PolicyKit/libpolkit Makefile.am, 1.2, 1.3 libpolkit-grant.c, NONE,
1.1 libpolkit-grant.h, NONE, 1.1 libpolkit.c, 1.3,
1.4 libpolkit.h, 1.3, 1.4
David Zeuthen
david at kemper.freedesktop.org
Mon Jun 5 16:39:02 PDT 2006
- Previous message: PolicyKit/doc/spec Makefile.am, 1.1, 1.2 polkit-spec.html, 1.3,
1.4 polkit-spec.xml.in, 1.4, 1.5
- Next message: PolicyKit/pam-polkit-console Makefile.am, NONE,
1.1 pam-polkit-console.c, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/hal/PolicyKit/libpolkit
In directory kemper:/tmp/cvs-serv24124/libpolkit
Modified Files:
Makefile.am libpolkit.c libpolkit.h
Added Files:
libpolkit-grant.c libpolkit-grant.h
Log Message:
2006-06-05 David Zeuthen <davidz at redhat.com>
Lots of changes! Almost ready for 0.2 release.
* Makefile.am:
* README:
* configure.in:
* doc/TODO:
* doc/api/polkit-docs.xml:
* doc/spec/Makefile.am:
* doc/spec/polkit-spec.html:
* doc/spec/polkit-spec.xml.in:
* libpolkit/Makefile.am:
* libpolkit/libpolkit-grant.c: (have_questions_handler),
(libpolkit_grant_provide_answers), (auth_done_handler),
(libpolkit_grant_new_context),
(libpolkit_grant_get_libpolkit_context),
(libpolkit_grant_set_questions_handler),
(libpolkit_grant_set_grant_complete_handler),
(libpolkit_grant_initiate_temporary_grant),
(libpolkit_grant_get_user_for_auth),
(libpolkit_grant_get_pam_service_for_auth),
(libpolkit_grant_close), (libpolkit_grant_free_context),
(libpolkit_grant_get_user), (libpolkit_grant_get_privilege),
(libpolkit_grant_get_resource):
* libpolkit/libpolkit-grant.h:
* libpolkit/libpolkit.c:
(libpolkit_get_allowed_resources_for_privilege_for_uid),
(libpolkit_is_uid_allowed_for_privilege):
* libpolkit/libpolkit.h:
* pam-polkit-console/Makefile.am:
* pam-polkit-console/pam-polkit-console.c: (_pam_log),
(_parse_module_args), (_is_local_xconsole), (_poke_polkitd),
(pam_sm_authenticate), (pam_sm_setcred), (pam_sm_open_session),
(pam_sm_close_session):
* polkit-interface-manager.xml:
* polkit-interface-session.xml:
* polkit.pc.in:
* polkitd/PolicyKit.in:
* polkitd/main.c: (handle_sigusr1), (sigusr1_iochn_data), (main):
* polkitd/policy.c: (txt_backend_read_policy),
(txt_backend_read_list), (txt_backend_read_word),
(policy_get_sufficient_privileges),
(policy_get_required_privileges),
(policy_get_auth_details_for_policy),
(_policy_is_uid_gid_allowed_for_policy),
(policy_is_uid_gid_allowed_for_policy),
(policy_is_uid_allowed_for_policy):
* polkitd/policy.h:
* polkitd/polkit-manager.c: (_granting_temp_priv),
(_revoking_temp_priv), (polkit_manager_error_get_type),
(bus_name_owner_changed), (polkit_manager_get_caller_info),
(_check_for_temp_privilege),
(polkit_manager_initiate_temporary_privilege_grant),
(polkit_manager_is_user_privileged),
(polkit_manager_get_allowed_resources_for_privilege),
(polkit_manager_revoke_temporary_privilege),
(polkit_manager_add_temporary_privilege),
(polkit_manager_remove_temporary_privilege),
(polkit_manager_update_desktop_console_privileges):
* polkitd/polkit-manager.h:
* polkitd/polkit-session.c: (polkit_session_close),
(polkit_session_grant_privilege_temporarily), (polkit_session_new),
