PolicyKit/tools Makefile.am, 1.1.1.1, 1.2 Makefile.in, 1.1.1.1,
1.2 polkit-grant-privilege.c, NONE, 1.1 polkit-is-privileged.c,
1.2, 1.3 polkit-list-privileges.c, NONE, 1.1
David Zeuthen
david at kemper.freedesktop.org
Mon Mar 13 22:14:35 PST 2006
- Previous message: PolicyKit/privileges Makefile.am, NONE,
1.1 desktop-console.privilege, NONE, 1.1
- Next message: PolicyKit COPYING, 1.1.1.1, 1.2 ChangeLog, 1.6, 1.7 Makefile.am,
1.1.1.1, 1.2 configure.in, 1.1.1.1, 1.2 policy-kit.in, NONE,
1.1 polkit-interface-manager.xml, NONE,
1.1 polkit-interface-session.xml, NONE, 1.1 polkit.pc.in, 1.5, 1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/hal/PolicyKit/tools
In directory kemper:/tmp/cvs-serv13970/tools
Modified Files:
Makefile.am Makefile.in polkit-is-privileged.c
Added Files:
polkit-grant-privilege.c polkit-list-privileges.c
Log Message:
2006-03-14 David Zeuthen <davidz at redhat.com>
Add a bunch of code; basically a full rewrite moving all queries
to the daemon.
* COPYING:
* Makefile.am:
* configure.in:
* libpolkit/Makefile.am:
* libpolkit/libpolkit-test.c:
* libpolkit/libpolkit.c: (libpolkit_new_context),
(libpolkit_free_context),
(libpolkit_get_allowed_resources_for_privilege_for_uid),
(libpolkit_is_uid_allowed_for_privilege),
(libpolkit_get_privilege_list):
* libpolkit/libpolkit.h:
* policy-kit.in:
* polkit-interface-manager.xml:
* polkit-interface-session.xml:
* polkit.pc.in:
* polkitd/Makefile.am:
* polkitd/debug-polkitd.sh:
* polkitd/main.c: (usage), (delete_pid), (main):
* polkitd/policy.c: (policy_util_set_policy_directory),
(policy_element_new), (policy_element_free),
(policy_element_free_list), (policy_element_dump),
(txt_backend_read_policy), (policy_get_whitelist),
(policy_get_blacklist), (policy_get_policies), (afp_process_elem),
(policy_get_allowed_resources_for_policy_for_uid_gid),
(policy_is_uid_gid_allowed_for_policy), (policy_util_uid_to_name),
(policy_util_gid_to_name), (policy_util_name_to_uid),
(policy_util_name_to_gid),
(policy_get_allowed_resources_for_policy_for_uid),
(policy_is_uid_allowed_for_policy), (getgrouplist):
* polkitd/policy.h:
* polkitd/polkit-manager.c: (caller_info_delete),
(polkit_manager_init), (polkit_manager_finalize),
(polkit_manager_class_init), (polkit_manager_error_quark),
(polkit_manager_error_get_type), (bus_name_owner_changed),
(session_remover), (session_finalized), (polkit_manager_new),
(uid_from_username), (safe_strcmp),
(polkit_manager_get_caller_info),
(polkit_manager_initiate_privilege_grant),
(polkit_manager_is_user_privileged),
(polkit_manager_get_allowed_resources_for_privilege),
(polkit_manager_list_privileges),
(polkit_manager_add_temporary_privilege),
(polkit_manager_remove_temporary_privilege):
* polkitd/polkit-manager.h:
* polkitd/polkit-marshal.list:
* polkitd/polkit-session.c: (polkit_session_init),
(polkit_session_finalize), (polkit_session_class_init),
(polkit_session_error_quark), (polkit_session_error_get_type),
(polkit_session_check_caller), (polkit_session_is_authenticated),
(polkit_session_get_auth_denied_reason), (safe_memset),
(my_conversation), (write_back_to_parent), (do_pam_auth),
(data_from_pam), (polkit_session_get_auth_details),
(polkit_session_initiate_auth), (polkit_session_get_questions),
(polkit_session_provide_answers), (polkit_session_close),
(polkit_session_grant_privilege_temporarily), (polkit_session_new),
(polkit_session_initiator_disconnected):
* polkitd/polkit-session.h:
* polkitd/polkitd-test.c: (my_exit), (do_check),
(write_test_policy), (do_read_tests), (main):
* polkitd/run-polkitd.sh:
* polkitd/valgrind-polkitd.sh:
* privileges/Makefile.am:
* privileges/desktop-console.privilege:
* tools/Makefile.am:
* tools/Makefile.in:
* tools/polkit-grant-privilege.c: (have_questions_handler),
(auth_done_handler), (do_grant_privilege), (usage), (main):
