PolicyKit: Branch 'master' - 70 commits
David Zeuthen
david at kemper.freedesktop.org
Tue Jan 27 07:58:02 PST 2009
.gitignore | 32
AUTHORS | 1
COPYING | 512 ++
HACKING | 95
Makefile.am | 57
NEWS | 423 --
README | 92
acinclude.m4 | 51
actions/Makefile.am | 16
actions/org.freedesktop.policykit.policy.in | 51
autogen.sh | 18
configure.ac | 471 ++
configure.in | 677 ---
data/Makefile.am | 39
data/org.freedesktop.PolicyKit.AuthenticationAgent1.xml | 24
data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml | 25
data/org.freedesktop.PolicyKit1.Authority.xml | 253 +
data/org.freedesktop.PolicyKit1.conf.in | 10
data/org.freedesktop.PolicyKit1.service.in | 4
data/polkit-1.in | 6
data/polkit-1.pc.in | 12
data/polkit-agent-1.pc.in | 11
data/polkit-backend-1.pc.in | 11
data/polkit-gobject-1.pc.in | 13
data/polkit-grant-1.in | 6
data/polkit-grant-1.pc.in | 11
dev/null |binary
doc/.gitignore | 3
doc/Makefile.am | 87
doc/TODO | 60
doc/man/Makefile.am | 20
doc/man/PolicyKit.xml | 63
doc/man/polkit-action.xml | 194
doc/man/polkit-auth.xml | 343 -
doc/man/polkit-policy-file-validate.xml | 89
doc/polkit-diagrams.svg | 1923 ---------
doc/polkit-docs.xml | 144
doc/spec/polkit-spec-configuration.xml | 295 -
doc/spec/polkit-spec-introduction.xml | 136
doc/spec/polkit-spec-model.xml | 569 --
doc/version.xml.in | 1
docs/Makefile.am | 4
docs/TODO | 71
docs/man/Makefile.am | 22
docs/man/PolicyKit.xml | 59
docs/man/polkit.xml | 358 +
docs/polkit/Makefile.am | 80
docs/polkit/polkit-docs.xml | 114
docs/polkitagent/Makefile.am | 88
docs/polkitagent/polkitagent-docs.xml | 7
docs/polkitbackend/Makefile.am | 88
docs/polkitbackend/polkitbackend-docs.xml | 7
docs/version.xml.in | 1
examples/tracker-example/README | 4
examples/tracker-example/dk.fubar.PolKitTestService.conf | 10
examples/tracker-example/tracker-example-client.py | 11
examples/tracker-example/tracker-example.c | 138
gtk-doc.make | 159
mkinstalldirs | 111
po/LINGUAS | 3
po/POTFILES.in | 2
po/da.po | 51
policy/Makefile.am | 16
policy/org.freedesktop.policykit.policy.in | 61
polkit-backendd/Makefile.am | 63
polkit-backendd/main.c | 169
polkit-backendd/org.freedesktop.PolicyKit.Backend.conf.in | 11
polkit-backendd/org.freedesktop.PolicyKit.Backend.service.in | 4
polkit-backendd/org.freedesktop.PolicyKit.Backend.xml | 18
polkit-backendd/polkit-daemon-backend.c | 292 -
polkit-backendd/polkit-daemon-backend.h | 81
src/Makefile.am | 2
src/kit/Makefile.am | 79
src/kit/kit-entity.c | 163
src/kit/kit-entity.h | 52
src/kit/kit-file.c | 367 -
src/kit/kit-file.h | 54
src/kit/kit-hash.c | 638 ---
src/kit/kit-hash.h | 144
src/kit/kit-lib.c | 136
src/kit/kit-lib.h | 52
src/kit/kit-list.c | 348 -
src/kit/kit-list.h | 86
src/kit/kit-memory.c | 422 --
src/kit/kit-memory.h | 80
src/kit/kit-message.c | 113
src/kit/kit-message.h | 53
src/kit/kit-spawn.c | 675 ---
src/kit/kit-spawn.h | 69
src/kit/kit-string.c | 1204 -----
src/kit/kit-string.h | 94
src/kit/kit-test-main.c | 52
src/kit/kit-test.c | 142
src/kit/kit-test.h | 72
src/kit/kit.h | 164
src/polkit-grant/Makefile.am | 183
src/polkit-grant/polkit-authorization-db-dummy-write.c | 111
src/polkit-grant/polkit-authorization-db-write.c | 922 ----
src/polkit-grant/polkit-explicit-grant-helper.c | 219 -
src/polkit-grant/polkit-grant-helper-pam.c | 247 -
src/polkit-grant/polkit-grant-helper-shadow.c | 148
src/polkit-grant/polkit-grant-helper.c | 816 ---
src/polkit-grant/polkit-grant-test.c | 63
src/polkit-grant/polkit-grant-test.h | 47
src/polkit-grant/polkit-grant.c | 564 --
src/polkit-grant/polkit-grant.h | 373 -
src/polkit-grant/polkit-revoke-helper.c | 362 -
src/polkit/.gitignore | 9
src/polkit/Makefile.am | 283 -
src/polkit/polkit-action-description.c | 1398 ------
src/polkit/polkit-action-description.h | 92
src/polkit/polkit-action.c | 398 -
src/polkit/polkit-action.h | 64
src/polkit/polkit-authorization-constraint.c | 1001 ----
src/polkit/polkit-authorization-constraint.h | 108
src/polkit/polkit-authorization-db-dummy.c | 227 -
src/polkit/polkit-authorization-db.c | 1470 -------
src/polkit/polkit-authorization-db.h | 175
src/polkit/polkit-authorization.c | 879 ----
src/polkit/polkit-authorization.h | 140
src/polkit/polkit-caller.c | 461 --
src/polkit/polkit-caller.h | 65
src/polkit/polkit-context.c | 622 ---
src/polkit/polkit-context.h | 129
src/polkit/polkit-debug.c | 87
src/polkit/polkit-debug.h | 41
src/polkit/polkit-error.c | 253 -
src/polkit/polkit-error.h | 100
src/polkit/polkit-implicit-authorization.c | 572 --
src/polkit/polkit-implicit-authorization.h | 80
src/polkit/polkit-private.h | 107
src/polkit/polkit-read-auth-helper.c | 421 --
src/polkit/polkit-resolve-exe-helper.c | 168
src/polkit/polkit-result.c | 155
src/polkit/polkit-result.h | 114
src/polkit/polkit-seat.c | 234 -
src/polkit/polkit-seat.h | 57
src/polkit/polkit-session.c | 504 --
src/polkit/polkit-session.h | 68
src/polkit/polkit-set-default-helper.c | 227 -
src/polkit/polkit-simple.c | 599 --
src/polkit/polkit-simple.h | 52
src/polkit/polkit-sysdeps.c | 406 -
src/polkit/polkit-sysdeps.h | 51
src/polkit/polkit-test.c | 79
src/polkit/polkit-test.h | 63
src/polkit/polkit-tracker.c | 1556 -------
src/polkit/polkit-tracker.h | 70
src/polkit/polkit-types.h | 109
src/polkit/polkit-utils.c | 175
src/polkit/polkit-utils.h | 45
src/polkit/polkit.h | 77
src/polkit/polkitactiondescription.c | 228 +
src/polkit/polkitactiondescription.h | 61
src/polkit/polkitauthority.c | 1152 +++++
src/polkit/polkitauthority.h | 212 +
src/polkit/polkitauthorization.c | 145
src/polkit/polkitauthorization.h | 57
src/polkit/polkitauthorizationresult.c | 43
src/polkit/polkitauthorizationresult.h | 50
src/polkit/polkitcheckauthorizationflags.c | 35
src/polkit/polkitcheckauthorizationflags.h | 50
src/polkit/polkiterror.c | 48
src/polkit/polkiterror.h | 60
src/polkit/polkitidentity.c | 219 +
src/polkit/polkitidentity.h | 63
src/polkit/polkitimplicitauthorization.c | 126
src/polkit/polkitimplicitauthorization.h | 62
src/polkit/polkitprivate.h | 49
src/polkit/polkitsubject.c | 252 +
src/polkit/polkitsubject.h | 63
src/polkit/polkitsystembusname.c | 204
src/polkit/polkitsystembusname.h | 53
src/polkit/polkittypes.h | 55
src/polkit/polkitunixgroup.c | 229 +
src/polkit/polkitunixgroup.h | 55
src/polkit/polkitunixprocess.c | 390 +
src/polkit/polkitunixprocess.h | 58
src/polkit/polkitunixsession.c | 192
src/polkit/polkitunixsession.h | 51
src/polkit/polkitunixuser.c | 229 +
src/polkit/polkitunixuser.h | 55
src/polkitagent/Makefile.am | 82
src/polkitagent/polkitagent.h | 30
src/polkitagent/polkitagentauthenticationagent.c | 205 +
src/polkitagent/polkitagentauthenticationagent.h | 69
src/polkitagent/polkitagentauthenticationsession.c | 362 +
src/polkitagent/polkitagentauthenticationsession.h | 139
src/polkitagent/polkitagenthelper.c | 309 +
src/polkitagent/polkitagenttypes.h | 38
src/polkitbackend/Makefile.am | 99
src/polkitbackend/org.freedesktop.ConsoleKit.xml | 276 +
src/polkitbackend/polkitbackend.h | 37
src/polkitbackend/polkitbackendactionpool.c | 1051 +++++
src/polkitbackend/polkitbackendactionpool.h | 78
src/polkitbackend/polkitbackendauthority.c | 176
src/polkitbackend/polkitbackendauthority.h | 198
src/polkitbackend/polkitbackendlocalauthority.c | 2255 +++++++++++
src/polkitbackend/polkitbackendlocalauthority.h | 77
src/polkitbackend/polkitbackendpendingcall.c | 167
src/polkitbackend/polkitbackendpendingcall.h | 85
src/polkitbackend/polkitbackendprivate.h | 34
src/polkitbackend/polkitbackendserver.c | 527 ++
src/polkitbackend/polkitbackendserver.h | 53
src/polkitbackend/polkitbackendsessionmonitor.c | 571 ++
src/polkitbackend/polkitbackendsessionmonitor.h | 67
src/polkitbackend/polkitbackendtypes.h | 44
src/polkitd/Makefile.am | 42
src/polkitd/main.c | 104
src/programs/Makefile.am | 32
src/programs/polkit.c | 907 ++++
test/Makefile.am | 16
test/create-coverage-report.sh | 64
test/invalid/test-invalid-1-action-id.policy | 14
test/invalid/test-invalid-2-bogus-any.policy | 14
test/invalid/test-invalid-3-bogus-inactive.policy | 14
test/invalid/test-invalid-4-bogus-active.policy | 14
test/invalid/test-invalid-5-max-depth.policy | 87
test/valid/test-valid-1.policy | 14
test/valid/test-valid-2-annotations.policy | 27
test/valid/test-valid-3-lang.policy | 28
test/valid/test-valid-4-unknown-tags.policy | 20
test/valid/test-valid-5-wrong-extension.policy~ | 14
tools/.gitignore | 9
tools/Makefile.am | 31
tools/polkit-action.c | 356 -
tools/polkit-auth.c | 1023 ----
tools/polkit-bash-completion-1.sh | 125
tools/polkit-policy-file-validate.c | 155
229 files changed, 15142 insertions(+), 31801 deletions(-)
New commits:
commit 94ff3c28193a0a3b1f0f4aa7952fa0844da619db
Merge: f2f2f6d... 8377067...
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 27 10:52:09 2009 -0500
Merge branch 'master' of /home/davidz/Hacking/polkit
commit f2f2f6db1ef8ea855737cff91d8876365b9b308d
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 27 10:51:10 2009 -0500
prepare for merge of rewritten PolicyKit
diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index a3a977f..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,32 +0,0 @@
-aclocal.m4
-autom4te.cache
-compile
-config.guess
-config.h
-config.h.in
-config.log
-config.status
-config.sub
-configure
-depcomp
-INSTALL
-install-sh
-intltool-extract
-intltool-extract.in
-intltool-merge
-intltool-merge.in
-intltool-update
-intltool-update.in
-libtool
-ltmain.sh
-Makefile
-Makefile.in
-missing
-mkinstalldirs
-policy-kit
-polkit.pc
-py-compile
-stamp-h1
-*.o
-ChangeLog
-*.tar.gz
diff --git a/AUTHORS b/AUTHORS
deleted file mode 100644
index c686966..0000000
--- a/AUTHORS
+++ /dev/null
@@ -1 +0,0 @@
-David Zeuthen <davidz at redhat.com>
diff --git a/COPYING b/COPYING
deleted file mode 100644
index 7c66d06..0000000
--- a/COPYING
+++ /dev/null
@@ -1,32 +0,0 @@
-Copyright (C) 2007-2008 David Zeuthen <davidz at redhat.com>.
-All Rights Reserved.
-
-The PolicyKit source code is licensed under the MIT/X11 license. The
-license is included below.
-
--- BEGIN MIT/X11 License ---
-
-Permission is hereby granted, free of charge, to any person
-obtaining a copy of this software and associated
-documentation files (the "Software"), to deal in the
-Software without restriction, including without limitation
-the rights to use, copy, modify, merge, publish, distribute,
-sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so,
-subject to the following conditions:
-
-The above copyright notice and this permission notice shall
-be included in all copies or substantial portions of the
-Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
-KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
-WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
-PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
-BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
-
--- END MIT/X11 License ---
-
diff --git a/HACKING b/HACKING
deleted file mode 100644
index 67445f4..0000000
--- a/HACKING
+++ /dev/null
@@ -1,94 +0,0 @@
-SCM
-===
-
- - anonymous checkouts
-
- $ git clone git://git.freedesktop.org/git/PolicyKit.git
-
- - checkouts if you got an ssh account on fd.o (username@ is optional)
-
- $ git clone ssh://[username@]git.freedesktop.org/git/PolicyKit.git
-
- - commit to local repository
-
- $ git commit -a
-
- - push local repository to master repository at fd.o (remember most patches
- requires review at the mailing list)
-
- $ git push
-
- - pull changes from master repository at fd.o
-
- $ git pull
-
- - diff of working tree versus local repository
-
- $ git diff
-
- - diff of local repository vs. master repository at fd.o
-
- synchronize with upstream repo:
- $ git pull
-
- (possibly merge changes)
-
- generate the diff:
- $ git diff origin HEAD
-
- - influential environment variables (set these in e.g. .bash_profile)
-
- export GIT_AUTHOR_NAME='Your Full Name'
- export GIT_COMMITTER_NAME='Your Full Name'
- export GIT_COMMITTER_EMAIL=youremail at domain.net
- export GIT_AUTHOR_EMAIL=youremail at domain.net
-
- - see also
-
- http://www.kernel.org/pub/software/scm/git/docs/
-
-
-Committing code
-===
-
- - Commit messages should be of the form (the five lines between the
- lines starting with ===)
-
-=== begin example commit ===
-short explanation of the commit
-
-Longer explanation explaining exactly what's changed, whether any
-external or private interfaces changed, what bugs were fixed (with bug
-tracker reference if applicable) and so forth. Be concise but not too brief.
-=== end example commit ===
-
- - Always add a brief description of the commit to the _first_ line of
- the commit and terminate by two newlines (it will work without the
- second newline, but that is not nice for the interfaces).
-
- - First line (the brief description) must only be one sentence and
- must not start with a capital letter. Don't use a trailing period
- either.
-
- - The main description (the body) is normal prose and should use normal
- punctuation and capital letters where appropriate. Normally, for patches
- sent to a mailing list it's copied from there.
-
- - When committing code on behalf of others use the --author option, e.g.
- git commit -a --author "Joe Coder <joe at coder.org>"
-
-Coding Style
-===
-
- - Please follow the coding style already used - it's not a must, but it's
- nice to have consistency.
-
- - Write docs for all functions and structs and so on. We use gtkdoc format.
-
- - All external interfaces (network protocols, file formats, etc.)
- should have documented specifications sufficient to allow an
- alternative implementation to be written. Our implementation should
- be strict about specification compliance (should not for example
- heuristically parse a file and accept not-well-formed
- data). Avoiding heuristics is also important for security reasons;
- if it looks funny, ignore it (or exit, or disconnect).
diff --git a/Makefile.am b/Makefile.am
deleted file mode 100644
index 4e88e9c..0000000
--- a/Makefile.am
+++ /dev/null
@@ -1,66 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-SUBDIRS = data src polkit-backendd doc tools policy po test
-
-# Creating ChangeLog from git log (taken from cairo/Makefile.am):
-ChangeLog: $(srcdir)/ChangeLog
-
-$(srcdir)/ChangeLog:
- @if test -d "$(srcdir)/.git"; then \
- (cd "$(srcdir)" && \
- ./missing --run git-log --stat) | fmt --split-only > $@.tmp \
- && mv -f $@.tmp $@ \
- || ($(RM) $@.tmp; \
- echo Failed to generate ChangeLog, your ChangeLog may be outdated >&2; \
- (test -f $@ || echo git-log is required to generate this file >> $@)); \
- else \
- test -f $@ || \
- (echo A git checkout and git-log is required to generate ChangeLog >&2 && \
- echo A git checkout and git-log is required to generate this file >> $@); \
- fi
-
-if POLKIT_GCOV_ENABLED
-.PHONY: ChangeLog $(srcdir)/ChangeLog coverage-report.txt
-coverage-report.txt :
- make -C src/kit coverage-report.txt
- make -C src/polkit coverage-report.txt
- make -C src/polkit-dbus coverage-report.txt
- make -C src/polkit-grant coverage-report.txt
- $(top_srcdir)/test/create-coverage-report.sh "PolicyKit" `cat src/kit/covered-files.txt src/polkit/covered-files.txt src/polkit-dbus/covered-files.txt src/polkit-grant/covered-files.txt` > coverage-report.txt
-
-check-coverage: coverage-report.txt
- cat coverage-report.txt
-else
-.PHONY: ChangeLog $(srcdir)/ChangeLog
-
-coverage-report.txt:
- @echo "Need to reconfigure with --enable-gcov"
-
-check-coverage:
- @echo "Need to reconfigure with --enable-gcov"
-endif
-
-if POLKIT_BUILD_TESTS
-install:
- @echo "Cowardly refusing to install with --enable-tests."
- @exit 1
-endif
-
-EXTRA_DIST = \
- HACKING \
- mkinstalldirs \
- ChangeLog \
- intltool-extract.in \
- intltool-merge.in \
- intltool-update.in
-
-DISTCLEANFILES = \
- intltool-extract \
- intltool-merge \
- intltool-update
-
-# xsltproc barfs on 'make distcheck'; disable for now
-DISTCHECK_CONFIGURE_FLAGS=--disable-man-pages --disable-gtk-doc
-
-clean-local :
- rm -f *~
diff --git a/NEWS b/NEWS
deleted file mode 100644
index e7ec24e..0000000
--- a/NEWS
+++ /dev/null
@@ -1,423 +0,0 @@
-==========
-PolicyKit 0.9
-==========
-
-Released on July 22 2008.
-
-This release should be ABI compatible with PolicyKit 0.6 and later.
-
-David Zeuthen (10):
- need to link with libkit.la for some helpers
- fix some build stuff to so the test suites run
- fix autotools screwup
- fix typo
- always allow uid 0 to ask about authorizations for anyone
- fix up permissions / docs for certain helpers and files/directories
- update README (for the right wiki page) and COPYING (for my email address)
- update NEWS for release
- fix 'make distcheck'
- update NEWS again
-
-Joe Marcus Clarke (2):
- add support for FreeBSD
- remove watch on fd when reaching EOF
-
-==========
-PolicyKit 0.8 "The Ties That Bind"
-==========
-
-Released on April 16 2008.
-
-This release should be ABI compatible with PolicyKit 0.6 and later.
-
-NOTE NOTE NOTE: The permissions and modes of certain files has changed
- since PolicyKit 0.7. Make sure to update your spec files
- to reflect this. See the output of configure for details.
-
-Carlos Corbacho (4):
- remove unncessary PAM header inclusions
- split out authentication framework from authorisation database
- add Shadow authentication framework
- also add the new C file for the shadow helper
-
-David Zeuthen (33):
- be more precise about permissions in the blurb at the end of configure
- post release version bump to 0.8
- use strlen to avoid writing garbage at the end of the test auth file
- add bogus Returns: to make gtk-doc happy
- add constraints for exe and SELinux context when granting an authorization
- add note about new polkit-resolve-exe-helper
- add additional checks when using strtoul
- add docs and bash completion bits for new exe and selinux_context constraints
- fix typo in docs
- make the docs show an index of new symbols in 0.8
- make polkit-grant-helper-pam world readable
- actually check for bash in polkit-bash-completion.sh
- avoid use normal timeout when showing auth dialog; use INT_MAX instead
- fix doc in bugs for PolKitContextAddIOWatch
- make polkit-policy-file-validate require that actions are properly packaged
- add convenience API to consistently report authorization failures over D-Bus
- also add polkit_dbus_error_parse_from_strings() function
- fix typo in docs for polkit_dbus_error_parse_from_strings()
- don't check key/values in KitHash; they are not neccesarily pointers
- clarify docs for POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE
- invalidate memory cache after revoking one shot authorization
- remove debug spew
- remove more debug spew
- print stack traces for where leaks were allocated
- clear the right block when growing a string
- don't leak the copied authorizations list on OOM
- fix build when tests are disabled
- don't include libkit api docs
- fix issue where users allowed to change defaults can delete override files
- print warning to stderr if a policy file is malformed and we're ignoring it
- ensure object is first in the list/hash iterator callback functions
- be careful about what symbols we export
- update NEWS for release
-
-Holger Macht (1):
- avoid reliance on DT_REG so we work on reiserfs as well
-
-Jim Li (1):
- add support for Solaris platform
-
-Jim Meyering (5):
- handle kit_strdup_printf failure.
- remove unnecessary strdup.
- (do_auth): rename local: s/buf/password/
- avoid unnecessary/leaky use of strdup.
- handle kit_strdup failure.
-
-Kees Cook (1):
- fix for CVE-2008-1658: format string vulnerability in password input
-
-==========
-PolicyKit 0.7 "Common sense ain't common"
-==========
-
-Released on December 5th 2007.
-
-This is the fifth release of PolicyKit. This release is mostly ABI and
-API compatible with 0.6 (100% compatible for existing mechanisms). The
-authorization backend has changed; authorizations gained from earlier
-PolicyKit releases are no longer valid and will be ignored.
-
-Highlights of this release:
-
- o All code is now licensed under the MIT/X11 license
-
- o libpolkit and libpolkit-dbus no longer depends on libglib.
-
- o Unit test framework and coverage reporting. As of this release, 64%
- of the codebase is currently tested during 'make check'.
-
- o New system D-Bus service (activated on demand) providing the major
- functionality of libpolkit.so from a mechanism point of view. This
- is useful for chroot(2)'ed services like Avahi.
-
- o A class for tracking D-Bus connections to minimize the amount
- of IPC necessary. Useful for long running daemons.
-
- o Pluggable authorization database backend.
-
- o New API for interacting with the authorization database
-
- o A very simple convenience API useful for (legacy) commandline tools.
-
- o A way to specify that an implicit authorization can be one-shot
- only.
-
- o Vendor name, site and icon support in .policy files.
-
- o Improved documentation.
-
- o Negative authorizations.
-
- o Bash completions for all command line tools.
-
-Changes from PolicyKit 0.6 "There is no stopping in a red zone"
-
-David Zeuthen (126):
- add the convenience class PolKitTracker
- add id's so the generated HTML has stable and predictable file names
- post-release version bump
- add support to PolKitTracker for also asking on pid
- add C++ include guards and a new method to get pfe's by annotation
- avoid including regex.h from a public header file
- don't spew debug output in libpolkit-dbus
- work on the docs
- use the Since: tag so gtk-doc can print what symbols are new in 0.7
- add docs for POLKIT_[BEGIN|END]_DECLS and also add POLKIT_GNUC_DEPRECATED
- create an API for interfacing with the Authorization Database
- move POLKIT_GNUC_DEPRECATED to a separate line so gtk-doc is happy
- remember to set uid on PolKitSession
- rewrite authorization database and polkit-grant (now known as polkit-auth)
- make the authdb pluggable and add a dummy backend as an example
- move all private functions into a private header file
- move Linux specific code into a single file
- minor build system and doc fixes
- let authdb backends synthesize policy file entries
- fix build with dummy backend
- fix docs
- fix uid retrival when getting auths from all users
- use _destroy, not _unref for hash tables
- rearrange the docs so all API is in one section
- move authdb write functions to libpolkit-grant
- provide a polkit D-Bus service that is activated on demand
- remember to reset killtimer and fix an error message
- avoid defining the same functions in both libpolkit and libpolkit-grant
- rename revoke_if_oneshot to is_mechanism and also expose this on D-Bus
- make polkit_context_is_[caller|session]_authorized() take a PolKitError
- introduce one-shot authorizations
- updated TODO list
- add unit test framework with gcov coverage support (make check-coverage)
- extend test coverage for PolKitAction
- remove dead code
- add tests for PolKitError
- implement OOM testing
- add unit tests for PolKitResult
- add unit tests for PolKitSeat
- add unit tests for PolKitSession
- add unit tests for PolKitCaller
- add unit tests for PolKitPolicyDefault
- add unit tests for PolKitPolicyFileEntry
- implement our own hash table with 100% test coverage
- export memory mangement and hash table functions
- implement polkit_hash_foreach
- improve coverage of PolKitPolicyFileEntry by switching to PolKitHashTable
- add unit tests for PolKitPolicyFile and add some features to PolKitHash
- fix some unaligned access bugs
- increase test coverage for PolKitPolicyFile
- also dist test .policy files
- hook up expat to use our memory handling API
- add doubly-linked lists
- reimplement string hashing and comparison
- move all library source to a src/ directory
- fix build with all library soruce in src/
- add some gtk-doc to private bits to get doc coverage to 100%
- add test case for PolKitError to get to 100%
- use unique action names
- add unit tests of PolKitPolicyCache
- forgot to add src/Makefile.am
- add unit tests for PolKitAuthorizationConstraint
- add unit tests for PolKitAuthorization
- split utility bits into a private statically linked library
- also include libkit in top-level coverage report
- add strsplit function
- use kit_strsplit in polkit-sysdeps
- add (empty, for now) tests for remaining files
- add spawn function to libkit
- actually include the files with the spawn functions
- don't overflow when splitting a string
- remove glib dependency from libpolkit.so
- tweak how we do coverage reporting
- also check for file descriptor leaks
- fix build for dummy backend
- add unit test framework to the rest of the library sources
- build system fixes and refuse to install if built with --enable-tests
- create /var/lib/misc on 'make install'
- fix parallel build
- fix a grave bug where the wrong authorizations were returned
- add API for overriding defaults and make polkit-action(1) use this API.
- restrict new API to the default backend only
- add support for vendor, vendor_url and icon_name tags in .policy files
- provide convenience functions for auth checking and port helpers to use them
- require org.fd.pk.revoke to revoke auths for self if granted by someone else
- export the policydir in the .pc file
- add support for negative authorizations
- provide a way to force a reload of all caches etc.
- make PolKitAuthorization a bit more future proof by adding get_type()
- define abstract Authentication Agent interface and make polkit-auth(1) use it
- remove Since gtk-doc tags from the internal libkit library
- fix 'make check-coverage'
- make dummy backend work
- add support for percent encoding/decoding and colon separated kv-lists
- set errno to ENOMEM when forcibly failing an allocation
- rework the .auths file format to use key/value pairs and make it future-proof
- also encode \n\r\t characters
- update TODO
- avoid adding newline at the end of generated entry
- write newline since kit_string_entry_create doesn't do that any more
- add test harness for polkit-utils
- fix a bug where the childs environment wasn't inherited
- build with -rdynamic for maint mode and use this to print a stack trace
- add (partial) test cases for polkit-authorization-db.c
- relicense everything to the MIT/X11 license
- avoid logging to syslog even for invalid files
- only fail the Nth alloc, not all allocs greater than N
- add test-friendly abstractions for getpwnam and getpwuid
- fix unit tests for polkit-authorization-db.c
- add .gitignore files to get test tree structure in the repo
- update .gitignore files
- add some more test env variables so we can bypass ConsoleKit in the tests
- fix OOM handling in p-a-db.c and only invalidate the cache when necessary
- add some more test cases for p-a-db.c
- add a new KitString class
- implement kit_hash_foreach_remove()
- remove glib dep from libpolkit-dbus
- fix a bug where KitList elements were not properly freed
- downgrade to session scope when granting authorizations for blank passwords
- don't require .policy files for auth lookups
- refactor constraints API so there is one entry per constraint in the auth file
- fix dummy backend so it builds
- update TODO
- update TODO to mention Piter PUNK's patch
- update completion + man page since polkit-auth(1) takes >1 --constraint args
- update NEWS file
-
-==========
-PolicyKit 0.6 "There is no stopping in a red zone"
-==========
-
-Released on October 11th 2007.
-
-This is the fourth release of PolicyKit. There are no major changes
-since 0.5 expect a) better handling of unknown XML tags in the config
-and policy files (we simply ignore unknown sub-trees) to make it
-easier to add features in the future; b) native support for more
-distributions; and c) the addition of a <allow_any> tag to the .policy
-files.
-
-Changes from PolicyKit 0.5 "Urban Living"
-
-David Zeuthen (6):
- post-release version bump
- add specifics for the Pardus distro
- add TODO item detailing how to handle upgrades
- implement <allow_any> to specify default answer for any user
- don't fail on unknown XML tags, just skip them
- make polkit-list-actions print information about <allow_any>
-
-Doug Goldstein (3):
- gentoo OS type support
- install hook for setuid/setgid
- use chgrp instead of chown with group only
-
-
-==========
-PolicyKit 0.5 "Urban Living"
-==========
-
-Released on August 31st 2007.
-
-This is the third release of PolicyKit. Since 0.4 both source- and
-file-format level incomptible changes have been introduced. Accordingly,
-the library so-names have been bumped to reflect this. Porting effort
-should be minimal though; see the example in PolicyKit-gnome for details.
-
-WARNING WARNING WARNING: do not use this software in a stable
-distribution; there are still security sensitive things that needs to
-be audited.
-
-Changes from PolicyKit 0.4 "Off the Grid"
-
-Danny Kukawka (3):
- added missing files to git repo
- fixed code documentation issues
- fixed compiler warning about uid_t handling
-
-David Zeuthen (37):
- move PAM stack usage to separate helper
- remove the isatty() call so it's easier to audit the helper
- put back isatty() checks when calling user is not uid 0
- use waitpid() to avoid Zombie processes
- provide a high-level interaction diagram of how this works
- post-release version number bump
- use correct type for conversation_done() function
- make the /var/lib/PolicyKit/reload writable for group polkituser
- when granting privileges, touch the /var/lib/PolicyKit/reload file
- export PolKitConfig and provide a <define_admin_auth/> config file directive
- properly support i18n'ed messages from .policy files
- handle the case where we don't load descriptions
- make polkit-grant(1) work with <define_admin_user /> feature
- make libpolkit-grant less noisy
- rip out group concept from .policy files and rename <policy> element to <action>
- minor doc cleanups
- avoid the now defunct group concept in polkit-list-actions
- gracefully handle bad config/policy files, drop polkit-reload-config, syslog
- add support for annotations
- give a little love to polkit-list-actions(1) and polkit-grant(1)
- Merge branch 'master' of ssh://david@git.freedesktop.org/git/PolicyKit
- delay loading the configuration until it's needed
- convert manual page sources to Docbook, add polkit-config-file-validate tool
- clean up our documentation
- revert "fixed code documentation issues"
- fix up manual pages for some trivial errors
- update inline API docs
- some more doc fixes
- make config file override grant database
- forgot to add doc/version.xml.in
- also add another missing file
- also forgot to add polkit-docs.xml
- minor doc changes
- add an example of how define_admin_auth is used
- make polkit-grant-helper-pam out of reach for normal users
- fix 'make distcheck' by avoiding with man pages on distcheck
- bump so name
- update NEWS file
-
-Richard Hughes (1):
- work when SELinux is disabled
-
-
-==========
-PolicyKit 0.4 "Off the Grid"
-==========
-
-Released on July 25th 2007.
-
-This is the second release of PolicyKit.
-
-WARNING WARNING WARNING: do not use this software in a stable
-distribution; there are still security sensitive things that needs to
-be audited.
-
-Changes from PolicyKit 0.3 "No Man's Land"
-
-David Zeuthen (18):
- post-release version bump
- remove the notion of modules
- replace configuration reload mechanism
- get proper pid and SELinux context
- add support for an /etc/PolicyKit/PolicyKit.conf config file
- document the /etc/PolicyKit/PolicyKit.conf file with a manual page
- update TODO
- switch from VIA_ROOT to VIA_ADMIN
- remove RESULT_NOT_AUTHORIZED_TO_KNOW and s/RESULT_UNKNOWN_ACTION/RESULT_UNKNOWN/
- fix up some of the docs
- change default username
- fix typo
- require that policy files also provide a <message> element
- fix docs
- fix up proper naming of some methods on the PolKitPolicyFileEntry class
- for PolKitContext, mention that a mechanism need to provide .policy files
- update NEWS
- actually reload config and policy files when they change
-
-Requirements for PolicyKit 0.4 ""
-
- - dbus >= 0.90
- - glib >= 2.6.0
- - ConsoleKit >= 0.2.1
- - expat >= 1.95.8
- - libselinux >= 1.30 (optional)
-
-==========
-PolicyKit 0.3 "No Man's Land"
-==========
-
-Released on June 20th 2007.
-
-This is the first release of PolicyKit.
-
-WARNING WARNING WARNING: do not use this software in a stable
-distribution; there are still security sensitive things that needs to
-be audited.
-
-Requirements for PolicyKit 0.3 "No Man's Land"
-
- - dbus >= 0.90
- - glib >= 2.6.0
- - ConsoleKit >= 0.2.1
- - expat >= 1.95.8
-
diff --git a/README b/README
deleted file mode 100644
index 307df96..0000000
--- a/README
+++ /dev/null
@@ -1,92 +0,0 @@
-
-PolicyKit is an authorization framework. It is typically used by
-privileged user space daemons to control access.
-
-See also the file HACKING for notes of interest to developers working
-on PolicyKit.
-
-See http://www.freedesktop.org/wiki/Software/PolicyKit for lots of
-documentation, mailing lists, etc.
-
--------------------------------------------------------
-Rationale for permissions/modes for the default backend
--------------------------------------------------------
-
-0770 root:polkituser /var/run/polkit-1
-0770 root:polkituser /var/lib/polkit-1
-
-We store authorizations for each user here. Since we don't want users
-to know what authorizations other users has, no one can read these
-files. However, when checking authorizations we need to be able to
-read from here; we use this helper
-
-2755 root:polkituser /usr/libexec/polkit-read-auth-helper-1
-
-which can read from here since it's setgid 'polkituser'. This helper
-will refuse to return authorizations for other users than the calling
-user except if the calling user is authorized for org.fd.pk.read.
-
-We also want to be able to grant authorizations through authentication.
-That happens with this helper
-
-2755 root:polkituser /usr/libexec/polkit-grant-helper-1
-
-This program is setgid 'polkituser' so it can write files in
-/var/{run,lib}/polkit-1. Note that these files are created with mode
-464.
-
-To do the actual authentication check when granting authorizations
-through authentication, polkit-grant-helper-1 uses another helper
-
-4754 root:polkituser /usr/libexec/polkit-grant-helper-pam-1
-
-This one is setuid root because checking authentications might need
-require that (you may be checking the root password). The reason
-polkit-grant-helper-pam is is owned by group 'polkituser' is to ensure
-that random users can't execute it; only setgid 'polkituser' programs
-can do this. Which polkit-grant-helper is.
-
-On to
-
-2755 root:polkituser /libexec/polkit-revoke-helper-1
-
-This one is used to revoke authorizations. It will only allow uid 0 and
-users with the org.fd.pk.revoke authorization to do so. It needs to be
-setgid polkituser to be able to modify authorization files
-in /var/{run,lib}/polkit-1.
-
-2755 root:polkituser /usr/libexec/polkit-explicit-grant-helper-1
-
-Same story as for polkit-revoke-helper only this grants authorizations.
-Only allowed for uid 0 and users with the org.fd.pk.grant authorization.
-
-On to
-
-0755 polkituser:root /var/lib/polkit-public-1
-
-This is where we store modifications to the defaults. Anyone should be
-able to read these files. They are created with mode 644. These files
-are written / modified by this helper
-
-4755 polkituser:root /usr/libexec/polkit-set-default-helper-1
-
-which is setuid polkituser to be able to write/modify files.
-
-On to
-
-4755 root:root /usr/libexec/polkit-resolve-exe-helper-1
-
-This is used to find the executable name for a process. On Linux this is
-the /proc/<pid>/exe symlink and you can only do this for processes you
-own. This helper finds the executable name for processes not owned by
-you but only if you have the org.fd.pk.read authorization. This is
-important to let e.g. user 'haldaemon' check authorizations for a user
-requesting service.
-
-0664 polkituser:polkituser /var/lib/misc/polkit-1.reload
-
-This file is used by libpolkit to detect when something has changed
-(authorizations granted/revoked, defaults changed etc.). It is
-writable by both user 'polkituser' and group 'polkituser' because we
-have helpers running with both euid 'polkituser' and egid 'polkituser'
-that wants to trigger a reload.
diff --git a/acinclude.m4 b/acinclude.m4
deleted file mode 100644
index 18fa66a..0000000
--- a/acinclude.m4
+++ /dev/null
@@ -1,51 +0,0 @@
-dnl GTK_DOC_CHECK borrowed from cairo, thanks!
-
-dnl Usage:
-dnl GTK_DOC_CHECK([minimum-gtk-doc-version])
-AC_DEFUN([GTK_DOC_CHECK],
-[
- AC_BEFORE([AC_PROG_LIBTOOL],[$0])dnl setup libtool first
- AC_BEFORE([AM_PROG_LIBTOOL],[$0])dnl setup libtool first
- dnl for overriding the documentation installation directory
- AC_ARG_WITH(html-dir,
- AC_HELP_STRING([--with-html-dir=PATH], [path to installed docs]),,
- [with_html_dir='${datadir}/gtk-doc/html'])
- HTML_DIR="$with_html_dir"
- AC_SUBST(HTML_DIR)
-
- dnl enable/disable documentation building
- AC_ARG_ENABLE(gtk-doc,
- AC_HELP_STRING([--enable-gtk-doc],
- [use gtk-doc to build documentation [default=yes]]),,
- enable_gtk_doc=yes)
-
- have_gtk_doc=no
- if test x$enable_gtk_doc = xyes; then
- if test -z "$PKG_CONFIG"; then
- AC_PATH_PROG(PKG_CONFIG, pkg-config, no)
- fi
- if test "$PKG_CONFIG" != "no" && $PKG_CONFIG --exists gtk-doc; then
- have_gtk_doc=yes
- fi
-
- dnl do we want to do a version check?
-ifelse([$1],[],,
- [gtk_doc_min_version=$1
- if test "$have_gtk_doc" = yes; then
- AC_MSG_CHECKING([gtk-doc version >= $gtk_doc_min_version])
- if $PKG_CONFIG --atleast-version $gtk_doc_min_version gtk-doc; then
- AC_MSG_RESULT(yes)
- else
- AC_MSG_RESULT(no)
- have_gtk_doc=no
- fi
- fi
-])
- if test "$have_gtk_doc" != yes; then
- enable_gtk_doc=no
- fi
- fi
-
- AM_CONDITIONAL(ENABLE_GTK_DOC, test x$enable_gtk_doc = xyes)
- AM_CONDITIONAL(GTK_DOC_USE_LIBTOOL, test -n "$LIBTOOL")
-])
diff --git a/autogen.sh b/autogen.sh
deleted file mode 100755
index 05b1526..0000000
--- a/autogen.sh
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/bin/sh
-# Run this to generate all the initial makefiles, etc.
-
-srcdir=`dirname $0`
-test -z "$srcdir" && srcdir=.
-
-DIE=0
-
-(test -f $srcdir/configure.in) || {
- echo -n "**Error**: Directory $srcdir does not look like the"
- echo " top-level package directory"
- exit 1
-}
-
-(autoconf --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have autoconf installed."
- echo "Download the appropriate package for your distribution,"
- echo "or get the source tarball at ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
-}
-
-(grep "^AM_PROG_LIBTOOL" $srcdir/configure.in >/dev/null) && {
- (libtool --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have libtool installed."
- echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
- }
-}
-
-(automake --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have automake installed."
- echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
- NO_AUTOMAKE=yes
-}
-
-
-# if no automake, don't bother testing for aclocal
-test -n "$NO_AUTOMAKE" || (aclocal --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: Missing aclocal. The version of automake"
- echo "installed doesn't appear recent enough."
- echo "You can get automake from ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
-}
-
-if test "$DIE" -eq 1; then
- exit 1
-fi
-
-if test -z "$*"; then
- echo "**Warning**: I am going to run configure with no arguments."
- echo "If you wish to pass any to it, please specify them on the"
- echo $0 " command line."
- echo
-fi
-
-case $CC in
-xlc )
- am_opt=--include-deps;;
-esac
-
- aclocalinclude="$ACLOCAL_FLAGS"
-
- if grep "^AM_PROG_LIBTOOL" configure.in >/dev/null; then
- if test -z "$NO_LIBTOOLIZE" ; then
- echo "Running libtoolize..."
- libtoolize --force --copy
- fi
- fi
- echo "Running aclocal $aclocalinclude ..."
- aclocal $aclocalinclude
- if grep "^AM_CONFIG_HEADER" configure.in >/dev/null; then
- echo "Running autoheader..."
- autoheader
- fi
- echo "Running automake --gnu -Wno-portability $am_opt ..."
- automake --add-missing --gnu -Wno-portability $am_opt
- echo "Running autoconf ..."
- autoconf
-
-intltoolize --copy --force --automake || exit 1
-
-conf_flags="--enable-maintainer-mode --enable-gtk-doc"
-
-if test x$NOCONFIGURE = x; then
- echo "Running $srcdir/configure $conf_flags $@ ..."
- $srcdir/configure $conf_flags "$@" \
- && echo "Now type make to compile." || exit 1
-else
- echo "Skipping configure process."
-fi
diff --git a/configure.in b/configure.in
deleted file mode 100644
index 50b3ae0..0000000
--- a/configure.in
+++ /dev/null
@@ -1,677 +0,0 @@
-dnl Process this file with autoconf to produce a configure script.
-
-AC_PREREQ(2.59c)
-AC_INIT(PolicyKit, 0.90, http://lists.freedesktop.org/mailman/listinfo/polkit-devel)
-AM_INIT_AUTOMAKE(PolicyKit, 0.90)
-AM_CONFIG_HEADER(config.h)
-AM_MAINTAINER_MODE
-
-# libtool versioning - this applies to all libraries in this package
-#
-# See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details
-#
-LT_CURRENT=1
-LT_REVISION=0
-LT_AGE=0
-AC_SUBST(LT_CURRENT)
-AC_SUBST(LT_REVISION)
-AC_SUBST(LT_AGE)
-
-AC_ISC_POSIX
-AC_PROG_CC
-AM_PROG_CC_STDC
-AC_HEADER_STDC
-AM_PROG_LIBTOOL
-AC_PROG_MAKE_SET
-AC_PROG_LN_S
-AC_SYS_LARGEFILE
-AM_PROG_CC_C_O
-
-# Taken from dbus
-AC_ARG_ENABLE(ansi, [ --enable-ansi enable -ansi -pedantic gcc flags],enable_ansi=$enableval,enable_ansi=no)
-AC_ARG_ENABLE(verbose-mode, [ --enable-verbose-mode support verbose debug mode],enable_verbose_mode=$enableval,enable_verbose_mode=$USE_MAINTAINER_MODE)
-AC_ARG_ENABLE(tests, AS_HELP_STRING([--enable-tests],[enable unit test code]),enable_tests=$enableval,enable_tests=$USE_MAINTAINER_MODE)
-AC_ARG_ENABLE(gcov, AS_HELP_STRING([--enable-gcov],[compile with coverage profiling instrumentation (gcc only)]),enable_gcov=$enableval,enable_gcov=no)
-AC_ARG_ENABLE(man-pages, [ --enable-man-pages build manual pages],enable_man_pages=$enableval,enable_man_pages=yes)
-
-AM_CONDITIONAL(KIT_BUILD_TESTS, test x$enable_tests = xyes)
-AM_CONDITIONAL(POLKIT_BUILD_TESTS, test x$enable_tests = xyes)
-if test x$enable_tests = xyes; then
- AC_DEFINE(KIT_BUILD_TESTS,1,[Build test code])
- AC_DEFINE(POLKIT_BUILD_TESTS,1,[Build test code])
-fi
-
-if test x$enable_gcov = xyes; then
- if test x$enable_tests = xno; then
- AC_ERROR([It only makes sense to use gcov if tests are enabled.])
- fi
- ## so that config.h changes when you toggle gcov support
- AC_DEFINE_UNQUOTED(KIT_GCOV_ENABLED, 1, [Defined if gcov is enabled to force a rebuild due to config.h changing])
- AC_DEFINE_UNQUOTED(POLKIT_GCOV_ENABLED, 1, [Defined if gcov is enabled to force a rebuild due to config.h changing])
-fi
-AM_CONDITIONAL(KIT_GCOV_ENABLED, test x$enable_gcov = xyes)
-AM_CONDITIONAL(POLKIT_GCOV_ENABLED, test x$enable_gcov = xyes)
-
-if test "${enable_verbose_mode}" != no; then
- # To get -rdynamic you pass -export-dynamic to libtool.
- AC_DEFINE(BUILT_R_DYNAMIC,1,[whether -export-dynamic was passed to libtool])
- R_DYNAMIC_LDFLAG=-export-dynamic
-else
- R_DYNAMIC_LDFLAG=
-fi
-AC_SUBST(R_DYNAMIC_LDFLAG)
-
-if test "${enable_man_page}" != no; then
-dnl
-dnl Check for xsltproc
-dnl
-AC_PATH_PROG([XSLTPROC], [xsltproc])
- if test -z "$XSLTPROC"; then
- enable_man_pages=no
- fi
-fi
-AM_CONDITIONAL(MAN_PAGES_ENABLED, test x$enable_man_pages = xyes)
-
-
-GTK_DOC_CHECK([1.3])
-
-#### gcc warning flags
-
-if test "x$GCC" = "xyes"; then
- changequote(,)dnl
- case " $CFLAGS " in
- *[\ \ ]-Wall[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wall" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wchar-subscripts[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wchar-subscripts" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wmissing-declarations[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wmissing-declarations" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wnested-externs[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wnested-externs" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wpointer-arith[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wpointer-arith" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wcast-align[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wcast-align" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wsign-compare[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wsign-compare" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wformat[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wformat" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-Wformat-security[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -Wformat-security" ;;
- esac
-
- if test "x$enable_ansi" = "xyes"; then
- case " $CFLAGS " in
- *[\ \ ]-ansi[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -ansi" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-D_POSIX_C_SOURCE*) ;;
- *) CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=199309L" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-D_BSD_SOURCE[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -D_BSD_SOURCE" ;;
- esac
-
- case " $CFLAGS " in
- *[\ \ ]-pedantic[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -pedantic" ;;
- esac
- fi
- if test x$enable_gcov = xyes; then
- case " $CFLAGS " in
- *[\ \ ]-fprofile-arcs[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -fprofile-arcs" ;;
- esac
- case " $CFLAGS " in
- *[\ \ ]-ftest-coverage[\ \ ]*) ;;
- *) CFLAGS="$CFLAGS -ftest-coverage" ;;
- esac
-
- ## remove optimization
- CFLAGS=`echo "$CFLAGS" | sed -e 's/-O[0-9]*//g'`
- fi
- changequote([,])dnl
-else
- if test x$enable_gcov = xyes; then
- AC_MSG_ERROR([--enable-gcov can only be used with gcc])
- fi
-fi
-
-AM_CONDITIONAL(GCOV, test x$enable_gcov = xyes)
-
-PKG_CHECK_MODULES(GLIB, [glib-2.0 >= 2.6.0])
-AC_SUBST(GLIB_CFLAGS)
-AC_SUBST(GLIB_LIBS)
-
-PKG_CHECK_MODULES(DBUS, [dbus-1 >= 1.0])
-AC_SUBST(DBUS_CFLAGS)
-AC_SUBST(DBUS_LIBS)
-
-PKG_CHECK_MODULES(DBUS_GLIB, [dbus-glib-1 >= 0.73])
-AC_SUBST(DBUS_GLIB_CFLAGS)
-AC_SUBST(DBUS_GLIB_LIBS)
-
-AC_CHECK_FUNCS(getgrouplist readdir64 getline strndup clearenv)
-
-EXPAT_LIB=""
-AC_ARG_WITH(expat, [ --with-expat=<dir> Use expat from here],
- [
- expat=$withval
- CPPFLAGS="$CPPFLAGS -I$withval/include"
- LDFLAGS="$LDFLAGS -L$withval/lib"
- ]
- )
-AC_CHECK_HEADERS(expat.h, [AC_DEFINE(HAVE_EXPAT_H)],
- [AC_MSG_ERROR([Can't find expat.h. Please install expat.])])
-AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"],
- [AC_MSG_ERROR([Can't find expat library. Please install expat.])])
-AC_SUBST(EXPAT_LIBS)
-
-if test "x$GCC" = "xyes"; then
- LDFLAGS="-Wl,--as-needed $LDFLAGS"
-fi
-
-dnl ---------------------------------------------------------------------------
-dnl - User and group
-dnl ---------------------------------------------------------------------------
-
-AC_ARG_WITH(polkit_user,[ --with-polkit-user=<user> user for PolicyKit])
-if test -z "$with_polkit_user" ; then
- POLKIT_USER=polkituser
-else
- POLKIT_USER=$with_polkit_user
-fi
-AC_SUBST(POLKIT_USER)
-AC_DEFINE_UNQUOTED(POLKIT_USER, "$POLKIT_USER", [User for PolicyKit])
-
-AC_ARG_WITH(polkit_group,[ --with-polkit-group=<grp> group for PolicyKit])
-if test -z "$with_polkit_group" ; then
- POLKIT_GROUP=polkituser
-else
- POLKIT_GROUP=$with_polkit_group
-fi
-AC_SUBST(POLKIT_GROUP)
-AC_DEFINE_UNQUOTED(POLKIT_GROUP,"$POLKIT_GROUP", [Group for PolicyKit])
-
-dnl ---------------------------------------------------------------------------
-dnl - SELinux
-dnl ---------------------------------------------------------------------------
-
-AC_ARG_ENABLE(selinux, AS_HELP_STRING([--enable-selinux],[build with SELinux support]),enable_selinux=$enableval,enable_selinux=auto)
-
-# SELinux detection
-if test x$enable_selinux = xno ; then
- have_selinux=no;
-else
- # See if we have SELinux library
- AC_CHECK_LIB(selinux, is_selinux_enabled,
- have_selinux=yes, have_selinux=no)
-
- if test x$enable_selinux = xauto ; then
- if test x$have_selinux = xno ; then
- AC_MSG_WARN([SELinux library not found])
- fi
- else
- if test x$have_selinux = xno ; then
- AC_MSG_ERROR([SElinux explicitly required, and SELinux library not found])
- fi
- fi
-fi
-
-AM_CONDITIONAL(HAVE_SELINUX, test x$have_selinux = xyes)
-
-if test x$have_selinux = xyes ; then
- # the selinux code creates threads
- # which requires libpthread even on linux
- AC_CHECK_FUNC(pthread_create,,[AC_CHECK_LIB(pthread,pthread_create,
- [SELINUX_THREAD_LIBS="-lpthread"])])
-
- SELINUX_LIBS="-lselinux $SELINUX_THREAD_LIBS"
- AC_DEFINE(HAVE_SELINUX,1,[SELinux support])
-else
- SELINUX_LIBS=
-fi
-AC_SUBST(SELINUX_LIBS)
-
-dnl ---------------------------------------------------------------------------
-dnl - Select what authorization database to use
-dnl ---------------------------------------------------------------------------
-
-AC_ARG_WITH([authdb],
- AS_HELP_STRING([--with-authdb=<name>],
- [Authorization database (default/dummy)]))
-if ! test -z "$with_authdb" ; then
- POLKIT_AUTHDB=$with_authdb
-else
- POLKIT_AUTHDB=default
-fi
-
-AC_SUBST(POLKIT_AUTHDB)
-AC_DEFINE_UNQUOTED(POLKIT_AUTHDB,"$POLKIT_AUTHDB", [Authorization Database to use])
-
-case $POLKIT_AUTHDB in
- dummy)
- AC_DEFINE(POLKIT_AUTHDB_DUMMY, 1, [If using the dummy authorization database])
- ;;
-
- default)
- AC_DEFINE(POLKIT_AUTHDB_DEFAULT, 1, [If using the default authorization database])
- ;;
-
- *)
- AC_MSG_ERROR([Unknown Authorization Database: $POLKIT_AUTHDB])
- ;;
-esac
-
-AM_CONDITIONAL(POLKIT_AUTHDB_DUMMY, [test x$POLKIT_AUTHDB = xdummy], [Using dummy authdb])
-AM_CONDITIONAL(POLKIT_AUTHDB_DEFAULT, [test x$POLKIT_AUTHDB = xdefault], [Using default authdb])
-
-dnl ---------------------------------------------------------------------------
-dnl - Select which authentication framework to use
-dnl ---------------------------------------------------------------------------
-
-AC_ARG_WITH([authfw],
- AS_HELP_STRING([--with-authfw=<name>],
- [Authentication framework (none/pam/shadow)]))
-if ! test -z "$with_authfw" ; then
- if test x$with_authdb = xdummy ; then
- if ! test x$with_authfw = xnone ; then
- AC_MSG_ERROR([Only 'none' is a valid authentication framework for the dummy authorization database])
- fi
- else
- if test x$with_authfw = xnone ; then
- AC_MSG_ERROR(['none' is only a valid authentication framework for the dummy authorization database])
- fi
- fi
- POLKIT_AUTHFW=$with_authfw
-else
- if test x$with_authdb = xdummy ; then
- POLKIT_AUTHFW=none
- else
- POLKIT_AUTHFW=pam
- fi
-fi
-
-AC_SUBST(POLKIT_AUTHFW)
-AC_DEFINE_UNQUOTED(POLKIT_AUTHFW,"$POLKIT_AUTHFW", [Authentication Framework to use])
-
-case $POLKIT_AUTHFW in
- none)
- need_pam=no
- AC_DEFINE(POLKIT_AUTHFW_NONE, 1, [If using no authentication framework])
- ;;
-
- pam)
- need_pam=yes
- AC_DEFINE(POLKIT_AUTHFW_PAM, 1, [If using the PAM authentication framework])
- ;;
-
- shadow)
- need_pam=no
- AUTH_LIBS="${AUTH_LIBS} -lcrypt"
- AC_DEFINE(POLKIT_AUTHFW_SHADOW, 1, [If using the Shadow authentication framework])
- ;;
-
- *)
- AC_MSG_ERROR([Unknown Authentication Framework: $POLKIT_AUTHFW])
- ;;
-esac
-
-AM_CONDITIONAL(POLKIT_AUTHFW_NONE, [test x$POLKIT_AUTHFW = xnone], [Using no authfw])
-AM_CONDITIONAL(POLKIT_AUTHFW_PAM, [test x$POLKIT_AUTHFW = xpam], [Using PAM authfw])
-AM_CONDITIONAL(POLKIT_AUTHFW_SHADOW, [test x$POLKIT_AUTHFW = xshadow], [Using Shadow authfw])
-
-
-dnl ---------------------------------------------------------------------------
-dnl - Check for PAM
-dnl ---------------------------------------------------------------------------
-
-withval=""
-AC_ARG_WITH(pam-prefix,
-[ --with-pam-prefix=<prefix> specify where pam files go],[
-if test x$withval != x; then
- AC_MSG_RESULT("PAM files will be installed in prefix ${withval}.")
-fi])
-if test x$withval != x; then
- PAM_PREFIX_UNEXPANDED="$withval"
-else
- PAM_PREFIX_UNEXPANDED="$sysconfdir"
-fi
-PAM_PREFIX=`eval echo $PAM_PREFIX_UNEXPANDED`
-AC_SUBST(PAM_PREFIX)
-
-have_pam=no
-if test "$need_pam" = yes ; then
- AC_CHECK_LIB(pam, pam_start, have_pam=yes)
-fi
-
-if test x$have_pam = xno; then
- if test "$need_pam" = yes ; then
- AC_ERROR([Could not find pam/pam-devel, please install the needed packages.])
- fi
-else
- AUTH_LIBS="${AUTH_LIBS} -lpam"
- AC_DEFINE(HAVE_PAM, 1, [Define if PAM support is included])
-
- # On Linux, sigtimedwait() is in libc; on Solaris, it's in librt.
- have_timedwait=no
- AC_CHECK_LIB(c, sigtimedwait, [have_timedwait=yes])
- if test "$have_timedwait" = no ; then
- AC_CHECK_LIB(rt, sigtimedwait, [AUTH_LIBS="${AUTH_LIBS} -lrt"])
- fi
-
- AC_MSG_CHECKING(how to call pam_strerror)
- AC_CACHE_VAL(ac_cv_pam_strerror_args,
- [AC_TRY_COMPILE([#include <stdio.h>
- #include <stdlib.h>
- #include <security/pam_appl.h>],
- [pam_handle_t *pamh = 0;
- char *s = pam_strerror(pamh, PAM_SUCCESS);],
- [ac_pam_strerror_args=2],
- [AC_TRY_COMPILE([#include <stdio.h>
- #include <stdlib.h>
- #include <security/pam_appl.h>],
- [char *s =
- pam_strerror(PAM_SUCCESS);],
- [ac_pam_strerror_args=1],
- [ac_pam_strerror_args=0])])
- ac_cv_pam_strerror_args=$ac_pam_strerror_args])
- ac_pam_strerror_args=$ac_cv_pam_strerror_args
- if test "$ac_pam_strerror_args" = 1 ; then
- AC_MSG_RESULT(one argument)
- elif test "$ac_pam_strerror_args" = 2 ; then
- AC_DEFINE(PAM_STRERROR_TWO_ARGS, 1, [Define if pam_strerror takes two arguments])
- AC_MSG_RESULT(two arguments)
- else
- AC_MSG_RESULT(unknown)
- fi
-
-fi
-
-AM_CONDITIONAL(HAVE_PAM, test x$have_pam = xyes)
-AC_SUBST(HAVE_PAM)
-AC_SUBST(AUTH_LIBS)
-
-AC_CHECK_HEADER(security/pam_modutil.h, [AC_DEFINE(HAVE_PAM_MODUTIL_H, [], "Have pam_modutil.h")])
-AC_CHECK_HEADER(security/pam_ext.h, [AC_DEFINE(HAVE_PAM_EXT_H, [], "Have pam_ext.h")])
-AC_CHECK_LIB(pam, pam_vsyslog, [AC_DEFINE(HAVE_PAM_VSYSLOG, [], "Have pam_vsyslog")])
-
-AC_ARG_WITH(pam-module-dir, [ --with-pam-module-dir=[dirname] directory to install PAM security module])
-if ! test -z "$with_pam_module_dir"; then
- PAM_MODULE_DIR=$with_pam_module_dir
-else
- PAM_MODULE_DIR="/lib/security"
-fi
-
-AC_SUBST(PAM_MODULE_DIR)
-
-AC_ARG_WITH(os-type, [ --with-os-type=<os> distribution or OS (redhat/suse/gentoo/pardus/solaris)])
-
-#### Check our operating system (distro-tweaks required)
-if test "z$with_os_type" = "z"; then
- AC_CHECK_FILE(/etc/redhat-release,distro_type="redhat")
- AC_CHECK_FILE(/etc/SuSE-release,distro_type="suse")
- AC_CHECK_FILE(/etc/gentoo-release,distro_type="gentoo")
- AC_CHECK_FILE(/etc/pardus-release,distro_type="pardus")
- if test "z$distro_type" = "z"; then
- echo "Linux distribution autodetection failed, specify the distribution to target using --with-os-type="
- else
- operating_system=`echo ${distro_type} | tr '[[:upper:]]' '[[:lower:]]' `
- fi
-fi
-
-#### Sort out OS (distro-tweaks required)
-if test x$with_os_type = x; then
- if test x$operating_system = xredhat ; then
- with_os_type=redhat
- elif test x$operating_system = xsuse ; then
- with_os_type=suse
- elif test x$operating_system = xgentoo ; then
- with_os_type=gentoo
- elif test x$operating_system = xpardus ; then
- with_os_type=pardus
- elif test x$operating_system = xsolaris ; then
- with_os_type=solaris
- else
- with_os_type=unknown
- fi
-fi
-
-# (distro-tweaks required)
-AM_CONDITIONAL(OS_TYPE_UNKNOWN, test x$with_os_type = xunknown, [Running on unknown OS])
-AM_CONDITIONAL(OS_TYPE_RED_HAT, test x$with_os_type = xredhat, [Running on Red Hat OS'es])
-AM_CONDITIONAL(OS_TYPE_SUSE, test x$with_os_type = xsuse, [Running on SUSE OS'es])
-AM_CONDITIONAL(OS_TYPE_GENTOO, test x$with_os_type = xgentoo, [Running on Gentoo OS'es])
-AM_CONDITIONAL(OS_TYPE_PARDUS, test x$with_os_type = xpardus, [Running on Pardus OS'es])
-AM_CONDITIONAL(OS_TYPE_SOLARIS, test x$with_os_type = xsolaris, [Running os Solaris OS'es])
-AM_CONDITIONAL(OS_TYPE_FREEBSD, test x$with_os_type = xfreebsd, [Running on FreeBSD OS'es])
-
-AC_ARG_WITH(pam-include, [ --with-pam-include=<file> pam file to include])
-
-#### Set up pam file to include (distro-tweaks required)
-if ! test -z "$with_pam_include"; then
- PAM_FILE_INCLUDE_AUTH=$with_pam_include
- PAM_FILE_INCLUDE_ACCOUNT=$with_pam_include
- PAM_FILE_INCLUDE_PASSWORD=$with_pam_include
- PAM_FILE_INCLUDE_SESSION=$with_pam_include
-elif test x$with_os_type = xredhat -o x$with_os_type = xgentoo -o x$with_os_type = xpardus ; then
- PAM_FILE_INCLUDE_AUTH=system-auth
- PAM_FILE_INCLUDE_ACCOUNT=system-auth
- PAM_FILE_INCLUDE_PASSWORD=system-auth
- PAM_FILE_INCLUDE_SESSION=system-auth
-elif test x$with_os_type = xsuse -o x$with_os_type = xsolaris ; then
- PAM_FILE_INCLUDE_AUTH=common-auth
- PAM_FILE_INCLUDE_ACCOUNT=common-account
- PAM_FILE_INCLUDE_PASSWORD=common-password
- PAM_FILE_INCLUDE_SESSION=common-session
-elif test x$with_os_type = xfreebsd ; then
- PAM_FILE_INCLUDE_AUTH=system
- PAM_FILE_INCLUDE_ACCOUNT=system
- PAM_FILE_INCLUDE_PASSWORD=system
- PAM_FILE_INCLUDE_SESSION=system
-else
- PAM_FILE_INCLUDE_AUTH=system-auth
- PAM_FILE_INCLUDE_ACCOUNT=system-auth
- PAM_FILE_INCLUDE_PASSWORD=system-auth
- PAM_FILE_INCLUDE_SESSION=system-auth
-fi
-
-AC_SUBST(PAM_FILE_INCLUDE_AUTH)
-AC_SUBST(PAM_FILE_INCLUDE_ACCOUNT)
-AC_SUBST(PAM_FILE_INCLUDE_PASSWORD)
-AC_SUBST(PAM_FILE_INCLUDE_SESSION)
-AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_AUTH, "$PAM_FILE_INCLUDE_AUTH", [pam file auth])
-AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_ACCOUNT, "$PAM_FILE_INCLUDE_ACCOUNT", [pam file account])
-AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_PASSWORD, "$PAM_FILE_INCLUDE_PASSWORD", [pam file password])
-AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_SESSION, "$PAM_FILE_INCLUDE_SESSION", [pam file session])
-
-dnl ---------------------------------------------------------------------------
-dnl - check OS
-dnl ---------------------------------------------------------------------------
-case "$host_os" in
- *linux*)
- ;;
- *solaris*)
- AC_DEFINE([HAVE_SOLARIS], 1, [Is this a Solaris system?])
- ;;
- *freebsd*)
- AC_DEFINE([HAVE_FREEBSD], 1, [Is this a FreeBSD system?])
- ;;
-esac
-
-have_inotify=no
-AC_CHECK_HEADERS([linux/inotify.h], [have_inotify=yes])
-AC_CHECK_HEADERS([sys/inotify.h], [have_inotify=yes])
-
-AM_CONDITIONAL(HAVE_INOTIFY, test "x$have_inotify" = "xyes")
-
-if test "x$have_inotify" = "xyes" ; then
- AC_DEFINE([HAVE_INOTIFY], 1, [Enable Linux inotify() usage])
-fi
-
-have_kqueue=yes
-AC_CHECK_FUNCS([kqueue],,have_kqueue=no)
-
-AM_CONDITIONAL(HAVE_KQUEUE, test "x$have_kqueue" = "xyes")
-
-if test "x$have_kqueue" = "xyes" ; then
- AC_DEFINE([HAVE_KQUEUE], 1, [Enable BSD kqueue() usage])
-fi
-
-# ********************
-# Internationalisation
-# ********************
-
-IT_PROG_INTLTOOL([0.36.0])
-GETTEXT_PACKAGE=PolicyKit
-AC_SUBST([GETTEXT_PACKAGE])
-AM_GLIB_GNU_GETTEXT
-AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE],["$GETTEXT_PACKAGE"],[gettext domain])
-
-
-AC_OUTPUT([
-Makefile
-data/Makefile
-data/polkit-grant-1
-data/polkit-1.pc
-data/polkit-grant-1.pc
-src/Makefile
-src/kit/Makefile
-src/polkit/Makefile
-src/polkit-grant/Makefile
-polkit-backendd/Makefile
-tools/Makefile
-doc/Makefile
-doc/version.xml
-doc/man/Makefile
-policy/Makefile
-po/Makefile.in
-test/Makefile
-])
-
-dnl ==========================================================================
-echo "
- PolicyKit $VERSION
- =================
-
- prefix: ${prefix}
- libdir: ${libdir}
- libexecdir: ${libexecdir}
- bindir: ${bindir}
- sbindir: ${sbindir}
- datadir: ${datadir}
- sysconfdir: ${sysconfdir}
- localstatedir: ${localstatedir}
- docdir: ${docdir}
-
- compiler: ${CC}
- cflags: ${CFLAGS}
- cppflags: ${CPPFLAGS}
- xsltproc: ${XSLTPROC}
-
- user for PolicyKit: ${POLKIT_USER}
- group for PolicyKit: ${POLKIT_GROUP}
-
- authorization database: ${POLKIT_AUTHDB}
- authentication framework: ${POLKIT_AUTHFW}
-
- Distribution/OS: ${with_os_type}
- SELinux support: ${have_selinux}
-
- PAM support: ${have_pam}"
-
-if test "$have_pam" = yes ; then
-echo " PAM file auth: ${PAM_FILE_INCLUDE_AUTH}
- PAM file account: ${PAM_FILE_INCLUDE_ACCOUNT}
- PAM file password: ${PAM_FILE_INCLUDE_PASSWORD}
- PAM file session: ${PAM_FILE_INCLUDE_SESSION}"
-fi
-
-echo "
- Maintainer mode: ${USE_MAINTAINER_MODE}
- Building unit tests: ${enable_tests}
- GCC coverage profiling: ${enable_gcov}
- Building verbose mode: ${enable_verbose_mode}
- Building api docs: ${enable_gtk_doc}
- Building man pages: ${enable_man_pages}
-"
-
-if test x$enable_tests = xyes; then
- echo "NOTE: Building with unit tests increases the size of the installed "
- echo " library and renders it insecure."
- echo
-fi
-
-if test x$enable_gcov = xyes; then
- echo "NOTE: Building with coverage profiling is definitely for developers only."
- echo
-fi
-
-if test "${POLKIT_AUTHDB}" = default ; then
- echo "NOTE: Remember to create user ${POLKIT_USER} and group ${POLKIT_GROUP}"
- echo " before 'make install'"
- echo
- echo "NOTE: The directories ${localstatedir}/run/polkit-1 and ${localstatedir}/lib/polkit-1 will be"
- echo " owned by group ${POLKIT_GROUP} and will be mode 770."
- echo
- echo "NOTE: The directory ${localstatedir}/lib/polkit-public-1 will be"
- echo " owned by user ${POLKIT_USER} and will be mode 755."
- echo
- echo "NOTE: The file ${localstatedir}/lib/misc/polkit-1.reload will be"
- echo " owned by user ${POLKIT_USER} and group ${POLKIT_GROUP} and will be mode 664."
- echo
- echo "NOTE: ${libexecdir}/polkit-set-default-helper-1 will be owned by"
- echo " user ${POLKIT_USER} and installed with mode 4755 (setuid binary)."
- echo
- echo "NOTE: ${libexecdir}/polkit-read-auth-helper-1 will be owned by"
- echo " group ${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
- echo
- echo "NOTE: ${libexecdir}/polkit-revoke-helper-1 will be owned by"
- echo " group '${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
- echo
- echo "NOTE: ${libexecdir}/polkit-grant-helper-1 will be owned by"
- echo " group ${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
- echo
- echo "NOTE: ${libexecdir}/polkit-explicit-grant-helper-1 will be owned by"
- echo " group ${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
- echo
- echo "NOTE: ${libexecdir}/polkit-grant-helper-pam-1 will be owned by group"
- echo " ${POLKIT_GROUP} and installed with mode 4754 (setuid root binary)."
-fi
-
-echo
-echo "NOTE: ${libexecdir}/polkit-resolve-exe-helper-1 will be installed with"
-echo " mode 4755 (setuid root binary)."
-echo
-echo "NOTE: For packaging, remember to retain the modes and ownership."
-echo
-echo "See the README file for the rationale for these modes/permissions."
-echo
diff --git a/data/Makefile.am b/data/Makefile.am
deleted file mode 100644
index 3625609..0000000
--- a/data/Makefile.am
+++ /dev/null
@@ -1,21 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-# See polkit-grant/Makefile.am for discussion
-#
-if POLKIT_AUTHFW_PAM
-pamdir = $(sysconfdir)/pam.d
-pam_DATA = polkit-grant-1
-endif
-
-pkgconfigdir = $(libdir)/pkgconfig
-pkgconfig_DATA = polkit-1.pc polkit-grant-1.pc
-
-dbusifdir = $(datadir)/dbus-1/interfaces
-dbusif_DATA = org.freedesktop.PolicyKit.AuthenticationAgent1.xml
-
-DISTCLEANFILES = polkit-1.pc polkit-grant-1.pc
-
-EXTRA_DIST = polkit-grant-1.in polkit-1.pc.in polkit-grant-1.pc.in org.freedesktop.PolicyKit.AuthenticationAgent1.xml
-
-clean-local :
- rm -f *~
diff --git a/data/org.freedesktop.PolicyKit.AuthenticationAgent1.xml b/data/org.freedesktop.PolicyKit.AuthenticationAgent1.xml
deleted file mode 100644
index bf692aa..0000000
--- a/data/org.freedesktop.PolicyKit.AuthenticationAgent1.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
-
-<!-- This file is provided by the PolicyKit project -->
-
-<node>
- <interface name="org.freedesktop.PolicyKit.AuthenticationAgent1">
-
- <method name="ObtainAuthorization">
- <!-- IN: PolicyKit action identifier; see PolKitAction -->
- <arg name="action_id" direction="in" type="s"/>
-
- <!-- IN: X11 window ID for the top-level X11 window the dialog will be transient for (pass zero if no window) -->
- <arg name="xid" direction="in" type="u"/>
-
- <!-- IN: Process ID to grant authorization to -->
- <arg name="pid" direction="in" type="u"/>
-
- <!-- OUT: whether the user gained the authorization -->
- <arg name="gained_authorization" direction="out" type="b"/>
- </method>
-
- </interface>
-</node>
diff --git a/data/polkit-1.pc.in b/data/polkit-1.pc.in
deleted file mode 100644
index 5bc073c..0000000
--- a/data/polkit-1.pc.in
+++ /dev/null
@@ -1,12 +0,0 @@
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@libdir@
-includedir=@includedir@
-policydir=@datarootdir@/polkit-1/policy/
-actiondir=@datarootdir@/polkit-1/policy/
-
-Name: polkit
-Description: Authorization API
-Version: @VERSION@
-Libs: -L${libdir} -lpolkit-1
-Cflags: -I${includedir}/polkit-1
diff --git a/data/polkit-grant-1.in b/data/polkit-grant-1.in
deleted file mode 100644
index 142dadd..0000000
--- a/data/polkit-grant-1.in
+++ /dev/null
@@ -1,6 +0,0 @@
-#%PAM-1.0
-
-auth include @PAM_FILE_INCLUDE_AUTH@
-account include @PAM_FILE_INCLUDE_ACCOUNT@
-password include @PAM_FILE_INCLUDE_PASSWORD@
-session include @PAM_FILE_INCLUDE_SESSION@
diff --git a/data/polkit-grant-1.pc.in b/data/polkit-grant-1.pc.in
deleted file mode 100644
index 5d75382..0000000
--- a/data/polkit-grant-1.pc.in
+++ /dev/null
@@ -1,11 +0,0 @@
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@libdir@
-includedir=@includedir@
-
-Name: polkit-grant-1
-Description: Library for obtaining authorizations through authentication
-Version: @VERSION@
-Requires: polkit-1
-Libs: -L${libdir} -lpolkit-grant-1
-Cflags: -I${includedir}/polkit-1
diff --git a/doc/.gitignore b/doc/.gitignore
deleted file mode 100644
index 8f1b0d9..0000000
--- a/doc/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-Makefile
-Makefile.in
-*.o
diff --git a/doc/Makefile.am b/doc/Makefile.am
deleted file mode 100644
index 4064815..0000000
--- a/doc/Makefile.am
+++ /dev/null
@@ -1,87 +0,0 @@
-## Process this file with automake to create Makefile.in.
-
-SUBDIRS = man
-
-NULL =
-
-AUTOMAKE_OPTIONS = 1.7
-
-# The name of the module.
-DOC_MODULE=polkit-1
-
-# The top-level SGML file.