(polkit_session_initiator_disconnected):
* polkitd/polkit-session.h:
* privileges/desktop-console.privilege:
* tools/Makefile.am:
* tools/polkit-grant-privilege.c: (questions_cb),
(grant_complete_cb), (main):
* tools/polkit-is-privileged.c: (usage), (main):
* tools/polkit-list-privileges.c: (main):
* tools/polkit-revoke-privilege.c: (main):
Index: Makefile.am
===================================================================
RCS file: /cvs/hal/PolicyKit/libpolkit/Makefile.am,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- Makefile.am 14 Mar 2006 06:14:33 -0000 1.2
+++ Makefile.am 5 Jun 2006 23:39:00 -0000 1.3
@@ -12,7 +12,7 @@
@GLIB_CFLAGS@ \
@DBUS_GLIB_CFLAGS@
-lib_LTLIBRARIES=libpolkit.la
+lib_LTLIBRARIES=libpolkit.la libpolkit-grant.la
libpolkitincludedir=$(includedir)/libpolkit
@@ -26,6 +26,29 @@
libpolkit_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
+
+libpolkit_grantincludedir=$(includedir)/libpolkit
+
+libpolkit_grantinclude_HEADERS = \
+ libpolkit-grant.h
+
+libpolkit_grant_la_SOURCES = \
+ libpolkit-grant.c libpolkit-grant.h \
+ polkit-interface-manager-glue.h \
+ polkit-interface-session-glue.h
+
+libpolkit_grant_la_LIBADD = @DBUS_GLIB_LIBS@ @GLIB_LIBS@
+
+libpolkit_grant_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
+
+polkit-interface-manager-glue.h: ../polkit-interface-manager.xml Makefile.am
+ dbus-binding-tool --prefix=polkit_manager --mode=glib-client --output=polkit-interface-manager-glue.h ../polkit-interface-manager.xml
+
+polkit-interface-session-glue.h: ../polkit-interface-session.xml Makefile.am
+ dbus-binding-tool --prefix=polkit_session --mode=glib-client --output=polkit-interface-session-glue.h ../polkit-interface-session.xml
+
+BUILT_SOURCES = polkit-interface-manager-glue.h polkit-interface-session-glue.h
+
clean-local :
- rm -f *~
+ rm -f *~ $(BUILT_SOURCES)
--- NEW FILE: libpolkit-grant.c ---
/***************************************************************************
*
* libpolkit-grant.c : Wraps temporary grant methods on the PolicyKit daemon
*
* Copyright (C) 2006 David Zeuthen, <david at fubar.dk>
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
**************************************************************************/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stdlib.h>
#include <stdio.h>
#include <getopt.h>
#include <string.h>
#include <errno.h>
#include <glib/gstdio.h>
#include <dbus/dbus-glib.h>
#include <dbus/dbus-glib-lowlevel.h>
#include <libpolkit/libpolkit.h>
#include "libpolkit-grant.h"
#include "polkit-interface-manager-glue.h"
#include "polkit-interface-session-glue.h"
struct LibPolKitGrantContext_s
{
DBusGConnection *dbus_g_connection;
char *user;
char *privilege;
char *resource;
gboolean restrict_to_dbus_connection;
LibPolKitGrantQuestions questions_handler;
LibPolKitGrantComplete grant_complete_handler;
char *auth_user;
char *auth_service_name;
DBusGProxy *manager;
DBusGProxy *session;
LibPolKitContext *polkit_ctx;
gpointer user_data;
};
static void
have_questions_handler (DBusGProxy *session, gpointer user_data)
{
char **questions;
GError *error = NULL;