* tools/polkit-is-privileged.c: (usage), (main):
* tools/polkit-list-privileges.c: (usage), (main):
Index: Makefile.am
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/Makefile.am,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- Makefile.am 8 Mar 2006 01:52:03 -0000 1.1.1.1
+++ Makefile.am 14 Mar 2006 06:14:33 -0000 1.2
@@ -8,13 +8,36 @@
-DPACKAGE_LOCALSTATEDIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(prefix)/$(DATADIRNAME)/locale"\" \
-I$(top_srcdir) \
- @GLIB_CFLAGS@
+ -DDBUS_API_SUBJECT_TO_CHANGE \
+ @GLIB_CFLAGS@ \
+ @DBUS_CFLAGS@
bin_PROGRAMS = \
- polkit-is-privileged
+ polkit-is-privileged \
+ polkit-list-privileges \
+ polkit-grant-privilege
polkit_is_privileged_SOURCES = polkit-is-privileged.c
-polkit_is_privileged_LDADD = @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+polkit_is_privileged_LDADD = @DBUS_CFLAGS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+
+polkit_list_privileges_SOURCES = polkit-list-privileges.c
+polkit_list_privileges_LDADD = @DBUS_CFLAGS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+
+polkit-interface-manager-glue.h: ../polkit-interface-manager.xml Makefile.am
+ dbus-binding-tool --prefix=polkit_manager --mode=glib-client --output=polkit-interface-manager-glue.h ../polkit-interface-manager.xml
+
+polkit-interface-session-glue.h: ../polkit-interface-session.xml Makefile.am
+ dbus-binding-tool --prefix=polkit_session --mode=glib-client --output=polkit-interface-session-glue.h ../polkit-interface-session.xml
+
+polkit_grant_privilege_SOURCES= \
+ polkit-grant-privilege.c \
+ polkit-interface-manager-glue.h \
+ polkit-interface-session-glue.h
+
+polkit_grant_privilege_LDADD= @DBUS_GLIB_LIBS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+
+BUILT_SOURCES = polkit-interface-manager-glue.h polkit-interface-session-glue.h
clean-local :
- rm -f *~
+ rm -f *~ $(BUILT_SOURCES)
+
Index: Makefile.in
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/Makefile.in,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- Makefile.in 8 Mar 2006 01:52:03 -0000 1.1.1.1
+++ Makefile.in 14 Mar 2006 06:14:33 -0000 1.2
@@ -36,7 +36,9 @@
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
-bin_PROGRAMS = polkit-is-privileged$(EXEEXT)
+bin_PROGRAMS = polkit-is-privileged$(EXEEXT) \
+ polkit-list-privileges$(EXEEXT) \
+ polkit-grant-privilege$(EXEEXT)
subdir = tools
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -50,10 +52,18 @@
am__installdirs = "$(DESTDIR)$(bindir)"
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(bin_PROGRAMS)
+am_polkit_grant_privilege_OBJECTS = polkit-grant-privilege.$(OBJEXT)
+polkit_grant_privilege_OBJECTS = $(am_polkit_grant_privilege_OBJECTS)
+polkit_grant_privilege_DEPENDENCIES = \
+ $(top_builddir)/libpolkit/libpolkit.la
am_polkit_is_privileged_OBJECTS = polkit-is-privileged.$(OBJEXT)
polkit_is_privileged_OBJECTS = $(am_polkit_is_privileged_OBJECTS)
polkit_is_privileged_DEPENDENCIES = \
$(top_builddir)/libpolkit/libpolkit.la
+am_polkit_list_privileges_OBJECTS = polkit-list-privileges.$(OBJEXT)
+polkit_list_privileges_OBJECTS = $(am_polkit_list_privileges_OBJECTS)
+polkit_list_privileges_DEPENDENCIES = \
+ $(top_builddir)/libpolkit/libpolkit.la
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -65,8 +75,12 @@
CCLD = $(CC)
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
-SOURCES = $(polkit_is_privileged_SOURCES)
-DIST_SOURCES = $(polkit_is_privileged_SOURCES)
+SOURCES = $(polkit_grant_privilege_SOURCES) \
+ $(polkit_is_privileged_SOURCES) \
+ $(polkit_list_privileges_SOURCES)
+DIST_SOURCES = $(polkit_grant_privilege_SOURCES) \
+ $(polkit_is_privileged_SOURCES) \
+ $(polkit_list_privileges_SOURCES)
ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@@ -75,6 +89,7 @@
AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
+AUTH_LIBS = @AUTH_LIBS@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
@@ -91,6 +106,10 @@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DATADIR = @DATADIR@
+DBUS_CFLAGS = @DBUS_CFLAGS@
+DBUS_GLIB_CFLAGS = @DBUS_GLIB_CFLAGS@
+DBUS_GLIB_LIBS = @DBUS_GLIB_LIBS@
+DBUS_LIBS = @DBUS_LIBS@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DOCDIR = @DOCDIR@
@@ -110,6 +129,9 @@
GLIB_LIBS = @GLIB_LIBS@
GTK_DOC_USE_LIBTOOL_FALSE = @GTK_DOC_USE_LIBTOOL_FALSE@
GTK_DOC_USE_LIBTOOL_TRUE = @GTK_DOC_USE_LIBTOOL_TRUE@
+HAVE_PAM = @HAVE_PAM@
+HAVE_PAM_FALSE = @HAVE_PAM_FALSE@
+HAVE_PAM_TRUE = @HAVE_PAM_TRUE@
HTML_DIR = @HTML_DIR@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
@@ -132,14 +154,21 @@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
+OS_TYPE_RED_HAT_FALSE = @OS_TYPE_RED_HAT_FALSE@
+OS_TYPE_RED_HAT_TRUE = @OS_TYPE_RED_HAT_TRUE@
+OS_TYPE_UNKNOWN_FALSE = @OS_TYPE_UNKNOWN_FALSE@
+OS_TYPE_UNKNOWN_TRUE = @OS_TYPE_UNKNOWN_TRUE@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_FILE_INCLUDE = @PAM_FILE_INCLUDE@
+PAM_PREFIX = @PAM_PREFIX@
PATH_SEPARATOR = @PATH_SEPARATOR@
PKG_CONFIG = @PKG_CONFIG@
+POLKITD_PID_FILE = @POLKITD_PID_FILE@
POLKIT_GROUP = @POLKIT_GROUP@
POLKIT_USER = @POLKIT_USER@
RANLIB = @RANLIB@
@@ -201,11 +230,23 @@
-DPACKAGE_LOCALSTATEDIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(prefix)/$(DATADIRNAME)/locale"\" \
-I$(top_srcdir) \
- @GLIB_CFLAGS@
+ -DDBUS_API_SUBJECT_TO_CHANGE \
+ @GLIB_CFLAGS@ \
+ @DBUS_CFLAGS@
polkit_is_privileged_SOURCES = polkit-is-privileged.c
-polkit_is_privileged_LDADD = @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
-all: all-am
+polkit_is_privileged_LDADD = @DBUS_CFLAGS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+polkit_list_privileges_SOURCES = polkit-list-privileges.c
+polkit_list_privileges_LDADD = @DBUS_CFLAGS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+polkit_grant_privilege_SOURCES = \
+ polkit-grant-privilege.c \
+ polkit-interface-manager-glue.h \
+ polkit-interface-session-glue.h
+
+polkit_grant_privilege_LDADD = @DBUS_GLIB_LIBS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+BUILT_SOURCES = polkit-interface-manager-glue.h polkit-interface-session-glue.h
+all: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) all-am
.SUFFIXES:
.SUFFIXES: .c .lo .o .obj
@@ -266,9 +307,15 @@
echo " rm -f $$p $$f"; \
rm -f $$p $$f ; \
done
+polkit-grant-privilege$(EXEEXT): $(polkit_grant_privilege_OBJECTS) $(polkit_grant_privilege_DEPENDENCIES)
+ @rm -f polkit-grant-privilege$(EXEEXT)
+ $(LINK) $(polkit_grant_privilege_LDFLAGS) $(polkit_grant_privilege_OBJECTS) $(polkit_grant_privilege_LDADD) $(LIBS)
polkit-is-privileged$(EXEEXT): $(polkit_is_privileged_OBJECTS) $(polkit_is_privileged_DEPENDENCIES)
@rm -f polkit-is-privileged$(EXEEXT)
$(LINK) $(polkit_is_privileged_LDFLAGS) $(polkit_is_privileged_OBJECTS) $(polkit_is_privileged_LDADD) $(LIBS)
+polkit-list-privileges$(EXEEXT): $(polkit_list_privileges_OBJECTS) $(polkit_list_privileges_DEPENDENCIES)
+ @rm -f polkit-list-privileges$(EXEEXT)
+ $(LINK) $(polkit_list_privileges_LDFLAGS) $(polkit_list_privileges_OBJECTS) $(polkit_list_privileges_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
@@ -276,7 +323,9 @@
distclean-compile:
-rm -f *.tab.c
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/polkit-grant-privilege.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/polkit-is-privileged.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/polkit-list-privileges.Po at am__quote@
.c.o:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@@ -385,13 +434,15 @@
fi; \
done
check-am: all-am
-check: check-am
+check: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) check-am
all-am: Makefile $(PROGRAMS)
installdirs:
