From 6e77a58a39024f78c6ed49aa24fdaeb939827734 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Thu, 8 May 2008 21:33:00 +0000 Subject: [PATCH] - Tie gconf to session bus. This means it will exit when the session exits and won't leave /tmp/gconf-$USER DoS possibilities --- GConf2.spec | 14 +- gconf-2.22.0-use-dbus.patch | 747 ++++++++++++++++++++++++++++++++++++ 2 files changed, 760 insertions(+), 1 deletion(-) create mode 100644 gconf-2.22.0-use-dbus.patch diff --git a/GConf2.spec b/GConf2.spec index f33f798..ebc6b43 100644 --- a/GConf2.spec +++ b/GConf2.spec @@ -1,11 +1,13 @@ %define libxml2_version 2.4.12 %define orbit2_version 2.8.0 %define glib2_version 2.14.0 +%define dbus_version 1.0.1 +%define dbus_glib_version 0.74 Summary: A process-transparent configuration system Name: GConf2 Version: 2.22.0 -Release: 4%{?dist} +Release: 5%{?dist} License: LGPLv2+ Group: System Environment/Base Source: http://download.gnome.org/sources/GConf/2.22/GConf-%{version}.tar.bz2 @@ -15,6 +17,8 @@ URL: http://www.gnome.org BuildRequires: libxml2-devel >= %{libxml2_version} BuildRequires: ORBit2-devel >= %{orbit2_version} BuildRequires: glib2-devel >= %{glib2_version} +BuildRequires: dbus-devel >= %{dbus_version} +BuildRequires: dbus-glib-devel >= %{dbus_glib_version} BuildRequires: gtk2-devel BuildRequires: gtk-doc >= 0.9 BuildRequires: pkgconfig >= 0.14 @@ -42,6 +46,8 @@ Patch4: gconf-no-syslog.patch # http://bugzilla.gnome.org/show_bug.cgi?id=525504 Patch5: gconf-unset-mandatory.patch +Patch6: gconf-2.22.0-use-dbus.patch + %description GConf is a process-transparent configuration database API used to store user preferences. It has pluggable backends and features to @@ -81,6 +87,7 @@ which require GTK+. %patch3 -p1 -b .defaults %patch4 -p1 -b .no-syslog %patch5 -p0 -b .unset-mandatory +%patch6 -p1 -b .use-dbus %build rm -f libtool @@ -139,6 +146,7 @@ fi %{_libexecdir}/gconf-defaults-mechanism %{_datadir}/PolicyKit/policy/org.gnome.gconf.defaults.policy %{_datadir}/dbus-1/system-services/org.gnome.GConf.Defaults.service +%{_datadir}/dbus-1/services/org.gnome.GConf.service %files gtk %{_libexecdir}/gconf-sanity-check-2 @@ -152,6 +160,10 @@ fi %{_libdir}/pkgconfig/* %changelog +* Thu May 8 2008 Ray Strode - 2.22.0-5 +- Tie gconf to session bus. This means it will exit when the session + exits and won't leave /tmp/gconf-$USER DoS possibilities + * Sun May 4 2008 Matthias Clasen - 2.22.0-4 - Apply some patches: - Don't spam syslog diff --git a/gconf-2.22.0-use-dbus.patch b/gconf-2.22.0-use-dbus.patch new file mode 100644 index 0000000..9b1b91c --- /dev/null +++ b/gconf-2.22.0-use-dbus.patch @@ -0,0 +1,747 @@ +diff -up GConf-2.22.0/configure.in.use-dbus GConf-2.22.0/configure.in +--- GConf-2.22.0/configure.in.use-dbus 2008-05-08 17:24:48.000000000 -0400 ++++ GConf-2.22.0/configure.in 2008-05-08 17:25:13.000000000 -0400 +@@ -131,7 +131,7 @@ GTK_DOC_CHECK([1.0]) + + AC_ARG_ENABLE(gtk, [ --enable-gtk Enable GTK+ support (for gconf-sanity-check) [default=auto]], enable_gtk="$enableval", enable_gtk=auto) + +-PKGCONFIG_MODULES='glib-2.0 > 2.9.0 gmodule-2.0 >= 2.7.0 gobject-2.0 >= 2.7.0 ORBit-2.0 >= 2.4.0' ++PKGCONFIG_MODULES='glib-2.0 > 2.9.0 gmodule-2.0 >= 2.7.0 gobject-2.0 >= 2.7.0 ORBit-2.0 >= 2.4.0 dbus-1 >= 1.0.0 dbus-glib-1 >= 0.74' + PKGCONFIG_MODULES_WITH_XML="$PKGCONFIG_MODULES libxml-2.0" + PKGCONFIG_MODULES_WITH_GTK=" $PKGCONFIG_MODULES gtk+-2.0 >= 2.0.0" + PKGCONFIG_MODULES_WITH_XML_AND_GTK=" $PKGCONFIG_MODULES gtk+-2.0 libxml-2.0" +diff -up GConf-2.22.0/gconf/gconfd.c.use-dbus GConf-2.22.0/gconf/gconfd.c +--- GConf-2.22.0/gconf/gconfd.c.use-dbus 2008-05-08 17:23:23.000000000 -0400 ++++ GConf-2.22.0/gconf/gconfd.c 2008-05-08 17:23:23.000000000 -0400 +@@ -55,6 +55,8 @@ + #endif + #include + ++#include ++ + /* This makes hash table safer when debugging */ + #ifndef GCONF_ENABLE_DEBUG + #define safe_g_hash_table_insert g_hash_table_insert +@@ -497,57 +499,122 @@ gconf_get_poa (void) + return the_poa; + } + +-/* From ORBit2 */ +-/* There is a DOS attack if another user creates +- * the given directory and keeps us from creating +- * it +- */ +-static gboolean +-test_safe_tmp_dir (const char *dirname) ++static const char * ++get_introspection_xml (void) + { +-#ifndef G_OS_WIN32 +- struct stat statbuf; +- int fd; ++ return "\n" ++ "\n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ " \n" ++ "\n"; ++} ++ ++static DBusHandlerResult ++bus_message_handler (DBusConnection *connection, ++ DBusMessage *message, ++ GMainLoop *loop) ++{ ++ DBusMessage *reply; ++ ++ reply = NULL; ++ ++ if (dbus_message_is_signal (message, ++ DBUS_INTERFACE_LOCAL, ++ "Disconnected")) ++ { ++ gconf_main_quit (); ++ return DBUS_HANDLER_RESULT_HANDLED; ++ } ++ else if (dbus_message_is_method_call (message, ++ "org.freedesktop.DBus.Introspectable", ++ "Introspect")) ++ { ++ const char *introspection_xml; + +- fd = open (dirname, O_RDONLY); +- if (fd < 0) ++ introspection_xml = get_introspection_xml (); ++ ++ reply = dbus_message_new_method_return (message); ++ dbus_message_append_args (reply, DBUS_TYPE_STRING, &introspection_xml, ++ DBUS_TYPE_INVALID); ++ ++ } ++ else if (dbus_message_is_method_call (message, ++ "org.gnome.GConf", ++ "GetIOR")) + { +- gconf_log (GCL_WARNING, _("Failed to open %s: %s"), +- dirname, g_strerror (errno)); +- return FALSE; ++ const char *ior; ++ ++ ior = gconf_get_daemon_ior (); ++ ++ reply = dbus_message_new_method_return (message); ++ dbus_message_append_args (reply, DBUS_TYPE_STRING, &ior, DBUS_TYPE_INVALID); + } +- +- if (fstat (fd, &statbuf) != 0) ++ ++ if (reply != NULL) + { +- gconf_log (GCL_WARNING, _("Failed to stat %s: %s"), +- dirname, g_strerror (errno)); +- close (fd); +- return FALSE; ++ dbus_connection_send (connection, reply, NULL); ++ dbus_message_unref (reply); ++ return DBUS_HANDLER_RESULT_HANDLED; + } +- close (fd); + +- if (statbuf.st_uid != getuid ()) ++ return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; ++} ++ ++static DBusConnection * ++get_on_d_bus (void) ++{ ++ DBusConnection *connection; ++ DBusError bus_error; ++ int