LibPolKitGrantContext *ctx = (LibPolKitGrantContext *) user_data;
gboolean should_continue;
should_continue = FALSE;
if (!org_freedesktop_PolicyKit_Session_get_questions (ctx->session,
&questions,
&error)) {
g_warning ("GetQuestions: %s", error->message);
/* we're done */
ctx->grant_complete_handler (ctx, FALSE, error->message, ctx->user_data);
g_error_free (error);
} else {
ctx->questions_handler (ctx, (const char **) questions, ctx->user_data);
g_strfreev (questions);
}
}
void
libpolkit_grant_provide_answers (LibPolKitGrantContext *ctx, const char **answers)
{
GError *error = NULL;
if (!org_freedesktop_PolicyKit_Session_provide_answers (ctx->session,
(const char **) answers,
&error)) {
g_warning ("ProvideAnswers: %s", error->message);
/* we're done */
ctx->grant_complete_handler (ctx, FALSE, error->message, ctx->user_data);
g_error_free (error);
}
}
static void
auth_done_handler (DBusGProxy *session, gpointer user_data)
{
gboolean auth_result;
//gboolean was_revoked;
GError *error = NULL;
LibPolKitGrantContext *ctx = (LibPolKitGrantContext *) user_data;
/*g_debug ("in %s", __FUNCTION__);*/
if (!org_freedesktop_PolicyKit_Session_is_authenticated (session,
&auth_result,
&error)) {
g_warning ("IsAuthenticated: %s", error->message);
/* we're done */
ctx->grant_complete_handler (ctx, FALSE, error->message, ctx->user_data);
g_error_free (error);
goto out;
}
/*g_message ("Authentication done. %s", auth_result);*/
if (!auth_result) {
char *auth_denied_reason;
if (!org_freedesktop_PolicyKit_Session_get_auth_denied_reason (session,
&auth_denied_reason,
&error)) {
g_warning ("GetAuthDeniedReason: %s", error->message);
g_error_free (error);
goto out;
}
/*g_print ("\n"
"Authentication failed (reason: '%s').\n", auth_denied_reason);*/
/* we're done */
ctx->grant_complete_handler (ctx, FALSE, auth_denied_reason, ctx->user_data);
g_free (auth_denied_reason);
} else {
/*g_print ("\n"
"Authentication succeeded.\n");*/
/* don't restrict privilege to callers unique system bus connection name */
if (!org_freedesktop_PolicyKit_Session_grant_privilege_temporarily (session,
ctx->restrict_to_dbus_connection,
&error)) {
g_warning ("GrantPrivilegeTemporarily: %s", error->message);
/* we're done */
ctx->grant_complete_handler (ctx, FALSE, error->message, ctx->user_data);
g_error_free (error);
} else {
/* we're done */
ctx->grant_complete_handler (ctx, TRUE, NULL, ctx->user_data);
}
}
//sleep (20);
//libpolkit_revoke_temporary_privilege (ctx, grant_user, grant_privilege, grant_resource, &was_revoked);
//g_debug ("was revoked = %d", was_revoked);
//sleep (10000);
out:
;
}
/**
* libpolkit_grant_new_context:
* @user: User to request privilege for
* @privilege: Privilege to ask for
* @resource: Resource to ask for. May be NULL.
* @restrict_to_dbus_connection: Whether the privilege should be restricted to a particular D-BUS connection on the
* system message bus.
* @user_data: User data to be passed to callbacks
*
* Create a new context for obtaining a privilege.
*
* Returns: The context. It is an opaque data structure. Free with libpolkit_grant_free_context.