-DOC_MAIN_SGML_FILE=polkit-docs.xml
-
-# Extra options to supply to gtkdoc-scan
-SCAN_OPTIONS=--ignore-headers=config.h
-
-# The directory containing the source code. Relative to $(srcdir)
-DOC_SOURCE_DIR=../src
-
-# Used for dependencies
-HFILE_GLOB=$(top_srcdir)/src/*/*.h
-CFILE_GLOB=$(top_srcdir)/src/*/*.c
-
-# Headers to ignore
-IGNORE_HFILES= \
- $(NULL)
-
-# CFLAGS and LDFLAGS for compiling scan program. Only needed
-# if $(DOC_MODULE).types is non-empty.
-INCLUDES = \
- $(DBUS_GLIB_CFLAGS) \
- $(GLIB_CFLAGS) \
- -I$(top_srcdir)/src \
- -I$(top_builddir)/src \
- $(NULL)
-
-GTKDOC_LIBS = \
- $(DBUS_GLIB_LIBS) \
- $(GLIB_LIBS) \
- $(top_builddir)/src/kit/libkit.la \
- $(top_builddir)/src/polkit/libpolkit.la \
- $(top_builddir)/src/polkit-dbus/libpolkit-dbus.la \
- $(top_builddir)/src/polkit-grant/libpolkit-grant.la \
- $(NULL)
-
-# Extra options to supply to gtkdoc-mkdb
-MKDB_OPTIONS=--sgml-mode --output-format=xml
-
-# Extra options to supply to gtkdoc-mktmpl
-MKTMPL_OPTIONS=
-
-# Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
-content_files = \
- version.xml \
- man/PolicyKit.xml \
- man/polkit-auth.xml \
- man/polkit-action.xml \
- man/polkit-policy-file-validate.xml \
- spec/polkit-spec-configuration.xml \
- spec/polkit-spec-introduction.xml \
- spec/polkit-spec-model.xml \
- $(NULL)
-
-# Images to copy into HTML directory
-HTML_IMAGES = \
- diagram-bus-model.png \
- diagram-interaction.png
-
-# Extra options to supply to gtkdoc-fixref
-FIXXREF_OPTIONS=
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in \
- polkit.types \
- polkit-*.txt \
- $(NULL)
-
-if ENABLE_GTK_DOC
-include $(top_srcdir)/gtk-doc.make
-else
-EXTRA_DIST =
-endif
-
-# Version information for marking the documentation
-EXTRA_DIST += version.xml.in
diff --git a/doc/TODO b/doc/TODO
deleted file mode 100644
index fd51180..0000000
--- a/doc/TODO
+++ /dev/null
@@ -1,60 +0,0 @@
-
- - On every polkit_context_is_[caller|session]_authorized we load
- all .policy XML files. This is bad. Dave Jones will kill us.
- We should
-
- 1. Suggest that a single .policy file only contains actions
- with a given name space com.example.MyApp. We do this
- by printing a big fat WARNING in polkit-policy-file-validate(1)
- if it isn't the case.
-
- 2. We make the policy cache smart and look for the right .policy
- file when called from the is_*_authorized path. If it aint there
- or if it doesn't contain the given action we load all the
- .policy XML files.
-
- 3. When we break ABI (for 1.0 or sooner) we turn the WARNING
- from 1. into an ERROR and drop the "Load all XML files"
- from the is_*_authorized path. Of course, other paths
- (iterate over all declared actions; find action by
- annotation) will still need to load the bulk of the files.
- But normally only polkit-auth(1) and polkit-action(1)
- and other management tools will ever do this.
-
- - Increase test suite coverage
-
- - Finish up documentation; in particular how results from
- config files, defaults and authorizations play together
-
- - Potentially drop the glib dependency from polkit-grant
-
- - Kill the config file
-
- - Add support for granting authorizations to a) UNIX Groups; and
- b) SELinux security contexts
-
- - Add API and support in polkit-auth/polkit-action for maintaining
- a list of entities for whom implicit authorizations do not apply.
- (Typical example is that in a desktop OS one wants a UNIX group
- for "Restricted Users". Another example is a guest account.)
-
- - Add API and support in polkit-auth/polkit-action to define what
- administrator auth means.
-
- - Add k/v dictionaries to Actions; e.g. the Mechanism for dial-up
- networking can attach the key/value pair
-
- "phone_number" -> "555-123-4567"
-
- The is a bit like Objects mentioned in the spec (and what we used
- to have as PolKitResource) but a bit more blurry. They need to be
- typed too for presentation in the UI
-
- - Go to 1.0 soon
-
- - Include the patch from Piter PUNK to optionally avoid the PAM
- dependency (manually checks against /etc/shadow instead)
-
- - To avoid work we should maintain a cache in the get_exe_for_pid()
- functions. The key into the cache should be (pid, pid_start_time)
- and the values should be the exe-paths
diff --git a/doc/diagram-bus-model.png b/doc/diagram-bus-model.png
deleted file mode 100644
index bba3014..0000000
Binary files a/doc/diagram-bus-model.png and /dev/null differ
diff --git a/doc/diagram-interaction.png b/doc/diagram-interaction.png
deleted file mode 100644
index 64ede01..0000000
Binary files a/doc/diagram-interaction.png and /dev/null differ
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
deleted file mode 100644
index 76c53f3..0000000
--- a/doc/man/Makefile.am
+++ /dev/null
@@ -1,20 +0,0 @@
-
-if MAN_PAGES_ENABLED
-
-man_MANS = polkit-auth-1.1 \
- polkit-action-1.1 \
- polkit-policy-file-validate-1.1 \
- PolicyKit-1.8
-
-%-1.1 %-1.8 : %.xml
- $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
-
-endif # MAN_PAGES_ENABLED
-
-EXTRA_DIST= PolicyKit.xml \
- polkit-auth.xml \
- polkit-action.xml \
- polkit-policy-file-validate.xml
-
-clean-local:
- rm -f *~ *.1 *.5 *.8
diff --git a/doc/man/PolicyKit.xml b/doc/man/PolicyKit.xml
deleted file mode 100644
index 071f0b3..0000000
--- a/doc/man/PolicyKit.xml
+++ /dev/null
@@ -1,63 +0,0 @@
-<refentry id="PolicyKit-1.8">
- <refentryinfo>
- <title>PolicyKit-1</title>
- <date>August 2007</date>
- <productname>PolicyKit-1</productname>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>PolicyKit-1</refentrytitle>
- <manvolnum>8</manvolnum>
- <refmiscinfo class="version"></refmiscinfo>
- </refmeta>
-
- <refnamediv>
- <refname>PolicyKit-1</refname>
- <refpurpose>Authorization API</refpurpose>
- </refnamediv>
-
- <refsect1><title>DESCRIPTION</title>
- <para>
- For more information about the big picture refer to the
- PolicyKit specification which can be normally be found
- under <filename>/usr/share/doc</filename>.
- </para>
-
- <para>
- <emphasis>TODO:</emphasis> This manual page should contain a
- simple introduction to PolicyKit for a system administrator
- audience. Remains to be written.
- </para>
- </refsect1>
-
-
- <refsect1><title>AUTHOR</title>
- <para>
- Written by David Zeuthen <email>david at fubar.dk</email> with
- a lot of help from many others.
- </para>
- </refsect1>
-
- <refsect1>
- <title>BUGS</title>
- <para>
- Please send bug reports to either the distribution or the
- polkit-devel mailing list,
- see <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>.
- to subscribe.
- </para>
- </refsect1>
-
- <refsect1>
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>polkit-action-1</refentrytitle><manvolnum>1</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>polkit-auth-1</refentrytitle><manvolnum>1</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
-</refentry>
-
diff --git a/doc/man/polkit-action.xml b/doc/man/polkit-action.xml
deleted file mode 100644
index 629d7ea..0000000
--- a/doc/man/polkit-action.xml
+++ /dev/null
@@ -1,194 +0,0 @@
-<refentry id="polkit-action-1.1">
- <refentryinfo>
- <title>polkit-action-1</title>
- <date>August 2007</date>
- <productname>PolicyKit-1</productname>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>polkit-action-1</refentrytitle>
- <manvolnum>1</manvolnum>
- <refmiscinfo class="version"></refmiscinfo>
- </refmeta>
-
- <refnamediv>
- <refname>polkit-action-1</refname>
- <refpurpose>List and modify registered PolicyKit actions</refpurpose>
- </refnamediv>
-
- <refsynopsisdiv>
- <cmdsynopsis>
- <command>polkit-action-1</command>
- <arg><option>--action <replaceable>action</replaceable></option></arg>
- <arg><option>--reset-defaults <replaceable>action</replaceable></option></arg>
- <arg><option>--show-overrides</option></arg>
- <arg><option>--set-defaults-any <replaceable>action</replaceable> <replaceable>value</replaceable></option></arg>
- <arg><option>--set-defaults-inactive <replaceable>action</replaceable> <replaceable>value</replaceable></option></arg>
- <arg><option>--set-defaults-active <replaceable>action</replaceable> <replaceable>value</replaceable></option></arg>
- <arg><option>--version</option></arg>
- <arg><option>--help</option></arg>
- </cmdsynopsis>
- </refsynopsisdiv>
-
- <refsect1>
- <title>DESCRIPTION</title>
- <para>
- polkit-action-1 is used to list and modify the PolicyKit actions
- that are registered on the system.
- </para>
- </refsect1>
-
- <refsect1>
- <title>OPTIONS</title>
- <variablelist>
- <varlistentry>
- <term><option>--action <replaceable>action</replaceable></option></term>
- <listitem>
- <para>
- Show detailed information about a specific action.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--reset-defaults <replaceable>action</replaceable></option></term>
- <listitem>
- <para>
- Reset the defaults for the specified action to the factory
- defaults. The authorization needed to do this is
- <emphasis>org.freedesktop.policykit.modify-defaults</emphasis>.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--show-overrides</option></term>
- <listitem>
- <para>
- Prints all actions for where the defaults are overridden.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--set-defaults-any <replaceable>action</replaceable> <replaceable>value</replaceable></option></term>
- <listitem>
- <para>
- Override the <emphasis>any</emphasis> stanza for the given
- action with the supplied value. The authorization needed
- to do this is <emphasis>org.freedesktop.policykit.modify-defaults</emphasis>.
- Valid values for <emphasis>value</emphasis> are
- <emphasis>no</emphasis>,
- <emphasis>auth_admin_one_shot</emphasis>,
- <emphasis>auth_admin</emphasis>,
- <emphasis>auth_admin_keep_session</emphasis>,
- <emphasis>auth_admin_keep_always</emphasis>,
- <emphasis>auth_self_one_shot</emphasis>,
- <emphasis>auth_self</emphasis>,
- <emphasis>auth_self_keep_session</emphasis>,
- <emphasis>auth_self_keep_always</emphasis>,
- and <emphasis>yes</emphasis>.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--set-defaults-inactive <replaceable>action</replaceable> <replaceable>value</replaceable></option></term>
- <listitem>
- <para>
- Override the <emphasis>inactive</emphasis> stanza for the given
- action with the supplied value. The authorization needed
- to do this is <emphasis>org.freedesktop.policykit.modify-defaults</emphasis>.
- Valid values for <emphasis>value</emphasis> are
- <emphasis>no</emphasis>,
- <emphasis>auth_admin_one_shot</emphasis>,
- <emphasis>auth_admin</emphasis>,
- <emphasis>auth_admin_keep_session</emphasis>,
- <emphasis>auth_admin_keep_always</emphasis>,
- <emphasis>auth_self_one_shot</emphasis>,
- <emphasis>auth_self</emphasis>,
- <emphasis>auth_self_keep_session</emphasis>,
- <emphasis>auth_self_keep_always</emphasis>,
- and <emphasis>yes</emphasis>.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--set-defaults-active <replaceable>action</replaceable> <replaceable>value</replaceable></option></term>
- <listitem>
- <para>
- Override the <emphasis>active</emphasis> stanza for the given
- action with the supplied value. The authorization needed
- to do this is <emphasis>org.freedesktop.policykit.modify-defaults</emphasis>.
- Valid values for <emphasis>value</emphasis> are
- <emphasis>no</emphasis>,
- <emphasis>auth_admin_one_shot</emphasis>,
- <emphasis>auth_admin</emphasis>,
- <emphasis>auth_admin_keep_session</emphasis>,
- <emphasis>auth_admin_keep_always</emphasis>,
- <emphasis>auth_self_one_shot</emphasis>,
- <emphasis>auth_self</emphasis>,
- <emphasis>auth_self_keep_session</emphasis>,
- <emphasis>auth_self_keep_always</emphasis>,
- and <emphasis>yes</emphasis>.
- </para>
- </listitem>
- </varlistentry>
-
-
- <varlistentry>
- <term><option>--version</option></term>
- <listitem>
- <para>
- Show version and exit.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--help</option></term>
- <listitem>
- <para>
- Show usage information and exit.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
-
- <refsect1>
- <title>COMPLETION</title>
- <para>
- PolicyKit ships with a collection of shell functions such that
- completion on options, <emphasis>action</emphasis>
- and <emphasis>value</emphasis> works when using the
- <citerefentry>
- <refentrytitle>bash</refentrytitle><manvolnum>1</manvolnum>
- </citerefentry>
- shell.
- </para>
- </refsect1>
-
- <refsect1>
- <title>BUGS</title>
- <para>
- Please send bug reports to either the distribution or the
- polkit-devel mailing list,
- see <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>.
- to subscribe.
- </para>
- </refsect1>
-
- <refsect1>
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>PolicyKit</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>polkit-auth-1</refentrytitle><manvolnum>1</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
-</refentry>
diff --git a/doc/man/polkit-auth.xml b/doc/man/polkit-auth.xml
deleted file mode 100644
index bea49f5..0000000
--- a/doc/man/polkit-auth.xml
+++ /dev/null
@@ -1,343 +0,0 @@
-<refentry id="polkit-auth-1.1">
- <refentryinfo>
- <title>polkit-auth-1</title>
- <date>August 2007</date>
- <productname>PolicyKit-1</productname>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>polkit-auth-1</refentrytitle>
- <manvolnum>1</manvolnum>
- <refmiscinfo class="version"></refmiscinfo>
- </refmeta>
-
- <refnamediv>
- <refname>polkit-auth-1</refname>
- <refpurpose>Manage authorizations</refpurpose>
- </refnamediv>
-
- <refsynopsisdiv>
- <cmdsynopsis>
- <command>polkit-auth-1</command>
- <arg><option>--obtain <replaceable>action</replaceable></option></arg>
- <arg><option>--show-obtainable</option></arg>
- <arg><option><arg><option>--user <replaceable>user</replaceable></option></arg> --explicit</option></arg>
- <arg><option><arg><option>--user <replaceable>user</replaceable></option></arg> --explicit-detail</option></arg>
- <arg><option><arg><option>--user <replaceable>user</replaceable></option></arg> --grant <replaceable>action</replaceable></option><arg><option>--constraint <replaceable>constraint</replaceable></option></arg>*</arg>
- <arg><option><arg><option>--user <replaceable>user</replaceable></option></arg> --block <replaceable>action</replaceable></option><arg><option>--constraint <replaceable>constraint</replaceable></option></arg>*</arg>
- <arg><option><arg><option>--user <replaceable>user</replaceable></option></arg> --revoke <replaceable>action</replaceable></option></arg>
- <arg><option>--version</option></arg>
- <arg><option>--help</option></arg>
- </cmdsynopsis>
- </refsynopsisdiv>
-
- <refsect1>
- <title>DESCRIPTION</title>
- <para>
- polkit-auth-1 is used to inspect, obtain, grant and revoke
- PolicyKit authorizations. If invoked without any options, the
- authorizations of the calling process will be printed.
- </para>
- </refsect1>
-
- <refsect1>
- <title>OPTIONS</title>
- <variablelist>
- <varlistentry>
- <term><option>--obtain <replaceable>action</replaceable></option></term>
- <listitem>
- <para>
- Attempt to obtain an authorization through authentication
- for the given action. This is only useful for implicit
- authorizations requiring authentication; e.g. when an
- appropriate stanza in the defaults section of the .policy
- file for the action specifies
- <literal>auth_*</literal>.
- </para>
- <para>
-
- The gained authorization will be constrained as much as
- possible using the constraints specified in
- <xref linkend="polkit-auth-constraints"/>. For example, on
- a system running SELinux, if the caller runs uses this
- tool to obtain an authorization from a shell in a desktop
- in an active session, then constraints
- for <emphasis>local</emphasis>, <emphasis>active</emphasis>, <emphasis>exe</emphasis>
- and <emphasis>selinux_context</emphasis> will all be
- added.
- </para>
- <para>
- If an Authentication Agent (such as the one from
- PolicyKit-gnome) is available in the session, it will used
- for authentication unless the environment variable
- POLKIT_AUTH_FORCE_TEXT is set. If the environment variable
- POLKIT_AUTH_GRANT_TO_PID is set, the authorization will be
- granted to that process id instead of the invoking process
- (e.g. the shell from which polkit-auth-1 is launched).
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--show-obtainable</option></term>
- <listitem>
- <para>
- Prints all actions that can be obtained via
- authentication and for which an authorization does not
- exist.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option><arg><option>--user <replaceable>user</replaceable></option></arg> --explicit</option></term>
- <listitem>
- <para>
- Show explicit authorizations. Duplicates are not
- printed. If used with the <option>--user</option> option,
- the authorization
- <literal>org.freedesktop.policykit.read</literal> is required.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option><arg><option>--user <replaceable>user</replaceable></option></arg> --explicit-detail</option></term>
- <listitem>
- <para>
- Show detailed information about explicit
- authorizations. In contrast to
- the <literal>--explicit</literal>, duplicates are printed
- as several authorizations with different scope and
- constraints may exist.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option><arg><option>--user <replaceable>user</replaceable></option></arg> --grant <replaceable>action</replaceable></option><arg><option>--constraint <replaceable>constraint</replaceable></option></arg>*</term>
- <listitem>
- <para>
- Grant an authorization for an action. This is different
- than <literal>--obtain</literal> insofar that
- the <literal>defaults</literal> stanza of the .policy file
- is not consulted. Optionally, one or more constraints on
- the granted authorization can be specified, see
- <xref linkend="polkit-auth-constraints"/> for details. The
- authorization needed to grant authorizations is
- <literal>org.freedesktop.policykit.grant</literal>.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option><arg><option>--user <replaceable>user</replaceable></option></arg> --block <replaceable>action</replaceable></option><arg><option>--constraint <replaceable>constraint</replaceable></option></arg>*</term>
- <listitem>
- <para>
- Grant an negative authorization for an action. Negative
- authorizations are normally used to block users that would
- normally be authorized due to implicit
- authorizations. Optionally, one or more constraints on the
- granted authorization can be specified, see
- <xref linkend="polkit-auth-constraints"/> for details. The
- authorization needed to grant negative authorizations is
- <literal>org.freedesktop.policykit.grant</literal> if the
- "beneficiary" is another user.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option><arg><option>--user <replaceable>user</replaceable></option></arg> --revoke <replaceable>action</replaceable></option></term>
- <listitem>
- <para>
- Revoke all authorizations for an action. If the user is
- not specified the calling user is used. The
- authorization <literal>org.freedesktop.policykit.revoke</literal>
- is needed to revoke authorizations from other users.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--version</option></term>
- <listitem>
- <para>
- Show version and exit.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--help</option></term>
- <listitem>
- <para>
- Show this information.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
-
- <refsect1 id="polkit-auth-constraints">
- <title>CONSTRAINTS</title>
- <para>
- One can put one or more <emphasis>constraints</emphasis> on an
- authorization. They are used to limit where the authrorization
- applies. Presently the following constraints are supported
-
- <variablelist>
- <varlistentry>
- <term><option>--constraint local</option></term>
- <listitem>
- <para>
- The caller must be in a session on a local console
- attached to the system. For example processes that
- belong to remote XDMCP or ssh connections will fail to
- meet this constraint and as such the authorization with
- such a constraint won't apply.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--constraint active</option></term>
- <listitem>
- <para>
- The caller must be in an active session. This is
- typically used with a <emphasis>local</emphasis>
- constraint to ensure that the caller is only authorized
- if his session is in the foreground. This is typically
- used for fast user switching (multiple sessions on the
- same console) to prevent inactive sessions from doing
- privileged operations like spying (using a webcam or a
- sound card) on the current active session.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--constraint exe:<replaceable>/path/to/program</replaceable></option></term>
- <listitem>
- <para>
- The authorization is constrained to processes for where
- executable path (<literal>/proc/pid/exe</literal> on
- Linux) matches the given path. See
- <xref linkend="polkit-auth-notes"/> for limitations on
- why this may not be secure.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--constraint selinux_context:<replaceable>system_u:object_r:some_context_t</replaceable></option></term>
- <listitem>
- <para>
- The authorization is constrained to processes for where
- their SELinux security context matches the given
- context.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
-
- </para>
- </refsect1>
-
- <refsect1 id="polkit-auth-notes">
- <title>NOTES</title>
- <para>
- Note that the executable path for a process is not necessary
- reliable information and as such shouldn't be relied on 100% to
- make a security decision. In fact, this information is only
- trustworthy in situations where the given binary is securely
- locked down meaning that 1) it can't
- be <literal>ptrace(2)</literal>'d; 2) libc secure mode kicks in
- (e.g <literal>LD_PRELOAD</literal> won't work); 3) there are no
- other attack vectors (e.g. GTK_MODULES, X11, CORBA, D-Bus) to
- patch running code into the process.
- </para>
- <para>
- In other words: the risk of relying on constraining an
- authorization to a path of an executable is high. Suppose that
- the program <literal>/usr/bin/gullible</literal> obtains an
- authorization via authentication for the action
- <literal>org.example.foo</literal>. We add a constraint to say
- that the gained authorization only applies to processes for whom
- <literal>/proc/pid/exe</literal> points to
- <literal>/usr/bin/gullible</literal>.
- </para>
- <para>
- Now enter <literal>/usr/bin/evil</literal>. It knows that the
- program <literal>/usr/bin/gullible</literal> is not "securely
- locked down" (per the definition in the above paragraph). So
- <literal>/usr/bin/evil</literal> simply sets
- <literal>LD_PRELOAD</literal> and execs
- <literal>/usr/bin/gullible</literal> and it can now run code in a
- process where <literal>/proc/pid/exe</literal> points to
- <literal>/usr/bin/gullible</literal>. Thus, the recently gained
- authorization for <literal>org.example.foo</literal> applies. Also,
- <literal>/usr/bin/evil</literal> could use a host of other attack
- vectors to run it's own code under the disguise of pretending to be
- <literal>/usr/bin/gullible</literal>.
- </para>
- <para>
- Specifically for interpreted languages like Python and Mono it
- is the case that <literal>/proc/pid/exe</literal> always points
- to
- <literal>/usr/bin/python</literal>
- resp. <literal>/usr/bin/mono</literal>. Thus, it's not very useful
- to rely on that the result for this function if you want to
- constrain an authorization to
- e.g. <literal>/usr/bin/tomboy</literal> or
- <literal>/usr/bin/banshee</literal>.
- </para>
- <para>
- It is however possible to write programs that are "securely
- locked down" (per the definition in the above paragraph); for
- example all properly written <literal>setuid</literal>
- and <literal>setgid</literal> programs are written in this way.
- </para>
- </refsect1>
-
- <refsect1>
- <title>COMPLETION</title>
- <para>
- PolicyKit ships with a collection of shell functions such that
- completion on users, actions and constraints work when using the
- <citerefentry>
- <refentrytitle>bash</refentrytitle><manvolnum>1</manvolnum>
- </citerefentry>
- shell. For completion to properly work for polkit-auth-1,
- arguments should be entered in the order specified in this
- manual page; for example. <option>--user</option> should be
- specified before <option>--revoke</option> to complete only on
- the authorizations the given user has. Note that if the calling
- user lacks the <literal>org.freedesktop.policykit.read</literal>
- authorization, the completion function will fall back to
- completing on all registered actions.
- </para>
- </refsect1>
-
- <refsect1>
- <title>BUGS</title>
- <para>
- Please send bug reports to either the distribution or the
- polkit-devel mailing list,
- see <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>.
- to subscribe.
- </para>
- </refsect1>
-
- <refsect1>
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>PolicyKit-1</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>polkit-action-1</refentrytitle><manvolnum>1</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
-</refentry>
diff --git a/doc/man/polkit-policy-file-validate.xml b/doc/man/polkit-policy-file-validate.xml
deleted file mode 100644
index 61a17e2..0000000
--- a/doc/man/polkit-policy-file-validate.xml
+++ /dev/null
@@ -1,89 +0,0 @@
-<refentry id="polkit-policy-file-validate-1.1">
- <refentryinfo>
- <title>polkit-policy-file-validate-1</title>
- <date>August 2007</date>
- <productname>PolicyKit-1</productname>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>polkit-policy-file-validate-1</refentrytitle>
- <manvolnum>1</manvolnum>
- <refmiscinfo class="version"></refmiscinfo>
- </refmeta>
-
- <refnamediv>
- <refname>polkit-policy-file-validate-1</refname>
- <refpurpose>Validate a PolicyKit policy file</refpurpose>
- </refnamediv>
-
- <refsynopsisdiv>
- <cmdsynopsis>
- <command>polkit-policy-file-validate-1 <replaceable>policy-files</replaceable></command>
- <arg><option>--version</option></arg>
- <arg><option>--help</option></arg>
- </cmdsynopsis>
- </refsynopsisdiv>
-
- <refsect1>
- <title>DESCRIPTION</title>
- <para>
- polkit-policy-file-validate-1 is used to verify that one or
- more PolicyKit <emphasis>.policy</emphasis> files are valid.
- </para>
-
- <para>
- Normally this tool is used in the software release process
- (typically during <emphasis>"make check"</emphasis>) and
- during software installation (e.g. in
- the <emphasis>%post</emphasis> section of a RPM spec file).
- </para>
-
- <para>
- This program exit with exit code 0 if all the files
- validate. If not, the program exits with a non-zero exit
- code.
- </para>
- </refsect1>
-
- <refsect1>
- <title>OPTIONS</title>
- <variablelist>
- <varlistentry>
- <term><option>--version</option></term>
- <listitem>
- <para>
- Show version and exit.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><option>--help</option></term>
- <listitem>
- <para>
- Show usage information and exit.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
-
- <refsect1>
- <title>BUGS</title>
- <para>
- Please send bug reports to either the distribution or the
- polkit-devel mailing list,
- see <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>.
- to subscribe.
- </para>
- </refsect1>
-
- <refsect1>
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>PolicyKit-1</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>,
- </para>
- </refsect1>
-</refentry>
diff --git a/doc/polkit-diagrams.svg b/doc/polkit-diagrams.svg
deleted file mode 100644
index ffa4c27..0000000
--- a/doc/polkit-diagrams.svg
+++ /dev/null
@@ -1,1923 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-<svg
- xmlns:dc="http://purl.org/dc/elements/1.1/"
- xmlns:cc="http://web.resource.org/cc/"
- xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
- xmlns:svg="http://www.w3.org/2000/svg"
- xmlns="http://www.w3.org/2000/svg"
- xmlns:xlink="http://www.w3.org/1999/xlink"
- xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
- xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
- width="744.09448819"
- height="1052.3622047"
- id="svg2"
- sodipodi:version="0.32"
- inkscape:version="0.45.1"
- sodipodi:docbase="/home/davidz/Hacking/PolicyKit/doc"
- sodipodi:docname="polkit-diagrams.svg"
- inkscape:output_extension="org.inkscape.output.svg.inkscape">
- <defs
- id="defs4">
- <linearGradient
- id="linearGradient30011">
- <stop
- style="stop-color:#ffffff;stop-opacity:1;"
- offset="0"
- id="stop30013" />
- <stop
- style="stop-color:#9d9fff;stop-opacity:0;"
- offset="1"
- id="stop30015" />
- </linearGradient>
- <linearGradient
- id="linearGradient30001">
- <stop
- style="stop-color:#ffffff;stop-opacity:1;"
- offset="0"
- id="stop30003" />
- <stop
- style="stop-color:#ff9d9d;stop-opacity:0;"
- offset="1"
- id="stop30005" />
- </linearGradient>
- <linearGradient
- id="linearGradient28966">
- <stop
- style="stop-color:#ffffff;stop-opacity:1;"
- offset="0"
- id="stop28968" />
- <stop
- style="stop-color:#9dff9d;stop-opacity:0;"
- offset="1"
- id="stop28970" />
- </linearGradient>
- <linearGradient
- inkscape:collect="always"
- id="linearGradient22901">
- <stop
- style="stop-color:#9da7d7;stop-opacity:1;"
- offset="0"
- id="stop22903" />
- <stop
- style="stop-color:#9da7d7;stop-opacity:0;"
- offset="1"
- id="stop22905" />
- </linearGradient>
- <marker
- inkscape:stockid="Arrow1Lend"
- orient="auto"
- refY="0.0"
- refX="0.0"
- id="Arrow1Lend"
- style="overflow:visible;">
- <path
- id="path17830"
- d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
- style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
- transform="scale(0.8) rotate(180) translate(12.5,0)" />
- </marker>
- <marker
- inkscape:stockid="Arrow1Lstart"
- orient="auto"
- refY="0.0"
- refX="0.0"
- id="Arrow1Lstart"
- style="overflow:visible">
- <path
- id="path17827"
- d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
- style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none"
- transform="scale(0.8) translate(12.5,0)" />
- </marker>
- <linearGradient
- id="linearGradient14609">
- <stop
- id="stop14611"
- offset="0"
- style="stop-color:#ffffff;stop-opacity:1;" />
- <stop
- id="stop14613"
- offset="1"
- style="stop-color:#ff9d9d;stop-opacity:0;" />
- </linearGradient>
- <linearGradient
- id="linearGradient14599">
- <stop
- id="stop14601"
- offset="0"
- style="stop-color:#b1c8ff;stop-opacity:1;" />
- <stop
- id="stop14603"
- offset="1"
- style="stop-color:#ffffff;stop-opacity:0;" />
- </linearGradient>
- <linearGradient
- id="linearGradient9630">
- <stop
- style="stop-color:#030000;stop-opacity:1;"
- offset="0"
- id="stop9632" />
- <stop
- style="stop-color:#030000;stop-opacity:0;"
- offset="1"
- id="stop9634" />
- </linearGradient>
- <linearGradient
- id="linearGradient3144">
- <stop
- style="stop-color:#ffffff;stop-opacity:1;"
- offset="0"
- id="stop3146" />
- <stop
- style="stop-color:#898585;stop-opacity:0;"
- offset="1"
- id="stop3148" />
- </linearGradient>
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient7620"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,14.768091,-4.73212)" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient7664"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,135.98639,-4.73213)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient7684"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,260.23514,-4.73212)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient14609"
- id="linearGradient13600"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,73.861991,207.39991)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient14609"
- id="linearGradient13602"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,198.11074,207.39991)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient22901"
- id="radialGradient22907"
- cx="214.15234"
- cy="161.40764"
- fx="214.15234"
- fy="161.40764"
- r="34.795188"
- gradientUnits="userSpaceOnUse" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient23025"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,18.600748,302.65487)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient14609"
- id="linearGradient28994"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,18.600773,481.17778)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient28966"
- id="linearGradient28996"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7361648,0,0,0.2163389,18.431136,546.16953)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient29026"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,407.77533,303.18174)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient14609"
- id="linearGradient29028"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,407.77536,481.70465)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient28966"
- id="linearGradient29030"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7361648,0,0,0.2163389,407.60572,546.6964)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient30011"
- id="linearGradient30009"
- x1="407.16495"
- y1="793.64789"
- x2="513.12079"
- y2="793.64789"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.8453762,0,0,0.6900936,261.57945,20.793414)" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient30045"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,17.702047,632.20205)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient14609"
- id="linearGradient30047"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,17.702072,810.72493)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient28966"
- id="linearGradient30049"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7361648,0,0,0.2163389,17.532435,875.71673)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient30079"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,406.70205,631.77348)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient30099"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,577.84491,631.77865)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient28966"
- id="linearGradient30111"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7361648,0,0,0.2163389,577.38958,697.06866)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient30141"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,13.987768,950.59751)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient30143"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,185.13064,950.60271)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient28966"
- id="linearGradient30145"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7361648,0,0,0.2163389,184.67531,1015.8927)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient30011"
- id="linearGradient30155"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.8453762,0,0,0.6900936,-115.27956,642.95653)"
- x1="407.16495"
- y1="793.64789"
- x2="513.12079"
- y2="793.64789" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient30011"
- id="linearGradient30207"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.8453762,0,0,0.6900936,255.57759,668.81627)"
- x1="407.16495"
- y1="793.64789"
- x2="513.12079"
- y2="793.64789" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient3144"
- id="linearGradient30209"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,401.77347,951.20458)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient14609"
- id="linearGradient30211"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,401.7735,1129.7274)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- <linearGradient
- inkscape:collect="always"
- xlink:href="#linearGradient28966"
- id="linearGradient30213"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7361648,0,0,0.2163389,401.60386,1194.7192)"
- x1="52.07793"
- y1="89.181732"
- x2="196.4196"
- y2="89.181732" />
- </defs>
- <sodipodi:namedview
- id="base"
- pagecolor="#ffffff"
- bordercolor="#666666"
- borderopacity="1.0"
- gridtolerance="10000"
- guidetolerance="10"
- objecttolerance="10"
- inkscape:pageopacity="0.0"
- inkscape:pageshadow="2"
- inkscape:zoom="0.7"
- inkscape:cx="284.9253"
- inkscape:cy="317.35971"
- inkscape:document-units="px"
- inkscape:current-layer="layer1"
- inkscape:window-width="1026"
- inkscape:window-height="1108"
- inkscape:window-x="0"
- inkscape:window-y="0" />
- <metadata
- id="metadata7">
- <rdf:RDF>
- <cc:Work
- rdf:about="">
- <dc:format>image/svg+xml</dc:format>
- <dc:type
- rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
- </cc:Work>
- </rdf:RDF>
- </metadata>
- <g
- inkscape:label="Layer 1"
- inkscape:groupmode="layer"
- id="layer1">
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.47417995;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect31304"
- width="302.2439"
- height="3.4562778"
- x="417.59393"
- y="1105.9136"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="677.01654"
- y="1086.4985"
- id="text31306"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="677.01654"
- y="1086.4985"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31308">User Session</tspan><tspan
- sodipodi:role="line"
- x="677.01654"
- y="1098.9985"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31310">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="675.82733"
- y="1120.5072"
- id="text31312"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="675.82733"
- y="1120.5072"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31314">System Context</tspan><tspan
- sodipodi:role="line"
- x="675.82733"
- y="1133.0072"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31316">(privileged)</tspan></text>
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.47417995;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect31290"
- width="302.2439"
- height="3.4562778"
- x="417.61426"
- y="435.89325"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="677.03687"
- y="416.47827"
- id="text31292"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="677.03687"
- y="416.47827"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31294">User Session</tspan><tspan
- sodipodi:role="line"
- x="677.03687"
- y="428.97827"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31296">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="675.84766"
- y="450.48694"
- id="text31298"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="675.84766"
- y="450.48694"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31300">System Context</tspan><tspan
- sodipodi:role="line"
- x="675.84766"
- y="462.98694"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31302">(privileged)</tspan></text>
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.47417995;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect31262"
- width="302.2439"
- height="3.4562778"
- x="55.903503"
- y="1106.2942"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="101.32614"
- y="1086.8793"
- id="text31264"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="101.32614"
- y="1086.8793"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31266">User Session</tspan><tspan
- sodipodi:role="line"
- x="101.32614"
- y="1099.3793"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31268">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="100.13693"
- y="1120.8879"
- id="text31270"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="100.13693"
- y="1120.8879"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31272">System Context</tspan><tspan
- sodipodi:role="line"
- x="100.13693"
- y="1133.3879"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31274">(privileged)</tspan></text>
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.47417995;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect31248"
- width="302.2439"
- height="3.4562778"
- x="55.903503"
- y="765.45148"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="315.32614"
- y="746.0365"
- id="text31250"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="315.32614"
- y="746.0365"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31252">User Session</tspan><tspan
- sodipodi:role="line"
- x="315.32614"
- y="758.5365"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31254">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="314.13693"
- y="780.04517"
- id="text31256"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="314.13693"
- y="780.04517"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31258">System Context</tspan><tspan
- sodipodi:role="line"
- x="314.13693"
- y="792.54517"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31260">(privileged)</tspan></text>
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.47417995;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect31216"
- width="302.2439"
- height="3.4562778"
- x="56.020889"
- y="434.34576"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="315.44351"
- y="414.93082"
- id="text31218"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="315.44351"
- y="414.93082"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31220">User Session</tspan><tspan
- sodipodi:role="line"
- x="315.44351"
- y="427.43082"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31222">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="314.2543"
- y="448.93945"
- id="text31224"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="314.2543"
- y="448.93945"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31226">System Context</tspan><tspan
- sodipodi:role="line"
- x="314.2543"
- y="461.43945"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31228">(privileged)</tspan></text>
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.63319677;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect15862"
- width="564.94202"
- height="3.297261"
- x="33.201633"
- y="103.93921"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <rect
- style="opacity:1;fill:url(#linearGradient7620);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect2160"
- width="105.40086"
- height="54.89323"
- x="53.365585"
- y="13.976227"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="107.07617"
- y="38.39238"
- id="text7646"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="107.07617"
- y="38.39238"
- id="tspan7650"
- style="text-align:center;text-anchor:middle">Networking</tspan><tspan
- sodipodi:role="line"
- x="107.07617"
- y="53.39238"
- id="tspan7654"
- style="text-align:center;text-anchor:middle">Applet</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient7664);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect7656"
- width="105.40086"
- height="54.89323"
- x="174.58391"
- y="13.976227"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="228.29448"
- y="38.392403"
- id="text7658"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="228.29448"
- y="38.392403"
- id="tspan7662"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="228.29448"
- y="53.392403"
- style="text-align:center;text-anchor:middle"
- id="tspan7668">Manager</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient7684);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect7676"
- width="105.40086"
- height="54.89323"
- x="298.83267"
- y="13.976227"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="352.54324"
- y="38.392403"
- id="text7678"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="352.54324"
- y="38.392403"
- style="text-align:center;text-anchor:middle"
- id="tspan7682">Power</tspan><tspan
- sodipodi:role="line"
- x="352.54324"
- y="53.392403"
- style="text-align:center;text-anchor:middle"
- id="tspan7688">Manager</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient13600);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect13584"
- width="105.40086"
- height="54.89323"
- x="112.4595"
- y="226.10825"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="166.17007"
- y="250.52441"
- id="text13586"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="166.17007"
- y="250.52441"
- style="text-align:center;text-anchor:middle"
- id="tspan13590">org.freedesktop.</tspan><tspan
- sodipodi:role="line"
- x="166.17007"
- y="265.52441"
- style="text-align:center;text-anchor:middle"
- id="tspan13606">Hal</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient13602);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect13592"
- width="105.40086"
- height="54.89323"
- x="236.70827"
- y="226.10828"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="290.41885"
- y="250.52444"
- id="text13594"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="290.41885"
- y="250.52444"
- style="text-align:center;text-anchor:middle"
- id="tspan13598">org.freedesktop.</tspan><tspan
- sodipodi:role="line"
- x="290.41885"
- y="265.52444"
- style="text-align:center;text-anchor:middle"
- id="tspan13610">NetworkManager</tspan></text>
- <path
- sodipodi:type="arc"
- style="opacity:1;fill:url(#radialGradient22907);fill-opacity:1;stroke:#000000;stroke-width:0.89999998;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="path13612"
- sodipodi:cx="214.15234"
- sodipodi:cy="161.40764"
- sodipodi:rx="34.345188"
- sodipodi:ry="34.345188"
- d="M 248.49753 161.40764 A 34.345188 34.345188 0 1 1 179.80716,161.40764 A 34.345188 34.345188 0 1 1 248.49753 161.40764 z"
- transform="translate(13.131983,6.28427)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="227.69116"
- y="158.47198"
- id="text16841"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="227.69116"
- y="158.47198"
- style="text-align:center;text-anchor:middle"
- id="tspan16845">System</tspan><tspan
- sodipodi:role="line"
- x="227.69116"
- y="173.47198"
- style="text-align:center;text-anchor:middle"
- id="tspan16849">Message</tspan><tspan
- sodipodi:role="line"
- x="227.69116"
- y="188.47198"
- style="text-align:center;text-anchor:middle"
- id="tspan16851">Bus</tspan></text>
- <path
- style="fill:none;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 122.22846,79.80864 L 186.87822,141.42794"
- id="path18030"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <path
- style="fill:none;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 224.25387,76.73757 L 225.26402,128.25535"
- id="path18032"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <path
- style="fill:none;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 259.6092,138.39749 C 336.3808,75.76803 336.3808,75.76803 336.3808,75.76803"
- id="path18034"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <path
- style="fill:none;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 302.03561,217.18938 L 261.62951,184.8645"
- id="path18036"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <path
- style="fill:none;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 148.49242,218.19954 L 189.90868,187.89496"
- id="path18038"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="503.40186"
- y="64.444763"
- id="text22909"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text22919.png"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="503.40186"
- y="64.444763"
- style="font-size:18px;text-align:center;text-anchor:middle"
- id="tspan22913">User Session</tspan><tspan
- sodipodi:role="line"
- x="503.40186"
- y="86.944763"
- style="font-size:18px;text-align:center;text-anchor:middle"
- id="tspan22917">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="506.21265"
- y="128.4534"
- id="text22919"
- inkscape:export-xdpi="127.3"
- inkscape:export-ydpi="127.3"><tspan
- sodipodi:role="line"
- x="506.21265"
- y="128.4534"
- style="font-size:18px;text-align:center;text-anchor:middle"
- id="tspan22923">System Context</tspan><tspan
- sodipodi:role="line"
- x="506.21265"
- y="150.9534"
- style="font-size:18px;text-align:center;text-anchor:middle"
- id="tspan22927">(privileged)</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient23025);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect22959"
- width="105.40086"
- height="54.89323"
- x="57.198269"
- y="321.36322"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="109.3157"
- y="345.77936"
- id="text22961"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="109.3157"
- y="345.77936"
- id="tspan22963"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="109.3157"
- y="360.77936"
- style="text-align:center;text-anchor:middle"
- id="tspan22965">Manager</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 74.682016,381.43904 L 104.24392,491.69186"
- id="path25955"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="416.05093"
- y="20.590385"
- id="text25957"
- transform="matrix(0.2589804,0.9658826,-0.9658826,0.2589804,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan25959"
- x="416.05093"
- y="20.590385">Mount()</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-end:none;stroke-opacity:1"
- d="M 116.72967,713.71023 L 150.59062,822.71953"
- id="path26968"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="734.48871"
- y="94.180153"
- id="text26970"
- transform="matrix(0.2966428,0.9549885,-0.9549885,0.2966428,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan26972"
- x="734.48871"
- y="94.180153">Not Privileged</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.6543473px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 554.54111,568.48473 L 601.89116,568.48473"
- id="path27000"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="580.93542"
- y="562.5321"
- id="text27971"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="580.93542"
- y="562.5321"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan27975">Check</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30009);fill-opacity:1;stroke:#030000;stroke-width:0.42391345;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect27977"
- width="89.103386"
- height="37.881466"
- x="606.02161"
- y="549.54401"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="651.82117"
- y="564.31549"
- id="text27981"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="651.82117"
- y="564.31549"
- style="text-align:center;text-anchor:middle"
- id="tspan27985">Authorization</tspan><tspan
- sodipodi:role="line"
- x="651.82117"
- y="579.31549"
- style="text-align:center;text-anchor:middle"
- id="tspan27989">Database</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient28994);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect28980"
- width="105.40086"
- height="54.89323"
- x="57.198269"
- y="499.88608"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:url(#linearGradient28996);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect28982"
- width="105.5967"
- height="22.946213"
- x="57.100349"
- y="553.98993"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="110.21804"
- y="524.30225"
- id="text28984"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="110.21804"
- y="524.30225"
- style="text-align:center;text-anchor:middle"
- id="tspan28986">org.freedesktop.</tspan><tspan
- sodipodi:role="line"
- x="110.21804"
- y="539.30225"
- style="text-align:center;text-anchor:middle"
- id="tspan28988">Hal</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="109.47976"
- y="568.22235"
- id="text28990"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="109.47976"
- y="568.22235"
- style="text-align:center;text-anchor:middle"
- id="tspan28992">libpolkit</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient29026);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect28998"
- width="105.40086"
- height="54.89323"
- x="446.37286"
- y="321.89014"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="498.49026"
- y="346.30627"
- id="text29000"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="498.49026"
- y="346.30627"
- id="tspan29002"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="498.49026"
- y="361.30627"
- style="text-align:center;text-anchor:middle"
- id="tspan29004">Manager</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 463.8566,381.96591 L 493.4185,492.21873"
- id="path29006"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="517.3515"
- y="-355.17126"
- id="text29008"
- transform="matrix(0.2589804,0.9658826,-0.9658826,0.2589804,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan29010"
- x="517.3515"
- y="-355.17126">Mount()</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient29028);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect29012"
- width="105.40086"
- height="54.89323"
- x="446.37286"
- y="500.41296"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:url(#linearGradient29030);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect29014"
- width="105.5967"
- height="22.946213"
- x="446.27493"
- y="554.51678"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="499.39261"
- y="524.8291"
- id="text29016"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="499.39261"
- y="524.8291"
- style="text-align:center;text-anchor:middle"
- id="tspan29018">org.freedesktop.</tspan><tspan
- sodipodi:role="line"
- x="499.39261"
- y="539.8291"
- style="text-align:center;text-anchor:middle"
- id="tspan29020">Hal</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="498.65433"
- y="568.74921"
- id="text29022"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="498.65433"
- y="568.74921"
- style="text-align:center;text-anchor:middle"
- id="tspan29024">libpolkit</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30045);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30017"
- width="105.40086"
- height="54.89323"
- x="56.299564"
- y="650.9104"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="108.417"
- y="675.32654"
- id="text30019"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="108.417"
- y="675.32654"
- id="tspan30021"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="108.417"
- y="690.32654"
- style="text-align:center;text-anchor:middle"
- id="tspan30023">Manager</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 73.783317,710.98622 L 103.34522,821.23903"
- id="path30025"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="734.12262"
- y="106.80471"
- id="text30027"
- transform="matrix(0.2589804,0.9658826,-0.9658826,0.2589804,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan30029"
- x="734.12262"
- y="106.80471">Mount()</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30047);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30031"
- width="105.40086"
- height="54.89323"
- x="56.299564"
- y="829.43323"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:url(#linearGradient30049);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30033"
- width="105.5967"
- height="22.946213"
- x="56.201649"
- y="883.53711"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="109.31934"
- y="853.84949"
- id="text30035"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="109.31934"
- y="853.84949"
- style="text-align:center;text-anchor:middle"
- id="tspan30037">org.freedesktop.</tspan><tspan
- sodipodi:role="line"
- x="109.31934"
- y="868.84949"
- style="text-align:center;text-anchor:middle"
- id="tspan30039">Hal</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="108.58106"
- y="897.76953"
- id="text30041"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="108.58106"
- y="897.76953"
- style="text-align:center;text-anchor:middle"
- id="tspan30043">libpolkit</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30079);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30051"
- width="105.40086"
- height="54.89323"
- x="445.29956"
- y="650.48181"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="497.41699"
- y="674.89795"
- id="text30053"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="497.41699"
- y="674.89795"
- id="tspan30055"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="497.41699"
- y="689.89795"
- style="text-align:center;text-anchor:middle"
- id="tspan30057">Manager</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.6543473px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 557.32498,676.80788 L 604.67503,676.80788"
- id="path30085"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="579.71936"
- y="670.85529"
- id="text30087"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="579.71936"
- y="670.85529"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan30089">Use</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30099);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30091"
- width="105.40086"
- height="54.89323"
- x="616.44238"
- y="650.48694"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="668.55981"
- y="674.90308"
- id="text30093"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="668.55981"
- y="674.90308"
- style="text-align:center;text-anchor:middle"
- id="tspan30097">Authentication</tspan><tspan
- sodipodi:role="line"
- x="668.55981"
- y="689.90308"
- style="text-align:center;text-anchor:middle"
- id="tspan30103">Agent</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30111);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30105"
- width="105.5967"
- height="22.946213"
- x="616.05884"
- y="704.88904"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="668.43817"
- y="719.12146"
- id="text30107"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="668.43817"
- y="719.12146"
- style="text-align:center;text-anchor:middle"
- id="tspan30109">libpolkit-grant</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30141);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30113"
- width="105.40086"
- height="54.89323"
- x="52.585289"
- y="969.30579"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="104.70271"
- y="993.72192"
- id="text30115"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="104.70271"
- y="993.72192"
- id="tspan30117"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="104.70271"
- y="1008.7219"
- style="text-align:center;text-anchor:middle"
- id="tspan30119">Manager</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.6543473px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 164.61071,995.63194 L 211.96076,995.63194"
- id="path30121"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="187.00504"
- y="989.6792"
- id="text30123"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="187.00504"
- y="989.6792"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan30125">Use</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30143);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30127"
- width="105.40086"
- height="54.89323"
- x="223.72812"
- y="969.31091"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="275.84558"
- y="993.72699"
- id="text30129"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="275.84558"
- y="993.72699"
- style="text-align:center;text-anchor:middle"
- id="tspan30131">Authentication</tspan><tspan
- sodipodi:role="line"
- x="275.84558"
- y="1008.727"
- style="text-align:center;text-anchor:middle"
- id="tspan30133">Agent</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30145);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30135"
- width="105.5967"
- height="22.946213"
- x="223.34451"
- y="1023.7131"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="275.72391"
- y="1037.9456"
- id="text30137"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="275.72391"
- y="1037.9456"
- style="text-align:center;text-anchor:middle"
- id="tspan30139">libpolkit-grant</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30155);fill-opacity:1;stroke:#030000;stroke-width:0.42391345;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30147"
- width="89.103386"
- height="37.881466"
- x="229.1626"
- y="1171.7073"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="274.96222"
- y="1186.4788"
- id="text30149"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="274.96222"
- y="1186.4788"
- style="text-align:center;text-anchor:middle"
- id="tspan30151">Authorization</tspan><tspan
- sodipodi:role="line"
- x="274.96222"
- y="1201.4788"
- style="text-align:center;text-anchor:middle"
- id="tspan30153">Database</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 254.31223,1055.3785 L 283.87413,1165.6314"
- id="path30157"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="1091.5134"
- y="3.301826"
- id="text30159"
- transform="matrix(0.2589804,0.9658826,-0.9658826,0.2589804,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan30161"
- x="1091.5134"
- y="3.301826">On successful,</tspan><tspan
- sodipodi:role="line"
- x="1091.5134"
- y="18.301826"
- id="tspan30163">auth, write cookie</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.6543473px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 548.53925,1216.5075 L 595.8893,1216.5075"
- id="path30165"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="574.93365"
- y="1210.5551"
- id="text30167"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="574.93365"
- y="1210.5551"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan30169">Check</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30207);fill-opacity:1;stroke:#030000;stroke-width:0.42391345;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30171"
- width="89.103386"
- height="37.881466"
- x="600.01978"
- y="1197.567"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="645.81934"
- y="1212.3383"
- id="text30173"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="645.81934"
- y="1212.3383"
- style="text-align:center;text-anchor:middle"
- id="tspan30175">Authorization</tspan><tspan
- sodipodi:role="line"
- x="645.81934"
- y="1227.3383"
- style="text-align:center;text-anchor:middle"
- id="tspan30177">Database</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30209);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30179"
- width="105.40086"
- height="54.89323"
- x="440.37097"
- y="969.91284"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="492.48843"
- y="994.32898"
- id="text30181"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="492.48843"
- y="994.32898"
- id="tspan30183"
- style="text-align:center;text-anchor:middle">File</tspan><tspan
- sodipodi:role="line"
- x="492.48843"
- y="1009.329"
- style="text-align:center;text-anchor:middle"
- id="tspan30185">Manager</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow1Lend);stroke-opacity:1"
- d="M 457.85474,1029.9888 L 487.41664,1140.2415"
- id="path30187"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="1141.7095"
- y="-181.54793"
- id="text30189"
- transform="matrix(0.2589804,0.9658826,-0.9658826,0.2589804,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan30191"
- x="1141.7095"
- y="-181.54793">Mount()</tspan></text>
- <rect
- style="opacity:1;fill:url(#linearGradient30211);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30193"
- width="105.40086"
- height="54.89323"
- x="440.37097"
- y="1148.4359"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:url(#linearGradient30213);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30195"
- width="105.5967"
- height="22.946213"
- x="440.27307"
- y="1202.5397"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="493.39078"
- y="1172.8521"
- id="text30197"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="493.39078"
- y="1172.8521"
- style="text-align:center;text-anchor:middle"
- id="tspan30199">org.freedesktop.</tspan><tspan
- sodipodi:role="line"
- x="493.39078"
- y="1187.8521"
- style="text-align:center;text-anchor:middle"
- id="tspan30201">Hal</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="492.6525"
- y="1216.7721"
- id="text30203"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="492.6525"
- y="1216.7721"
- style="text-align:center;text-anchor:middle"
- id="tspan30205">libpolkit</tspan></text>
- <path
- style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow1Lstart);marker-end:none;stroke-opacity:1"
- d="M 496.01522,1030.2861 L 529.87617,1139.2954"
- id="path30221"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="1173.8359"
- y="-173.60796"
- id="text30223"
- transform="matrix(0.2966428,0.9549885,-0.9549885,0.2966428,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan30225"
- x="1173.8359"
- y="-173.60796">OK</tspan></text>
- <rect
- style="opacity:1;fill:#4c4c4c;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.70579964;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30227"
- width="717.72656"
- height="3.224658"
- x="16.136728"
- y="610.74988"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:#4c4c4c;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.70579964;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30229"
- width="717.72656"
- height="3.224658"
- x="9.7081537"
- y="937.03558"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:#4c4c4c;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.8039602;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect30231"
- width="960.48553"
- height="3.1264975"
- x="310.69086"
- y="-371.56323"
- transform="matrix(0,1,-1,0,0,0)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <rect
- style="opacity:1;fill:#aaaaaa;fill-opacity:1;stroke:#c9c9c9;stroke-width:0.47417995;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
- id="rect31276"
- width="302.2439"
- height="3.4562778"
- x="417.58118"
- y="765.91351"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="677.00378"
- y="746.49854"
- id="text31278"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="677.00378"
- y="746.49854"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31280">User Session</tspan><tspan
- sodipodi:role="line"
- x="677.00378"
- y="758.99854"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31282">(unprivileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="675.81458"
- y="780.5072"
- id="text31284"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- x="675.81458"
- y="780.5072"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31286">System Context</tspan><tspan
- sodipodi:role="line"
- x="675.81458"
- y="793.0072"
- style="font-size:10px;text-align:center;text-anchor:middle"
- id="tspan31288">(privileged)</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="5.7142835"
- y="343.79077"
- id="text31318"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan31320"
- x="5.7142835"
- y="343.79077"
- style="font-size:36px">1.</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="382.24597"
- y="344.3414"
- id="text31322"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan31324"
- x="382.24597"
- y="344.3414"
- style="font-size:36px">2.</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="5.9801025"
- y="650.06604"
- id="text31326"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan31328"
- x="5.9801025"
- y="650.06604"
- style="font-size:36px">3.</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="382.51178"
- y="650.6167"
- id="text31330"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan31332"
- x="382.51178"
- y="650.6167"
- style="font-size:36px">4.</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="5.1229744"
- y="979.06604"
- id="text31334"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/doc/text31338.png"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan31336"
- x="5.1229744"
- y="979.06604"
- style="font-size:36px">5.</tspan></text>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="381.65466"
- y="979.6167"
- id="text31338"
- inkscape:export-xdpi="99.129997"
- inkscape:export-ydpi="99.129997"><tspan
- sodipodi:role="line"
- id="tspan31340"
- x="381.65466"
- y="979.6167"
- style="font-size:36px">6.</tspan></text>
- </g>
-</svg>
diff --git a/doc/polkit-docs.xml b/doc/polkit-docs.xml
deleted file mode 100644
index 91e0bec..0000000
--- a/doc/polkit-docs.xml
+++ /dev/null
@@ -1,144 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
- "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-<!ENTITY version SYSTEM "version.xml">
-]>
-<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
- <bookinfo>
- <title>PolicyKit Library Reference Manual</title>
- <releaseinfo>Version &version;</releaseinfo>
- <authorgroup>
- <author>
- <firstname>David</firstname>
- <surname>Zeuthen</surname>
- <affiliation>
- <address>
- <email>david at fubar.dk</email>
- </address>
- </affiliation>
- </author>
- </authorgroup>
-
- <copyright>
- <year>2007</year>
- <holder>The PolicyKit Authors</holder>
- </copyright>
-
- <legalnotice>
- <para>
- Permission is granted to copy, distribute and/or modify this
- document under the terms of the <citetitle>GNU Free
- Documentation License</citetitle>, Version 1.1 or any later
- version published by the Free Software Foundation with no
- Invariant Sections, no Front-Cover Texts, and no Back-Cover
- Texts. You may obtain a copy of the <citetitle>GNU Free
- Documentation License</citetitle> from the Free Software
- Foundation by visiting <ulink type="http"
- url="http://www.fsf.org">their Web site</ulink> or by writing
- to:
-
- <address>
- The Free Software Foundation, Inc.,
- <street>59 Temple Place</street> - Suite 330,
- <city>Boston</city>, <state>MA</state> <postcode>02111-1307</postcode>,
- <country>USA</country>
- </address>
- </para>
-
- <para>
- Many of the names used by companies to distinguish their
- products and services are claimed as trademarks. Where those
- names appear in any GNOME documentation, and those trademarks
- are made aware to the members of the GNOME Documentation
- Project, the names have been printed in caps or initial caps.
- </para>
- </legalnotice>
- </bookinfo>
-
- <reference id="ref-design">
- <title>Design Overview</title>
- <partintro>
- <para>
- This part presents the design documentation for PolicyKit.
- <xi:include href="man/PolicyKit.xml"/>
- </para>
- </partintro>
- <xi:include href="spec/polkit-spec-introduction.xml" />
- <xi:include href="spec/polkit-spec-model.xml" />
- <xi:include href="spec/polkit-spec-configuration.xml" />
- </reference>
-
- <reference id="ref-core">
- <title>Core API Reference</title>
- <partintro>
- <para>
- This part presents the class and function reference for the
- core PolicyKit
- libraries, <literal>libpolkit</literal>, <literal>libpolkit-grant</literal>
- and <literal>libpolkit-dbus</literal>. Note that unless
- explictly stated, a function belongs
- to <literal>libpolkit</literal>. The split is arranged such
- that mechanisms checking for authorizations only need to link
- with <literal>libpolkit</literal>.
- </para>
- </partintro>
- <xi:include href="xml/polkit-types.xml"/>
- <xi:include href="xml/polkit-sysdeps.xml"/>
- <xi:include href="xml/polkit-simple.xml"/>
- <xi:include href="xml/polkit-error.xml"/>
- <xi:include href="xml/polkit-result.xml"/>
- <xi:include href="xml/polkit-action.xml"/>
- <xi:include href="xml/polkit-seat.xml"/>
- <xi:include href="xml/polkit-session.xml"/>
- <xi:include href="xml/polkit-caller.xml"/>
- <xi:include href="xml/polkit-tracker.xml"/>
- <xi:include href="xml/polkit-context.xml"/>
- <xi:include href="xml/polkit-config.xml"/>
- <xi:include href="xml/polkit-policy-file.xml"/>
- <xi:include href="xml/polkit-policy-file-entry.xml"/>
- <xi:include href="xml/polkit-policy-default.xml"/>
- <xi:include href="xml/polkit-policy-cache.xml"/>
- <xi:include href="xml/polkit-authorization.xml"/>
- <xi:include href="xml/polkit-authorization-constraint.xml"/>
- <xi:include href="xml/polkit-authorization-db.xml"/>
- <xi:include href="xml/polkit-grant.xml"/>
- </reference>
-
- <reference id="tools-fileformats">
- <title>Tools and file formats</title>
- <partintro>
- <para>
- This part presents the tools, file formats used and assorted documentation distributed with PolicyKit.
- </para>
- </partintro>
- <xi:include href="man/PolicyKit.xml"/>
- <xi:include href="man/PolicyKit.conf.xml"/>
- <xi:include href="man/polkit-auth.xml"/>
- <xi:include href="man/polkit-action.xml"/>
- <xi:include href="man/polkit-policy-file-validate.xml"/>
- <xi:include href="man/polkit-config-file-validate.xml"/>
- </reference>
-
- <index role="deprecated">
- <title>Index of deprecated symbols</title>
- </index>
- <index role="0.7">
- <title>Index of new symbols in 0.7</title>
- </index>
- <index role="0.8">
- <title>Index of new symbols in 0.8</title>
- </index>
-
- <index>
- <title>Index</title>
- </index>
-
- <!-- License -->
-
- <appendix id="license">
- <title>License</title>
- <para>
-<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../COPYING" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
- </para>
- </appendix>
-</book>
diff --git a/doc/spec/polkit-spec-configuration.xml b/doc/spec/polkit-spec-configuration.xml
deleted file mode 100644
index 63b432c..0000000
--- a/doc/spec/polkit-spec-configuration.xml
+++ /dev/null
@@ -1,295 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
-
-<chapter id="polkit-conf">
- <title>PolicyKit configuration</title>
-
- <sect1 id="conf-declaring-actions">
- <title>Declaring Actions</title>
-
- <para>
- A Mechanism needs to declare what Actions it supports. This is
- achieved by dropping one or more XML files with the suffix <literal>.policy</literal>
- into the <literal>/usr/share/PolicyKit/policy</literal> directory.
- </para>
- <para>
- The name of the XML file is significant. Each XML file can only
- declare actions from the namespace of it's own name; for example
- actions <literal>org.foobar.action-a</literal>, <literal>org.foobar.action-b</literal>
- and <literal>org.foobar.action-c</literal> would all go into the
- file <literal>org.foobar.policy</literal> while
- actions <literal>com.my-company.product-awesome.action-a</literal>, <literal>com.mycompany.product-awesome.action-b</literal>
- would go into the
- file <literal>com.mycompany.product-awesome.policy</literal>.
- </para>
- <para>
- An example of a <literal>.policy</literal> file would be the following:
- </para>
- <programlisting>
- <![CDATA[
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE policyconfig PUBLIC
- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-<policyconfig>
- <vendor>The PolicyKit Project</vendor>
- <vendor_url>http://hal.freedesktop.org/docs/PolicyKit/</vendor_url>
- <icon_name>polkit-icon</icon_name>
-
- <action id="org.gnome.policykit.examples.frobnicate">
- <description>Frobnicate</description>
- <description xml:lang="da">Frobniker</description>
- <description xml:lang="en_CA">Frobnicate, Aye!</description>
- <message>System policy prevents the PolicyKit-gnome example helper from Frobnicating</message>
- <message xml:lang="da">System indstillinger forhindrer PolicyKit-gnome eksempel hjælper i at Frobnikere!</message>
- <message xml:lang="en_CA">System policy prevents the PolicyKit-gnome example helper from Frobnicating, Aye!</message>
-
- <icon_name>polkit-icon-frobnicate</icon_name>
- <vendor_url>http://hal.freedesktop.org/docs/PolicyKit/about-frobnicating</vendor_url>
-
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_self</allow_active>
- </defaults>
- </action>
-
- <action id="org.gnome.policykit.examples.tweak">
- <description>Tweak</description>
- <description xml:lang="da">Tvæk</description>
- <description xml:lang="en_CA">Tweak, Aye!</description>
- <message>System policy prevents the PolicyKit-gnome example helper from Tweaking</message>
- <message xml:lang="da">System indstillinger forhindrer PolicyKit-gnome eksempel hjælper i at Tvække!</message>
- <message xml:lang="en_CA">System policy prevents the PolicyKit-gnome example helper from Tweaking, Aye!</message>
-
- <!-- just inherit icon_name and vendor_url -->
-
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
-]]>
- </programlisting>
- <para>
- The policy declaration includes:
- <itemizedlist>
- <listitem>
- <para>
- <emphasis>Action Identifier:</emphasis> This identifies
- the action and can only contain the
- characters <literal>[a-z][0-9].-</literal>,
- e.g. lower-case ASCII, digits, period and hyphen. In
- addition the identifier needs to start with a lower-case
- ASCII character. The rationale for having everything is
- lower case is to make it easy to make a distinction
- between PolicyKit actions and D-Bus methods / interfaces
- as the latter is normally using CamelCase.
- </para><para>
- In order for the identifier to be unique, it is
- recommended that a revser domain name is chosen, for
- example if the company Acme Inc. has a product called
- Frakker that exports two Actions Blit and Blop the action
- names should be chosen
- as <literal>com.acme.frakker.blit</literal>
- and <literal>com.acme.frakker.blop</literal>.
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>Defaults:</emphasis>
- The <literal>allow_any</literal>, <literal>allow_inactive</literal>
- and <literal>allow_active</literal> tags specify the
- default answer that <literal>libpolkit</literal> will
- return for respectively any, inactive and active
- sessions. See below for valid values and their
- meaning. Any of these elements, including the
- enclosing <literal>defaults</literal> elements may be
- omitted.
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>Textual descriptions:</emphasis> Simply included
- for convenience and organizational purposes. Useful for
- graphical editors for
- authorizations. Standard <literal>xml:lang</literal>
- mechnanisms are used to convey localized strings (note
- that intltool 0.36 or greater includes native support for
- handling <literal>.policy</literal> files).
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>Vendor:</emphasis> The <literal>vendor</literal>
- and <literal>vendor_url</literal> describes who is
- supplying the action. Both can be set at the top-level of
- the <literal>.policy</literal> file and each Action can
- further override it. These tags are optional.
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>Icon:</emphasis>
- The <literal>icon_name</literal> tag can be used to
- specify an icon name for the action or group of
- actions. The name must adhere to the freedesktop.org Icon
- Naming spec (for theming purposes) and cannot include
- directory separators and must not include filename
- extensions like <literal>.png</literal>. Like with vendor
- tags, this tag can be set at the top level and also be
- specialized for each individual action. This tag is
- optional.
- </para>
- </listitem>
- </itemizedlist>
- The following values for the defaults are
- <itemizedlist>
- <listitem>
- <para>
- <emphasis>no</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_self_one_shot</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_self</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_self_keep_session</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_self_keep_always</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_admin_one_shot</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_admin</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_admin_keep_session</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>auth_admin_keep_always</emphasis>
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>yes</emphasis>
- </para>
- </listitem>
- </itemizedlist>
- The main point here is that individual upstream software
- projects can provide sensible defaults, e.g. it's sensible for
- the example with a dial-up mechanism to configure
- the <literal>org.freedesktop.networkmanager.dialup-trusted</literal> Action to
- return <emphasis>yes</emphasis> for local active sessions and
- the Action
- <literal>org.freedesktop.networkmanager.dialup-untrusted</literal> to perhaps
- return <emphasis>auth_admin_keep_session</emphasis>. See
- <xref linkend="beyond-defaults"/> for how individual machines
- and sites can customize this.
- </para>
-
- <para>
- The <literal>polkit-list-actions</literal>(1) tool will list all
- the Actions known to <literal>libpolkit</literal> in a
- convenient
- format. The <literal>polkit-policy-file-validate</literal>(1)
- tool can be used to check policy files as part of the software
- release and installation process.
- </para>
-
- <sect2 id="conf-declaring-actions-annotations">
- <title>Annotations</title>
- <para>
- When declaring an Action, one can also annotate it with one or
- more key/value pairs:
- </para>
- <programlisting>
- <![CDATA[
- <action id="com.example.blahblaster.run-as-root">
- <description>Run the graphical BlahBlaster application as the super user</description>
- <message>System policy prevents the BlahBlaster application</message>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin</allow_active>
- </defaults>
- <annotate key="org.freedesktop.PolicyKit.run-as-superuser.path">/usr/bin/BlahBlaster</annotate>
- </action>
-]]>
- </programlisting>
- <para>
- This is useful when writing an extensible Mechanism that other
- applications wants to use. The example declaration above is
- dealing with an (hypothetical and setuid root) mechanism,
- let's call it
- <literal>run-as-superuser</literal>, that can start graphical
- applications as uid 0. Suppose the user invokes it like this
- </para>
- <programlisting>
- run-as-superuser /usr/bin/BlahBlaster
- </programlisting>
- <para>
- Now, the <literal>run-as-superuser</literal> mechanism is only
- passed a path to the application to start. In order to
- determine if the calling user is allowed to run the given
- application as root, we need to determine the PolicyKit Action
- and then use libpolkit as usual to get an answer (and possibly
- make the user authenticate to gain the privilege to run the
- application). By using annotations,
- the <literal>run-as-superuser</literal> mechanism can query
- what the action is simply by searching for the Action that has
- an annotation
- where <literal>org.freedesktop.PolicyKit.run-as-superuser.path</literal>
- equals the given path,
- e.g. <literal>/usr/bin/BlahBlaster</literal>. It then becomes
- part of the documentation for
- the <literal>run-as-superuser</literal> program to specify
- that applications wanting to use it, simply just needs to
- provide a PolicyKit <literal>.policy</literal> file that
- declares an Action with an
- annotation <literal>org.freedesktop.PolicyKit.run-as-superuser.path</literal>
- whose value is the path to the binary.
- </para>
-
- </sect2>
- </sect1>
-
- <sect1 id="beyond-defaults">
- <title>Beyond the Defaults</title>
-
- <para>
- System administrators and sites can tweak what
- answer <literal>libpolkit</literal> returns depending on the
- Action and Subject and other factors through the configuration
- file <literal>/etc/PolicyKit/PolicyKit.conf</literal>. The
- configuration file format, along with examples, is described in
- the associated manual page of the same name. Note that this file
- is not supposed to be modified by individual packages, it is
- solely the responsibility of the system administrator to make
- changes to this file.
- </para>
- </sect1>
-
-</chapter>
diff --git a/doc/spec/polkit-spec-introduction.xml b/doc/spec/polkit-spec-introduction.xml
deleted file mode 100644
index e156773..0000000
--- a/doc/spec/polkit-spec-introduction.xml
+++ /dev/null
@@ -1,136 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
-
-<chapter id="introduction">
- <title>Introduction</title>
-
- <sect1 id="intro-about">
- <title>About</title>
-
- <para>
- PolicyKit is an application-level toolkit for defining and
- handling the policy that allows unprivileged processes to speak
- to privileged processes: It is a framework for centralizing the
- decision making process with respect to granting access to
- privileged operations for unprivileged applications. PolicyKit
- is specifically targeting applications in rich desktop
- environments on multi-user UNIX-like operating systems. It does
- not imply or rely on any exotic kernel features.
- </para>
- </sect1>
-
- <sect1 id="polkit-spec-history">
- <title>History and Prior Art</title>
-
- <para>
- Traditionally UNIX-like operating systems have a clear
- distinction between ordinary unprivileged users and the almight
- and powerful super user 'root'. However, in order for a user to
- access and configure hardware additional privileges and rights
- are needed. Hitherto, this have been done in a number of often
- OS-specific ways. For example, Red Hat based systems usually
- grant access to devices to a user if, and only if, the user is
- logged in at a local console. In contrast, Debian-based systems
- often relies on group membership, e.g. users in the 'cdrom'
- group can access optical drives, users in the 'plugdev' group
- can mount removable media and so on.
- </para>
-
- <para>
- In addition, access was not only granted to devices; Red
- Hat-based systems, for example, provides a mechanism to allow a
- user at a local system to run certain applications (such as the
- system-config-* family) as the super user provided they could
- authenticate as the super user (typically by entering the root
- password using a graphical utility). Other distributions rely on
- sudo (with various graphical frontends) to provide similar
- functionality. Both the pam-console and sudo approaches doesn't
- require applications to be modified.
- </para>
-
- <para>
- Finally, some classes of software (such as HAL, NetworkManager
- and gnome-system-tools) utilizes IPC mechanism (typically D-Bus)
- to provide a very narrow and well-defined subset of privileged
- operations to unprivileged desktop applications. It varies what
- mechanism is used to deny users.
- </para>
- </sect1>
-
- <sect1 id="intro-define-problem">
- <title>Defining the Problem</title>
-
- <para>
- There's a couple of problems with the mechanisms described in
- <xref linkend="polkit-spec-history"/>.
-
- <itemizedlist>
- <listitem>
- <para>
- Mechanisms are coarsely grained: either you're at the
- console or you're not (pam_console). Either you're a
- member of a group or you're not (Debian). There is no easy
- way to specify that only a subset of privileged operations
- should be available for a given user (e.g. it's hard to
- express "it's fine to mount removable media; it's not fine
- to mount fixed media; it's not fine to change the
- timezone" in a coherent way).
- </para>
- </listitem>
-
- <listitem>
- <para>
- The way most people use pam-console and sudo is
- fundamentally broken. Full-fledged GTK+ or Qt applications
- run as the super user which means that millions of line of
- code (including code such as image loaders that
- historically have lots of security problems) runs
- privileged. This is in direct violation of the well-known
- "least privilege" principle. In addition, often
- applications look out of place because settings in such
- programs now read per-user settings from root's home
- directory.
- </para>
- </listitem>
-
- <listitem>
- <para>
- UNIX group membership have always been problematic; if a
- user is a member of a group once, he can always become
- member of the group again
- (copy <literal>/bin/bash</literal> to $HOME; chown to
- group, set the setgid bit, done).
- </para>
- </listitem>
-
- <listitem>
- <para>
- It is difficult for upstream projects (such as GNOME or
- KDE) to implement features that requires administrative
- privileges because most downstream consumers
- (e.g. operating systems) have different ways of
- implementing access control. As a result most of these
- features are punted to OS distributors who have their own
- code for doing the same thing e.g. setting the
- date/timezone etc.; there is no way for file sharing
- applications (such as gnome-user-share, Banshee,
- Rhythmbox) to punch a hole in the firewall.
- </para>
- </listitem>
-
- <listitem>
- <para>
- Without a centralized framework, access control
- configuration is often scattered throughout the system
- which makes it hard for system administrators to grasp how
- to configure the system. There's literally a bunch of
- different configuration files all with different formats
- and semantics.
- </para>
- </listitem>
-
- </itemizedlist>
- </para>
- </sect1>
-
-</chapter>
diff --git a/doc/spec/polkit-spec-model.xml b/doc/spec/polkit-spec-model.xml
deleted file mode 100644
index 4d3b885..0000000
--- a/doc/spec/polkit-spec-model.xml
+++ /dev/null
@@ -1,569 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
-
-<chapter id="model">
- <title>PolicyKit Model</title>
-
- <sect1 id="model-mechanism-vs-policy">
- <title>Mechanims vs. Policy</title>
-
- <para>
- PolicyKit assumes a model where a program is split into two
- parts. One part, the Mechanism, runs privileged (with no user
- interface elements) and the other part, the policy agent, runs
- unprivileged. The two parts of the program are in different
- processes and communicate through some IPC mechanism such as
- pipes or the system message bus (D-Bus). In some instances the
- Mechanism can be considered part of the core OS and the policy
- agent part of the desktop stack.
