hal/tools hal-system-storage-mount,1.14,1.15
David Zeuthen
david at freedesktop.org
Sun Jan 22 08:08:39 PST 2006
Update of /cvs/hal/hal/tools
In directory gabe:/tmp/cvs-serv17017/tools
Modified Files:
hal-system-storage-mount
Log Message:
2006-01-22 David Zeuthen <davidz at redhat.com>
* tools/hal-system-storage-mount: Also remove code expecting
the now removed attempt at managing privileges
Index: hal-system-storage-mount
===================================================================
RCS file: /cvs/hal/hal/tools/hal-system-storage-mount,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- hal-system-storage-mount 21 Jan 2006 16:54:04 -0000 1.14
+++ hal-system-storage-mount 22 Jan 2006 16:08:36 -0000 1.15
@@ -29,46 +29,6 @@
exit 1
fi
-# read our security policy (see policy/10osvendor/10-security-policy.fdi)
-SECPOL_ALLOW_UID_MOUNT_FIXED=`hal-get-property --udi /org/freedesktop/Hal/devices/computer --key security_policy.system.storage.allow_uid_mount_fixed`
-SECPOL_ALLOW_UID_MOUNT_NONFIXED=`hal-get-property --udi /org/freedesktop/Hal/devices/computer --key security_policy.system.storage.allow_uid_mount_nonfixed`
-
-# determine what kind of drive we stem from
-IS_HOTPLUGGABLE=`hal-get-property --udi $HAL_PROP_BLOCK_STORAGE_DEVICE --key storage.hotpluggable`
-IS_REMOVABLE=`hal-get-property --udi $HAL_PROP_BLOCK_STORAGE_DEVICE --key storage.removable`
-
-# enforce security policy
-ALLOW="false"
-if [ "$IS_HOTPLUGGABLE" == "true" ] || [ "$IS_REMOVABLE" == "true" ]; then
- # nonfixed media, e.g. removable and/or hotpluggable
- if [ "$SECPOL_ALLOW_UID_MOUNT_NONFIXED" == "" ]; then
- ALLOW="true"
- else
- for i in $SECPOL_ALLOW_UID_MOUNT_NONFIXED; do
- if [ "$i" == "$HAL_METHOD_INVOKED_BY_UID" ]; then
- ALLOW="true"
- fi
- done
- fi
-else
- # fixed media
- if [ "$SECPOL_ALLOW_UID_MOUNT_FIXED" == "" ]; then
- ALLOW="true"
- else
- for i in $SECPOL_ALLOW_UID_MOUNT_FIXED; do
- if [ "$i" == "$HAL_METHOD_INVOKED_BY_UID" ]; then
- ALLOW="true"
- fi
- done
- fi
-fi
-
-if [ "$ALLOW" != "true" ]; then
- echo "org.freedesktop.Hal.Device.Volume.PermissionDenied" >&2
- echo "uid $HAL_METHOD_INVOKED_BY_UID is not authorized according to security policy" >&2
- exit 1
-fi
-
# read parameters
# "MyDisk\n"
# "fuse\n"
More information about the hal-commit
mailing list