*/
LibPolKitGrantContext*
libpolkit_grant_new_context (DBusGConnection *dbus_g_connection,
const char *user,
const char *privilege,
const char *resource,
gboolean restrict_to_dbus_connection,
gpointer user_data)
{
LibPolKitGrantContext* ctx;
ctx = g_new (LibPolKitGrantContext, 1);
ctx->dbus_g_connection = dbus_g_connection;
ctx->user = g_strdup (user);
ctx->privilege = g_strdup (privilege);
ctx->resource = g_strdup (resource);
ctx->restrict_to_dbus_connection = restrict_to_dbus_connection;
ctx->questions_handler = NULL;
ctx->grant_complete_handler = NULL;
ctx->user_data = user_data;
ctx->auth_user = NULL;
ctx->auth_service_name = NULL;
ctx->polkit_ctx = libpolkit_new_context (dbus_g_connection_get_connection (dbus_g_connection));
return ctx;
}
LibPolKitContext*
libpolkit_grant_get_libpolkit_context (LibPolKitGrantContext *ctx)
{
return ctx->polkit_ctx;
}
void
libpolkit_grant_set_questions_handler (LibPolKitGrantContext *ctx,
LibPolKitGrantQuestions questions_handler)
{
ctx->questions_handler = questions_handler;
}
void
libpolkit_grant_set_grant_complete_handler (LibPolKitGrantContext *ctx,
LibPolKitGrantComplete grant_complete_handler)
{
ctx->grant_complete_handler = grant_complete_handler;
}
gboolean
libpolkit_grant_initiate_temporary_grant (LibPolKitGrantContext *ctx)
{
GError *error = NULL;
char *session_objpath;
gboolean rc;
rc = FALSE;
if (ctx->questions_handler == NULL ||
ctx->grant_complete_handler == NULL)
goto out;
ctx->manager = dbus_g_proxy_new_for_name (ctx->dbus_g_connection,
"org.freedesktop.PolicyKit",
"/org/freedesktop/PolicyKit/Manager",
"org.freedesktop.PolicyKit.Manager");
if (ctx->manager == NULL)
goto out;
if (!org_freedesktop_PolicyKit_Manager_initiate_temporary_privilege_grant (ctx->manager,
ctx->user,
ctx->privilege,
ctx->resource,
&session_objpath,
&error)) {
g_warning ("GrantPrivilege: %s", error->message);
g_error_free (error);
goto out;
}
/*g_debug ("session_objpath = %s", session_objpath);*/
ctx->session = dbus_g_proxy_new_for_name (ctx->dbus_g_connection,
"org.freedesktop.PolicyKit",
session_objpath,
"org.freedesktop.PolicyKit.Session");
if (ctx->session == NULL)
goto out;
dbus_g_proxy_add_signal (ctx->session, "HaveQuestions", G_TYPE_INVALID);
dbus_g_proxy_connect_signal (ctx->session, "HaveQuestions", G_CALLBACK (have_questions_handler),
(void *) ctx, NULL);
dbus_g_proxy_add_signal (ctx->session, "AuthenticationDone", G_TYPE_INVALID);
dbus_g_proxy_connect_signal (ctx->session, "AuthenticationDone", G_CALLBACK (auth_done_handler),
(void *) ctx, NULL);
if (!org_freedesktop_PolicyKit_Session_get_auth_details (ctx->session,
&ctx->auth_user,
&ctx->auth_service_name,
&error)) {
g_warning ("GetAuthDetails: %s", error->message);
g_error_free (error);
goto out;
}
if (!org_freedesktop_PolicyKit_Session_initiate_auth (ctx->session,
&error)) {
g_warning ("InitiateAuth: %s", error->message);
g_error_free (error);
/* TODO: LIBPOLKIT_GRANT_RESULT_NO_SUCH_PRIVILEGE, LIBPOLKIT_GRANT_RESULT_CANNOT_AUTH_FOR_PRIVILEGE */
goto out;
}
g_free (session_objpath);
rc = TRUE;
out:
return rc;
}
const char*
libpolkit_grant_get_user_for_auth (LibPolKitGrantContext *ctx)
{
return ctx->auth_user;
}
const char*
libpolkit_grant_get_pam_service_for_auth (LibPolKitGrantContext *ctx)
{
return ctx->auth_service_name;
}
gboolean
libpolkit_grant_close (LibPolKitGrantContext *ctx,
gboolean revoke_privilege)
{
GError *error = NULL;
/* got the privilege; now close the session.. */
if (!org_freedesktop_PolicyKit_Session_close (ctx->session,
&error)) {
g_warning ("Close: %s", error->message);
g_error_free (error);
}
if (revoke_privilege) {
gboolean was_revoked;
libpolkit_revoke_temporary_privilege (ctx->polkit_ctx,
ctx->user,
ctx->privilege,
ctx->resource,
&was_revoked);
if (!was_revoked) {
g_warning ("Couldn't revoke privilege");
}
}
return TRUE;
}
void
libpolkit_grant_free_context (LibPolKitGrantContext *ctx)
{
g_free (ctx->user);
g_free (ctx->privilege);
g_free (ctx->resource);
g_free (ctx->auth_user);
g_free (ctx->auth_service_name);
libpolkit_free_context (ctx->polkit_ctx);
g_free (ctx);
}
const char*
libpolkit_grant_get_user (LibPolKitGrantContext *ctx)
{
return ctx->user;
}
const char*
libpolkit_grant_get_privilege (LibPolKitGrantContext *ctx)
{
return ctx->privilege;
}
/**
* libpolkit_grant_get_resource:
* @ctx: Context
*
* Get the resource as passed in from libpolkit_grant_new_context.