- </para>
-
- <para>
- </para>
-
- <para>
- A Mechanism should never trust any application that tries to
- use; it needs to carefully verify all data and requests passed
- to it from the application. This is the model employed by HAL
- and NetworkManager:
- </para>
- <para>
- <inlinegraphic fileref="diagram-bus-model.png" format="PNG"/>
- </para>
- <para>
- This model is not by any means restricted to applications using
- D-Bus; it applies to most other security sensitive
- applications. For example, the PAM module for checking your
- password can run unprivileged and uses a simple and easy to
- audit privileged helper
- application, <literal>/sbin/unix_chkpwd</literal> on Red Hat
- systems, to actually check the password
- against <literal>/etc/shadow</literal>. In a similar fashion,
- all
- <ulink type="http"
- url="http://en.wikipedia.org/wiki/Setuid">setuid
- root</ulink> applications carefully check (or at least
- should) incoming parameters and the environment in which
- they are launched.
- </para>
-
- <para>
- In general, such an architecture is thought of as secure as long
- as the Mechanism (and it's dependent libraries) have been
- verified to be secure.
- </para>
-
- </sect1>
-
- <sect1 id="model-concepts">
- <title>Concepts</title>
-
- <para>
- Typically the entities that a Mechanism cares about can be split
- into three groups:
- <itemizedlist>
- <listitem>
- <para>
- <emphasis>Subject</emphasis>: the entity requesting the
- Action; ie. an unprivileged application. To make a
- decision about whether to carry out the Action, the
- Mechanism needs to know as much about the Subject as
- possible, e.g. UNIX user id, UNIX process id, possible
- security attributes (such as SELinux security context) and
- other data such as if the Subject is a participant in a
- local or remote desktop session, whether said desktop
- session is currently active and so forth.
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Object</emphasis>: some canonical representation
- of the Object; some Objects represent tangible things such
- as a UNIX device file, other Objects can be more abstract
- and represent e.g. a network connection to a specific
- destination, a reference to the power management
- subsystem, a reference to a piece of software tracked by
- the native package manager.
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Action:</emphasis> what the Subject is
- attempting to do to the Object; this depends of the nature
- of the Object and examples include mounting a block
- device, formatting a block device with a file system,
- establishing a dial-up connection to connect to private or
- public networks, putting the system into a suspended
- state, installing an unsigned piece of software, updating
- the system with signed software, changing the timezone,
- gaining access to a webcam and so forth.
- </para>
- </listitem>
- </itemizedlist>
- </para>
-
- <para>
- One way to think about a Mechanism is that the Mechanism is
- split into an enforcer and a decider component. When an
- application attempts to access the Mechanism, the enforcer
- component will only carry out the Action if the decider
- component (supplied with the appropriate input parameters about
- the Subject, Object and Action) says it's OK.
- </para>
- </sect1>
-
- <sect1 id="model-theory-of-operation">
- <title>Theory of Operation</title>
-
- <para>
- The core of PolicyKit is implemented as a shared library that
- Mechanisms can link to and use as the decider component. There's
- a small set of (extensible) data structures that establish a
- vocabulary for <literal>libpolkit</literal> and the Mechanism to
- describe the Subject and Action in question. The Mechanism
- should think about <literal>libpolkit</literal> as a black box;
- it's sole purpose is to answer whether a given Subject is
- permitted to do a specific Action. The answer, obviously, comes
- from a configuration source read by the library and maintained
- by the system administrator; see <xref linkend="polkit-conf"/>
- for details on PolicyKit configuration.
- </para>
-
- <para>
- The answer from <literal>libpolkit</literal> is not limited to a
- boolean value; essentially the following values can be returned
- <itemizedlist>
- <listitem>
- <para>
- <emphasis>Yes:</emphasis> It is ok for the Mechanism to
- carry out the Action requsted by the given Subject.
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>No:</emphasis> The Mechanism should not carry
- out the Action requested by the given Subject.
- </para>
- </listitem>
- <listitem>
- <para>
- <emphasis>Require authentication:</emphasis> The Subject
- (e.g. the UI application) needs to ask the user to
- authenticate in order for the Mechanism to carry out this
- Action.
- </para>
- </listitem>
- </itemizedlist>
- In addition,
- <itemizedlist>
- <listitem>
- <para>
- Authentication can be specified (in the return value
- from <literal>libpolkit</literal>) as either user
- authentication (user puts in his own password) or super
- user authentication (user puts in the root password or a
- user in an administrator group authenticates).
- </para>
- </listitem>
- <listitem>
- <para>
- The authorization can be kept (this is also specified in
- the return value from <literal>libpolkit</literal>) either
- 1) indefinitely (e.g. it persists across reboots and
- different desktop sessions); 2) for the remainder of the
- desktop session the Subject is part of; or 3) confined to
- the process life-time of the Subject.
- </para>
- </listitem>
- </itemizedlist>
- </para>
-
- <para>
- To facilitate the authentication step, there's a shared library
- called <literal>libpolkit-grant</literal>. Given an Action, this
- library uses a privileged helper (as in it's a <literal>setgid
- polkit</literal> application) to authenticate the user (using
- PAM) and upon successful authentication leave a cookie
- specifying that the given Action can be carried out. It is the
- presence and contents of this cookie that will
- allow <literal>libpolkit</literal> to
- return <emphasis>Yes</emphasis> when the Subject asks the
- Mechanism to carry out the Action again. This whole process is
- best explained by a diagram:
- </para>
-
- <para>
- <inlinegraphic fileref="diagram-interaction.png" format="PNG"/>
- </para>
-
- <para>
- Detail on the diagram:
- <orderedlist>
- <listitem>
- <para>
- The user double clicks an icon on the desktop that
- resembles a hard drive. As mounting file systems is a
- privileged operation, the File Manager calls, via the
- system message bus, into the Mechanism (HAL).
- </para>
- </listitem>
-
- <listitem>
- <para>
- The Mechanism identifies the caller, using ConsoleKit, all
- the relevant information about the caller and stores this
- information in
- a <link linkend="polkit-polkit-caller">PolKitCaller</link>
- object. This information includes
- <itemizedlist>
- <listitem>
- <para>
- UNIX user id (uid)
- </para>
- </listitem>
- <listitem>
- <para>
- UNIX process id (pid)
- </para>
- </listitem>
- <listitem>
- <para>
- An identifier for the desktop session and whether
- the session is active (e.g. currently showing on a
- display), whether it's local and if it's remote, the
- address of the remote display
- </para>
- </listitem>
- <listitem>
- <para>
- Optional OS specific attributes such as the SELinux security context.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- <para>
- Second, the Mechanism creates
- a <link linkend="polkit-polkit-action">PolKitAction</link>
- object that represents the action that the caller wants
- the Mechanism to perform on it's behalf. Specifically, for
- HAL, the D-Bus method call <literal>Mount()</literal> maps
- into two
- actions: <literal>org.freedesktop.hal.storage.mount-fixed</literal>
- and <literal>org.freedesktop.hal.storage.mount-removable</literal>. As
- the device the user wants to mount is an internal hard
- disk, HAL
- picks <literal>org.freedesktop.hal.storage.mount-fixed</literal>
- and constructs
- the <link linkend="polkit-polkit-action">PolKitAction</link>
- object.
- </para>
- <para>
- Third, HAL now calls
- the <link linkend="polkit-context-can-caller-do-action">polkit_context_can_caller_do_action()</link>
- function in <literal>libpolkit</literal> and passes
- the <link linkend="polkit-polkit-action">PolKitAction</link>
- and <link linkend="polkit-polkit-caller">PolKitCaller</link>
- objects as parameters. Armed with all this
- information, <literal>libpolkit</literal> is now in a
- position to make a decision; see
- <xref linkend="polkit-conf"/> for how exactly this is
- done.
- </para>
- <para>
- The result
- from <literal>libpolkit</literal> is of the
- type <link linkend="polkit-polkit-result">PolKitResult</link>
- and tells whether the given caller is allowed to do the
- given action. If the result is yes
- (e.g. POLKIT_RESULT_YES), the Mechanism carries out the
- action on behalf of the caller.
- </para>
- </listitem>
-
- <listitem>
- <para>
- If the result from <literal>libpolkit</literal> is not
- yes, the Mechanism sends a reply back to the caller with
- two pieces of information:
- <itemizedlist>
- <listitem>
- <para>
- The result from <literal>libpolkit</literal> itself.
- </para>
- </listitem>
- <listitem>
- <para>
- The action that the caller needs to be authorized to
- do.
- </para>
- </listitem>
- </itemizedlist>
- For this example, HAL returns an exception via D-Bus with
- the
- name <literal>org.freedesktop.Hal.Device.PermissionDeniedByPolicy</literal>
- and the detail text
- string <literal>"org.freedesktop.hal.storage.mount-fixed
- auth_admin_keep_always"</literal> (assuming the return code
- was POLKIT_RESULT_AUTH_ADMIN_KEEP_ALWAYS). This enables
- the caller to take action and acquire authorization to do
- this action.
- </para>
- </listitem>
-
- <listitem>
- <para>
- The File Manager receives the exception from the Mechanism
- and since the exception
- name <literal>org.freedesktop.Hal.Device.PermissionDeniedByPolicy</literal>
- is well-defined it decodes the exception detail string to
- learn that in order to do what the user asked it (by
- double clicking an icon resembling a hard drive), it needs
- to make the user authenticate as an administrator in order
- to be authorized for the
- action <literal>org.freedesktop.hal.storage.mount-fixed</literal>.
- </para>
- <para>
- The File Manager now proceeds to call into
- an <emphasis>Authentication Agent</emphasis> and passes
- two items of information
- <itemizedlist>
- <listitem>
- <para>
- The <link linkend="polkit-polkit-result">PolKitResult</link>
- that <literal>libpolkit</literal> returned to the
- Mechanism and passed on to the File Manager.
- </para>
- </listitem>
- <listitem>
- <para>
- The <link linkend="polkit-polkit-action">PolKitAction</link>
- that <literal>libpolkit</literal> returned to the
- Mechanism and passed on to the File Manager.
- </para>
- </listitem>
- </itemizedlist>
- In fact, the File Manager could implement an
- Authentication Agent by itself but for both practical
- reasons (implementing an Authentication Agent is not
- trivial) and security reasons (it is typically a good idea
- to have password handling in as few processes as possible)
- it is preferable to have this done in a separate
- process. PolicyKit defines an abstract interface to
- interact with the an Authentication Agent, see the
- <link linkend="model-authentication-agent">Authentication
- Agent section</link> for details. For details on the
- Authentication Agent for the GNOME desktop, please see
- the <ulink type="http"
- url="http://hal.freedesktop.org/docs/PolicyKit-gnome/ref-auth-daemon.html">PolicyKit-gnome</ulink>
- documentation.
- </para>
- </listitem>
-
- <listitem>
- <para>
- The first thing that the Authentication Agent does when it
- receives a request from an application is to validate the
- incoming parameters to see if they are correct;
- essentially it's doing exactly the same check as the
- Mechanism was doing in step 2;
- e.g. constructing <link linkend="polkit-polkit-caller">PolKitCaller</link>
- and <link linkend="polkit-polkit-caller">PolKitAction</link>
- objects, calling
- into <link linkend="polkit-context-can-caller-do-action">polkit_context_can_caller_do_action()</link>
- and examining the
- returned <link linkend="polkit-polkit-result">PolKitResult</link>.
- </para>
- <para>
- If the parameters check out, the Authentication Agent now
- pops up a window to explain the user than authentication
- is required to perform the desired action. Note that the
- text to put in the dialog stems from files that are not
- under the users control (see
- <xref linkend="conf-declaring-actions"/> for details) so
- there is no chance for any application to spoof the dialog
- to trick the user into agreeing to authenticate for
- something while in fact the authentication is about
- something else.
- </para>
- <para>
- Internally the Authentication Agent uses services provided
- by the
- <link linkend="polkit-polkit-grant">PolKitGrant</link>
- class and is little more than a thin layer above the PAM
- user API. The authentication itself is performed in a
- privileged helper program (e.g. running
- with <ulink type="http"
- url="http://en.wikipedia.org/wiki/Setgid">setgid</ulink>
- privileges) that communicates with the (graphical)
- Authentication Agent through pipes. As such, if the user
- successfully authenticates, the privileged helper program
- writes an entry into the Authorization Database (it can do
- so only because it is privileged). When the user is done
- with the dialog (either through successful authentication
- or by cancelling) a reply including whether the
- authorization was gained is sent back to the File Manager
- </para>
- <para>
- As mentioned, an authorization has a notion of scope which
- is indicated in
- the <link linkend="polkit-polkit-result">PolKitResult</link>
- value from <literal>libpolkit</literal>. The user, when
- authenticating, can also opt to lessen the scope
- (e.g. keep the authorization only for the remainder of his
- desktop session instead of forever)
- (see <link linkend="PolKitGrantOverrideGrantType">this
- section</link> for details) but he can never widen it -
- this is checked and enforced by the privileged helper
- program. The way the authorization is stored is as
- follows:
- <itemizedlist>
- <listitem>
- <para>
- For POLKIT_RESULT_AUTH_[SELF|ADMIN] the
- authorization is limited to the requesting process;
- in this example it would be the File Manager. Thus,
- the UNIX process id (and start time of the process
- to avoid clashes caused by pid recycling) is used as
- the primary key in the Authorization
- Database. Entries like these are flushed when the
- system is restarted.
- </para>
- </listitem>
- <listitem>
- <para>
- For POLKIT_RESULT_AUTH_[SELF|ADMIN]_KEEP_SESSION the
- authorization is limited to processes in the same
- desktop session as the calling process (e.g. the
- File Manager). The ConsoleKit session identifier is
- used as the the primary key in the Authorization
- Database. Entries like these are also flushed when
- the system is restarted.
- </para>
- </listitem>
- <listitem>
- <para>
- For POLKIT_RESULT_AUTH_[SELF|ADMIN]_KEEP_ALWAYS the
- authorization is limited to processes owned by the
- same user as the calling process (e.g. the File
- Manager). The UNIX uid of the user is used as the
- the primary key in the Authorization Database. These
- entries are not flushed when the system is
- restarted.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </listitem>
-
- <listitem>
- <para>
- If the File Manager is told by the Authentication Agent
- that the authorization for it to do the
- action <literal>org.freedesktop.hal.storage.mount-fixed</literal>
- was obtained (because the user successfully
- authenticated), it asks the Mechanism (HAL to perform the
- action again. This time, because an entry now exists in
- the Authorization Database, the Mechanism (HAL) will
- receive the answer POLKIT_RESULT_YES
- from <literal>libpolkit</literal> and carry out the action
- on behalf of the File Manager.
- </para>
- </listitem>
-
- </orderedlist>
- </para>
-
- <para>
- Furthermore, as hinted above, any program can check,
- using <literal>libpolkit</literal>, whether a given caller is
- authorized to do a specific Action (though users may be limited
- to asking questions only about themselves; not about other
- users). This is a feature, not a bug, as it allows to build user
- interfaces where it's possible to use this information to aid
- the user in carrying out work.
- </para>
- <para>
- For example, the UI configuration dialog for the desktop clock
- may provide a button for reconfiguring the system time (which is
- a privileged operation). Using <literal>libpolkit</literal>, the
- desktop code can determine, in advance, if the user is
- authorized to do the
- Action <literal>org.gnome.clockapplet.mechanism.settime</literal>. If
- the user is authorized, the desktop will paint an ordinary
- button <literal>"Set System Time"</literal>, if authentication
- is required, it can paint another button <literal>"[L] Set
- System Time..."</literal> where the L is an icon depicting a
- closed padlock and if the answer is POLKIT_RESULT_NO it can make
- the button insensitive so it can't be clicked. In fact, the
- aforementioned PolicyKit-gnome library, provides
- exactly <ulink type="http"
- url="http://hal.freedesktop.org/docs/PolicyKit-gnome/PolKitGnomeAction.html">such
- services</ulink> for GTK+ applications.
- </para>
-
- <para>
- In order to keep the PolicyKit model reasonably simple, there is
- no representation of the Object. Instead, a Mechanism that cares
- about Objects (and many don't; for example, Mechanisms to change
- the timezone, punch a hole in the firewall or add a user all
- operate on a singleton Object: the system as a whole) must
- instead divide a given Action into multiple sub-Actions
- depending on the nature of the Object.
- </para>
-
- <para>
- For example, consider a Mechanism for dial-up networking. Here,
- the Subject is a UI applet running in a desktop session, the
- Object is the phone number to dial and the Action is to
- establish the connection (another Action could be to hang-up an
- existing connection). Suppose that the Mechanism has a
- white-list of phone numbers that are trusted; this could simply
- be a
- directory <literal>/var/lib/dialup-helper/trusted-dialup.d</literal>
- where the system administrator can drop simple text or XML files
- with phone numbers that are considered safe to dial. If the
- phone number given by the client matches this white-list, the
- Mechanism chooses the Action to
- be <literal>dialup-connect-trusted</literal>. If it's not in the
- white-list, the Action will be
- <literal>dialup-connect-untrusted</literal>. Hence, depending
- on how PolicyKit is configured it may return different answers
- since these are different Actions; one sensible thing in a
- default desktop rollout would be to always allow the
- Action <literal>dialup-connect-trusted</literal> for local
- active sessions and always require authentication for the Action
- <literal>dialup-connect-untrusted</literal>.
- </para>
- </sect1>
-
- <sect1 id="model-authentication-agent">
- <title>Authentication Agent</title>
- <para>
- To gain authorizations through authentication, an Authentication
- Agent is used. The section defines an abstract interface that
- applications can use to interact with such an agent. This allows
- different desktop environments to implement different agents
- with native look and feel.
- </para>
- <para>
- The interface is quite simple. Basically, a PolicyKit
- Authentication Agent must provide the D-Bus session service with
- the unique
- name <literal>org.freedesktop.PolicyKit.AuthenticationAgent</literal>
- that exposes a single object with the path <literal>/</literal> that exports the
- <literal>org.freedesktop.PolicyKit.AuthenticationAgent</literal>
- D-Bus interface. The interface is defined by the following D-Bus
- introspection data:
-
-<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../data/org.freedesktop.PolicyKit.AuthenticationAgent.xml" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
-
- This file is available
- as <literal>/usr/share/dbus-1/interfaces/org.freedesktop.PolicyKit.AuthenticationAgent.xml</literal>
- on a system with PolicyKit development packages installed. It
- can be used to generating client glue code.
- </para>
- </sect1>
-
-</chapter>
diff --git a/doc/version.xml.in b/doc/version.xml.in
deleted file mode 100644
index d78bda9..0000000
--- a/doc/version.xml.in
+++ /dev/null
@@ -1 +0,0 @@
- at VERSION@
diff --git a/examples/tracker-example/README b/examples/tracker-example/README
deleted file mode 100644
index b2d0e3b..0000000
--- a/examples/tracker-example/README
+++ /dev/null
@@ -1,4 +0,0 @@
-
-This is a simple example to show how the PolKitTracker class is
-used. For a detailed explanation, refer to the API docs for
-PolKitTracker.
diff --git a/examples/tracker-example/dk.fubar.PolKitTestService.conf b/examples/tracker-example/dk.fubar.PolKitTestService.conf
deleted file mode 100644
index 84650e3..0000000
--- a/examples/tracker-example/dk.fubar.PolKitTestService.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
-<!DOCTYPE busconfig PUBLIC
- "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
- <policy context="default">
- <allow own="dk.fubar.PolKitTestService"/>
- </policy>
-</busconfig>
-
diff --git a/examples/tracker-example/tracker-example-client.py b/examples/tracker-example/tracker-example-client.py
deleted file mode 100755
index 2b658c2..0000000
--- a/examples/tracker-example/tracker-example-client.py
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/usr/bin/python
-
-import dbus
-import time
-
-bus = dbus.Bus(dbus.Bus.TYPE_SYSTEM)
-obj = dbus.Interface(bus.get_object("dk.fubar.PolKitTestService", "/"), "dk.fubar.PolKitTestService")
-
-while True:
- print obj.Test()
- time.sleep(1)
diff --git a/examples/tracker-example/tracker-example.c b/examples/tracker-example/tracker-example.c
deleted file mode 100644
index 406f3fc..0000000
--- a/examples/tracker-example/tracker-example.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * Small example of how to use the PolKitTracker class.
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use,
- * copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following
- * conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- */
-
-#include <stdio.h>
-#include <glib.h>
-#include <dbus/dbus.h>
-#include <polkit-dbus/polkit-dbus.h>
-
-/* Note, on purpose, there is little or no error checking done
- * anywhere in this program. Use at your own risk.
- */
-
-static void
-print_caller (PolKitTracker *pk_tracker, const char *dbus_name)
-{
- DBusError error;
- PolKitCaller *caller;
-
- dbus_error_init (&error);
-
- caller = polkit_tracker_get_caller_from_dbus_name (pk_tracker,
- dbus_name,
- &error);
- if (caller == NULL) {
- g_warning ("Error getting PolKitCaller for '%s': %s: %s",
- dbus_name, error.name, error.message);
- dbus_error_free (&error);
- } else {
- /* got it; print it to stdout */
- printf ("\n");
- polkit_caller_debug (caller);
- polkit_caller_unref (caller);
- }
-}
-
-static DBusHandlerResult
-filter (DBusConnection *connection, DBusMessage *message, void *user_data)
-{
- PolKitTracker *pk_tracker = (PolKitTracker *) user_data;
- char *name;
- char *new_service_name;
- char *old_service_name;
-
- /* pass NameOwnerChanged signals from the bus and ConsoleKit to PolKitTracker */
- if (dbus_message_is_signal (message, DBUS_INTERFACE_DBUS, "NameOwnerChanged") ||
- g_str_has_prefix (dbus_message_get_interface (message), "org.freedesktop.ConsoleKit")) {
- polkit_tracker_dbus_func (pk_tracker, message);
- }
-
- /* handle calls into our test service */
- if (dbus_message_is_method_call (message, "dk.fubar.PolKitTestService", "Test")) {
- DBusMessage *reply;
- const char *reply_str = "Right back at y'all!";
-
- print_caller (pk_tracker, dbus_message_get_sender (message));
-
- reply = dbus_message_new_method_return (message);
- dbus_message_append_args (reply,
- DBUS_TYPE_STRING, &reply_str,
- DBUS_TYPE_INVALID);
- dbus_connection_send (connection, reply, NULL);
- dbus_message_unref (reply);
-
- /* this one we do handle */
- return DBUS_HANDLER_RESULT_HANDLED;
- }
-
- /* other filters might want to process this message too */
- return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
-}
-
-
-int
-main (int argc, char *argv[])
-{
- DBusError error;
- DBusConnection *con;
- GMainLoop *loop;
- PolKitTracker *pk_tracker;
-
- /* This is needed to get something out of polkit_caller_debug() */
- g_setenv ("POLKIT_DEBUG", "1", TRUE);
-
- loop = g_main_loop_new (NULL, FALSE);
-
- dbus_error_init (&error);
- con = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
-
- pk_tracker = polkit_tracker_new ();
- polkit_tracker_set_system_bus_connection (pk_tracker, con);
- polkit_tracker_init (pk_tracker);
-
- /* need to listen to NameOwnerChanged */
- dbus_bus_add_match (con,
- "type='signal'"
- ",interface='"DBUS_INTERFACE_DBUS"'"
- ",sender='"DBUS_SERVICE_DBUS"'"
- ",member='NameOwnerChanged'",
- &error);
-
- /* need to listen to ConsoleKit signals */
- dbus_bus_add_match (con,
- "type='signal',sender='org.freedesktop.ConsoleKit'",
- &error);
-
- /* own a simple service */
- dbus_bus_request_name (con, "dk.fubar.PolKitTestService", DBUS_NAME_FLAG_REPLACE_EXISTING, &error);
-
- dbus_connection_add_filter (con, filter, pk_tracker, NULL);
- dbus_connection_setup_with_g_main (con, g_main_loop_get_context (loop));
-
- g_main_loop_run (loop);
- return 0;
-}
diff --git a/gtk-doc.make b/gtk-doc.make
deleted file mode 100644
index 3c3e39a..0000000
--- a/gtk-doc.make
+++ /dev/null
@@ -1,159 +0,0 @@
-# -*- mode: makefile -*-
-
-####################################
-# Everything below here is generic #
-####################################
-
-if GTK_DOC_USE_LIBTOOL
-GTKDOC_CC = $(LIBTOOL) --mode=compile $(CC) $(INCLUDES) $(AM_CFLAGS) $(CFLAGS)
-GTKDOC_LD = $(LIBTOOL) --mode=link $(CC) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS)
-else
-GTKDOC_CC = $(CC) $(INCLUDES) $(AM_CFLAGS) $(CFLAGS)
-GTKDOC_LD = $(CC) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS)
-endif
-
-# We set GPATH here; this gives us semantics for GNU make
-# which are more like other make's VPATH, when it comes to
-# whether a source that is a target of one rule is then
-# searched for in VPATH/GPATH.
-#
-GPATH = $(srcdir)
-
-TARGET_DIR=$(HTML_DIR)/$(DOC_MODULE)
-
-EXTRA_DIST = \
- $(content_files) \
- $(HTML_IMAGES) \
- $(DOC_MAIN_SGML_FILE) \
- $(DOC_MODULE)-sections.txt \
- $(DOC_MODULE)-overrides.txt
-
-DOC_STAMPS=scan-build.stamp tmpl-build.stamp sgml-build.stamp html-build.stamp \
- $(srcdir)/tmpl.stamp $(srcdir)/sgml.stamp $(srcdir)/html.stamp
-
-SCANOBJ_FILES = \
- $(DOC_MODULE).args \
- $(DOC_MODULE).hierarchy \
- $(DOC_MODULE).interfaces \
- $(DOC_MODULE).prerequisites \
- $(DOC_MODULE).signals
-
-CLEANFILES = $(SCANOBJ_FILES) $(DOC_MODULE)-unused.txt $(DOC_STAMPS)
-
-if ENABLE_GTK_DOC
-all-local: html-build.stamp
-else
-all-local:
-endif
-
-docs: html-build.stamp
-
-#### scan ####
-
-scan-build.stamp: $(HFILE_GLOB) $(CFILE_GLOB)
- @echo 'gtk-doc: Scanning header files'
- @-chmod -R u+w $(srcdir)
- cd $(srcdir) && \
- gtkdoc-scan --module=$(DOC_MODULE) --source-dir=$(DOC_SOURCE_DIR) --ignore-headers="$(IGNORE_HFILES)" $(SCAN_OPTIONS) $(EXTRA_HFILES)
- if grep -l '^..*$$' $(srcdir)/$(DOC_MODULE).types > /dev/null 2>&1 ; then \
- CC="$(GTKDOC_CC)" LD="$(GTKDOC_LD)" CFLAGS="$(GTKDOC_CFLAGS)" LDFLAGS="$(GTKDOC_LIBS)" gtkdoc-scangobj $(SCANGOBJ_OPTIONS) --module=$(DOC_MODULE) --output-dir=$(srcdir) ; \
- else \
- cd $(srcdir) ; \
- for i in $(SCANOBJ_FILES) ; do \
- test -f $$i || touch $$i ; \
- done \
- fi
- touch scan-build.stamp
-
-$(DOC_MODULE)-decl.txt $(SCANOBJ_FILES) $(DOC_MODULE)-sections.txt $(DOC_MODULE)-overrides.txt: scan-build.stamp
- @true
-
-#### templates ####
-
-tmpl-build.stamp: $(DOC_MODULE)-decl.txt $(SCANOBJ_FILES) $(DOC_MODULE)-sections.txt $(DOC_MODULE)-overrides.txt
- @echo 'gtk-doc: Rebuilding template files'
- @-chmod -R u+w $(srcdir)
- cd $(srcdir) && gtkdoc-mktmpl --module=$(DOC_MODULE) $(MKTMPL_OPTIONS)
- touch tmpl-build.stamp
-
-tmpl.stamp: tmpl-build.stamp
- @true
-
-tmpl/*.sgml:
- @true
-
-
-#### xml ####
-
-sgml-build.stamp: tmpl.stamp $(HFILE_GLOB) $(CFILE_GLOB) $(DOC_MODULE)-sections.txt $(srcdir)/tmpl/*.sgml $(expand_content_files)
- @echo 'gtk-doc: Building XML'
- @-chmod -R u+w $(srcdir)
- cd $(srcdir) && \
- gtkdoc-mkdb --module=$(DOC_MODULE) --source-dir=$(DOC_SOURCE_DIR) --output-format=xml --expand-content-files="$(expand_content_files)" --main-sgml-file=$(DOC_MAIN_SGML_FILE) $(MKDB_OPTIONS)
- touch sgml-build.stamp
-
-sgml.stamp: sgml-build.stamp
- @true
-
-#### html ####
-
-html-build.stamp: sgml.stamp $(DOC_MAIN_SGML_FILE) $(content_files)
- @echo 'gtk-doc: Building HTML'
- @-chmod -R u+w $(srcdir)
- rm -rf $(srcdir)/html
- mkdir $(srcdir)/html
- cd $(srcdir)/html && gtkdoc-mkhtml $(DOC_MODULE) ../$(DOC_MAIN_SGML_FILE)
- test "x$(HTML_IMAGES)" = "x" || ( cd $(srcdir) && cp $(HTML_IMAGES) html )
- @echo 'gtk-doc: Fixing cross-references'
- cd $(srcdir) && gtkdoc-fixxref --module-dir=html --html-dir=$(HTML_DIR) $(FIXXREF_OPTIONS)
- touch html-build.stamp
-
-##############
-
-clean-local:
- rm -f *~ *.bak
- rm -rf .libs
-
-maintainer-clean-local: clean
- cd $(srcdir) && rm -rf xml html $(DOC_MODULE)-decl-list.txt $(DOC_MODULE)-decl.txt
-
-install-data-local:
- installfiles=`echo $(srcdir)/html/*`; \
- if test "$$installfiles" = '$(srcdir)/html/*'; \
- then echo '-- Nothing to install' ; \
- else \
- $(mkinstalldirs) $(DESTDIR)$(TARGET_DIR); \
- for i in $$installfiles; do \
- echo '-- Installing '$$i ; \
- $(INSTALL_DATA) $$i $(DESTDIR)$(TARGET_DIR); \
- done; \
- echo '-- Installing $(srcdir)/html/index.sgml' ; \
- $(INSTALL_DATA) $(srcdir)/html/index.sgml $(DESTDIR)$(TARGET_DIR) || :; \
- fi
-
-uninstall-local:
- rm -f $(DESTDIR)$(TARGET_DIR)/*
-
-#
-# Require gtk-doc when making dist
-#
-if ENABLE_GTK_DOC
-dist-check-gtkdoc:
-else
-dist-check-gtkdoc:
- @echo "*** gtk-doc must be installed and enabled in order to make dist"
- @false
-endif
-
-dist-hook: dist-check-gtkdoc dist-hook-local
- mkdir $(distdir)/tmpl
- mkdir $(distdir)/xml
- mkdir $(distdir)/html
- -cp $(srcdir)/tmpl/*.sgml $(distdir)/tmpl
- -cp $(srcdir)/xml/*.xml $(distdir)/xml
- cp $(srcdir)/html/* $(distdir)/html
- if test -f $(srcdir)/$(DOC_MODULE).types; then \
- cp $(srcdir)/$(DOC_MODULE).types $(distdir)/$(DOC_MODULE).types; \
- fi
-
-.PHONY : dist-hook-local docs
diff --git a/mkinstalldirs b/mkinstalldirs
deleted file mode 100755
index d2d5f21..0000000
--- a/mkinstalldirs
+++ /dev/null
@@ -1,111 +0,0 @@
-#! /bin/sh
-# mkinstalldirs --- make directory hierarchy
-# Author: Noah Friedman <friedman at prep.ai.mit.edu>
-# Created: 1993-05-16
-# Public domain
-
-errstatus=0
-dirmode=""
-
-usage="\
-Usage: mkinstalldirs [-h] [--help] [-m mode] dir ..."
-
-# process command line arguments
-while test $# -gt 0 ; do
- case $1 in
- -h | --help | --h*) # -h for help
- echo "$usage" 1>&2
- exit 0
- ;;
- -m) # -m PERM arg
- shift
- test $# -eq 0 && { echo "$usage" 1>&2; exit 1; }
- dirmode=$1
- shift
- ;;
- --) # stop option processing
- shift
- break
- ;;
- -*) # unknown option
- echo "$usage" 1>&2
- exit 1
- ;;
- *) # first non-opt arg
- break
- ;;
- esac
-done
-
-for file
-do
- if test -d "$file"; then
- shift
- else
- break
- fi
-done
-
-case $# in
- 0) exit 0 ;;
-esac
-
-case $dirmode in
- '')
- if mkdir -p -- . 2>/dev/null; then
- echo "mkdir -p -- $*"
- exec mkdir -p -- "$@"
- fi
- ;;
- *)
- if mkdir -m "$dirmode" -p -- . 2>/dev/null; then
- echo "mkdir -m $dirmode -p -- $*"
- exec mkdir -m "$dirmode" -p -- "$@"
- fi
- ;;
-esac
-
-for file
-do
- set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
- shift
-
- pathcomp=
- for d
- do
- pathcomp="$pathcomp$d"
- case $pathcomp in
- -*) pathcomp=./$pathcomp ;;
- esac
-
- if test ! -d "$pathcomp"; then
- echo "mkdir $pathcomp"
-
- mkdir "$pathcomp" || lasterr=$?
-
- if test ! -d "$pathcomp"; then
- errstatus=$lasterr
- else
- if test ! -z "$dirmode"; then
- echo "chmod $dirmode $pathcomp"
- lasterr=""
- chmod "$dirmode" "$pathcomp" || lasterr=$?
-
- if test ! -z "$lasterr"; then
- errstatus=$lasterr
- fi
- fi
- fi
- fi
-
- pathcomp="$pathcomp/"
- done
-done
-
-exit $errstatus
-
-# Local Variables:
-# mode: shell-script
-# sh-indentation: 2
-# End:
-# mkinstalldirs ends here
diff --git a/po/ChangeLog b/po/ChangeLog
deleted file mode 100644
index e69de29..0000000
diff --git a/po/LINGUAS b/po/LINGUAS
deleted file mode 100644
index b72d517..0000000
--- a/po/LINGUAS
+++ /dev/null
@@ -1,4 +0,0 @@
-# please keep this list sorted alphabetically
-#
-
-
diff --git a/po/POTFILES.in b/po/POTFILES.in
deleted file mode 100644
index b93a173..0000000
--- a/po/POTFILES.in
+++ /dev/null
@@ -1,4 +0,0 @@
-# List of source files containing translatable strings.
-# Please keep this file sorted alphabetically.
-[encoding: UTF-8]
-policy/org.freedesktop.policykit.policy.in
diff --git a/policy/Makefile.am b/policy/Makefile.am
deleted file mode 100644
index d062a8e..0000000
--- a/policy/Makefile.am
+++ /dev/null
@@ -1,16 +0,0 @@
-
-polkit_actiondir = $(datadir)/polkit-1/actions
-
-dist_polkit_action_DATA = org.freedesktop.policykit.policy
-
- at INTLTOOL_POLICY_RULE@
-
-check:
- $(top_builddir)/tools/polkit-policy-file-validate-1 $(top_srcdir)/policy/$(dist_polkit_action_DATA)
-
-clean-local :
- rm -f *~
-
-DISTCLEANFILES = org.freedesktop.policykit.policy
-
-EXTRA_DIST = org.freedesktop.policykit.policy.in
diff --git a/policy/org.freedesktop.policykit.policy.in b/policy/org.freedesktop.policykit.policy.in
deleted file mode 100644
index c2e8652..0000000
--- a/policy/org.freedesktop.policykit.policy.in
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-
-<!DOCTYPE policyconfig PUBLIC
- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-
-<!--
-Policy definitions for core PolicyKit actions
-
-Copyright (c) 2007 David Zeuthen <david at fubar.dk>
-
-NOTE: If you make changes to this file, make sure to validate the file
-using the polkit-policy-file-validate(1) tool. Changes made to this
-file are instantly applied.
--->
-
-<policyconfig>
- <vendor>The PolicyKit Project</vendor>
- <vendor_url>http://hal.freedesktop.org/docs/PolicyKit/</vendor_url>
-
- <action id="org.freedesktop.policykit.read">
- <_description>Read authorizations of other users</_description>
- <_message>Authentication is required to read authorizations of other users</_message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
- <action id="org.freedesktop.policykit.revoke">
- <_description>Revoke authorizations from other users</_description>
- <_message>Authentication is required to revoke authorizations other users</_message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
- <action id="org.freedesktop.policykit.grant">
- <_description>Grant authorizations to other users</_description>
- <_message>Authentication is required to grant authorizations to other users</_message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
- <action id="org.freedesktop.policykit.modify-defaults">
- <_description>Modify defaults for implicit authorizations</_description>
- <_message>Authentication is required to modify the defaults for implicit authorizations</_message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/polkit-backendd/Makefile.am b/polkit-backendd/Makefile.am
deleted file mode 100644
index f35c178..0000000
--- a/polkit-backendd/Makefile.am
+++ /dev/null
@@ -1,63 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-INCLUDES = \
- -I$(top_builddir)/src -I$(top_srcdir)/src \
- -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
- -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
- -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
- -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
- -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
- -DPOLKIT_COMPILATION \
- $(DBUS_GLIB_CFLAGS) \
- @GLIB_CFLAGS@
-
-BUILT_SOURCES = \
- polkit-daemon-backend-glue.h
-
-polkit-daemon-backend-glue.h: org.freedesktop.PolicyKit.Backend.xml Makefile.am
- dbus-binding-tool --prefix=polkit_daemon_backend --mode=glib-server --output=polkit-daemon-backend-glue.h org.freedesktop.PolicyKit.Backend.xml
-
-libexec_PROGRAMS = polkit-backendd
-
-polkit_backendd_SOURCES = \
- polkit-daemon-backend.h polkit-daemon-backend.c \
- main.c \
- $(BUILT_SOURCES)
-
-polkit_backendd_CPPFLAGS = \
- -I$(top_srcdir)/src \
- -DG_LOG_DOMAIN=\"polkit_backendd\" \
- -DDATADIR=\""$(pkgdatadir)"\" \
- -DGNOMELOCALEDIR=\""$(datadir)/locale"\" \
- $(DISABLE_DEPRECATED) \
- $(AM_CPPFLAGS)
-
-polkit_backendd_LDADD = \
- $(DBUS_GLIB_LIBS) \
- $(top_builddir)/src/kit/libkit.la \
- $(top_builddir)/src/polkit/libpolkit-1.la
-
-
-servicedir = $(datadir)/dbus-1/system-services
-service_in_files = org.freedesktop.PolicyKit.Backend.service.in
-service_DATA = $(service_in_files:.service.in=.service)
-
-$(service_DATA): $(service_in_files) Makefile
- @sed -e "s|\@libexecdir\@|$(libexecdir)|" $< > $@
-
-dbusconfdir = $(sysconfdir)/dbus-1/system.d
-dbusconf_in_files = org.freedesktop.PolicyKit.Backend.conf.in
-dbusconf_DATA = $(dbusconf_in_files:.conf.in=.conf)
-
-$(dbusconf_DATA): $(dbusconf_in_files) Makefile
- @sed -e "s|\@polkituser\@|$(POLKIT_USER)|" $< > $@
-
-CLEANFILES = $(BUILT_SOURCES)
-
-EXTRA_DIST = org.freedesktop.PolicyKit.Backend.xml $(service_in_files) $(dbusconf_in_files)
-
-clean-local :
- rm -f *~ $(service_DATA) $(dbusconf_DATA)
diff --git a/polkit-backendd/main.c b/polkit-backendd/main.c
deleted file mode 100644
index 67f6e15..0000000
--- a/polkit-backendd/main.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
- *
- * Copyright (C) 2007 David Zeuthen <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- */
-
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <signal.h>
-#include <errno.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <pwd.h>
-#include <grp.h>
-
-#include <glib.h>
-#include <glib/gi18n-lib.h>
-#include <glib-object.h>
-
-#define DBUS_API_SUBJECT_TO_CHANGE
-#include <dbus/dbus-glib.h>
-#include <dbus/dbus-glib-lowlevel.h>
-
-#include "polkit-daemon-backend.h"
-
-#define NAME_TO_CLAIM "org.freedesktop.PolicyKit.Backend"
-
-static gboolean
-acquire_name_on_proxy (DBusGProxy *bus_proxy)
-{
- GError *error;
- guint result;
- gboolean res;
- gboolean ret;
-
- ret = FALSE;
-
- if (bus_proxy == NULL) {
- goto out;
- }
-
- error = NULL;
- res = dbus_g_proxy_call (bus_proxy,
- "RequestName",
- &error,
- G_TYPE_STRING, NAME_TO_CLAIM,
- G_TYPE_UINT, 0,
- G_TYPE_INVALID,
- G_TYPE_UINT, &result,
- G_TYPE_INVALID);
- if (! res) {
- if (error != NULL) {
- g_warning ("Failed to acquire %s: %s", NAME_TO_CLAIM, error->message);
- g_error_free (error);
- } else {
- g_warning ("Failed to acquire %s", NAME_TO_CLAIM);
- }
- goto out;
- }
-
- if (result != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER) {
- if (error != NULL) {
- g_warning ("Failed to acquire %s: %s", NAME_TO_CLAIM, error->message);
- g_error_free (error);
- } else {
- g_warning ("Failed to acquire %s", NAME_TO_CLAIM);
- }
- goto out;
- }
-
- ret = TRUE;
-
- out:
- return ret;
-}
-
-int
-main (int argc, char **argv)
-{
- GError *error;
- GMainLoop *loop;
- PolKitDaemonBackend *daemon;
- GOptionContext *context;
- DBusGProxy *bus_proxy;
- DBusGConnection *bus;
- int ret;
- static gboolean no_exit = FALSE;
- static GOptionEntry entries [] = {
- { "no-exit", 0, 0, G_OPTION_ARG_NONE, &no_exit, "Don't exit after 30 seconds of inactivity", NULL },
- { NULL }
- };
-
- ret = 1;
-
- g_type_init ();
-
- context = g_option_context_new ("PolicyKit backend daemon");
- g_option_context_add_main_entries (context, entries, NULL);
- g_option_context_parse (context, &argc, &argv, NULL);
- g_option_context_free (context);
-
- error = NULL;
- bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
- if (bus == NULL) {
- g_warning ("Couldn't connect to system bus: %s", error->message);
- g_error_free (error);
- goto out;
- }
-
- bus_proxy = dbus_g_proxy_new_for_name (bus,
- DBUS_SERVICE_DBUS,
- DBUS_PATH_DBUS,
- DBUS_INTERFACE_DBUS);
- if (bus_proxy == NULL) {
- g_warning ("Could not construct bus_proxy object; bailing out");
- goto out;
- }
-
- if (!acquire_name_on_proxy (bus_proxy) ) {
- g_warning ("Could not acquire name; bailing out");
- goto out;
- }
-
- g_debug ("Starting polkit-backendd version %s", VERSION);
-
- daemon = polkit_daemon_backend_new (no_exit);
-
- if (daemon == NULL) {
- goto out;
- }
-
- loop = g_main_loop_new (NULL, FALSE);
-
- g_main_loop_run (loop);
-
- g_object_unref (daemon);
- g_main_loop_unref (loop);
- ret = 0;
-
-out:
- return ret;
-}
diff --git a/polkit-backendd/org.freedesktop.PolicyKit.Backend.conf.in b/polkit-backendd/org.freedesktop.PolicyKit.Backend.conf.in
deleted file mode 100644
index 470c6a5..0000000
--- a/polkit-backendd/org.freedesktop.PolicyKit.Backend.conf.in
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
-
-<!DOCTYPE busconfig PUBLIC
- "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
- <!-- Only @polkituser@ can own the service -->
- <policy user="root">
- <allow own="org.freedesktop.PolicyKit.Backend"/>
- </policy>
-</busconfig>
diff --git a/polkit-backendd/org.freedesktop.PolicyKit.Backend.service.in b/polkit-backendd/org.freedesktop.PolicyKit.Backend.service.in
deleted file mode 100644
index 8769bd7..0000000
--- a/polkit-backendd/org.freedesktop.PolicyKit.Backend.service.in
+++ /dev/null
@@ -1,4 +0,0 @@
-[D-BUS Service]
-Name=org.freedesktop.PolicyKit.Backend
-Exec=@libexecdir@/polkit-backendd
-User=root
diff --git a/polkit-backendd/org.freedesktop.PolicyKit.Backend.xml b/polkit-backendd/org.freedesktop.PolicyKit.Backend.xml
deleted file mode 100644
index 017e9e3..0000000
--- a/polkit-backendd/org.freedesktop.PolicyKit.Backend.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
-<node name="/">
-
- <interface name="org.freedesktop.PolicyKit.Backend">
-
- <method name="Hello">
- <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
- <arg name="message" direction="in" type="s"/>
- <arg name="result" direction="out" type="s"/>
- </method>
-
- <method name="GetPolicyEntries">
- <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
- <arg name="result" direction="out" type="as"/>
- </method>
-
- </interface>
-</node>
diff --git a/polkit-backendd/polkit-daemon-backend.c b/polkit-backendd/polkit-daemon-backend.c
deleted file mode 100644
index d0ad546..0000000
--- a/polkit-backendd/polkit-daemon-backend.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
- *
- * Copyright (C) 2007 David Zeuthen <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- */
-
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <signal.h>
-#include <errno.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/time.h>
-#include <sys/resource.h>
-#include <fcntl.h>
-#include <signal.h>
-
-#include <glib.h>
-#include <glib/gi18n-lib.h>
-#include <glib-object.h>
-#include <dbus/dbus-glib.h>
-#include <dbus/dbus-glib-lowlevel.h>
-
-#include "polkit-daemon-backend.h"
-
-#include <polkit/polkit.h>
-#include <polkit/polkit-private.h>
-
-static gboolean no_exit = FALSE;
-
-/*--------------------------------------------------------------------------------------------------------------*/
-#include "polkit-daemon-backend-glue.h"
-
-static gboolean
-do_exit (gpointer user_data)
-{
- g_debug ("Exiting due to inactivity");
- exit (1);
- return FALSE;
-}
-
-static void
-reset_killtimer (void)
-{
- static guint timer_id = 0;
-
- if (no_exit)
- return;
-
- if (timer_id > 0) {
- g_source_remove (timer_id);
- }
- g_debug ("Setting killtimer to 30 seconds...");
- timer_id = g_timeout_add (30 * 1000, do_exit, NULL);
-}
-
-struct PolKitDaemonBackendPrivate
-{
- DBusGConnection *system_bus_connection;
- DBusGProxy *system_bus_proxy;
- PolKitContext *pk_context;
- PolKitTracker *pk_tracker;
-};
-
-static void polkit_daemon_backend_class_init (PolKitDaemonBackendClass *klass);
-static void polkit_daemon_backend_init (PolKitDaemonBackend *seat);
-static void polkit_daemon_backend_finalize (GObject *object);
-
-G_DEFINE_TYPE (PolKitDaemonBackend, polkit_daemon_backend, G_TYPE_OBJECT)
-
-#define POLKIT_DAEMON_BACKEND_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_DAEMON_BACKEND, PolKitDaemonBackendPrivate))
-
-GQuark
-polkit_daemon_backend_error_quark (void)
-{
- static GQuark ret = 0;
-
- if (ret == 0) {
- ret = g_quark_from_static_string ("polkit_daemon_backend_error");
- }
-
- return ret;
-}
-
-
-#define ENUM_ENTRY(NAME, DESC) { NAME, "" #NAME "", DESC }
-
-GType
-polkit_daemon_backend_error_get_type (void)
-{
- static GType etype = 0;
-
- if (etype == 0)
- {
- static const GEnumValue values[] =
- {
- ENUM_ENTRY (POLKIT_DAEMON_BACKEND_ERROR_GENERAL, "GeneralError"),
- { 0, 0, 0 }
- };
-
- g_assert (POLKIT_DAEMON_BACKEND_NUM_ERRORS == G_N_ELEMENTS (values) - 1);
-
- etype = g_enum_register_static ("PolKitDaemonBackendError", values);
- }
-
- return etype;
-}
-
-
-static GObject *
-polkit_daemon_backend_constructor (GType type,
- guint n_construct_properties,
- GObjectConstructParam *construct_properties)
-{
- PolKitDaemonBackend *daemon_backend;
- PolKitDaemonBackendClass *klass;
-
- klass = POLKIT_DAEMON_BACKEND_CLASS (g_type_class_peek (POLKIT_TYPE_DAEMON_BACKEND));
-
- daemon_backend = POLKIT_DAEMON_BACKEND (
- G_OBJECT_CLASS (polkit_daemon_backend_parent_class)->constructor (type,
- n_construct_properties,
- construct_properties));
-
- return G_OBJECT (daemon_backend);
-}
-
-static void
-polkit_daemon_backend_class_init (PolKitDaemonBackendClass *klass)
-{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->constructor = polkit_daemon_backend_constructor;
- object_class->finalize = polkit_daemon_backend_finalize;
-
- g_type_class_add_private (klass, sizeof (PolKitDaemonBackendPrivate));
-
- dbus_g_object_type_install_info (POLKIT_TYPE_DAEMON_BACKEND, &dbus_glib_polkit_daemon_backend_object_info);
-
- dbus_g_error_domain_register (POLKIT_DAEMON_BACKEND_ERROR, NULL, POLKIT_DAEMON_BACKEND_TYPE_ERROR);
-
-}
-
-static void
-polkit_daemon_backend_init (PolKitDaemonBackend *daemon_backend)
-{
- daemon_backend->priv = POLKIT_DAEMON_BACKEND_GET_PRIVATE (daemon_backend);
-
-}
-
-static void
-polkit_daemon_backend_finalize (GObject *object)
-{
- PolKitDaemonBackend *daemon_backend;
-
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_DAEMON_BACKEND (object));
-
- daemon_backend = POLKIT_DAEMON_BACKEND (object);
-
- g_return_if_fail (daemon_backend->priv != NULL);
-
- g_object_unref (daemon_backend->priv->system_bus_proxy);
-
- G_OBJECT_CLASS (polkit_daemon_backend_parent_class)->finalize (object);
-}
-
-static gboolean
-register_daemon_backend (PolKitDaemonBackend *daemon_backend)
-{
- DBusConnection *connection;
- GError *error = NULL;
-
- error = NULL;
- daemon_backend->priv->system_bus_connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
- if (daemon_backend->priv->system_bus_connection == NULL) {
- if (error != NULL) {
- g_critical ("error getting system bus: %s", error->message);
- g_error_free (error);
- }
- goto error;
- }
- connection = dbus_g_connection_get_connection (daemon_backend->priv->system_bus_connection);
-
- dbus_g_connection_register_g_object (daemon_backend->priv->system_bus_connection, "/",
- G_OBJECT (daemon_backend));
-
- daemon_backend->priv->system_bus_proxy = dbus_g_proxy_new_for_name (daemon_backend->priv->system_bus_connection,
- DBUS_SERVICE_DBUS,
- DBUS_PATH_DBUS,
- DBUS_INTERFACE_DBUS);
-
- reset_killtimer ();
-
- return TRUE;
-
-error:
- return FALSE;
-}
-
-
-PolKitDaemonBackend *
-polkit_daemon_backend_new (gboolean _no_exit)
-{
- GObject *object;
- gboolean res;
-
- no_exit = _no_exit;
-
- object = g_object_new (POLKIT_TYPE_DAEMON_BACKEND, NULL);
-
- res = register_daemon_backend (POLKIT_DAEMON_BACKEND (object));
- if (! res) {
- g_object_unref (object);
- return NULL;
- }
-
- return POLKIT_DAEMON_BACKEND (object);
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-/* exported methods */
-
-gboolean
-polkit_daemon_backend_hello (PolKitDaemonBackend *daemon,
- const char *message,
- DBusGMethodInvocation *context)
-{
- char *s;
-
- s = g_strdup_printf ("You said '%s'", message);
- dbus_g_method_return (context, s);
- g_free (s);
-
- return TRUE;
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-
-
-gboolean
-polkit_daemon_backend_get_policy_entries (PolKitDaemonBackend *daemon,
- DBusGMethodInvocation *context)
-{
- GPtrArray *a;
- PolKitPolicyCache *c;
-
- c = _polkit_policy_cache_new (PACKAGE_DATA_DIR "polkit-1/actions", TRUE, NULL);
- polkit_policy_cache_unref (c);
-
- a = g_ptr_array_new ();
- g_ptr_array_add (a, g_strdup ("foo"));
- g_ptr_array_add (a, g_strdup ("bar"));
- g_ptr_array_add (a, g_strdup ("baz"));
-
- g_ptr_array_add (a, NULL);
- dbus_g_method_return (context, a->pdata);
-
- g_ptr_array_foreach (a, (GFunc) g_free, NULL);
- g_ptr_array_free (a, TRUE);
-
- return TRUE;
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
diff --git a/polkit-backendd/polkit-daemon-backend.h b/polkit-backendd/polkit-daemon-backend.h
deleted file mode 100644
index 65d0d1a..0000000
--- a/polkit-backendd/polkit-daemon-backend.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
- *
- * Copyright (C) 2007 David Zeuthen <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- */
-
-#ifndef __POLKIT_DAEMON_BACKEND_H__
-#define __POLKIT_DAEMON_BACKEND_H__
-
-#include <glib-object.h>
-#include <polkit/polkit.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_DAEMON_BACKEND (polkit_daemon_backend_get_type ())
-#define POLKIT_DAEMON_BACKEND(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_DAEMON_BACKEND, PolKitDaemonBackend))
-#define POLKIT_DAEMON_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_DAEMON_BACKEND, PolKitDaemonBackendClass))
-#define POLKIT_IS_DAEMON_BACKEND(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_DAEMON_BACKEND))
-#define POLKIT_IS_DAEMON_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_DAEMON_BACKEND))
-#define POLKIT_DAEMON_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_DAEMON_BACKEND, PolKitDaemonBackendClass))
-
-typedef struct PolKitDaemonBackendPrivate PolKitDaemonBackendPrivate;
-
-typedef struct
-{
- GObject parent;
- PolKitDaemonBackendPrivate *priv;
-} PolKitDaemonBackend;
-
-typedef struct
-{
- GObjectClass parent_class;
-} PolKitDaemonBackendClass;
-
-typedef enum
-{
- POLKIT_DAEMON_BACKEND_ERROR_GENERAL,
- POLKIT_DAEMON_BACKEND_NUM_ERRORS
-} PolKitDaemonBackendError;
-
-#define POLKIT_DAEMON_BACKEND_ERROR polkit_daemon_backend_error_quark ()
-
-GType polkit_daemon_backend_error_get_type (void);
-#define POLKIT_DAEMON_BACKEND_TYPE_ERROR (polkit_daemon_backend_error_get_type ())
-
-GQuark polkit_daemon_backend_error_quark (void);
-GType polkit_daemon_backend_get_type (void);
-PolKitDaemonBackend *polkit_daemon_backend_new (gboolean no_exit);
-
-/* exported methods */
-
-gboolean polkit_daemon_backend_hello (PolKitDaemonBackend *daemon,
- const char *message,
- DBusGMethodInvocation *context);
-
-gboolean polkit_daemon_backend_get_policy_entries (PolKitDaemonBackend *daemon,
- DBusGMethodInvocation *context);
-
-G_END_DECLS
-
-#endif /* __POLKIT_DAEMON_BACKEND_H__ */
diff --git a/src/Makefile.am b/src/Makefile.am
deleted file mode 100644
index 5e2267f..0000000
--- a/src/Makefile.am
+++ /dev/null
@@ -1,5 +0,0 @@
-
-SUBDIRS = kit polkit polkit-grant
-
-clean-local :
- rm -f *~
diff --git a/src/kit/Makefile.am b/src/kit/Makefile.am
deleted file mode 100644
index 824f48c..0000000
--- a/src/kit/Makefile.am
+++ /dev/null
@@ -1,79 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-NULL =
-
-INCLUDES = \
- -I$(top_builddir)/src -I$(top_srcdir)/src \
- -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
- -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
- -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
- -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
- -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
- -DKIT_COMPILATION \
- @GLIB_CFLAGS@
-
-noinst_LTLIBRARIES=libkit.la
-
-
-libkit_la_SOURCES = \
- kit.h \
- kit-test.h kit-test.c \
- kit-memory.h kit-memory.c \
- kit-string.h kit-string.c \
- kit-lib.h kit-lib.c \
- kit-list.h kit-list.c \
- kit-hash.h kit-hash.c \
- kit-file.h kit-file.c \
- kit-spawn.h kit-spawn.c \
- kit-message.h kit-message.c \
- kit-entity.h kit-entity.c \
- $(NULL)
-
-
-## note that TESTS has special meaning (stuff to use in make check)
-## so if adding tests not to be run in make check, don't add them to
-## TESTS
-if KIT_BUILD_TESTS
-TESTS_ENVIRONMENT=
-TESTS=kit-test
-
-check_PROGRAMS=$(TESTS)
-
-kit_test_SOURCES= \
- kit-test-main.c
-
-kit_test_LDADD=$(top_builddir)/src/kit/libkit.la
-kit_test_LDFLAGS=@R_DYNAMIC_LDFLAG@
-
-if KIT_GCOV_ENABLED
-clean-gcov:
- rm -f *.gcov .libs/*.gcda *.gcda
-
-.PHONY: coverage-report.txt covered-files.txt
-
-covered-files.txt :
- echo $(addprefix src/kit/,$(filter %.c,$(libkit_la_SOURCES))) > covered-files.txt
-
-coverage-report.txt : covered-files.txt clean-gcov all check
- gcov $(filter %.c,$(libkit_la_SOURCES)) -o .libs/ > /dev/null
- $(top_srcdir)/test/create-coverage-report.sh "module kit" `cat covered-files.txt` > coverage-report.txt
-
-check-coverage : coverage-report.txt
- cat coverage-report.txt
-else
-coverage-report.txt:
- @echo "Need to reconfigure with --enable-gcov"
-
-check-coverage:
- @echo "Need to reconfigure with --enable-gcov"
-endif
-
-else
-TESTS=
-endif
-
-clean-local :
- rm -f *~ *.bb *.bbg *.da *.gcov .libs/*.da .libs/*.bbg
diff --git a/src/kit/kit-entity.c b/src/kit/kit-entity.c
deleted file mode 100644
index bbc2012..0000000
--- a/src/kit/kit-entity.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-entity.c : Entity management
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-#ifdef BUILT_R_DYNAMIC
-#include <execinfo.h>
-#endif
-
-#include <kit/kit-entity.h>
-#include <kit/kit-test.h>
-
-/**
- * SECTION:kit-entity
- * @title: Entity management
- * @short_description: Entity management
- *
- * Functions used for entity management.
- **/
-
-#ifdef KIT_BUILD_TESTS
-
-/**
- * kit_getpwnam:
- * @username: user name to look up
- *
- * Like getpwnam(3) from the standard C library but tweaked for unit
- * testing. TODO: explain how.
- *
- * Returns: See getpwnam(3)
- */
-struct passwd *
-kit_getpwnam (const char *username)
-{
- struct passwd *pw;
- FILE *f;
- const char *passwd_file;
-
- f = NULL;
- pw = NULL;
-
- if ((passwd_file = getenv ("KIT_TEST_PASSWD_FILE")) == NULL)
- return getpwnam (username);
-
- f = fopen (passwd_file, "r");
- if (f == NULL)
- goto out;
-
- while ((pw = fgetpwent (f)) != NULL) {
- if (strcmp (pw->pw_name, username) == 0)
- goto out;
- }
-
-out:
- if (f != NULL)
- fclose (f);
- return pw;
-}
-
-/**
- * kit_getpwuid:
- * @uid: uid to look up
- *
- * Like getpwuid(3) from the standard C library but tweaked for unit
- * testing. TODO: explain how.
- *
- * Returns: See getpwuid(3)
- */
-struct passwd *
-kit_getpwuid (uid_t uid)
-{
- struct passwd *pw;
- FILE *f;
- const char *passwd_file;
-
- f = NULL;
- pw = NULL;
-
- if ((passwd_file = getenv ("KIT_TEST_PASSWD_FILE")) == NULL)
- return getpwuid (uid);
-
- f = fopen (passwd_file, "r");
- if (f == NULL)
- goto out;
-
- while ((pw = fgetpwent (f)) != NULL) {
- if (pw->pw_uid == uid)
- goto out;
- }
-
-out:
- if (f != NULL)
- fclose (f);
- return pw;
-}
-
-#else
-
-struct passwd *
-kit_getpwnam (const char *username)
-{
- return getpwnam (username);
-}
-
-struct passwd *
-kit_getpwuid (uid_t uid)
-{
- return getpwuid (uid);
-}
-#endif
-
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-KitTest _test_entity = {
- "kit_entity",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-entity.h b/src/kit/kit-entity.h
deleted file mode 100644
index 91b4e51..0000000
--- a/src/kit/kit-entity.h
+++ /dev/null
@@ -1,52 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-entity.h : Entity management
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_ENTITY_H
-#define KIT_ENTITY_H
-
-#include <stdarg.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-struct passwd *kit_getpwnam (const char *username);
-struct passwd *kit_getpwuid (uid_t uid);
-
-KIT_END_DECLS
-
-#endif /* KIT_ENTITY_H */
-
-
diff --git a/src/kit/kit-file.c b/src/kit/kit-file.c
deleted file mode 100644
index 438f6c2..0000000
--- a/src/kit/kit-file.c
+++ /dev/null
@@ -1,367 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-file.c : File utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <string.h>
-#include <dirent.h>
-
-#include <kit/kit.h>
-#include "kit-test.h"
-
-
-/**
- * SECTION:kit-file
- * @title: File utilities
- * @short_description: File utilities
- *
- * Various file utilities.
- **/
-
-#define BUF_SIZE 4096
-
-/**
- * kit_file_get_contents:
- * @path: path to file
- * @out_contents: Return location for allocated memory. Free with kit_free().
- * @out_contents_size: Return location for size of the file.
- *
- * Reads an entire file into allocated memory.
- *
- * Returns: #TRUE if the file was read into memory; #FALSE if an error
- * occured and errno will be set. On OOM, errno will be set to
- * ENOMEM. If the file doesn't exist, errno will be set to ENOENT.
- */
-kit_bool_t
-kit_file_get_contents (const char *path, char **out_contents, size_t *out_contents_size)
-{
- int fd;
- kit_bool_t ret;
- ssize_t num_read;
- char *p;
- char *q;
- size_t total_allocated;
- size_t total_size;
- char buf[BUF_SIZE];
-
- kit_return_val_if_fail (path != NULL, FALSE);
- kit_return_val_if_fail (out_contents != NULL, FALSE);
- kit_return_val_if_fail (out_contents_size != NULL, FALSE);
-
- fd = -1;
- ret = FALSE;
- *out_contents = NULL;
- p = NULL;
-
- fd = open (path, O_RDONLY);
- if (fd == -1)
- goto out;
-
- p = kit_malloc (BUF_SIZE);
- if (p == NULL) {
- errno = ENOMEM;
- goto out;
- }
- total_allocated = BUF_SIZE;
- total_size = 0;
-
- do {
- again:
- num_read = read (fd, buf, BUF_SIZE);
- if (num_read == -1) {
- if (errno == EINTR)
- goto again;
- else
- goto out;
- }
-
-
- if (total_size + num_read > total_allocated) {
- total_allocated += BUF_SIZE;
- q = kit_realloc (p, total_allocated);
- if (q == NULL) {
- errno = ENOMEM;
- goto out;
- }
- p = q;
- }
-
- memcpy (p + total_size, buf, num_read);
- total_size += num_read;
-
- } while (num_read > 0);
-
- /* add terminating zero */
- if (total_size + 1 > total_allocated) {
- total_allocated += BUF_SIZE;
- q = kit_realloc (p, total_allocated);
- if (q == NULL) {
- errno = ENOMEM;
- goto out;
- }
- p = q;
- }
- p[total_size] = '\0';
-
- *out_contents = p;
- *out_contents_size = total_size;
- ret = TRUE;
-
-out:
- if (fd >= 0) {
- again2:
- if (close (fd) != 0) {
- if (errno == EINTR)
- goto again2;
- else
- ret = FALSE;
- }
- }
-
- if (!ret) {
- kit_free (p);
- *out_contents = NULL;
- }
-
- return ret;
-}
-
-static kit_bool_t
-_write_to_fd (int fd, const char *str, ssize_t str_len)
-{
- kit_bool_t ret;
- ssize_t written;
-
- ret = FALSE;
-
- written = 0;
- while (written < str_len) {
- ssize_t ret;
- ret = write (fd, str + written, str_len - written);
- if (ret < 0) {
- if (errno == EAGAIN || errno == EINTR) {
- continue;
- } else {
- goto out;
- }
- }
- written += ret;
- }
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-/**
- * kit_file_set_contents:
- * @path: path to file
- * @mode: mode for file
- * @contents: contents to set
- * @contents_size: size of contents
- *
- * Writes all of contents to a file named @path, with good error
- * checking. If a file called @path already exists it will be
- * overwritten. This write is atomic in the sense that it is first
- * written to a temporary file which is then renamed to the final
- * name.
- *
- * If the file already exists hard links to @path will break. Also
- * since the file is recreated, existing permissions, access control
- * lists, metadata etc. may be lost. If @path is a symbolic link, the
- * link itself will be replaced, not the linked file.
- *
- * Returns: #TRUE if contents were set; #FALSE if an error occured and
- * errno will be set
- */
-kit_bool_t
-kit_file_set_contents (const char *path, mode_t mode, const char *contents, size_t contents_size)
-{
- int fd;
- char *path_tmp;
- kit_bool_t ret;
-
- path_tmp = NULL;
- ret = FALSE;
-
- kit_return_val_if_fail ((contents == NULL && contents_size == 0) || (contents != NULL), FALSE);
- kit_return_val_if_fail (path != NULL, FALSE);
-
- path_tmp = kit_strdup_printf ("%s.XXXXXX", path);
- if (path_tmp == NULL) {
- errno = ENOMEM;
- goto out;
- }
-
- fd = mkstemp (path_tmp);
- if (fd < 0) {
- kit_warning ("Cannot create file '%s': %m", path_tmp);
- goto out;
- }
- if (fchmod (fd, mode) != 0) {
- kit_warning ("Cannot change mode for '%s' to 0%o: %m", path_tmp, mode);
- close (fd);
- unlink (path_tmp);
- goto out;
- }
-
- if (contents_size > 0) {
- if (!_write_to_fd (fd, contents, contents_size)) {
- kit_warning ("Cannot write to file %s: %m", path_tmp);
- close (fd);
- if (unlink (path_tmp) != 0) {
- kit_warning ("Cannot unlink %s: %m", path_tmp);
- }
- goto out;
- }
- }
- close (fd);
-
- if (rename (path_tmp, path) != 0) {
- kit_warning ("Cannot rename %s to %s: %m", path_tmp, path);
- if (unlink (path_tmp) != 0) {
- kit_warning ("Cannot unlink %s: %m", path_tmp);
- }
- goto out;
- }
-
- ret = TRUE;
-
-out:
- if (path_tmp != NULL)
- kit_free (path_tmp);
-
- return ret;
-}
-
-/**
- * _kit_get_num_fd:
- *
- * Determines the number of open file descriptors
- *
- * Returns: Number of open file descriptors
- */
-size_t
-_kit_get_num_fd (void)
-{
- DIR *dir;
- char buf[128];
- ssize_t num;
-#ifdef HAVE_READDIR64
- struct dirent64 *d;
-#else
- struct dirent *d;
-#endif
-
- num = -1;
-
- snprintf (buf, sizeof (buf), "/proc/%d/fd", getpid ());
-
- dir = opendir (buf);
- if (dir == NULL) {
- kit_warning ("error calling opendir on %s: %m\n", buf);
- goto out;
- }
-
- num = -2;
-#ifdef HAVE_READDIR64
- while ((d = readdir64 (dir)) != NULL) {
-#else
- while ((d = readdir (dir)) != NULL) {
-#endif
- if (d->d_name == NULL)
- continue;
- num++;
- }
-
-out:
- if (dir != NULL)
- closedir (dir);
- return num;
-}
-
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_run_test (void)
-{
- char path[] = "/tmp/kit-test";
- char *buf;
- size_t buf_size;
- char *p;
- size_t s;
- unsigned int n;
-
- buf_size = 3 * BUF_SIZE;
- if ((buf = kit_malloc (buf_size)) == NULL)
- goto out;
-
- for (n = 0; n < buf_size; n++)
- buf[n] = n;
-
- if (!kit_file_set_contents (path, 0400, buf, buf_size)) {
- kit_assert (errno == ENOMEM);
- } else {
- if (!kit_file_get_contents (path, &p, &s)) {
- kit_assert (errno == ENOMEM);
- } else {
- kit_assert (s == buf_size && memcmp (p, buf, buf_size) == 0);
- kit_free (p);
- }
-
- kit_assert (unlink (path) == 0);
-
- kit_assert (!kit_file_get_contents (path, &p, &s));
- }
-
- kit_free (buf);
-
-out:
- return TRUE;
-}
-
-KitTest _test_file = {
- "kit_file",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-file.h b/src/kit/kit-file.h
deleted file mode 100644
index 4fbd84d..0000000
--- a/src/kit/kit-file.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-file.h : File utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_FILE_H
-#define KIT_FILE_H
-
-#include <sys/stat.h>
-#include <kit/kit.h>
-#ifdef HAVE_SOLARIS
-#include <sys/types.h>
-#endif
-
-KIT_BEGIN_DECLS
-
-kit_bool_t kit_file_get_contents (const char *path, char **out_contents, size_t *out_contents_size);
-kit_bool_t kit_file_set_contents (const char *path, mode_t mode, const char *contents, size_t contents_size);
-
-size_t _kit_get_num_fd (void);
-
-KIT_END_DECLS
-
-#endif /* KIT_FILE_H */
-
-
diff --git a/src/kit/kit-hash.c b/src/kit/kit-hash.c
deleted file mode 100644
index b4905e2..0000000
--- a/src/kit/kit-hash.c
+++ /dev/null
@@ -1,638 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-hash.c : Hash tables
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <kit/kit-memory.h>
-#include <kit/kit-hash.h>
-#include <kit/kit-test.h>
-
-/**
- * SECTION:kit-hash
- * @title: Hash tables
- * @short_description: Hash tables
- *
- * This class provides support for hash tables.
- **/
-
-struct _KitHashNode;
-
-typedef struct _KitHashNode {
- void *key;
- void *value;
- struct _KitHashNode *next;
-} KitHashNode;
-
-
-/**
- * KitHash:
- *
- * The #KitHash structure not be accessed directly.
- */
-struct _KitHash
-{
- int refcount;
-
- int num_top_nodes;
- KitHashNode **top_nodes;
-
- KitHashFunc hash_func;
- KitEqualFunc key_equal_func;
- KitCopyFunc key_copy_func;
- KitCopyFunc value_copy_func;
- KitFreeFunc key_destroy_func;
- KitFreeFunc value_destroy_func;
-};
-
-/**
- * kit_hash_new:
- * @hash_func: The hash function to use
- * @key_equal_func: The function used to determine key equality
- * @key_copy_func: Function for copying keys or #NULL
- * @value_copy_func: Function for copying values or #NULL
- * @key_destroy_func: Function for freeing keys or #NULL
- * @value_destroy_func: Function for freeing values or #NULL
- *
- * Creates a new Hash Table.
- *
- * Returns: The new hash table. Returns #NULL on OOM.
- */
-KitHash *
-kit_hash_new (KitHashFunc hash_func,
- KitEqualFunc key_equal_func,
- KitCopyFunc key_copy_func,
- KitCopyFunc value_copy_func,
- KitFreeFunc key_destroy_func,
- KitFreeFunc value_destroy_func)
-{
- KitHash *h;
-
- kit_return_val_if_fail (hash_func != NULL, NULL);
- kit_return_val_if_fail (key_equal_func != NULL, NULL);
-
- h = kit_new0 (KitHash, 1);
- if (h == NULL)
- goto error;
-
- h->refcount = 1;
- h->hash_func = hash_func;
- h->key_copy_func = key_copy_func;
- h->value_copy_func = value_copy_func;
- h->key_equal_func = key_equal_func;
- h->key_destroy_func = key_destroy_func;
- h->value_destroy_func = value_destroy_func;
-
- h->num_top_nodes = 11; /* TODO: configurable? */
- h->top_nodes = kit_new0 (KitHashNode*, h->num_top_nodes);
- if (h->top_nodes == NULL)
- goto error;
-
- return h;
-error:
- if (h != NULL)
- kit_hash_unref (h);
- return NULL;
-}
-
-/**
- * kit_hash_ref:
- * @hash: the hash table
- *
- * Increase reference count.
- *
- * Returns: the hash table
- */
-KitHash *
-kit_hash_ref (KitHash *hash)
-{
- kit_return_val_if_fail (hash != NULL, hash);
- hash->refcount++;
- return hash;
-}
-
-/**
- * kit_hash_unref:
- * @hash: the hash table
- *
- * Decrease reference count. If reference count drop to zero the hash
- * table is freed.
- */
-void
-kit_hash_unref (KitHash *hash)
-{
- kit_return_if_fail (hash != NULL);
-
- hash->refcount--;
- if (hash->refcount > 0)
- return;
-
- if (hash->top_nodes != NULL) {
- int n;
-
- for (n = 0; n < hash->num_top_nodes; n++) {
- KitHashNode *node;
- KitHashNode *next;
-
- for (node = hash->top_nodes[n]; node != NULL; node = next) {
- if (hash->key_destroy_func != NULL)
- hash->key_destroy_func (node->key);
- if (hash->value_destroy_func != NULL)
- hash->value_destroy_func (node->value);
- next = node->next;
- kit_free (node);
- }
- }
- }
-
- kit_free (hash->top_nodes);
- kit_free (hash);
-}
-
-/**
- * kit_hash_insert:
- * @hash: the hash table
- * @key: key to insert
- * @value: value to insert
- *
- * Inserts a new key and value into a hash table. If the key already
- * exists in the hash table it's current value is replaced with the
- * new value.