for dir in "$(DESTDIR)$(bindir)"; do \
test -z "$$dir" || $(mkdir_p) "$$dir"; \
done
-install: install-am
+install: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
@@ -415,6 +466,7 @@
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
clean: clean-am
clean-am: clean-binPROGRAMS clean-generic clean-libtool clean-local \
@@ -480,8 +532,14 @@
uninstall-info-am
+polkit-interface-manager-glue.h: ../polkit-interface-manager.xml Makefile.am
+ dbus-binding-tool --prefix=polkit_manager --mode=glib-client --output=polkit-interface-manager-glue.h ../polkit-interface-manager.xml
+
+polkit-interface-session-glue.h: ../polkit-interface-session.xml Makefile.am
+ dbus-binding-tool --prefix=polkit_session --mode=glib-client --output=polkit-interface-session-glue.h ../polkit-interface-session.xml
+
clean-local :
- rm -f *~
+ rm -f *~ $(BUILT_SOURCES)
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
--- NEW FILE: polkit-grant-privilege.c ---
/***************************************************************************
* CVSID: $Id: polkit-grant-privilege.c,v 1.1 2006/03/14 06:14:33 david Exp $
*
* polkit-grant-privilege.c : Grant privileges
*
* Copyright (C) 2006 David Zeuthen, <david at fubar.dk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
**************************************************************************/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stdlib.h>
#include <stdio.h>
#include <getopt.h>
#include <string.h>
#include <errno.h>
#include <glib/gstdio.h>
#include <dbus/dbus-glib.h>
#include <dbus/dbus-glib-lowlevel.h>
#include <libpolkit/libpolkit.h>
#include "polkit-interface-manager-glue.h"
#include "polkit-interface-session-glue.h"
static char *grant_user = NULL;
static char *grant_privilege = NULL;
static char *grant_resource = NULL;
static char *auth_user = NULL;
static char *auth_pam_service_name = NULL;
static void
have_questions_handler (DBusGProxy *session, gpointer user_data)
{
int i;
char **questions;
char **answers;
int num_a;
GError *error = NULL;
if (auth_user != NULL) {
if (grant_resource != NULL)
g_print ("\n"
"Authentication needed for user '%s' in order to grant the\n"
"privilege '%s' to user '%s' for the \n"
"resource '%s'.\n"
"\n"
"The privilege is configured to use PAM service '%s'.\n"
"\n",
auth_user,
grant_privilege, grant_user,
grant_resource,
auth_pam_service_name);
else
g_print ("\n"
"Authentication needed for user '%s' in order to grant the\n"
"privilege '%s' to user '%s'.\n"
"\n"
"The privilege is configured to use PAM service '%s'.\n"
"\n",
auth_user,
grant_privilege, grant_user,
auth_pam_service_name);
g_free (auth_user);
g_free (auth_pam_service_name);
auth_user = NULL;
auth_pam_service_name = NULL;
}
if (!org_freedesktop_PolicyKit_Session_get_questions (session,
&questions,
&error)) {
g_warning ("GetQuestions: %s", error->message);
g_error_free (error);
goto out;
}
answers = g_new0 (char *, g_strv_length (questions) + 1);
num_a = 0;
for (i = 0; questions[i] != NULL && questions[i+1] != NULL; i++) {
char *answer;
char *question = questions[i+1];
char *qtype = questions[i];
/*g_debug ("Question 1: '%s' (pamtype %s)\n(warning; secret will be echoed to stdout)", question, qtype);*/
if (strcmp (qtype, "PamPromptEchoOff") == 0) {
answer = getpass (question);
answers[num_a++] = g_strdup (answer);
/*g_debug ("Provding answer: '%s'", answer);*/
} else if (strcmp (qtype, "PamPromptEchoOn") == 0) {
char buf[1024];
fputs (question, stderr);
answer = fgets (question, sizeof (buf), stdin);
answers[num_a++] = g_strdup (answer);
/*g_debug ("Provding answer: '%s'", answer);*/
} else if (strcmp (qtype, "PamErrorMsg") == 0) {
/*g_debug ("Not providing answer");*/
;
} else if (strcmp (qtype, "PamTextInfo") == 0) {
/*g_debug ("Not providing answer");*/
;
}
}
answers[num_a] = NULL;