*
* Returns: The resource. May be NULL.
*/
const char*
libpolkit_grant_get_resource (LibPolKitGrantContext *ctx)
{
return ctx->resource;
}
--- NEW FILE: libpolkit-grant.h ---
/***************************************************************************
*
* libpolkit-grant.h : Wraps temporary grant methods on the PolicyKit daemon
*
* Copyright (C) 2006 David Zeuthen, <david at fubar.dk>
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
**************************************************************************/
#ifndef LIBPOLKIT_GRANT_H
#define LIBPOLKIT_GRANT_H
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <glib.h>
#include <dbus/dbus.h>
#include <dbus/dbus-glib.h>
#include <dbus/dbus-glib-lowlevel.h>
#include <libpolkit/libpolkit.h>
struct LibPolKitGrantContext_s;
typedef struct LibPolKitGrantContext_s LibPolKitGrantContext;
/**
* LibPolKitGrantQuestions:
* @ctx: Context
* @questions: NULL terminated series of pairs. Each pair represent one question.
* @user_data: User data
*
* Callback when information is needed from the user in order to
* authenticate.
*
* The first component of the each pair in the questions array denote
* the question type. It can assume the values "PamPromptEchoOff"
* (meaning prompt for answer but don't echo it on the screen as the
* user types it), "PamPromptEchoOn" (meaning prompt for answer and
* echo the answer on the screen as the user types it), "PamErrorMsg"
* (display the message as an error message to the user) and
* "PamTextInfo" (textual information to the user). The second
* component in the pair is the actual question or information
* (e.g. "Password:") and it should be shown to the user next to the
* text input box.
*
* The callee should call libpolkit_grant_provide_answers with a
* string array once it the answers have been obtained from the user.
*
*/
typedef void (*LibPolKitGrantQuestions) (LibPolKitGrantContext *ctx,
const char **questions,
gpointer user_data);
/**
* LibPolKitGrantComplete:
* @obtained_privilege: Whether the user sucessfully authenticated
* and was granted the privilege.
* @reason_not_obtained: If the user did not obtain the privilege
* this is the reason. May be NULL.
* @user_data: User data
*
* Callback when authorization was complete or there was an error.