- *
- * Returns: #TRUE unless OOM
- */
-kit_bool_t
-kit_hash_insert (KitHash *hash,
- void *key,
- void *value)
-{
- int bucket;
- KitHashNode **nodep;
- KitHashNode *node;
- void *key_copy;
- void *value_copy;
-
- key_copy = NULL;
- value_copy = NULL;
- if (hash->key_copy_func != NULL) {
- key_copy = hash->key_copy_func (key);
- if (key_copy == NULL) {
- goto oom;
- }
- } else {
- key_copy = key;
- }
- if (hash->value_copy_func != NULL) {
- value_copy = hash->value_copy_func (value);
- if (value_copy == NULL) {
- goto oom;
- }
- } else {
- value_copy = value;
- }
-
- bucket = hash->hash_func (key) % hash->num_top_nodes;
-
- nodep = & (hash->top_nodes [bucket]);
- node = hash->top_nodes [bucket];
- while (node != NULL) {
- nodep = &(node->next);
-
- if (hash->key_equal_func (key, node->key)) {
- /* replace the value */
-
- if (hash->key_destroy_func != NULL)
- hash->key_destroy_func (node->key);
- if (hash->value_destroy_func != NULL)
- hash->value_destroy_func (node->value);
-
- node->key = key_copy;
- node->value = value_copy;
-
- goto out;
- } else {
- node = node->next;
- }
- }
-
- node = kit_new0 (KitHashNode, 1);
- if (node == NULL)
- goto oom;
-
- node->key = key_copy;
- node->value = value_copy;
- *nodep = node;
-
-out:
- return TRUE;
-
-oom:
- if (key_copy != NULL && hash->key_copy_func != NULL && hash->key_destroy_func != NULL)
- hash->key_destroy_func (key_copy);
-
- if (value_copy != NULL && hash->value_copy_func != NULL && hash->value_destroy_func != NULL)
- hash->value_destroy_func (value_copy);
-
- return FALSE;
-}
-
-/**
- * kit_hash_lookup:
- * @hash: the hash table
- * @key: key to look up
- * @found: if not #NULL, will return #TRUE only if the key was found in the hash table
- *
- * Look up a value in the hash table.
- *
- * Returns: the value; caller shall not free/unref this value
- */
-void *
-kit_hash_lookup (KitHash *hash, void *key, kit_bool_t *found)
-{
- int bucket;
- void *value;
- KitHashNode *node;
-
- value = NULL;
- if (found != NULL)
- *found = FALSE;
-
- bucket = hash->hash_func (key) % hash->num_top_nodes;
-
- node = hash->top_nodes [bucket];
- while (node != NULL) {
- if (hash->key_equal_func (key, node->key)) {
- /* got it */
-
- value = node->value;
- if (found != NULL)
- *found = TRUE;
- goto out;
- } else {
- node = node->next;
- }
- }
-
-out:
- return value;
-}
-
-
-/**
- * kit_hash_foreach:
- * @hash: the hash table
- * @cb: callback function
- * @user_data: user data
- *
- * Iterate over all elements in a hash table
- *
- * Returns: #TRUE only if the callback short-circuited the iteration
- */
-kit_bool_t
-kit_hash_foreach (KitHash *hash, KitHashForeachFunc cb, void *user_data)
-{
- int n;
-
- kit_return_val_if_fail (hash != NULL, FALSE);
- kit_return_val_if_fail (cb != NULL, FALSE);
-
- for (n = 0; n < hash->num_top_nodes; n++) {
- KitHashNode *node;
-
- for (node = hash->top_nodes[n]; node != NULL; node = node->next) {
- if (cb (node->key, node->value, user_data, hash))
- return TRUE;
- }
- }
-
- return FALSE;
-}
-
-/**
- * kit_hash_foreach_remove:
- * @hash: the hash table
- * @cb: callback function
- * @user_data: user data
- *
- * Iterate over all elements in a hash table. If @cb returns %TRUE,
- * the element will be removed.
- *
- * Returns: Number of key/value pairs removed
- */
-size_t
-kit_hash_foreach_remove (KitHash *hash, KitHashForeachFunc cb, void *user_data)
-{
- int n;
- size_t num_rem;
-
- kit_return_val_if_fail (hash != NULL, FALSE);
- kit_return_val_if_fail (cb != NULL, FALSE);
-
- num_rem = 0;
-
- for (n = 0; n < hash->num_top_nodes; n++) {
- KitHashNode *node;
- KitHashNode *node_next;
- KitHashNode **prev_node_next;
-
- prev_node_next = &(hash->top_nodes[n]);
-
- for (node = hash->top_nodes[n]; node != NULL; node = node_next) {
- node_next = node->next;
-
- if (cb (node->key, node->value, user_data, hash)) {
-
- if (hash->key_destroy_func != NULL)
- hash->key_destroy_func (node->key);
- if (hash->value_destroy_func != NULL)
- hash->value_destroy_func (node->value);
- kit_free (node);
-
- *prev_node_next = node_next;
- num_rem++;
- } else {
- prev_node_next = &(node->next);
- }
- }
- }
-
- return num_rem;
-}
-
-
-/**
- * kit_hash_direct_hash_func:
- * @key: the key
- *
- * Converts a pointer to a hash value.
- *
- * Returns: a hash value corresponding to the key
- */
-uint32_t
-kit_hash_direct_hash_func (const void *key)
-{
- return (uint32_t) key;
-}
-
-/**
- * kit_hash_direct_equal_func:
- * @v1: first value
- * @v2: second value
- *
- * Compares two pointers and return #TRUE if they are equal (same address).
- *
- * Returns: #TRUE only if the values are equal
- */
-kit_bool_t
-kit_hash_direct_equal_func (const void *v1, const void *v2)
-{
- return v1 == v2;
-}
-
-/**
- * kit_hash_str_hash_func:
- * @key: the key
- *
- * Converts a string to a hash value.
- *
- * Returns: a hash value corresponding to the key
- */
-uint32_t
-kit_hash_str_hash_func (const void *key)
-{
- const char *p;
- uint32_t hash;
-
- hash = 0;
- for (p = key; *p != '\0'; p++)
- hash = hash * 617 ^ *p;
-
- return hash;
-}
-
-/**
- * kit_hash_str_equal_func:
- * @v1: first value
- * @v2: second value
- *
- * Compares two strings and return #TRUE if they are equal.
- *
- * Returns: #TRUE only if the values are equal
- */
-kit_bool_t
-kit_hash_str_equal_func (const void *v1, const void *v2)
-{
- return strcmp (v1, v2) == 0;
-}
-
-/**
- * kit_hash_str_copy:
- * @p: void pointer to string
- *
- * Similar to kit_strdup() except for types.
- *
- * Returns: a void pointer to a copy or #NULL on OOM
- */
-void *
-kit_hash_str_copy (const void *p)
-{
- return (void *) kit_strdup ((const char *) p);
-}
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_it1 (void *key, void *value, void *user_data, KitHash *hash)
-{
- int *count = (int *) user_data;
- *count += 1;
- return FALSE;
-}
-
-static kit_bool_t
-_it2 (void *key, void *value, void *user_data, KitHash *hash)
-{
- int *count = (int *) user_data;
- *count += 1;
- return TRUE;
-}
-
-static kit_bool_t
-_it_sum (void *key, void *value, void *user_data, KitHash *hash)
-{
- int *count = (int *) user_data;
- *count += (int) value;
- return FALSE;
-}
-
-static kit_bool_t
-_it_rem (void *key, void *value, void *user_data, KitHash *hash)
-{
- if (strlen ((char *) key) > 4)
- return TRUE;
- else
- return FALSE;
-}
-
-static kit_bool_t
-_run_test (void)
-{
- int count;
- KitHash *h;
- kit_bool_t found;
-
- /* string hash tables */
- if ((h = kit_hash_new (kit_hash_str_hash_func, kit_hash_str_equal_func,
- kit_hash_str_copy, kit_hash_str_copy,
- kit_free, kit_free)) != NULL) {
- int n;
- char *key;
- char *value;
- char *test_data[] = {"key1", "val1",
- "key2", "val2",
- "key3", "val3",
- "key4", "val4",
- "key5", "val5",
- "key6", "val6",
- "key7", "val7",
- "key8", "val8",
- "key9", "val9",
- "key10", "val10",
- "key11", "val11",
- "key12", "val12",
- NULL};
-
- /* first insert the values */
- for (n = 0; test_data [n*2] != NULL; n++) {
- if (!kit_hash_insert (h, test_data [n*2], test_data [n*2 + 1])) {
- goto oom;
- }
- }
-
- /* then check that we can look them up */
- for (n = 0; test_data [n*2] != NULL; n++) {
- key = test_data [n*2];
- value = kit_hash_lookup (h, test_data[n*2], &found);
-
- kit_assert (found && strcmp (value, test_data[n*2 + 1]) == 0);
- }
-
- /* lookup unknown key */
- kit_assert (kit_hash_lookup (h, "unknown", &found) == NULL && !found);
-
- /* replace key */
- if (key != NULL) {
- if (kit_hash_insert (h, "key1", "val1-replaced")) {
- /* check for replaced value */
- value = kit_hash_lookup (h, "key1", &found);
- kit_assert (found && value != NULL && strcmp (value, "val1-replaced") == 0);
- }
- }
-
- count = 0;
- kit_assert (kit_hash_foreach (h, _it1, &count) == FALSE);
- kit_assert (count == ((sizeof (test_data) / sizeof (char *) - 1) / 2));
- count = 0;
- kit_assert (kit_hash_foreach (h, _it2, &count) == TRUE);
- kit_assert (count == 1);
-
- kit_hash_ref (h);
- kit_hash_unref (h);
- oom:
-
- kit_hash_unref (h);
- }
-
- /* direct hash tables */
- if ((h = kit_hash_new (kit_hash_direct_hash_func, kit_hash_direct_equal_func,
- NULL, NULL,
- NULL, NULL)) != NULL) {
- if (kit_hash_insert (h, h, h)) {
- kit_assert ((kit_hash_lookup (h, h, &found) == h) && found);
- if (kit_hash_insert (h, h, NULL)) {
- kit_assert (kit_hash_lookup (h, h, &found) == NULL && found);
- }
- }
- kit_hash_unref (h);
- }
-
- /* remove */
- if ((h = kit_hash_new (kit_hash_str_hash_func,
- kit_hash_str_equal_func,
- kit_hash_str_copy,
- NULL,
- kit_free,
- NULL)) != NULL) {
- char *test_data[] = {"key1",
- "key2b",
- "key3",
- "key4",
- "key5b",
- "key6b",
- "key7",
- "key8",
- NULL};
- int n;
- int count;
-
- /* first insert the values */
- for (n = 0; test_data [n] != NULL; n++) {
- if (!kit_hash_insert (h, test_data [n], (void *) (n + 1))) {
- goto oom;
- }
- }
-
- count = 0;
- kit_assert (kit_hash_foreach (h, _it_sum, &count) == FALSE);
- kit_assert (count == 1+2+3+4+5+6+7+8);
-
- kit_assert (kit_hash_foreach_remove (h, _it_rem, &count) == 3);
- count = 0;
- kit_assert (kit_hash_foreach (h, _it_sum, &count) == FALSE);
- kit_assert (count == 1+3+4+7+8);
-
- kit_hash_unref (h);
- }
-
-
- return TRUE;
-}
-
-KitTest _test_hash = {
- "kit_hash",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-hash.h b/src/kit/kit-hash.h
deleted file mode 100644
index 608c4d5..0000000
--- a/src/kit/kit-hash.h
+++ /dev/null
@@ -1,144 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-hash.h : Hash tables
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_HASH_H
-#define KIT_HASH_H
-
-#include <stdint.h>
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-struct _KitHash;
-typedef struct _KitHash KitHash;
-
-/**
- * KitHashFunc:
- * @key: a key
- *
- * The function is passed a key and should return a hash value. The
- * functions kit_hash_direct_hash_func() and
- * kit_hash_str_hash_func() provide hash functions which can be
- * used when the key is a pointer and an char* respectively.
- *
- * Returns: the hash value corresponding to the key
- */
-typedef uint32_t (*KitHashFunc) (const void *key);
-
-/**
- * KitEqualFunc:
- * @key1: first key
- * @key2: second key
- *
- * Determines if two keys are equal. The functions
- * kit_hash_direct_equal_func() and kit_hash_str_equal_func()
- * provide equality functions which can be used when the key is a
- * pointer and an char* respectively.
- *
- * Returns: #TRUE iff the keys are equal
- */
-typedef kit_bool_t (*KitEqualFunc) (const void *key1, const void *key2);
-
-/**
- * KitFreeFunc:
- * @p: pointer
- *
- * Specifies the type of function which is called when a data element
- * is destroyed. It is passed the pointer to the data element and
- * should free any memory and resources allocated for it. The function
- * p_free() or any of the object unref functions can be passed here.
- */
-typedef void (*KitFreeFunc) (void *p);
-
-/**
- * KitCopyFunc:
- * @p: pointer
- *
- * Specifies the type of function which is called when a data element
- * is to be cloned or reffed. It is passed the pointer to the data
- * element and should return a new pointer to a reffed or cloned
- * object. The function kit_hash_str_copy() or any of the object
- * ref functions can be passed here.
- *
- * Returns: A copy or ref of the object in question
- */
-typedef void *(*KitCopyFunc) (const void *p);
-
-/**
- * KitHashForeachFunc:
- * @key: key
- * @value: value
- * @user_data: user data passed to kit_hash_foreach()
- * @hash: the hash table
- *
- * Type signature for callback function used in kit_hash_foreach().
- *
- * Returns: Return #TRUE to short-circuit, e.g. stop the iteration.
- */
-typedef kit_bool_t (*KitHashForeachFunc) (void *key,
- void *value,
- void *user_data,
- KitHash *hash);
-
-
-KitHash *kit_hash_new (KitHashFunc hash_func,
- KitEqualFunc key_equal_func,
- KitCopyFunc key_copy_func,
- KitCopyFunc value_copy_func,
- KitFreeFunc key_destroy_func,
- KitFreeFunc value_destroy_func);
-
-KitHash *kit_hash_ref (KitHash *hash);
-void kit_hash_unref (KitHash *hash);
-
-kit_bool_t kit_hash_insert (KitHash *hash, void *key, void *value);
-
-void *kit_hash_lookup (KitHash *hash, void *key, kit_bool_t *found);
-
-kit_bool_t kit_hash_foreach (KitHash *hash, KitHashForeachFunc cb, void *user_data);
-
-size_t kit_hash_foreach_remove (KitHash *hash, KitHashForeachFunc cb, void *user_data);
-
-
-uint32_t kit_hash_direct_hash_func (const void *key);
-kit_bool_t kit_hash_direct_equal_func (const void *v1, const void *v2);
-
-uint32_t kit_hash_str_hash_func (const void *key);
-kit_bool_t kit_hash_str_equal_func (const void *v1, const void *v2);
-void *kit_hash_str_copy (const void *p);
-
-KIT_END_DECLS
-
-#endif /* KIT_HASH_H */
-
-
diff --git a/src/kit/kit-lib.c b/src/kit/kit-lib.c
deleted file mode 100644
index a05cc11..0000000
--- a/src/kit/kit-lib.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-lib.c : General utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-#include <kit/kit.h>
-#include "kit-test.h"
-
-#ifndef HAVE_GETLINE
-ssize_t
-kit_getline (char **lineptr, size_t *n, FILE *stream)
-{
- char *line, *p;
- long size, copy;
-
- if (lineptr == NULL || n == NULL) {
- errno = EINVAL;
- return (ssize_t) -1;
- }
-
- if (ferror (stream))
- return (ssize_t) -1;
-
- /* Make sure we have a line buffer to start with. */
- if (*lineptr == NULL || *n < 2) /* !seen and no buf yet need 2 chars. */ {
-#ifndef MAX_CANON
-#define MAX_CANON 256
-#endif
- if (!*lineptr)
- line = (char *) malloc (MAX_CANON);
- else
- line = (char *) realloc (*lineptr, MAX_CANON);
- if (line == NULL)
- return (ssize_t) -1;
- *lineptr = line;
- *n = MAX_CANON;
- }
-
- line = *lineptr;
- size = *n;
-
- copy = size;
- p = line;
-
- while (1) {
- long len;
-
- while (--copy > 0) {
- int c = getc (stream);
-
- if (c == EOF)
- goto lose;
- else if ((*p++ = c) == '\n')
- goto win;
- }
-
- /* Need to enlarge the line buffer. */
- len = p - line;
- size *= 2;
- line = (char *) realloc (line, size);
- if (line == NULL)
- goto lose;
- *lineptr = line;
- *n = size;
- p = line + len;
- copy = size - len;
- }
-
-lose:
- if (p == *lineptr)
- return (ssize_t) -1;
-
- /* Return a partial line since we got an error in the middle. */
-win:
- *p = '\0';
- return p - *lineptr;
-}
-#else
-ssize_t
-kit_getline (char **lineptr, size_t *n, FILE *f)
-{
- return getline (lineptr, n, f);
-}
-#endif
-
-#ifndef HAVE_CLEARENV
-extern char **environ;
-
-int
-kit_clearenv (void)
-{
- if (environ != NULL)
- environ[0] = NULL;
- return 0;
-}
-#else
-int
-kit_clearenv (void)
-{
- return clearenv ();
-}
-#endif
diff --git a/src/kit/kit-lib.h b/src/kit/kit-lib.h
deleted file mode 100644
index 523e096..0000000
--- a/src/kit/kit-lib.h
+++ /dev/null
@@ -1,52 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-string.h : General utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_LIB_H
-#define KIT_LIB_H
-
-#include <sys/types.h>
-#include <stdio.h>
-
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-ssize_t kit_getline (char **lineptr, size_t *n, FILE *f);
-
-int kit_clearenv (void);
-
-KIT_END_DECLS
-
-#endif /* KIT_LIB_H */
-
-
diff --git a/src/kit/kit-list.c b/src/kit/kit-list.c
deleted file mode 100644
index d3d5367..0000000
--- a/src/kit/kit-list.c
+++ /dev/null
@@ -1,348 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-list.c : Doubly-linked lists
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <kit/kit.h>
-#include "kit-test.h"
-
-/**
- * SECTION:kit-list
- * @title: Doubly-linked lists
- * @short_description: Doubly-linked lists
- *
- * This class provides support for doubly-linked lists.
- **/
-
-/**
- * kit_list_append:
- * @list: existing list or #NULL to create a new list
- * @data: data to append to the list
- *
- * Append an entry to a list.
- *
- * Returns: the head of the new list or #NULL on OOM
- */
-KitList *
-kit_list_append (KitList *list, void *data)
-{
- KitList *l;
- KitList *j;
-
- for (j = list; j != NULL && j->next != NULL; j = j->next)
- ;
-
- l = kit_new0 (KitList, 1);
- if (l == NULL)
- goto oom;
-
- l->data = data;
- l->prev = j;
-
- if (j != NULL) {
- j->next = l;
- } else {
- list = l;
- }
-
- return list;
-oom:
- return NULL;
-}
-
-/**
- * kit_list_copy:
- * @list: existing list
- *
- * Makes a copy of a list. It is not a deep copy.
- *
- * Returns: A copy of the new list or #NULL on OOM. Free with kit_list_free().
- **/
-KitList *
-kit_list_copy (KitList *list)
-{
- KitList *l;
- KitList *l2;
- KitList *j;
-
- l = NULL;
- for (j = list; j != NULL; j = j->next) {
- /* TODO: prepend, then reverse */
- l2 = kit_list_append (l, j->data);
- if (l2 == NULL)
- goto oom;
- l = l2;
- }
-
- return l;
-oom:
- kit_list_free (l);
- return NULL;
-}
-
-/**
- * kit_list_prepend:
- * @list: existing list or #NULL to create a new list
- * @data: data to prepend to the list
- *
- * Prepend an entry to a list.
- *
- * Returns: the head of the new list or #NULL on OOM
- */
-KitList *
-kit_list_prepend (KitList *list, void *data)
-{
- KitList *l;
-
- l = kit_new0 (KitList, 1);
- if (l == NULL)
- goto oom;
-
- l->next = list;
- l->data = data;
- if (list != NULL) {
- list->prev = l;
- }
-
-oom:
- return l;
-}
-
-/**
- * kit_list_delete_link:
- * @list: existing list, cannot be #NULL
- * @link: link to delete, cannot be #NULL
- *
- * Delete a link from a list.
- *
- * Returns: the new head of the list or #NULL if the list is empty after deletion.
- */
-KitList *
-kit_list_delete_link (KitList *list, KitList *link)
-{
- KitList *ret;
-
- kit_return_val_if_fail (list != NULL, NULL);
- kit_return_val_if_fail (link != NULL, NULL);
-
- if (list == link)
- ret = link->next;
- else
- ret = list;
-
- if (link->prev != NULL) {
- link->prev->next = link->next;
- }
-
- if (link->next != NULL) {
- link->next->prev = link->prev;
- }
-
- kit_free (link);
-
- return ret;
-}
-
-/**
- * kit_list_free:
- * @list: the list
- *
- * Frees all links in a list
- */
-void
-kit_list_free (KitList *list)
-{
- KitList *l;
- KitList *j;
-
- for (l = list; l != NULL; l = j) {
- j = l->next;
- kit_free (l);
- }
-}
-
-/**
- * kit_list_length:
- * @list: the list
- *
- * Compute the length of a list.
- *
- * Returns: Number of entries in list
- */
-size_t
-kit_list_length (KitList *list)
-{
- ssize_t n;
- KitList *l;
-
- n = 0;
- for (l = list; l != NULL; l = l->next)
- n++;
-
- return n;
-}
-
-/**
- * kit_list_foreach:
- * @list: the list
- * @func: callback function
- * @user_data: user data to pass to callback
- *
- * Iterate over all entries in a list.
- *
- * Returns: #TRUE only if the callback short-circuited the iteration
- */
-kit_bool_t
-kit_list_foreach (KitList *list, KitListForeachFunc func, void *user_data)
-{
- KitList *l;
-
- kit_return_val_if_fail (list != NULL, FALSE);
- kit_return_val_if_fail (func != NULL, FALSE);
-
- for (l = list; l != NULL; l = l->next) {
- if (func (l->data, user_data, list))
- return TRUE;
- }
-
- return FALSE;
-}
-
-
-#ifdef KIT_BUILD_TESTS
-
-typedef struct {
- int num;
- int result;
-} _Closure;
-
-static kit_bool_t
-_sum (void *data, void *user_data, KitList *list)
-{
- _Closure *c = (_Closure*) user_data;
-
- c->result += ((int) data) * (c->num + 1);
- c->num += 1;
-
- return FALSE;
-}
-
-static kit_bool_t
-_sum2 (void *data, void *user_data, KitList *list)
-{
- _Closure *c = (_Closure*) user_data;
-
- if (c->num == 2)
- return TRUE;
-
- c->result += ((int) data) * (c->num + 1);
- c->num += 1;
-
- return FALSE;
-}
-
-static kit_bool_t
-_run_test (void)
-{
- _Closure c;
- int items[] = {1, 2, 3, 4, 5};
- unsigned int num_items = sizeof (items) / sizeof (int);
- unsigned int n;
- KitList *l;
- KitList *j;
-
- l = NULL;
- for (n = 0; n < num_items; n++) {
- j = l;
- l = kit_list_prepend (l, (void *) items[n]);
- if (l == NULL)
- goto oom;
- }
-
- kit_assert (kit_list_length (l) == num_items);
- c.num = 0;
- c.result = 0;
- kit_list_foreach (l, _sum, &c);
- kit_assert (c.result == 1*5 + 2*4 + 3*3 + 4*2 + 5*1);
-
- c.num = 0;
- c.result = 0;
- kit_list_foreach (l, _sum2, &c);
- kit_assert (c.result == 1*5 + 2*4);
-
- l = kit_list_delete_link (l, l);
- kit_assert (kit_list_length (l) == num_items - 1);
- c.num = 0;
- c.result = 0;
- kit_list_foreach (l, _sum, &c);
- kit_assert (c.result == 1*4 + 2*3 + 3*2 + 4*1);
-
- l = kit_list_delete_link (l, l->next);
- kit_assert (kit_list_length (l) == num_items - 2);
- c.num = 0;
- c.result = 0;
- kit_list_foreach (l, _sum, &c);
- kit_assert (c.result == 1*4 + 2*2 + 3*1);
-
- kit_list_free (l);
-
- l = NULL;
- for (n = 0; n < num_items; n++) {
- j = l;
- l = kit_list_append (l, (void *) items[n]);
- if (l == NULL)
- goto oom;
- }
-
- c.num = 0;
- c.result = 0;
- kit_list_foreach (l, _sum, &c);
- kit_assert (c.result == 1*1 + 2*2 + 3*3 + 4*4 + 5*5);
-
- kit_list_free (l);
-
- return TRUE;
-oom:
- kit_list_free (j);
- return TRUE;
-}
-
-KitTest _test_list = {
- "kit_list",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-list.h b/src/kit/kit-list.h
deleted file mode 100644
index 1b22ae2..0000000
--- a/src/kit/kit-list.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-list.h : Doubly-linked list
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_LIST_H
-#define KIT_LIST_H
-
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-struct _KitList;
-typedef struct _KitList KitList;
-
-/**
- * KitList:
- * @data: the value passed in kit_list_append() and kit_list_prepend()
- * @next: the next element in the list or #NULL if this is the last element
- * @prev: the previous element in the list or #NULL if this is the last element
- *
- * Public members of the #KitList data structure
- */
-struct _KitList {
- void *data;
- KitList *next;
- KitList *prev;
-};
-
-/**
- * KitListForeachFunc:
- * @data: data of link entry
- * @user_data: user data passed to kit_list_foreach()
- * @list: the list
- *
- * Type signature for callback function used in kit_list_foreach().
- *
- * Returns: Return #TRUE to short-circuit, e.g. stop the iteration.
- */
-typedef kit_bool_t (*KitListForeachFunc) (void *data,
- void *user_data,
- KitList *list);
-
-KitList *kit_list_append (KitList *list, void *data);
-KitList *kit_list_prepend (KitList *list, void *data);
-void kit_list_free (KitList *list);
-KitList *kit_list_delete_link (KitList *list, KitList *link);
-
-size_t kit_list_length (KitList *list);
-kit_bool_t kit_list_foreach (KitList *list, KitListForeachFunc func, void *user_data);
-KitList *kit_list_copy (KitList *list);
-
-
-KIT_END_DECLS
-
-#endif /* KIT_LIST_H */
-
-
diff --git a/src/kit/kit-memory.c b/src/kit/kit-memory.c
deleted file mode 100644
index bf79fea..0000000
--- a/src/kit/kit-memory.c
+++ /dev/null
@@ -1,422 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-memory.c : Memory management
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-#ifdef BUILT_R_DYNAMIC
-#include <execinfo.h>
-#endif
-
-#include <kit/kit-memory.h>
-#include <kit/kit-test.h>
-
-/**
- * SECTION:kit-memory
- * @title: Memory management
- * @short_description: Memory management
- *
- * Functions used for memory management.
- **/
-
-#ifdef KIT_BUILD_TESTS
-
-static int _cur_allocs = 0;
-static int _total_allocs = 0;
-static int _fail_nth = -1;
-
-
-#if defined(KIT_BUILD_TESTS) && defined(BUILT_R_DYNAMIC)
-typedef struct _KitAllocationEntry {
- const void *memory;
- void *backtrace[100];
- int backtrace_size;
- struct _KitAllocationEntry *next;
-} KitAllocationEntry;
-
-static KitAllocationEntry *alloc_list_head = NULL;
-#endif
-
-void
-_kit_memory_reset (void)
-{
- _cur_allocs = 0;
- _total_allocs = 0;
- _fail_nth = -1;
-
-#if defined(KIT_BUILD_TESTS) && defined(BUILT_R_DYNAMIC)
- /* TODO: free existing allocs */
- alloc_list_head = NULL;
-#endif
-}
-
-int
-_kit_memory_get_current_allocations (void)
-{
- return _cur_allocs;
-}
-
-int
-_kit_memory_get_total_allocations (void)
-{
- return _total_allocs;
-}
-
-void
-_kit_memory_fail_nth_alloc (int number)
-{
- _fail_nth = number;
-}
-
-static inline void
-_alloc_add (const void *memory)
-{
-#if defined(KIT_BUILD_TESTS) && defined(BUILT_R_DYNAMIC)
- KitAllocationEntry *entry;
-
- entry = malloc (sizeof (KitAllocationEntry));
- entry->memory = memory;
- entry->backtrace_size = backtrace (entry->backtrace, 100);
- entry->next = alloc_list_head;
-
- alloc_list_head = entry;
-#endif
-}
-
-static inline void
-_alloc_remove (const void *memory)
-{
-#if defined(KIT_BUILD_TESTS) && defined(BUILT_R_DYNAMIC)
- KitAllocationEntry *l;
- KitAllocationEntry **prev;
-
- prev = &alloc_list_head;
- for (l = alloc_list_head; l != NULL; l = l->next) {
- if (l->memory == memory) {
- *prev = l->next;
- free (l);
- break;
- }
-
- prev = &(l->next);
- }
-#endif
-}
-
-void
-_kit_memory_print_outstanding_allocations (void)
-{
-#if defined(KIT_BUILD_TESTS) && defined(BUILT_R_DYNAMIC)
- KitAllocationEntry *l;
- for (l = alloc_list_head; l != NULL; l = l->next) {
- int i;
- char **syms;
-
- syms = backtrace_symbols (l->backtrace, l->backtrace_size);
-
- i = 0;
- while (i < l->backtrace_size)
- {
- fprintf (stderr, " %s\n", syms[i]);
- ++i;
- }
- fprintf (stderr, "\n");
- fflush (stderr);
-
- free (syms);
- }
-#endif
-}
-
-
-/**
- * kit_malloc:
- * @bytes: number of 8-bit bytes to allocate
- *
- * Allocate memory
- *
- * Returns: memory location or #NULL on OOM. Free with kit_free().
- */
-void *
-kit_malloc (size_t bytes)
-{
- void *p;
-
- if (_fail_nth != -1 && _total_allocs == _fail_nth) {
- errno = ENOMEM;
- _total_allocs++;
-
- //fprintf (stderr, " Failing alloc @\n");
- //kit_print_backtrace ();
-
- return NULL;
- }
-
- p = malloc (bytes);
-
- if (p != NULL) {
- _cur_allocs++;
- _total_allocs++;
- _alloc_add (p);
- }
-
- return p;
-}
-
-/**
- * kit_malloc0:
- * @bytes: number of 8-bit bytes to allocate
- *
- * Allocate memory and zero it.
- *
- * Returns: memory location or #NULL on OOM. Free with kit_free().
- */
-void *
-kit_malloc0 (size_t bytes)
-{
- void *p;
-
- if (_fail_nth != -1 && _total_allocs == _fail_nth) {
- errno = ENOMEM;
- return NULL;
- }
-
- p = calloc (1, bytes);
-
- if (p != NULL) {
- _cur_allocs++;
- _total_allocs++;
- _alloc_add (p);
- }
-
- return p;
-}
-
-/**
- * kit_realloc:
- * @memory: memory previously allocated
- * @bytes: new size
- *
- * Reallocate memory; like realloc(3).
- *
- * Returns: memory location or #NULL on OOM. Free with kit_free().
- */
-void *
-kit_realloc (void *memory, size_t bytes)
-{
- void *p;
-
- if (memory == NULL)
- return kit_malloc (bytes);
-
- if (bytes == 0) {
- kit_free (memory);
- return memory;
- }
-
- if (_fail_nth != -1 && _total_allocs == _fail_nth) {
- errno = ENOMEM;
- return NULL;
- }
-
- _alloc_remove (p);
- p = realloc (memory, bytes);
- if (p != NULL)
- _alloc_add (p);
-
- return p;
-}
-
-/**
- * kit_free:
- * @memory: pointer to memory allocated with kit_malloc() + friends
- *
- * Free memory allocated by kit_malloc() + friends.
- */
-void
-kit_free (void *memory)
-{
- free (memory);
- if (memory != NULL) {
- _alloc_remove (memory);
- _cur_allocs--;
- }
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-#else
-/*--------------------------------------------------------------------------------------------------------------*/
-
-void *
-kit_malloc (size_t bytes)
-{
- return malloc (bytes);
-}
-
-void *
-kit_malloc0 (size_t bytes)
-{
- return calloc (1, bytes);
-}
-
-void *
-kit_realloc (void *memory, size_t bytes)
-{
- return realloc (memory, bytes);
-}
-
-void
-kit_free (void *memory)
-{
- free (memory);
-}
-
-void
-_kit_memory_reset (void)
-{
-}
-
-int
-_kit_memory_get_current_allocations (void)
-{
- return -1;
-}
-
-int
-_kit_memory_get_total_allocations (void)
-{
- return -1;
-}
-
-void
-_kit_memory_fail_nth_alloc (int number)
-{
-}
-
-void
-_kit_memory_print_outstanding_allocations (void)
-{
-}
-
-#endif /* KIT_BUILD_TESTS */
-
-/* There's probably a better place for this function ... */
-
-/**
- * kit_print_backtrace:
- *
- * Print a back trace if built with -rdynamic or similar.
- */
-void
-kit_print_backtrace (void)
-{
-#ifdef BUILT_R_DYNAMIC
- void *bt[500];
- int bt_size;
- int i;
- char **syms;
-
- bt_size = backtrace (bt, 500);
-
- syms = backtrace_symbols (bt, bt_size);
-
- i = 0;
- while (i < bt_size)
- {
- fprintf (stderr, " %s\n", syms[i]);
- ++i;
- }
- fprintf (stderr, "\n");
- fflush (stderr);
-
- free (syms);
-#else
- fprintf (stderr, " Not built with -rdynamic so unable to print a backtrace\n");
-#endif
-}
-
-
-
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_run_test (void)
-{
- int n;
- char *p;
- char *p2;
-
- if ((p = kit_malloc (1000)) != NULL) {
- for (n = 0; n < 1000; n++)
- p[n] = n;
-
- p2 = kit_realloc (p, 2000);
- if (p2 != NULL) {
- p = p2;
-
- for (n = 0; n < 2000; n++)
- p[n] = n;
- }
-
- kit_free (p);
- }
-
- if ((p = kit_realloc (NULL, 1000)) != NULL) {
- for (n = 0; n < 1000; n++)
- p[n] = n;
-
- kit_realloc (p, 0);
- }
-
- if ((p = kit_malloc0 (1000)) != NULL) {
- for (n = 0; n < 1000; n++)
- kit_assert (p[n] == '\0');
- kit_free (p);
- }
-
- return TRUE;
-}
-
-KitTest _test_memory = {
- "kit_memory",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-memory.h b/src/kit/kit-memory.h
deleted file mode 100644
index fae2da1..0000000
--- a/src/kit/kit-memory.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-memory.h : Memory management
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_MEMORY_H
-#define KIT_MEMORY_H
-
-#include <stdarg.h>
-#include <stdlib.h>
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-void *kit_malloc (size_t bytes);
-void *kit_malloc0 (size_t bytes);
-void *kit_realloc (void *memory, size_t bytes);
-void kit_free (void *memory);
-
-/**
- * kit_new:
- * @type: the type of object to allocate
- * @count: number of objects to allocate
- *
- * Allocate memory for @count structures of type @type.
- *
- * Returns: Allocated memory, cast to a pointer of #type or #NULL on OOM.
- */
-#define kit_new(type, count) ((type*)kit_malloc (sizeof (type) * (count)));
-
-/**
- * kit_new0:
- * @type: the type of object to allocate
- * @count: number of objects to allocate
- *
- * Allocate zeroed memory for @count structures of type @type.
- *
- * Returns: Allocated memory, cast to a pointer of #type or #NULL on OOM.
- */
-#define kit_new0(type, count) ((type*)kit_malloc0 (sizeof (type) * (count)));
-
-void _kit_memory_reset (void);
-int _kit_memory_get_current_allocations (void);
-int _kit_memory_get_total_allocations (void);
-void _kit_memory_fail_nth_alloc (int number);
-void _kit_memory_print_outstanding_allocations (void);
-
-KIT_END_DECLS
-
-#endif /* KIT_MEMORY_H */
-
-
diff --git a/src/kit/kit-message.c b/src/kit/kit-message.c
deleted file mode 100644
index ad09039..0000000
--- a/src/kit/kit-message.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-message.c : Message utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <kit/kit.h>
-#include "kit-test.h"
-
-/**
- * SECTION:kit-message
- * @title: Message utilities
- * @short_description: Message utilities
- *
- * Various message and logging utilities.
- **/
-
-/**
- * kit_debug:
- * @format: printf(3) style format string
- * @...: the parameters to insert into @format
- *
- * Outputs a debug message on stdout.
- */
-void
-kit_debug (const char *format, ...)
-{
- va_list args;
- char buf[1024];
-
- kit_return_if_fail (format != NULL);
-
- va_start (args, format);
- vsnprintf (buf, sizeof (buf), format, args);
- va_end (args);
-
- printf ("[INFO %5d] %s\n", getpid (), buf);
-}
-
-/**
- * kit_warning:
- * @format: printf(3) style format string
- * @...: the parameters to insert into @format
- *
- * Outputs a warning message on stderr.
- */
-void
-kit_warning (const char *format, ...)
-{
- va_list args;
- char buf[1024];
-
- kit_return_if_fail (format != NULL);
-
- va_start (args, format);
- vsnprintf (buf, sizeof (buf), format, args);
- va_end (args);
-
- fprintf (stderr, "[WARN %5d] %s\n", getpid (), buf);
-}
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_run_test (void)
-{
- kit_debug ("Debug %d", 42);
- kit_warning ("Warning %d %s", 42, "foo");
- return TRUE;
-}
-
-KitTest _test_message = {
- "kit_message",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-message.h b/src/kit/kit-message.h
deleted file mode 100644
index 7d363b5..0000000
--- a/src/kit/kit-message.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-message.h : Message utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_MESSAGE_H
-#define KIT_MESSAGE_H
-
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-#ifdef __sun
-void kit_debug (const char *format, ...);
-void kit_warning (const char *format, ...);
-#else
-void kit_debug (const char *format, ...) __attribute__((__format__ (__printf__, 1, 2)));
-void kit_warning (const char *format, ...) __attribute__((__format__ (__printf__, 1, 2)));
-#endif
-
-KIT_END_DECLS
-
-#endif /* KIT_MESSAGE_H */
-
-
diff --git a/src/kit/kit-spawn.c b/src/kit/kit-spawn.c
deleted file mode 100644
index 080a1bc..0000000
--- a/src/kit/kit-spawn.c
+++ /dev/null
@@ -1,675 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-spawn.c : Spawn utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <signal.h>
-
-#include <kit/kit.h>
-#include "kit-test.h"
-
-
-/**
- * SECTION:kit-spawn
- * @title: Spawn utilities
- * @short_description: Spawn utilities
- *
- * Various spawn utilities.
- **/
-
-static kit_bool_t
-set_close_on_exec (int fd, void *data)
-{
- if (fd >= (int) data) {
- if (fcntl (fd, F_SETFD, FD_CLOEXEC) != 0 && errno != EBADF) {
- return FALSE;
- }
- }
-
- return TRUE;
-}
-
-static kit_bool_t
-_fdwalk (kit_bool_t (*callback)(int fd, void *user_data), void *user_data)
-{
- int fd;
- int max_fd;
-
- kit_return_val_if_fail (callback != NULL, FALSE);
-
- max_fd = sysconf (_SC_OPEN_MAX);
- for (fd = 0; fd < max_fd; fd++) {
- if (!callback (fd, user_data))
- return FALSE;
- }
-
- return TRUE;
-}
-
-static int
-_sane_dup2 (int fd1, int fd2)
-{
- int ret;
-
-again:
- ret = dup2 (fd1, fd2);
- if (ret < 0 && errno == EINTR)
- goto again;
-
- return ret;
-}
-
-static ssize_t
-_read_from (int fd, char **out_string)
-{
- char buf[4096];
- ssize_t num_read;
-
-again:
- num_read = read (fd, buf, sizeof (buf) - 1);
- if (num_read == -1) {
- if (errno == EINTR)
- goto again;
- else
- goto out;
- }
-
- if (num_read > 0) {
- char *s;
-
- buf[num_read] = '\0';
-
- s = kit_str_append (*out_string, buf);
- if (s == NULL) {
- errno = ENOMEM;
- num_read = -1;
- goto out;
- }
- *out_string = s;
-
- //kit_debug ("fd=%d read %d bytes: '%s'", fd, num_read, buf);
- }
-
-out:
- return num_read;
-}
-
-static ssize_t
-_write_to (int fd, char *str)
-{
- ssize_t num_written;
-
-again:
- num_written = write (fd, str, strlen (str));
- if (num_written == -1) {
- if (errno == EINTR)
- goto again;
- else
- goto out;
- }
-
- //kit_debug ("Wrote %d bytes from '%s'", num_written, str);
-
-out:
- return num_written;
-}
-
-/**
- * kit_spawn_sync:
- * @working_directory: Working directory for child or #NULL to inherit parents
- * @flags: A combination of flags from #KitSpawnFlags
- * @argv: #NULL terminated argument vector
- * @envp: #NULL terminated environment or #NULL to inherit parents;
- * @stdinp: String to write to stdin of child or #NULL
- * @stdoutp: Return location for stdout from child or #NULL. Free with kit_free().
- * @stderrp: Return location for stderr from child or #NULL. Free with kit_free().
- * @out_exit_status: Return location for exit status
- *
- * Executes a child process and waits for the child process to exit
- * before returning. The exit status of the child is stored in
- * @out_exit_status as it would be returned by waitpid(); standard
- * UNIX macros such as WIFEXITED() and WEXITSTATUS() must be used to
- * evaluate the exit status.
- *
- * Returns: #TRUE if the child was executed; #FALSE if an error
- * occured and errno will be set.
- */
-kit_bool_t
-kit_spawn_sync (const char *working_directory,
- KitSpawnFlags flags,
- char **argv,
- char **envp,
- char *stdinp,
- char **stdoutp,
- char **stderrp,
- int *out_exit_status)
-{
- kit_bool_t ret;
- pid_t pid;
- int stdin_pipe[2] = {-1, -1};
- int stdout_pipe[2] = {-1, -1};
- int stderr_pipe[2] = {-1, -1};
-
- ret = FALSE;
- pid = -1;
-
- kit_return_val_if_fail (argv != NULL, FALSE);
- kit_return_val_if_fail (out_exit_status != NULL, FALSE);
- kit_return_val_if_fail (! ((flags & KIT_SPAWN_CHILD_INHERITS_STDIN) && stdinp != NULL), FALSE);
- kit_return_val_if_fail (! ((flags & KIT_SPAWN_STDOUT_TO_DEV_NULL) && stdoutp != NULL), FALSE);
- kit_return_val_if_fail (! ((flags & KIT_SPAWN_STDERR_TO_DEV_NULL) && stderrp != NULL), FALSE);
-
- if (stdoutp != NULL)
- *stdoutp = NULL;
- if (stderrp != NULL)
- *stderrp = NULL;
-
- if (stdinp != NULL) {
- if (pipe (stdin_pipe) != 0) {
- goto out;
- }
- }
-
- if (stdoutp != NULL) {
- if (pipe (stdout_pipe) != 0) {
- goto out;
- }
- }
-
- if (stderrp != NULL) {
- if (pipe (stderr_pipe) != 0) {
- goto out;
- }
- }
-
- pid = fork ();
- if (pid == -1) {
- goto out;
- }
-
- if (pid == 0) {
- int fd_null = -1;
-
- /* child */
-
- if ( (!(flags & KIT_SPAWN_CHILD_INHERITS_STDIN)) ||
- (flags & KIT_SPAWN_STDOUT_TO_DEV_NULL) ||
- (flags & KIT_SPAWN_STDERR_TO_DEV_NULL)) {
- fd_null = open ("/dev/null", O_RDONLY);
- if (fd_null < 0) {
- exit (128 + errno);
- }
- }
-
- signal (SIGPIPE, SIG_DFL);
-
- /* close unused ends */
- if (stdin_pipe[1] != -1) {
- close (stdin_pipe[1]);
- }
- if (stdout_pipe[0] != -1) {
- close (stdout_pipe[0]);
- }
- if (stderr_pipe[0] != -1) {
- close (stderr_pipe[0]);
- }
-
- /* close all open file descriptors of child except stdin, stdout, stderr */
- _fdwalk (set_close_on_exec, (void *) 3);
-
- /* change working directory */
- if (working_directory != NULL) {
- if (chdir (working_directory) != 0) {
- exit (128 + errno);
- }
- }
-
- /* set stdinp, stdoutp and stderrp */
-
- if (stdinp != NULL) {
- if (_sane_dup2 (stdin_pipe[0], 0) < 0) {
- exit (128 + errno);
- }
- } else if (! (flags & KIT_SPAWN_CHILD_INHERITS_STDIN)) {
- if (_sane_dup2 (fd_null, 0) < 0) {
- exit (128 + errno);
- }
- }
-
- if (stdoutp != NULL) {
- if (_sane_dup2 (stdout_pipe[1], 1) < 0) {
- exit (128 + errno);
- }
- } else if (flags & KIT_SPAWN_STDOUT_TO_DEV_NULL) {
- if (_sane_dup2 (fd_null, 1) < 0) {
- exit (128 + errno);
- }
- }
-
- if (stderrp != NULL) {
- if (_sane_dup2 (stderr_pipe[1], 2) < 0) {
- exit (128 + errno);
- }
- } else if (flags & KIT_SPAWN_STDERR_TO_DEV_NULL) {
- if (_sane_dup2 (fd_null, 2) < 0) {
- exit (128 + errno);
- }
- }
-
- if (fd_null != -1)
- close (fd_null);
-
- /* finally, execute the child */
- if (envp != NULL) {
- if (execve (argv[0], argv, envp) == -1) {
- exit (128 + errno);
- }
- } else {
- if (execv (argv[0], argv) == -1) {
- exit (128 + errno);
- }
- }
-
- } else {
- char *wp;
-
- /* parent */
-
- /* closed unused ends */
- if (stdin_pipe[0] != -1) {
- close (stdin_pipe[0]);
- }
- if (stdout_pipe[1] != -1) {
- close (stdout_pipe[1]);
- }
- if (stderr_pipe[1] != -1) {
- close (stderr_pipe[1]);
- }
-
- wp = stdinp;
-
- while (stdin_pipe[1] != -1 || stdout_pipe[0] != -1 || stderr_pipe[0] != -1) {
- int ret;
- ssize_t num_read;
- ssize_t num_written;
- int max;
- fd_set read_fds;
- fd_set write_fds;
-
- FD_ZERO (&read_fds);
- FD_ZERO (&write_fds);
- if (stdin_pipe[1] != -1) {
- FD_SET (stdin_pipe[1], &write_fds);
- }
- if (stdout_pipe[0] != -1) {
- FD_SET (stdout_pipe[0], &read_fds);
- }
- if (stderr_pipe[0] != -1) {
- FD_SET (stderr_pipe[0], &read_fds);
- }
-
- max = stdin_pipe[1];
- if (stdout_pipe[0] > max)
- max = stdout_pipe[0];
- if (stderr_pipe[0] > max)
- max = stderr_pipe[0];
-
- ret = select (max + 1,
- &read_fds,
- &write_fds,
- NULL,
- NULL);
-
- if (ret < 0 && errno != EINTR) {
- goto out;
- }
-
- if (stdin_pipe[1] != -1) {
- num_written = _write_to (stdin_pipe[1], wp);
-
- if (num_written == -1) {
- goto out;
- }
-
- wp += num_written;
- if (*wp == '\0') {
- close (stdin_pipe[1]);
- stdin_pipe[1] = -1;
- }
- }
-
- if (stdout_pipe[0] != -1) {
- num_read = _read_from (stdout_pipe[0], stdoutp);
- if (num_read == 0) {
- close (stdout_pipe[0]);
- stdout_pipe[0] = -1;
- } else if (num_read == -1) {
- goto out;
- }
- }
-
- if (stderr_pipe[0] != -1) {
- num_read = _read_from (stderr_pipe[0], stderrp);
- if (num_read == 0) {
- close (stderr_pipe[0]);
- stderr_pipe[0] = -1;
- } else if (num_read == -1) {
- goto out;
- }
- }
- }
-
- if (waitpid (pid, out_exit_status, 0) == -1) {
- goto out;
- }
- pid = -1;
- }
-
- //kit_debug ("exit %d", WEXITSTATUS (*out_exit_status));
-
- if (WEXITSTATUS (*out_exit_status) < 128) {
- ret = TRUE;
- } else {
- ret = FALSE;
- errno = WEXITSTATUS (*out_exit_status) - 128;
- }
-
-out:
- if (pid != -1) {
- kill (pid, SIGKILL);
- waitpid (pid, out_exit_status, 0);
- }
-
- if (stdin_pipe[1] != -1)
- close (stdin_pipe[1]);
- if (stdout_pipe[0] != -1)
- close (stdout_pipe[0]);
- if (stderr_pipe[0] != -1)
- close (stderr_pipe[0]);
-
- if (!ret) {
- if (stdoutp != NULL) {
- kit_free (*stdoutp);
- *stdoutp = NULL;
- }
- if (stderrp != NULL) {
- kit_free (*stderrp);
- *stderrp = NULL;
- }
- }
-
- return ret;
-
-}
-
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_run_test (void)
-{
- char path[] = "/tmp/kit-spawn-test";
- char *script1 =
- "#!/bin/sh" "\n"
- "echo \"Hello World\"" "\n"
- "echo \"Goodbye World\" 1>&2" "\n"
- "exit 42" "\n";
- char *script2 =
- "#!/bin/sh" "\n"
- "exit 43" "\n";
- char *script3 =
- "#!/bin/sh" "\n"
- "echo -n \"$KIT_TEST_VAR\"" "\n"
- "exit 0" "\n";
- char *script4 =
- "#!/bin/sh" "\n"
- "if [ \"x$KIT_TEST_VAR\" = \"x\" ] ; then" "\n"
- " exit 0" "\n"
- "fi" "\n"
- "exit 1" "\n";
- char *script4b =
- "#!/bin/sh" "\n"
- "/bin/env > /tmp/food2" "\n"
- "if [ \"x$KIT_TEST_VAR\" = \"xfoobar2\" ] ; then" "\n"
- " exit 0" "\n"
- "fi" "\n"
- "exit 1" "\n";
- char *script5 =
- "#!/bin/sh" "\n"
- "pwd" "\n"
- "exit 0" "\n";
- char *script6 =
- "#!/bin/sh" "\n"
- "read value" "\n"
- "echo -n \"$value\"" "\n"
- "echo -n \" \"" "\n"
- "read value" "\n"
- "echo -n \"$value\"" "\n"
- "exit 0" "\n";
- char *argv[] = {"/tmp/kit-spawn-test", NULL};
- char *stdoutp;
- char *stderrp;
- int exit_status;
- struct stat statbuf;
-
- /* script echoing to stdout and stderr */
- if (kit_file_set_contents (path, 0700, script1, strlen (script1))) {
- if (kit_spawn_sync ("/",
- 0,
- argv,
- NULL,
- NULL,
- &stdoutp,
- &stderrp,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 42);
- kit_assert (stdoutp != NULL && strcmp (stdoutp, "Hello World\n") == 0);
- kit_assert (stderrp != NULL && strcmp (stderrp, "Goodbye World\n") == 0);
- kit_free (stdoutp);
- kit_free (stderrp);
- }
-
- if (kit_spawn_sync ("/",
- 0,
- argv,
- NULL,
- NULL,
- NULL,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 42);
- }
-
- kit_assert (unlink (path) == 0);
- }
-
- /* silent script */
- if (kit_file_set_contents (path, 0700, script2, strlen (script2))) {
- if (kit_spawn_sync ("/",
- 0,
- argv,
- NULL,
- NULL,
- &stdoutp,
- &stderrp,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 43);
- kit_assert (stdoutp == NULL);
- kit_assert (stderrp == NULL);
- }
-
- kit_assert (unlink (path) == 0);
- }
-
- /* check environment is set */
- if (kit_file_set_contents (path, 0700, script3, strlen (script3))) {
- char *envp[] = {"KIT_TEST_VAR=some_value", NULL};
-
- if (kit_spawn_sync ("/",
- 0,
- argv,
- envp,
- NULL,
- &stdoutp,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 0);
- kit_assert (stdoutp != NULL && strcmp (stdoutp, "some_value") == 0);
- kit_free (stdoutp);
- }
-
- kit_assert (unlink (path) == 0);
- }
-
- /* check environment is replaced */
- if (kit_file_set_contents (path, 0700, script4, strlen (script4))) {
- char *envp[] = {NULL};
-
- kit_assert (setenv ("KIT_TEST_VAR", "foobar", 1) == 0);
-
- if (kit_spawn_sync ("/",
- 0,
- argv,
- envp,
- NULL,
- NULL,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 0);
- }
-
- kit_assert (unlink (path) == 0);
- kit_assert (unsetenv ("KIT_TEST_VAR") == 0);
- }
-
- /* check environment is inherited */
- if (kit_file_set_contents (path, 0700, script4b, strlen (script4b))) {
-
- kit_assert (setenv ("KIT_TEST_VAR", "foobar2", 1) == 0);
-
- if (kit_spawn_sync ("/",
- 0,
- argv,
- NULL,
- NULL,
- NULL,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 0);
- }
-
- kit_assert (unlink (path) == 0);
- kit_assert (unsetenv ("KIT_TEST_VAR") == 0);
- }
-
- /* check working directory */
- if (kit_file_set_contents (path, 0700, script5, strlen (script5))) {
- kit_assert (stat ("/tmp", &statbuf) == 0 && S_ISDIR (statbuf.st_mode));
- if (kit_spawn_sync ("/tmp",
- 0,
- argv,
- NULL,
- NULL,
- &stdoutp,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 0);
- kit_assert (stdoutp != NULL && strcmp (stdoutp, "/tmp\n") == 0);
- kit_free (stdoutp);
- }
-
- kit_assert (stat ("/usr", &statbuf) == 0 && S_ISDIR (statbuf.st_mode));
- if (kit_spawn_sync ("/usr",
- 0,
- argv,
- NULL,
- NULL,
- &stdoutp,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 0);
- kit_assert (stdoutp != NULL && strcmp (stdoutp, "/usr\n") == 0);
- kit_free (stdoutp);
- }
-
- kit_assert (unlink (path) == 0);
- }
-
- /* check bogus working directory */
- kit_assert (stat ("/org/freedesktop/PolicyKit/bogus-fs-path", &statbuf) != 0);
- kit_assert (kit_spawn_sync ("/org/freedesktop/PolicyKit/bogus-fs-path",
- 0,
- argv,
- NULL,
- NULL,
- NULL,
- NULL,
- &exit_status) == FALSE &&
- (errno == ENOENT || errno == ENOMEM));
-
- /* check for writing to stdin */
- if (kit_file_set_contents (path, 0700, script6, strlen (script6))) {
- if (kit_spawn_sync (NULL,
- 0,
- argv,
- NULL,
- "foobar0\nfoobar1",
- &stdoutp,
- NULL,
- &exit_status)) {
- kit_assert (WEXITSTATUS (exit_status) == 0);
- kit_assert (stdoutp != NULL && strcmp (stdoutp, "foobar0 foobar1") == 0);
- kit_free (stdoutp);
- }
-
- kit_assert (unlink (path) == 0);
- }
-
- return TRUE;
-}
-
-KitTest _test_spawn = {
- "kit_spawn",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-spawn.h b/src/kit/kit-spawn.h
deleted file mode 100644
index 6f40dd9..0000000
--- a/src/kit/kit-spawn.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-spawn.h : Spawn utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_SPAWN_H
-#define KIT_SPAWN_H
-
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-/**
- * KitSpawnFlags:
- * @KIT_SPAWN_CHILD_INHERITS_STDIN: If not set, child's stdin will be attached to <literal>/dev/null</literal>
- * @KIT_SPAWN_STDOUT_TO_DEV_NULL: If set childs output will be sent to <literal>/dev/null</literal>
- * @KIT_SPAWN_STDERR_TO_DEV_NULL: If set childs error output will be sent to <literal>/dev/null</literal>
- *
- * Flags passed to kit_spawn_sync().
- */
-typedef enum {
- KIT_SPAWN_CHILD_INHERITS_STDIN = 1 << 0,
- KIT_SPAWN_STDOUT_TO_DEV_NULL = 1 << 1,
- KIT_SPAWN_STDERR_TO_DEV_NULL = 1 << 2,
-} KitSpawnFlags;
-
-
-kit_bool_t kit_spawn_sync (const char *working_directory,
- KitSpawnFlags flags,
- char **argv,
- char **envp,
- char *stdinp,
- char **stdoutp,
- char **stderrp,
- int *out_exit_status);
-
-KIT_END_DECLS
-
-#endif /* KIT_SPAWN_H */
-
-
diff --git a/src/kit/kit-string.c b/src/kit/kit-string.c
deleted file mode 100644
index 13a563d..0000000
--- a/src/kit/kit-string.c
+++ /dev/null
@@ -1,1204 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-string.c : String utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-#include <kit/kit.h>
-#include "kit-test.h"
-
-
-/**
- * SECTION:kit-string
- * @title: String utilities
- * @short_description: String utilities
- *
- * Various string utilities.
- **/
-
-#ifdef KIT_BUILD_TESTS
-
-/**
- * kit_strdup:
- * @s: string
- *
- * Duplicate a string. Similar to strdup(3).
- *
- * Returns: Allocated memory or #NULL on OOM. Free with kit_free().
- */
-char *
-kit_strdup (const char *s)
-{
- char *p;
- size_t len;
-
- len = strlen (s);
-
- p = kit_malloc (len + 1);
- if (p == NULL)
- goto out;
-
- memcpy (p, s, len);
- p[len] = '\0';
-
-out:
- return p;
-}
-
-/**
- * kit_strndup:
- * @s: string
- * @n: size
- *
- * Duplicate a string but copy at most @n characters. If @s is longer
- * than @n, only @n characters are copied, and a terminating null byte
- * is added. Similar to strndup(3).
- *
- * Returns: Allocated memory or #NULL on OOM. Free with kit_free().
- */
-char *
-kit_strndup (const char *s, size_t n)
-{
- char *p;
- size_t len;
-
- for (len = 0; len < n; len++) {
- if (s[len] == '\0')
- break;
- }
-
-
- p = kit_malloc (len + 1);
- if (p == NULL)
- goto out;
-
- memcpy (p, s, len);
- p[len] = '\0';
-out:
- return p;
-}
-
-#else
-
-#ifndef HAVE_STRNDUP
-static char
-*strndup ( const char *s, size_t n)
-{
- size_t nAvail;
- char *p;
-
- if ( !s )
- return NULL;
-
- if ( strlen(s) > n )
- nAvail = n + 1;
- else
- nAvail = strlen(s) + 1;
- p = malloc ( nAvail );
- memcpy ( p, s, nAvail );
- p[nAvail - 1] = '\0';
-
- return p;
-}
-#endif
-
-char *
-kit_strdup (const char *s)
-{
- return strdup (s);
-}
-
-char *
-kit_strndup (const char *s, size_t n)
-{
- return strndup (s, n);
-}
-
-#endif /* KIT_BUILD_TESTS */
-
-#ifdef HAVE_SOLARIS
-int vasprintf(char **strp, const char *fmt, va_list ap)
-{
- int size;
- va_list ap2;
- char s;
-
- *strp = NULL;
- va_copy(ap2, ap);
- size = vsnprintf(&s, 1, fmt, ap2);
- va_end(ap2);
- *strp = malloc(size + 1);
- if (!*strp)
- return -1;
- vsnprintf(*strp, size + 1, fmt, ap);
-
- return size;
-}
-#endif
-
-/**
- * kit_strdup_printf:
- * @format: sprintf(3) format string
- * @...: the parameters to insert into the format string.
- *
- * Similar to the standard C sprintf(3) function but safer, since it
- * calculates the maximum space required and allocates memory to hold
- * the result. The returned string should be freed when no longer
- * needed.
- *
- * Returns: A newly allocated string or #NULL on OOM. Free with kit_free().
- */
-char*
-kit_strdup_printf (const char *format, ...)
-{
- char *s;
- va_list args;
-
- va_start (args, format);
- s = kit_strdup_vprintf (format, args);
- va_end (args);
-
- return s;
-}
-
-/**
- * kit_strdup_vprintf:
- * @format: printf(3) format string
- * @args: list of parameters to insert
- *
- * Similar to the standard C vsprintf(3) function but safer, since it
- * calculates the maximum space required and allocates memory to hold
- * the result. The returned string should be freed when no longer
- * needed.
- *
- * Returns: A newly allocated string or #NULL on OOM. Free with kit_free().
- */
-char*
-kit_strdup_vprintf (const char *format, va_list args)
-{
- char *s;
-
-#ifdef KIT_BUILD_TESTS
- char *p;
- vasprintf (&p, format, args);
- s = kit_strdup (p);
- free (p);
-#else
- if (vasprintf (&s, format, args) == -1) {
- s = NULL;
- }
-#endif
- return s;
-}
-
-
-/**
- * kit_str_has_prefix:
- * @s: string to check
- * @prefix: prefix to check for
- *
- * Determines if a string has a given prefix.
- *
- * Returns: #TRUE only if @s starts with @prefix
- */
-kit_bool_t
-kit_str_has_prefix (const char *s, const char *prefix)
-{
- size_t s_len;
- size_t prefix_len;
-
- kit_return_val_if_fail (s != NULL, FALSE);
- kit_return_val_if_fail (prefix != NULL, FALSE);
-
- s_len = strlen (s);
- prefix_len = strlen (prefix);
- if (prefix_len > s_len)
- return FALSE;
-
- return strncmp (s, prefix, prefix_len) == 0;
-}
-
-/**
- * kit_str_has_suffix:
- * @s: string to check
- * @suffix: suffix to check for
- *
- * Determines if a string has a given suffix.
- *
- * Returns: #TRUE only if @s ends with @suffix
- */
-kit_bool_t
-kit_str_has_suffix (const char *s, const char *suffix)
-{
- size_t s_len;
- size_t suffix_len;
-
- kit_return_val_if_fail (s != NULL, FALSE);
- kit_return_val_if_fail (suffix != NULL, FALSE);
-
- s_len = strlen (s);
- suffix_len = strlen (suffix);
- if (suffix_len > s_len)
- return FALSE;
-
- return strncmp (s + s_len - suffix_len, suffix, suffix_len) == 0;
-}
-
-/**
- * kit_strsplit:
- * @s: string to split
- * @delim: delimiter used for splitting
- * @num_tokens: return location for number of elements or #NULL
- *
- * Split a given string into components given a delimiter.
- *
- * Returns: A #NULL terminated array of strings. Free with kit_strfreev(). Returns #NULL on OOM.
- */
-char **
-kit_strsplit (const char *s, char delim, size_t *num_tokens)
-{
- int n;
- int m;
- int num;
- char **result;
-
- kit_return_val_if_fail (s != NULL, NULL);
-
- result = NULL;
-
- num = 0;
- for (n = 0; s[n] != '\0'; n++) {
- if (s[n] == delim) {
- num++;
- }
- }
- num++;
-
- result = kit_new0 (char*, num + 1);
- if (result == NULL)
- goto oom;
-
- m = 0;
- for (n = 0; n < num; n++) {
- int begin;
-
- begin = m;
-
- while (s[m] != delim && s[m] != '\0') {
- m++;
- }
-
- result[n] = kit_strndup (s + begin, m - begin);
- if (result[n] == NULL)
- goto oom;
-
- m++;
- }
- result[n] = NULL;
-
- if (num_tokens != NULL)
- *num_tokens = num;
-
- return result;
-oom:
- kit_strfreev (result);
- return NULL;
-}
-
-/**
- * kit_strfreev:
- * @str_array: string array
- *
- * Free a #NULL terminated string array.
- */
-void
-kit_strfreev (char **str_array)
-{
- int n;
-
- if (str_array == NULL)
- return;
-
- for (n = 0; str_array[n] != NULL; n++)
- kit_free (str_array[n]);
-
- kit_free (str_array);
-}
-
-/**
- * kit_strv_length:
- * @str_array: string array
- *
- * Compute number of elements in a #NULL terminated string array.
- *
- * Returns: Number of elements not including the terminating #NULL
- */
-size_t
-kit_strv_length (char **str_array)
-{
- int n;
-
- kit_return_val_if_fail (str_array != NULL, 0);
-
- for (n = 0; str_array[n] != NULL; n++)
- ;
-
- return n;
-}
-
-/**
- * kit_str_append:
- * @s: either %NULL or a string previously allocated on the heap
- * @s2: string to append
- *
- * Append a string to an existing string.
- *
- * Returns: %NULL on OOM or the new string; possibly at the same
- * location as @s.
- */
-char *
-kit_str_append (char *s, const char *s2)
-{
- char *p;
- size_t s_len;
- size_t s2_len;
-
- kit_return_val_if_fail (s2 != NULL, NULL);
-
- if (s != NULL)
- s_len = strlen (s);
- else
- s_len = 0;
- s2_len = strlen (s2);
- p = (char *) kit_realloc ((void *) s, s_len + s2_len + 1);
- if (p == NULL)
- goto oom;
- s = p;
- memcpy ((void *) (s + s_len), s2, s2_len);
- s[s_len + s2_len] = '\0';
-
- return s;
-oom:
- return NULL;
-}
-
-static kit_bool_t
-_is_reserved (char c)
-{
- unsigned int n;
- char reserved[] = " !*'();:@&=+$,/?%#[]\n\r\t";
-
- for (n = 0; n < sizeof (reserved); n++) {
- if (reserved[n] == c)
- return TRUE;
- }
-
- return FALSE;
-}
-
-static char
-_to_hex (unsigned int nibble)
-{
- if (nibble < 10)
- return nibble + '0';
- else
- return nibble - 10 + 'A';
-}
-
-/**
- * kit_string_percent_encode:
- * @buf: return location for output
- * @buf_size: size of buffer
- * @s: string to encode
- *
- * Percent encodes a string; each occurence of an ASCII characters in
- * the set <literal>" !*'();:@&=+$,/?%#[]\n\r\t"</literal> will be
- * replaced by a three character sequence started by the percent sign
- * "%" and then the hexidecimal representation of the ASCII character
- * in question.
- *
- * Returns: This function do not write more than @buf_size bytes
- * (including the trailing zero). If the output was truncated due to
- * this limit then the return value is the number of characters (not
- * including the trailing zero) which would have been written to the
- * final string if enough space had been available. Thus, a return
- * value of @buf_size or more means that the output was truncated.
- */
-size_t
-kit_string_percent_encode (char *buf, size_t buf_size, const char *s)
-{
- size_t len;
- unsigned int n;
- unsigned int m;
-
- kit_return_val_if_fail (buf != NULL, 0);
- kit_return_val_if_fail (s != NULL, 0);
-
- len = strlen (s);
-
- for (n = 0, m = 0; n < len; n++) {
- int c = s[n];
-
- if (_is_reserved (c)) {
- if (m < buf_size)
- buf[m] = '%';
- m++;
- if (m < buf_size)
- buf[m] = _to_hex (c >> 4);
- m++;
- if (m < buf_size)
- buf[m] = _to_hex (c & 0x0f);
- m++;
- } else {
- if (m < buf_size)
- buf[m] = c;
- m++;
- }
- }
- if (m < buf_size)
- buf[m] = '\0';
-
- return m;
-}
-
-/**
- * kit_string_percent_decode:
- * @s: string to modify in place
- *
- * Percent-decodes a string in place. See kit_string_percent_encode()
- * for details on the encoding format.
- *
- * Returns: %FALSE if string is not properly encoded (and errno will be set to EINVAL)
- */
-kit_bool_t
-kit_string_percent_decode (char *s)
-{
- kit_bool_t ret;
- unsigned int n;
- unsigned int m;
- size_t len;
-
- kit_return_val_if_fail (s != NULL, FALSE);
-
- ret = FALSE;
-
- len = strlen (s);
-
- for (n = 0, m = 0; n < len; n++) {
- int c = s[n];
-
- if (c != '%') {
- if (_is_reserved (c)) {
- errno = EINVAL;
- goto out;
- }
- s[m++] = s[n];
- } else {
- int nibble1;
- int nibble2;
-
- if (n + 2 >= len) {
- errno = EINVAL;
- goto out;
- }
-
- nibble1 = s[n + 1];
- nibble2 = s[n + 2];
- n += 2;
-
- if (nibble1 >= '0' && nibble1 <= '9') {
- nibble1 -= '0';
- } else if (nibble1 >= 'A' && nibble1 <= 'F') {
- nibble1 -= 'A' - 10;
- } else {
- errno = EINVAL;
- goto out;
- }
-
- if (nibble2 >= '0' && nibble2 <= '9') {
- nibble2 -= '0';
- } else if (nibble2 >= 'A' && nibble2 <= 'F') {
- nibble2 -= 'A' - 10;
- } else {
- errno = EINVAL;
- goto out;
- }
-
- s[m++] = (nibble1 << 4) | nibble2;
- }
- }
- s[m] = '\0';
-
- ret = TRUE;
-out:
- return ret;
-}
-
-
-/**
- * kit_string_entry_parse:
- * @entry: line to parse
- * @func: callback function
- * @user_data: user data to pass to @func
- *
- * Parse a line of the form
- * <literal>key1=val1:key2=val2:key3=val3</literal>.
- *
- * The given @entry is said not to be wellformed if a) it doesn't
- * follow this structure (for example
- * <literal>key1=val1:key2:key3=val3</literal> is not well-formed
- * because it's missing the '=' character) or the extracted key and
- * value strings are not properly percent encoded.
- *
- * Both the key and value values are run through the
- * kit_string_percent_decode() function prior to being passed to
- * @func. Normally this function is used to decode strings produced
- * with kit_string_entry_create().
- *
- * Returns: %TRUE if the line is wellformed and the callback didn't
- * short-circuit the iteration. Returns %FALSE on OOM (and errno will
- * be set to ENOMEM) or if @entry is not wellformed (and errno will
- * be set to EINVAL).
- */
-kit_bool_t
-kit_string_entry_parse (const char *entry, KitStringEntryParseFunc func, void *user_data)
-{
- unsigned int n;
- kit_bool_t ret;
- char **tokens;
- size_t num_tokens;
-
- kit_return_val_if_fail (entry != NULL, FALSE);
- kit_return_val_if_fail (func != NULL, FALSE);
-
- ret = FALSE;
- tokens = NULL;
-
- tokens = kit_strsplit (entry, ':', &num_tokens);
- if (tokens == NULL) {
- errno = ENOMEM;
- goto out;
- }
-
- for (n = 0; n < num_tokens; n++) {
- char *token;
- char *p;
-
- token = tokens[n];
-
- p = strchr (token, '=');
- if (p == NULL) {
- errno = EINVAL;
- goto out;
- }
-
- token [p - token] = '\0';
-
- p++;
-
- if (!kit_string_percent_decode (token))
- goto out;
-
- if (!kit_string_percent_decode (p))
- goto out;
-
- if (!func (token, p, user_data)) {
- goto out;
- }
- }
-
- ret = TRUE;
-
-out:
- if (tokens != NULL)
- kit_strfreev (tokens);
- return ret;
-}
-
-/**
- * kit_string_entry_createv:
- * @buf: return location for output
- * @buf_size: size of buffer
- * @kv_pairs: %NULL terminated array of key/value pairs.
- *
- * Takes an array of key/value pairs and generates a string
- * <literal>"k1=v1:k2=v2:...:k_n=v_n"</literal> where
- * <literal>k_i</literal> and <literal>v_i</literal> are percent
- * encoded representations of the given key/value pairs.
- *
- * The string can later be parsed with kit_string_entry_parse() to get
- * the exact same list of key/value pairs back.
- *
- * Returns: This function do not write more than @buf_size bytes
- * (including the trailing zero). If the output was truncated due to
- * this limit then the return value is the number of characters (not
- * including the trailing zero) which would have been written to the
- * final string if enough space had been available. Thus, a return
- * value of @buf_size or more means that the output was truncated.
- *
- * If an uneven number of strings are given, this function will return
- * zero and errno will be set to EINVAL.
- */
-size_t
-kit_string_entry_createv (char *buf, size_t buf_size, const char *kv_pairs[])
-{
- int n;
- unsigned int m;
-
- for (n = 0, m = 0; kv_pairs[n] != NULL; n+= 2) {
- const char *key;
- const char *value;
-
- if (kv_pairs[n + 1] == NULL) {
- m = 0;
- errno = EINVAL;
- goto out;
- }
-
- key = kv_pairs[n];
- value = kv_pairs[n + 1];
-
- if (n > 0) {
- if (m < buf_size)
- buf[m] = ':';
- m++;
- }
-
- m += kit_string_percent_encode (buf + m, buf_size - m > 0 ? buf_size - m : 0, key);
-
- if (m < buf_size)
- buf[m] = '=';
- m++;
-
- m += kit_string_percent_encode (buf + m, buf_size - m > 0 ? buf_size - m : 0, value);
- }
-
-out:
- if (m < buf_size)
- buf[m] = '\0';
-
- return m;
-}
-
-/**
- * kit_string_entry_create:
- * @buf: return location for output
- * @buf_size: size of buffer
- * @...: %NULL terminated array of key/value pairs.
- *
- * See kit_string_entry_create().
- *
- * Returns: See kit_string_entry_create(). Up to 64 pairs can be
- * passed; if there are more pairs, this function will return zero and
- * errno will be set to EOVERFLOW.
- */
-size_t
-kit_string_entry_create (char *buf, size_t buf_size, ...)
-{
- int n;
- va_list args;
- const char *val;
- const char *kv_pairs[64 * 2 + 1];
- size_t ret;
-
- /* TODO: get rid of the 64 limit... */
-
- ret = 0;
-
- n = 0;
- va_start (args, buf_size);
- while ((val = va_arg (args, const char *)) != NULL) {
- if (n == 64 * 2) {
- errno = EOVERFLOW;
- goto out;
- }
- kv_pairs[n++] = val;
- }
- va_end (args);
- kv_pairs[n] = NULL;
-
- ret = kit_string_entry_createv (buf, buf_size, kv_pairs);
-out:
- return ret;
-}
-
-/**
- * KitString:
- *
- * String buffer that grows automatically as text is added.
- */
-struct _KitString {
- char *buf;
- size_t cur_len;
- size_t buf_len;
-};
-
-/**
- * kit_string_free:
- * @s: the #KitString object
- * @free_segment: whether to free the string data itself
- * @out_segment_size: return location for size of string or %NULL
- *
- * Free resources used by a #KitString object
- *
- * Returns: If @free_segment is %TRUE, returns the segment (will
- * always be zero terminated), must be freed with kit_free(),
- * otherwise %NULL
- */
-char *
-kit_string_free (KitString *s, kit_bool_t free_segment, size_t *out_segment_size)
-{
- char *ret;
-
- kit_return_val_if_fail (s != NULL, NULL);
-
- if (out_segment_size != NULL) {
- *out_segment_size = s->cur_len;
- }
-
- if (free_segment) {
- kit_free (s->buf);
- ret = NULL;
- } else {
- ret = s->buf;
- }
- kit_free (s);
-
- return ret;
-}
-
-#define KIT_STRING_BLOCK_SIZE 256
-
-/**
- * kit_string_new:
- * @init: String to initialize with or %NULL
- * @len: Initial size of buffer; pass zero to use the default size
- *
- * Initialize a new #KitString object.