g_strfreev (questions);
if (!org_freedesktop_PolicyKit_Session_provide_answers (session,
(const char **) answers,
&error)) {
g_warning ("ProvideAnswers: %s", error->message);
g_error_free (error);
goto out;
}
g_strfreev (answers);
out:
;
}
static void
auth_done_handler (DBusGProxy *session, gpointer user_data)
{
gboolean auth_result;
GError *error = NULL;
/*g_debug ("in %s", __FUNCTION__);*/
if (!org_freedesktop_PolicyKit_Session_is_authenticated (session,
&auth_result,
&error)) {
g_warning ("IsAuthenticated: %s", error->message);
g_error_free (error);
goto out;
}
/*g_message ("Authentication done. %s", auth_result);*/
if (!auth_result) {
char *auth_denied_reason;
if (!org_freedesktop_PolicyKit_Session_get_auth_denied_reason (session,
&auth_denied_reason,
&error)) {
g_warning ("GetAuthDeniedReason: %s", error->message);
g_error_free (error);
goto out;
}
g_print ("\n"
"Authentication failed (reason: '%s').\n", auth_denied_reason);
g_free (auth_denied_reason);
} else {
g_print ("\n"
"Authentication succeeded.\n");
/* don't restrict privilege to callers PID */
if (!org_freedesktop_PolicyKit_Session_grant_privilege_temporarily (session,
FALSE,
&error)) {
g_warning ("GrantPrivilegeTemporarily: %s", error->message);
g_error_free (error);
}
}
out:
/* don't revoke privilege when we close the session */
if (!org_freedesktop_PolicyKit_Session_close (session,
TRUE,
&error)) {
g_warning ("Close: %s", error->message);
g_error_free (error);
}
exit (0);
}
static void
do_grant_privilege (DBusGConnection *conn, const char *user, const char *privilege, const char *resource)
{
GError *error = NULL;
DBusGProxy *manager;
DBusGProxy *session;
char *session_objpath;
GMainLoop *mainloop;
grant_user = g_strdup (user);
grant_privilege = g_strdup (privilege);
grant_resource = g_strdup (resource);
mainloop = g_main_loop_new (NULL, FALSE);
manager = dbus_g_proxy_new_for_name (conn,
"org.freedesktop.PolicyKit",
"/org/freedesktop/PolicyKit/Manager",
"org.freedesktop.PolicyKit.Manager");
if (manager == NULL) {
goto out;
}
if (!org_freedesktop_PolicyKit_Manager_initiate_privilege_grant (manager,
user,
privilege,
resource,
&session_objpath,
&error)) {
g_warning ("GrantPrivilege: %s", error->message);
g_error_free (error);
goto out;
}
/*g_debug ("session_objpath = %s", session_objpath);*/
session = dbus_g_proxy_new_for_name (conn,
"org.freedesktop.PolicyKit",
session_objpath,
"org.freedesktop.PolicyKit.Session");
if (session == NULL) {
goto out;
}
dbus_g_proxy_add_signal (session, "HaveQuestions", G_TYPE_INVALID);
dbus_g_proxy_connect_signal (session, "HaveQuestions", G_CALLBACK (have_questions_handler),
NULL, NULL);
dbus_g_proxy_add_signal (session, "AuthenticationDone", G_TYPE_INVALID);
dbus_g_proxy_connect_signal (session, "AuthenticationDone", G_CALLBACK (auth_done_handler),
NULL, NULL);
if (!org_freedesktop_PolicyKit_Session_get_auth_details (session,
&auth_user,
&auth_pam_service_name,
&error)) {
g_warning ("GetAuthDetails: %s", error->message);
g_error_free (error);
goto out;
}
if (!org_freedesktop_PolicyKit_Session_initiate_auth (session,
&error)) {
g_warning ("InitiateAuth: %s", error->message);
g_error_free (error);
goto out;
}
g_main_loop_run (mainloop);
g_free (session_objpath);
out:
;
}
static void
usage (int argc, char *argv[])
{
fprintf (stderr, "polkit-grant-privilege version " PACKAGE_VERSION "\n");
fprintf (stderr, "\n" "usage : %s -p <privilege> [-u user] [-r <resource>]\n", argv[0]);
fprintf (stderr,
"\n"
"Options:\n"
" -u, --user User to grant privilege to\n"
" -p, --privilege Privilege to grant\n"
" -r, --resource Resource\n"
" -h, --help Show this information and exit\n"
" -v, --verbose Verbose operation\n"
" -V, --version Print version number\n"
"\n"
"Grant a privilege for accessing a resource. The resource may\n"