*
*/
typedef void (*LibPolKitGrantComplete) (LibPolKitGrantContext *ctx,
gboolean obtained_privilege,
const char *reason_not_obtained,
gpointer user_data);
LibPolKitGrantContext* libpolkit_grant_new_context (DBusGConnection *dbus_g_connection,
const char *user,
const char *privilege,
const char *resource,
gboolean restrict_to_dbus_connection,
gpointer user_data);
const char* libpolkit_grant_get_user (LibPolKitGrantContext *ctx);
const char* libpolkit_grant_get_privilege (LibPolKitGrantContext *ctx);
const char* libpolkit_grant_get_resource (LibPolKitGrantContext *ctx);
LibPolKitContext* libpolkit_grant_get_libpolkit_context (LibPolKitGrantContext *ctx);
void libpolkit_grant_set_questions_handler (LibPolKitGrantContext *ctx,
LibPolKitGrantQuestions questions_handler);
void libpolkit_grant_set_grant_complete_handler (LibPolKitGrantContext *ctx,
LibPolKitGrantComplete grant_complete_handler);
gboolean libpolkit_grant_initiate_temporary_grant (LibPolKitGrantContext *ctx);
const char* libpolkit_grant_get_user_for_auth (LibPolKitGrantContext *ctx);
const char* libpolkit_grant_get_pam_service_for_auth (LibPolKitGrantContext *ctx);
void libpolkit_grant_provide_answers (LibPolKitGrantContext *ctx,
const char **answers);
gboolean libpolkit_grant_close (LibPolKitGrantContext *ctx,
gboolean revoke_privilege);
void libpolkit_grant_free_context (LibPolKitGrantContext *ctx);
#endif /* LIBPOLKIT_GRANT_H */
Index: libpolkit.c
===================================================================
RCS file: /cvs/hal/PolicyKit/libpolkit/libpolkit.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- libpolkit.c 22 Apr 2006 23:27:14 -0000 1.3
+++ libpolkit.c 5 Jun 2006 23:39:00 -0000 1.4
@@ -54,8 +54,8 @@
return _ret_; \
} \
if (_ctx_->magic != LIBPOLKIT_MAGIC) { \
- g_warning ("%s: given LibPolKitContext is invalid", \
- __FUNCTION__); \
+ g_warning ("%s: given LibPolKitContext is invalid (read magic 0x%08x, should be 0x%08x)", \
+ __FUNCTION__, _ctx_->magic, LIBPOLKIT_MAGIC); \
return _ret_; \
} \
} while(0)
@@ -102,7 +102,8 @@
libpolkit_get_allowed_resources_for_privilege_for_uid (LibPolKitContext *ctx,
const char *user,
const char *privilege,
- GList **result,
+ GList **resources,
+ GList **restrictions,
int *num_non_temporary)
{
LibPolKitResult res;
@@ -111,12 +112,15 @@
DBusError error;
char **resource_list;
int num_resources;
+ char **restriction_list;
+ int num_restrictions;
int i;
LIBPOLKIT_CHECK_CONTEXT (ctx, LIBPOLKIT_RESULT_INVALID_CONTEXT);
res = LIBPOLKIT_RESULT_ERROR;
- *result = NULL;
+ *resources = NULL;
+ *restrictions = NULL;
message = dbus_message_new_method_call ("org.freedesktop.PolicyKit",
"/org/freedesktop/PolicyKit/Manager",
@@ -149,6 +153,7 @@
if (!dbus_message_get_args (reply, &error,
DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &resource_list, &num_resources,
+ DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &restriction_list, &num_restrictions,
DBUS_TYPE_INT32, num_non_temporary,
DBUS_TYPE_INVALID)) {
g_warning ("Could not extract args from D-BUS message: %s : %s", error.name, error.message);
@@ -157,10 +162,15 @@
}
for (i = 0; i < num_resources; i++) {
- *result = g_list_append (*result, g_strdup (resource_list[i]));
+ *resources = g_list_append (*resources, g_strdup (resource_list[i]));
}
dbus_free_string_array (resource_list);
+ for (i = 0; i < num_restrictions; i++) {
+ *restrictions = g_list_append (*restrictions, g_strdup (restriction_list[i]));
+ }
+ dbus_free_string_array (restriction_list);
+
res = LIBPOLKIT_RESULT_OK;
out:
@@ -172,25 +182,28 @@
}
LibPolKitResult
-libpolkit_is_uid_allowed_for_privilege (LibPolKitContext *ctx,
- pid_t pid,
- const char *user,
- const char *privilege,
- const char *resource,
- gboolean *is_allowed,
- gboolean *is_temporary)
+libpolkit_is_uid_allowed_for_privilege (LibPolKitContext *ctx,
+ const char *system_bus_unique_name,
+ const char *user,
+ const char *privilege,
+ const char *resource,
+ gboolean *out_is_allowed,
+ gboolean *out_is_temporary,
+ char **out_is_privileged_but_restricted_to_system_bus_unique_name)
{
LibPolKitResult res;
DBusMessage *message = NULL;
DBusMessage *reply = NULL;
DBusError error;
const char *myresource = "";
+ const char *mysystem_bus_unique_name = "";
+ char *but_restricted_to = NULL;
LIBPOLKIT_CHECK_CONTEXT (ctx, LIBPOLKIT_RESULT_INVALID_CONTEXT);
res = LIBPOLKIT_RESULT_ERROR;
- *is_allowed = FALSE;
- *is_temporary = FALSE;
+ *out_is_allowed = FALSE;
+ *out_is_temporary = FALSE;
message = dbus_message_new_method_call ("org.freedesktop.PolicyKit",
"/org/freedesktop/PolicyKit/Manager",
@@ -204,8 +217,11 @@
if (resource != NULL)
myresource = resource;
+ if (system_bus_unique_name != NULL)
+ mysystem_bus_unique_name = system_bus_unique_name;
+
if (!dbus_message_append_args (message,
- DBUS_TYPE_INT32, &pid,
+ DBUS_TYPE_STRING, &mysystem_bus_unique_name,
DBUS_TYPE_STRING, &user,
DBUS_TYPE_STRING, &privilege,
DBUS_TYPE_STRING, &myresource,
@@ -232,14 +248,24 @@
if (!dbus_message_get_args (reply, &error,
- DBUS_TYPE_BOOLEAN, is_allowed,
- DBUS_TYPE_BOOLEAN, is_temporary,
+ DBUS_TYPE_BOOLEAN, out_is_allowed,
+ DBUS_TYPE_BOOLEAN, out_is_temporary,
+ DBUS_TYPE_STRING, &but_restricted_to,
DBUS_TYPE_INVALID)) {
g_warning ("Could not extract args from D-BUS message: %s : %s", error.name, error.message);
dbus_error_free (&error);
goto out;
}
+ if (out_is_privileged_but_restricted_to_system_bus_unique_name != NULL) {
+ if (but_restricted_to != NULL && strlen (but_restricted_to) > 0) {
+ *out_is_privileged_but_restricted_to_system_bus_unique_name = strdup (but_restricted_to);
+ } else {
+ *out_is_privileged_but_restricted_to_system_bus_unique_name = NULL;
+ }
+ //dbus_free (but_restricted_to);
+ }
+
res = LIBPOLKIT_RESULT_OK;
out:
Index: libpolkit.h
===================================================================
RCS file: /cvs/hal/PolicyKit/libpolkit/libpolkit.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- libpolkit.h 22 Apr 2006 23:27:14 -0000 1.3
+++ libpolkit.h 5 Jun 2006 23:39:00 -0000 1.4
@@ -51,12 +51,13 @@
GList **result);
LibPolKitResult libpolkit_is_uid_allowed_for_privilege (LibPolKitContext *ctx,
- pid_t pid,
+ const char *system_bus_unique_name,
const char *user,
const char *privilege,
const char *resource,
- gboolean *is_allowed,
- gboolean *is_temporary);
+ gboolean *out_is_allowed,
+ gboolean *out_is_temporary,
+ char **out_is_privileged_but_restricted_to_system_bus_unique_name);
LibPolKitResult libpolkit_revoke_temporary_privilege (LibPolKitContext *ctx,
const char *user,
@@ -67,7 +68,8 @@
LibPolKitResult libpolkit_get_allowed_resources_for_privilege_for_uid (LibPolKitContext *ctx,
const char *user,
const char *privilege,
- GList **result,
+ GList **resources,
+ GList **restrictions,
int *num_non_temporary);
#endif /* LIBPOLKIT_H */
- Previous message: PolicyKit/doc/spec Makefile.am, 1.1, 1.2 polkit-spec.html, 1.3,
1.4 polkit-spec.xml.in, 1.4, 1.5
- Next message: PolicyKit/pam-polkit-console Makefile.am, NONE,
1.1 pam-polkit-console.c, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the hal-commit
mailing list