- *
- * Returns: The new object or %NULL on OOM
- */
-KitString *
-kit_string_new (const char *init, size_t len)
-{
- KitString *s;
-
- s = kit_new0 (KitString, 1);
- if (s == NULL)
- goto oom;
-
- if (len == 0)
- len = KIT_STRING_BLOCK_SIZE;
- s->buf_len = len;
-
- if (init == NULL) {
- s->buf = kit_new0 (char, s->buf_len);
- if (s->buf == NULL)
- goto oom;
- s->cur_len = 0;
- } else {
- size_t init_len;
-
- init_len = strlen (init);
- if (init_len + 1 > s->buf_len)
- s->buf_len = init_len + 1;
- s->buf = kit_new0 (char, s->buf_len);
- if (s->buf == NULL)
- goto oom;
- strncpy (s->buf, init, init_len);
- s->cur_len = init_len;
- }
-
- return s;
-oom:
- if (s != NULL)
- kit_string_free (s, TRUE, NULL);
- return NULL;
-}
-
-/**
- * kit_string_ensure_size:
- * @s: String object
- * @new_size: The size to check for.
- *
- * Ensure that the given #KitString object can hold at least @new_size
- * characters.
- *
- * Returns: %TRUE if the given #KitString object can hold at least
- * @new_size characters. %FALSE if OOM.
- */
-kit_bool_t
-kit_string_ensure_size (KitString *s, size_t new_size)
-{
- kit_return_val_if_fail (s != NULL, FALSE);
-
- if (new_size > s->buf_len - 1) {
- char *p;
- size_t grow_to;
-
- grow_to = ((new_size / KIT_STRING_BLOCK_SIZE) + 1) * KIT_STRING_BLOCK_SIZE;
-
- p = kit_realloc (s->buf, grow_to);
- if (p == NULL)
- goto oom;
- /* zero the new block we got */
- s->buf = p;
- memset (s->buf + s->buf_len, 0, grow_to - s->buf_len);
- s->buf_len = grow_to;
- }
-
- return TRUE;
-oom:
- return FALSE;
-}
-
-/**
- * kit_string_append_c:
- * @s: the #KitString object
- * @c: character to append
- *
- * Append a character to a #KitString object.
- *
- * Returns: %TRUE unless OOM
- */
-kit_bool_t
-kit_string_append_c (KitString *s, char c)
-{
- kit_return_val_if_fail (s != NULL, FALSE);
-
- if (!kit_string_ensure_size (s, s->cur_len + 1))
- goto oom;
-
- s->buf[s->cur_len] = c;
- s->cur_len += 1;
- return TRUE;
-oom:
- return FALSE;
-}
-
-/**
- * kit_string_append:
- * @s: the #KitString object
- * @str: string to append
- *
- * Append a string to a #KitString object.
- *
- * Returns: %TRUE unless OOM
- */
-kit_bool_t
-kit_string_append (KitString *s, const char *str)
-{
- size_t str_len;
-
- kit_return_val_if_fail (s != NULL, FALSE);
-
- str_len = strlen (str);
-
- if (!kit_string_ensure_size (s, s->cur_len + str_len))
- goto oom;
-
- strncpy (s->buf + s->cur_len, str, str_len);
- s->cur_len += str_len;
- return TRUE;
-oom:
- return FALSE;
-}
-
-
-#ifdef KIT_BUILD_TESTS
-
-static kit_bool_t
-_ep1 (const char *key, const char *value, void *user_data)
-{
- int *n = (int *) user_data;
-
- if (strcmp (key, "a") == 0 && strcmp (value, "aval") == 0)
- *n += 1;
- if (strcmp (key, "a") == 0 && strcmp (value, "aval2") == 0)
- *n += 1;
- if (strcmp (key, "b") == 0 && strcmp (value, "bval") == 0)
- *n += 1;
- if (strcmp (key, "c") == 0 && strcmp (value, "cval") == 0)
- *n += 1;
- if (strcmp (key, "some_other_key") == 0 && strcmp (value, "some_value") == 0)
- *n += 1;
- if (strcmp (key, "escaped;here:right=") == 0 && strcmp (value, "yes! it's ==:crazy!") == 0)
- *n += 1;
-
- return TRUE;
-}
-
-static kit_bool_t
-_ep2 (const char *key, const char *value, void *user_data)
-{
- int *n = (int *) user_data;
-
- if (strcmp (key, "b") == 0)
- return FALSE;
-
- *n += 1;
-
- return TRUE;
-}
-
-static kit_bool_t
-_run_test (void)
-{
- int num;
- char str[] = "Hello world";
- char *p;
- char *p2;
- char **tokens;
- size_t num_tokens;
- unsigned int n;
- char *bad_strings[] = {"bad:",
- "bad=",
- "bad%",
- "bad%1",
- "bad%xy",
- "bad%1x",
- "bad%Ax",
- "bad%2a"};
- char buf[256];
- KitString *s;
-
- if ((s = kit_string_new (NULL, 3)) != NULL) {
- for (n = 0; n < 8; n++) {
- if (!kit_string_append_c (s, 'd'))
- break;
- }
- p = kit_string_free (s, FALSE, NULL);
- if (n == 8) {
- kit_assert (strcmp ("dddddddd", p) == 0);
- }
- kit_free (p);
- }
-
- /* KitString always makes place for the terminating zero, hence allocate one more byte */
- if ((s = kit_string_new (NULL, 101)) != NULL) {
- size_t segment_size;
- for (n = 0; n < 100; n++) {
- kit_assert (kit_string_append_c (s, n));
- }
- p = kit_string_free (s, FALSE, &segment_size);
- kit_assert (segment_size == 100);
- for (n = 0; n < 100; n++) {
- kit_assert (p[n] == (char) n);
- }
- kit_assert (p[100] == 0);
- kit_free (p);
- }
-
- if ((s = kit_string_new (NULL, 0)) != NULL) {
- for (n = 0; n < 100; n++) {
- if (!kit_string_append (s, "foobar"))
- break;
- }
- p = kit_string_free (s, FALSE, NULL);
- if (n == 100) {
- kit_assert (strlen (p) == 600);
- for (n = 0; n < 100; n++) {
- kit_assert (strncmp ("foobar", p + n * 6, 6) == 0);
- }
- }
- kit_free (p);
- }
-
- if ((s = kit_string_new ("fooobar", 3)) != NULL) {
- p = kit_string_free (s, FALSE, NULL);
- kit_assert (strcmp ("fooobar", p) == 0);
- kit_free (p);
- }
-
- if ((s = kit_string_new ("fooobar2", 100)) != NULL) {
- p = kit_string_free (s, FALSE, NULL);
- kit_assert (strcmp ("fooobar2", p) == 0);
- kit_free (p);
- }
-
-
- kit_assert (kit_string_percent_encode (buf, sizeof (buf), "Hello World; Nice day!") < sizeof (buf));
- kit_assert (strcmp (buf, "Hello%20World%3B%20Nice%20day%21") == 0);
- kit_assert (kit_string_percent_decode (buf));
- kit_assert (strcmp (buf, "Hello World; Nice day!") == 0);
-
- for (n = 0; n < sizeof (bad_strings) / sizeof (char *); n++) {
- if ((p = kit_strdup (bad_strings[n])) != NULL) {
- kit_assert (!kit_string_percent_decode (p) && errno == EINVAL);
- kit_free (p);
- }
- }
-
- kit_assert (kit_string_entry_create (buf, sizeof (buf),
- "key1", "val1",
- "key2", "val2",
- "key3", "val3",
- NULL) < sizeof (buf) &&
- strcmp (buf, "key1=val1:key2=val2:key3=val3") == 0);
-
- kit_assert (kit_string_entry_create (buf, sizeof (buf),
- "key1;", "val1=val1x",
- "key2%", "val2!",
- NULL) < sizeof (buf) &&
- strcmp (buf, "key1%3B=val1%3Dval1x:key2%25=val2%21") == 0);
-
- kit_assert (kit_string_entry_create (buf, sizeof (buf),
- "key1", "val1",
- "key2", NULL) == 0 && errno == EINVAL);
-
- kit_assert (kit_string_entry_create (buf, 3,
- "key1", "val1",
- "key2", "val2", NULL) > 3);
-
- kit_assert (kit_string_entry_create (buf, sizeof (buf),
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "a","a","a","a","a","a","a","a","a","a","a","a","a","a","a","a",
- "b", "c", NULL) == 0 && errno == EOVERFLOW);
-
- kit_assert (!kit_string_entry_parse ("key=val:invalidkeyval:key2=val2", _ep1, &num) &&
- (errno == EINVAL || errno == ENOMEM));
- kit_assert (!kit_string_entry_parse ("key;=val:key2=val2", _ep1, &num) &&
- (errno == EINVAL || errno == ENOMEM));
- kit_assert (!kit_string_entry_parse ("key=val:key2=val2;", _ep1, &num) &&
- (errno == EINVAL || errno == ENOMEM));
-
- kit_assert (kit_string_entry_create (buf, sizeof (buf),
- "a", "aval",
- "a", "aval2",
- "b", "bval",
- "c", "cval",
- "some_other_key", "some_value",
- "escaped;here:right=", "yes! it's ==:crazy!",
- NULL) < sizeof (buf));
- num = 0;
- if (kit_string_entry_parse (buf, _ep1, &num)) {
- kit_assert (num == 6);
- } else {
- kit_assert (errno == ENOMEM);
- }
-
- num = 0;
- errno = 0;
- kit_assert (!kit_string_entry_parse ("a=0:b=1:c=2", _ep2, &num));
- if (num > 0)
- kit_assert (errno == 0);
- else
- kit_assert (errno == ENOMEM);
-
-
- if ((p = kit_strdup (str)) != NULL) {
- kit_assert (strcmp (p, "Hello world") == 0);
- kit_free (p);
- }
-
- if ((p = kit_strndup (str, 5)) != NULL) {
- kit_assert (strcmp (p, "Hello") == 0);
- kit_free (p);
- }
-
- if ((p = kit_strndup (str, 100)) != NULL) {
- kit_assert (strcmp (p, "Hello world") == 0);
- kit_free (p);
- }
-
- if ((p = kit_strdup_printf ("Hello %d", 5)) != NULL) {
- kit_assert (strcmp (p, "Hello 5") == 0);
- kit_free (p);
- }
-
- kit_assert ( kit_str_has_suffix ("12345", "45"));
- kit_assert ( kit_str_has_suffix ("12345", "12345"));
- kit_assert (!kit_str_has_suffix ("12345", "123456"));
-
- kit_assert ( kit_str_has_prefix ("12345", "12"));
- kit_assert ( kit_str_has_prefix ("12345", "12345"));
- kit_assert (!kit_str_has_prefix ("12345", "123456"));
-
- if ((tokens = kit_strsplit ("abc:012:xyz", ':', &num_tokens)) != NULL) {
- kit_assert (num_tokens == 3);
- kit_assert (kit_strv_length (tokens) == 3);
- kit_assert (strcmp (tokens[0], "abc") == 0);
- kit_assert (strcmp (tokens[1], "012") == 0);
- kit_assert (strcmp (tokens[2], "xyz") == 0);
- kit_strfreev (tokens);
- }
-
- if ((tokens = kit_strsplit ("abc012xyz", ':', &num_tokens)) != NULL) {
- kit_assert (num_tokens == 1);
- kit_assert (kit_strv_length (tokens) == 1);
- kit_assert (strcmp (tokens[0], "abc012xyz") == 0);
- kit_strfreev (tokens);
- }
-
- if ((tokens = kit_strsplit ("", ':', &num_tokens)) != NULL) {
- kit_assert (num_tokens == 1);
- kit_assert (kit_strv_length (tokens) == 1);
- kit_assert (strcmp (tokens[0], "") == 0);
- kit_strfreev (tokens);
- }
-
- if ((p = kit_strdup ("foobar")) != NULL) {
- if ((p2 = kit_str_append (p, "_cool")) != NULL) {
- p = p2;
-
- kit_assert (strcmp (p, "foobar_cool") == 0);
- }
-
- kit_free (p);
- }
-
- if ((p = kit_str_append (NULL, "baz")) != NULL) {
- kit_assert (strcmp (p, "baz") == 0);
- kit_free (p);
- }
-
- return TRUE;
-}
-
-KitTest _test_string = {
- "kit_string",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* KIT_BUILD_TESTS */
diff --git a/src/kit/kit-string.h b/src/kit/kit-string.h
deleted file mode 100644
index 3f58e21..0000000
--- a/src/kit/kit-string.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-string.h : String utilities
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_STRING_H
-#define KIT_STRING_H
-
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-char *kit_strdup (const char *s);
-char *kit_strndup (const char *s, size_t n);
-#ifdef __sun
-char *kit_strdup_printf (const char *format, ...);
-#else
-char *kit_strdup_printf (const char *format, ...) __attribute__((__format__ (__printf__, 1, 2)));
-#endif
-char *kit_strdup_vprintf (const char *format, va_list args);
-char *kit_str_append (char *s, const char *s2);
-
-kit_bool_t kit_str_has_prefix (const char *s, const char *prefix);
-kit_bool_t kit_str_has_suffix (const char *s, const char *suffix);
-
-char **kit_strsplit (const char *s, char delim, size_t *num_tokens);
-
-void kit_strfreev (char **str_array);
-size_t kit_strv_length (char **str_array);
-
-/**
- * KitStringEntryParseFunc:
- * @key: key of one of the entries
- * @value: value of one of the entries
- * @user_data: user data passed to kit_string_entry_parse()
- *
- * Type of callback function to use in kit_string_entry_parse()
- *
- * Returns: If %FALSE is returned the parsing will be aborted and
- * kit_string_entry_parse() will return FALSE.
- */
-typedef kit_bool_t (*KitStringEntryParseFunc) (const char *key, const char *value, void *user_data);
-
-kit_bool_t kit_string_entry_parse (const char *entry, KitStringEntryParseFunc func, void *user_data);
-
-kit_bool_t kit_string_percent_decode (char *s);
-size_t kit_string_percent_encode (char *buf, size_t buf_size, const char *s);
-
-size_t kit_string_entry_create (char *buf, size_t buf_size, ...);
-size_t kit_string_entry_createv (char *buf, size_t buf_size, const char *kv_pairs[]);
-
-
-struct _KitString;
-typedef struct _KitString KitString;
-
-KitString *kit_string_new (const char *init, size_t len);
-char *kit_string_free (KitString *s, kit_bool_t free_segment, size_t *out_segment_size);
-kit_bool_t kit_string_ensure_size (KitString *s, size_t new_size);
-kit_bool_t kit_string_append_c (KitString *s, char c);
-kit_bool_t kit_string_append (KitString *s, const char *str);
-
-KIT_END_DECLS
-
-#endif /* KIT_STRING_H */
-
-
diff --git a/src/kit/kit-test-main.c b/src/kit/kit-test-main.c
deleted file mode 100644
index ccdcf79..0000000
--- a/src/kit/kit-test-main.c
+++ /dev/null
@@ -1,52 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-test-main.c : Run test suites for libkit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <kit/kit-test.h>
-
-static KitTest *tests[] = {
- &_test_message,
- &_test_memory,
- &_test_string,
- &_test_list,
- &_test_hash,
- &_test_file,
- &_test_spawn,
- &_test_entity,
-};
-
-int
-main (int argc, char *argv[])
-{
- if (kit_test_run (tests, sizeof (tests) / sizeof (KitTest*)))
- return 0;
- else
- return 1;
-}
diff --git a/src/kit/kit-test.c b/src/kit/kit-test.c
deleted file mode 100644
index 3f8718f..0000000
--- a/src/kit/kit-test.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-test.c : PolicyKit test
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#ifdef HAVE_SOLARIS
-#include <sys/types.h>
-#endif
-#include <kit/kit-test.h>
-#include <kit/kit-memory.h>
-
-/**
- * SECTION:kit-test
- * @title: Unit testing
- * @short_description: Unit testing
- *
- * Functions used for unit testing.
- */
-
-/**
- * kit_test_run:
- * @tests: array of #KitTest objects
- * @num_tests: size of @tests array
- *
- * Runs a number of tests simulating Out Of Memory. Checks for both
- * memory and file descriptor leaks.
- *
- * This function is only available if libkit have been built with
- * KIT_BUILD_TESTS.
- *
- * Returns: %TRUE only if all tests succeed without memory or file descriptor leaks
- */
-kit_bool_t
-kit_test_run (KitTest **tests, size_t num_tests)
-{
- kit_bool_t ret;
- unsigned int n;
-
- /* be optimistic! */
- ret = TRUE;
-
- printf ("Running %d unit tests\n", num_tests);
- for (n = 0; n < num_tests; n++) {
- int m;
- int total_allocs;
- int delta;
- int num_fd;
- int num_fd_after;
- KitTest *test = tests[n];
-
- _kit_memory_reset ();
-
- if (test->setup != NULL)
- test->setup ();
-
- num_fd = _kit_get_num_fd ();
- printf ("Running: %s\n", test->name);
- if (!test->run ()) {
- printf ("Failed\n");
- ret = FALSE;
- goto test_done;
- }
- num_fd_after = _kit_get_num_fd ();
-
- total_allocs = _kit_memory_get_total_allocations ();
- printf (" Unit test made %d allocations in total\n", total_allocs);
-
- delta = _kit_memory_get_current_allocations ();
- if (delta != 0) {
- printf (" Unit test leaked %d allocations\n", delta);
- _kit_memory_print_outstanding_allocations ();
- ret = FALSE;
- }
- if (num_fd != num_fd_after) {
- printf (" Unit test leaked %d file descriptors\n", num_fd_after - num_fd);
- ret = FALSE;
- }
-
- for (m = 0; m < total_allocs; m++) {
- printf (" Failing allocation %d of %d\n", m + 1, total_allocs);
-
- _kit_memory_reset ();
- _kit_memory_fail_nth_alloc (m);
-
- num_fd = _kit_get_num_fd ();
- if (!test->run ()) {
- printf (" Failed\n");
- ret = FALSE;
- continue;
- }
- num_fd_after = _kit_get_num_fd ();
-
- delta = _kit_memory_get_current_allocations ();
- if (delta != 0) {
- printf (" Unit test leaked %d allocations:\n", delta);
- _kit_memory_print_outstanding_allocations ();
- ret = FALSE;
- }
- if (num_fd != num_fd_after) {
- printf (" Unit test leaked %d file descriptors\n", num_fd_after - num_fd);
- ret = FALSE;
- }
-
- }
-
- test_done:
- if (test->teardown != NULL)
- test->teardown ();
- }
-
- return ret;
-}
diff --git a/src/kit/kit-test.h b/src/kit/kit-test.h
deleted file mode 100644
index a3869c4..0000000
--- a/src/kit/kit-test.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit-test.h : PolicyKit test
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (KIT_COMPILATION) && !defined(_KIT_INSIDE_KIT_H)
-#error "Only <kit/kit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef KIT_TEST_H
-#define KIT_TEST_H
-
-#include <kit/kit.h>
-
-KIT_BEGIN_DECLS
-
-/**
- * KitTest:
- * @name: name of the unit test
- * @setup: setup function
- * @teardown: teardown function
- * @run: actual test function.
- *
- * Test suite abstraction. See kit_test_run() for details.
- */
-typedef struct {
- const char *name;
- void (*setup) (void);
- void (*teardown) (void);
- kit_bool_t (*run) (void);
-} KitTest;
-
-kit_bool_t kit_test_run (KitTest **tests, size_t num_tests);
-
-extern KitTest _test_memory;
-extern KitTest _test_string;
-extern KitTest _test_hash;
-extern KitTest _test_list;
-extern KitTest _test_file;
-extern KitTest _test_spawn;
-extern KitTest _test_message;
-extern KitTest _test_entity;
-
-KIT_END_DECLS
-
-#endif /* KIT_TEST_H */
-
-
diff --git a/src/kit/kit.h b/src/kit/kit.h
deleted file mode 100644
index 1457acf..0000000
--- a/src/kit/kit.h
+++ /dev/null
@@ -1,164 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * kit.h : OOM-safe utility library
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifndef KIT_H
-#define KIT_H
-
-/**
- * SECTION:kit
- * @title: Macros
- * @short_description: Macros
- *
- * Various low-level macros.
- **/
-
-#ifdef __cplusplus
-# define KIT_BEGIN_DECLS extern "C" {
-# define KIT_END_DECLS }
-#else
-/**
- * KIT_BEGIN_DECLS:
- *
- * C++ include header guard.
- */
-# define KIT_BEGIN_DECLS
-/**
- * KIT_END_DECLS:
- *
- * C++ include header guard.
- */
-# define KIT_END_DECLS
-#endif
-
-/**
- * kit_bool_t:
- *
- * A boolean, valid values are #TRUE and #FALSE.
- */
-typedef int kit_bool_t;
-
-#ifndef TRUE
-# define TRUE 1
-#endif
-#ifndef FALSE
-# define FALSE 0
-#endif
-
-void kit_print_backtrace (void);
-
-#ifdef HAVE_SOLARIS
-#define __PRETTY_FUNCTION__ __func__
-#endif
-/**
- * kit_assert:
- * @expr: expression
- *
- * Debugging macro to terminate the application if the assertion
- * fails. If the assertion fails (i.e. the expression is not true), an
- * error message is logged and the application is terminated.
- */
-#define kit_assert(expr) \
-do { \
- if (expr) { \
- ; \
- } else { \
- kit_warning ("%s:%d:%s(): %s", __FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); \
- kit_print_backtrace (); \
- exit (1); \
- } \
-} while (0)
-
-/**
- * kit_return_if_fail:
- * @expr: expression
- *
- * Returns from the current function if the expression is not true. If
- * the expression evaluates to #FALSE, an error message is logged and
- * the function returns. This can only be used in functions which do
- * not return a value.
- *
- * Returns: nothing
- */
-#define kit_return_if_fail(expr) \
-do { \
- if (expr) { \
- ; \
- } else { \
- kit_warning ("%s:%d:%s(): %s", __FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); \
- kit_print_backtrace (); \
- return; \
- } \
-} while (0)
-
-/**
- * kit_return_val_if_fail:
- * @expr: expression
- * @val: the value to return if the expression evaluates does not
- * evaluate to #TRUE
- *
- * Returns from the current function, returning the value @val, if the
- * expression is not true. If the expression evaluates to #FALSE, an
- * error message is logged and val is returned.
- *
- * Returns: nothing
- */
-#define kit_return_val_if_fail(expr,val) \
-do { \
- if (expr) { \
- ; \
- } else { \
- kit_warning ("%s:%d:%s(): %s", __FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); \
- kit_print_backtrace (); \
- return val; \
- } \
-} while (0)
-
-
-
-#define _KIT_INSIDE_KIT_H 1
-
-#ifdef HAVE_SOLARIS
-#include <sys/types.h>
-#endif
-#include <kit/kit-memory.h>
-#include <kit/kit-string.h>
-#include <kit/kit-lib.h>
-#include <kit/kit-list.h>
-#include <kit/kit-hash.h>
-#include <kit/kit-file.h>
-#include <kit/kit-spawn.h>
-#include <kit/kit-message.h>
-#include <kit/kit-test.h>
-#include <kit/kit-entity.h>
-
-#undef _KIT_INSIDE_KIT_H
-
-#endif /* KIT_H */
-
-
diff --git a/src/polkit-grant/Makefile.am b/src/polkit-grant/Makefile.am
deleted file mode 100644
index 87c821b..0000000
--- a/src/polkit-grant/Makefile.am
+++ /dev/null
@@ -1,183 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-INCLUDES = \
- -I$(top_builddir)/src -I$(top_srcdir)/src \
- -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
- -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
- -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
- -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
- -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
- -DPOLKIT_COMPILATION \
- @GLIB_CFLAGS@ @DBUS_CFLAGS@
-
-lib_LTLIBRARIES=libpolkit-grant-1.la
-
-libpolkit_grant_1includedir=$(includedir)/polkit-1/polkit-grant
-
-libpolkit_grant_1include_HEADERS = \
- polkit-grant.h
-
-libpolkit_grant_1_la_SOURCES = \
- polkit-grant.h polkit-grant.c
-
-
-if POLKIT_AUTHDB_DUMMY
-libpolkit_grant_1_la_SOURCES += polkit-authorization-db-dummy-write.c
-endif
-
-if POLKIT_AUTHDB_DEFAULT
-libpolkit_grant_1_la_SOURCES += polkit-authorization-db-write.c
-endif
-
-libpolkit_grant_1_la_LIBADD = @GLIB_LIBS@ @DBUS_LIBS@ $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la
-
-
-if POLKIT_BUILD_TESTS
-libpolkit_grant_1_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) @R_DYNAMIC_LDFLAG@
-else
-libpolkit_grant_1_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) @R_DYNAMIC_LDFLAG@ \
- -export-dynamic -no-undefined -export-symbols-regex '(^polkit_.*|_polkit_authorization_db_auth_file_add)'
-endif
-
-
-# Only if the authdb backend has the capability POLKIT_AUTHORIZATION_DB_CAPABILITY_CAN_OBTAIN
-# then the backend must supply the /usr/libexec/polkit-grant-helper program.. also remember to
-# adjust the PAM stuff in data/Makefile.am
-#
-if POLKIT_AUTHDB_DEFAULT
-libexec_PROGRAMS = polkit-grant-helper-1
-
-if POLKIT_AUTHFW_PAM
-libexec_PROGRAMS += polkit-grant-helper-pam-1
-endif
-
-if POLKIT_AUTHFW_SHADOW
-libexec_PROGRAMS += polkit-grant-helper-shadow-1
-endif
-
-libexec_PROGRAMS += polkit-explicit-grant-helper-1 polkit-revoke-helper-1
-
-polkit_grant_helper_1_SOURCES = polkit-grant-helper.c
-polkit_grant_helper_1_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la libpolkit-grant-1.la
-
-if POLKIT_AUTHFW_PAM
-polkit_grant_helper_pam_1_SOURCES = polkit-grant-helper-pam.c
-polkit_grant_helper_pam_1_LDADD = @AUTH_LIBS@ $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la
-endif
-
-if POLKIT_AUTHFW_SHADOW
-polkit_grant_helper_shadow_1_SOURCES = polkit-grant-helper-shadow.c
-polkit_grant_helper_shadow_1_LDADD = @AUTH_LIBS@
-endif
-
-polkit_explicit_grant_helper_1_SOURCES = polkit-explicit-grant-helper.c
-polkit_explicit_grant_helper_1_CFLAGS = @DBUS_CFLAGS@
-polkit_explicit_grant_helper_1_LDADD = $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la libpolkit-grant-1.la
-
-polkit_revoke_helper_1_SOURCES = polkit-revoke-helper.c
-polkit_revoke_helper_1_CFLAGS = @DBUS_CFLAGS@
-polkit_revoke_helper_1_LDADD = $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la
-
-# polkit-grant-helper needs to be setgid polkituser to be able to
-# write cookies to /var/lib/PolicyKit and /var/run/PolicyKit
-#
-# polkit-grant-helper-* need to be setuid root because it's used to
-# authenticate not only the invoking user, but possibly also root
-# and/or other users. As only polkit-grant-helper will invoke it we
-# make it owned by the polkitiuser group and non-executable to the
-# world
-#
-# polkit-explicit-grant-helper needs to be setgid $POLKIT_GROUP to be
-# able to edit authorization files in /var/lib/PolicyKit and
-# /var/run/PolicyKit
-#
-# polkit-revoke-helper needs to be setgid $POLKIT_GROUP to be able to
-# edit authorization files in /var/lib/PolicyKit and
-# /var/run/PolicyKit
-#
-install-exec-hook:
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(libexecdir)/polkit-grant-helper-1
- -chmod 2755 $(DESTDIR)$(libexecdir)/polkit-grant-helper-1
-if POLKIT_AUTHFW_PAM
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(libexecdir)/polkit-grant-helper-pam-1
- -chmod 4754 $(DESTDIR)$(libexecdir)/polkit-grant-helper-pam-1
-endif
-if POLKIT_AUTHFW_SHADOW
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(libexecdir)/polkit-grant-helper-shadow-1
- -chmod 4750 $(DESTDIR)$(libexecdir)/polkit-grant-helper-shadow-1
-endif
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(libexecdir)/polkit-explicit-grant-helper-1
- -chmod 2755 $(DESTDIR)$(libexecdir)/polkit-explicit-grant-helper-1
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(libexecdir)/polkit-revoke-helper-1
- -chmod 2755 $(DESTDIR)$(libexecdir)/polkit-revoke-helper-1
-endif
-
-## note that TESTS has special meaning (stuff to use in make check)
-## so if adding tests not to be run in make check, don't add them to
-## TESTS
-if KIT_BUILD_TESTS
-TESTS_ENVIRONMENT=
-TESTS=polkit-grant-test
-
-check_PROGRAMS=$(TESTS)
-
-polkit_grant_test_SOURCES= \
- polkit-grant-test.h polkit-grant-test.c
-
-polkit_grant_test_LDADD=$(top_builddir)/src/polkit-grant/libpolkit-grant-1.la
-polkit_grant_test_LDFLAGS=
-
-if KIT_GCOV_ENABLED
-clean-gcov:
- rm -f *.gcov .libs/*.gcda
-
-.PHONY: coverage-report.txt covered-files.txt
-
-covered-files.txt :
- echo $(addprefix src/polkit-grant/,$(filter %.c,$(libpolkit_grant_1_la_SOURCES))) > covered-files.txt
-if POLKIT_AUTHDB_DEFAULT
- echo src/polkit-grant/polkit-explicit-grant-helper.c >> covered-files.txt
- echo src/polkit-grant/polkit-grant-helper.c >> covered-files.txt
-if POLKIT_AUTHFW_PAM
- echo src/polkit-grant/polkit-grant-helper-pam.c >> covered-files.txt
-endif
-if POLKIT_AUTHFW_SHADOW
- echo src/polkit-grant/polkit-grant-helper-shadow.c >> covered-files.txt
-endif
- echo src/polkit-grant/polkit-revoke-helper.c >> covered-files.txt
-endif
-
-coverage-report.txt : covered-files.txt clean-gcov all check
- gcov $(filter %.c,$(libpolkit_grant_1_la_SOURCES)) -o .libs/ > /dev/null
-if POLKIT_AUTHDB_DEFAULT
- gcov polkit-explicit-grant-helper.c -o .libs/ > /dev/null
- gcov polkit-grant-helper.c -o .libs/ > /dev/null
-if POLKIT_AUTHFW_PAM
- gcov polkit-grant-helper-pam.c -o .libs/ > /dev/null
-endif
-if POLKIT_AUTHFW_SHADOW
- gcov polkit-grant-helper-shadow.c -o .libs/ > /dev/null
-endif
- gcov polkit-revoke-helper.c -o .libs/ > /dev/null
-endif
- $(top_srcdir)/test/create-coverage-report.sh "module polkit-grant" `cat covered-files.txt` > coverage-report.txt
-
-check-coverage : coverage-report.txt
- cat coverage-report.txt
-else
-coverage-report.txt:
- @echo "Need to reconfigure with --enable-gcov"
-
-check-coverage:
- @echo "Need to reconfigure with --enable-gcov"
-endif
-
-else
-TESTS=
-endif
-
-clean-local :
- rm -f *~ *.bb *.bbg *.da *.gcov .libs/*.da .libs/*.bbg
diff --git a/src/polkit-grant/polkit-authorization-db-dummy-write.c b/src/polkit-grant/polkit-authorization-db-dummy-write.c
deleted file mode 100644
index ac1fcc5..0000000
--- a/src/polkit-grant/polkit-authorization-db-dummy-write.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-db.c : Dummy authorization database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <errno.h>
-#include <string.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <pwd.h>
-
-#include <glib.h>
-
-#include <polkit/polkit-debug.h>
-#include <polkit/polkit-authorization-db.h>
-#include <polkit/polkit-utils.h>
-#include <polkit/polkit-private.h>
-
-/* PolKitAuthorizationDB structure is defined in polkit/polkit-private.h */
-
-polkit_bool_t
-polkit_authorization_db_add_entry_process_one_shot (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_add_entry_process (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_add_entry_session (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_add_entry_always (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_grant_to_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error)
-{
- polkit_error_set_error (error, POLKIT_ERROR_NOT_SUPPORTED, "Not supported");
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_grant_negative_to_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error)
-{
- polkit_error_set_error (error, POLKIT_ERROR_NOT_SUPPORTED, "Not supported");
- return FALSE;
-}
diff --git a/src/polkit-grant/polkit-authorization-db-write.c b/src/polkit-grant/polkit-authorization-db-write.c
deleted file mode 100644
index fec91a1..0000000
--- a/src/polkit-grant/polkit-authorization-db-write.c
+++ /dev/null
@@ -1,922 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-db.c : Represents the authorization database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <errno.h>
-#include <string.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <pwd.h>
-
-#include <glib.h>
-
-#include <polkit/polkit-debug.h>
-#include <polkit/polkit-authorization-db.h>
-#include <polkit/polkit-utils.h>
-#include <polkit/polkit-private.h>
-
-/**
- * SECTION:polkit-authorization-db
- **/
-
-
-static polkit_bool_t
-_write_to_fd (int fd, const char *str, ssize_t str_len)
-{
- polkit_bool_t ret;
- ssize_t written;
-
- ret = FALSE;
-
- written = 0;
- while (written < str_len) {
- ssize_t ret;
- ret = write (fd, str + written, str_len - written);
- if (ret < 0) {
- if (errno == EAGAIN || errno == EINTR) {
- continue;
- } else {
- goto out;
- }
- }
- written += ret;
- }
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-polkit_bool_t
-_polkit_authorization_db_auth_file_add (polkit_bool_t transient, uid_t uid, char *str_to_add)
-{
- int fd;
- char *contents;
- gsize contents_size;
- char *path;
- char *path_tmp;
- GError *error;
- polkit_bool_t ret;
- struct stat statbuf;
- struct passwd *pw;
- const char *root;
- char *newline = "\n";
-
- if (transient)
- root = PACKAGE_LOCALSTATE_DIR "/run/polkit-1";
- else
- root = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1";
-
- ret = FALSE;
- path = NULL;
- path_tmp = NULL;
- contents = NULL;
-
- pw = getpwuid (uid);
- if (pw == NULL) {
- g_warning ("cannot lookup user name for uid %d\n", uid);
- goto out;
- }
-
- path = g_strdup_printf ("%s/user-%s.auths", root, pw->pw_name);
- path_tmp = g_strdup_printf ("%s.XXXXXX", path);
-
- if (stat (path, &statbuf) != 0 && errno == ENOENT) {
- //fprintf (stderr, "path=%s does not exist (egid=%d): %m!\n", path, getegid ());
-
- g_free (path_tmp);
- path_tmp = path;
- path = NULL;
-
- /* Write a nice blurb if we're creating the file for the first time */
-
- contents = g_strdup_printf (
- "# This file lists authorizations for user %s\n"
- "%s"
- "# \n"
- "# File format may change at any time; do not rely on it. To manage\n"
- "# authorizations use polkit-auth(1) instead.\n"
- "\n",
- pw->pw_name,
- transient ? "# (these are temporary and will be removed on the next system boot)\n" : "");
- contents_size = strlen (contents);
- } else {
- error = NULL;
- if (!g_file_get_contents (path, &contents, &contents_size, &error)) {
- g_warning ("Cannot read authorizations file %s: %s", path, error->message);
- g_error_free (error);
- goto out;
- }
- }
-
- if (path != NULL) {
- fd = mkstemp (path_tmp);
- if (fd < 0) {
- fprintf (stderr, "Cannot create file '%s': %m\n", path_tmp);
- goto out;
- }
- if (fchmod (fd, 0464) != 0) {
- fprintf (stderr, "Cannot change mode for '%s' to 0460: %m\n", path_tmp);
- close (fd);
- unlink (path_tmp);
- goto out;
- }
- } else {
- fd = open (path_tmp, O_RDWR|O_CREAT, 0464);
- if (fd < 0) {
- fprintf (stderr, "Cannot create file '%s': %m\n", path_tmp);
- goto out;
- }
- }
-
- if (!_write_to_fd (fd, contents, contents_size)) {
- g_warning ("Cannot write to temporary authorizations file %s: %m", path_tmp);
- close (fd);
- if (unlink (path_tmp) != 0) {
- g_warning ("Cannot unlink %s: %m", path_tmp);
- }
- goto out;
- }
- if (!_write_to_fd (fd, str_to_add, strlen (str_to_add))) {
- g_warning ("Cannot write to temporary authorizations file %s: %m", path_tmp);
- close (fd);
- if (unlink (path_tmp) != 0) {
- g_warning ("Cannot unlink %s: %m", path_tmp);
- }
- goto out;
- }
- if (!_write_to_fd (fd, newline, 1)) {
- g_warning ("Cannot write to temporary authorizations file %s: %m", path_tmp);
- close (fd);
- if (unlink (path_tmp) != 0) {
- g_warning ("Cannot unlink %s: %m", path_tmp);
- }
- goto out;
- }
- close (fd);
-
- if (path != NULL) {
- if (rename (path_tmp, path) != 0) {
- g_warning ("Cannot rename %s to %s: %m", path_tmp, path);
- if (unlink (path_tmp) != 0) {
- g_warning ("Cannot unlink %s: %m", path_tmp);
- }
- goto out;
- }
- }
-
- /* trigger a reload */
- if (utimes (PACKAGE_LOCALSTATE_DIR "/lib/misc/polkit-1.reload", NULL) != 0) {
- g_warning ("Error updating access+modification time on file '%s': %m\n",
- PACKAGE_LOCALSTATE_DIR "/lib/misc/polkit-1.reload");
- }
-
- ret = TRUE;
-
-out:
- if (contents != NULL)
- g_free (contents);
- if (path != NULL)
- g_free (path);
- if (path_tmp != NULL)
- g_free (path_tmp);
- return ret;
-}
-
-/* returns -1 on error */
-static int
-_write_constraints (char *buf, size_t buf_size, PolKitAuthorizationConstraint **constraints)
-{
- unsigned int n;
- unsigned int m;
-
- kit_return_val_if_fail (constraints != NULL, 0);
-
- for (n = 0, m = 0; constraints[n] != NULL; n++) {
- PolKitAuthorizationConstraint *c;
- const char *key;
- char value[1024];
-
- c = constraints[n];
-
- key = "constraint";
-
- if (polkit_authorization_constraint_to_string (c, value, sizeof (value)) >= sizeof (value)) {
- kit_warning ("Constraint %d is too large!", n);
- m = -1;
- goto out;
- }
-
- if (m < buf_size)
- buf[m] = ':';
- m++;
-
- m += kit_string_percent_encode (buf + m, buf_size - m > 0 ? buf_size - m : 0, key);
-
- if (m < buf_size)
- buf[m] = '=';
- m++;
-
- m += kit_string_percent_encode (buf + m, buf_size - m > 0 ? buf_size - m : 0, value);
- }
-
- if (m < buf_size)
- buf[m] = '\0';
-
-out:
- return m;
-}
-
-static polkit_bool_t
-_add_caller_constraints (char *buf, size_t buf_size, PolKitCaller *caller)
-{
- PolKitAuthorizationConstraint *constraints[64];
- int num_constraints;
- polkit_bool_t ret;
- int num_written;
- int n;
-
- ret = FALSE;
-
- num_constraints = polkit_authorization_constraint_get_from_caller (caller, constraints, 64);
- if (num_constraints == -1)
- goto out;
-
- if (num_constraints >= 64) {
- goto out;
- }
-
- num_written = _write_constraints (buf, buf_size, constraints);
- if (num_written == -1) {
- goto out;
- }
-
- if ((size_t) num_written >= buf_size) {
- goto out;
- }
-
- ret = TRUE;
-
-out:
- for (n = 0; n < num_constraints && n < 64 && constraints[n] != NULL; n++) {
- polkit_authorization_constraint_unref (constraints[n]);
- }
- return ret;
-}
-
-/**
- * polkit_authorization_db_add_entry_process_one_shot:
- * @authdb: the authorization database
- * @action: the action
- * @caller: the caller
- * @user_authenticated_as: the user that was authenticated
- *
- * Write an entry to the authorization database to indicate that the
- * given caller is authorized for the given action a single time.
- *
- * Note that this function should only be used by
- * <literal>libpolkit-grant</literal> or other sufficiently privileged
- * processes that deals with managing authorizations. It should never
- * be used by mechanisms or applications. The caller must have
- * egid=polkituser and umask set so creating files with mode 0460 will
- * work.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE if an entry was written to the authorization
- * database, #FALSE if the caller of this function is not sufficiently
- * privileged.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_add_entry_process_one_shot (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- char *action_id;
- uid_t caller_uid;
- pid_t caller_pid;
- polkit_bool_t ret;
- polkit_uint64_t pid_start_time;
- struct timeval now;
-
- g_return_val_if_fail (authdb != NULL, FALSE);
- g_return_val_if_fail (action != NULL, FALSE);
- g_return_val_if_fail (caller != NULL, FALSE);
-
- if (!polkit_action_get_action_id (action, &action_id))
- return FALSE;
-
- if (!polkit_caller_get_pid (caller, &caller_pid))
- return FALSE;
-
- if (!polkit_caller_get_uid (caller, &caller_uid))
- return FALSE;
-
- pid_start_time = polkit_sysdeps_get_start_time_for_pid (caller_pid);
- if (pid_start_time == 0)
- return FALSE;
-
- if (gettimeofday (&now, NULL) != 0) {
- g_warning ("Error calling gettimeofday: %m");
- return FALSE;
- }
-
- char pid_buf[32];
- char pid_st_buf[32];
- char now_buf[32];
- char uid_buf[32];
- char auth_buf[1024];
- snprintf (pid_buf, sizeof (pid_buf), "%d", caller_pid);
- snprintf (pid_st_buf, sizeof (pid_st_buf), "%Lu", pid_start_time);
- snprintf (now_buf, sizeof (now_buf), "%Lu", (polkit_uint64_t) now.tv_sec);
- snprintf (uid_buf, sizeof (uid_buf), "%d", user_authenticated_as);
-
- size_t len;
- if ((len = kit_string_entry_create (auth_buf, sizeof (auth_buf),
- "scope", "process-one-shot",
- "pid", pid_buf,
- "pid-start-time", pid_st_buf,
- "action-id", action_id,
- "when", now_buf,
- "auth-as", uid_buf,
- NULL)) >= sizeof (auth_buf)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- if (!_add_caller_constraints (auth_buf + len, sizeof (auth_buf) - len, caller)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- ret = _polkit_authorization_db_auth_file_add (TRUE,
- caller_uid,
- auth_buf);
- return ret;
-}
-
-/**
- * polkit_authorization_db_add_entry_process:
- * @authdb: the authorization database
- * @action: the action
- * @caller: the caller
- * @user_authenticated_as: the user that was authenticated
- *
- * Write an entry to the authorization database to indicate that the
- * given caller is authorized for the given action.
- *
- * Note that this function should only be used by
- * <literal>libpolkit-grant</literal> or other sufficiently privileged
- * processes that deals with managing authorizations. It should never
- * be used by mechanisms or applications. The caller must have
- * egid=polkituser and umask set so creating files with mode 0460 will
- * work.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE if an entry was written to the authorization
- * database, #FALSE if the caller of this function is not sufficiently
- * privileged.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_add_entry_process (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- char *action_id;
- uid_t caller_uid;
- pid_t caller_pid;
- polkit_bool_t ret;
- polkit_uint64_t pid_start_time;
- struct timeval now;
-
- g_return_val_if_fail (authdb != NULL, FALSE);
- g_return_val_if_fail (action != NULL, FALSE);
- g_return_val_if_fail (caller != NULL, FALSE);
-
- if (!polkit_action_get_action_id (action, &action_id))
- return FALSE;
-
- if (!polkit_caller_get_pid (caller, &caller_pid))
- return FALSE;
-
- if (!polkit_caller_get_uid (caller, &caller_uid))
- return FALSE;
-
- pid_start_time = polkit_sysdeps_get_start_time_for_pid (caller_pid);
- if (pid_start_time == 0)
- return FALSE;
-
- if (gettimeofday (&now, NULL) != 0) {
- g_warning ("Error calling gettimeofday: %m");
- return FALSE;
- }
-
- char pid_buf[32];
- char pid_st_buf[32];
- char now_buf[32];
- char uid_buf[32];
- char auth_buf[1024];
- snprintf (pid_buf, sizeof (pid_buf), "%d", caller_pid);
- snprintf (pid_st_buf, sizeof (pid_st_buf), "%Lu", pid_start_time);
- snprintf (now_buf, sizeof (now_buf), "%Lu", (polkit_uint64_t) now.tv_sec);
- snprintf (uid_buf, sizeof (uid_buf), "%d", user_authenticated_as);
-
- size_t len;
- if ((len = kit_string_entry_create (auth_buf, sizeof (auth_buf),
- "scope", "process",
- "pid", pid_buf,
- "pid-start-time", pid_st_buf,
- "action-id", action_id,
- "when", now_buf,
- "auth-as", uid_buf,
- NULL)) >= sizeof (auth_buf)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- if (!_add_caller_constraints (auth_buf + len, sizeof (auth_buf) - len, caller)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- ret = _polkit_authorization_db_auth_file_add (TRUE,
- caller_uid,
- auth_buf);
- return ret;
-}
-
-/**
- * polkit_authorization_db_add_entry_session:
- * @authdb: the authorization database
- * @action: the action
- * @caller: the caller
- * @user_authenticated_as: the user that was authenticated
- *
- * Write an entry to the authorization database to indicate that the
- * session for the given caller is authorized for the given action for
- * the remainer of the session.
- *
- * Note that this function should only be used by
- * <literal>libpolkit-grant</literal> or other sufficiently privileged
- * processes that deals with managing authorizations. It should never
- * be used by mechanisms or applications. The caller must have
- * egid=polkituser and umask set so creating files with mode 0460 will
- * work.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE if an entry was written to the authorization
- * database, #FALSE if the caller of this function is not sufficiently
- * privileged.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_add_entry_session (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- uid_t session_uid;
- char *action_id;
- PolKitSession *session;
- char *session_objpath;
- polkit_bool_t ret;
- struct timeval now;
-
- g_return_val_if_fail (authdb != NULL, FALSE);
- g_return_val_if_fail (action != NULL, FALSE);
- g_return_val_if_fail (caller != NULL, FALSE);
-
- if (!polkit_action_get_action_id (action, &action_id))
- return FALSE;
-
- if (!polkit_caller_get_ck_session (caller, &session))
- return FALSE;
-
- if (!polkit_session_get_ck_objref (session, &session_objpath))
- return FALSE;
-
- if (!polkit_session_get_uid (session, &session_uid))
- return FALSE;
-
- if (gettimeofday (&now, NULL) != 0) {
- g_warning ("Error calling gettimeofday: %m");
- return FALSE;
- }
-
- char now_buf[32];
- char uid_buf[32];
- char auth_buf[1024];
- snprintf (now_buf, sizeof (now_buf), "%Lu", (polkit_uint64_t) now.tv_sec);
- snprintf (uid_buf, sizeof (uid_buf), "%d", user_authenticated_as);
-
- size_t len;
- if ((len = kit_string_entry_create (auth_buf, sizeof (auth_buf),
- "scope", "session",
- "session-id", session_objpath,
- "action-id", action_id,
- "when", now_buf,
- "auth-as", uid_buf,
- NULL)) >= sizeof (auth_buf)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- if (!_add_caller_constraints (auth_buf + len, sizeof (auth_buf) - len, caller)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- ret = _polkit_authorization_db_auth_file_add (TRUE,
- session_uid,
- auth_buf);
- return ret;
-}
-
-/**
- * polkit_authorization_db_add_entry_always:
- * @authdb: the authorization database
- * @action: the action
- * @caller: the caller
- * @user_authenticated_as: the user that was authenticated
- *
- * Write an entry to the authorization database to indicate that the
- * given user is authorized for the given action.
- *
- * Note that this function should only be used by
- * <literal>libpolkit-grant</literal> or other sufficiently privileged
- * processes that deals with managing authorizations. It should never
- * be used by mechanisms or applications. The caller must have
- * egid=polkituser and umask set so creating files with mode 0460 will
- * work.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE if an entry was written to the authorization
- * database, #FALSE if the caller of this function is not sufficiently
- * privileged.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_add_entry_always (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as)
-{
- uid_t uid;
- char *action_id;
- polkit_bool_t ret;
- struct timeval now;
-
- g_return_val_if_fail (authdb != NULL, FALSE);
- g_return_val_if_fail (action != NULL, FALSE);
- g_return_val_if_fail (caller != NULL, FALSE);
-
- if (!polkit_caller_get_uid (caller, &uid))
- return FALSE;
-
- if (!polkit_action_get_action_id (action, &action_id))
- return FALSE;
-
- if (gettimeofday (&now, NULL) != 0) {
- g_warning ("Error calling gettimeofday: %m");
- return FALSE;
- }
-
- char now_buf[32];
- char uid_buf[32];
- char auth_buf[1024];
- snprintf (now_buf, sizeof (now_buf), "%Lu", (polkit_uint64_t) now.tv_sec);
- snprintf (uid_buf, sizeof (uid_buf), "%d", user_authenticated_as);
-
- size_t len;
- if ((len = kit_string_entry_create (auth_buf, sizeof (auth_buf),
- "scope", "always",
- "action-id", action_id,
- "when", now_buf,
- "auth-as", uid_buf,
- NULL)) >= sizeof (auth_buf)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
- if (!_add_caller_constraints (auth_buf + len, sizeof (auth_buf) - len, caller)) {
- g_warning ("authbuf for is too small");
- return FALSE;
- }
-
- ret = _polkit_authorization_db_auth_file_add (FALSE,
- uid,
- auth_buf);
- return ret;
-}
-
-
-typedef struct {
- char *action_id;
- unsigned int _check_constraint_num;
- PolKitAuthorizationConstraint **constraints;
-
- polkit_bool_t is_authorized;
- polkit_bool_t is_negative_authorized;
-} CheckDataGrant;
-
-static polkit_bool_t
-_check_constraints_for_grant (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data)
-{
- CheckDataGrant *cd = (CheckDataGrant *) user_data;
- polkit_bool_t ret;
-
- ret = FALSE;
-
- if (cd->constraints [cd->_check_constraint_num] == NULL)
- goto no_match;
-
- if (!polkit_authorization_constraint_equal (authc, cd->constraints[cd->_check_constraint_num]))
- goto no_match;
-
- cd->_check_constraint_num += 1;
- return FALSE;
-
-no_match:
- return TRUE;
-}
-
-static polkit_bool_t
-_check_auth_for_grant (PolKitAuthorizationDB *authdb, PolKitAuthorization *auth, void *user_data)
-{
- uid_t pimp;
- polkit_bool_t ret;
- polkit_bool_t is_negative;
- CheckDataGrant *cd = (CheckDataGrant *) user_data;
-
- ret = FALSE;
-
- if (strcmp (polkit_authorization_get_action_id (auth), cd->action_id) != 0)
- goto no_match;
-
- if (!polkit_authorization_was_granted_explicitly (auth, &pimp, &is_negative))
- goto no_match;
-
- /* This checks that the number of authorizations are the
- * same.. as well as that the authorizations are similar one
- * by one..
- *
- * TODO: FIXME: this relies on the ordering, e.g. we don't
- * catch local+active if there is an active+local one already.
- */
- cd->_check_constraint_num = 0;
- if (polkit_authorization_constraints_foreach (auth, _check_constraints_for_grant, cd) ||
- cd->constraints [cd->_check_constraint_num] != NULL)
- goto no_match;
-
- if (is_negative) {
- cd->is_authorized = FALSE;
- cd->is_negative_authorized = TRUE;
- /* it only takes a single negative auth to block things so stop iterating */
- ret = TRUE;
- } else {
- cd->is_authorized = TRUE;
- cd->is_negative_authorized = FALSE;
- /* keep iterating; we may find negative auths... */
- }
-
-no_match:
- return ret;
-}
-
-static polkit_bool_t
-_grant_internal (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error,
- polkit_bool_t is_negative)
-{
- GError *g_error;
- char *helper_argv[6] = {PACKAGE_LIBEXEC_DIR "/polkit-explicit-grant-helper-1", NULL, NULL, NULL, NULL, NULL};
- gboolean ret;
- gint exit_status;
- char cbuf[1024];
- CheckDataGrant cd;
- polkit_bool_t did_exist;
-
- ret = FALSE;
-
- g_return_val_if_fail (authdb != NULL, FALSE);
- g_return_val_if_fail (action != NULL, FALSE);
-
- if (!polkit_action_get_action_id (action, &(cd.action_id))) {
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Given action does not have action_id set");
- goto out;
- }
-
- if (constraints == NULL) {
- cbuf[0] = '\0';
- } else {
- int num_written;
- num_written = _write_constraints (cbuf, sizeof (cbuf), constraints);
- if (num_written == -1) {
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "one of the given constraints did not fit");
- goto out;
- }
-
- if ((size_t) num_written >= sizeof (cbuf)) {
- g_warning ("buffer for auth constraint is too small");
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "buffer for auth constraint is too small");
- goto out;
- }
- }
-
- /* check if we have the auth already */
- cd.constraints = constraints;
- cd.is_authorized = FALSE;
- cd.is_negative_authorized = FALSE;
- polkit_authorization_db_foreach_for_uid (authdb,
- uid,
- _check_auth_for_grant,
- &cd,
- error);
-
- /* happens if caller can't read auths of target user */
- if (error != NULL && polkit_error_is_set (*error)) {
- goto out;
- }
-
- did_exist = FALSE;
- if (is_negative) {
- if (cd.is_negative_authorized)
- did_exist = TRUE;
- } else {
- if (cd.is_authorized)
- did_exist = TRUE;
- }
-
- if (did_exist) {
- /* so it did exist.. */
- polkit_error_set_error (error,
- POLKIT_ERROR_AUTHORIZATION_ALREADY_EXISTS,
- "An authorization for uid %d for the action %s with constraint '%s' already exists",
- uid, cd.action_id, cbuf);
- goto out;
- }
-
-
- helper_argv[1] = cd.action_id;
- helper_argv[2] = cbuf;
- if (is_negative)
- helper_argv[3] = "uid-negative";
- else
- helper_argv[3] = "uid";
- helper_argv[4] = g_strdup_printf ("%d", uid);
- helper_argv[5] = NULL;
-
- g_error = NULL;
- if (!g_spawn_sync (NULL, /* const gchar *working_directory */
- helper_argv, /* gchar **argv */
- NULL, /* gchar **envp */
- 0, /* GSpawnFlags flags */
- NULL, /* GSpawnChildSetupFunc child_setup */
- NULL, /* gpointer user_data */
- NULL, /* gchar **standard_output */
- NULL, /* gchar **standard_error */
- &exit_status, /* gint *exit_status */
- &g_error)) { /* GError **error */
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Error spawning explicit grant helper: %s",
- g_error->message);
- g_error_free (g_error);
- goto out;
- }
-
- if (!WIFEXITED (exit_status)) {
- g_warning ("Explicit grant helper crashed!");
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Explicit grant helper crashed!");
- goto out;
- } else if (WEXITSTATUS(exit_status) != 0) {
- polkit_error_set_error (error,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_GRANT_AUTHORIZATION,
- "uid %d is not authorized to grant authorization for action %s to uid %d (requires org.freedesktop.policykit.grant)",
- getuid (), cd.action_id, uid);
- } else {
- ret = TRUE;
- }
-
-out:
- g_free (helper_argv[4]);
- return ret;
-}
-
-/**
- * polkit_authorization_db_grant_to_uid:
- * @authdb: authorization database
- * @action: action
- * @uid: uid to grant to
- * @constraints: Either %NULL or a %NULL terminated list of constraint to put on the authorization
- * @error: return location for error
- *
- * Grants an authorization to a user for a specific action. This
- * requires the org.freedesktop.policykit.grant authorization.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE if the authorization was granted, #FALSE otherwise
- * and error will be set
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_grant_to_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error)
-{
- return _grant_internal (authdb, action, uid, constraints, error, FALSE);
-}
-
-/**
- * polkit_authorization_db_grant_negative_to_uid:
- * @authdb: authorization database
- * @action: action
- * @uid: uid to grant to
- * @constraints: Either %NULL or a %NULL terminated list of constraint to put on the authorization
- * @error: return location for error
- *
- * Grants a negative authorization to a user for a specific action. If
- * @uid differs from the calling user, the
- * org.freedesktop.policykit.grant authorization is required. In other
- * words, users may "grant" negative authorizations to themselves.
- *
- * A negative authorization is normally used to block users that would
- * normally be authorized from an implicit authorization.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE if the authorization was granted, #FALSE otherwise
- * and error will be set
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_grant_negative_to_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error)
-{
- return _grant_internal (authdb, action, uid, constraints, error, TRUE);
-}
diff --git a/src/polkit-grant/polkit-explicit-grant-helper.c b/src/polkit-grant/polkit-explicit-grant-helper.c
deleted file mode 100644
index 5609912..0000000
--- a/src/polkit-grant/polkit-explicit-grant-helper.c
+++ /dev/null
@@ -1,219 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-explicit-grant-helper.c : setgid polkituser explicit grant
- * helper for PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#define _GNU_SOURCE
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <grp.h>
-#include <pwd.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-#include <utime.h>
-#include <fcntl.h>
-
-#include <polkit/polkit.h>
-#include <polkit/polkit-private.h>
-
-#ifdef HAVE_SOLARIS
-#define LOG_AUTHPRIV (10<<3)
-#endif
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- gid_t egid;
- struct group *group;
- uid_t invoking_uid;
- char *action_id;
- char *endp;
- struct timeval now;
-
- ret = 1;
-
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto out;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-
- openlog ("polkit-explicit-grant-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 5) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-explicit-grant-helper: wrong number of arguments. This incident has been logged.\n");
- goto out;
- }
-
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-explicit-grant-helper: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto out;
- }
-
- invoking_uid = getuid ();
-
- /* check that we are setgid polkituser */
- egid = getegid ();
- group = getgrgid (egid);
- if (group == NULL) {
- fprintf (stderr, "polkit-explicit-grant-helper: cannot lookup group info for gid %d\n", egid);
- goto out;
- }
- if (strcmp (group->gr_name, POLKIT_GROUP) != 0) {
- fprintf (stderr, "polkit-explicit-grant-helper: needs to be setgid " POLKIT_GROUP "\n");
- goto out;
- }
-
- /*----------------------------------------------------------------------------------------------------*/
-
- /* check and validate incoming parameters */
-
- /* first one is action_id */
- action_id = argv[1];
- if (!polkit_action_validate_id (action_id)) {
- syslog (LOG_NOTICE, "action_id is malformed [uid=%d]", getuid ());
- fprintf (stderr, "polkit-explicit-grant-helper: action_id is malformed. This incident has been logged.\n");
- goto out;
- }
-
- char *authc_str;
- size_t authc_str_len;
-
- /* second is the textual form of the auth constraint */
- authc_str = argv[2];
- authc_str_len = strlen (authc_str);
-
-#define TARGET_UID 0
- int target;
- uid_t target_uid = -1;
- polkit_bool_t is_negative;
-
- is_negative = FALSE;
-
- /* (third, fourth) is one of: ("uid", uid), ("uid-negative", uid) */
- if (strcmp (argv[3], "uid") == 0 || strcmp (argv[3], "uid-negative") == 0) {
-
- if (strcmp (argv[3], "uid") != 0) {
- is_negative = TRUE;
- }
-
- target = TARGET_UID;
- target_uid = strtol (argv[4], &endp, 10);
- if (*endp != '\0') {
- syslog (LOG_NOTICE, "target uid is malformed [uid=%d]", getuid ());
- fprintf (stderr, "polkit-explicit-grant-helper: target uid is malformed. This incident has been logged.\n");
- goto out;
- }
- } else {
- syslog (LOG_NOTICE, "target type is malformed [uid=%d]", getuid ());
- fprintf (stderr, "polkit-explicit-grant-helper: target type is malformed. This incident has been logged.\n");
- goto out;
- }
-
-
- //fprintf (stderr, "action_id=%s constraint=%s uid=%d\n", action_id, authc_str, target_uid);
-
- /* OK, we're done parsing ... check if the user is authorized */
-
- if (invoking_uid != 0) {
-
- if (is_negative && (invoking_uid == target_uid)) {
- /* it's fine to grant negative-auths to one self... */
- } else {
- pid_t ppid;
-
- ppid = getppid ();
- if (ppid == 1)
- goto out;
-
- if (polkit_check_auth (ppid, "org.freedesktop.policykit.grant", NULL) == 0) {
- goto out;
- }
- }
- }
-
- /* he is.. proceed to add the grant */
-
- umask (002);
-
- if (gettimeofday (&now, NULL) != 0) {
- fprintf (stderr, "polkit-explicit-grant-helper: error calling gettimeofday: %m");
- return FALSE;
- }
-
- char now_buf[32];
- char uid_buf[32];
- char auth_buf[1024];
- snprintf (now_buf, sizeof (now_buf), "%Lu", (polkit_uint64_t) now.tv_sec);
- snprintf (uid_buf, sizeof (uid_buf), "%d", invoking_uid);
-
- size_t len;
- if ((len = kit_string_entry_create (auth_buf, sizeof (auth_buf),
- "scope", is_negative ? "grant-negative" : "grant",
- "action-id", action_id,
- "when", now_buf,
- "granted-by", uid_buf,
- NULL)) >= sizeof (auth_buf)) {
- kit_warning ("polkit-explicit-grant-helper: authbuf is too small");
- goto out;
- }
- if (authc_str_len > 0) {
- if (sizeof (auth_buf) - len < authc_str_len + 1) {
- kit_warning ("polkit-explicit-grant-helper: authbuf is too small");
- goto out;
- }
- strncpy (auth_buf + len, authc_str, authc_str_len + 1);
- }
-
- if (_polkit_authorization_db_auth_file_add (FALSE,
- target_uid,
- auth_buf)) {
- ret = 0;
- }
-
-out:
-
- return ret;
-}
-
diff --git a/src/polkit-grant/polkit-grant-helper-pam.c b/src/polkit-grant/polkit-grant-helper-pam.c
deleted file mode 100644
index 2596595..0000000
--- a/src/polkit-grant/polkit-grant-helper-pam.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant-helper-pam.c : setuid root pam grant helper for PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/* TODO: FIXME: XXX: this code needs security review before it can be released! */
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <syslog.h>
-#include <security/pam_appl.h>
-
-#include <kit/kit.h>
-
-#ifdef HAVE_SOLARIS
-#define LOG_AUTHPRIV (10<<3)
-#endif
-
-/* Development aid: define PGH_DEBUG to get debugging output. Do _NOT_
- * enable this in production builds; it may leak passwords and other
- * sensitive information.
- */
-#undef PGH_DEBUG
-/* #define PGH_DEBUG */
-
-static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data);
-
-int
-main (int argc, char *argv[])
-{
- int rc;
- char user_to_auth[256];
- struct pam_conv pam_conversation;
- pam_handle_t *pam_h;
- const void *authed_user;
-
- rc = 0;
- pam_h = NULL;
-
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto error;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-
- /* check that we are setuid root */
- if (geteuid () != 0) {
- fprintf (stderr, "polkit-grant-helper-pam: needs to be setuid root\n");
- goto error;
- }
-
- openlog ("polkit-grant-helper-pam-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 1) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-grant-helper-pam: wrong number of arguments. This incident has been logged.\n");
- goto error;
- }
-
- if (getuid () != 0) {
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-grant-helper-pam: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto error;
- }
- }
-
- /* get user to auth */
- if (fgets (user_to_auth, sizeof user_to_auth, stdin) == NULL)
- goto error;
- if (strlen (user_to_auth) > 0 && user_to_auth[strlen (user_to_auth) - 1] == '\n')
- user_to_auth[strlen (user_to_auth) - 1] = '\0';
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper-pam: user to auth is '%s'.\n", user_to_auth);
-#endif /* PGH_DEBUG */
-
- pam_conversation.conv = conversation_function;
- pam_conversation.appdata_ptr = NULL;
-
- /* start the pam stack */
- rc = pam_start ("polkit",
- user_to_auth,
- &pam_conversation,
- &pam_h);
- if (rc != PAM_SUCCESS) {
- fprintf (stderr, "polkit-grant-helper-pam: pam_start failed: %s\n", pam_strerror (pam_h, rc));
- goto error;
- }
-
- /* set the requesting user */
- rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth);
- if (rc != PAM_SUCCESS) {
- fprintf (stderr, "polkit-grant-helper-pam: pam_set_item failed: %s\n", pam_strerror (pam_h, rc));
- goto error;
- }
-
- /* is user really user? */
- rc = pam_authenticate (pam_h, 0);
- if (rc != PAM_SUCCESS) {
- fprintf (stderr, "polkit-grant-helper-pam: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc));
- goto error;
- }
-
- /* permitted access? */
- rc = pam_acct_mgmt (pam_h, 0);
- if (rc != PAM_SUCCESS) {
- fprintf (stderr, "polkit-grant-helper-pam: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc));
- goto error;
- }
-
- /* did we auth the right user? */
- rc = pam_get_item (pam_h, PAM_USER, &authed_user);
- if (rc != PAM_SUCCESS) {
- fprintf (stderr, "polkit-grant-helper-pam: pam_get_item failed: %s\n", pam_strerror (pam_h, rc));
- goto error;
- }
-
- if (strcmp (authed_user, user_to_auth) != 0) {
- fprintf (stderr, "polkit-grant-helper-pam: Tried to auth user '%s' but we got auth for user '%s' instead",
- user_to_auth, (const char *) authed_user);
- goto error;
- }
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper-pam: successfully authenticated user '%s'.\n", user_to_auth);
-#endif /* PGH_DEBUG */
-
- fprintf (stdout, "SUCCESS\n");
- fflush (stdout);
-
- pam_end (pam_h, rc);
- return 0;
-error:
- if (pam_h != NULL)
- pam_end (pam_h, rc);
-
- fprintf (stdout, "FAILURE\n");
- fflush (stdout);
- return 1;
-}
-
-static int
-conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data)
-{
- struct pam_response *aresp;
- char buf[PAM_MAX_RESP_SIZE];
- int i;
-
- data = data;
- if (n <= 0 || n > PAM_MAX_NUM_MSG)
- return PAM_CONV_ERR;
-
- if ((aresp = calloc(n, sizeof *aresp)) == NULL)
- return PAM_BUF_ERR;
-
- for (i = 0; i < n; ++i) {
- aresp[i].resp_retcode = 0;
- aresp[i].resp = NULL;
- switch (msg[i]->msg_style) {
- case PAM_PROMPT_ECHO_OFF:
- fprintf (stdout, "PAM_PROMPT_ECHO_OFF ");
- goto conv1;
- case PAM_PROMPT_ECHO_ON:
- fprintf (stdout, "PAM_PROMPT_ECHO_ON ");
- conv1:
- fputs (msg[i]->msg, stdout);
- if (strlen (msg[i]->msg) > 0 &&
- msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n')
- fputc ('\n', stdout);
- fflush (stdout);
-
- if (fgets (buf, sizeof buf, stdin) == NULL)
- goto error;
- if (strlen (buf) > 0 &&
- buf[strlen (buf) - 1] == '\n')
- buf[strlen (buf) - 1] = '\0';
-
- aresp[i].resp = strdup (buf);
- if (aresp[i].resp == NULL)
- goto error;
- break;
-
- case PAM_ERROR_MSG:
- fprintf (stdout, "PAM_ERROR_MSG ");
- goto conv2;
-
- case PAM_TEXT_INFO:
- fprintf (stdout, "PAM_TEXT_INFO ");
- conv2:
- fputs (msg[i]->msg, stdout);
- if (strlen (msg[i]->msg) > 0 &&
- msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n')
- fputc ('\n', stdout);
- fflush (stdout);
- break;
- default:
- goto error;
- }
- }
- *resp = aresp;
- return PAM_SUCCESS;
-
-error:
- for (i = 0; i < n; ++i) {
- if (aresp[i].resp != NULL) {
- memset (aresp[i].resp, 0, strlen(aresp[i].resp));
- free (aresp[i].resp);
- }
- }
- memset (aresp, 0, n * sizeof *aresp);
- *resp = NULL;
- return PAM_CONV_ERR;
-}
diff --git a/src/polkit-grant/polkit-grant-helper-shadow.c b/src/polkit-grant/polkit-grant-helper-shadow.c
deleted file mode 100644
index d9d3ef1..0000000
--- a/src/polkit-grant/polkit-grant-helper-shadow.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant-helper-shadow.c : setuid root shadow helper for PolicyKit
- *
- * Copyright (C) 2007 Piter PUNK, <piterpunk at slackware.com>
- *
- * Based on polkit-grant-helper-pam.c :
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <syslog.h>
-#include <shadow.h>
-#include <grp.h>
-#include <pwd.h>
-
-/* Development aid: define PGH_DEBUG to get debugging output. Do _NOT_
- * enable this in production builds; it may leak passwords and other
- * sensitive information.
- */
-#undef PGH_DEBUG
-/* #define PGH_DEBUG */
-
-extern char *crypt ();
-static int do_auth (const char *user_to_auth);
-
-int main (int argc, char *argv[])
-{
- char user_to_auth[256];
-
- /* clear the entire environment to avoid attacks with
- * libraries honoring environment variables */
- if (clearenv () != 0)
- goto error;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-
- /* check that we are setuid root */
- if (geteuid () != 0) {
- fprintf (stderr, "polkit-grant-helper-shadow: needs to be setuid root\n");
- goto error;
- }
-
- openlog ("polkit-grant-helper-shadow", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 1) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-grant-helper-shadow: wrong number of arguments. This incident has been logged.\n");
- goto error;
- }
-
- if (getuid () != 0) {
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-grant-helper-shadow: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto error;
- }
- }
-
- /* get user to auth */
- if (fgets (user_to_auth, sizeof (user_to_auth), stdin) == NULL)
- goto error;
- if (strlen (user_to_auth) > 0 && user_to_auth[strlen (user_to_auth) - 1] == '\n')
- user_to_auth[strlen(user_to_auth) - 1] = '\0';
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper-shadow: user to auth is '%s'.\n", user_to_auth);
-#endif /* PGH_DEBUG */
-
- if(!do_auth (user_to_auth)) {
- syslog (LOG_NOTICE, "authentication failure [uid=%d] trying to authenticate '%s'", getuid (), user_to_auth);
- fprintf (stderr, "polkit-grant-helper-shadow: authentication failure. This incident has been logged.\n");
- goto error;
- }
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper-shadow: successfully authenticated user '%s'.\n", user_to_auth);
-#endif /* PGH_DEBUG */
-
- fprintf (stdout, "SUCCESS\n");
- fflush (stdout);
- return 0;
-
-error:
- sleep (2); /* Discourage brute force attackers */
- fprintf (stdout, "FAILURE\n");
- fflush (stdout);
- return 1;
-}
-/*
- * This is the shadow do_auth function. It receives
- * only the name of user (user_to_auth). Waits for
- * password in stdin and auth the user. It return success
- * if the user can be authenticated and unsuccess when
- * user can't be authenticated.
- */
-int do_auth (const char *user_to_auth)
-{
- struct spwd *shadow;
- char password[256];
-
- if ((shadow = getspnam (user_to_auth)) == NULL)
- goto error;
-
- if (fgets (password, sizeof (password), stdin) == NULL)
- goto error;
-
- if (strlen (password) > 0 &&
- password[strlen (password) - 1] == '\n')
- password[strlen (password) - 1] = '\0';
-
- if (strcmp (shadow->sp_pwdp, crypt (password, shadow->sp_pwdp)) != 0)
- goto error;
-
- return 1;
-
-error:
- return 0;
-}
diff --git a/src/polkit-grant/polkit-grant-helper.c b/src/polkit-grant/polkit-grant-helper.c
deleted file mode 100644
index ff4b03f..0000000
--- a/src/polkit-grant/polkit-grant-helper.c
+++ /dev/null
@@ -1,816 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant-helper.c : setgid polkituser grant helper for PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/* TODO: FIXME: XXX: this code needs security review before it can be released! */
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#ifdef POLKIT_AUTHFW_PAM
-#include <security/pam_appl.h>
-#endif
-
-#ifdef POLKIT_AUTHFW_SHADOW
-#include <shadow.h>
-#endif
-
-#include <grp.h>
-#include <pwd.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-#include <utime.h>
-
-#include <glib.h>
-
-#include <kit/kit.h>
-
-#include <polkit/polkit.h>
-// #include <polkit/polkit-grant-database.h>
-
-#ifdef HAVE_SOLARIS
-#define LOG_AUTHPRIV (10<<3)
-#endif
-
-/* Development aid: define PGH_DEBUG to get debugging output. Do _NOT_
- * enable this in production builds; it may leak passwords and other
- * sensitive information.
- */
-#undef PGH_DEBUG
-/* #define PGH_DEBUG */
-
-/* synopsis: polkit-grant-helper <pid> <action-name>
- *
- * <pid> : process id of caller to grant privilege to
- * <action-name> : the PolicyKit action
- *
- * Error/debug messages goes to stderr. Interaction with the program
- * launching this helper happens via stdin/stdout. A rough high-level
- * interaction diagram looks like this (120 character width):
- *
- * Program using
- * libpolkit-grant polkit-grant-helper polkit-grant-helper-pam
- * ------------- ------------------- -----------------------
- *
- * Spawn polkit-grant-helper
- * with args <pid>, <action-name> -->
- *
- * Create PolKitCaller object
- * from <pid>. Involves querying
- * ConsoleKit over the system
- * message-bus. Verify that
- * the caller qualifies for
- * for authentication to gain
- * the right to do the Action.
- *
- * <-- Tell libpolkit-grant about grant details, e.g.
- * {self,admin}_{,keep_session,keep_always} +
- * what users can authenticate using stdout
- *
- * Receive grant details on stdin.
- * Caller prepares UI dialog depending
- * on grant details.
- *
- * if admin_users is not empty, wait for
- * user name of admin user to auth on stdin
- *
- * if admin_users is not empty, write
- * user name of admin user to auth on stdout -->
- *
- *
- * verify that given username is
- * in admin_users
- *
- *
- * Spawn polkit-grant-helper-pam
- * with no args -->
- *
- * Write username to auth as
- * on stdout -->
- *
- * Receive username on stdin.
- * Start the PAM stack
- * auth_in_progess:
- * Write a PAM request on stdout, one off
- * - PAM_PROMPT_ECHO_OFF
- * - PAM_PROMPT_ECHO_ON
- * - PAM_ERROR_MSG
- * - PAM_TEXT_INFO
- *
- * Receive PAM request on stdin.
