freedesktop.org/accountsservice/accountsservice/merge_requests/46

I think it would have been better to have a DISALLOW_INTERACTIVE_AUTH flag, but it's too late for that now.

If some code that's running in a daemon wants to disallow interactive auth, they should use the lower level APIs like g_dbus_connection_call() and omit the INTERACTIVE_AUTH flag.

Sadly there's no way to tell if anyone has a project written since 2015 and is depending on the use of G_DBUS_CALL_FLAGS_NONE in the generated code to prevent polkit dialogs. I did search several GNOME projects and didn't find such an example. I think the best we can do is mention this change in the release notes.

Merge request reports