hal: Branch 'master'

David Zeuthen david at kemper.freedesktop.org
Sun Mar 25 16:04:18 PDT 2007


 hald/hald_dbus.c           |   10 +---------
 libhal/libhal.c            |    8 ++++----
 tools/hal-storage-mount.c  |   34 ++++++++++++++++++----------------
 tools/hal-storage-shared.c |    2 +-
 4 files changed, 24 insertions(+), 30 deletions(-)

New commits:
diff-tree 16a87091fc6da9190feae9e19d4eb99165d5328c (from ce1a29366fa816ade302159db0f64efe8000d310)
Author: David Zeuthen <davidz at redhat.com>
Date:   Sun Mar 25 19:04:19 2007 -0400

    don't set INVOKED_BY_SYSTEMBUS_CONNECTION_NAME unless call is from bus

diff --git a/hald/hald_dbus.c b/hald/hald_dbus.c
index 2df8e0d..8a6fdad 100644
--- a/hald/hald_dbus.c
+++ b/hald/hald_dbus.c
@@ -3459,9 +3459,9 @@ hald_exec_method (HalDevice *d, CICaller
 	/* add calling uid */
 	extra_env[0] = NULL;
 	extra_env[1] = NULL;
+	extra_env[2] = NULL;
 	if (local_interface) {
 		extra_env[0] = "HAL_METHOD_INVOKED_BY_UID=0";
-		extra_env[1] = "HAL_METHOD_INVOKED_BY_SYSTEMBUS_CONNECTION_NAME=0";
 	} else {
 		sprintf (uid_export, "HAL_METHOD_INVOKED_BY_UID=%u", ci_tracker_caller_get_uid (ci));
 		extra_env[0] = uid_export;
@@ -3470,14 +3470,6 @@ hald_exec_method (HalDevice *d, CICaller
 		extra_env[1] = sender_export;
 	}
 
-	if (extra_env[0] == NULL)
-		extra_env[0] = "HAL_METHOD_INVOKED_BY_UID=nobody";
-	if (extra_env[1] == NULL)
-		extra_env[1] = "HAL_METHOD_INVOKED_BY_SYSTEMBUS_CONNECTION_NAME=0";
-
-
-	extra_env[2] = NULL;
-
 	/* prepare stdin with parameters */
 	stdin_str = g_string_sized_new (256); /* default size for passing params; can grow */
 	dbus_message_iter_init (message, &iter);
diff --git a/libhal/libhal.c b/libhal/libhal.c
index c9697ce..6f0323e 100644
--- a/libhal/libhal.c
+++ b/libhal/libhal.c
@@ -4324,10 +4324,10 @@ libhal_device_is_caller_locked_out (LibH
 	DBusMessageIter reply_iter;
         dbus_bool_t value;
 
-	LIBHAL_CHECK_LIBHALCONTEXT(ctx, FALSE);
-	LIBHAL_CHECK_PARAM_VALID(udi, "*udi", FALSE);
-	LIBHAL_CHECK_PARAM_VALID(interface, "*interface", FALSE);
-	LIBHAL_CHECK_PARAM_VALID(caller, "*caller", FALSE);
+	LIBHAL_CHECK_LIBHALCONTEXT(ctx, TRUE);
+	LIBHAL_CHECK_PARAM_VALID(udi, "*udi", TRUE);
+	LIBHAL_CHECK_PARAM_VALID(interface, "*interface", TRUE);
+	LIBHAL_CHECK_PARAM_VALID(caller, "*caller", TRUE);
 
 	message = dbus_message_new_method_call ("org.freedesktop.Hal",
 						udi,
diff --git a/tools/hal-storage-mount.c b/tools/hal-storage-mount.c
index ee5c381..a5d0221 100644
--- a/tools/hal-storage-mount.c
+++ b/tools/hal-storage-mount.c
@@ -758,22 +758,24 @@ handle_mount (LibHalContext *hal_ctx, 
 #endif
 
 #ifdef HAVE_POLKIT
-	if (libpolkit_is_uid_allowed_for_privilege (pol_ctx, 
-						    invoked_by_syscon_name,
-						    invoked_by_uid,
-						    privilege,
-						    udi,
-						    &allowed_by_privilege,
-						    &is_temporary_privilege,
-						    NULL) != LIBPOLKIT_RESULT_OK) {
-		printf ("cannot lookup privilege\n");
-		unknown_error ("Cannot lookup privilege from PolicyKit");
-	}
-
-	if (!allowed_by_privilege) {
-		printf ("caller don't possess privilege\n");
-		permission_denied_privilege (privilege, invoked_by_uid);
-	}
+        if (invoked_by_syscon_name != NULL) {
+                if (libpolkit_is_uid_allowed_for_privilege (pol_ctx, 
+                                                            invoked_by_syscon_name,
+                                                            invoked_by_uid,
+                                                            privilege,
+                                                            udi,
+                                                            &allowed_by_privilege,
+                                                            &is_temporary_privilege,
+                                                            NULL) != LIBPOLKIT_RESULT_OK) {
+                        printf ("cannot lookup privilege\n");
+                        unknown_error ("Cannot lookup privilege from PolicyKit");
+                }
+
+                if (!allowed_by_privilege) {
+                        printf ("caller don't possess privilege\n");
+                        permission_denied_privilege (privilege, invoked_by_uid);
+                }
+        }
 #endif
 
 #ifdef DEBUG
diff --git a/tools/hal-storage-shared.c b/tools/hal-storage-shared.c
index 6c8e9d2..1dfecb3 100644
--- a/tools/hal-storage-shared.c
+++ b/tools/hal-storage-shared.c
@@ -208,7 +208,7 @@ bailout_if_drive_is_locked (LibHalContex
 {
         DBusError error;
 
-        if (drive != NULL) {
+        if (drive != NULL && invoked_by_syscon_name != NULL) {
                 dbus_error_init (&error);
                 if (libhal_device_is_caller_locked_out (hal_ctx, 
                                                         libhal_drive_get_udi (drive),


More information about the hal-commit mailing list