- * Send it to libpolkit-grant on stdout
- *
- * Receive PAM request on stdin.
- * Program deals with it.
- * Write reply on stdout
- *
- * Receive PAM reply on stdin
- * Send PAM reply on stdout
- *
- * Deal with PAM reply on stdin.
- * Now either
- * - GOTO auth_in_progress; or
- * - Write SUCCESS|FAILURE on stdout and then
- * die
- *
- * Receive either SUCCESS or
- * FAILURE on stdin. If FAILURE
- * is received, then die with exit
- * code 1. If SUCCESS, leave a cookie
- * in /var/{lib,run}/polkit-1 indicating
- * the grant was successful and die with
- * exit code 0
- *
- *
- * If auth fails, we exit with code 1.
- * If input is not valid we exit with code 2.
- * If any other error occur we exit with code 3
- * If privilege was granted, we exit code 0.
- */
-
-
-/**
- * do_auth:
- *
- * the authentication itself is done via a setuid root helper; this is
- * to make the code running as uid 0 easier to audit.
- *
- */
-static polkit_bool_t
-do_auth (const char *user_to_auth, gboolean *empty_conversation)
-{
- int helper_pid;
- int helper_stdin;
- int helper_stdout;
- GError *g_error;
-#ifdef POLKIT_AUTHFW_PAM
- char *helper_argv[2] = {PACKAGE_LIBEXEC_DIR "/polkit-grant-helper-pam-1", NULL};
-#endif
-#ifdef POLKIT_AUTHFW_SHADOW
- char *helper_argv[2] = {PACKAGE_LIBEXEC_DIR "/polkit-grant-helper-shadow-1", NULL};
-#endif
- char buf[256];
- FILE *child_stdin;
- FILE *child_stdout;
- gboolean ret;
-
- child_stdin = NULL;
- child_stdout = NULL;
- ret = FALSE;
- *empty_conversation = TRUE;
-
- g_error = NULL;
- if (!g_spawn_async_with_pipes (NULL,
- (char **) helper_argv,
- NULL,
- 0,
- NULL,
- NULL,
- &helper_pid,
- &helper_stdin,
- &helper_stdout,
- NULL,
- &g_error)) {
- fprintf (stderr, "polkit-grant-helper: cannot spawn helper: %s\n", g_error->message);
- g_error_free (g_error);
- g_free (helper_argv[1]);
- goto out;
- }
-
- child_stdin = fdopen (helper_stdin, "w");
- if (child_stdin == NULL) {
- fprintf (stderr, "polkit-grant-helper: fdopen (helper_stdin) failed: %s\n", strerror (errno));
- goto out;
- }
- child_stdout = fdopen (helper_stdout, "r");
- if (child_stdout == NULL) {
- fprintf (stderr, "polkit-grant-helper: fdopen (helper_stdout) failed: %s\n", strerror (errno));
- goto out;
- }
-
- /* First, tell the pam helper what user we wish to auth */
- fprintf (child_stdin, "%s\n", user_to_auth);
- fflush (child_stdin);
-
- /* now act as middle man between our parent and our child */
-
- while (TRUE) {
- /* read from child */
- if (fgets (buf, sizeof buf, child_stdout) == NULL)
- goto out;
-#ifdef PGH_DEBUG
- fprintf (stderr, "received: '%s' from child; sending to parent\n", buf);
-#endif /* PGH_DEBUG */
- /* see if we're done? */
- if (strcmp (buf, "SUCCESS\n") == 0) {
- ret = TRUE;
- goto out;
- }
- if (strcmp (buf, "FAILURE\n") == 0) {
- goto out;
- }
-
- *empty_conversation = FALSE;
-
- /* send to parent */
- fprintf (stdout, "%s", buf);
- fflush (stdout);
-
- /* read from parent */
- if (fgets (buf, sizeof buf, stdin) == NULL)
- goto out;
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "received: '%s' from parent; sending to child\n", buf);
-#endif /* PGH_DEBUG */
- /* send to child */
- fprintf (child_stdin, "%s", buf);
- fflush (child_stdin);
- }
-
-out:
- if (child_stdin != NULL)
- fclose (child_stdin);
- if (child_stdout != NULL)
- fclose (child_stdout);
- return ret;
-}
-
-/**
- * verify_with_polkit:
- * @caller: the caller
- * @action: the action
- * @out_result: return location for result AKA how the user can auth
- * @out_admin_users: return location for a NULL-terminated array of
- * strings that can be user to auth as admin. Is set to NULL if the
- * super user (e.g. uid 0) should be user to auth as admin.
- *
- * Verify that the given caller can authenticate to gain a privilege
- * to do the given action. If the authentication requires
- * administrator privileges, also return a list of users that can be
- * used to do this cf. the <define_admin_auth/> element in the
- * configuration file; see the PolicyKit.conf(5) manual page for
- * details.
- *
- * Returns: #TRUE if, and only if, the given caller can authenticate to
- * gain a privilege to do the given action.
- */
-static polkit_bool_t
-verify_with_polkit (PolKitContext *pol_ctx,
- PolKitCaller *caller,
- PolKitAction *action,
- PolKitResult *out_result,
- char ***out_admin_users)
-{
- PolKitError *pk_error;
-
- pk_error = NULL;
- *out_result = polkit_context_is_caller_authorized (pol_ctx, action, caller, FALSE, &pk_error);
- if (polkit_error_is_set (pk_error)) {
- fprintf (stderr, "polkit-grant-helper: cannot determine if caller is authorized: %s: %s\n",
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto error;
- }
-
- if (*out_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT &&
- *out_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH &&
- *out_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION &&
- *out_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS &&
- *out_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT &&
- *out_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH &&
- *out_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION &&
- *out_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS) {
- fprintf (stderr, "polkit-grant-helper: given auth type (%d -> %s) is bogus\n",
- *out_result, polkit_result_to_string_representation (*out_result));
- goto error;
- }
-
- *out_admin_users = NULL;
-
- /* for admin auth, get a list of users that can be used - this is basically evaluating the
- * <define_admin_auth/> directives in the config file...
- */
- if (*out_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT ||
- *out_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH ||
- *out_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION ||
- *out_result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS) {
- /* TODO: need to revisit this and return list of users that can auth */
- *out_admin_users = NULL;
- }
-
- /* TODO: we should probably clean up */
-
- return TRUE;
-error:
- return FALSE;
-}
-
-static polkit_bool_t
-get_and_validate_override_details (PolKitResult *result)
-{
- char buf[256];
- char *textual_result;
- PolKitResult desired_result;
-
- if (fgets (buf, sizeof buf, stdin) == NULL)
- goto error;
- if (strlen (buf) > 0 &&
- buf[strlen (buf) - 1] == '\n')
- buf[strlen (buf) - 1] = '\0';
-
- if (strncmp (buf,
- "POLKIT_GRANT_CALLER_PASS_OVERRIDE_GRANT_TYPE ",
- sizeof "POLKIT_GRANT_CALLER_PASS_OVERRIDE_GRANT_TYPE " - 1) != 0) {
- goto error;
- }
- textual_result = buf + sizeof "POLKIT_GRANT_CALLER_PASS_OVERRIDE_GRANT_TYPE " - 1;
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: caller said '%s'\n", textual_result);
-#endif /* PGH_DEBUG */
-
- if (!polkit_result_from_string_representation (textual_result, &desired_result))
- goto error;
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: testing for voluntarily downgrade from '%s' to '%s'\n",
- polkit_result_to_string_representation (*result),
- polkit_result_to_string_representation (desired_result));
-#endif /* PGH_DEBUG */
-
- /* See the huge comment in main() below...
- *
- * it comes down to this... users can only choose a more restricted granting type...
- */
- switch (*result) {
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT)
- goto error;
- break;
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT &&
- desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH)
- goto error;
- break;
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT &&
- desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH &&
- desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION)
- goto error;
- break;
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT &&
- desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH &&
- desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION &&
- desired_result != POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS)
- goto error;
- break;
-
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT)
- goto error;
- break;
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT &&
- desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH)
- goto error;
- break;
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT &&
- desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH &&
- desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION)
- goto error;
- break;
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS:
- if (desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT &&
- desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH &&
- desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION &&
- desired_result != POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS)
- goto error;
- break;
-
- default:
- /* we should never reach this */
- goto error;
- }
-
-#ifdef PGH_DEBUG
- if (*result != desired_result) {
- fprintf (stderr, "polkit-grant-helper: voluntarily downgrading from '%s' to '%s'\n",
- polkit_result_to_string_representation (*result),
- polkit_result_to_string_representation (desired_result));
- }
-#endif /* PGH_DEBUG */
-
- *result = desired_result;
-
- return TRUE;
-error:
- return FALSE;
-}
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- uid_t invoking_user_id;
- pid_t caller_pid;
- gid_t egid;
- struct group *group;
- char *endp;
- const char *invoking_user_name;
- const char *action_name;
- PolKitResult result;
- PolKitResult orig_result;
- const char *user_to_auth;
- uid_t uid_of_user_to_auth;
- char *session_objpath;
- struct passwd *pw;
- polkit_bool_t dbres;
- char **admin_users;
- DBusError error;
- DBusConnection *bus;
- PolKitContext *context;
- PolKitAction *action;
- PolKitCaller *caller;
- uid_t caller_uid;
- PolKitSession *session;
- gboolean empty_conversation;
- char buf[256];
-
- ret = 3;
-
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto out;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-
- openlog ("polkit-grant-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 3) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-grant-helper: wrong number of arguments. This incident has been logged.\n");
- goto out;
- }
-
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-grant-helper: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto out;
- }
-
- /* check user */
- invoking_user_id = getuid ();
- if (invoking_user_id == 0) {
- fprintf (stderr, "polkit-grant-helper: it only makes sense to run polkit-grant-helper as non-root\n");
- goto out;
- }
-
- /* check that we are setgid polkituser */
- egid = getegid ();
- group = getgrgid (egid);
- if (group == NULL) {
- fprintf (stderr, "polkit-grant-helper: cannot lookup group info for gid %d\n", egid);
- goto out;
- }
- if (strcmp (group->gr_name, POLKIT_GROUP) != 0) {
- fprintf (stderr, "polkit-grant-helper: needs to be setgid " POLKIT_GROUP "\n");
- goto out;
- }
-
- pw = getpwuid (invoking_user_id);
- if (pw == NULL) {
- fprintf (stderr, "polkit-grant-helper: cannot lookup passwd info for uid %d\n", invoking_user_id);
- goto out;
- }
- invoking_user_name = strdup (pw->pw_name);
- if (invoking_user_name == NULL) {
- fprintf (stderr, "polkit-grant-helper: OOM allocating memory for invoking user name\n");
- goto out;
- }
-
- caller_pid = strtol (argv[1], &endp, 10);
- if (endp == NULL || endp == argv[1] || *endp != '\0') {
- fprintf (stderr, "polkit-grant-helper: cannot parse pid\n");
- goto out;
- }
- action_name = argv[2];
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: invoking user = %d ('%s')\n", invoking_user_id, invoking_user_name);
- fprintf (stderr, "polkit-grant-helper: caller_pid = %d\n", caller_pid);
- fprintf (stderr, "polkit-grant-helper: action_name = '%s'\n", action_name);
-#endif /* PGH_DEBUG */
-
- ret = 2;
-
- context = polkit_context_new ();
- if (!polkit_context_init (context, NULL)) {
- fprintf (stderr, "polkit-grant-helper: cannot initialize polkit\n");
- goto out;
- }
-
- action = polkit_action_new ();
- polkit_action_set_action_id (action, action_name);
-
- dbus_error_init (&error);
- bus = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
- if (bus == NULL) {
- fprintf (stderr, "polkit-grant-helper: cannot connect to system bus: %s: %s\n",
- error.name, error.message);
- dbus_error_free (&error);
- goto out;
- }
-
- caller = polkit_caller_new_from_pid (bus, caller_pid, &error);
- if (caller == NULL) {
- fprintf (stderr, "polkit-grant-helper: cannot get caller from pid: %s: %s\n",
- error.name, error.message);
- goto out;
- }
- if (!polkit_caller_get_uid (caller, &caller_uid)) {
- fprintf (stderr, "polkit-grant-helper: no uid for caller\n");
- goto out;
- }
-
- /* This user does not have to be in a session.. for example, one might
- * use <allow_any>auth_admin</allow_any>...
- */
- session = NULL;
- session_objpath = NULL;
- if (polkit_caller_get_ck_session (caller, &session) && session != NULL) {
- if (!polkit_session_get_ck_objref (session, &session_objpath)) {
- session = NULL;
- session_objpath = NULL;
- }
- }
-
- /* Use libpolkit to figure out if the caller can really auth to do the action
- */
- if (!verify_with_polkit (context, caller, action, &result, &admin_users))
- goto out;
-
-#ifdef PGH_DEBUG
- if (admin_users != NULL) {
- int n;
- fprintf (stderr, "polkit-grant-helper: admin_users: ");
- for (n = 0; admin_users[n] != NULL; n++)
- fprintf (stderr, "'%s' ", admin_users[n]);
- fprintf (stderr, "\n");
- }
-#endif /* PGH_DEBUG */
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: polkit result = '%s'\n",
- polkit_result_to_string_representation (result));
- fprintf (stderr, "polkit-grant-helper: session_objpath = '%s'\n", session_objpath);
-#endif /* PGH_DEBUG */
-
- /* tell the caller about the grant details; e.g. whether
- * it's auth_self_keep_always or auth_self etc.
- */
- fprintf (stdout, "POLKIT_GRANT_HELPER_TELL_TYPE %s\n",
- polkit_result_to_string_representation (result));
- fflush (stdout);
-
- /* if admin auth is required, tell caller about possible users */
- if (admin_users != NULL) {
- int n;
- fprintf (stdout, "POLKIT_GRANT_HELPER_TELL_ADMIN_USERS");
- for (n = 0; admin_users[n] != NULL; n++)
- fprintf (stdout, " %s", admin_users[n]);
- fprintf (stdout, "\n");
- fflush (stdout);
- }
-
-
- /* wait for libpolkit-grant to tell us what user to use */
- if (admin_users != NULL) {
- int n;
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "waiting for admin user name...\n");
-#endif /* PGH_DEBUG */
-
- /* read from parent */
- if (fgets (buf, sizeof buf, stdin) == NULL)
- goto out;
- if (strlen (buf) > 0 && buf[strlen (buf) - 1] == '\n')
- buf[strlen (buf) - 1] = '\0';
-
- if (strncmp (buf,
- "POLKIT_GRANT_CALLER_SELECT_ADMIN_USER ",
- sizeof "POLKIT_GRANT_CALLER_SELECT_ADMIN_USER " - 1) != 0) {
- goto out;
- }
-
- user_to_auth = buf + sizeof "POLKIT_GRANT_CALLER_SELECT_ADMIN_USER " - 1;
-#ifdef PGH_DEBUG
- fprintf (stderr, "libpolkit-grant wants to auth as '%s'\n", user_to_auth);
-#endif /* PGH_DEBUG */
-
- /* now sanity check that returned user is actually in admin_users */
- for (n = 0; admin_users[n] != NULL; n++) {
- if (strcmp (admin_users[n], user_to_auth) == 0)
- break;
- }
- if (admin_users[n] == NULL) {
- ret = 2;
- goto out;
- }
-
- } else {
- /* figure out what user to auth */
- if (result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT ||
- result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH ||
- result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION ||
- result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS) {
- user_to_auth = "root";
- } else {
- user_to_auth = invoking_user_name;
- }
- }
-
- if (strcmp (user_to_auth, "root") == 0) {
- uid_of_user_to_auth = 0;
- } else {
- struct passwd *passwd;
-
- passwd = getpwnam (user_to_auth);
- if (passwd == NULL) {
- fprintf (stderr, "polkit-grant-helper: can not look up uid for user '%s'\n", user_to_auth);
- goto out;
- }
- uid_of_user_to_auth = passwd->pw_uid;
- }
-
- ret = 1;
-
- /* Start authentication */
- if (!do_auth (user_to_auth, &empty_conversation)) {
- goto out;
- }
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: empty_conversation=%d\n", empty_conversation);
-#endif /* PGH_DEBUG */
-
- /* Ask caller if he want to slim down grant type... e.g. he
- * might want to go from auth_self_keep_always to
- * auth_self_keep_session..
- *
- * See docs for the PolKitGrantOverrideGrantType callback type
- * for use cases; it's in polkit-grant/polkit-grant.h
- */
- fprintf (stdout, "POLKIT_GRANT_HELPER_ASK_OVERRIDE_GRANT_TYPE %s\n",
- polkit_result_to_string_representation (result));
- fflush (stdout);
-
- orig_result = result;
- if (!get_and_validate_override_details (&result)) {
- /* if this fails it means bogus input from user */
- ret = 2;
- goto out;
- }
-
- if (empty_conversation && orig_result == result) {
- /* If the conversation was empty it means the user probably never
- * saw the an auth dialog.. specifically it means he never was able
- * to change the scope of the from e.g. 'always' to 'session' or
- * 'process'. In fact, it means he was never aware any authorization
- * was granted.
- *
- * So to avoid surprises for people who do reckless things like play
- * around with disabling passwords on their system, make an executive
- * decision to downgrade the scope...
- *
- * See RH #401811 for details of one user that was caught by this.
- */
-
- if (result == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS) {
- result = POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION;
- } else if (result == POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS) {
- result = POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION;
- }
- }
-
-
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: adding grant: action_id=%s session_id=%s pid=%d result='%s'\n",
- action_name, session_objpath, caller_pid, polkit_result_to_string_representation (result));
-#endif /* PGH_DEBUG */
-
- /* make sure write permissions for group is honored */
- umask (002);
-
- switch (result) {
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT:
- dbres = polkit_authorization_db_add_entry_process_one_shot (polkit_context_get_authorization_db (context),
- action,
- caller,
- uid_of_user_to_auth);
- if (dbres) {
- syslog (LOG_INFO, "granted one shot authorization for %s to pid %d [uid=%d] [auth=%s]",
- action_name, caller_pid, invoking_user_id, user_to_auth);
- }
- break;
-
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH:
- dbres = polkit_authorization_db_add_entry_process (polkit_context_get_authorization_db (context),
- action,
- caller,
- uid_of_user_to_auth);
- if (dbres) {
- syslog (LOG_INFO, "granted authorization for %s to pid %d [uid=%d] [auth=%s]",
- action_name, caller_pid, invoking_user_id, user_to_auth);
- }
- break;
-
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION:
- if (session == NULL || session_objpath == NULL) {
- fprintf (stderr, "polkit-grant-helper: cannot grant to session when not in a session\n");
- ret = 2;
- goto out;
- }
- dbres = polkit_authorization_db_add_entry_session (polkit_context_get_authorization_db (context),
- action,
- caller,
- uid_of_user_to_auth);
-
- if (dbres) {
- syslog (LOG_INFO, "granted authorization for %s to session %s [uid=%d] [auth=%s]",
- action_name, session_objpath, invoking_user_id, user_to_auth);
- }
- break;
-
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS:
- dbres = polkit_authorization_db_add_entry_always (polkit_context_get_authorization_db (context),
- action,
- caller,
- uid_of_user_to_auth);
- if (dbres) {
- syslog (LOG_INFO, "granted authorization for %s to uid %d [auth=%s]",
- action_name, caller_uid, user_to_auth);
- }
- break;
-
- default:
- /* should never happen */
- goto out;
- }
-
- if (!dbres) {
- fprintf (stderr, "polkit-grant-helper: failed to write to grantdb\n");
- goto out;
- }
-
- ret = 0;
-out:
-#ifdef PGH_DEBUG
- fprintf (stderr, "polkit-grant-helper: exiting with code %d\n", ret);
-#endif /* PGH_DEBUG */
- return ret;
-}
diff --git a/src/polkit-grant/polkit-grant-test.c b/src/polkit-grant/polkit-grant-test.c
deleted file mode 100644
index 8867769..0000000
--- a/src/polkit-grant/polkit-grant-test.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant-test.c : polkit-grant tests
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <syslog.h>
-#include <polkit/polkit-private.h>
-#include <polkit-grant/polkit-grant-test.h>
-
-#define MAX_TESTS 64
-
-/**
- * SECTION:polkit-grant-test
- * @short_description: Testing code for libpolkit-grant
- *
- * Testing code for libpolkit-grant
- */
-
-static KitTest *tests[] = {
- &_test_polkit_grant,
-};
-
-int
-main (int argc, char *argv[])
-{
- /* Some of the code will log to syslog because .policy files
- * etc. may be malformed. Since this will open a socket to the
- * system logger preempt this so the fd-leak checking don't
- * freak out.
- */
- syslog (LOG_INFO, "libpolkit-grant: initiating test; bogus alerts may be written to syslog");
-
- if (kit_test_run (tests, sizeof (tests) / sizeof (KitTest*)))
- return 0;
- else
- return 1;
-}
diff --git a/src/polkit-grant/polkit-grant-test.h b/src/polkit-grant/polkit-grant-test.h
deleted file mode 100644
index dfb9a61..0000000
--- a/src/polkit-grant/polkit-grant-test.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant-test.h : polkit-grant tests
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION)
-#error "polkit-dbus-test.h is a private file"
-#endif
-
-#ifndef POLKIT_GRANT_TEST_H
-#define POLKIT_GRANT_TEST_H
-
-#include <kit/kit.h>
-
-POLKIT_BEGIN_DECLS
-
-extern KitTest _test_polkit_grant;
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_GRANT_TEST_H */
-
-
diff --git a/src/polkit-grant/polkit-grant.c b/src/polkit-grant/polkit-grant.c
deleted file mode 100644
index ad4c98f..0000000
--- a/src/polkit-grant/polkit-grant.c
+++ /dev/null
@@ -1,564 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant.c : library for obtaining privileges
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include <sys/wait.h>
-#include <signal.h>
-
-#include <glib.h>
-#include "polkit-grant.h"
-#include "polkit-grant-test.h"
-
-/**
- * SECTION:polkit-grant
- * @title: Authorizations and Authentication
- * @short_description: Obtain authorizations through
- * authentication.
- *
- * These functions are used to obtain authorizations for a user that
- * is able to successfully authenticate. It is only useful for people
- * writing user interfaces that interfaces with the end user.
- *
- * All of these functions are in the
- * <literal>libpolkit-grant</literal> library.
- **/
-
-/**
- * PolKitGrant:
- *
- * Objects of this class are used to obtain authorizations for a user
- * that is able to successfully authenticate. It is only useful for
- * people writing user interfaces that interfaces with the end user.
- *
- * All of these functions are in the
- * <literal>libpolkit-grant</literal> library.
- **/
-struct _PolKitGrant
-{
- int refcount;
-
- PolKitGrantAddIOWatch func_add_io_watch;
- PolKitGrantAddChildWatch func_add_child_watch;
- PolKitGrantRemoveWatch func_remove_watch;
- PolKitGrantType func_type;
- PolKitGrantSelectAdminUser func_select_admin_user;
- PolKitGrantConversationPromptEchoOff func_prompt_echo_off;
- PolKitGrantConversationPromptEchoOn func_prompt_echo_on;
- PolKitGrantConversationErrorMessage func_error_message;
- PolKitGrantConversationTextInfo func_text_info;
- PolKitGrantOverrideGrantType func_override_grant_type;
- PolKitGrantDone func_done;
- void *user_data;
-
- int child_stdin;
- int child_stdout;
- GPid child_pid;
- FILE *child_stdout_f;
-
- int child_watch_id;
- int io_watch_id;
-
- gboolean success;
- gboolean helper_is_running;
-};
-
-/**
- * polkit_grant_new:
- *
- * Creates a #PolKitGrant object.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: the new object or #NULL if the authorization backend
- * doesn't support obtaining authorizations through authentication.
- **/
-PolKitGrant *
-polkit_grant_new (void)
-{
- PolKitGrant *polkit_grant;
-
- if (! (polkit_authorization_db_get_capabilities () & POLKIT_AUTHORIZATION_DB_CAPABILITY_CAN_OBTAIN))
- return NULL;
-
- polkit_grant = g_new0 (PolKitGrant, 1);
- polkit_grant->refcount = 1;
- return polkit_grant;
-}
-
-/**
- * polkit_grant_ref:
- * @polkit_grant: the object
- *
- * Increase reference count.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: the object.
- **/
-PolKitGrant *
-polkit_grant_ref (PolKitGrant *polkit_grant)
-{
- g_return_val_if_fail (polkit_grant != NULL, NULL);
-
- polkit_grant->refcount++;
- return polkit_grant;
-}
-
-/**
- * polkit_grant_unref:
- * @polkit_grant: the object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- **/
-void
-polkit_grant_unref (PolKitGrant *polkit_grant)
-{
- g_return_if_fail (polkit_grant != NULL);
-
- polkit_grant->refcount--;
- if (polkit_grant->refcount > 0)
- return;
-
- if (polkit_grant->io_watch_id > 0) {
- polkit_grant->func_remove_watch (polkit_grant, polkit_grant->io_watch_id);
- }
- if (polkit_grant->child_watch_id > 0) {
- polkit_grant->func_remove_watch (polkit_grant, polkit_grant->child_watch_id);
- }
- if (polkit_grant->child_pid > 0) {
- int status;
- kill (polkit_grant->child_pid, SIGTERM);
- waitpid (polkit_grant->child_pid, &status, 0);
- }
- if (polkit_grant->child_stdout_f != NULL) {
- fclose (polkit_grant->child_stdout_f);
- }
- if (polkit_grant->child_stdout >= 0) {
- close (polkit_grant->child_stdout);
- }
- if (polkit_grant->child_stdin >= 0) {
- close (polkit_grant->child_stdin);
- }
-
- g_free (polkit_grant);
-}
-
-/**
- * polkit_grant_set_functions:
- * @polkit_grant: the object
- * @func_add_io_watch: Callback function
- * @func_add_child_watch: Callback function
- * @func_remove_watch: Callback function
- * @func_type: Callback function
- * @func_select_admin_user: Callback function
- * @func_prompt_echo_off: Callback function
- * @func_prompt_echo_on: Callback function
- * @func_error_message: Callback function
- * @func_text_info: Callback function
- * @func_override_grant_type: Callback function
- * @func_done: Callback function
- * @user_data: User data that will be passed to the callback functions.
- *
- * Set callback functions used for authentication.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- **/
-void
-polkit_grant_set_functions (PolKitGrant *polkit_grant,
- PolKitGrantAddIOWatch func_add_io_watch,
- PolKitGrantAddChildWatch func_add_child_watch,
- PolKitGrantRemoveWatch func_remove_watch,
- PolKitGrantType func_type,
- PolKitGrantSelectAdminUser func_select_admin_user,
- PolKitGrantConversationPromptEchoOff func_prompt_echo_off,
- PolKitGrantConversationPromptEchoOn func_prompt_echo_on,
- PolKitGrantConversationErrorMessage func_error_message,
- PolKitGrantConversationTextInfo func_text_info,
- PolKitGrantOverrideGrantType func_override_grant_type,
- PolKitGrantDone func_done,
- void *user_data)
-{
- g_return_if_fail (polkit_grant != NULL);
- g_return_if_fail (func_add_io_watch != NULL);
- g_return_if_fail (func_add_child_watch != NULL);
- g_return_if_fail (func_remove_watch != NULL);
- g_return_if_fail (func_type != NULL);
- g_return_if_fail (func_select_admin_user != NULL);
- g_return_if_fail (func_prompt_echo_off != NULL);
- g_return_if_fail (func_prompt_echo_on != NULL);
- g_return_if_fail (func_error_message != NULL);
- g_return_if_fail (func_text_info != NULL);
- g_return_if_fail (func_override_grant_type != NULL);
- polkit_grant->func_add_io_watch = func_add_io_watch;
- polkit_grant->func_add_child_watch = func_add_child_watch;
- polkit_grant->func_remove_watch = func_remove_watch;
- polkit_grant->func_type = func_type;
- polkit_grant->func_select_admin_user = func_select_admin_user;
- polkit_grant->func_prompt_echo_off = func_prompt_echo_off;
- polkit_grant->func_prompt_echo_on = func_prompt_echo_on;
- polkit_grant->func_error_message = func_error_message;
- polkit_grant->func_text_info = func_text_info;
- polkit_grant->func_override_grant_type = func_override_grant_type;
- polkit_grant->func_done = func_done;
- polkit_grant->user_data = user_data;
-}
-
-
-/**
- * polkit_grant_child_func:
- * @polkit_grant: the object
- * @pid: pid of the child
- * @exit_code: exit code of the child
- *
- * Method that the application must call when a child process
- * registered with the supplied function of type
- * #PolKitGrantAddChildWatch terminates.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- **/
-void
-polkit_grant_child_func (PolKitGrant *polkit_grant, pid_t pid, int exit_code)
-{
- int status;
- polkit_bool_t input_was_bogus;
-
- g_return_if_fail (polkit_grant != NULL);
- g_return_if_fail (polkit_grant->helper_is_running);
-
- /* g_debug ("pid %d terminated", pid); */
- waitpid (pid, &status, 0);
-
- if (exit_code >= 2)
- input_was_bogus = TRUE;
- else
- input_was_bogus = FALSE;
-
- polkit_grant->success = (exit_code == 0);
- polkit_grant->helper_is_running = FALSE;
- polkit_grant->func_done (polkit_grant, polkit_grant->success, input_was_bogus, polkit_grant->user_data);
-}
-
-
-/**
- * polkit_grant_io_func:
- * @polkit_grant: the object
- * @fd: the file descriptor passed to the supplied function of type #PolKitGrantAddIOWatch.
- *
- * Method that the application must call when there is data to read
- * from a file descriptor registered with the supplied function of
- * type #PolKitGrantAddIOWatch.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- **/
-void
-polkit_grant_io_func (PolKitGrant *polkit_grant, int fd)
-{
- char *line = NULL;
- size_t line_len = 0;
- char *id;
- size_t id_len;
- char *response;
- char *response_prefix;
-
- g_return_if_fail (polkit_grant != NULL);
- g_return_if_fail (polkit_grant->helper_is_running);
-
- while (kit_getline (&line, &line_len, polkit_grant->child_stdout_f) != -1) {
- if (strlen (line) > 0 &&
- line[strlen (line) - 1] == '\n')
- line[strlen (line) - 1] = '\0';
-
- response = NULL;
- response_prefix = NULL;
-
- id = "PAM_PROMPT_ECHO_OFF ";
- if (g_str_has_prefix (line, id)) {
- id_len = strlen (id);
- response_prefix = "";
- response = polkit_grant->func_prompt_echo_off (polkit_grant,
- line + id_len,
- polkit_grant->user_data);
- goto processed;
- }
-
- id = "PAM_PROMPT_ECHO_ON ";
- if (g_str_has_prefix (line, id)) {
- id_len = strlen (id);
- response_prefix = "";
- response = polkit_grant->func_prompt_echo_on (polkit_grant,
- line + id_len,
- polkit_grant->user_data);
- goto processed;
- }
-
- id = "PAM_ERROR_MSG ";
- if (g_str_has_prefix (line, id)) {
- id_len = strlen (id);
- polkit_grant->func_error_message (polkit_grant,
- line + id_len,
- polkit_grant->user_data);
- goto processed;
- }
-
- id = "PAM_TEXT_INFO ";
- if (g_str_has_prefix (line, id)) {
- id_len = strlen (id);
- polkit_grant->func_text_info (polkit_grant,
- line + id_len,
- polkit_grant->user_data);
- goto processed;
- }
-
- id = "POLKIT_GRANT_HELPER_TELL_TYPE ";
- if (g_str_has_prefix (line, id)) {
- PolKitResult result;
- char *result_textual;
-
- id_len = strlen (id);
- result_textual = line + id_len;
- if (!polkit_result_from_string_representation (result_textual, &result)) {
- /* TODO: danger will robinson */
- }
-
- polkit_grant->func_type (polkit_grant,
- result,
- polkit_grant->user_data);
- goto processed;
- }
-
- id = "POLKIT_GRANT_HELPER_TELL_ADMIN_USERS ";
- if (g_str_has_prefix (line, id)) {
- char **admin_users;
-
- id_len = strlen (id);
- admin_users = g_strsplit (line + id_len, " ", 0);
-
- response_prefix = "POLKIT_GRANT_CALLER_SELECT_ADMIN_USER ";
- response = polkit_grant->func_select_admin_user (polkit_grant,
- admin_users,
- polkit_grant->user_data);
- g_strfreev (admin_users);
-
- goto processed;
- }
-
- id = "POLKIT_GRANT_HELPER_ASK_OVERRIDE_GRANT_TYPE ";
- if (g_str_has_prefix (line, id)) {
- PolKitResult override;
- PolKitResult result;
- id_len = strlen (id);
- if (!polkit_result_from_string_representation (line + id_len, &result)) {
- /* TODO: danger will robinson */
- }
- override = polkit_grant->func_override_grant_type (polkit_grant,
- result,
- polkit_grant->user_data);
- response_prefix = "POLKIT_GRANT_CALLER_PASS_OVERRIDE_GRANT_TYPE ";
- response = g_strdup (polkit_result_to_string_representation (override));
- goto processed;
- }
-
- processed:
- if (response != NULL && response_prefix != NULL) {
- char *buf;
- gboolean add_newline;
-
- /* add a newline if there isn't one already... */
- add_newline = FALSE;
- if (response[strlen (response) - 1] != '\n') {
- add_newline = TRUE;
- }
- buf = g_strdup_printf ("%s%s%c",
- response_prefix,
- response,
- add_newline ? '\n' : '\0');
- write (polkit_grant->child_stdin, buf, strlen (buf));
- g_free (buf);
- free (response);
- }
- }
-
- if (line != NULL)
- free (line);
-
- polkit_grant->func_remove_watch (polkit_grant, polkit_grant->io_watch_id);
-}
-
-/**
- * polkit_grant_cancel_auth:
- * @polkit_grant: the object
- *
- * Cancel an authentication in progress
- *
- * This function is in <literal>libpolkit-grant</literal>.
- **/
-void
-polkit_grant_cancel_auth (PolKitGrant *polkit_grant)
-{
- GPid pid;
- g_return_if_fail (polkit_grant != NULL);
- g_return_if_fail (polkit_grant->helper_is_running);
-
- pid = polkit_grant->child_pid;
- polkit_grant->child_pid = 0;
- if (pid > 0) {
- int status;
- kill (pid, SIGTERM);
- waitpid (pid, &status, 0);
- polkit_grant->helper_is_running = FALSE;
- }
- polkit_grant->func_done (polkit_grant, FALSE, FALSE, polkit_grant->user_data);
-}
-
-/**
- * polkit_grant_initiate_auth:
- * @polkit_grant: the object
- * @action: Action requested by caller
- * @caller: Caller in question
- *
- * Initiate authentication to obtain the privilege for the given
- * @caller to perform the specified @action. The caller of this method
- * must have setup callback functions using the method
- * polkit_grant_set_functions() prior to calling this method.
- *
- * Implementation-wise, this class uses a secure (e.g. as in that it
- * checks all information and fundamenally don't trust the caller;
- * e.g. the #PolKitGrant class) setgid helper that does all the heavy
- * lifting.
- *
- * The caller of this method must iterate the mainloop context in
- * order for authentication to make progress.
- *
- * This function is in <literal>libpolkit-grant</literal>.
- *
- * Returns: #TRUE only if authentication have been initiated.
- **/
-polkit_bool_t
-polkit_grant_initiate_auth (PolKitGrant *polkit_grant,
- PolKitAction *action,
- PolKitCaller *caller)
-{
- pid_t pid;
- char *action_id;
- GError *g_error;
- char *helper_argv[4];
-
- g_return_val_if_fail (polkit_grant != NULL, FALSE);
- /* check that callback functions have been properly set up */
- g_return_val_if_fail (polkit_grant->func_done != NULL, FALSE);
-
- if (!polkit_caller_get_pid (caller, &pid))
- goto error;
-
- if (!polkit_action_get_action_id (action, &action_id))
- goto error;
-
- /* TODO: verify incoming args */
-
- /* helper_argv[0] = "/home/davidz/Hacking/PolicyKit/polkit-grant/.libs/polkit-grant-helper-1"; */
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-grant-helper-1";
- helper_argv[1] = g_strdup_printf ("%d", pid);
- helper_argv[2] = action_id;
- helper_argv[3] = NULL;
-
- polkit_grant->child_stdin = -1;
- polkit_grant->child_stdout = -1;
-
- g_error = NULL;
- if (!g_spawn_async_with_pipes (NULL,
- (char **) helper_argv,
- NULL,
- G_SPAWN_DO_NOT_REAP_CHILD |
- 0,//G_SPAWN_STDERR_TO_DEV_NULL,
- NULL,
- NULL,
- &polkit_grant->child_pid,
- &polkit_grant->child_stdin,
- &polkit_grant->child_stdout,
- NULL,
- &g_error)) {
- fprintf (stderr, "Cannot spawn helper: %s.\n", g_error->message);
- g_error_free (g_error);
- g_free (helper_argv[1]);
- goto error;
- }
- g_free (helper_argv[1]);
-
- polkit_grant->child_watch_id = polkit_grant->func_add_child_watch (polkit_grant, polkit_grant->child_pid);
- if (polkit_grant->child_watch_id == 0)
- goto error;
-
- polkit_grant->io_watch_id = polkit_grant->func_add_io_watch (polkit_grant, polkit_grant->child_stdout);
- if (polkit_grant->io_watch_id == 0)
- goto error;
-
- /* so we can use getline... */
- polkit_grant->child_stdout_f = fdopen (polkit_grant->child_stdout, "r");
- if (polkit_grant->child_stdout_f == NULL)
- goto error;
-
- polkit_grant->success = FALSE;
-
- polkit_grant->helper_is_running = TRUE;
-
- return TRUE;
-error:
- return FALSE;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-KitTest _test_polkit_grant = {
- "polkit_grant",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit-grant/polkit-grant.h b/src/polkit-grant/polkit-grant.h
deleted file mode 100644
index 0e6e19a..0000000
--- a/src/polkit-grant/polkit-grant.h
+++ /dev/null
@@ -1,373 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-grant.h : library for obtaining privileges
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifndef POLKIT_GRANT_H
-#define POLKIT_GRANT_H
-
-#include <polkit/polkit.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitGrant;
-typedef struct _PolKitGrant PolKitGrant;
-
-/**
- * PolKitGrantType:
- * @polkit_grant: the grant object
- * @grant_type: the current type of what privilege to obtain
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that describes to what extent the
- * privilege can be obtained; e.g. whether the user can keep it
- * (e.g. forever, for the session or not keep it at all).
- *
- * See also #PolKitGrantOverrideGrantType for discussion on the type
- * of user interfaces one should put up depending on the value of
- * @grant_type.
- **/
-typedef void (*PolKitGrantType) (PolKitGrant *polkit_grant,
- PolKitResult grant_type,
- void *user_data);
-
-/**
- * PolKitGrantSelectAdminUser:
- * @polkit_grant: the grant object
- * @admin_users: a NULL-terminated array of users that can be used for
- * authentication for admin grants.
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that describes the possible users that
- * can be chosen for authentication when administrator privileges are
- * required.
- *
- * Returns: the chosen user; must be allocated with malloc(3) and will
- * be freed by the #PolKitGrant class.
- **/
-typedef char* (*PolKitGrantSelectAdminUser) (PolKitGrant *polkit_grant,
- char **admin_users,
- void *user_data);
-
-
-/**
- * PolKitGrantConversationPromptEchoOff:
- * @polkit_grant: the grant object
- * @prompt: prompt passed by the authentication layer; do not free this string
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer needs to ask the user a secret and the UI should NOT echo what
- * the user types on the screen.
- *
- * Returns: the answer obtained from the user; must be allocated with
- * malloc(3) and will be freed by the #PolKitGrant class.
- **/
-typedef char* (*PolKitGrantConversationPromptEchoOff) (PolKitGrant *polkit_grant,
- const char *prompt,
- void *user_data);
-
-/**
- * PolKitGrantConversationPromptEchoOn:
- * @polkit_grant: the grant object
- * @prompt: prompt passed by the authentication layer; do not free this string
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer needs to ask the user a secret and the UI should echo what
- * the user types on the screen.
- *
- * Returns: the answer obtained from the user; must be allocated with
- * malloc(3) and will be freed by the #PolKitGrant class.
- **/
-typedef char* (*PolKitGrantConversationPromptEchoOn) (PolKitGrant *polkit_grant,
- const char *prompt,
- void *user_data);
-
-/**
- * PolKitGrantConversationErrorMessage:
- * @polkit_grant: the grant object
- * @error_message: error message passed by the authentication layer; do not free this string
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer produces an error message that should be displayed in the UI.
- **/
-typedef void (*PolKitGrantConversationErrorMessage) (PolKitGrant *polkit_grant,
- const char *error_message,
- void *user_data);
-
-/**
- * PolKitGrantConversationTextInfo:
- * @polkit_grant: the grant object
- * @text_info: information passed by the authentication layer; do not free this string
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer produces an informational message that should be displayed in
- * the UI.
- **/
-typedef void (*PolKitGrantConversationTextInfo) (PolKitGrant *polkit_grant,
- const char *text_info,
- void *user_data);
-
-/**
- * PolKitGrantOverrideGrantType:
- * @polkit_grant: the grant object
- * @grant_type: the current type of what privilege to obtain; this is
- * the same value as passed to the callback of type #PolKitGrantType.
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * Type for callback function that enables the UI to request a lesser
- * privilege than is obtainable. This callback is invoked when the
- * user have successfully authenticated but before the privilege is
- * granted.
- *
- * Basically, this callback enables a program to provide an user
- * interface like this:
- *
- * <programlisting>
- * +------------------------------------------------------------+
- * | You need to authenticate to access the volume 'Frobnicator |
- * | Adventures Vol 2' |
- * | |
- * | Password: [_________________] |
- * | |
- * [ [x] Remember this decision |
- * | [ ] for this session |
- * | [*] for this and future sessions |
- * | |
- * | [Cancel] [Authenticate] |
- * +------------------------------------------------------------+
- * </programlisting>
- *
- * This dialog assumes that @grant_type passed was
- * #POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS. By ticking the
- * check boxes in the dialog, the user can override this to either
- * #POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION or
- * #POLKIT_RESULT_ONLY_VIA_SELF_AUTH. Thus, the user can
- * voluntarily choose to obtain a lesser privilege.
- *
- * Another example, would be that the @grant_type passed was
- * #POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION. Then the dialog
- * should look like this:
- *
- * <programlisting>
- * +------------------------------------------------------------+
- * | You need to authenticate to access the volume 'Frobnicator |
- * | Adventures Vol 2' |
- * | |
- * | Password: [_________________] |
- * | |
- * [ [x] Remember this decision for the rest of the session |
- * | |
- * | [Cancel] [Authenticate] |
- * +------------------------------------------------------------+
- * </programlisting>
- *
- * Finally, if the @grant_type value passed is
- * e.g. #POLKIT_RESULT_ONLY_VIA_SELF_AUTH, there are no options to
- * click.:
- *
- * <programlisting>
- * +------------------------------------------------------------+
- * | You need to authenticate to access the volume 'Frobnicator |
- * | Adventures Vol 2' |
- * | |
- * | Password: [_________________] |
- * | |
- * | [Cancel] [Authenticate] |
- * +------------------------------------------------------------+
- * </programlisting>
- *
- * Of course, these examples also applies to
- * #POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH and friends.
- *
- * Returns: the desired type of what privilege to obtain; note that it
- * won't work asking for more privileges than what @grant_type
- * specifies; the passed value is properly checked in the secure
- * setgid granting helper mentioned in
- * polkit_grant_initiate_auth().
- **/
-typedef PolKitResult (*PolKitGrantOverrideGrantType) (PolKitGrant *polkit_grant,
- PolKitResult grant_type,
- void *user_data);
-
-/**
- * PolKitGrantDone:
- * @polkit_grant: the grant object
- * @gained_privilege: whether the privilege was obtained
- * @invalid_data: whether the input data was bogus (not including bad passwords)
- * @user_data: user data pointed as passed into polkit_grant_set_functions()
- *
- * This function is called when the granting process ends; either if
- * successful or if it was canceled using
- * e.g. polkit_grant_cancel_auth().
- **/
-typedef void (*PolKitGrantDone) (PolKitGrant *polkit_grant,
- polkit_bool_t gained_privilege,
- polkit_bool_t invalid_data,
- void *user_data);
-
-/**
- * PolKitGrantAddChildWatch:
- * @polkit_grant: the grant object
- * @pid: the child pid to watch
- *
- * Type for function supplied by the application to integrate a watch
- * on a child process into the applications main loop. The
- * application must call polkit_grant_child_func() when the
- * child dies
- *
- * For glib mainloop, the function will typically look like this:
- *
- * <programlisting>
- * static void
- * child_watch_func (GPid pid,
- * gint status,
- * gpointer user_data)
- * {
- * PolKitGrant *polkit_grant = user_data;
- * polkit_grant_child_func (polkit_grant, pid, WEXITSTATUS (status));
- * }
- *
- * static int
- * add_child_watch (PolKitGrant *polkit_grant, pid_t pid)
- * {
- * return g_child_watch_add (pid, child_watch_func, polkit_grant);
- * }
- * </programlisting>
- *
- * Returns: 0 if the watch couldn't be set up; otherwise an unique
- * identifier for the watch.
- **/
-typedef int (*PolKitGrantAddChildWatch) (PolKitGrant *polkit_grant,
- pid_t pid);
-
-/**
- * PolKitGrantAddIOWatch:
- * @polkit_grant: the grant object
- * @fd: the file descriptor to watch
- *
- * Type for function supplied by the application to integrate a watch
- * on a file descriptor into the applications main loop. The
- * application must call polkit_grant_io_func() when there is data
- * to read from the file descriptor.
- *
- * For glib mainloop, the function will typically look like this:
- *
- * <programlisting>
- * static gboolean
- * io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data)
- * {
- * int fd;
- * PolKitGrant *polkit_grant = user_data;
- * fd = g_io_channel_unix_get_fd (channel);
- * polkit_grant_io_func (polkit_grant, fd);
- * return TRUE;
- * }
- *
- * static int
- * add_io_watch (PolKitGrant *polkit_grant, int fd)
- * {
- * guint id = 0;
- * GIOChannel *channel;
- * channel = g_io_channel_unix_new (fd);
- * if (channel == NULL)
- * goto out;
- * id = g_io_add_watch (channel, G_IO_IN, io_watch_have_data, polkit_grant);
- * if (id == 0) {
- * g_io_channel_unref (channel);
- * goto out;
- * }
- * g_io_channel_unref (channel);
- * out:
- * return id;
- * }
- * </programlisting>
- *
- * Returns: 0 if the watch couldn't be set up; otherwise an unique
- * identifier for the watch.
- **/
-typedef int (*PolKitGrantAddIOWatch) (PolKitGrant *polkit_grant,
- int fd);
-
-/**
- * PolKitGrantRemoveWatch:
- * @polkit_grant: the grant object
- * @watch_id: the id obtained from using the supplied function
- * of type #PolKitGrantAddIOWatch or #PolKitGrantAddChildWatch.
- *
- * Type for function supplied by the application to remove a watch set
- * up via the supplied function of type #PolKitGrantAddIOWatch or type
- * #PolKitGrantAddChildWatch.
- *
- * For glib mainloop, the function will typically look like this:
- *
- * <programlisting>
- * static void
- * remove_watch (PolKitGrant *polkit_auth, int watch_id)
- * {
- * g_source_remove (watch_id);
- * }
- * </programlisting>
- *
- **/
-typedef void (*PolKitGrantRemoveWatch) (PolKitGrant *polkit_grant,
- int watch_id);
-
-PolKitGrant *polkit_grant_new (void);
-PolKitGrant *polkit_grant_ref (PolKitGrant *polkit_grant);
-void polkit_grant_unref (PolKitGrant *polkit_grant);
-void polkit_grant_set_functions (PolKitGrant *polkit_grant,
- PolKitGrantAddIOWatch func_add_io_watch,
- PolKitGrantAddChildWatch func_add_child_watch,
- PolKitGrantRemoveWatch func_remove_watch,
- PolKitGrantType func_type,
- PolKitGrantSelectAdminUser func_select_admin_user,
- PolKitGrantConversationPromptEchoOff func_prompt_echo_off,
- PolKitGrantConversationPromptEchoOn func_prompt_echo_on,
- PolKitGrantConversationErrorMessage func_error_message,
- PolKitGrantConversationTextInfo func_text_info,
- PolKitGrantOverrideGrantType func_override_grant_type,
- PolKitGrantDone func_done,
- void *user_data);
-
-polkit_bool_t polkit_grant_initiate_auth (PolKitGrant *polkit_grant,
- PolKitAction *action,
- PolKitCaller *caller);
-
-void polkit_grant_cancel_auth (PolKitGrant *polkit_grant);
-
-void polkit_grant_io_func (PolKitGrant *polkit_grant, int fd);
-void polkit_grant_child_func (PolKitGrant *polkit_grant, pid_t pid, int exit_code);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_GRANT_H */
-
-
diff --git a/src/polkit-grant/polkit-revoke-helper.c b/src/polkit-grant/polkit-revoke-helper.c
deleted file mode 100644
index 3b79813..0000000
--- a/src/polkit-grant/polkit-revoke-helper.c
+++ /dev/null
@@ -1,362 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-revoke-helper.c : setgid polkituser revoke helper for PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#define _GNU_SOURCE
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <grp.h>
-#include <pwd.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-#include <utime.h>
-#include <fcntl.h>
-
-#include <polkit/polkit.h>
-#include <polkit/polkit-private.h>
-
-#ifdef HAVE_SOLARIS
-#define LOG_AUTHPRIV (10<<3)
-#endif
-
-static int
-_write_to_fd (int fd, const char *str, ssize_t str_len)
-{
- int ret;
- ssize_t written;
-
- ret = 0;
-
- written = 0;
- while (written < str_len) {
- ssize_t ret;
- ret = write (fd, str + written, str_len - written);
- if (ret < 0) {
- if (errno == EAGAIN || errno == EINTR) {
- continue;
- } else {
- goto out;
- }
- }
- written += ret;
- }
-
- ret = 1;
-
-out:
- return ret;
-}
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- gid_t egid;
- struct group *group;
- uid_t invoking_uid;
- char *entry_to_remove;
- char *scope;
- uid_t uid_to_revoke;
- char *endp;
- FILE *f;
- int fd;
- char path[256];
- char path_tmp[256];
- char line[512];
- char *root;
- char *target_type;
- char *target_value;
- struct passwd *pw;
- polkit_bool_t is_one_shot;
- polkit_bool_t not_granted_by_self;
- char **tokens;
- size_t num_tokens;
-
- ret = 1;
-
-#ifndef POLKIT_BUILD_TESTS
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto out;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-#endif
-
- openlog ("polkit-revoke-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 4) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-revoke-helper: wrong number of arguments. This incident has been logged.\n");
- goto out;
- }
-
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-revoke-helper: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto out;
- }
-
- invoking_uid = getuid ();
-
- /* check that we are setgid polkituser */
-#ifdef POLKIT_BUILD_TESTS
- char *pretend;
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_UID")) != NULL) {
- invoking_uid = atoi (pretend);
- goto skip_check;
- }
-#endif
- egid = getegid ();
- group = getgrgid (egid);
- if (group == NULL) {
- fprintf (stderr, "polkit-revoke-helper: cannot lookup group info for gid %d\n", egid);
- goto out;
- }
- if (strcmp (group->gr_name, POLKIT_GROUP) != 0) {
- fprintf (stderr, "polkit-revoke-helper: needs to be setgid " POLKIT_GROUP "\n");
- goto out;
- }
-#ifdef POLKIT_BUILD_TESTS
-skip_check:
-#endif
-
- entry_to_remove = argv[1];
- target_type = argv[2];
- target_value = argv[3];
-
- /*----------------------------------------------------------------------------------------------------*/
-
- /* paranoia: we have to validate the entry_to_remove argument
- * and determine if the process who invoked us is sufficiently
- * privileged.
- *
- * As we're setuid root we don't want to pull in libpolkit and
- * as we only need to parse the first two entries... we do it
- * right here
- */
-
- tokens = kit_strsplit (entry_to_remove, ':', &num_tokens);
- if (tokens == NULL || num_tokens < 2) {
- fprintf (stderr, "polkit-revoke-helper: entry_to_remove malformed\n");
- goto out;
- }
-
- scope = tokens[0];
-
- if (strcmp (target_type, "uid") == 0) {
- uid_to_revoke = strtol (target_value, &endp, 10);
- if (*endp != '\0') {
- fprintf (stderr, "polkit-revoke-helper: cannot parse uid\n");
- goto out;
- }
- } else {
- fprintf (stderr, "polkit-revoke-helper: unknown target type\n");
- goto out;
- }
-
- /* OK, we're done parsing ... */
-
- not_granted_by_self = FALSE;
-
-#ifdef POLKIT_BUILD_TESTS
- char *test_dir;
- char dir_run[256];
- char dir_lib[256];
-
- if ((test_dir = getenv ("POLKIT_TEST_LOCALSTATE_DIR")) == NULL) {
- test_dir = PACKAGE_LOCALSTATE_DIR;
- }
- kit_assert ((size_t) snprintf (dir_run, sizeof (dir_run), "%s/run/polkit-1", test_dir) < sizeof (dir_run));
- kit_assert ((size_t) snprintf (dir_lib, sizeof (dir_lib), "%s/lib/polkit-1", test_dir) < sizeof (dir_lib));
-
-#else
- char *dir_run = PACKAGE_LOCALSTATE_DIR "/run/polkit-1";
- char *dir_lib = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1";
-#endif
-
-
- is_one_shot = FALSE;
- if (strcmp (scope, "scope=process") == 0) {
- root = dir_run;
- } else if (strcmp (scope, "scope=process-one-shot") == 0) {
- root = dir_run;
- is_one_shot = TRUE;
- } else if (strcmp (scope, "scope=session") == 0) {
- root = dir_run;
- } else if (strcmp (scope, "scope=always") == 0) {
- root = dir_lib;
- } else if (strcmp (scope, "scope=grant") == 0 ||
- strcmp (scope, "scope=grant-negative") == 0) {
- unsigned int n;
-
- root = dir_lib;
-
- for (n = 1; n < num_tokens; n++) {
- if (strncmp (tokens[n], "granted-by=", sizeof ("granted-by=") - 1) == 0) {
- uid_t granted_by;
- granted_by = strtol (tokens[n] + sizeof ("granted-by=") - 1, &endp, 10);
- if (*endp != '\0') {
- fprintf (stderr, "polkit-revoke-helper: cannot parse granted-by uid\n");
- goto out;
- }
-
- if (granted_by != invoking_uid)
- not_granted_by_self = TRUE;
-
- goto parsed_granted_by;
- }
- }
-
- fprintf (stderr, "polkit-revoke-helper: cannot find key granted-by\n");
-
- goto out;
- parsed_granted_by:
- ;
- } else {
- fprintf (stderr, "polkit-revoke-helper: unknown scope '%s'\n", scope);
- goto out;
- }
-
-
- if (invoking_uid != 0) {
- /* Check that the caller is privileged to do this... basically, callers can only
- * revoke auths granted by themselves...
- */
- if (not_granted_by_self) {
- pid_t ppid;
-
- ppid = getppid ();
- if (ppid == 1)
- goto out;
-
- if (polkit_check_auth (ppid, "org.freedesktop.policykit.revoke", NULL) == 0) {
- goto out;
- }
- }
- }
-
- pw = kit_getpwuid (uid_to_revoke);
- if (pw == NULL) {
- fprintf (stderr, "polkit-revoke-helper: cannot lookup user name for uid %d\n", uid_to_revoke);
- goto out;
- }
-
- if (snprintf (path, sizeof (path), "%s/user-%s.auths", root, pw->pw_name) >= (int) sizeof (path)) {
- fprintf (stderr, "polkit-revoke-helper: string was truncated (1)\n");
- goto out;
- }
- if (snprintf (path_tmp, sizeof (path_tmp), "%s/user-%s.auths.XXXXXX", root, pw->pw_name) >= (int) sizeof (path)) {
- fprintf (stderr, "polkit-revoke-helper: string was truncated (2)\n");
- goto out;
- }
-
- f = fopen (path, "r");
- if (f == NULL) {
- fprintf (stderr, "Cannot open file '%s': %m\n", path);
- goto out;
- }
-
- fd = mkstemp (path_tmp);
- if (fd < 0) {
- fprintf (stderr, "Cannot create file '%s': %m\n", path_tmp);
- goto out;
- }
- if (fchmod (fd, 0464) != 0) {
- fprintf (stderr, "Cannot change mode for '%s' to 0460: %m\n", path_tmp);
- close (fd);
- unlink (path_tmp);
- goto out;
- }
-
-
- /* read one line at a time */
- while (fgets (line, sizeof (line), f) != NULL) {
- size_t line_len;
-
- line_len = strlen (line);
- if (line_len > 1 && line[line_len - 1] == '\n') {
- if (strncmp (line, entry_to_remove, line_len - 1) == 0) {
- /* woho, found it */
- continue;
- }
- }
-
- /* otherwise, just write the line to the temporary file */
- if (!_write_to_fd (fd, line, line_len)) {
- fprintf (stderr, "Error write to file '%s': %m\n", path_tmp);
- close (fd);
- unlink (path_tmp);
- goto out;
- }
- }
-
- fclose (f);
- close (fd);
-
- if (rename (path_tmp, path) != 0) {
- fprintf (stderr, "Error renaming %s to %s: %m\n", path_tmp, path);
- unlink (path_tmp);
- goto out;
- }
-
- /* we're good now (if triggering a reload fails, so be it, we
- * still did what the caller asked...)
- */
- ret = 0;
-
-#ifdef POLKIT_BUILD_TESTS
- if (test_dir != NULL)
- goto no_reload;
-#endif
- /* trigger a reload */
- if (utimes (PACKAGE_LOCALSTATE_DIR "/lib/misc/polkit-1.reload", NULL) != 0) {
- fprintf (stderr, "Error updating access+modification time on file '%s': %m\n",
- PACKAGE_LOCALSTATE_DIR "/lib/misc/polkit-1.reload");
- }
-#ifdef POLKIT_BUILD_TESTS
-no_reload:
-#endif
-
-out:
-
- return ret;
-}
-
diff --git a/src/polkit/.gitignore b/src/polkit/.gitignore
deleted file mode 100644
index 764d994..0000000
--- a/src/polkit/.gitignore
+++ /dev/null
@@ -1,9 +0,0 @@
-.deps
-.libs
-*.la
-*.lo
-*.o
-Makefile
-Makefile.in
-polkit-interface-manager-glue.h
-polkit-interface-session-glue.h
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
deleted file mode 100644
index ad07c9e..0000000
--- a/src/polkit/Makefile.am
+++ /dev/null
@@ -1,190 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-INCLUDES = \
- -I$(top_builddir)/src -I$(top_srcdir)/src \
- -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
- -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
- -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
- -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
- -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
- -DPOLKIT_COMPILATION \
- -DTEST_DATA_DIR=\"$(top_srcdir)/test/\" \
- -DTEST_BUILD_DIR=\"$(top_builddir)\" \
- @DBUS_CFLAGS@
-
-
-lib_LTLIBRARIES=libpolkit-1.la
-
-libpolkit_1includedir=$(includedir)/polkit-1/polkit
-
-libpolkit_1include_HEADERS = \
- polkit.h \
- polkit-sysdeps.h \
- polkit-types.h \
- polkit-error.h \
- polkit-result.h \
- polkit-context.h \
- polkit-action.h \
- polkit-seat.h \
- polkit-session.h \
- polkit-caller.h \
- polkit-action-description.h \
- polkit-implicit-authorization.h \
- polkit-authorization.h \
- polkit-authorization-constraint.h \
- polkit-authorization-db.h \
- polkit-tracker.h \
- polkit-simple.h
-
-libpolkit_1_la_SOURCES = \
- polkit.h \
- polkit-private.h \
- polkit-types.h \
- polkit-sysdeps.h polkit-sysdeps.c \
- polkit-error.h polkit-error.c \
- polkit-result.h polkit-result.c \
- polkit-context.h polkit-context.c \
- polkit-action.h polkit-action.c \
- polkit-seat.h polkit-seat.c \
- polkit-session.h polkit-session.c \
- polkit-caller.h polkit-caller.c \
- polkit-action-description.h polkit-action-description.c \
- polkit-implicit-authorization.h polkit-implicit-authorization.c \
- polkit-debug.h polkit-debug.c \
- polkit-utils.h polkit-utils.c \
- polkit-authorization.h polkit-authorization.c \
- polkit-authorization-constraint.h polkit-authorization-constraint.c \
- polkit-authorization-db.h \
- polkit-tracker.h polkit-tracker.c \
- polkit-simple.h polkit-simple.c
-
-if POLKIT_AUTHDB_DUMMY
-libpolkit_1_la_SOURCES += \
- polkit-authorization-db-dummy.c
-endif
-
-if POLKIT_AUTHDB_DEFAULT
-libpolkit_1_la_SOURCES += \
- polkit-authorization-db.c
-endif
-
-libpolkit_1_la_LIBADD = @DBUS_LIBS@ @EXPAT_LIBS@ $(top_builddir)/src/kit/libkit.la $(SELINUX_LIBS)
-
-if POLKIT_BUILD_TESTS
-libpolkit_1_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) @R_DYNAMIC_LDFLAG@
-else
-libpolkit_1_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) @R_DYNAMIC_LDFLAG@ \
- -export-dynamic -no-undefined -export-symbols-regex '(^polkit_.*|_pk_validate_unique_bus_name)'
-endif
-
-## note that TESTS has special meaning (stuff to use in make check)
-## so if adding tests not to be run in make check, don't add them to
-## TESTS
-if POLKIT_BUILD_TESTS
-TESTS_ENVIRONMENT=
-TESTS=polkit-test
-
-check_PROGRAMS=$(TESTS)
-
-polkit_test_SOURCES= \
- polkit-test.h polkit-test.c
-
-polkit_test_LDADD=$(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la
-polkit_test_LDFLAGS=
-
-if POLKIT_GCOV_ENABLED
-clean-gcov:
- rm -f *.gcov .libs/*.gcda *.gcda
-
-.PHONY: coverage-report.txt covered-files.txt
-
-covered-files.txt :
- echo $(addprefix src/polkit/,$(filter %.c,$(libpolkit_1_la_SOURCES))) > covered-files.txt
-
-coverage-report.txt : covered-files.txt clean-gcov all check
- gcov $(filter %.c,$(libpolkit_1_la_SOURCES)) -o .libs/ > /dev/null
- $(top_srcdir)/test/create-coverage-report.sh "module polkit" `cat covered-files.txt` > coverage-report.txt
-
-check-coverage : coverage-report.txt
- cat coverage-report.txt
-else
-coverage-report.txt:
- @echo "Need to reconfigure with --enable-gcov"
-
-check-coverage:
- @echo "Need to reconfigure with --enable-gcov"
-endif
-
-else
-TESTS=
-endif
-
-clean-local :
- rm -f *~ $(BUILT_SOURCES) *.bb *.bbg *.da *.gcov .libs/*.da .libs/*.bbg
-
-libexec_PROGRAMS = polkit-resolve-exe-helper-1
-
-polkit_resolve_exe_helper_1_SOURCES = polkit-resolve-exe-helper.c
-polkit_resolve_exe_helper_1_CFLAGS = @DBUS_CFLAGS@
-polkit_resolve_exe_helper_1_LDADD = $(top_builddir)/src/kit/libkit.la libpolkit-1.la
-
-if POLKIT_AUTHDB_DEFAULT
-libexec_PROGRAMS += polkit-read-auth-helper-1 polkit-set-default-helper-1
-
-polkit_read_auth_helper_1_SOURCES = polkit-read-auth-helper.c
-polkit_read_auth_helper_1_CFLAGS = @DBUS_CFLAGS@
-polkit_read_auth_helper_1_LDADD = $(top_builddir)/src/kit/libkit.la libpolkit-1.la
-
-polkit_set_default_helper_1_SOURCES = polkit-set-default-helper.c
-polkit_set_default_helper_1_CFLAGS = @DBUS_CFLAGS@
-polkit_set_default_helper_1_LDADD = $(top_builddir)/src/kit/libkit.la libpolkit-1.la
-
-# The directories /var/lib/polkit-1 and /var/run/polkit-1 is where
-# authorizations are stored. They must not be world readable (the
-# polkit-auth-read-helper is used to read it) and the $POLKIT_GROUP
-# group needs to be able to write files there.
-#
-# The directory /var/lib/polkit-public-1 is used for storing world-readable
-# information. Only $POLKIT_USER may write to it.
-#
-# The /var/lib/misc/polkit-1.reload file is used for triggering that
-# authorizations have changed; it needs to be world readable and
-# writeable for user $POLKIT_USER and group $POLKIT_GROUP (FHS 2.3 suggests
-# that location)
-#
-# polkit-read-auth-helper needs to be setgid $POLKIT_GROUP to be able
-# to read authorization files in /var/lib/polkit-1 and
-# /var/run/polkit-1
-#
-# polkit-set-default-helper needs to be setuid $POLKIT_USER to be able
-# to write .defaults-override files in /var/lib/polkit-public-1
-#
-# polkit-resolve-exe-helper needs to be setuid root to be able to resolve
-# /proc/$pid/exe symlinks.
-#
-install-exec-hook:
- mkdir -p $(DESTDIR)$(localstatedir)/lib/misc
- touch $(DESTDIR)$(localstatedir)/lib/misc/polkit-1.reload
- -chown $(POLKIT_USER):$(POLKIT_GROUP) $(DESTDIR)$(localstatedir)/lib/misc/polkit-1.reload
- -chmod 664 $(DESTDIR)$(localstatedir)/lib/misc/polkit-1.reload
- mkdir -p $(DESTDIR)$(localstatedir)/lib/polkit-public-1
- mkdir -p $(DESTDIR)$(localstatedir)/lib/polkit-1
- mkdir -p $(DESTDIR)$(localstatedir)/run/polkit-1
- -chown $(POLKIT_USER) $(DESTDIR)$(localstatedir)/lib/polkit-public-1
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(localstatedir)/lib/polkit-1
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(localstatedir)/run/polkit-1
- -chmod 755 $(DESTDIR)$(localstatedir)/lib/polkit-public-1
- -chmod 770 $(DESTDIR)$(localstatedir)/lib/polkit-1
- -chmod 770 $(DESTDIR)$(localstatedir)/run/polkit-1
- -chgrp $(POLKIT_GROUP) $(DESTDIR)$(libexecdir)/polkit-read-auth-helper-1
- -chmod 2755 $(DESTDIR)$(libexecdir)/polkit-read-auth-helper-1
- -chown $(POLKIT_USER) $(DESTDIR)$(libexecdir)/polkit-set-default-helper-1
- -chmod 4755 $(DESTDIR)$(libexecdir)/polkit-set-default-helper-1
- -chmod 4755 $(DESTDIR)$(libexecdir)/polkit-resolve-exe-helper-1
-else
-install-exec-hook:
- -chmod 4755 $(DESTDIR)$(libexecdir)/polkit-resolve-exe-helper
-endif
diff --git a/src/polkit/polkit-action-description.c b/src/polkit/polkit-action-description.c
deleted file mode 100644
index 7f26ee8..0000000
--- a/src/polkit/polkit-action-description.c
+++ /dev/null
@@ -1,1398 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-action-description.c : Description of an action
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-debug.h"
-#include "polkit-error.h"
-#include "polkit-result.h"
-#include "polkit-action-description.h"
-#include "polkit-authorization-db.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-action-description
- * @title: Action Description
- * @short_description: Represents a declared action in a policy file.
- *
- * This class is used to represent a entries in policy files.
- **/
-
-/**
- * PolKitActionDescription:
- *
- * Objects of this class are used to record information about a
- * policy.
- **/
-struct _PolKitActionDescription
-{
- int refcount;
- char *action;
- PolKitImplicitAuthorization *implicit_authorization_factory;
- PolKitImplicitAuthorization *implicit_authorization;
-
- char *policy_description;
- char *policy_message;
- char *vendor;
- char *vendor_url;
- char *icon_name;
- KitHash *annotations;
-};
-
-
-/* NOTE: we take ownership of the annotations object */
-PolKitActionDescription *
-_polkit_action_description_new (const char *action_id,
- const char *vendor,
- const char *vendor_url,
- const char *icon_name,
- PolKitResult implicit_authorization_allow_any,
- PolKitResult implicit_authorization_allow_inactive,
- PolKitResult implicit_authorization_allow_active,
- KitHash *annotations)
-{
- char *path;
- char *contents;
- size_t contents_size;
- PolKitActionDescription *pfe;
-
- path = NULL;
- contents = NULL;
-
- kit_return_val_if_fail (action_id != NULL && polkit_action_validate_id (action_id), NULL);
-
- pfe = kit_new0 (PolKitActionDescription, 1);
- if (pfe == NULL)
- goto error;
- pfe->refcount = 1;
- pfe->action = kit_strdup (action_id);
- if (pfe->action == NULL)
- goto error;
-
- pfe->vendor = NULL;
- pfe->vendor_url = NULL;
- pfe->icon_name = NULL;
- if (vendor != NULL && (pfe->vendor = kit_strdup (vendor)) == NULL)
- goto error;
- if (vendor_url != NULL && (pfe->vendor_url = kit_strdup (vendor_url)) == NULL)
- goto error;
- if (icon_name != NULL && (pfe->icon_name = kit_strdup (icon_name)) == NULL)
- goto error;
-
- if (! (polkit_authorization_db_get_capabilities () & POLKIT_AUTHORIZATION_DB_CAPABILITY_CAN_OBTAIN)) {
- /* if we don't support obtaining authorizations
- * through authenticating, then make the implicit_authorization
- * reflect this ...*/
- implicit_authorization_allow_any = POLKIT_RESULT_NO;
- implicit_authorization_allow_inactive = POLKIT_RESULT_NO;
- implicit_authorization_allow_active = POLKIT_RESULT_NO;
- }
-
- pfe->implicit_authorization_factory = _polkit_implicit_authorization_new (implicit_authorization_allow_any,
- implicit_authorization_allow_inactive,
- implicit_authorization_allow_active);
- if (pfe->implicit_authorization_factory == NULL)
- goto error;
-
- pfe->implicit_authorization = polkit_implicit_authorization_clone (pfe->implicit_authorization_factory);
- if (pfe->implicit_authorization == NULL)
- goto error;
-
-#ifdef POLKIT_AUTHDB_DEFAULT
- /* read override file */
- path = kit_strdup_printf (PACKAGE_LOCALSTATE_DIR "/lib/polkit-public-1/%s.defaults-override", action_id);
- if (path == NULL)
- goto error;
- if (!kit_file_get_contents (path, &contents, &contents_size)) {
- /* it's not a failure if the file doesn't exist */
- if (errno != ENOENT)
- goto error;
-
- errno = 0;
- contents = NULL;
- }
-
- if (contents != NULL) {
- char **tokens;
- size_t num_tokens;
- PolKitResult any;
- PolKitResult inactive;
- PolKitResult active;
-
- tokens = kit_strsplit (contents, ':', &num_tokens);
- if (num_tokens != 3)
- goto error;
-
- if (!polkit_result_from_string_representation (tokens[0], &any)) {
- goto error;
- }
- if (!polkit_result_from_string_representation (tokens[1], &inactive)) {
- goto error;
- }
- if (!polkit_result_from_string_representation (tokens[2], &active)) {
- goto error;
- }
-
- polkit_implicit_authorization_set_allow_any (pfe->implicit_authorization, any);
- polkit_implicit_authorization_set_allow_inactive (pfe->implicit_authorization, inactive);
- polkit_implicit_authorization_set_allow_active (pfe->implicit_authorization, active);
- }
-#endif
-
- pfe->annotations = annotations;
-
- kit_free (path);
- kit_free (contents);
-
- return pfe;
-error:
- kit_free (path);
- kit_free (contents);
- if (pfe != NULL)
- polkit_action_description_unref (pfe);
- return NULL;
-}
-
-polkit_bool_t
-_polkit_action_description_set_descriptions (PolKitActionDescription *pfe,
- const char *policy_description,
- const char *policy_message)
-{
- kit_return_val_if_fail (pfe != NULL, FALSE);
-
- if (pfe->policy_description != NULL)
- kit_free (pfe->policy_description);
- if (pfe->policy_message != NULL)
- kit_free (pfe->policy_message);
-
- pfe->policy_description = kit_strdup (policy_description);
- pfe->policy_message = kit_strdup (policy_message);
-
- if (policy_description != NULL && pfe->policy_description == NULL)
- return FALSE;
-
- if (policy_message != NULL && pfe->policy_message == NULL)
- return FALSE;
-
- return TRUE;
-}
-
-/**
- * polkit_action_description_get_action_description:
- * @action_description: the object
- *
- * Get the description of the action that this policy entry describes. This
- * is intended to be used in policy editors, for example "Mount internal
- * volumes". Contrast with polkit_action_description_get_action_message(). The
- * textual string will be returned in the current locale.
- *
- * Note, if polkit_context_set_load_descriptions() on the
- * #PolKitContext object used to get this object wasn't called, this
- * method will return #NULL.
- *
- * Returns: string or #NULL if descriptions are not loaded - caller shall not free this string
- **/
-const char *
-polkit_action_description_get_action_description (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->policy_description;
-}
-
-/**
- * polkit_action_description_get_action_message:
- * @action_description: the object
- *
- * Get the message describing the action that this policy entry
- * describes. This is to be used in dialogs, for example "System
- * Policy prevents mounting this volume". Contrast with
- * polkit_action_description_get_action_description(). The textual string
- * will be returned in the current locale.
- *
- * Note, if polkit_context_set_load_descriptions() on the
- * #PolKitContext object used to get this object wasn't called, this
- * method will return #NULL.
- *
- * Returns: string or #NULL if descriptions are not loaded - caller shall not free this string
- **/
-const char *
-polkit_action_description_get_action_message (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->policy_message;
-}
-
-/**
- * polkit_action_description_get_action_vendor:
- * @action_description: the object
- *
- * Get the name of the vendor of this action.
- *
- * Note, if polkit_context_set_load_descriptions() on the
- * #PolKitContext object used to get this object wasn't called, this
- * method will return #NULL.
- *
- * Returns: string or #NULL if descriptions are not loaded or vendor
- * tag isn't set - caller shall not free this string
- *
- * Since: 0.7
- */
-const char *
-polkit_action_description_get_action_vendor (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->vendor;
-}
-
-/**
- * polkit_action_description_get_action_vendor_url:
- * @action_description: the object
- *
- * Get the URL of the vendor of this action.