"be omitted.\n");
}
static gboolean is_verbose = FALSE;
int
main (int argc, char **argv)
{
int rc;
GError *error = NULL;
DBusGConnection *bus;
LibPolKitContext *ctx;
char *user = NULL;
char *resource = NULL;
char *privilege = NULL;
static const struct option long_options[] = {
{"user", required_argument, NULL, 'u'},
{"resource", required_argument, NULL, 'r'},
{"privilege", required_argument, NULL, 'p'},
{"help", no_argument, NULL, 'h'},
{"verbose", no_argument, NULL, 'v'},
{"version", no_argument, NULL, 'V'},
{NULL, 0, NULL, 0}
};
g_type_init ();
rc = 1;
while (TRUE) {
int c;
c = getopt_long (argc, argv, "u:r:p:hVv", long_options, NULL);
if (c == -1)
break;
switch (c) {
case 'u':
user = g_strdup (optarg);
break;
case 'r':
resource = g_strdup (optarg);
break;
case 'p':
privilege = g_strdup (optarg);
break;
case 'v':
is_verbose = TRUE;
break;
case 'h':
usage (argc, argv);
rc = 0;
goto out;
case 'V':
printf ("polkit-grant-privilege version " PACKAGE_VERSION "\n");
rc = 0;
goto out;
default:
usage (argc, argv);
goto out;
}
}
if (privilege == NULL) {
usage (argc, argv);
return 1;
}
if (user == NULL) {
user = g_strdup (g_get_user_name ());
}
bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
if (bus == NULL) {
g_warning ("dbus_g_bus_get: %s", error->message);
g_error_free (error);
return 1;
}
ctx = libpolkit_new_context (dbus_g_connection_get_connection (bus));
gboolean is_privileged = FALSE;
LibPolKitResult result;
result = libpolkit_is_uid_allowed_for_privilege (ctx,
-1,
user,
privilege,
resource,
&is_privileged);
switch (result) {
case LIBPOLKIT_RESULT_OK:
if (is_privileged) {
if (resource == NULL) {
g_print ("User '%s' already has privilege '%s'.\n", user, privilege);
} else {
g_print ("User '%s' already has privilege '%s' for accessing\n"
"resource '%s'.\n",
user, privilege, resource);
}
rc = 0;
goto out;
}
break;
case LIBPOLKIT_RESULT_ERROR:
g_print ("Error granting resource.\n");
goto out;
case LIBPOLKIT_RESULT_INVALID_CONTEXT:
g_print ("Invalid context.\n");
goto out;
case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
g_print ("Not privileged.\n");
goto out;
case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
g_print ("No such privilege '%s'.\n", privilege);
goto out;
case LIBPOLKIT_RESULT_NO_SUCH_USER:
g_print ("No such user '%s'.\n", user);
goto out;
}
do_grant_privilege (bus, user, privilege, resource);
out:
return rc;
}
Index: polkit-is-privileged.c
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/polkit-is-privileged.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- polkit-is-privileged.c 8 Mar 2006 03:28:58 -0000 1.2
+++ polkit-is-privileged.c 14 Mar 2006 06:14:33 -0000 1.3
@@ -1,12 +1,10 @@
/***************************************************************************
* CVSID: $Id$
*
- * polkit-is-privileged.c : Small command line wrapper for libpolkit
+ * polkit-is-privileged.c : Determine if a user has privileges
*
* Copyright (C) 2006 David Zeuthen, <david at fubar.dk>
*
- * Licensed under the Academic Free License version 2.1
- *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@@ -31,6 +29,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <getopt.h>
+#include <dbus/dbus.h>
#include <libpolkit/libpolkit.h>
@@ -39,21 +38,23 @@
{
fprintf (stderr, "polkit-is-privileged version " PACKAGE_VERSION "\n");
- fprintf (stderr, "\n" "usage : %s -u <uid> -p <policy> [-r <resource>]\n", argv[0]);
+ fprintf (stderr,
+ "\n"
+ "usage : %s -u <uid> -p <privilege> [-r <resource>]\n"
+ " [-i <pid>]", argv[0]);
fprintf (stderr,
"\n"
"Options:\n"
- " -u, --uid Username or user id\n"
+ " -u, --user Username or user id\n"
+ " -i, --pid Pid of process privilege may be restricted to\n"
" -r, --resource Resource\n"
- " -p, --policy policy to test for\n"
+ " -p, --privilege Privilege to test for\n"