result; ++ ++ dbus_error_init (&bus_error); ++ connection = dbus_bus_get (DBUS_BUS_SESSION, &bus_error); ++ ++ if (dbus_error_is_set (&bus_error)) + { +- gconf_log (GCL_WARNING, _("Owner of %s is not the current user"), +- dirname); +- return FALSE; ++ gconf_log (GCL_ERR, _("Could not connect to session bus: %s"), bus_error.message); ++ dbus_error_free (&bus_error); ++ return NULL; + } + +- if ((statbuf.st_mode & (S_IRWXG|S_IRWXO)) || +- !S_ISDIR (statbuf.st_mode)) ++ dbus_connection_setup_with_g_main (connection, NULL); ++ ++ if (!dbus_connection_add_filter (connection, (DBusHandleMessageFunction) ++ bus_message_handler, NULL, NULL)) + { +- gconf_log (GCL_WARNING, _("Bad permissions %lo on directory %s"), +- (unsigned long) statbuf.st_mode & 07777, dirname); +- return FALSE; ++ dbus_connection_unref (connection); ++ return NULL; + } +-#else +- /* FIXME: We can't get any useful information about the actual +- * protection for the directory using stat(). We must use the Win32 +- * API to check the owner and permissions (ACL). Later. +- */ +-#endif +- +- return TRUE; ++ ++ dbus_connection_set_exit_on_disconnect (connection, FALSE); ++ ++ result = dbus_bus_request_name (connection, "org.gnome.GConf", ++ 0, &bus_error); ++ ++ if (dbus_error_is_set (&bus_error)) ++ { ++ gconf_log (GCL_WARNING, ++ _("Failed to get bus name for daemon, exiting: %s"), ++ bus_error.message); ++ dbus_error_free (&bus_error); ++ } ++ ++ if (result != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER) ++ { ++ dbus_connection_unref (connection); ++ return NULL; ++ } ++ ++ return connection; + } + + int +@@ -562,10 +629,9 @@ main(int argc, char** argv) + gchar* ior; + int exit_code = 0; + GError *err; +- char *lock_dir; +- char *gconfd_dir; + int dev_null_fd; + int write_byte_fd; ++ DBusConnection *connection; + + _gconf_init_i18n (); + setlocale (LC_ALL, ""); +@@ -672,32 +738,9 @@ main(int argc, char** argv) + gconf_set_daemon_ior (ior); + CORBA_free (ior); + +- gconfd_dir = gconf_get_daemon_dir (); +- lock_dir = gconf_get_lock_dir (); +- +- if (g_mkdir (gconfd_dir, 0700) < 0 && errno != EEXIST) +- gconf_log (GCL_WARNING, _("Failed to create %s: %s"), +- gconfd_dir, g_strerror (errno)); +- +- if (!test_safe_tmp_dir (gconfd_dir)) +- { +- err = g_error_new (GCONF_ERROR, +- GCONF_ERROR_LOCK_FAILED, +- _("Directory %s has a problem, gconfd can't use it"), +- gconfd_dir); +- daemon_lock = NULL; +- } +- else +- { +- err = NULL; +- +- daemon_lock = gconf_get_lock (lock_dir, &err); +- } +- +- g_free (gconfd_dir); +- g_free (lock_dir); ++ connection = get_on_d_bus (); + +- if (daemon_lock != NULL) ++ if (connection != NULL) + { + /* This loads backends and so on. It needs to be done before + * we can handle any requests, so before we hit the +@@ -721,14 +764,8 @@ main(int argc, char** argv) + close (write_byte_fd); + } + +- if (daemon_lock == NULL) ++ if (connection == NULL) + { +- g_assert (err); +- +- gconf_log (GCL_WARNING, _("Failed to get lock for daemon, exiting: %s"), +- err->message); +- g_error_free (err); +- + enter_shutdown (); + shutdown_databases (); + +diff -up GConf-2.22.0/gconf/gconf-internals.c.use-dbus GConf-2.22.0/gconf/gconf-internals.c +--- GConf-2.22.0/gconf/gconf-internals.c.use-dbus 2008-05-08 17:23:23.000000000 -0400 ++++ GConf-2.22.0/gconf/gconf-internals.c 2008-05-08 17:23:23.000000000 -0400 +@@ -36,6 +36,8 @@ + #include + #include + ++#include ++ + #ifdef G_OS_WIN32 + #include + #include +@@ -2418,107 +2420,101 @@ open_empty_locked_file (const gchar *dir + return fd; + } + +-static ConfigServer +-read_current_server_and_set_warning (const gchar *iorfile, +- GString *warning) +-{ +- FILE *fp; +- +- fp = g_fopen (iorfile, "r"); +- +- if (fp == NULL) +- { +- if (warning) +- g_string_append_printf (warning, +- _("IOR file '%s' not opened successfully, no gconfd located: %s"), +- iorfile, g_strerror (errno)); +- +- return CORBA_OBJECT_NIL; +- } +- else /* successfully opened IOR file */ +- { +- char buf[2048] = { '\0' }; +- const char *str = NULL; +- +- fgets (buf, sizeof (buf) - 2, fp); +- fclose (fp); +- +- /* The lockfile format is : for gconfd +- * or :none for gconftool +- */ +- str = buf; +- while (isdigit ((unsigned char) *str)) +- ++str; ++static char * ++get_ior (gboolean start_if_not_found, ++ GString *failure_log) ++{ ++ DBusMessage *message, *reply; ++ DBusConnection *connection; ++ DBusError bus_error; ++ char *ior; ++ ++ dbus_error_init (&bus_error); ++ connection = dbus_bus_get (DBUS_BUS_SESSION, &bus_error); ++ ++ if (dbus_error_is_set (&bus_error)) { ++ if (failure_log) ++ g_string_append_printf (failure_log, ++ _("Failed to get connection to session: %s"), ++ bus_error.message); ++ dbus_error_free (&bus_error); ++ return NULL; ++ } ++ ++ message = dbus_message_new_method_call ("org.gnome.GConf", ++ "/org/gnome/GConf", ++ "org.gnome.GConf", ++ "GetIOR"); ++ dbus_message_set_auto_start (message, start_if_not_found); ++ ++ reply = dbus_connection_send_with_reply_and_block (connection, message, -1, ++ &bus_error); ++ dbus_message_unref (message); ++ ++ if (dbus_error_is_set (&bus_error)) { ++ if (failure_log) ++ g_string_append_printf (failure_log, ++ _("Could not send message to gconf daemon: %s"), ++ bus_error.message); ++ dbus_error_free (&bus_error); ++ return NULL; ++ } ++ ++ ior = NULL; ++ if (!dbus_message_get_args (reply, &bus_error, DBUS_TYPE_STRING, ++ &ior, DBUS_TYPE_INVALID)) { ++ if (failure_log) ++ g_string_append_printf (failure_log, ++ _("daemon gave errnoneous reply: %s"), ++ bus_error.message); ++ dbus_error_free (&bus_error); ++ return NULL; ++ } + +- if (*str == ':') +- ++str; +- +- if (str[0] == 'n' && +- str[1] == 'o' && +- str[2] == 'n' && +- str[3] == 'e') +- { +- if (warning) +- g_string_append_printf (warning, +- _("gconftool or other non-gconfd process has the lock file '%s'"), +- iorfile); +- } +- else /* file contains daemon IOR */ +- { +- CORBA_ORB orb; +- CORBA_Environment ev; +- ConfigServer server; +- +- CORBA_exception_init (&ev); +- +- orb = gconf_orb_get (); ++ ior = g_strdup (ior); + +- if (orb == NULL) +- { +- if (warning) +- g_string_append_printf (warning, +- _("couldn't contact ORB to resolve existing gconfd object reference")); +- return CORBA_OBJECT_NIL; +- } +- +- server = CORBA_ORB_string_to_object (orb, (char*) str, &ev); +- CORBA_exception_free (&ev); +- +- if (server == CORBA_OBJECT_NIL && +- warning) +- g_string_append_printf (warning, +- _("Failed to convert IOR '%s' to an object reference"), +- str); +- +- return server; +- } ++ dbus_message_unref (reply); ++ dbus_connection_unref (connection); + +- return CORBA_OBJECT_NIL; +- } ++ return ior; + } + + static ConfigServer +-read_current_server (const gchar *iorfile, +- gboolean warn_if_fail) ++gconf_get_server (gboolean start_if_not_found, ++ GString *failure_log) + { +- GString *warning; + ConfigServer server; +- +- if (warn_if_fail) +- warning = g_string_new (NULL); +- else +- warning = NULL; ++ char *ior; ++ CORBA_ORB orb; ++ CORBA_Environment ev; + +- server = read_current_server_and_set_warning (iorfile, warning); ++ ior = get_ior (start_if_not_found, failure_log); + +- if (warning) ++ if (ior == NULL) + { +- if (warning->len > 0) +- gconf_log (GCL_WARNING, "%s", warning->str); ++ return CORBA_OBJECT_NIL; ++ } ++ ++ CORBA_exception_init (&ev); ++ orb = gconf_orb_get (); + +- g_string_free (warning, TRUE); ++ if (orb == NULL) ++ { ++ if (failure_log) ++ g_string_append_printf (failure_log, ++ _("couldn't contact ORB to resolve existing gconfd object reference")); ++ return CORBA_OBJECT_NIL; + } + ++ server = CORBA_ORB_string_to_object (orb, (char*) ior, &ev); ++ CORBA_exception_free (&ev); ++ ++ if (server == CORBA_OBJECT_NIL && ++ failure_log) ++ g_string_append_printf (failure_log, ++ _("Failed to convert IOR '%s' to an object reference"), ++ ior); ++ + return server; + } + +@@ -2563,7 +2559,7 @@ gconf_get_lock_or_current_holder (const + * it to the caller. Error is already set. + */ + if (current_server) +- *current_server = read_current_server (lock->iorfile, TRUE); ++ *current_server = gconf_get_server (FALSE, NULL); + + gconf_lock_destroy (lock); + +@@ -2726,40 +2722,6 @@ gconf_release_lock (GConfLock *lock, + return retval; + } + +-/* This function doesn't try to see if the lock is valid or anything +- * of the sort; it just reads it. It does do the object_to_string +- */ +-ConfigServer +-gconf_get_current_lock_holder (const gchar *lock_directory, +- GString *failure_log) +-{ +- char *iorfile; +- ConfigServer server; +- +- iorfile = g_strconcat (lock_directory, "/ior", NULL); +- server = read_current_server_and_set_warning (iorfile, failure_log); +- g_free (iorfile); +- return server; +-} +- +-void +-gconf_daemon_blow_away_locks (void) +-{ +- char *lock_directory; +- char *iorfile; +- +- lock_directory = gconf_get_lock_dir (); +- +- iorfile = g_strconcat (lock_directory, "/ior", NULL); +- +- if (g_unlink (iorfile) < 0) +- g_printerr (_("Failed to unlink lock file %s: %s\n"), +- iorfile, g_strerror (errno)); +- +- g_free (iorfile); +- g_free (lock_directory); +-} +- + static CORBA_ORB gconf_orb = CORBA_OBJECT_NIL; + + CORBA_ORB +@@ -2851,173 +2813,45 @@ gconf_get_lock_dir (void) + return lock_dir; + } + +-#if defined (F_SETFD) && defined (FD_CLOEXEC) +- +-#ifndef HAVE_FDWALK +-static void +-set_cloexec (gint fd) +-{ +- fcntl (fd, F_SETFD, FD_CLOEXEC); +-#else +-static int +-set_cloexec (void *data, int fd) +-{ +- int *pipes = (int *)data; +- +- if (fd != pipes[1] && fd > 2) +- fcntl (fd, F_SETFD, FD_CLOEXEC); +- +- return 0; +-#endif +-} +- +- +-static void +-close_fd_func (gpointer data) +-{ +- int *pipes = data; +- +-#ifndef HAVE_FDWALK +- gint open_max; +- gint i; +- +- open_max = sysconf (_SC_OPEN_MAX); +- for (i = 3; i < open_max; i++) +- { +- /* don't close our write pipe */ +- if (i != pipes[1]) +- set_cloexec (i); +- } +-#else +- (void) fdwalk(set_cloexec, (void *)pipes); +-#endif +-} +- +-#else +- +-#define close_fd_func NULL +- +-#endif +- + ConfigServer + gconf_activate_server (gboolean start_if_not_found, + GError **error) + { + ConfigServer server = CORBA_OBJECT_NIL; +- int p[2] = { -1, -1 }; +- char buf[1]; + GError *tmp_err; +- char *argv[3]; +- char *gconfd_dir; +- char *lock_dir; + GString *failure_log; +- struct stat statbuf; + CORBA_Environment ev; +- gboolean dir_accessible; + + failure_log = g_string_new (NULL); + +- gconfd_dir = gconf_get_daemon_dir (); +- +- dir_accessible = g_stat (gconfd_dir, &statbuf) >= 0; ++ g_string_append (failure_log, " 1: "); ++ server = gconf_get_server (start_if_not_found, failure_log); + +- if (!dir_accessible && errno != ENOENT) +- { +- server = CORBA_OBJECT_NIL; +- gconf_log (GCL_WARNING, _("Failed to stat %s: %s"), +- gconfd_dir, g_strerror (errno)); +- } +- else if (dir_accessible) +- { +- g_string_append (failure_log, " 1: "); +- lock_dir = gconf_get_lock_dir (); +- server = gconf_get_current_lock_holder (lock_dir, failure_log); +- g_free (lock_dir); +- +- /* Confirm server exists */ +- CORBA_exception_init (&ev); +- +- if (!CORBA_Object_is_nil (server, &ev)) +- { +- ConfigServer_ping (server, &ev); +- +- if (ev._major != CORBA_NO_EXCEPTION) +- { +- server = CORBA_OBJECT_NIL; +- +- g_string_append_printf (failure_log, +- _("Server ping error: %s"), +- CORBA_exception_id (&ev)); +- } +- } +- +- CORBA_exception_free (&ev); +- +- if (server != CORBA_OBJECT_NIL) +- { +- g_string_free (failure_log, TRUE); +- g_free (gconfd_dir); +- return server; +- } +- } +- +- g_free (gconfd_dir); ++ /* Confirm server exists */ ++ CORBA_exception_init (&ev); + +- if (start_if_not_found) ++ if (!CORBA_Object_is_nil (server, &ev)) + { +- /* Spawn server */ +- if (pipe (p) < 0) ++ ConfigServer_ping (server, &ev); ++ ++ if (ev._major != CORBA_NO_EXCEPTION) + { +- g_set_error (error, +- GCONF_ERROR, +- GCONF_ERROR_NO_SERVER, +- _("Failed to create pipe for communicating with spawned gconf daemon: %s\n"), +- g_strerror (errno)); +- goto out; +- } ++ server = CORBA_OBJECT_NIL; + +- argv[0] = g_build_filename (GCONF_SERVERDIR, GCONFD, NULL); +- argv[1] = g_strdup_printf ("%d", p[1]); +- argv[2] = NULL; +- +- tmp_err = NULL; +- if (!g_spawn_async (NULL, +- argv, +- NULL, +- G_SPAWN_LEAVE_DESCRIPTORS_OPEN, +- close_fd_func, +- p, +- NULL, +- &tmp_err)) +- { +- g_free (argv[0]); +- g_free (argv[1]); +- g_set_error (error, +- GCONF_ERROR, +- GCONF_ERROR_NO_SERVER, +- _("Failed to launch configuration server: %s\n"), +- tmp_err->message); +- g_error_free (tmp_err); +- goto out; ++ g_string_append_printf (failure_log, ++ _("Server ping error: %s"), ++ CORBA_exception_id (&ev)); + } +- +- g_free (argv[0]); +- g_free (argv[1]); ++ } ++ ++ CORBA_exception_free (&ev); + +- /* If the server dies, we don't want to block indefinitely in +- the read. */ +- close (p[1]); +- p[1] = -1; +- +- /* Block until server starts up */ +- read (p[0], buf, 1); +- +- g_string_append (failure_log, " 2: "); +- lock_dir = gconf_get_lock_dir (); +- server = gconf_get_current_lock_holder (lock_dir, failure_log); +- g_free (lock_dir); ++ if (server != CORBA_OBJECT_NIL) ++ { ++ g_string_free (failure_log, TRUE); ++ return server; + } +- ++ + out: + if (server == CORBA_OBJECT_NIL && + error && +@@ -3030,11 +2864,6 @@ gconf_activate_server (gboolean start_i + + g_string_free (failure_log, TRUE); + +- if (p[0] != -1) +- close (p[0]); +- if (p[1] != -1) +- close (p[1]); +- + return server; + } + +diff -up GConf-2.22.0/gconf/gconf-sanity-check.c.use-dbus GConf-2.22.0/gconf/gconf-sanity-check.c +--- GConf-2.22.0/gconf/gconf-sanity-check.c.use-dbus 2007-11-01 15:35:40.000000000 -0400 ++++ GConf-2.22.0/gconf/gconf-sanity-check.c 2008-05-08 17:23:23.000000000 -0400 +@@ -381,8 +381,6 @@ offer_delete_locks (void) + + g_slist_free (addresses); + +- gconf_daemon_blow_away_locks (); +- + return TRUE; + } + +diff -up GConf-2.22.0/gconf/Makefile.am.use-dbus GConf-2.22.0/gconf/Makefile.am +--- GConf-2.22.0/gconf/Makefile.am.use-dbus 2007-11-01 15:35:40.000000000 -0400 ++++ GConf-2.22.0/gconf/Makefile.am 2008-05-08 17:23:23.000000000 -0400 +@@ -121,11 +121,17 @@ libgconf_2_la_LDFLAGS = -version-info $( + + libgconf_2_la_LIBADD = $(INTLLIBS) $(DEPENDENT_LIBS) + +-EXTRA_DIST=GConfX.idl default.path.in gconfmarshal.list regenerate-enum-header.sh regenerate-enum-footer.sh ++EXTRA_DIST=GConfX.idl default.path.in org.gnome.GConf.service gconfmarshal.list regenerate-enum-header.sh regenerate-enum-footer.sh + + default.path: $(srcdir)/default.path.in + sed -e 's,[@]sysgconfdir[@],$(sysgconfdir),g' \ + <$(srcdir)/default.path.in >default.path ++org.gnome.GConf.service: $(srcdir)/org.gnome.GConf.service.in ++ sed -e 's,[@]libexecdir[@],$(libexecdir),g' \ ++ <$(srcdir)/org.gnome.GConf.service.in >org.gnome.GConf.service ++ ++servicedir = $(datadir)/dbus-1/services ++service_DATA = org.gnome.GConf.service + + install-data-local: default.path + $(mkinstalldirs) $(DESTDIR)$(sysgconfdir)/$(MAJOR_VERSION) +diff -up /dev/null GConf-2.22.0/gconf/org.gnome.GConf.service.in +--- /dev/null 2008-05-08 09:12:32.052279633 -0400 ++++ GConf-2.22.0/gconf/org.gnome.GConf.service.in 2008-05-08 17:23:23.000000000 -0400 +@@ -0,0 +1,3 @@ ++[D-BUS Service] ++Name=org.gnome.GConf ++Exec=@libexecdir@/gconfd-2