- *
- * Note, if polkit_context_set_load_descriptions() on the
- * #PolKitContext object used to get this object wasn't called, this
- * method will return #NULL.
- *
- * Returns: string or #NULL if descriptions are not loaded or vendor
- * url isn't set - caller shall not free this string
- *
- * Since: 0.7
- */
-const char *
-polkit_action_description_get_action_vendor_url (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->vendor_url;
-}
-
-/**
- * polkit_action_description_get_action_icon_name:
- * @action_description: the object
- *
- * Get the name of the icon that represents the action. This name
- * conforms to the freedesktop.org icon naming specification.
- *
- * Note, if polkit_context_set_load_descriptions() on the
- * #PolKitContext object used to get this object wasn't called, this
- * method will return #NULL.
- *
- * Returns: string or #NULL if descriptions are not loaded or icon
- * tag isn't set - caller shall not free this string
- *
- * Since: 0.7
- */
-const char *
-polkit_action_description_get_action_icon_name (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->icon_name;
-}
-
-
-/**
- * polkit_action_description_ref:
- * @action_description: the policy file object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitActionDescription *
-polkit_action_description_ref (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, action_description);
- action_description->refcount++;
- return action_description;
-}
-
-/**
- * polkit_action_description_unref:
- * @action_description: the policy file object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_action_description_unref (PolKitActionDescription *action_description)
-{
- kit_return_if_fail (action_description != NULL);
- action_description->refcount--;
- if (action_description->refcount > 0)
- return;
-
- kit_free (action_description->action);
-
- if (action_description->implicit_authorization_factory != NULL)
- polkit_implicit_authorization_unref (action_description->implicit_authorization_factory);
-
- if (action_description->implicit_authorization != NULL)
- polkit_implicit_authorization_unref (action_description->implicit_authorization);
-
- if (action_description->annotations != NULL)
- kit_hash_unref (action_description->annotations);
-
- kit_free (action_description->policy_description);
- kit_free (action_description->policy_message);
- kit_free (action_description->vendor);
- kit_free (action_description->vendor_url);
- kit_free (action_description->icon_name);
-
- kit_free (action_description);
-}
-
-/**
- * polkit_action_description_debug:
- * @action_description: the entry
- *
- * Print debug information about object
- **/
-void
-polkit_action_description_debug (PolKitActionDescription *action_description)
-{
- kit_return_if_fail (action_description != NULL);
- polkit_debug ("PolKitActionDescription: refcount=%d action=%s",
- action_description->refcount,
- action_description->action);
- polkit_implicit_authorization_debug (action_description->implicit_authorization);
-}
-
-/**
- * polkit_action_description_get_id:
- * @action_description: the file entry
- *
- * Get the action identifier.
- *
- * Returns: A string - caller shall not free this string.
- **/
-const char *
-polkit_action_description_get_id (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->action;
-}
-
-/**
- * polkit_action_description_get_implicit_authorization:
- * @action_description: the file entry
- *
- * Get the the default policy for this policy.
- *
- * Returns: A #PolKitImplicitAuthorization object - caller shall not unref or modify this object.
- **/
-PolKitImplicitAuthorization *
-polkit_action_description_get_implicit_authorization (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->implicit_authorization;
-}
-
-/**
- * polkit_action_description_get_implicit_authorization_factory:
- * @action_description: the file entry
- *
- * Get the factory defaults for the entry. This may be different that
- * what polkit_action_description_get_implicit_authorization() returns if the function
- * polkit_action_description_set_implicit_authorization() have been used to change the
- * defaults.
- *
- * Returns: A #PolKitImplicitAuthorization object - caller shall not unref or modify this object.
- *
- * Since: 0.7
- */
-PolKitImplicitAuthorization *
-polkit_action_description_get_implicit_authorization_factory (PolKitActionDescription *action_description)
-{
- kit_return_val_if_fail (action_description != NULL, NULL);
- return action_description->implicit_authorization_factory;
-}
-
-/**
- * polkit_action_description_set_implicit_authorization:
- * @action_description: the file entry
- * @implicit_authorization: the new defaults to set
- * @error: return location for error or #NULL
- *
- * Set new defaults for a given policy file entry; subsequent calls to
- * polkit_policy_file_get_default() will return these values. Note
- * that the old defaults are not modified; they are still available via
- * polkit_action_description_get_default_factory().
- *
- * This operation requires the
- * org.freedesktop.policykit.modify-defaults authorization and will
- * fail if the caller lacks it.
- *
- * Returns: %TRUE if the given defaults was set; %FALSE if @error is set.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_action_description_set_implicit_authorization (PolKitActionDescription *action_description,
- PolKitImplicitAuthorization *implicit_authorization,
- PolKitError **error)
-{
- polkit_bool_t ret;
-
- ret = FALSE;
-
- kit_return_val_if_fail (action_description != NULL, FALSE);
- kit_return_val_if_fail (implicit_authorization != NULL, FALSE);
-
-#ifndef POLKIT_AUTHDB_DEFAULT
- polkit_error_set_error (error, POLKIT_ERROR_NOT_SUPPORTED, "Not supported");
-#else
- char *helper_argv[7] = {PACKAGE_LIBEXEC_DIR "/polkit-set-default-helper-1",
- NULL, /* arg1: action_id */
- NULL, /* arg2: "clear" or "set" */
- NULL, /* arg3: result_any */
- NULL, /* arg4: result_inactive */
- NULL, /* arg5: result_active */
- NULL};
- int exit_status;
- PolKitResult any;
- PolKitResult inactive;
- PolKitResult active;
-
- if (polkit_implicit_authorization_equals (action_description->implicit_authorization, implicit_authorization)) {
- /* no point in doing extra work.. */
- ret = TRUE;
- goto out;
- }
-
- any = polkit_implicit_authorization_get_allow_any (implicit_authorization);
- inactive = polkit_implicit_authorization_get_allow_inactive (implicit_authorization);
- active = polkit_implicit_authorization_get_allow_active (implicit_authorization);
-
- helper_argv[1] = action_description->action;
-
- if (polkit_implicit_authorization_equals (action_description->implicit_authorization_factory, implicit_authorization)) {
- helper_argv[2] = "clear";
- helper_argv[3] = NULL;
- } else {
- helper_argv[2] = "set";
- helper_argv[3] = (char *) polkit_result_to_string_representation (any);
- helper_argv[4] = (char *) polkit_result_to_string_representation (inactive);
- helper_argv[5] = (char *) polkit_result_to_string_representation (active);
- helper_argv[6] = NULL;
- }
-
- if (!kit_spawn_sync (NULL, /* const char *working_directory */
- 0, /* flags */
- helper_argv, /* char **argv */
- NULL, /* char **envp */
- NULL, /* char *stdin */
- NULL, /* char **stdout */
- NULL, /* char **stderr */
- &exit_status)) { /* int *exit_status */
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Error spawning set-default helper: %m");
- goto out;
- }
-
- if (!WIFEXITED (exit_status)) {
- kit_warning ("Set-default helper crashed!");
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "set-default helper crashed!");
- goto out;
- } else if (WEXITSTATUS(exit_status) != 0) {
- polkit_error_set_error (error,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_MODIFY_DEFAULTS,
- "uid %d is not authorized to modify defaults for implicit authorization for action %s (requires org.freedesktop.policykit.modify-defaults)",
- getuid (), action_description->action);
- } else {
- ret = TRUE;
- }
-out:
-#endif /* POLKIT_AUTHDB_DEFAULT */
- return ret;
-}
-
-
-typedef struct {
- PolKitActionDescription *pfe;
- PolKitActionDescriptionAnnotationsForeachFunc cb;
- void *user_data;
-} _AnnotationsClosure;
-
-static polkit_bool_t
-_annotations_cb (void *key,
- void *value,
- void *user_data,
- KitHash *hash)
-{
- _AnnotationsClosure *closure = user_data;
- return closure->cb (closure->pfe, (const char *) key, (const char *) value, closure->user_data);
-}
-
-/**
- * polkit_action_description_annotations_foreach:
- * @action_description: the policy file entry
- * @cb: callback function
- * @user_data: user data to pass to the callback function
- *
- * Iterate over all annotations on the policy file entry.
- *
- * Returns: #TRUE only if the iteration was short-circuited
- */
-polkit_bool_t
-polkit_action_description_annotations_foreach (PolKitActionDescription *action_description,
- PolKitActionDescriptionAnnotationsForeachFunc cb,
- void *user_data)
-{
- _AnnotationsClosure closure;
-
- kit_return_val_if_fail (action_description != NULL, FALSE);
- if (action_description->annotations == NULL)
- return FALSE;
-
- closure.pfe = action_description;
- closure.cb = cb;
- closure.user_data = user_data;
-
- return kit_hash_foreach (action_description->annotations,
- _annotations_cb,
- &closure);
-}
-
-/**
- * polkit_action_description_get_annotation:
- * @action_description: the policy file entry
- * @key: the key of the annotation
- *
- * Look of the value of a given annotation.
- *
- * Returns: The value of the annotation or #NULL if not found.
- */
-const char *
-polkit_action_description_get_annotation (PolKitActionDescription *action_description,
- const char *key)
-{
- const char *value;
- kit_return_val_if_fail (action_description != NULL, NULL);
- kit_return_val_if_fail (key != NULL, NULL);
-
- value = NULL;
- if (action_description->annotations != NULL) {
- value = kit_hash_lookup (action_description->annotations, (void *) key, NULL);
- }
- return value;
-}
-
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_pfe_cb (PolKitActionDescription *pfe,
- const char *key,
- const char *value,
- void *user_data)
-{
- int *count = (int *) user_data;
-
- if (strcmp (key, "a1") == 0 && strcmp (value, "v1") == 0)
- *count += 1;
- else if (strcmp (key, "a2") == 0 && strcmp (value, "v2") == 0)
- *count += 1;
-
- return FALSE;
-}
-
-static polkit_bool_t
-_pfe_cb2 (PolKitActionDescription *pfe,
- const char *key,
- const char *value,
- void *user_data)
-{
- int *count = (int *) user_data;
- *count += 1;
-
- return FALSE;
-}
-
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitActionDescription *pfe;
- PolKitImplicitAuthorization *d;
- KitHash *a;
- int count;
-
- a = NULL;
- pfe = NULL;
-
- if ((a = kit_hash_new (kit_hash_str_hash_func,
- kit_hash_str_equal_func,
- NULL, NULL,
- NULL, NULL)) == NULL)
- goto oom;
-
- if (!kit_hash_insert (a, "a1", "v1"))
- goto oom;
-
- if (!kit_hash_insert (a, "a2", "v2"))
- goto oom;
-
- if ((pfe = _polkit_action_description_new ("org.example-action",
- NULL,
- NULL,
- NULL,
- POLKIT_RESULT_NO,
- POLKIT_RESULT_ONLY_VIA_SELF_AUTH,
- POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH,
- a)) == NULL)
- goto oom;
- /* _file_entry_new assumes ownership of the passed a variable */
- a = NULL;
-
- kit_assert (strcmp (polkit_action_description_get_id (pfe), "org.example-action") == 0);
-
- if (_polkit_action_description_set_descriptions (pfe,
- "the desc",
- "the msg")) {
- kit_assert (strcmp (polkit_action_description_get_action_description (pfe), "the desc") == 0);
- kit_assert (strcmp (polkit_action_description_get_action_message (pfe), "the msg") == 0);
- }
-
- if (_polkit_action_description_set_descriptions (pfe,
- "the desc2",
- "the msg2")) {
- kit_assert (strcmp (polkit_action_description_get_action_description (pfe), "the desc2") == 0);
- kit_assert (strcmp (polkit_action_description_get_action_message (pfe), "the msg2") == 0);
- }
-
- kit_assert ((d = polkit_action_description_get_default (pfe)) != NULL);
-
-#ifdef POLKIT_AUTHDB_DEFAULT
- kit_assert (polkit_implicit_authorization_get_allow_any (d) == POLKIT_RESULT_NO);
- kit_assert (polkit_implicit_authorization_get_allow_inactive (d) == POLKIT_RESULT_ONLY_VIA_SELF_AUTH);
- kit_assert (polkit_implicit_authorization_get_allow_active (d) == POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH);
-#endif
-
- polkit_action_description_ref (pfe);
- polkit_action_description_unref (pfe);
- polkit_action_description_debug (pfe);
-
- kit_assert (strcmp (polkit_action_description_get_annotation (pfe, "a1"), "v1") == 0);
- kit_assert (strcmp (polkit_action_description_get_annotation (pfe, "a2"), "v2") == 0);
- kit_assert (polkit_action_description_get_annotation (pfe, "a3") == NULL);
-
- count = 0;
- polkit_action_description_annotations_foreach (pfe, _pfe_cb, &count);
- kit_assert (count == 2);
-
- polkit_action_description_unref (pfe);
- if ((pfe = _polkit_action_description_new ("org.example-action-2",
- NULL,
- NULL,
- NULL,
- POLKIT_RESULT_NO,
- POLKIT_RESULT_ONLY_VIA_SELF_AUTH,
- POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH,
- NULL)) == NULL)
- goto oom;
- count = 0;
- polkit_action_description_annotations_foreach (pfe, _pfe_cb2, &count);
- kit_assert (count == 0);
- _pfe_cb2 (pfe, NULL, NULL, &count); /* want to get coverage of _pfe_cb2 */
- kit_assert (count == 1);
-
-oom:
- if (pfe != NULL)
- polkit_action_description_unref (pfe);
-
- if (a != NULL)
- kit_hash_unref (a);
-
- return TRUE;
-}
-
-KitTest _test_action_description = {
- "polkit_action_description",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
-
-
-
-#include <expat.h>
-#include "polkit-context.h"
-
-enum {
- STATE_NONE,
- STATE_UNKNOWN_TAG,
- STATE_IN_POLICY_CONFIG,
- STATE_IN_POLICY_VENDOR,
- STATE_IN_POLICY_VENDOR_URL,
- STATE_IN_POLICY_ICON_NAME,
- STATE_IN_ACTION,
- STATE_IN_ACTION_DESCRIPTION,
- STATE_IN_ACTION_MESSAGE,
- STATE_IN_ACTION_VENDOR,
- STATE_IN_ACTION_VENDOR_URL,
- STATE_IN_ACTION_ICON_NAME,
- STATE_IN_DEFAULTS,
- STATE_IN_DEFAULTS_ALLOW_ANY,
- STATE_IN_DEFAULTS_ALLOW_INACTIVE,
- STATE_IN_DEFAULTS_ALLOW_ACTIVE,
- STATE_IN_ANNOTATE
-};
-
-#define PARSER_MAX_DEPTH 32
-
-typedef struct {
- XML_Parser parser;
- int state;
- int state_stack[PARSER_MAX_DEPTH];
- int stack_depth;
-
- const char *path;
-
- char *global_vendor;
- char *global_vendor_url;
- char *global_icon_name;
-
- char *action_id;
- char *vendor;
- char *vendor_url;
- char *icon_name;
-
- PolKitResult defaults_allow_any;
- PolKitResult defaults_allow_inactive;
- PolKitResult defaults_allow_active;
-
- KitHash *policy_descriptions;
- KitHash *policy_messages;
-
- char *policy_description_nolang;
- char *policy_message_nolang;
-
- /* the language according to $LANG (e.g. en_US, da_DK, fr, en_CA minus the encoding) */
- char *lang;
-
- /* the value of xml:lang for the thing we're reading in _cdata() */
- char *elem_lang;
-
- char *annotate_key;
- KitHash *annotations;
-
- polkit_bool_t is_oom;
-
- PolKitActionDescriptionForeachFunc cb;
- void *user_data;
-} ParserData;
-
-static void
-pd_unref_action_data (ParserData *pd)
-{
- kit_free (pd->action_id);
- pd->action_id = NULL;
-
- kit_free (pd->vendor);
- pd->vendor = NULL;
- kit_free (pd->vendor_url);
- pd->vendor_url = NULL;
- kit_free (pd->icon_name);
- pd->icon_name = NULL;
-
- kit_free (pd->policy_description_nolang);
- pd->policy_description_nolang = NULL;
- kit_free (pd->policy_message_nolang);
- pd->policy_message_nolang = NULL;
- if (pd->policy_descriptions != NULL) {
- kit_hash_unref (pd->policy_descriptions);
- pd->policy_descriptions = NULL;
- }
- if (pd->policy_messages != NULL) {
- kit_hash_unref (pd->policy_messages);
- pd->policy_messages = NULL;
- }
- kit_free (pd->annotate_key);
- pd->annotate_key = NULL;
- if (pd->annotations != NULL) {
- kit_hash_unref (pd->annotations);
- pd->annotations = NULL;
- }
- kit_free (pd->elem_lang);
- pd->elem_lang = NULL;
-}
-
-static void
-pd_unref_data (ParserData *pd)
-{
- pd_unref_action_data (pd);
- kit_free (pd->lang);
- pd->lang = NULL;
-
- kit_free (pd->global_vendor);
- pd->global_vendor = NULL;
- kit_free (pd->global_vendor_url);
- pd->global_vendor_url = NULL;
- kit_free (pd->global_icon_name);
- pd->global_icon_name = NULL;
-}
-
-static void
-_start (void *data, const char *el, const char **attr)
-{
- int state;
- int num_attr;
- ParserData *pd = data;
-
- for (num_attr = 0; attr[num_attr] != NULL; num_attr++)
- ;
-
- state = STATE_NONE;
-
- switch (pd->state) {
- case STATE_NONE:
- if (strcmp (el, "policyconfig") == 0) {
- state = STATE_IN_POLICY_CONFIG;
- }
- break;
- case STATE_IN_POLICY_CONFIG:
- if (strcmp (el, "action") == 0) {
- if (num_attr != 2 || strcmp (attr[0], "id") != 0)
- goto error;
- state = STATE_IN_ACTION;
-
- if (!polkit_action_validate_id (attr[1]))
- goto error;
-
- pd_unref_action_data (pd);
- pd->action_id = kit_strdup (attr[1]);
- if (pd->action_id == NULL)
- goto oom;
- pd->policy_descriptions = kit_hash_new (kit_hash_str_hash_func,
- kit_hash_str_equal_func,
- kit_hash_str_copy, kit_hash_str_copy,
- kit_free, kit_free);
- pd->policy_messages = kit_hash_new (kit_hash_str_hash_func,
- kit_hash_str_equal_func,
- kit_hash_str_copy, kit_hash_str_copy,
- kit_free, kit_free);
-
- /* initialize defaults */
- pd->defaults_allow_any = POLKIT_RESULT_NO;
- pd->defaults_allow_inactive = POLKIT_RESULT_NO;
- pd->defaults_allow_active = POLKIT_RESULT_NO;
- } else if (strcmp (el, "vendor") == 0 && num_attr == 0) {
- state = STATE_IN_POLICY_VENDOR;
- } else if (strcmp (el, "vendor_url") == 0 && num_attr == 0) {
- state = STATE_IN_POLICY_VENDOR_URL;
- } else if (strcmp (el, "icon_name") == 0 && num_attr == 0) {
- state = STATE_IN_POLICY_ICON_NAME;
- }
- break;
- case STATE_IN_ACTION:
- if (strcmp (el, "defaults") == 0) {
- state = STATE_IN_DEFAULTS;
- } else if (strcmp (el, "description") == 0) {
- if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
- pd->elem_lang = kit_strdup (attr[1]);
- if (pd->elem_lang == NULL)
- goto oom;
- }
- state = STATE_IN_ACTION_DESCRIPTION;
- } else if (strcmp (el, "message") == 0) {
- if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
- pd->elem_lang = kit_strdup (attr[1]);
- if (pd->elem_lang == NULL)
- goto oom;
- }
- state = STATE_IN_ACTION_MESSAGE;
- } else if (strcmp (el, "vendor") == 0 && num_attr == 0) {
- state = STATE_IN_ACTION_VENDOR;
- } else if (strcmp (el, "vendor_url") == 0 && num_attr == 0) {
- state = STATE_IN_ACTION_VENDOR_URL;
- } else if (strcmp (el, "icon_name") == 0 && num_attr == 0) {
- state = STATE_IN_ACTION_ICON_NAME;
- } else if (strcmp (el, "annotate") == 0) {
- if (num_attr != 2 || strcmp (attr[0], "key") != 0)
- goto error;
- state = STATE_IN_ANNOTATE;
-
- kit_free (pd->annotate_key);
- pd->annotate_key = kit_strdup (attr[1]);
- if (pd->annotate_key == NULL)
- goto oom;
- }
- break;
- case STATE_IN_DEFAULTS:
- if (strcmp (el, "allow_any") == 0)
- state = STATE_IN_DEFAULTS_ALLOW_ANY;
- else if (strcmp (el, "allow_inactive") == 0)
- state = STATE_IN_DEFAULTS_ALLOW_INACTIVE;
- else if (strcmp (el, "allow_active") == 0)
- state = STATE_IN_DEFAULTS_ALLOW_ACTIVE;
- break;
- default:
- break;
- }
-
- if (state == STATE_NONE) {
- //kit_warning ("skipping unknown tag <%s> at line %d of %s",
- // el, (int) XML_GetCurrentLineNumber (pd->parser), pd->path);
- state = STATE_UNKNOWN_TAG;
- }
-
- pd->state = state;
- pd->state_stack[pd->stack_depth] = pd->state;
- pd->stack_depth++;
- return;
-oom:
- pd->is_oom = TRUE;
-error:
- XML_StopParser (pd->parser, FALSE);
-}
-
-static polkit_bool_t
-_validate_icon_name (const char *icon_name)
-{
- unsigned int n;
- polkit_bool_t ret;
- size_t len;
-
- ret = FALSE;
-
- len = strlen (icon_name);
-
- /* check for common suffixes */
- if (kit_str_has_suffix (icon_name, ".png"))
- goto out;
- if (kit_str_has_suffix (icon_name, ".jpg"))
- goto out;
-
- /* icon name cannot be a path */
- for (n = 0; n < len; n++) {
- if (icon_name [n] == '/') {
- goto out;
- }
- }
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-static void
-_cdata (void *data, const char *s, int len)
-{
- char *str;
- ParserData *pd = data;
-
- str = kit_strndup (s, len);
- if (str == NULL)
- goto oom;
-
- switch (pd->state) {
-
- case STATE_IN_ACTION_DESCRIPTION:
- if (pd->elem_lang == NULL) {
- kit_free (pd->policy_description_nolang);
- pd->policy_description_nolang = str;
- str = NULL;
- } else {
- if (!kit_hash_insert (pd->policy_descriptions, pd->elem_lang, str))
- goto oom;
- }
- break;
-
- case STATE_IN_ACTION_MESSAGE:
- if (pd->elem_lang == NULL) {
- kit_free (pd->policy_message_nolang);
- pd->policy_message_nolang = str;
- str = NULL;
- } else {
- if (!kit_hash_insert (pd->policy_messages, pd->elem_lang, str))
- goto oom;
- }
- break;
-
- case STATE_IN_POLICY_VENDOR:
- kit_free (pd->global_vendor);
- pd->global_vendor = str;
- str = NULL;
- break;
-
- case STATE_IN_POLICY_VENDOR_URL:
- kit_free (pd->global_vendor_url);
- pd->global_vendor_url = str;
- str = NULL;
- break;
-
- case STATE_IN_POLICY_ICON_NAME:
- if (! _validate_icon_name (str)) {
- kit_warning ("Icon name '%s' is invalid", str);
- goto error;
- }
-
- kit_free (pd->global_icon_name);
- pd->global_icon_name = str;
- str = NULL;
- break;
-
- case STATE_IN_ACTION_VENDOR:
- kit_free (pd->vendor);
- pd->vendor = str;
- str = NULL;
- break;
-
- case STATE_IN_ACTION_VENDOR_URL:
- kit_free (pd->vendor_url);
- pd->vendor_url = str;
- str = NULL;
- break;
-
- case STATE_IN_ACTION_ICON_NAME:
- if (! _validate_icon_name (str)) {
- kit_warning ("Icon name '%s' is invalid", str);
- goto error;
- }
-
- kit_free (pd->icon_name);
- pd->icon_name = str;
- str = NULL;
- break;
-
- case STATE_IN_DEFAULTS_ALLOW_ANY:
- if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any))
- goto error;
- break;
- case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
- if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive))
- goto error;
- break;
- case STATE_IN_DEFAULTS_ALLOW_ACTIVE:
- if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active))
- goto error;
- break;
-
- case STATE_IN_ANNOTATE:
- if (pd->annotations == NULL) {
- pd->annotations = kit_hash_new (kit_hash_str_hash_func,
- kit_hash_str_equal_func,
- kit_hash_str_copy, kit_hash_str_copy,
- kit_free, kit_free);
- if (pd->annotations == NULL)
- goto oom;
- }
- if (!kit_hash_insert (pd->annotations, pd->annotate_key, str))
- goto oom;
- break;
-
- default:
- break;
- }
- kit_free (str);
- return;
-oom:
- pd->is_oom = TRUE;
-error:
- kit_free (str);
- XML_StopParser (pd->parser, FALSE);
-}
-
-/**
- * _localize:
- * @translations: a mapping from xml:lang to the value, e.g. 'da' -> 'Smadre', 'en_CA' -> 'Punch, Aye!'
- * @untranslated: the untranslated value, e.g. 'Punch'
- * @lang: the locale we're interested in, e.g. 'da_DK', 'da', 'en_CA', 'en_US'; basically just $LANG
- * with the encoding cut off. Maybe be NULL.
- *
- * Pick the correct translation to use.
- *
- * Returns: the localized string to use
- */
-static const char *
-_localize (KitHash *translations, const char *untranslated, const char *lang)
-{
- const char *result;
- char lang2[256];
- int n;
-
- if (lang == NULL) {
- result = untranslated;
- goto out;
- }
-
- /* first see if we have the translation */
- result = (const char *) kit_hash_lookup (translations, (void *) lang, NULL);
- if (result != NULL)
- goto out;
-
- /* we could have a translation for 'da' but lang=='da_DK'; cut off the last part and try again */
- strncpy (lang2, lang, sizeof (lang2));
- for (n = 0; lang2[n] != '\0'; n++) {
- if (lang2[n] == '_') {
- lang2[n] = '\0';
- break;
- }
- }
- result = (const char *) kit_hash_lookup (translations, (void *) lang2, NULL);
- if (result != NULL)
- goto out;
-
- /* fall back to untranslated */
- result = untranslated;
-out:
- return result;
-}
-
-static void
-_end (void *data, const char *el)
-{
- ParserData *pd = data;
-
- kit_free (pd->elem_lang);
- pd->elem_lang = NULL;
-
- switch (pd->state) {
- case STATE_IN_ACTION:
- {
- const char *policy_description;
- const char *policy_message;
- PolKitActionDescription *pfe;
- char *vendor;
- char *vendor_url;
- char *icon_name;
-
- vendor = pd->vendor;
- if (vendor == NULL)
- vendor = pd->global_vendor;
-
- vendor_url = pd->vendor_url;
- if (vendor_url == NULL)
- vendor_url = pd->global_vendor_url;
-
- icon_name = pd->icon_name;
- if (icon_name == NULL)
- icon_name = pd->global_icon_name;
-
- /* NOTE: caller takes ownership of the annotations object */
- pfe = _polkit_action_description_new (pd->action_id,
- vendor,
- vendor_url,
- icon_name,
- pd->defaults_allow_any,
- pd->defaults_allow_inactive,
- pd->defaults_allow_active,
- pd->annotations);
- if (pfe == NULL)
- goto oom;
- pd->annotations = NULL;
-
- policy_description = _localize (pd->policy_descriptions, pd->policy_description_nolang, pd->lang);
- policy_message = _localize (pd->policy_messages, pd->policy_message_nolang, pd->lang);
-
- if (!_polkit_action_description_set_descriptions (pfe,
- policy_description,
- policy_message)) {
- polkit_action_description_unref (pfe);
- goto oom;
- }
-
- if (pd->cb (pfe, pd->user_data)) {
- /* TODO: short-circuit */
- }
-
- /* and now throw it all away! (eh, don't worry, the user have probably reffed it!) */
- polkit_action_description_unref (pfe);
- break;
- }
- default:
- break;
- }
-
- --pd->stack_depth;
- if (pd->stack_depth < 0 || pd->stack_depth >= PARSER_MAX_DEPTH) {
- polkit_debug ("reached max depth?");
- goto error;
- }
- if (pd->stack_depth > 0)
- pd->state = pd->state_stack[pd->stack_depth - 1];
- else
- pd->state = STATE_NONE;
-
- return;
-oom:
- pd->is_oom = 1;
-error:
- XML_StopParser (pd->parser, FALSE);
-}
-
-
-/**
- * polkit_action_description_get_from_file:
- * @path: path to file, e.g. <literal>/usr/share/polkit-1/actions/org.freedesktop.policykit.policy</literal>
- * @cb: callback function
- * @user_data: user data
- * @error: return location for error
- *
- * Load a .policy file and iterate over all entries.
- *
- * Returns: #TRUE if @cb short-circuited the iteration. If there was
- * an error parsing @file, then @error will be set.
- **/
-polkit_bool_t
-polkit_action_description_get_from_file (const char *path,
- PolKitActionDescriptionForeachFunc cb,
- void *user_data,
- PolKitError **error)
-{
- ParserData pd;
- int xml_res;
- char *lang;
- char *buf;
- size_t buflen;
-
- buf = NULL;
-
- /* clear parser data */
- memset (&pd, 0, sizeof (ParserData));
-
- if (!kit_str_has_suffix (path, ".policy")) {
- polkit_error_set_error (error,
- POLKIT_ERROR_POLICY_FILE_INVALID,
- "Policy files must have extension .policy; file '%s' doesn't", path);
- goto error;
- }
-
- if (!kit_file_get_contents (path, &buf, &buflen)) {
- if (errno == ENOMEM) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': %s",
- path,
- "No memory for parser");
- } else {
- polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
- "Cannot load PolicyKit policy file at '%s': %m",
- path);
- }
- goto error;
- }
-
- pd.path = path;
- pd.cb = cb;
- pd.user_data = user_data;
-
-/* #ifdef POLKIT_BUILD_TESTS
- TODO: expat appears to leak on certain OOM paths
-*/
-#if 0
- XML_Memory_Handling_Suite memsuite = {p_malloc, p_realloc, kit_free};
- pd.parser = XML_ParserCreate_MM (NULL, &memsuite, NULL);
-#else
- pd.parser = XML_ParserCreate (NULL);
-#endif
- pd.stack_depth = 0;
- if (pd.parser == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': %s",
- path,
- "No memory for parser");
- goto error;
- }
- XML_SetUserData (pd.parser, &pd);
- XML_SetElementHandler (pd.parser, _start, _end);
- XML_SetCharacterDataHandler (pd.parser, _cdata);
-
- /* init parser data */
- pd.state = STATE_NONE;
- lang = getenv ("LANG");
- if (lang != NULL) {
- int n;
- pd.lang = kit_strdup (lang);
- if (pd.lang == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': No memory for lang",
- path);
- goto error;
- }
- for (n = 0; pd.lang[n] != '\0'; n++) {
- if (pd.lang[n] == '.') {
- pd.lang[n] = '\0';
- break;
- }
- }
- }
-
- xml_res = XML_Parse (pd.parser, buf, buflen, 1);
-
- if (xml_res == 0) {
- if (XML_GetErrorCode (pd.parser) == XML_ERROR_NO_MEMORY) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory parsing %s",
- path);
- } else if (pd.is_oom) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory parsing %s",
- path);
- } else {
- polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
- "%s:%d: parse error: %s",
- path,
- (int) XML_GetCurrentLineNumber (pd.parser),
- XML_ErrorString (XML_GetErrorCode (pd.parser)));
- }
- XML_ParserFree (pd.parser);
- goto error;
- }
-
- XML_ParserFree (pd.parser);
- kit_free (buf);
- pd_unref_data (&pd);
-
- return FALSE; /* TODO */
-error:
- pd_unref_data (&pd);
- kit_free (buf);
- return FALSE; /* TODO */
-}
diff --git a/src/polkit/polkit-action-description.h b/src/polkit/polkit-action-description.h
deleted file mode 100644
index e95865c..0000000
--- a/src/polkit/polkit-action-description.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-policy-file-entry.h : entries in policy files
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_ACTION_DESCRIPTION_H
-#define POLKIT_ACTION_DESCRIPTION_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-implicit-authorization.h>
-#include <polkit/polkit-error.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitActionDescription;
-typedef struct _PolKitActionDescription PolKitActionDescription;
-
-/**
- * PolKitActionDescriptionAnnotationsForeachFunc:
- * @action_description: the policy file entry
- * @key: key of the annotation
- * @value: corrosponding value of the annotation
- * @user_data: user data passed to polkit_action_description_annotations_foreach()
- *
- * Callback function for polkit_action_description_annotations_foreach().
- *
- * Returns: Pass #TRUE to short-circuit, e.g. stop the iteration
- **/
-typedef polkit_bool_t (*PolKitActionDescriptionAnnotationsForeachFunc) (PolKitActionDescription *action_description,
- const char *key,
- const char *value,
- void *user_data);
-
-PolKitActionDescription *polkit_action_description_ref (PolKitActionDescription *action_description);
-void polkit_action_description_unref (PolKitActionDescription *action_description);
-void polkit_action_description_debug (PolKitActionDescription *action_description);
-
-const char *polkit_action_description_get_id (PolKitActionDescription *action_description);
-PolKitImplicitAuthorization *polkit_action_description_get_implicit_authorization (PolKitActionDescription *action_description);
-
-const char *polkit_action_description_get_action_description (PolKitActionDescription *action_description);
-const char *polkit_action_description_get_action_message (PolKitActionDescription *action_description);
-
-const char *polkit_action_description_get_action_vendor (PolKitActionDescription *action_description);
-const char *polkit_action_description_get_action_vendor_url (PolKitActionDescription *action_description);
-const char *polkit_action_description_get_action_icon_name (PolKitActionDescription *action_description);
-
-polkit_bool_t polkit_action_description_annotations_foreach (PolKitActionDescription *action_description,
- PolKitActionDescriptionAnnotationsForeachFunc cb,
- void *user_data);
-const char *polkit_action_description_get_annotation (PolKitActionDescription *action_description,
- const char *key);
-
-PolKitImplicitAuthorization *polkit_action_description_get_implicit_authorization_factory (PolKitActionDescription *action_description);
-polkit_bool_t polkit_action_description_set_implicit_authorization (PolKitActionDescription *action_description,
- PolKitImplicitAuthorization *implicit_authorzation,
- PolKitError **error);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_ACTION_DESCRIPTION_H */
-
-
diff --git a/src/polkit/polkit-action.c b/src/polkit/polkit-action.c
deleted file mode 100644
index 01c054d..0000000
--- a/src/polkit/polkit-action.c
+++ /dev/null
@@ -1,398 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-action.c : action
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-#include <ctype.h>
-
-#include "polkit-debug.h"
-#include "polkit-action.h"
-#include "polkit-utils.h"
-#include "polkit-utils.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-
-/**
- * SECTION:polkit-action
- * @title: Actions
- * @short_description: Models what a caller is attempting to do.
- *
- * This class is used to represent a PolicyKit action.
- **/
-
-/**
- * PolKitAction:
- *
- * Objects of this class are used to record information about an action.
- **/
-struct _PolKitAction
-{
- int refcount;
- char *id;
-};
-
-/**
- * polkit_action_new:
- *
- * Create a new #PolKitAction object.
- *
- * Returns: the new object
- **/
-PolKitAction *
-polkit_action_new (void)
-{
- PolKitAction *action;
- action = kit_new0 (PolKitAction, 1);
- if (action == NULL)
- goto out;
- action->refcount = 1;
-out:
- return action;
-}
-
-/**
- * polkit_action_to_string_representation:
- * @action: the action object
- *
- * Serializes @action into a textual form that can be transferred from
- * process to process or saved on disk. Use
- * polkit_action_new_from_string_representation() to deserialize it.
- *
- * Returns: A string representation of @action or #NULL if the action
- * is not valid. String is valid until @action is freed.
- *
- * Since: 0.8
- */
-const char *
-polkit_action_to_string_representation (PolKitAction *action)
-{
- kit_return_val_if_fail (action != NULL, NULL);
- kit_return_val_if_fail (polkit_action_validate_id (action->id), NULL);
- return action->id;
-}
-
-/**
- * polkit_action_new_from_string_representation:
- * @str: textual representation of an action; typically obtained from
- * polkit_action_to_string_representation()
- *
- * Creates a new #PolKitAction object from a textual representation.
- *
- * Returns: A new #PolKitAction object or #NULL if OOM or if the
- * representation isn't valid. Caller must free this object with
- * polkit_action_unref().
- *
- * Since: 0.8
- */
-PolKitAction *
-polkit_action_new_from_string_representation (const char *str)
-{
- PolKitAction *action;
-
- kit_return_val_if_fail (str != NULL, NULL);
-
- action = polkit_action_new ();
- if (action == NULL)
- goto out;
-
- if (!polkit_action_set_action_id (action, str)) {
- polkit_action_unref (action);
- action = NULL;
- }
-out:
- return action;
-}
-
-/**
- * polkit_action_equal:
- * @a: first action
- * @b: second action
- *
- * Test if @a and @b refer to the same action.
- *
- * Returns: #TRUE iff @a and @b refer to the same action.
- *
- * Since: 0.8
- */
-polkit_bool_t
-polkit_action_equal (PolKitAction *a, PolKitAction *b)
-{
- kit_return_val_if_fail (a != NULL && polkit_action_validate (a), FALSE);
- kit_return_val_if_fail (b != NULL && polkit_action_validate (b), FALSE);
-
- return strcmp (a->id, b->id) == 0;
-}
-
-
-/**
- * polkit_action_ref:
- * @action: the action object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitAction *
-polkit_action_ref (PolKitAction *action)
-{
- kit_return_val_if_fail (action != NULL, action);
- action->refcount++;
- return action;
-}
-
-/**
- * polkit_action_unref:
- * @action: the action object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_action_unref (PolKitAction *action)
-{
- kit_return_if_fail (action != NULL);
- action->refcount--;
- if (action->refcount > 0)
- return;
- kit_free (action->id);
- kit_free (action);
-}
-
-/**
- * polkit_action_set_action_id:
- * @action: the action object
- * @action_id: action identifier
- *
- * Set the action identifier
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_action_set_action_id (PolKitAction *action, const char *action_id)
-{
- kit_return_val_if_fail (action != NULL, FALSE);
- kit_return_val_if_fail (polkit_action_validate_id (action_id), FALSE);
- if (action->id != NULL)
- kit_free (action->id);
- action->id = kit_strdup (action_id);
- if (action->id == NULL)
- return FALSE;
-
- return TRUE;
-}
-
-/**
- * polkit_action_get_action_id:
- * @action: the action object
- * @out_action_id: Returns the action identifier. The caller shall not free this string.
- *
- * Get the action identifier.
- *
- * Returns: TRUE iff the value was returned.
- **/
-polkit_bool_t
-polkit_action_get_action_id (PolKitAction *action, char **out_action_id)
-{
- kit_return_val_if_fail (action != NULL, FALSE);
- kit_return_val_if_fail (out_action_id != NULL, FALSE);
- if (action->id == NULL)
- return FALSE;
- *out_action_id = action->id;
- return TRUE;
-}
-
-/**
- * polkit_action_debug:
- * @action: the object
- *
- * Print debug details
- **/
-void
-polkit_action_debug (PolKitAction *action)
-{
- kit_return_if_fail (action != NULL);
- polkit_debug ("PolKitAction: refcount=%d id=%s", action->refcount, action->id);
-}
-
-/**
- * polkit_action_validate_id:
- * @action_id: the action identifier to validate
- *
- * Validate whether an action identifier is well formed. To be well
- * formed, an action identifier needs to start with a lower case ASCII
- * character and can only contain the characters "[a-z][0-9].-". It
- * must be less than or equal 256 bytes in length including the
- * terminating NUL character.
- *
- * Returns: #TRUE iff the action identifier is well formed
- **/
-polkit_bool_t
-polkit_action_validate_id (const char *action_id)
-{
- int n;
-
- kit_return_val_if_fail (action_id != NULL, FALSE);
-
- /* validate that the form of the action identifier is correct */
- if (!islower (action_id[0]))
- goto malformed;
-
- for (n = 1; action_id[n] != '\0'; n++) {
- if (n >= 255)
- goto malformed;
-
- if (! (islower (action_id[n]) ||
- isdigit (action_id[n]) ||
- action_id[n] == '.' ||
- action_id[n] == '-'))
- goto malformed;
- }
-
- return TRUE;
-
-malformed:
- return FALSE;
-}
-
-/**
- * polkit_action_validate:
- * @action: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- **/
-polkit_bool_t
-polkit_action_validate (PolKitAction *action)
-{
- kit_return_val_if_fail (action != NULL, FALSE);
- kit_return_val_if_fail (action->id != NULL, FALSE);
-
- return polkit_action_validate_id (action->id);
-}
-
-
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitAction *a;
- char *s;
- int n;
- char *valid_action_ids[] = {"org.example.action",
- "org.example.action-foo",
- "org.example.action-foo.42",
- "org.example.42-.foo",
- "t0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd",
- NULL};
- char *invalid_action_ids[] = {"1org.example.action",
- ".org.example.action",
- "-org.example.action",
- "org.example.action_foo",
- "org.example.something.that.is.too.long.0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
- NULL};
-
- for (n = 0; valid_action_ids[n] != NULL; n++) {
- kit_assert (polkit_action_validate_id (valid_action_ids[n]));
- }
-
- for (n = 0; invalid_action_ids[n] != NULL; n++) {
- kit_assert (! polkit_action_validate_id (invalid_action_ids[n]));
- }
-
- a = polkit_action_new ();
- if (a == NULL) {
- /* OOM */
- } else {
-
- kit_assert (! polkit_action_get_action_id (a, &s));
-
- if (!polkit_action_set_action_id (a, "org.example.action")) {
- /* OOM */
- } else {
- kit_assert (polkit_action_validate (a));
- polkit_action_ref (a);
- kit_assert (polkit_action_validate (a));
- polkit_action_unref (a);
- kit_assert (polkit_action_validate (a));
-
- if (!polkit_action_set_action_id (a, "org.example.action2")) {
- /* OOM */
- } else {
- kit_assert (polkit_action_validate (a));
- kit_assert (polkit_action_get_action_id (a, &s));
- kit_assert (strcmp (s, "org.example.action2") == 0);
- polkit_action_debug (a);
- }
- }
-
- polkit_action_unref (a);
- }
-
- a = polkit_action_new ();
- if (a != NULL) {
- if (polkit_action_set_action_id (a, "org.example.foo")) {
- const char *action_str;
- PolKitAction *a2;
-
- action_str = polkit_action_to_string_representation (a);
- kit_assert (action_str != NULL);
- a2 = polkit_action_new_from_string_representation (action_str);
- if (a2 != NULL) {
- kit_assert (polkit_action_equal (a, a2));
- polkit_action_unref (a2);
- }
- }
- polkit_action_unref (a);
- }
-
- return TRUE;
-}
-
-KitTest _test_action = {
- "polkit_action",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-action.h b/src/polkit/polkit-action.h
deleted file mode 100644
index be2e807..0000000
--- a/src/polkit/polkit-action.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-action.h : actions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_ACTION_H
-#define POLKIT_ACTION_H
-
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitAction;
-typedef struct _PolKitAction PolKitAction;
-
-PolKitAction *polkit_action_new (void);
-PolKitAction *polkit_action_ref (PolKitAction *action);
-void polkit_action_unref (PolKitAction *action);
-polkit_bool_t polkit_action_set_action_id (PolKitAction *action, const char *action_id);
-polkit_bool_t polkit_action_get_action_id (PolKitAction *action, char **out_action_id);
-
-void polkit_action_debug (PolKitAction *action);
-polkit_bool_t polkit_action_validate (PolKitAction *action);
-
-polkit_bool_t polkit_action_validate_id (const char *action_id);
-
-polkit_bool_t polkit_action_equal (PolKitAction *a, PolKitAction *b);
-
-const char *polkit_action_to_string_representation (PolKitAction *action);
-PolKitAction *polkit_action_new_from_string_representation (const char *str);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_ACTION_H */
-
-
diff --git a/src/polkit/polkit-authorization-constraint.c b/src/polkit/polkit-authorization-constraint.c
deleted file mode 100644
index b12d467..0000000
--- a/src/polkit/polkit-authorization-constraint.c
+++ /dev/null
@@ -1,1001 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-constraint.c : Conditions that must be
- * satisfied in order for an authorization to apply
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-#include <limits.h>
-
-#include "polkit-debug.h"
-#include "polkit-authorization-constraint.h"
-#include "polkit-utils.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-authorization-constraint
- * @title: Authorization Constraints
- * @short_description: Conditions that must be satisfied in
- * order for an authorization to apply
- *
- * This class is used to represent conditions that must be satisfied
- * in order for an authorization to apply
- *
- * Since: 0.7
- **/
-
-/**
- * PolKitAuthorizationConstraint:
- *
- * Instances of this class are used to represent conditions that must
- * be satisfied in order for an authorization to apply.
- *
- * Since: 0.7
- **/
-struct _PolKitAuthorizationConstraint
-{
- int refcount;
- PolKitAuthorizationConstraintType type;
-
- union {
- struct {
- char *path;
- } exe;
- struct {
- char *context;
- } selinux_context;
- } data;
-};
-
-static PolKitAuthorizationConstraint _local_constraint = {-1,
- POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL};
-
-static PolKitAuthorizationConstraint _active_constraint = {-1,
- POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE};
-
-static PolKitAuthorizationConstraint *
-_polkit_authorization_constraint_new (void)
-{
- PolKitAuthorizationConstraint *authc;
- authc = kit_new0 (PolKitAuthorizationConstraint, 1);
- if (authc == NULL)
- goto oom;
- authc->refcount = 1;
-oom:
- return authc;
-}
-
-/**
- * polkit_authorization_constraint_ref:
- * @authc: the object
- *
- * Increase reference count.
- *
- * Returns: the object
- *
- * Since: 0.7
- **/
-PolKitAuthorizationConstraint *
-polkit_authorization_constraint_ref (PolKitAuthorizationConstraint *authc)
-{
- kit_return_val_if_fail (authc != NULL, authc);
- if (authc->refcount == -1)
- return authc;
- authc->refcount++;
- return authc;
-}
-
-/**
- * polkit_authorization_constraint_unref:
- * @authc: the authorization_constraint object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- *
- * Since: 0.7
- **/
-void
-polkit_authorization_constraint_unref (PolKitAuthorizationConstraint *authc)
-{
- kit_return_if_fail (authc != NULL);
- if (authc->refcount == -1)
- return;
- authc->refcount--;
- if (authc->refcount > 0)
- return;
-
- switch (authc->type) {
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL:
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE:
- break;
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE:
- kit_free (authc->data.exe.path);
- break;
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT:
- kit_free (authc->data.selinux_context.context);
- break;
- }
-
- kit_free (authc);
-}
-
-/**
- * polkit_authorization_constraint_debug:
- * @authc: the object
- *
- * Print debug details
- *
- * Since: 0.7
- **/
-void
-polkit_authorization_constraint_debug (PolKitAuthorizationConstraint *authc)
-{
- kit_return_if_fail (authc != NULL);
- polkit_debug ("PolKitAuthorizationConstraint: refcount=%d type=%d", authc->refcount, authc->type);
-}
-
-/**
- * polkit_authorization_constraint_validate:
- * @authc: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- *
- * Since: 0.7
- **/
-polkit_bool_t
-polkit_authorization_constraint_validate (PolKitAuthorizationConstraint *authc)
-{
- kit_return_val_if_fail (authc != NULL, FALSE);
-
- return TRUE;
-}
-
-/**
- * polkit_authorization_constraint_check_session:
- * @authc: the object
- * @session: the session
- *
- * Determine if the given session satisfies the conditions imposed by
- * the given constraint.
- *
- * Returns: #TRUE if, and only if, the given session satisfies the
- * conditions imposed by the given constraint.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_constraint_check_session (PolKitAuthorizationConstraint *authc,
- PolKitSession *session)
-{
- polkit_bool_t ret;
- polkit_bool_t is_active;
- polkit_bool_t is_local;
-
- kit_return_val_if_fail (authc != NULL, FALSE);
- kit_return_val_if_fail (session != NULL, FALSE);
-
- ret = FALSE;
-
- polkit_session_get_ck_is_local (session, &is_local);
- polkit_session_get_ck_is_active (session, &is_active);
-
- if (authc->type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL) {
- if (!is_local)
- goto out;
- }
-
- if (authc->type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE) {
- if (!is_active)
- goto out;
- }
-
- ret = TRUE;
-out:
- return ret;
-}
-
-/**
- * polkit_authorization_constraint_check_caller:
- * @authc: the object
- * @caller: the caller
- *
- * Determine if the given caller satisfies the conditions imposed by
- * the given constraint
- *
- * Returns: #TRUE if, and only if, the given caller satisfies the
- * conditions imposed by the given constraint.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_constraint_check_caller (PolKitAuthorizationConstraint *authc,
- PolKitCaller *caller)
-{
- int n;
- pid_t pid;
- char *selinux_context;
- char buf[PATH_MAX];
- polkit_bool_t ret;
- PolKitSession *session;
-
- kit_return_val_if_fail (authc != NULL, FALSE);
- kit_return_val_if_fail (caller != NULL, FALSE);
-
- ret = FALSE;
-
- /* caller may not be in a session */
-
- switch (authc->type) {
- /* explicit fallthrough */
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL:
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE:
- if (polkit_caller_get_ck_session (caller, &session) && session != NULL) {
- ret = polkit_authorization_constraint_check_session (authc, session);
- }
- break;
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE:
- if (polkit_caller_get_pid (caller, &pid)) {
-
- /* we may be running unprivileged.. so optionally use the helper. Requires the calling
- * process (this one) to have the org.freedesktop.policykit.read authorization.
- *
- * An example of this is HAL (running as user 'haldaemon').
- */
- n = polkit_sysdeps_get_exe_for_pid_with_helper (pid, buf, sizeof (buf));
-
- if (n != -1 && n < (int) sizeof (buf)) {
- if (strcmp (authc->data.exe.path, buf) == 0) {
- ret = TRUE;
- }
- }
- }
-
- break;
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT:
- if (polkit_caller_get_selinux_context (caller, &selinux_context) && selinux_context != NULL) {
- if (strcmp (authc->data.selinux_context.context, selinux_context) == 0) {
- ret = TRUE;
- }
- } else {
- /* if SELinux context is not set then SELinux is not enabled (or the
- * caller made a mistake and didn't set it); thus, the authorization can
- * never apply
- */
- ret = TRUE;
- }
- break;
- }
-
- return ret;
-}
-
-/**
- * polkit_authorization_constraint_type:
- * @authc: the object
- *
- * Describe the constraint; this is only useful when inspecting an
- * authorization to present information to the user (e.g. as
- * polkit-auth(1) does).
- *
- * Returns: type from #PolKitAuthorizationConstraintType
- *
- * Since: 0.7
- */
-PolKitAuthorizationConstraintType
-polkit_authorization_constraint_type (PolKitAuthorizationConstraint *authc)
-{
- kit_return_val_if_fail (authc != NULL, FALSE);
- return authc->type;
-}
-
-/**
- * polkit_authorization_constraint_get_exe:
- * @authc: the object
- *
- * Get the exe path for the constraint.
- *
- * Returns: The exe path or #NULL if type isn't
- * #POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE. Caller shall not
- * free this string.
- *
- * Since: 0.8
- */
-const char *
-polkit_authorization_constraint_get_exe (PolKitAuthorizationConstraint *authc)
-{
- kit_return_val_if_fail (authc != NULL, NULL);
- kit_return_val_if_fail (authc->type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE, NULL);
-
- return authc->data.exe.path;
-}
-
-/**
- * polkit_authorization_constraint_get_selinux_context:
- * @authc: the object
- *
- * Get the SELinux context for the constraint.
- *
- * Returns: The selinux context or #NULL if type isn't
- * #POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT. Caller
- * shall not free this string.
- *
- * Since: 0.8
- */
-const char *
-polkit_authorization_constraint_get_selinux_context (PolKitAuthorizationConstraint *authc)
-{
- kit_return_val_if_fail (authc != NULL, NULL);
- kit_return_val_if_fail (authc->type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT, NULL);
-
- return authc->data.selinux_context.context;
-}
-
-/**
- * polkit_authorization_constraint_get_require_local:
- *
- * Get a #PolKitAuthorizationConstraint object that represents the
- * constraint that the session or caller must be local.
- *
- * Returns: the constraint
- *
- * Since: 0.7
- */
-PolKitAuthorizationConstraint *
-polkit_authorization_constraint_get_require_local (void)
-{
- return &_local_constraint;
-}
-
-/**
- * polkit_authorization_constraint_get_require_active:
- *
- * Get a #PolKitAuthorizationConstraint object that represents the
- * constraint that the session or caller must be active.
- *
- * Returns: the constraint
- *
- * Since: 0.7
- */
-PolKitAuthorizationConstraint *
-polkit_authorization_constraint_get_require_active (void)
-{
- return &_active_constraint;
-}
-
-/**
- * polkit_authorization_constraint_get_require_exe:
- * @path: path to program
- *
- * Get a #PolKitAuthorizationConstraint object that represents the
- * constraint that the caller must be a specific program
- *
- * Returns: the constraint or #NULL on OOM
- *
- * Since: 0.8
- */
-PolKitAuthorizationConstraint *
-polkit_authorization_constraint_get_require_exe (const char *path)
-{
- PolKitAuthorizationConstraint *authc;
-
- kit_return_val_if_fail (path != NULL, NULL);
-
- authc = _polkit_authorization_constraint_new ();
- if (authc == NULL)
- goto out;
- authc->type = POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE;
- authc->data.exe.path = kit_strdup (path);
- if (authc->data.exe.path == NULL) {
- polkit_authorization_constraint_unref (authc);
- authc = NULL;
- }
-
-out:
- return authc;
-}
-
-/**
- * polkit_authorization_constraint_get_require_selinux_context:
- * @context: SELinux context
- *
- * Get a #PolKitAuthorizationConstraint object that represents the
- * constraint that the caller must be in a specific SELinux context.
- *
- * Returns: the constraint or #NULL on OOM
- *
- * Since: 0.8
- */
-PolKitAuthorizationConstraint *
-polkit_authorization_constraint_get_require_selinux_context (const char *context)
-{
- PolKitAuthorizationConstraint *authc;
-
- kit_return_val_if_fail (context != NULL, NULL);
-
- authc = _polkit_authorization_constraint_new ();
- if (authc == NULL)
- goto out;
- authc->type = POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT;
- authc->data.selinux_context.context = kit_strdup (context);
- if (authc->data.selinux_context.context == NULL) {
- polkit_authorization_constraint_unref (authc);
- authc = NULL;
- }
-
-out:
- return authc;
-}
-
-/**
- * polkit_authorization_constraint_to_string:
- * @authc: the object
- * @out_buf: buffer to store the string representation in
- * @buf_size: size of buffer
- *
- * Get a textual representation of the constraint; this is only useful
- * for serializing; it's a machine, not human, readable string.
- *
- * Returns: Number of characters written (not including trailing
- * '\0'). If the output was truncated due to the buffer being too
- * small, buf_size will be returned. Thus, a return value of buf_size
- * or more indicates that the output was truncated (see snprintf(3))
- * or an error occured.
- *
- * Since: 0.7
- */
-size_t
-polkit_authorization_constraint_to_string (PolKitAuthorizationConstraint *authc, char *out_buf, size_t buf_size)
-{
- kit_return_val_if_fail (authc != NULL, buf_size);
-
- switch (authc->type) {
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL:
- return snprintf (out_buf, buf_size, "local");
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE:
- return snprintf (out_buf, buf_size, "active");
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE:
- return snprintf (out_buf, buf_size, "exe:%s", authc->data.exe.path);
-
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT:
- return snprintf (out_buf, buf_size, "selinux_context:%s", authc->data.selinux_context.context);
- }
-
- return 0;
-}
-
-/**
- * polkit_authorization_constraint_from_string:
- * @str: textual representation of constraint
- *
- * Construct a constraint from a textual representation as returned by
- * polkit_authorization_constraint_to_string().
- *
- * Returns: the constraint or #NULL if the string coulnd't be parsed.
- */
-PolKitAuthorizationConstraint *
-polkit_authorization_constraint_from_string (const char *str)
-{
- PolKitAuthorizationConstraint *ret;
-
- kit_return_val_if_fail (str != NULL, NULL);
-
- ret = NULL;
-
- if (strcmp (str, "local") == 0) {
- ret = polkit_authorization_constraint_get_require_local ();
- goto out;
- } else if (strcmp (str, "active") == 0) {
- ret = polkit_authorization_constraint_get_require_active ();
- goto out;
- } else if (strncmp (str, "exe:", 4) == 0 && strlen (str) > 4) {
- ret = polkit_authorization_constraint_get_require_exe (str + 4);
- goto out;
- } else if (strncmp (str, "selinux_context:", 16) == 0 && strlen (str) > 16) {
- ret = polkit_authorization_constraint_get_require_selinux_context (str + 16);
- goto out;
- }
-
-out:
- return ret;
-}
-
-/**
- * polkit_authorization_constraint_get_from_caller:
- * @caller: caller
- * @out_array: return location for constraints
- * @array_size: size of the passed array
- *
- * Given a caller, return the set of most restrictive constraints
- * possible. For example, if the caller is local and active, a set
- * constraints requiring this will be returned.
- *
- * This function is typically used when the caller obtains an
- * authorization through authentication; the goal is to put
- * constraints on the authorization such that it's only valid when the
- * caller is in the context as where she obtained it.
- *
- * The caller must unref all the created objects using
- * polkit_authorization_constraint_unref().
- *
- * Returns: If OOM -1 is returned. This function do not create more
- * than @array_size constraints (including the trailing %NULL). If the
- * output was truncated due to this limit then the return value is the
- * number of objects (not including the trailing %NULL) which would
- * have been written to the final array if enough space had been
- * available. Thus, a return value of @array_size or more means that
- * the output was truncated.
- *
- * Since: 0.7
- */
-int
-polkit_authorization_constraint_get_from_caller (PolKitCaller *caller,
- PolKitAuthorizationConstraint **out_array,
- size_t array_size)
-{
- pid_t pid;
- char *selinux_context;
- int ret;
- polkit_bool_t is_local;
- polkit_bool_t is_active;
- PolKitSession *session;
- char path[PATH_MAX];
- int n;
-
- kit_return_val_if_fail (caller != NULL, 0);
- kit_return_val_if_fail (out_array != NULL, 0);
-
- ret = 0;
-
- if (!polkit_caller_get_ck_session (caller, &session) || session == NULL) {
- goto out;
- }
-
- polkit_session_get_ck_is_local (session, &is_local);
- polkit_session_get_ck_is_active (session, &is_active);
-
- if (is_local) {
- if (ret < (int) array_size)
- out_array[ret] = polkit_authorization_constraint_get_require_local ();
- ret++;
- }
-
- if (is_active) {
- if (ret < (int) array_size)
- out_array[ret] = polkit_authorization_constraint_get_require_active ();
- ret++;
- }
-
- /* constrain to callers program */
- if (polkit_caller_get_pid (caller, &pid)) {
- /* So the program to receive a constraint may besetuid root... so we may need some
- * help to get the exepath.. Therefore use _with_helper().
- *
- * This works because this function is normally only called from polkit-grant-helper which
- * is setgid polkituser.. this means that _with_helper will succeed.
- *
- * An example of this is pulseaudio...
- */
- n = polkit_sysdeps_get_exe_for_pid_with_helper (pid, path, sizeof (path));
- if (n != -1 && n < (int) sizeof (path)) {
- PolKitAuthorizationConstraint *c;
-
- c = polkit_authorization_constraint_get_require_exe (path);
- if (c == NULL)
- goto oom;
-
- if (ret < (int) array_size)
- out_array[ret] = c;
-
- ret++;
- }
- }
-
- /* constrain to callers SELinux context */
- if (polkit_caller_get_selinux_context (caller, &selinux_context) && selinux_context != NULL) {
- PolKitAuthorizationConstraint *c;
-
- c = polkit_authorization_constraint_get_require_selinux_context (selinux_context);
- if (c == NULL)
- goto oom;
-
- if (ret < (int) array_size)
- out_array[ret] = c;
-
- ret++;
- }
-
-out:
- if (ret < (int) array_size)
- out_array[ret] = NULL;
-
- return ret;
-
-oom:
- for (n = 0; n < ret; n++) {
- polkit_authorization_constraint_unref (out_array[n]);
- }
- return -1;
-}
-
-/**
- * polkit_authorization_constraint_equal:
- * @a: first constraint
- * @b: first constraint
- *
- * Determines if two constraints are equal
- *
- * Returns: #TRUE only if the given constraints are equal
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_constraint_equal (PolKitAuthorizationConstraint *a, PolKitAuthorizationConstraint *b)
-{
- polkit_bool_t ret;
-
- kit_return_val_if_fail (a != NULL, FALSE);
- kit_return_val_if_fail (b != NULL, FALSE);
-
- ret = FALSE;
-
- if (a->type != b->type)
- goto out;
-
- if (a->type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE) {
- if (strcmp (a->data.exe.path, b->data.exe.path) != 0)
- goto out;
- } else if (a->type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT) {
- if (strcmp (a->data.selinux_context.context, b->data.selinux_context.context) != 0)
- goto out;
- }
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_tst1 (PolKitSession *s, PolKitAuthorizationConstraint *ac, polkit_bool_t *out_result)
-{
- polkit_bool_t oom;
- PolKitCaller *c;
-
- oom = TRUE;
-
- if (s == NULL)
- goto out;
-
- *out_result = polkit_authorization_constraint_check_session (ac, s);
-
- if ((c = polkit_caller_new ()) != NULL) {
- /* we know that the ac's passed always will be REQUIRE_ACTIVE or REQUIRE_LOCAL */
- kit_assert (polkit_authorization_constraint_check_caller (ac, c) == FALSE);
-
- kit_assert (polkit_caller_set_ck_session (c, s));
- kit_assert (*out_result == polkit_authorization_constraint_check_caller (ac, c));
- polkit_caller_unref (c);
- }
-
- oom = FALSE;
-
-out:
- return oom;
-}
-
-static void
-_tst2 (PolKitAuthorizationConstraint *ac)
-{
- char buf[256];
- PolKitAuthorizationConstraint *ac2;
-
- /* not enough space */
- kit_assert (polkit_authorization_constraint_to_string (ac, buf, 2) >= 2);
-
- kit_assert (polkit_authorization_constraint_to_string (ac, buf, sizeof (buf)) < sizeof (buf));
- if ((ac2 = polkit_authorization_constraint_from_string (buf)) != NULL) {
- kit_assert (polkit_authorization_constraint_equal (ac, ac2) == TRUE);
- polkit_authorization_constraint_unref (ac2);
- }
-}
-
-#if 0
-static polkit_bool_t
-_tst3 (PolKitSession *s, PolKitAuthorizationConstraint *compare_to, polkit_bool_t *ret)
-{
- PolKitAuthorizationConstraint *ac;
- polkit_bool_t is_oom;
- PolKitCaller *c;
-
- is_oom = TRUE;
-
- if (s == NULL)
- goto out;
-
- if ((c = polkit_caller_new ()) != NULL) {
- ac = polkit_authorization_constraint_get_from_caller (c);
- kit_assert (polkit_authorization_constraint_equal (ac, polkit_authorization_constraint_get_null ()));
-
-
- kit_assert (polkit_caller_set_ck_session (c, s));
-
- ac = polkit_authorization_constraint_get_from_caller (c);
-
- *ret = polkit_authorization_constraint_equal (ac, compare_to);
-
- polkit_caller_unref (c);
- polkit_authorization_constraint_unref (ac);
-
- is_oom = FALSE;
- }
-
-
-out:
- return is_oom;
-}
-#endif
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitAuthorizationConstraint *ac;
- PolKitAuthorizationConstraint *ac2;
- PolKitAuthorizationConstraintType type;
- PolKitSession *s_active;
- PolKitSession *s_inactive;
- PolKitSession *s_active_remote;
- PolKitSession *s_inactive_remote;
- polkit_bool_t ret;
- char buf[256];
-
- if ((s_active = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_active, "/session1")) {
- polkit_session_unref (s_active);
- s_active = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_active, TRUE));
- kit_assert (polkit_session_set_ck_is_active (s_active, TRUE));
- }
- }
-
- if ((s_inactive = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_inactive, "/session2")) {
- polkit_session_unref (s_inactive);
- s_inactive = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_inactive, TRUE));
- kit_assert (polkit_session_set_ck_is_active (s_inactive, FALSE));
- }
- }
-
- if ((s_active_remote = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_active_remote, "/session3") ||
- !polkit_session_set_ck_remote_host (s_active_remote, "remotehost.com")) {
- polkit_session_unref (s_active_remote);
- s_active_remote = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_active_remote, FALSE));
- kit_assert (polkit_session_set_ck_is_active (s_active_remote, TRUE));
- }
- }
-
- if ((s_inactive_remote = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_inactive_remote, "/session4") ||
- !polkit_session_set_ck_remote_host (s_inactive_remote, "remotehost.com")) {
- polkit_session_unref (s_inactive_remote);
- s_inactive_remote = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_inactive_remote, FALSE));
- kit_assert (polkit_session_set_ck_is_active (s_inactive_remote, FALSE));
- }
- }
-
- /* local constraint */
- kit_assert ((ac = polkit_authorization_constraint_get_require_local ()) != NULL);
- type = polkit_authorization_constraint_type (ac);
- kit_assert (type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL);
- kit_assert (_tst1 (s_active, ac, &ret) || ret == TRUE);
- kit_assert (_tst1 (s_inactive, ac, &ret) || ret == TRUE);
- kit_assert (_tst1 (s_active_remote, ac, &ret) || ret == FALSE);
- kit_assert (_tst1 (s_inactive_remote, ac, &ret) || ret == FALSE);
- _tst2 (ac);
-
- /* active constraint */
- kit_assert ((ac = polkit_authorization_constraint_get_require_active ()) != NULL);
- type = polkit_authorization_constraint_type (ac);
- kit_assert (type == POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE);
- kit_assert (_tst1 (s_active, ac, &ret) || ret == TRUE);
- kit_assert (_tst1 (s_inactive, ac, &ret) || ret == FALSE);
- kit_assert (_tst1 (s_active_remote, ac, &ret) || ret == TRUE);
- kit_assert (_tst1 (s_inactive_remote, ac, &ret) || ret == FALSE);
- _tst2 (ac);
-
-
-#if 0
- /* TODO: redo these tests; they are supposed to to verify that
- * polkit_authorization_constraint_get_from_caller() works()
- */
- for (n = 0; n < 4; n++) {
- PolKitSession *s;
- polkit_bool_t expected[4];
-
- switch (n) {
- case 0:
- s = s_active;
- expected[0] = TRUE;
- expected[1] = FALSE;
- expected[2] = FALSE;
- expected[3] = FALSE;
- break;
- case 1:
- s = s_inactive;
- expected[0] = FALSE;
- expected[1] = TRUE;
- expected[2] = FALSE;
- expected[3] = FALSE;
- break;
- case 2:
- s = s_active_remote;
- expected[0] = FALSE;
- expected[1] = FALSE;
- expected[2] = TRUE;
- expected[3] = FALSE;
- break;
- case 3:
- s = s_inactive_remote;
- expected[0] = FALSE;
- expected[1] = FALSE;
- expected[2] = FALSE;
- expected[3] = TRUE;
- break;
- }
-
- kit_assert (_tst3 (s, polkit_authorization_constraint_get_require_local_active (), &ret) || ret == expected[0]);
- kit_assert (_tst3 (s, polkit_authorization_constraint_get_require_local (), &ret) || ret == expected[1]);
- kit_assert (_tst3 (s, polkit_authorization_constraint_get_require_active (), &ret) || ret == expected[2]);
- kit_assert (_tst3 (s, polkit_authorization_constraint_get_null (), &ret) || ret == expected[3]);
- }
-#endif
-
- if ((ac = _polkit_authorization_constraint_new ()) != NULL) {
- polkit_authorization_constraint_validate (ac);
- polkit_authorization_constraint_debug (ac);
- polkit_authorization_constraint_ref (ac);
- polkit_authorization_constraint_unref (ac);
- polkit_authorization_constraint_unref (ac);
- }
-
- char our_exe[256];
- int n;
- n = polkit_sysdeps_get_exe_for_pid (getpid (), our_exe, sizeof (our_exe));
- kit_assert (n != -1);
- kit_assert (n < (int) sizeof (our_exe));
-
- if ((ac = polkit_authorization_constraint_get_require_exe (our_exe)) != NULL) {
- const char *s;
- PolKitCaller *c;
-
- kit_assert ((s = polkit_authorization_constraint_get_exe (ac)) != NULL && strcmp (s, our_exe) == 0);
- kit_assert (polkit_authorization_constraint_to_string (ac, buf, sizeof (buf)) < sizeof (buf));
- if ((ac2 = polkit_authorization_constraint_from_string (buf)) != NULL) {
- kit_assert (polkit_authorization_constraint_equal (ac, ac2));
- polkit_authorization_constraint_unref (ac2);
- }
-
- if ((c = polkit_caller_new ()) != NULL) {
- kit_assert (polkit_caller_set_pid (c, getpid ()));
- kit_assert (polkit_authorization_constraint_check_caller (ac, c));
- kit_assert (polkit_caller_set_pid (c, getppid ()));
- kit_assert (! polkit_authorization_constraint_check_caller (ac, c));
- polkit_caller_unref (c);
- }
-
-
- polkit_authorization_constraint_unref (ac);
- }
-
- if ((ac = polkit_authorization_constraint_get_require_selinux_context ("httpd_exec_t")) != NULL) {
- const char *s;
- PolKitCaller *c;
-
- kit_assert ((s = polkit_authorization_constraint_get_selinux_context (ac)) != NULL &&
- strcmp (s, "httpd_exec_t") == 0);
- kit_assert (polkit_authorization_constraint_to_string (ac, buf, sizeof (buf)) < sizeof (buf));
- if ((ac2 = polkit_authorization_constraint_from_string (buf)) != NULL) {
- kit_assert (polkit_authorization_constraint_equal (ac, ac2));
- polkit_authorization_constraint_unref (ac2);
- }
-
- if ((c = polkit_caller_new ()) != NULL) {
- kit_assert (polkit_caller_set_pid (c, getpid ()));
-
- if (polkit_caller_set_selinux_context (c, "httpd_exec_t")) {
- kit_assert (polkit_authorization_constraint_check_caller (ac, c));
- } else {
- kit_assert (errno == ENOMEM);
- }
-
- if (polkit_caller_set_selinux_context (c, "hald_exec_t")) {
- kit_assert (! polkit_authorization_constraint_check_caller (ac, c));
- } else {
- kit_assert (errno == ENOMEM);
- }
-
- polkit_caller_unref (c);
- }
-
- polkit_authorization_constraint_unref (ac);
- }
-
- if (s_active != NULL)
- polkit_session_unref (s_active);
-
- if (s_inactive != NULL)
- polkit_session_unref (s_inactive);
-
- if (s_active_remote != NULL)
- polkit_session_unref (s_active_remote);
-
- if (s_inactive_remote != NULL)
- polkit_session_unref (s_inactive_remote);
-
- return TRUE;
-}
-
-
-KitTest _test_authorization_constraint = {
- "polkit_authorization_constraint",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-authorization-constraint.h b/src/polkit/polkit-authorization-constraint.h
deleted file mode 100644
index 2eee07a..0000000
--- a/src/polkit/polkit-authorization-constraint.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-constraint.h : Conditions that must be
- * satisfied in order for an authorization to apply
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_AUTHORIZATION_CONSTRAINT_H
-#define POLKIT_AUTHORIZATION_CONSTRAINT_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-action.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-session.h>
-#include <polkit/polkit-caller.h>
-
-POLKIT_BEGIN_DECLS
-
-/**
- * PolKitAuthorizationConstraintType:
- * @POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL: the session or
- * caller must be local
- * @POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE: the session or
- * caller must be in an active local session
- * @POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE: the caller must
- * be a specific program; use
- * polkit_authorization_constraint_get_exe() to get the path of the
- * program.
- * @POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT: the
- * caller must be in a specific security context; use
- * polkit_authorization_constraint_get_selinux_context() to get the
- * security context.
- *
- * This enumeration describes the type of the authorization
- * constraint.
