PolicyKit/tools Makefile.am, 1.2, 1.3 polkit-grant-privilege.c, 1.3,
1.4 polkit-is-privileged.c, 1.3, 1.4 polkit-list-privileges.c,
1.1, 1.2 polkit-revoke-privilege.c, NONE, 1.1
David Zeuthen
david at kemper.freedesktop.org
Sat Apr 22 16:27:16 PDT 2006
Update of /cvs/hal/PolicyKit/tools
In directory kemper:/tmp/cvs-serv6540/tools
Modified Files:
Makefile.am polkit-grant-privilege.c polkit-is-privileged.c
polkit-list-privileges.c
Added Files:
polkit-revoke-privilege.c
Log Message:
2006-04-22 David Zeuthen <davidz at redhat.com>
* tools/polkit-list-privileges.c (main): Update to new D-BUS API;
print " (temporary)" for privilege if appropriate.
* tools/polkit-is-privileged.c (main): Update to new D-BUS API
* tools/polkit-grant-privilege.c:
(do_grant_privilege): Update to new D-BUS API
(main): --do--
* tools/polkit-revoke-privilege.c: New file
* tools/Makefile.am: Add build rules for polkit-revoke-privilege
* polkitd/polkit-manager.h: Fix up prototypes
* polkitd/polkit-manager.c:
(polkit_manager_initiate_temporary_privilege_grant): Update to new
D-BUS API
(polkit_manager_get_allowed_resources_for_privilege): --do--
(polkit_manager_revoke_temporary_privilege): New function
(polkit_manager_remove_temporary_privilege): Fix up resource handling
(polkit_manager_add_temporary_privilege): --do--
* libpolkit/libpolkit.h:
(libpolkit_get_allowed_resources_for_privilege_for_uid): Update to
new D-BUS API and export libpolkit_revoke_temporary_privilege()
* libpolkit/libpolkit.c:
(libpolkit_is_uid_allowed_for_privilege): Update to new D-BUS API
(libpolkit_get_allowed_resources_for_privilege_for_uid): --do--
(libpolkit_revoke_temporary_privilege): New function
* polkit-interface-manager.xml: Rename InitiatePrivilegeGrant() to
InitiateTemporaryPrivilegeGrant(). Add new function
RevokeTemporaryPrivilege(). Make IsUserPrivileged() output a
boolean is_temporary. GetAllowedResourcesForPrivilege() now also
outputs an integer num_non_temp.
Index: Makefile.am
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/Makefile.am,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- Makefile.am 14 Mar 2006 06:14:33 -0000 1.2
+++ Makefile.am 22 Apr 2006 23:27:14 -0000 1.3
@@ -15,7 +15,8 @@
bin_PROGRAMS = \
polkit-is-privileged \
polkit-list-privileges \
- polkit-grant-privilege
+ polkit-grant-privilege \
+ polkit-revoke-privilege
polkit_is_privileged_SOURCES = polkit-is-privileged.c
polkit_is_privileged_LDADD = @DBUS_CFLAGS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
@@ -29,13 +30,19 @@
polkit-interface-session-glue.h: ../polkit-interface-session.xml Makefile.am
dbus-binding-tool --prefix=polkit_session --mode=glib-client --output=polkit-interface-session-glue.h ../polkit-interface-session.xml
+
polkit_grant_privilege_SOURCES= \
polkit-grant-privilege.c \
polkit-interface-manager-glue.h \
polkit-interface-session-glue.h
-
polkit_grant_privilege_LDADD= @DBUS_GLIB_LIBS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+
+polkit_revoke_privilege_SOURCES= \
+ polkit-revoke-privilege.c
+polkit_revoke_privilege_LDADD= @DBUS_GLIB_LIBS@ @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la
+
+
BUILT_SOURCES = polkit-interface-manager-glue.h polkit-interface-session-glue.h
clean-local :
Index: polkit-grant-privilege.c
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/polkit-grant-privilege.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- polkit-grant-privilege.c 17 Mar 2006 00:23:00 -0000 1.3
+++ polkit-grant-privilege.c 22 Apr 2006 23:27:14 -0000 1.4