" -h, --help Show this information and exit\n"
" -v, --verbose Verbose operation\n"
" -V, --version Print version number\n"
"\n"
"Queries system policy whether a given user is allowed for a given\n"
- "policy for a given resource. The resource may be omitted.\n"
- "\n"
- "System policies are defined in the " PACKAGE_SYSCONF_DIR "/PolicyKit/policy directory.\n"
+ "privilege for a given resource. The resource may be omitted.\n"
"\n");
}
@@ -61,36 +62,42 @@
main (int argc, char *argv[])
{
int rc;
- uid_t uid;
char *user = NULL;
- char *policy = NULL;
+ char *privilege = NULL;
char *resource = NULL;
+ pid_t pid = (pid_t) -1;
static const struct option long_options[] = {
- {"uid", required_argument, NULL, 'u'},
+ {"user", required_argument, NULL, 'u'},
+ {"pid", required_argument, NULL, 'i'},
{"resource", required_argument, NULL, 'r'},
- {"policy", required_argument, NULL, 'p'},
+ {"privilege", required_argument, NULL, 'p'},
{"help", no_argument, NULL, 'h'},
{"verbose", no_argument, NULL, 'v'},
{"version", no_argument, NULL, 'V'},
{NULL, 0, NULL, 0}
};
LibPolKitContext *ctx = NULL;
- char *endp;
gboolean is_allowed;
LibPolKitResult result;
gboolean is_verbose = FALSE;
+ DBusError error;
+ DBusConnection *connection;
rc = 1;
while (TRUE) {
int c;
- c = getopt_long (argc, argv, "u:r:p:UhVv", long_options, NULL);
+ c = getopt_long (argc, argv, "u:r:p:i:hVv", long_options, NULL);
if (c == -1)
break;
switch (c) {
+ case 'i':
+ pid = atoi (optarg);
+ break;
+
case 'u':
user = g_strdup (optarg);
break;
@@ -100,7 +107,7 @@
break;
case 'p':
- policy = g_strdup (optarg);
+ privilege = g_strdup (optarg);
break;
case 'v':
@@ -123,61 +130,60 @@
}
}
- if (user == NULL || policy == NULL) {
+ if (user == NULL || privilege == NULL) {
usage (argc, argv);
return 1;
}
if (is_verbose) {
- printf ("user = '%s'\n", user);
- printf ("policy = '%s'\n", policy);
- printf ("resource = '%s'\n", resource);
+ printf ("user = '%s'\n", user);
+ printf ("privilege = '%s'\n", privilege);
+ printf ("resource = '%s'\n", resource);
}
- ctx = libpolkit_new_context ();
- if (ctx == NULL) {
- g_warning ("Cannot get policy context");
- goto out;
+ dbus_error_init (&error);
+ connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
+ if (connection == NULL) {
+ g_warning ("Cannot connect to system message bus");
+ return 1;
}
- uid = (uid_t) g_ascii_strtoull (user, &endp, 0);
- if (endp[0] != '\0') {
- uid = libpolkit_util_name_to_uid (ctx, user, NULL);
- if (uid == (uid_t) -1) {
- g_warning ("User '%s' does not exist", user);
- goto out;
- }
- }
- if (is_verbose) {
- printf ("user '%s' is uid %d\n", user, (int) uid);
+ ctx = libpolkit_new_context (connection);
+ if (ctx == NULL) {
+ g_warning ("Cannot get libpolkit context");
+ goto out;
}
- result = libpolkit_is_uid_allowed_for_policy (ctx,
- uid,
- policy,
- resource,
- &is_allowed);
+ result = libpolkit_is_uid_allowed_for_privilege (ctx,
+ pid,
+ user,
+ privilege,
+ resource,
+ &is_allowed);
switch (result) {
case LIBPOLKIT_RESULT_OK:
rc = is_allowed ? 0 : 1;
break;
case LIBPOLKIT_RESULT_ERROR:
- g_warning ("error retrieving policy");
+ g_warning ("Error determing whether user is privileged.");
break;
case LIBPOLKIT_RESULT_INVALID_CONTEXT:
- g_warning ("invalid context");
- break;
+ g_print ("Invalid context.\n");
+ goto out;
- case LIBPOLKIT_RESULT_PERMISSON_DENIED:
- g_warning ("permission denied");
- break;
+ case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
+ g_print ("Not privileged.\n");
- case LIBPOLKIT_RESULT_NO_SUCH_POLICY:
- g_warning ("no such policy '%s'", policy);
- break;
+ case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
+ g_print ("No such privilege '%s'.\n", privilege);
+ goto out;
+
+ case LIBPOLKIT_RESULT_NO_SUCH_USER:
+ g_print ("No such user '%s'.\n", user);
