From e9d1b63c31bd7f0e24e8506c4d62db0ca9178cb0 Mon Sep 17 00:00:00 2001
From: markeryang <yanglongkang@h-partners.com>
Date: Thu, 31 Jul 2025 09:20:42 +0000
Subject: [PATCH] fix Leaking zombie child processes

---
 backport-Leaking-zombie-child-processes.patch | 33 +++++++++++++++++++
 polkit.spec                                   |  6 +++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 backport-Leaking-zombie-child-processes.patch

diff --git a/backport-Leaking-zombie-child-processes.patch b/backport-Leaking-zombie-child-processes.patch
new file mode 100644
index 0000000..8d05a22
--- /dev/null
+++ b/backport-Leaking-zombie-child-processes.patch
@@ -0,0 +1,33 @@
+From 8638ec5cd534dcc616b68e5b0744c493c0c71dc9 Mon Sep 17 00:00:00 2001
+From: Jan Rybar <jrybar@redhat.com>
+Date: Wed, 15 Aug 2018 16:11:22 +0200
+Subject: [PATCH] Leaking zombie child processes Resolves: bz#106021
+
+Subject: [PATCH] polkitd: fix zombie not reaped when js spawned process timed
+ out
+
+The child watch source attached to thread context didn't work due
+to the release of it's main loop and context outside. So we attach
+the source to the global default main context to make it work and
+avoid zombies.
+---
+ src/polkitbackend/polkitbackendcommon.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/polkitbackend/polkitbackendcommon.c b/src/polkitbackend/polkitbackendcommon.c
+index 517f3c6..7602714 100644
+--- a/src/polkitbackend/polkitbackendcommon.c
++++ b/src/polkitbackend/polkitbackendcommon.c
+@@ -1595,7 +1595,8 @@ utils_spawn_data_free (UtilsSpawnData *data)
+                              (GSourceFunc) utils_child_watch_from_release_cb,
+                              source,
+                              (GDestroyNotify) g_source_destroy);
+-      g_source_attach (source, data->main_context);
++      /* attach source to the global default main context */
++      g_source_attach (source, NULL);
+       g_source_unref (source);
+       data->child_pid = 0;
+     }
+-- 
+2.33.0
+
diff --git a/polkit.spec b/polkit.spec
index b263236..dbaa0d6 100644
--- a/polkit.spec
+++ b/polkit.spec
@@ -1,6 +1,6 @@
 Name:             polkit
 Version:          123
-Release:          2
+Release:          3
 Summary:          Define and Handle authorizations tool
 License:          LGPLv2+
 URL:              http://www.freedesktop.org/wiki/Software/polkit
@@ -8,6 +8,7 @@ Source0:          https://gitlab.freedesktop.org/polkit/polkit/-/archive/%{versi
 
 Patch0:           modify-admin-authorization-from-wheel-group-to-root.patch
 Patch1:           backport-CVE-2025-7519-Nested-.policy-files-cause-xml-parsing-overflow-lead.patch
+Patch2:           backport-Leaking-zombie-child-processes.patch
 
 BuildRequires:    gcc-c++ glib2-devel >= 2.30.0 expat-devel pam-devel gtk-doc gettext-devel
 BuildRequires:    gobject-introspection-devel systemd systemd-devel dbus-devel
@@ -123,6 +124,9 @@ exit 0
 %{_datadir}/man/man8/*
 
 %changelog
+* Thu Jul 31 2025 yanglongkang <yanglongkang@h-partners.com> - 123-3
+- fix Leaking zombie child processes
+
 * Fri Jul 18 2025 xuraoqing <xuraoqing@h-partners.com> - 123-2
 - fix CVE-2025-7519
 
-- 
Gitee