From 545141b166159c9bc39358c50ed3e9f31da0a97a Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Thu, 15 Oct 2009 14:49:53 +0200
Subject: lib/Plugins/CCpp.cpp: log polkit_check_authorization failures

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 lib/Plugins/CCpp.cpp | 40 +++++++++++++++++-----------------------
 1 file changed, 17 insertions(+), 23 deletions(-)

diff --git a/lib/Plugins/CCpp.cpp b/lib/Plugins/CCpp.cpp
index 04db283e..c6d3b557 100644
--- a/lib/Plugins/CCpp.cpp
+++ b/lib/Plugins/CCpp.cpp
@@ -600,35 +600,29 @@ std::string CAnalyzerCCpp::GetGlobalUUID(const std::string& pDebugDumpDir)
 
 static bool DebuginfoCheckPolkit(int uid)
 {
-    PolkitResult result;
-    int child_pid;
-
-    child_pid = fork();
-
+    int child_pid = fork();
+    if (child_pid < 0)
+    {
+        perror_msg_and_die("fork");
+    }
     if (child_pid == 0)
     {
         //child
-        setuid(uid);
-        result = polkit_check_authorization(getpid(),
+        if (setuid(uid))
+            exit(1); //paranoia
+        PolkitResult result = polkit_check_authorization(getpid(),
                  "org.fedoraproject.abrt.install-debuginfos");
-        if (result == PolkitYes)
-        {
-            exit(0); //authentication OK
-        }
-        exit(1);
-    } else
-    {
-        //parent
-        int status;
-
-        waitpid(child_pid, &status, 0);
-        if (WEXITSTATUS(status) == 0)
-        {
-            return true; //authentication OK
-        }
-        return false;
+        exit(result != PolkitYes); //exit 1 (failure) if not allowed
     }
 
+    //parent
+    int status;
+    if (waitpid(child_pid, &status, 0) > 0 && WEXITSTATUS(status) == 0)
+    {
+        return true; //authorization OK
+    }
+    log("UID %d is not authorized to install debuginfos", uid);
+    return false;
 }
 
 void CAnalyzerCCpp::CreateReport(const std::string& pDebugDumpDir, int force)
-- 
cgit