+ goto out;
}
if (is_verbose) {
--- NEW FILE: polkit-list-privileges.c ---
/***************************************************************************
* CVSID: $Id: polkit-list-privileges.c,v 1.1 2006/03/14 06:14:33 david Exp $
*
* polkit-list-privileges.c : List privileges possesed by a user
*
* Copyright (C) 2006 David Zeuthen, <david at fubar.dk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
**************************************************************************/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <getopt.h>
#include <dbus/dbus.h>
#include <libpolkit/libpolkit.h>
static void
usage (int argc, char *argv[])
{
fprintf (stderr, "polkit-list-privileges version " PACKAGE_VERSION "\n");
fprintf (stderr, "\n" "usage : %s [-u <user>]\n", argv[0]);
fprintf (stderr,
"\n"
"Options:\n"
" -u, --user Username or user id\n"
" -h, --help Show this information and exit\n"
" -v, --verbose Verbose operation\n"
" -V, --version Print version number\n"
"\n"
"Lists privileges for a given user.\n"
"\n");
}
int
main (int argc, char *argv[])
{
int rc;
char *user = NULL;
static const struct option long_options[] = {
{"user", required_argument, NULL, 'u'},
{"help", no_argument, NULL, 'h'},
{"verbose", no_argument, NULL, 'v'},
{"version", no_argument, NULL, 'V'},
{NULL, 0, NULL, 0}
};
LibPolKitContext *ctx = NULL;
gboolean is_verbose = FALSE;
DBusError error;
DBusConnection *connection;
int i;
GList *l;
GList *privilege_list;
rc = 1;
while (TRUE) {
int c;
c = getopt_long (argc, argv, "u:p:hVv", long_options, NULL);
if (c == -1)
break;
switch (c) {
case 'u':
user = g_strdup (optarg);
break;
case 'v':
is_verbose = TRUE;
break;
case 'h':
usage (argc, argv);
rc = 0;
goto out;
case 'V':
printf ("polkit-list-privileges version " PACKAGE_VERSION "\n");
rc = 0;
goto out;
default:
usage (argc, argv);
goto out;
}
}
if (user == NULL) {
user = g_strdup (g_get_user_name ());
}
if (is_verbose) {
printf ("user = '%s'\n", user);
}
dbus_error_init (&error);
connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
if (connection == NULL) {
g_warning ("Cannot connect to system message bus");
return 1;
}
ctx = libpolkit_new_context (connection);
if (ctx == NULL) {
g_warning ("Cannot get libpolkit context");
goto out;
}
if (libpolkit_get_privilege_list (ctx, &privilege_list) != LIBPOLKIT_RESULT_OK) {
g_warning ("Cannot get privilege_list");
goto out;
}
for (l = privilege_list, i = 0; l != NULL; l = g_list_next (l), i++) {
const char *privilege;
gboolean is_allowed;
GList *j;
GList *resources;
privilege = (const char *) l->data;
if (is_verbose) {
g_print ("testing user %s for privilege '%s'\n", user, privilege);
}
if (libpolkit_is_uid_allowed_for_privilege (ctx,
-1,
user,
privilege,
NULL,
&is_allowed) == LIBPOLKIT_RESULT_OK) {
if (is_allowed) {
g_print ("privilege %s\n", privilege);
} else {
if (libpolkit_get_allowed_resources_for_privilege_for_uid (ctx,
user,
privilege,
&resources) == LIBPOLKIT_RESULT_OK) {
for (j = resources; j != NULL; j = g_list_next (j)) {
const char *resource;
resource = (const char *) j->data;
g_print ("resource %s privilege %s\n", resource, privilege);
}
g_list_foreach (resources, (GFunc) g_free, NULL);
g_list_free (resources);
}
}
}
}
g_list_foreach (privilege_list, (GFunc) g_free, NULL);
g_list_free (privilege_list);
rc = 0;
out:
if (ctx != NULL)
libpolkit_free_context (ctx);
return rc;
}
- Previous message: PolicyKit/privileges Makefile.am, NONE,
1.1 desktop-console.privilege, NONE, 1.1
- Next message: PolicyKit COPYING, 1.1.1.1, 1.2 ChangeLog, 1.6, 1.7 Makefile.am,
1.1.1.1, 1.2 configure.in, 1.1.1.1, 1.2 policy-kit.in, NONE,
1.1 polkit-interface-manager.xml, NONE,
1.1 polkit-interface-session.xml, NONE, 1.1 polkit.pc.in, 1.5, 1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the hal-commit
mailing list