@@ -224,12 +224,12 @@
goto out;
}
- if (!org_freedesktop_PolicyKit_Manager_initiate_privilege_grant (manager,
- user,
- privilege,
- resource,
- &session_objpath,
- &error)) {
+ if (!org_freedesktop_PolicyKit_Manager_initiate_temporary_privilege_grant (manager,
+ user,
+ privilege,
+ resource,
+ &session_objpath,
+ &error)) {
g_warning ("GrantPrivilege: %s", error->message);
g_error_free (error);
goto out;
@@ -318,6 +318,9 @@
{"version", no_argument, NULL, 'V'},
{NULL, 0, NULL, 0}
};
+ gboolean is_privileged = FALSE;
+ gboolean is_temporary = FALSE;
+ LibPolKitResult result;
g_type_init ();
@@ -382,15 +385,13 @@
ctx = libpolkit_new_context (dbus_g_connection_get_connection (bus));
- gboolean is_privileged = FALSE;
- LibPolKitResult result;
-
result = libpolkit_is_uid_allowed_for_privilege (ctx,
-1,
user,
privilege,
resource,
- &is_privileged);
+ &is_privileged,
+ &is_temporary);
switch (result) {
case LIBPOLKIT_RESULT_OK:
if (is_privileged) {
Index: polkit-is-privileged.c
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/polkit-is-privileged.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- polkit-is-privileged.c 14 Mar 2006 06:14:33 -0000 1.3
+++ polkit-is-privileged.c 22 Apr 2006 23:27:14 -0000 1.4
@@ -78,6 +78,7 @@
};
LibPolKitContext *ctx = NULL;
gboolean is_allowed;
+ gboolean is_temporary;
LibPolKitResult result;
gboolean is_verbose = FALSE;
DBusError error;
@@ -160,7 +161,8 @@
user,
privilege,
resource,
- &is_allowed);
+ &is_allowed,
+ &is_temporary);
switch (result) {
case LIBPOLKIT_RESULT_OK:
rc = is_allowed ? 0 : 1;
Index: polkit-list-privileges.c
===================================================================
RCS file: /cvs/hal/PolicyKit/tools/polkit-list-privileges.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- polkit-list-privileges.c 14 Mar 2006 06:14:33 -0000 1.1
+++ polkit-list-privileges.c 22 Apr 2006 23:27:14 -0000 1.2
@@ -135,8 +135,10 @@
for (l = privilege_list, i = 0; l != NULL; l = g_list_next (l), i++) {
const char *privilege;
gboolean is_allowed;
+ gboolean is_temporary;
GList *j;
GList *resources;
+ int num_non_temporary;
privilege = (const char *) l->data;
if (is_verbose) {
@@ -148,22 +150,29 @@
user,
privilege,
NULL,
- &is_allowed) == LIBPOLKIT_RESULT_OK) {
+ &is_allowed,
+ &is_temporary) == LIBPOLKIT_RESULT_OK) {
if (is_allowed) {
- g_print ("privilege %s\n", privilege);
- } else {
- if (libpolkit_get_allowed_resources_for_privilege_for_uid (ctx,
- user,
- privilege,
- &resources) == LIBPOLKIT_RESULT_OK) {
- for (j = resources; j != NULL; j = g_list_next (j)) {
- const char *resource;
- resource = (const char *) j->data;
- g_print ("resource %s privilege %s\n", resource, privilege);
- }
- g_list_foreach (resources, (GFunc) g_free, NULL);
- g_list_free (resources);
+ g_print ("privilege %s%s\n", privilege, is_temporary ? " (temporary)" : "");
+ }
+
+ if (libpolkit_get_allowed_resources_for_privilege_for_uid (
+ ctx,
+ user,
+ privilege,
+ &resources,
+ &num_non_temporary) == LIBPOLKIT_RESULT_OK) {
+ int n;
+
+ for (j = resources, n = 0; j != NULL; j = g_list_next (j), n++) {
+ const char *resource;
+ resource = (const char *) j->data;
+ g_print ("resource %s privilege %s%s\n",
+ resource, privilege,
+ n >= num_non_temporary ? " (temporary)" : "");
}
+ g_list_foreach (resources, (GFunc) g_free, NULL);
+ g_list_free (resources);
}
}
--- NEW FILE: polkit-revoke-privilege.c ---
/***************************************************************************
* CVSID: $Id: polkit-revoke-privilege.c,v 1.1 2006/04/22 23:27:14 david Exp $
*
* polkit-grant-privilege.c : Grant privileges
*
* Copyright (C) 2006 David Zeuthen, <david at fubar.dk>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
**************************************************************************/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stdlib.h>
#include <stdio.h>
#include <getopt.h>
#include <string.h>
#include <errno.h>
#include <glib/gstdio.h>
#include <dbus/dbus-glib.h>
#include <dbus/dbus-glib-lowlevel.h>
#include <libpolkit/libpolkit.h>
static void
usage (int argc, char *argv[])
{
fprintf (stderr, "polkit-revoke-privilege version " PACKAGE_VERSION "\n");
fprintf (stderr, "\n" "usage : %s -p <privilege> [-u user] [-r <resource>]\n", argv[0]);
fprintf (stderr,
"\n"
"Options:\n"
" -u, --user User to revoke privilege from\n"
" -p, --privilege Privilege to revoke\n"
" -r, --resource Resource\n"
" -h, --help Show this information and exit\n"
" -v, --verbose Verbose operation\n"
" -V, --version Print version number\n"
"\n"
"Revokes a privilege for accessing a resource. The resource may\n"
"be omitted.\n");
}
static gboolean is_verbose = FALSE;
int
main (int argc, char **argv)
{
int rc;
GError *error = NULL;
DBusGConnection *bus;
LibPolKitContext *ctx;
char *user = NULL;
char *resource = NULL;
char *privilege = NULL;
static const struct option long_options[] = {
{"user", required_argument, NULL, 'u'},
{"resource", required_argument, NULL, 'r'},
{"privilege", required_argument, NULL, 'p'},
{"help", no_argument, NULL, 'h'},
{"verbose", no_argument, NULL, 'v'},
{"version", no_argument, NULL, 'V'},
{NULL, 0, NULL, 0}
};
gboolean was_revoked;
g_type_init ();
rc = 1;
while (TRUE) {
int c;
c = getopt_long (argc, argv, "u:r:p:hVv", long_options, NULL);
if (c == -1)
break;
switch (c) {
case 'u':
user = g_strdup (optarg);
break;
case 'r':
resource = g_strdup (optarg);
break;
case 'p':
privilege = g_strdup (optarg);
break;
case 'v':
is_verbose = TRUE;
break;
case 'h':
usage (argc, argv);
rc = 0;
goto out;
case 'V':
printf ("polkit-grant-privilege version " PACKAGE_VERSION "\n");
rc = 0;
goto out;
default:
usage (argc, argv);
goto out;
}
}
if (privilege == NULL) {
usage (argc, argv);
return 1;
}
if (user == NULL) {
user = g_strdup (g_get_user_name ());
}
bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
if (bus == NULL) {
g_warning ("dbus_g_bus_get: %s", error->message);
g_error_free (error);
return 1;
}
ctx = libpolkit_new_context (dbus_g_connection_get_connection (bus));
LibPolKitResult result;
result = libpolkit_revoke_temporary_privilege (ctx,
user,
privilege,
resource,
&was_revoked);
switch (result) {
case LIBPOLKIT_RESULT_OK:
if (was_revoked) {
if (resource == NULL) {
g_print ("User '%s' no longer has privilege '%s'.\n", user, privilege);
} else {
g_print ("User '%s' no longer has privilege '%s' for accessing\n"
"resource '%s'.\n",
user, privilege, resource);
}
rc = 0;
goto out;
}
break;
case LIBPOLKIT_RESULT_ERROR:
g_print ("Error granting resource.\n");
goto out;
case LIBPOLKIT_RESULT_INVALID_CONTEXT:
g_print ("Invalid context.\n");
goto out;
case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
g_print ("Not privileged.\n");
goto out;
case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
g_print ("No such privilege '%s'.\n", privilege);
goto out;
case LIBPOLKIT_RESULT_NO_SUCH_USER:
g_print ("No such user '%s'.\n", user);
goto out;
}
out:
return rc;
}
More information about the hal-commit
mailing list