- */
-typedef enum {
- POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL,
- POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE,
- POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE,
- POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT,
-} PolKitAuthorizationConstraintType;
-
-struct _PolKitAuthorizationConstraint;
-typedef struct _PolKitAuthorizationConstraint PolKitAuthorizationConstraint;
-
-PolKitAuthorizationConstraint *polkit_authorization_constraint_get_require_local (void);
-PolKitAuthorizationConstraint *polkit_authorization_constraint_get_require_active (void);
-PolKitAuthorizationConstraint *polkit_authorization_constraint_get_require_exe (const char *path);
-PolKitAuthorizationConstraint *polkit_authorization_constraint_get_require_selinux_context (const char *context);
-
-PolKitAuthorizationConstraint *polkit_authorization_constraint_ref (PolKitAuthorizationConstraint *authc);
-void polkit_authorization_constraint_unref (PolKitAuthorizationConstraint *authc);
-void polkit_authorization_constraint_debug (PolKitAuthorizationConstraint *authc);
-polkit_bool_t polkit_authorization_constraint_validate (PolKitAuthorizationConstraint *authc);
-
-PolKitAuthorizationConstraintType polkit_authorization_constraint_type (PolKitAuthorizationConstraint *authc);
-
-const char *polkit_authorization_constraint_get_exe (PolKitAuthorizationConstraint *authc);
-
-const char *polkit_authorization_constraint_get_selinux_context (PolKitAuthorizationConstraint *authc);
-
-polkit_bool_t polkit_authorization_constraint_check_session (PolKitAuthorizationConstraint *authc,
- PolKitSession *session);
-
-polkit_bool_t polkit_authorization_constraint_check_caller (PolKitAuthorizationConstraint *authc,
- PolKitCaller *caller);
-
-size_t polkit_authorization_constraint_to_string (PolKitAuthorizationConstraint *authc, char *out_buf, size_t buf_size);
-PolKitAuthorizationConstraint *polkit_authorization_constraint_from_string (const char *str);
-
-int polkit_authorization_constraint_get_from_caller (PolKitCaller *caller, PolKitAuthorizationConstraint **out_array, size_t array_size);
-
-polkit_bool_t polkit_authorization_constraint_equal (PolKitAuthorizationConstraint *a,
- PolKitAuthorizationConstraint *b);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_AUTHORIZATION_CONSTRAINT_H */
-
-
diff --git a/src/polkit/polkit-authorization-db-dummy.c b/src/polkit/polkit-authorization-db-dummy.c
deleted file mode 100644
index 0b4c848..0000000
--- a/src/polkit/polkit-authorization-db-dummy.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-db.c : Dummy authorization database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <errno.h>
-#include <string.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <pwd.h>
-
-#include "polkit-debug.h"
-#include "polkit-authorization-db.h"
-#include "polkit-utils.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-
-/* PolKitAuthorizationDB structure is defined in polkit/polkit-private.h */
-
-PolKitAuthorizationDBCapability
-polkit_authorization_db_get_capabilities (void)
-{
- return 0;
-}
-
-PolKitAuthorizationDB *
-_polkit_authorization_db_new (void)
-{
- PolKitAuthorizationDB *authdb;
-
- authdb = kit_new0 (PolKitAuthorizationDB, 1);
- authdb->refcount = 1;
-
- return authdb;
-}
-
-polkit_bool_t
-_polkit_authorization_db_pfe_foreach (PolKitPolicyCache *policy_cache,
- PolKitPolicyCacheForeachFunc callback,
- void *user_data)
-{
- return FALSE;
-}
-
-PolKitPolicyFileEntry*
-_polkit_authorization_db_pfe_get_by_id (PolKitPolicyCache *policy_cache,
- const char *action_id)
-{
- return NULL;
-}
-
-PolKitAuthorizationDB *
-polkit_authorization_db_ref (PolKitAuthorizationDB *authdb)
-{
- kit_return_val_if_fail (authdb != NULL, authdb);
- authdb->refcount++;
- return authdb;
-}
-
-void
-polkit_authorization_db_unref (PolKitAuthorizationDB *authdb)
-{
- kit_return_if_fail (authdb != NULL);
- authdb->refcount--;
- if (authdb->refcount > 0)
- return;
- kit_free (authdb);
-}
-
-void
-polkit_authorization_db_debug (PolKitAuthorizationDB *authdb)
-{
- kit_return_if_fail (authdb != NULL);
- _pk_debug ("PolKitAuthorizationDB: refcount=%d", authdb->refcount);
-}
-
-polkit_bool_t
-polkit_authorization_db_validate (PolKitAuthorizationDB *authdb)
-{
- kit_return_val_if_fail (authdb != NULL, FALSE);
-
- return TRUE;
-}
-
-void
-_polkit_authorization_db_invalidate_cache (PolKitAuthorizationDB *authdb)
-{
-}
-
-polkit_bool_t
-polkit_authorization_db_is_session_authorized (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitSession *session,
- polkit_bool_t *out_is_authorized,
- polkit_bool_t *out_is_negative_authorized,
- PolKitError **error)
-{
- *out_is_authorized = FALSE;
- *out_is_negative_authorized = FALSE;
- return TRUE;
-}
-
-polkit_bool_t
-polkit_authorization_db_is_caller_authorized (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- polkit_bool_t revoke_if_one_shot,
- polkit_bool_t *out_is_authorized,
- polkit_bool_t *out_is_negative_authorized,
- PolKitError **error)
-{
- *out_is_authorized = FALSE;
- *out_is_negative_authorized = FALSE;
- return TRUE;
-}
-
-
-polkit_bool_t
-polkit_authorization_db_foreach (PolKitAuthorizationDB *authdb,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_foreach_for_uid (PolKitAuthorizationDB *authdb,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_foreach_for_action (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_foreach_for_action_for_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_revoke_entry (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- PolKitError **error)
-{
- polkit_error_set_error (error, POLKIT_ERROR_NOT_SUPPORTED, "Not supported");
- return FALSE;
-}
-
-polkit_bool_t
-polkit_authorization_db_is_uid_blocked_by_self (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitError **error)
-{
- polkit_error_set_error (error, POLKIT_ERROR_NOT_SUPPORTED, "Not supported");
- return FALSE;
-}
-
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-KitTest _test_authorization_db = {
- "polkit_authorization_db",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-authorization-db.c b/src/polkit/polkit-authorization-db.c
deleted file mode 100644
index 2797b31..0000000
--- a/src/polkit/polkit-authorization-db.c
+++ /dev/null
@@ -1,1470 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-db.c : Represents the authorization database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <errno.h>
-#include <string.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <pwd.h>
-
-#include "polkit-debug.h"
-#include "polkit-authorization-db.h"
-#include "polkit-utils.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-authorization-db
- * @title: Authorization Database
- * @short_description: Reading from and writing to the database storing authorizations
- *
- * This class presents an abstraction of the authorization database as
- * well as methods for reading and writing to it.
- *
- * The reading parts are in <literal>libpolkit</literal> and the
- * writing parts are in <literal>libpolkit-grant</literal>.
- *
- * Since: 0.7
- **/
-
-/**
- * PolKitAuthorizationDB:
- *
- * Objects of this class are used to represent the authorization
- * database.
- *
- * Since: 0.7
- **/
-struct _PolKitAuthorizationDB;
-
-/* PolKitAuthorizationDB structure is defined in polkit/polkit-private.h */
-
-static kit_bool_t
-clear_auth (void *data, void *user_data, KitList *list)
-{
- PolKitAuthorization *auth = (PolKitAuthorization *) data;
- polkit_authorization_unref (auth);
- return FALSE;
-}
-
-static void
-_free_authlist (KitList *authlist)
-{
- if (authlist != NULL) {
- kit_list_foreach (authlist, clear_auth, NULL);
- kit_list_free (authlist);
- }
-}
-
-
-/**
- * polkit_authorization_db_get_capabilities:
- *
- * Determine what capabilities the authorization backend has.
- *
- * Returns: Flags from the #PolKitAuthorizationDBCapability enumeration
- *
- * Since: 0.7
- */
-PolKitAuthorizationDBCapability
-polkit_authorization_db_get_capabilities (void)
-{
- return POLKIT_AUTHORIZATION_DB_CAPABILITY_CAN_OBTAIN;
-}
-
-/**
- * _polkit_authorization_db_new:
- *
- * Create a new #PolKitAuthorizationDB object.
- *
- * Returns: the new object
- *
- * Since: 0.7
- **/
-PolKitAuthorizationDB *
-_polkit_authorization_db_new (void)
-{
- PolKitAuthorizationDB *authdb;
-
- authdb = kit_new0 (PolKitAuthorizationDB, 1);
- if (authdb == NULL)
- goto oom;
- authdb->refcount = 1;
-
- /* set up the hashtable */
- _polkit_authorization_db_invalidate_cache (authdb);
-oom:
- return authdb;
-}
-
-/**
- * polkit_authorization_db_ref:
- * @authdb: the object
- *
- * Increase reference count.
- *
- * Returns: the object
- *
- * Since: 0.7
- **/
-PolKitAuthorizationDB *
-polkit_authorization_db_ref (PolKitAuthorizationDB *authdb)
-{
- kit_return_val_if_fail (authdb != NULL, authdb);
- authdb->refcount++;
- return authdb;
-}
-
-/**
- * polkit_authorization_db_unref:
- * @authdb: the object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- *
- * Since: 0.7
- **/
-void
-polkit_authorization_db_unref (PolKitAuthorizationDB *authdb)
-{
- kit_return_if_fail (authdb != NULL);
- authdb->refcount--;
- if (authdb->refcount > 0)
- return;
- if (authdb->uid_to_authlist != NULL)
- kit_hash_unref (authdb->uid_to_authlist);
- kit_free (authdb);
-}
-
-/**
- * polkit_authorization_db_debug:
- * @authdb: the object
- *
- * Print debug details
- *
- * Since: 0.7
- **/
-void
-polkit_authorization_db_debug (PolKitAuthorizationDB *authdb)
-{
- kit_return_if_fail (authdb != NULL);
- polkit_debug ("PolKitAuthorizationDB: refcount=%d", authdb->refcount);
-}
-
-/**
- * polkit_authorization_db_validate:
- * @authdb: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- *
- * Since: 0.7
- **/
-polkit_bool_t
-polkit_authorization_db_validate (PolKitAuthorizationDB *authdb)
-{
- kit_return_val_if_fail (authdb != NULL, FALSE);
-
- return TRUE;
-}
-
-/**
- * _polkit_authorization_db_invalidate_cache:
- * @authdb: authorization database
- *
- * Tell the authorization database to invalidate any caches it might
- * employ. This is called by #PolKitContext whenever configuration or
- * anything else changes.
- *
- * Since: 0.7
- */
-void
-_polkit_authorization_db_invalidate_cache (PolKitAuthorizationDB *authdb)
-{
- /* out with the old, in the with new */
- if (authdb->uid_to_authlist != NULL) {
- kit_hash_unref (authdb->uid_to_authlist);
- authdb->uid_to_authlist = NULL;
- }
-}
-
-/**
- * _authdb_get_auths_for_uid:
- * @authdb: authorization database
- * @uid: uid to get authorizations for. If -1 is passed authorizations
- * for all users will be returned.
- * @error: return location for error
- *
- * Internal function to get authorizations for a uid.
- *
- * Returns: A singly-linked list of #PolKitAuthorization
- * objects. Caller shall not free this list. Returns #NULL if either
- * calling process is not sufficiently privileged (error will be set)
- * or if there are no authorizations for the given uid.
- *
- * Since: 0.7
- */
-static KitList *
-_authdb_get_auths_for_uid (PolKitAuthorizationDB *authdb,
- const uid_t uid,
- PolKitError **error)
-{
- KitList *ret;
- char *helper_argv[] = {NULL, NULL, NULL};
- int exit_status;
- char *standard_output;
- size_t len;
- off_t n;
-
- ret = NULL;
- standard_output = NULL;
-
-#ifdef POLKIT_BUILD_TESTS
- char helper_buf[256];
- char *helper_bin_dir;
- if ((helper_bin_dir = getenv ("POLKIT_TEST_BUILD_DIR")) != NULL) {
- kit_assert ((size_t) snprintf (helper_buf, sizeof (helper_buf), "%s/src/polkit/polkit-read-auth-helper-1", helper_bin_dir) < sizeof (helper_buf));
- helper_argv[0] = helper_buf;
- } else {
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-read-auth-helper-1";
- }
-#else
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-read-auth-helper-1";
-#endif
-
- /* first, see if this is in the cache */
- if (authdb->uid_to_authlist != NULL) {
- ret = kit_hash_lookup (authdb->uid_to_authlist, (void *) uid, NULL);
- if (ret != NULL)
- goto out;
- }
-
- helper_argv[1] = kit_strdup_printf ("%d", uid);
- if (helper_argv[1] == NULL) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "No memory");
- goto out;
- }
-
- /* we need to do this through a setgid polkituser helper
- * because the auth file is readable only for uid 0 and gid
- * polkituser.
- */
- if (!kit_spawn_sync (NULL, /* const char *working_directory */
- 0, /* flags */
- helper_argv, /* char **argv */
- NULL, /* char **envp */
- NULL, /* char *stdin */
- &standard_output, /* char **stdout */
- NULL, /* char **stderr */
- &exit_status)) { /* int *exit_status */
- if (errno == ENOMEM) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "Error spawning read auth helper: OOM");
- } else {
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Error spawning read auth helper: %m");
- }
- goto out;
- }
-
- if (!WIFEXITED (exit_status)) {
- kit_warning ("Read auth helper crashed!");
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Read auth helper crashed!");
- goto out;
- } else if (WEXITSTATUS(exit_status) != 0) {
- polkit_error_set_error (error,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_READ_AUTHORIZATIONS_FOR_OTHER_USERS,
- uid > 0 ?
- "uid %d is not authorized to read authorizations for uid %d (requires org.freedesktop.policykit.read)" :
- "uid %d is not authorized to read all authorizations (requires org.freedesktop.policykit.read)",
- getuid (), uid);
- goto out;
- }
-
- //kit_warning ("standard_output='%s'", standard_output);
-
- if (standard_output != NULL) {
- uid_t uid2;
- len = strlen (standard_output);
-
- uid2 = uid;
-
- /* parse one line at a time (modifies standard_output in place) */
- n = 0;
- while (n < len) {
- off_t m;
- char *line;
- PolKitAuthorization *auth;
-
- m = n;
- while (m < len && standard_output[m] != '\0') {
- if (standard_output[m] == '\n')
- break;
- m++;
- }
- /* check EOF */
- if (standard_output[m] == '\0')
- break;
- standard_output[m] = '\0';
-
- line = standard_output + n;
-
- if (strlen (line) >= 2 && strncmp (line, "#uid=", 5) == 0) {
- uid2 = (uid_t) atoi (line + 5);
- }
-
- if (strlen (line) >= 2 && line[0] != '#') {
- auth = _polkit_authorization_new_for_uid (line, uid2);
- if (auth == NULL) {
- if (errno == ENOMEM) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "No memory");
- _free_authlist (ret);
- ret = NULL;
- goto out;
- } else {
- kit_warning ("Skipping invalid authline '%s'", line);
- }
- }
-
- //kit_warning (" #got %s", line);
-
- if (auth != NULL) {
- KitList *ret2;
- /* we need the authorizations in the chronological order...
- * (TODO: optimized: prepend, then reverse after all items have been inserted)
- */
- ret2 = kit_list_append (ret, auth);
- if (ret2 == NULL) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "No memory");
- polkit_authorization_unref (auth);
- _free_authlist (ret);
- ret = NULL;
- goto out;
- }
- ret = ret2;
- }
- }
-
- n = m + 1;
- }
- }
-
- if (authdb->uid_to_authlist == NULL) {
- authdb->uid_to_authlist = kit_hash_new (kit_hash_direct_hash_func,
- kit_hash_direct_equal_func,
- NULL,
- NULL,
- NULL,
- (KitFreeFunc) _free_authlist);
- }
-
- if (authdb->uid_to_authlist == NULL ||
- !kit_hash_insert (authdb->uid_to_authlist, (void *) uid, ret)) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "No memory");
- _free_authlist (ret);
- ret = NULL;
- goto out;
- }
-
-out:
- kit_free (helper_argv[1]);
- kit_free (standard_output);
- return ret;
-}
-
-
-static polkit_bool_t
-_internal_foreach (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- KitList *l;
- KitList *auths;
- KitList *auths_copy;
- polkit_bool_t ret;
- char *action_id;
-
- kit_return_val_if_fail (authdb != NULL, FALSE);
- kit_return_val_if_fail (cb != NULL, FALSE);
-
- ret = FALSE;
-
- if (action == NULL) {
- action_id = NULL;
- } else {
- if (!polkit_action_get_action_id (action, &action_id))
- goto out;
- }
-
- auths = _authdb_get_auths_for_uid (authdb, uid, error);
- if (auths == NULL)
- goto out;
-
- /* have to copy the list and ref the auths because the authdb
- * may disappear from under us due to revoke_if_one_shot...
- */
- auths_copy = kit_list_copy (auths);
- if (auths_copy == NULL) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "No memory");
- goto out;
- }
- for (l = auths_copy; l != NULL; l = l->next)
- polkit_authorization_ref ((PolKitAuthorization *) l->data);
-
- for (l = auths_copy; l != NULL; l = l->next) {
- PolKitAuthorization *auth = l->data;
-
- //kit_warning ("%d: action_id=%s uid=%d",
- // uid,
- // polkit_authorization_get_action_id (auth),
- // polkit_authorization_get_uid (auth));
-
- if (action_id != NULL) {
- if (strcmp (polkit_authorization_get_action_id (auth), action_id) != 0) {
- continue;
- }
- }
-
- if (cb (authdb, auth, user_data)) {
- ret = TRUE;
- break;
- }
- }
-
- for (l = auths_copy; l != NULL; l = l->next)
- polkit_authorization_unref ((PolKitAuthorization *) l->data);
- kit_list_free (auths_copy);
-
-out:
- return ret;
-}
-
-
-/**
- * polkit_authorization_db_foreach:
- * @authdb: authorization database
- * @cb: callback
- * @user_data: user data to pass to callback
- * @error: return location for error
- *
- * Iterate over all entries in the authorization database.
- *
- * Note that unless the calling process has the authorization
- * org.freedesktop.policykit.read this function may return an error.
- *
- * Returns: #TRUE if the callback returned #TRUE to stop iterating. If
- * #FALSE, either error may be set or the callback returns #FALSE on
- * every invocation.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_foreach (PolKitAuthorizationDB *authdb,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- return _internal_foreach (authdb, NULL, -1, cb, user_data, error);
-}
-
-/**
- * polkit_authorization_db_foreach_for_uid:
- * @authdb: authorization database
- * @uid: user to get authorizations for
- * @cb: callback
- * @user_data: user data to pass to callback
- * @error: return location for error
- *
- * Iterate over all entries in the authorization database for a given
- * user.
- *
- * Note that if the calling process asks for authorizations for a
- * different uid than itself and it lacks the authorization
- * org.freedesktop.policykit.read this function may return an error.
- *
- * Returns: #TRUE if the callback returned #TRUE to stop iterating. If
- * #FALSE, either error may be set or the callback returns #FALSE on
- * every invocation.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_foreach_for_uid (PolKitAuthorizationDB *authdb,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- return _internal_foreach (authdb, NULL, uid, cb, user_data, error);
-}
-
-/**
- * polkit_authorization_db_foreach_for_action:
- * @authdb: authorization database
- * @action: action to get authorizations for
- * @cb: callback
- * @user_data: user data to pass to callback
- * @error: return location for error
- *
- * Iterate over all entries in the authorization database for a given
- * action.
- *
- * Note that unless the calling process has the authorization
- * org.freedesktop.policykit.read this function may return an error.
- *
- * Returns: #TRUE if the callback returned #TRUE to stop iterating. If
- * #FALSE, either error may be set or the callback returns #FALSE on
- * every invocation.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_foreach_for_action (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- kit_return_val_if_fail (action != NULL, FALSE);
- return _internal_foreach (authdb, action, -1, cb, user_data, error);
-}
-
-/**
- * polkit_authorization_db_foreach_for_action_for_uid:
- * @authdb: authorization database
- * @action: action to get authorizations for
- * @uid: user to get authorizations for
- * @cb: callback
- * @user_data: user data to pass to callback
- * @error: return location for error
- *
- * Iterate over all entries in the authorization database for a given
- * action and user.
- *
- * Note that if the calling process asks for authorizations for a
- * different uid than itself and it lacks the authorization
- * org.freedesktop.policykit.read this function may return an error.
- *
- * Returns: #TRUE if the callback returned #TRUE to stop iterating. If
- * #FALSE, either error may be set or the callback returns #FALSE on
- * every invocation.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_foreach_for_action_for_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error)
-{
- kit_return_val_if_fail (action != NULL, FALSE);
- return _internal_foreach (authdb, action, uid, cb, user_data, error);
-}
-
-
-typedef struct {
- char *action_id;
- uid_t session_uid;
- char *session_objpath;
- PolKitSession *session;
-
- polkit_bool_t *out_is_authorized;
- polkit_bool_t *out_is_negative_authorized;
-} CheckDataSession;
-
-static polkit_bool_t
-_check_constraint_session (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data)
-{
- PolKitSession *session = (PolKitSession *) user_data;
-
- if (!polkit_authorization_constraint_check_session (authc, session))
- goto no_match;
-
- return FALSE;
-no_match:
- return TRUE;
-}
-
-static polkit_bool_t
-_check_auth_for_session (PolKitAuthorizationDB *authdb, PolKitAuthorization *auth, void *user_data)
-{
- polkit_bool_t ret;
- uid_t pimp_uid;
- polkit_bool_t is_negative;
- CheckDataSession *cd = (CheckDataSession *) user_data;
-
- ret = FALSE;
-
- if (strcmp (polkit_authorization_get_action_id (auth), cd->action_id) != 0)
- goto no_match;
-
- if (polkit_authorization_constraints_foreach (auth, _check_constraint_session, cd->session))
- goto no_match;
-
- switch (polkit_authorization_get_scope (auth))
- {
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT:
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS:
- goto no_match;
-
- case POLKIT_AUTHORIZATION_SCOPE_SESSION:
- if (strcmp (polkit_authorization_scope_session_get_ck_objref (auth), cd->session_objpath) != 0)
- goto no_match;
- break;
-
- case POLKIT_AUTHORIZATION_SCOPE_ALWAYS:
- break;
- }
-
- if (!polkit_authorization_was_granted_explicitly (auth, &pimp_uid, &is_negative))
- is_negative = FALSE;
-
- if (is_negative) {
- *(cd->out_is_authorized) = FALSE;
- *(cd->out_is_negative_authorized) = TRUE;
- } else {
- *(cd->out_is_authorized) = TRUE;
- *(cd->out_is_negative_authorized) = FALSE;
- }
-
- /* keep iterating; we may find negative auths... */
-
- if (is_negative) {
- *(cd->out_is_authorized) = FALSE;
- *(cd->out_is_negative_authorized) = TRUE;
- /* it only takes a single negative auth to block things so stop iterating */
- ret = TRUE;
- } else {
- *(cd->out_is_authorized) = TRUE;
- *(cd->out_is_negative_authorized) = FALSE;
- /* keep iterating; we may find negative auths... */
- }
-
-no_match:
- return ret;
-}
-
-/**
- * polkit_authorization_db_is_session_authorized:
- * @authdb: the authorization database
- * @action: the action to check for
- * @session: the session to check for
- * @out_is_authorized: return location
- * @out_is_negative_authorized: return location
- * @error: return location for error
- *
- * Looks in the authorization database and determine if processes from
- * the given session are authorized to do the given specific
- * action. If there is an authorization record that matches the
- * session, @out_is_authorized will be set to %TRUE. If there is a
- * negative authorization record matching the session
- * @out_is_negative_authorized will be set to %TRUE.
- *
- * Returns: #TRUE if the look up was performed; #FALSE if the caller
- * of this function lacks privileges to ask this question (e.g. asking
- * about a user that is not himself) or OOM (and @error will be set)
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_is_session_authorized (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitSession *session,
- polkit_bool_t *out_is_authorized,
- polkit_bool_t *out_is_negative_authorized,
- PolKitError **error)
-{
- polkit_bool_t ret;
- CheckDataSession cd;
-
- ret = FALSE;
-
- kit_return_val_if_fail (authdb != NULL, FALSE);
- kit_return_val_if_fail (action != NULL, FALSE);
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_is_authorized != NULL, FALSE);
-
- if (!polkit_action_get_action_id (action, &cd.action_id))
- return FALSE;
-
- if (!polkit_session_get_uid (session, &cd.session_uid))
- return FALSE;
-
- cd.session = session;
-
- if (!polkit_session_get_ck_objref (session, &cd.session_objpath) || cd.session_objpath == NULL)
- return FALSE;
-
- ret = TRUE;
-
- cd.out_is_authorized = out_is_authorized;
- cd.out_is_negative_authorized = out_is_negative_authorized;
- *out_is_authorized = FALSE;
- *out_is_negative_authorized = FALSE;
-
- if (polkit_authorization_db_foreach_for_uid (authdb,
- cd.session_uid,
- _check_auth_for_session,
- &cd,
- NULL)) {
- ;
- }
-
- return ret;
-}
-
-typedef struct {
- char *action_id;
- uid_t caller_uid;
- pid_t caller_pid;
- polkit_uint64_t caller_pid_start_time;
- char *session_objpath;
- PolKitCaller *caller;
- polkit_bool_t revoke_if_one_shot;
-
- polkit_bool_t *out_is_authorized;
- polkit_bool_t *out_is_negative_authorized;
-
- PolKitError *error;
-} CheckData;
-
-static polkit_bool_t
-_check_constraint_caller (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data)
-{
- PolKitCaller *caller = (PolKitCaller *) user_data;
-
- if (!polkit_authorization_constraint_check_caller (authc, caller))
- goto no_match;
-
- return FALSE;
-no_match:
- return TRUE;
-}
-
-static polkit_bool_t
-_check_auth_for_caller (PolKitAuthorizationDB *authdb, PolKitAuthorization *auth, void *user_data)
-{
- polkit_bool_t ret;
- uid_t pimp_uid;
- polkit_bool_t is_negative;
- pid_t caller_pid;
- polkit_uint64_t caller_pid_start_time;
- CheckData *cd = (CheckData *) user_data;
-
- ret = FALSE;
-
- if (strcmp (polkit_authorization_get_action_id (auth), cd->action_id) != 0)
- goto no_match;
-
- if (polkit_authorization_constraints_foreach (auth, _check_constraint_caller, cd->caller))
- goto no_match;
-
- switch (polkit_authorization_get_scope (auth))
- {
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT:
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS:
- if (!polkit_authorization_scope_process_get_pid (auth, &caller_pid, &caller_pid_start_time))
- goto no_match;
- if (!(caller_pid == cd->caller_pid && caller_pid_start_time == cd->caller_pid_start_time))
- goto no_match;
-
- if (polkit_authorization_get_scope (auth) == POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT) {
-
- /* it's a match already; revoke if asked to do so */
- if (cd->revoke_if_one_shot) {
- cd->error = NULL;
- if (!polkit_authorization_db_revoke_entry (authdb, auth, &(cd->error))) {
- //kit_warning ("Cannot revoke one-shot auth: %s: %s",
- // polkit_error_get_error_name (cd->error),
- // polkit_error_get_error_message (cd->error));
- /* stop iterating */
- ret = TRUE;
- goto no_match;
- }
- /* revoked; now purge internal cache */
- _polkit_authorization_db_invalidate_cache (authdb);
- }
- }
- break;
-
- case POLKIT_AUTHORIZATION_SCOPE_SESSION:
- if (cd->session_objpath == NULL)
- goto no_match;
- if (strcmp (polkit_authorization_scope_session_get_ck_objref (auth), cd->session_objpath) != 0)
- goto no_match;
- break;
-
- case POLKIT_AUTHORIZATION_SCOPE_ALWAYS:
- break;
- }
-
- if (!polkit_authorization_was_granted_explicitly (auth, &pimp_uid, &is_negative))
- is_negative = FALSE;
-
- if (is_negative) {
- *(cd->out_is_authorized) = FALSE;
- *(cd->out_is_negative_authorized) = TRUE;
- /* it only takes a single negative auth to block things so stop iterating */
- ret = TRUE;
- } else {
- *(cd->out_is_authorized) = TRUE;
- *(cd->out_is_negative_authorized) = FALSE;
- /* keep iterating; we may find negative auths... */
- }
-
-
-no_match:
- return ret;
-}
-
-/**
- * polkit_authorization_db_is_caller_authorized:
- * @authdb: the authorization database
- * @action: the action to check for
- * @caller: the caller to check for
- * @revoke_if_one_shot: Whether to revoke one-shot authorizations. See
- * discussion in polkit_context_is_caller_authorized() for details.
- * @out_is_authorized: return location
- * @out_is_negative_authorized: return location
- * @error: return location for error
- *
- * Looks in the authorization database if the given caller is
- * authorized to do the given action. If there is an authorization
- * record that matches the caller, @out_is_authorized will be set to
- * %TRUE. If there is a negative authorization record matching the
- * caller @out_is_negative_authorized will be set to %TRUE.
- *
- * Returns: #TRUE if the look up was performed; #FALSE if the caller
- * of this function lacks privileges to ask this question (e.g. asking
- * about a user that is not himself) or if OOM (and @error will be set)
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_is_caller_authorized (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- polkit_bool_t revoke_if_one_shot,
- polkit_bool_t *out_is_authorized,
- polkit_bool_t *out_is_negative_authorized,
- PolKitError **error)
-{
- PolKitSession *session;
- polkit_bool_t ret;
- CheckData cd;
- PolKitError *error2;
-
- ret = FALSE;
-
- kit_return_val_if_fail (authdb != NULL, FALSE);
- kit_return_val_if_fail (action != NULL, FALSE);
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (out_is_authorized != NULL, FALSE);
-
- if (!polkit_action_get_action_id (action, &cd.action_id))
- goto out;
-
- if (!polkit_caller_get_pid (caller, &cd.caller_pid))
- goto out;
-
- if (!polkit_caller_get_uid (caller, &cd.caller_uid))
- goto out;
-
- cd.caller = caller;
- cd.revoke_if_one_shot = revoke_if_one_shot;
- cd.error = NULL;
-
- cd.caller_pid_start_time = polkit_sysdeps_get_start_time_for_pid (cd.caller_pid);
- if (cd.caller_pid_start_time == 0) {
- if (errno == ENOMEM) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "No memory");
- } else {
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Errno %d: %m", errno);
- }
- goto out;
- }
-
- /* Caller does not _have_ to be member of a session */
- cd.session_objpath = NULL;
- if (polkit_caller_get_ck_session (caller, &session) && session != NULL) {
- if (!polkit_session_get_ck_objref (session, &cd.session_objpath))
- cd.session_objpath = NULL;
- }
-
- cd.out_is_authorized = out_is_authorized;
- cd.out_is_negative_authorized = out_is_negative_authorized;
- *out_is_authorized = FALSE;
- *out_is_negative_authorized = FALSE;
-
- error2 = NULL;
- if (polkit_authorization_db_foreach_for_uid (authdb,
- cd.caller_uid,
- _check_auth_for_caller,
- &cd,
- &error2)) {
- ;
- }
-
- if (polkit_error_is_set (error2)) {
- if (error != NULL) {
- *error = error2;
- } else {
- polkit_error_free (error2);
- }
- goto out;
- }
-
- if (polkit_error_is_set (cd.error)) {
- if (error != NULL) {
- *error = cd.error;
- } else {
- polkit_error_free (cd.error);
- }
- goto out;
- }
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-/**
- * polkit_authorization_db_revoke_entry:
- * @authdb: the authorization database
- * @auth: the authorization to revoke
- * @error: return location for error
- *
- * Removes an authorization from the authorization database. This uses
- * a privileged helper /usr/libexec/polkit-revoke-helper.
- *
- * Returns: #TRUE if the authorization was revoked, #FALSE otherwise and error is set
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_revoke_entry (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- PolKitError **error)
-{
- char *helper_argv[] = {NULL, "", NULL, NULL, NULL};
- const char *auth_file_entry;
- polkit_bool_t ret;
- int exit_status;
-
- ret = FALSE;
-
- kit_return_val_if_fail (authdb != NULL, FALSE);
- kit_return_val_if_fail (auth != NULL, FALSE);
-
- auth_file_entry = _polkit_authorization_get_authfile_entry (auth);
- //g_debug ("should delete line '%s'", auth_file_entry);
-
-#ifdef POLKIT_BUILD_TESTS
- char helper_buf[256];
- char *helper_bin_dir;
- if ((helper_bin_dir = getenv ("POLKIT_TEST_BUILD_DIR")) != NULL) {
- kit_assert ((size_t) snprintf (helper_buf, sizeof (helper_buf), "%s/src/polkit-grant/polkit-revoke-helper-1", helper_bin_dir) < sizeof (helper_buf));
- helper_argv[0] = helper_buf;
- } else {
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-revoke-helper-1";
- }
-#else
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-revoke-helper-1";
-#endif
-
- helper_argv[1] = (char *) auth_file_entry;
- helper_argv[2] = "uid";
- helper_argv[3] = kit_strdup_printf ("%d", polkit_authorization_get_uid (auth));
- if (helper_argv[3] == NULL) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory");
- goto out;
- }
-
- if (!kit_spawn_sync (NULL, /* const char *working_directory */
- 0, /* flags */
- helper_argv, /* char **argv */
- NULL, /* char **envp */
- NULL, /* char *stdin */
- NULL, /* char **stdout */
- NULL, /* char **stderr */
- &exit_status)) { /* int *exit_status */
- if (errno == ENOMEM) {
- polkit_error_set_error (error,
- POLKIT_ERROR_OUT_OF_MEMORY,
- "Error spawning revoke helper: OOM");
- } else {
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Error spawning revoke helper: %m");
- }
- goto out;
- }
-
- if (!WIFEXITED (exit_status)) {
- kit_warning ("Revoke helper crashed!");
- polkit_error_set_error (error,
- POLKIT_ERROR_GENERAL_ERROR,
- "Revoke helper crashed!");
- goto out;
- } else if (WEXITSTATUS(exit_status) != 0) {
- polkit_error_set_error (error,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_REVOKE_AUTHORIZATIONS_FROM_OTHER_USERS,
- "uid %d is not authorized to revoke authorizations from uid %d (requires org.freedesktop.policykit.revoke)",
- getuid (), polkit_authorization_get_uid (auth));
- } else {
- ret = TRUE;
- }
-
-out:
- kit_free (helper_argv[3]);
- return ret;
-}
-
-static polkit_bool_t
-_check_self_block_foreach (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- void *user_data)
-{
- polkit_bool_t *is_self_blocked = (polkit_bool_t *) user_data;
- polkit_bool_t is_negative;
- uid_t pimp_uid;
- polkit_bool_t ret;
-
- if (!polkit_authorization_was_granted_explicitly (auth, &pimp_uid, &is_negative))
- is_negative = FALSE;
-
- if (is_negative) {
- if (pimp_uid == getuid ()) {
- *is_self_blocked = TRUE;
- /* can't stop iterating.. there may be another one who blocked us too! */
- } else {
- *is_self_blocked = FALSE;
- ret = TRUE;
- /* nope; someone else blocked us.. that's enough to ruin it */
- }
- }
-
- return ret;
-}
-
-/**
- * polkit_authorization_db_is_uid_blocked_by_self:
- * @authdb: the authorization database
- * @action: the action to check for
- * @uid: the user to check for
- * @error: return location for error
- *
- * Determine whether there exists negative authorizations for the
- * particular uid on the given action and whether those negative
- * authorization are "granted" by the uid itself.
- *
- * If uid is different from getuid(), e.g. if the calling process asks
- * for auths of another user this function will set an error if the
- * calling user is not authorized for org.freedesktop.policykit.read.
- *
- * Returns: Result of computation described above; if error is set
- * will return %FALSE.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_db_is_uid_blocked_by_self (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitError **error)
-{
- polkit_bool_t is_self_blocked;
-
- kit_return_val_if_fail (authdb != NULL, FALSE);
- kit_return_val_if_fail (action != NULL, FALSE);
-
- is_self_blocked = FALSE;
- polkit_authorization_db_foreach_for_action_for_uid (authdb,
- action,
- uid,
- _check_self_block_foreach,
- &is_self_blocked,
- error);
-
- return is_self_blocked;
-}
-
-
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitAuthorizationDB *adb;
- const char test_passwd[] =
- "root:x:0:0:PolKit root user:/root:/bin/bash\n"
- POLKIT_USER ":x:50400:50400:PolKit user:/:/sbin/nologin\n"
- "pu1:x:50401:50401:PolKit Test user 0:/home/polkittest1:/bin/bash\n"
- "pu2:x:50402:50402:PolKit Test user 1:/home/polkittest2:/bin/bash\n"
- "pu3:x:50403:50403:PolKit Test user 2:/home/polkittest3:/bin/bash\n";
- const char test_pu1_run[] =
- "";
- const char test_pu1_lib[] =
- "scope=grant:action-id=org.freedesktop.policykit.read:when=1194634242:granted-by=0\n";
- const char test_pu2_run[] =
- "";
- const char test_pu2_lib[] =
- "";
- char test_pu3_run[512];
- const char test_pu3_lib[] =
- "";
- PolKitCaller *caller;
- PolKitAction *action;
- PolKitSession *session;
- polkit_bool_t is_auth;
- polkit_bool_t is_neg;
- PolKitError *error;
- polkit_uint64_t start_time;
-
-
- adb = NULL;
- caller = NULL;
- action = NULL;
- session = NULL;
-
- start_time = polkit_sysdeps_get_start_time_for_pid (getpid ());
- if (start_time == 0)
- goto out;
-
- if (snprintf (test_pu3_run, sizeof (test_pu3_run),
- "scope=process:pid=%d:pid-start-time=%lld:action-id=org.example.per-process:when=1196307507:auth-as=500\n"
- "scope=process-one-shot:pid=%d:pid-start-time=%lld:action-id=org.example.per-process-one-shot:when=1196307507:auth-as=500\n"
- "scope=session:session-id=%%2FSession1:action-id=org.example.per-session:when=1196307507:auth-as=500\n",
- getpid (), start_time,
- getpid (), start_time) >= (int) sizeof (test_pu3_run))
- goto fail;
-
- if (setenv ("POLKIT_TEST_LOCALSTATE_DIR", TEST_DATA_DIR "authdb-test", 1) != 0)
- goto fail;
-
- if (setenv ("POLKIT_TEST_BUILD_DIR", TEST_BUILD_DIR, 1) != 0)
- goto fail;
-
- if (setenv ("KIT_TEST_PASSWD_FILE", TEST_DATA_DIR "authdb-test/passwd", 1) != 0)
- goto fail;
-
- /* create test users */
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/passwd", 0644,
- test_passwd, sizeof (test_passwd) - 1))
- goto out;
-
- /* seed the authdb with known defaults */
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/run/polkit-1/user-pu1.auths", 0644,
- test_pu1_run, sizeof (test_pu1_run) - 1))
- goto out;
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/lib/polkit-1/user-pu1.auths", 0644,
- test_pu1_lib, sizeof (test_pu1_lib) - 1))
- goto out;
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/run/polkit-1/user-pu2.auths", 0644,
- test_pu2_run, sizeof (test_pu2_run) - 1))
- goto out;
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/lib/polkit-1/user-pu2.auths", 0644,
- test_pu2_lib, sizeof (test_pu2_lib) - 1))
- goto out;
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/run/polkit-1/user-pu3.auths", 0644,
- test_pu3_run, strlen (test_pu3_run)))
- goto out;
- if (!kit_file_set_contents (TEST_DATA_DIR "authdb-test/lib/polkit-1/user-pu3.auths", 0644,
- test_pu3_lib, sizeof (test_pu3_lib) - 1))
- goto out;
-
- if ((adb = _polkit_authorization_db_new ()) == NULL)
- goto out;
-
-
- if ((action = polkit_action_new ()) == NULL)
- goto out;
- if ((caller = polkit_caller_new ()) == NULL)
- goto out;
- kit_assert (polkit_caller_set_pid (caller, getpid ()));
-
- /* initialize all pretend environment variables */
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH", "", 1) != 0)
- goto fail;
-
- /*
- * test: "org.freedesktop.policykit.read"
- */
- if (!polkit_action_set_action_id (action, "org.freedesktop.policykit.read"))
- goto out;
-
- /* test: pu1 has the auth org.freedesktop.policykit.read */
- kit_assert (polkit_caller_set_uid (caller, 50401));
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_UID", "50401", 1) != 0)
- goto fail;
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error) && is_auth && !is_neg);
- } else {
- //kit_warning ("%p: %d: %s: %s",
- // error,
- // polkit_error_get_error_code (error),
- // polkit_error_get_error_name (error),
- // polkit_error_get_error_message (error));
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
- /* test: pu2 does not have the auth org.freedesktop.policykit.read */
- kit_assert (polkit_caller_set_uid (caller, 50402));
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_UID", "50402", 1) != 0)
- goto fail;
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error));
- kit_assert (!is_auth && !is_neg);
- } else {
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
- /************************/
- /* INVALIDATE THE CACHE */
- /************************/
- _polkit_authorization_db_invalidate_cache (adb);
-
- /* test: pu1 can check that pu2 does not have the auth org.freedesktop.policykit.read */
- kit_assert (polkit_caller_set_uid (caller, 50402));
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_UID", "50401", 1) != 0)
- goto fail;
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error) && !is_auth && !is_neg);
- } else {
- kit_warning ("%p: %d: %s: %s",
- error,
- polkit_error_get_error_code (error),
- polkit_error_get_error_name (error),
- polkit_error_get_error_message (error));
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
- /* test: pu2 cannot check if pu1 have the auth org.freedesktop.policykit.read */
- kit_assert (polkit_caller_set_uid (caller, 50401));
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_UID", "50402", 1) != 0)
- goto fail;
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_warning ("pu2 shouldn't be able to read auths for pu1: %d %d", is_auth, is_neg);
- goto fail;
- } else {
- kit_assert (polkit_error_is_set (error) &&
- (polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY ||
- polkit_error_get_error_code (error) == POLKIT_ERROR_NOT_AUTHORIZED_TO_READ_AUTHORIZATIONS_FOR_OTHER_USERS));
- polkit_error_free (error);
- }
-
- /* test: pu3 is authorized for org.example.per-process for just this process id */
- if (!polkit_action_set_action_id (action, "org.example.per-process"))
- goto out;
-
- kit_assert (polkit_caller_set_uid (caller, 50403));
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_UID", "50403", 1) != 0)
- goto fail;
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error) && is_auth && !is_neg);
- } else {
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
- /* test: pu3 is authorized for org.example.per-process-one-shot just once */
- if (!polkit_action_set_action_id (action, "org.example.per-process-one-shot"))
- goto out;
-
- kit_assert (polkit_caller_set_uid (caller, 50403));
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_UID", "50403", 1) != 0)
- goto fail;
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, TRUE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error) && is_auth && !is_neg);
-
- /************************/
- /* INVALIDATE THE CACHE */
- /************************/
- _polkit_authorization_db_invalidate_cache (adb);
-
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, TRUE, &is_auth, &is_neg, &error)) {
- if (is_auth || is_neg) {
- kit_warning ("pu3 shouldn't be authorized for something twice: %d %d", is_auth, is_neg);
- goto fail;
- }
- } else {
- kit_assert (polkit_error_is_set (error));
- kit_assert (polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
- } else {
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
- if ((session = polkit_session_new ()) == NULL)
- goto out;
-
- /* test: pu3 only in the right session is authorized for org.example.per-session */
- if (!polkit_action_set_action_id (action, "org.example.per-session"))
- goto out;
-
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH", "/Session1", 1) != 0)
- goto fail;
- kit_assert (polkit_session_set_ck_is_local (session, TRUE));
- if (!polkit_session_set_ck_objref (session, "/Session1"))
- goto out;
- kit_assert (polkit_caller_set_ck_session (caller, session));
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error) && is_auth && !is_neg);
- } else {
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
- if (setenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH", "/Session2", 1) != 0)
- goto fail;
- if (!polkit_session_set_ck_objref (session, "/Session2"))
- goto out;
- kit_assert (polkit_session_set_ck_is_local (session, TRUE));
- kit_assert (polkit_caller_set_ck_session (caller, session));
- error = NULL;
- if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
- kit_assert (! polkit_error_is_set (error) && !is_auth && !is_neg);
- } else {
- kit_assert (polkit_error_is_set (error) &&
- polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
- polkit_error_free (error);
- }
-
-out:
-
- if (action != NULL)
- polkit_action_unref (action);
-
- if (caller != NULL)
- polkit_caller_unref (caller);
-
- if (session != NULL)
- polkit_session_unref (session);
-
- if (adb != NULL) {
- polkit_authorization_db_debug (adb);
- polkit_authorization_db_validate (adb);
- polkit_authorization_db_ref (adb);
- polkit_authorization_db_unref (adb);
- polkit_authorization_db_unref (adb);
- }
-
- if (unsetenv ("POLKIT_TEST_PRETEND_TO_BE_UID") != 0)
- goto fail;
-
- if (unsetenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH") != 0)
- goto fail;
-
- if (unsetenv ("POLKIT_TEST_PRETEND_TO_BE_SELINUX_CONTEXT") != 0)
- goto fail;
-
- if (unsetenv ("POLKIT_TEST_PRETEND_TO_BE_PID") != 0)
- goto fail;
-
- if (unsetenv ("POLKIT_TEST_LOCALSTATE_DIR") != 0)
- goto fail;
-
- if (unsetenv ("POLKIT_TEST_BUILD_DIR") != 0)
- goto fail;
-
- if (unsetenv ("KIT_TEST_PASSWD_FILE") != 0)
- goto fail;
-
- return TRUE;
-fail:
- return FALSE;
-}
-
-
-KitTest _test_authorization_db = {
- "polkit_authorization_db",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-authorization-db.h b/src/polkit/polkit-authorization-db.h
deleted file mode 100644
index c206a32..0000000
--- a/src/polkit/polkit-authorization-db.h
+++ /dev/null
@@ -1,175 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization-db.h : Represents the authorization database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_AUTHORIZATION_DB_H
-#define POLKIT_AUTHORIZATION_DB_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-authorization.h>
-#include <polkit/polkit-action.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-caller.h>
-#include <polkit/polkit-session.h>
-#include <polkit/polkit-error.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitAuthorizationDB;
-typedef struct _PolKitAuthorizationDB PolKitAuthorizationDB;
-
-/**
- * PolKitAuthorizationDBCapability:
- * @POLKIT_AUTHORIZATION_DB_CAPABILITY_CAN_OBTAIN: Users can obtain
- * authorizations through authentication
- *
- * Capabilities of the authorization database backend.
- *
- * Since: 0.7
- */
-typedef enum
-{
- POLKIT_AUTHORIZATION_DB_CAPABILITY_CAN_OBTAIN = 1 << 0
-} PolKitAuthorizationDBCapability;
-
-PolKitAuthorizationDBCapability polkit_authorization_db_get_capabilities (void);
-
-PolKitAuthorizationDB *polkit_authorization_db_ref (PolKitAuthorizationDB *authdb);
-void polkit_authorization_db_unref (PolKitAuthorizationDB *authdb);
-
-void polkit_authorization_db_debug (PolKitAuthorizationDB *authdb);
-polkit_bool_t polkit_authorization_db_validate (PolKitAuthorizationDB *authdb);
-
-polkit_bool_t polkit_authorization_db_is_session_authorized (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitSession *session,
- polkit_bool_t *out_is_authorized,
- polkit_bool_t *out_is_negative_authorized,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_is_caller_authorized (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- polkit_bool_t revoke_if_one_shot,
- polkit_bool_t *out_is_authorized,
- polkit_bool_t *out_is_negative_authorized,
- PolKitError **error);
-
-/**
- * PolKitAuthorizationDBForeach:
- * @authdb: authorization database
- * @auth: authorization; user shall not unref this object. Unless
- * reffed by the user it will be destroyed when the callback function
- * returns.
- * @user_data: user data passed
- *
- * Type of callback function for iterating over authorizations.
- *
- * Returns: pass #TRUE to stop iterating
- *
- * Since: 0.7
- */
-typedef polkit_bool_t (*PolKitAuthorizationDBForeach) (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- void *user_data);
-
-polkit_bool_t polkit_authorization_db_foreach (PolKitAuthorizationDB *authdb,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_foreach_for_uid (PolKitAuthorizationDB *authdb,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_foreach_for_action (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_foreach_for_action_for_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationDBForeach cb,
- void *user_data,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_add_entry_process_one_shot (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as);
-
-polkit_bool_t polkit_authorization_db_add_entry_process (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as);
-
-polkit_bool_t polkit_authorization_db_add_entry_session (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as);
-
-polkit_bool_t polkit_authorization_db_add_entry_always (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- PolKitCaller *caller,
- uid_t user_authenticated_as);
-
-polkit_bool_t polkit_authorization_db_grant_to_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_grant_negative_to_uid (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitAuthorizationConstraint **constraints,
- PolKitError **error);
-
-polkit_bool_t polkit_authorization_db_revoke_entry (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- PolKitError **error);
-
-
-polkit_bool_t polkit_authorization_db_is_uid_blocked_by_self (PolKitAuthorizationDB *authdb,
- PolKitAction *action,
- uid_t uid,
- PolKitError **error);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_AUTHORIZATION_DB_H */
-
-
diff --git a/src/polkit/polkit-authorization.c b/src/polkit/polkit-authorization.c
deleted file mode 100644
index 431fbb2..0000000
--- a/src/polkit/polkit-authorization.c
+++ /dev/null
@@ -1,879 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization.c : Represents an entry in the authorization
- * database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-debug.h"
-#include "polkit-authorization.h"
-#include "polkit-utils.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-authorization
- * @title: Authorization Entry
- * @short_description: An entry in the autothorization database
- *
- * This class is used to represent entries in the authorization
- * database.
- *
- * Since: 0.7
- **/
-
-/**
- * PolKitAuthorization:
- *
- * Objects of this class are used to represent entries in the
- * authorization database.
- *
- * Since: 0.7
- **/
-struct _PolKitAuthorization
-{
- int refcount;
-
- char *entry_in_auth_file;
-
- PolKitAuthorizationScope scope;
- KitList *constraints;
-
- char *action_id;
- uid_t uid;
- time_t when;
- uid_t authenticated_as_uid;
-
- pid_t pid;
- polkit_uint64_t pid_start_time;
-
- polkit_bool_t explicitly_granted;
- uid_t explicitly_granted_by;
-
- polkit_bool_t is_negative;
-
- char *session_id;
-};
-
-const char *
-_polkit_authorization_get_authfile_entry (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, NULL);
- return auth->entry_in_auth_file;
-}
-
-
-/**
- * polkit_authorization_type:
- * @auth: the authorization object
- *
- * Determine the type of authorization.
- *
- * Returns: the authorization type
- *
- * Since: 0.7
- */
-PolKitAuthorizationType
-polkit_authorization_type (PolKitAuthorization *auth)
-{
- return POLKIT_AUTHORIZATION_TYPE_UID;
-}
-
-#ifdef POLKIT_AUTHDB_DEFAULT
-
-typedef struct {
- int cur_attr;
- int req_attr;
-
- int cur_token;
- PolKitAuthorization *auth;
-} EntryParserData;
-
-enum {
- ATTR_PID = 1<<0,
- ATTR_PID_START_TIME = 1<<1,
- ATTR_SESSION_ID = 1<<2,
- ATTR_ACTION_ID = 1<<3,
- ATTR_WHEN = 1<<4,
- ATTR_AUTH_AS = 1<<5,
- ATTR_GRANTED_BY = 1<<6,
-};
-
-static kit_bool_t
-_parse_entry (const char *key, const char *value, void *user_data)
-{
- char *ep;
- kit_bool_t ret;
- EntryParserData *epd = (EntryParserData *) user_data;
- PolKitAuthorization *auth = epd->auth;
-
- ret = FALSE;
-
- /* scope needs to be first and there can only be only instance of it */
- if (strcmp (key, "scope") == 0) {
- if (epd->cur_token != 0)
- goto error;
-
- if (strcmp (value, "process-one-shot") == 0) {
- auth->scope = POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT;
- epd->req_attr = ATTR_PID | ATTR_PID_START_TIME | ATTR_ACTION_ID | ATTR_WHEN | ATTR_AUTH_AS;
- } else if (strcmp (value, "process") == 0) {
- auth->scope = POLKIT_AUTHORIZATION_SCOPE_PROCESS;
- epd->req_attr = ATTR_PID | ATTR_PID_START_TIME | ATTR_ACTION_ID | ATTR_WHEN | ATTR_AUTH_AS;
- } else if (strcmp (value, "session") == 0) {
- auth->scope = POLKIT_AUTHORIZATION_SCOPE_SESSION;
- epd->req_attr = ATTR_SESSION_ID | ATTR_ACTION_ID | ATTR_WHEN | ATTR_AUTH_AS;
- } else if (strcmp (value, "always") == 0) {
- auth->scope = POLKIT_AUTHORIZATION_SCOPE_ALWAYS;
- epd->req_attr = ATTR_ACTION_ID | ATTR_WHEN | ATTR_AUTH_AS;
- } else if (strcmp (value, "grant") == 0) {
- auth->explicitly_granted = TRUE;
- auth->scope = POLKIT_AUTHORIZATION_SCOPE_ALWAYS;
- epd->req_attr = ATTR_ACTION_ID | ATTR_WHEN | ATTR_GRANTED_BY;
- } else if (strcmp (value, "grant-negative") == 0) {
- auth->is_negative = TRUE;
- auth->explicitly_granted = TRUE;
- auth->scope = POLKIT_AUTHORIZATION_SCOPE_ALWAYS;
- epd->req_attr = ATTR_ACTION_ID | ATTR_WHEN | ATTR_GRANTED_BY;
- } else {
- goto error;
- }
-
- } else if (strcmp (key, "pid") == 0) {
-
- if (epd->cur_attr & ATTR_PID)
- goto error;
- epd->cur_attr |= ATTR_PID;
-
- auth->pid = strtoul (value, &ep, 10);
- if (strlen (value) == 0 || *ep != '\0')
- goto error;
-
- } else if (strcmp (key, "pid-start-time") == 0) {
-
- if (epd->cur_attr & ATTR_PID_START_TIME)
- goto error;
- epd->cur_attr |= ATTR_PID_START_TIME;
-
- auth->pid_start_time = strtoull (value, &ep, 10);
- if (strlen (value) == 0 || *ep != '\0')
- goto error;
-
- } else if (strcmp (key, "session-id") == 0) {
-
- if (epd->cur_attr & ATTR_SESSION_ID)
- goto error;
- epd->cur_attr |= ATTR_SESSION_ID;
-
- auth->session_id = kit_strdup (value);
- if (auth->session_id == NULL)
- goto error;
-
- } else if (strcmp (key, "action-id") == 0) {
-
- if (epd->cur_attr & ATTR_ACTION_ID)
- goto error;
- epd->cur_attr |= ATTR_ACTION_ID;
-
- if (!polkit_action_validate_id (value))
- goto error;
- auth->action_id = kit_strdup (value);
- if (auth->action_id == NULL)
- goto error;
-
- } else if (strcmp (key, "when") == 0) {
-
- if (epd->cur_attr & ATTR_WHEN)
- goto error;
- epd->cur_attr |= ATTR_WHEN;
-
- auth->when = strtoull (value, &ep, 10);
- if (strlen (value) == 0 || *ep != '\0')
- goto error;
-
- } else if (strcmp (key, "auth-as") == 0) {
-
- if (epd->cur_attr & ATTR_AUTH_AS)
- goto error;
- epd->cur_attr |= ATTR_AUTH_AS;
-
- auth->authenticated_as_uid = strtoul (value, &ep, 10);
- if (strlen (value) == 0 || *ep != '\0')
- goto error;
-
- } else if (strcmp (key, "granted-by") == 0) {
-
- if (epd->cur_attr & ATTR_GRANTED_BY)
- goto error;
- epd->cur_attr |= ATTR_GRANTED_BY;
-
- auth->explicitly_granted_by = strtoul (value, &ep, 10);
- if (strlen (value) == 0 || *ep != '\0')
- goto error;
-
- } else if (strcmp (key, "constraint") == 0) {
- PolKitAuthorizationConstraint *c;
- KitList *l;
-
- c = polkit_authorization_constraint_from_string (value);
- if (c == NULL)
- goto error;
-
- l = kit_list_append (auth->constraints, c);
- if (l == NULL)
- goto error;
- auth->constraints = l;
- }
-
- ret = TRUE;
-
-error:
- epd->cur_token += 1;
- return ret;
-}
-
-PolKitAuthorization *
-_polkit_authorization_new_for_uid (const char *entry_in_auth_file, uid_t uid)
-{
- PolKitAuthorization *auth;
- EntryParserData epd;
-
- kit_return_val_if_fail (entry_in_auth_file != NULL, NULL);
-
- auth = kit_new0 (PolKitAuthorization, 1);
- if (auth == NULL) {
- goto oom;
- }
-
- auth->refcount = 1;
- auth->entry_in_auth_file = kit_strdup (entry_in_auth_file);
- if (auth->entry_in_auth_file == NULL)
- goto oom;
-
- auth->uid = uid;
-
- epd.auth = auth;
- epd.cur_token = 0;
- epd.cur_attr = 0;
- epd.req_attr = 0;
- if (!kit_string_entry_parse (entry_in_auth_file, _parse_entry, &epd)) {
- goto error;
- }
-
- /* check that we have all core attributes */
- if (epd.cur_attr != epd.req_attr) {
- goto error;
- }
-
- return auth;
-
-error:
- //g_warning ("Error parsing token %d from line '%s'", n, entry_in_auth_file);
-oom:
- if (auth != NULL)
- polkit_authorization_unref (auth);
- return NULL;
-}
-
-#endif /* POLKIT_AUTHDB_DEFAULT */
-
-/**
- * polkit_authorization_ref:
- * @auth: the authorization object
- *
- * Increase reference count.
- *
- * Returns: the object
- *
- * Since: 0.7
- **/
-PolKitAuthorization *
-polkit_authorization_ref (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, auth);
- auth->refcount++;
- return auth;
-}
-
-/**
- * polkit_authorization_unref:
- * @auth: the authorization object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- *
- * Since: 0.7
- **/
-void
-polkit_authorization_unref (PolKitAuthorization *auth)
-{
- KitList *l;
-
- kit_return_if_fail (auth != NULL);
- auth->refcount--;
- if (auth->refcount > 0)
- return;
-
- kit_free (auth->entry_in_auth_file);
- kit_free (auth->action_id);
- kit_free (auth->session_id);
-
- for (l = auth->constraints; l != NULL; l = l->next) {
- PolKitAuthorizationConstraint *c = (PolKitAuthorizationConstraint *) l->data;
- polkit_authorization_constraint_unref (c);
- }
- if (auth->constraints != NULL)
- kit_list_free (auth->constraints);
-
- kit_free (auth);
-}
-
-/**
- * polkit_authorization_debug:
- * @auth: the object
- *
- * Print debug details
- *
- * Since: 0.7
- **/
-void
-polkit_authorization_debug (PolKitAuthorization *auth)
-{
- kit_return_if_fail (auth != NULL);
- polkit_debug ("PolKitAuthorization: refcount=%d", auth->refcount);
- polkit_debug (" scope = %d", auth->scope);
- polkit_debug (" pid = %d", auth->pid);
- polkit_debug (" pid_start_time = %Lu", auth->pid_start_time);
- polkit_debug (" action_id = %s", auth->action_id);
- polkit_debug (" when = %Lu", (polkit_uint64_t) auth->when);
- polkit_debug (" auth_as_uid = %d", auth->authenticated_as_uid);
-}
-
-/**
- * polkit_authorization_validate:
- * @auth: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- *
- * Since: 0.7
- **/
-polkit_bool_t
-polkit_authorization_validate (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, FALSE);
-
- return TRUE;
-}
-
-/**
- * polkit_authorization_get_action_id:
- * @auth: the object
- *
- * Get the action this authorization is for
- *
- * Returns: the action id. Caller should not free this string.
- *
- * Since: 0.7
- */
-const char *
-polkit_authorization_get_action_id (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, NULL);
-
- return auth->action_id;
-}
-
-/**
- * polkit_authorization_get_scope:
- * @auth: the object
- *
- * Get the scope of the authorization; e.g. whether it's confined to a
- * single process, a single session or can be retained
- * indefinitely. Also keep in mind that an authorization is subject to
- * constraints, see polkit_authorization_constraints_foreach() for
- * details.
- *
- * Returns: the scope
- *
- * Since: 0.7
- */
-PolKitAuthorizationScope
-polkit_authorization_get_scope (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, 0);
-
- return auth->scope;
-}
-
-/**
- * polkit_authorization_scope_process_get_pid:
- * @auth: the object
- * @out_pid: return location
- * @out_pid_start_time: return location
- *
- * If scope is #POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT or
- * #POLKIT_AUTHORIZATION_SCOPE_PROCESS, get information about what
- * process the authorization is confined to.
- *
- * As process identifiers can be recycled, the start time of the
- * process (the unit is not well-defined; on Linux it's the number of
- * milliseconds since the system was started) is also returned.
- *
- * Returns: #TRUE if information was returned
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_scope_process_get_pid (PolKitAuthorization *auth,
- pid_t *out_pid,
- polkit_uint64_t *out_pid_start_time)
-{
- kit_return_val_if_fail (auth != NULL, FALSE);
- kit_return_val_if_fail (out_pid != NULL, FALSE);
- kit_return_val_if_fail (out_pid_start_time != NULL, FALSE);
- kit_return_val_if_fail (auth->scope == POLKIT_AUTHORIZATION_SCOPE_PROCESS ||
- auth->scope == POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT, FALSE);
-
- *out_pid = auth->pid;
- *out_pid_start_time = auth->pid_start_time;
-
- return TRUE;
-}
-
-/**
- * polkit_authorization_scope_session_get_ck_objref:
- * @auth: the object
- *
- * Gets the ConsoleKit object path for the session the authorization
- * is confined to.
- *
- * Returns: #NULL if scope wasn't session
- *
- * Since: 0.7
- */
-const char *
-polkit_authorization_scope_session_get_ck_objref (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, FALSE);
- kit_return_val_if_fail (auth->scope == POLKIT_AUTHORIZATION_SCOPE_SESSION, FALSE);
-
- return auth->session_id;
-}
-
-/**
- * polkit_authorization_get_uid:
- * @auth: the object
- *
- * Gets the UNIX user id for the user the authorization is confined
- * to.
- *
- * Returns: The UNIX user id for whom the authorization is confied to
- *
- * Since: 0.7
- */
-uid_t
-polkit_authorization_get_uid (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, 0);
- return auth->uid;
-}
-
-/**
- * polkit_authorization_get_time_of_grant:
- * @auth: the object
- *
- * Returns the point in time the authorization was granted. The value
- * is UNIX time, e.g. number of seconds since the Epoch Jan 1, 1970
- * 0:00 UTC.
- *
- * Returns: When authorization was granted
- *
- * Since: 0.7
- */
-time_t
-polkit_authorization_get_time_of_grant (PolKitAuthorization *auth)
-{
- kit_return_val_if_fail (auth != NULL, 0);
- return auth->when;
-}
-
-/**
- * polkit_authorization_was_granted_via_defaults:
- * @auth: the object
- * @out_user_authenticated_as: return location
- *
- * Determine if the authorization was obtained by the user by
- * authenticating as himself or an administrator via the the
- * "defaults" section in the <literal>.policy</literal> file for the
- * action (e.g. "allow_any", "allow_inactive", "allow_active").
- *
- * Compare with polkit_authorization_was_granted_explicitly() - only
- * one of these functions can return #TRUE.
- *
- * Returns: #TRUE if the authorization was obtained by the user
- * himself authenticating.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_was_granted_via_defaults (PolKitAuthorization *auth,
- uid_t *out_user_authenticated_as)
-{
- kit_return_val_if_fail (auth != NULL, FALSE);
- kit_return_val_if_fail (out_user_authenticated_as != NULL, FALSE);
-
- if (auth->explicitly_granted)
- return FALSE;
-
- *out_user_authenticated_as = auth->authenticated_as_uid;
- return TRUE;
-}
-
-/**
- * polkit_authorization_was_granted_explicitly:
- * @auth: the object
- * @out_by_whom: return location
- * @out_is_negative: return location
- *
- * Determine if the authorization was explicitly granted by a
- * sufficiently privileged user.
- *
- * Compare with polkit_authorization_was_granted_via_defaults() - only
- * one of these functions can return #TRUE.
- *
- * Returns: #TRUE if the authorization was explicitly granted by a
- * sufficiently privileger user. If %TRUE, the user who granted the
- * authorization is returned in %out_by_whom. If the authorization is
- * negative, %TRUE is returned in %out_is_negative.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_was_granted_explicitly (PolKitAuthorization *auth,
- uid_t *out_by_whom,
- polkit_bool_t *out_is_negative)
-{
- kit_return_val_if_fail (auth != NULL, FALSE);
- kit_return_val_if_fail (out_by_whom != NULL, FALSE);
- kit_return_val_if_fail (out_is_negative != NULL, FALSE);
-
- if (!auth->explicitly_granted)
- return FALSE;
-
- *out_by_whom = auth->explicitly_granted_by;
- *out_is_negative = auth->is_negative;
-
- return TRUE;
-}
-
-/**
- * polkit_authorization_constraints_foreach:
- * @auth: the object
- * @cb: callback function
- * @user_data: user data
- *
- * Iterate over all constraints associated with an authorization.
- *
- * Returns: %TRUE if the caller short-circuited the iteration.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_authorization_constraints_foreach (PolKitAuthorization *auth,
- PolKitAuthorizationConstraintsForeachFunc cb,
- void *user_data)
-{
- KitList *i;
-
- kit_return_val_if_fail (auth != NULL, TRUE);
- kit_return_val_if_fail (cb != NULL, TRUE);
-
- for (i = auth->constraints; i != NULL; i = i->next) {
- PolKitAuthorizationConstraint *c = i->data;
-
- if (cb (auth, c, user_data))
- return TRUE;
- }
-
- return FALSE;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-#ifdef POLKIT_AUTHDB_DEFAULT
-
-typedef struct {
- const char *entry;
- PolKitAuthorizationType type;
- PolKitAuthorizationScope scope;
- const char *action_id;
- time_t time_of_grant;
- pid_t pid;
- polkit_uint64_t pid_start_time;
- const char *session;
- PolKitAuthorizationConstraint *constraint;
- polkit_bool_t explicit;
- uid_t from;
-} TestAuth;
-
-static polkit_bool_t
-_run_test (void)
-{
- const char *invalid_auths[] = {
- "scope=non-existant",
-
- /* wrong number of items */
- "scope=process-one-shot",
- "scope=process",
- "scope=session",
- "scope=always",
- "scope=grant",
- "scope=grant-negative",
-
- /* repetition of core attributes */
- "scope=process:pid=1:pid=2",
- "scope=process:pid-start-time=1:pid-start-time=2",
- "scope=process:session-id=1:session-id=2",
- "scope=process:action-id=org.foo:action-id=org.bar",
- "scope=process:when=1:when=2",
- "scope=process:auth-as=1:auth-as=2",
- "scope=process:granted-by=1:granted-by=2",
-
- /* malformed components */
- "scope=process:pid=14485xyz:pid-start-time=26817340:action-id=org.gnome.policykit.examples.frobnicate:when=1194631763:auth-as=500:constraint=local",
- "scope=process:pid=14485:pid-start-time=26817340xyz:action-id=org.gnome.policykit.examples.frobnicate:when=1194631763:auth-as=500:constraint=local",
- "scope=process:pid=14485:pid-start-time=26817340:0xyaction-id=org.gnome.policykit.examples.frobnicate:when=1194631763:auth-as=500:constraint=local",
- "scope=process:pid=14485:pid-start-time=26817340:action-id=org.gnome.policykit.examples.frobnicate:when=1194631763xyz:auth-as=500:constraint=local",
- "scope=process:pid=14485:pid-start-time=26817340:action-id=org.gnome.policykit.examples.frobnicate:when=1194631763:500xyz:constraint=local",
- "scope=process:pid=14485:pid-start-time=26817340:action-id=org.gnome.policykit.examples.frobnicate:when=1194631763:auth-as=500:constraint=MALFORMED_CONSTRAINT",
-
- /* TODO: validate ConsoleKit paths
- "scope=session:xyz/org/freedesktop/ConsoleKit/Session1:action-id=org.gnome.policykit.examples.punch:1194631779:auth-as=500:constraint=local",*/
- "scope=session:/org/freedesktop/ConsoleKit/Session1:0xyaction-id=org.gnome.policykit.examples.punch:1194631779:auth-as=500:constraint=local",
- "scope=session:/org/freedesktop/ConsoleKit/Session1:action-id=org.gnome.policykit.examples.punch:1194631779xyz:auth-as=500:constraint=local",
- "scope=session:/org/freedesktop/ConsoleKit/Session1:action-id=org.gnome.policykit.examples.punch:1194631779:500xyz:constraint=local",
- "scope=session:/org/freedesktop/ConsoleKit/Session1:action-id=org.gnome.policykit.examples.punch:1194631779:auth-as=500:constraint=MALFORMED",
-
- "scope=always:action-id=0xyorg.gnome.clockapplet.mechanism.settimezone:when=1193598494:auth-as=500:constraint=local",
- "scope=always:action-id=org.gnome.clockapplet.mechanism.settimezone:when=xyz1193598494:auth-as=500:constraint=local",
- "scope=always:action-id=org.gnome.clockapplet.mechanism.settimezone:when=1193598494:auth-as=xyz500:constraint=local",
- "scope=always:action-id=org.gnome.clockapplet.mechanism.settimezone:when=1193598494:auth-as=500:constraint=MALFORMED",
-
- "scope=grant:action-id=0xyorg.freedesktop.policykit.read:when=1194634242:granted-by=0:constraint=none",
- "scope=grant:action-id=org.freedesktop.policykit.read:when=xyz1194634242:granted-by=0:constraint=none",
- "scope=grant:action-id=org.freedesktop.policykit.read:when=1194634242:granted-by=xyz0:constraint=none",
- "scope=grant:action-id=org.freedesktop.policykit.read:when=1194634242:granted-by=0:constraint=MALFORMED",
-
- "random-future-key=some-value:scope=always:action-id=org.gnome.clockapplet.mechanism.settimezone:when=1193598494:auth-as500:constraint=local",
-
- };
- size_t num_invalid_auths = sizeof (invalid_auths) / sizeof (const char *);
- TestAuth valid_auths[] = {
- {
- "scope=always:action-id=org.gnome.clockapplet.mechanism.settimezone:when=1193598494:auth-as=500",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_ALWAYS,
- "org.gnome.clockapplet.mechanism.settimezone",
- 1193598494,
- 0, 0, NULL,
- NULL,
- FALSE, 500
- },
-
- {
- "scope=process:pid=14485:pid-start-time=26817340:action-id=org.gnome.policykit.examples.frobnicate:when=1194631763:auth-as=500",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_PROCESS,
- "org.gnome.policykit.examples.frobnicate",
- 1194631763,
- 14485, 26817340, NULL,
- NULL,
- FALSE, 500
- },
-
- {
- "scope=process:pid=14485:pid-start-time=26817340:action-id=org.gnome.policykit.examples.tweak:when=1194631774:auth-as=0",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_PROCESS,
- "org.gnome.policykit.examples.tweak",
- 1194631774,
- 14485, 26817340, NULL,
- NULL,
- FALSE, 0
- },
-
- {
- "scope=session:session-id=%2Forg%2Ffreedesktop%2FConsoleKit%2FSession1:action-id=org.gnome.policykit.examples.punch:when=1194631779:auth-as=500",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_SESSION,
- "org.gnome.policykit.examples.punch",
- 1194631779,
- 0, 0, "/org/freedesktop/ConsoleKit/Session1",
- NULL,
- FALSE, 500
- },
-
- {
- "scope=process-one-shot:pid=27860:pid-start-time=26974819:action-id=org.gnome.policykit.examples.jump:when=1194633344:auth-as=500",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT,
- "org.gnome.policykit.examples.jump",
- 1194633344,
- 27860, 26974819, NULL,
- NULL,
- FALSE, 500
- },
-
- {
- "scope=grant:action-id=org.freedesktop.policykit.read:when=1194634242:granted-by=0",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_ALWAYS,
- "org.freedesktop.policykit.read",
- 1194634242,
- 0, 0, NULL,
- NULL,
- TRUE, 0
- },
-
- /* this test ensures we can add new key/value pairs in the future */
- {
- "scope=grant:FUTURE-KEY=FUTURE-VALUE:action-id=org.freedesktop.policykit.read:when=1194634242:granted-by=0",
- POLKIT_AUTHORIZATION_TYPE_UID,
- POLKIT_AUTHORIZATION_SCOPE_ALWAYS,
- "org.freedesktop.policykit.read",
- 1194634242,
- 0, 0, NULL,
- NULL,
- TRUE, 0
- },
-
- };
- size_t num_valid_auths = sizeof (valid_auths) / sizeof (TestAuth);
- unsigned int n;
- pid_t pid;
- polkit_uint64_t pid_start_time;
- const char *s;
- //PolKitAuthorizationConstraint *ac;
- uid_t uid;
- polkit_bool_t is_neg;
-
- for (n = 0; n < num_valid_auths; n++) {
- PolKitAuthorization *a;
- TestAuth *t = &(valid_auths[n]);
-
- if ((a = _polkit_authorization_new_for_uid (t->entry, 500)) != NULL) {
-
- polkit_authorization_debug (a);
- polkit_authorization_validate (a);
-
- kit_assert (t->type == polkit_authorization_type (a));
- kit_assert (t->scope == polkit_authorization_get_scope (a));
- kit_assert (t->time_of_grant == polkit_authorization_get_time_of_grant (a));
- kit_assert (500 == polkit_authorization_get_uid (a));
-
- switch (t->scope) {
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT: /* explicit fallthrough */
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS:
- kit_assert (polkit_authorization_scope_process_get_pid (a, &pid, &pid_start_time) &&
- t->pid == pid && t->pid_start_time == pid_start_time);
- break;
- case POLKIT_AUTHORIZATION_SCOPE_SESSION:
- kit_assert ((s = polkit_authorization_scope_session_get_ck_objref (a)) != NULL &&
- strcmp (s, t->session) == 0);
- break;
- case POLKIT_AUTHORIZATION_SCOPE_ALWAYS:
- break;
- }
-
- kit_assert ((s = _polkit_authorization_get_authfile_entry (a)) != NULL && strcmp (t->entry, s) == 0);
-
- kit_assert ((s = polkit_authorization_get_action_id (a)) != NULL && strcmp (t->action_id, s) == 0);
-
- kit_assert (t->time_of_grant == polkit_authorization_get_time_of_grant (a));
-
- //TODO:
- //kit_assert ((ac = polkit_authorization_get_constraint (a)) != NULL &&
- // polkit_authorization_constraint_equal (ac, t->constraint));
-
- if (t->explicit) {
- kit_assert (!polkit_authorization_was_granted_via_defaults (a, &uid));
- kit_assert (polkit_authorization_was_granted_explicitly (a, &uid, &is_neg) &&
- uid == t->from && !is_neg);
- } else {
- kit_assert (polkit_authorization_was_granted_via_defaults (a, &uid) && uid == t->from);
- kit_assert (!polkit_authorization_was_granted_explicitly (a, &uid, &is_neg));
- }
-
- polkit_authorization_ref (a);
- polkit_authorization_unref (a);
- polkit_authorization_unref (a);
- } else {
- kit_assert (errno == ENOMEM);
- }
- }
-
- for (n = 0; n < num_invalid_auths; n++) {
- kit_assert (_polkit_authorization_new_for_uid (invalid_auths[n], 500) == NULL);
- }
-
- return TRUE;
-}
-
-#else /* POLKIT_AUTHDB_DEFAULT */
-
-static polkit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-#endif /* POLKIT_AUTHDB_DEFAULT */
-
-KitTest _test_authorization = {
- "polkit_authorization",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-authorization.h b/src/polkit/polkit-authorization.h
deleted file mode 100644
index 5428a04..0000000
--- a/src/polkit/polkit-authorization.h
+++ /dev/null
@@ -1,140 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-authorization.h : Represents an entry in the authorization
- * database
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_AUTHORIZATION_H
-#define POLKIT_AUTHORIZATION_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-action.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-authorization-constraint.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitAuthorization;
-typedef struct _PolKitAuthorization PolKitAuthorization;
-
-PolKitAuthorization *polkit_authorization_ref (PolKitAuthorization *auth);
-void polkit_authorization_unref (PolKitAuthorization *auth);
-
-void polkit_authorization_debug (PolKitAuthorization *auth);
-polkit_bool_t polkit_authorization_validate (PolKitAuthorization *auth);
-
-
-/**
- * PolKitAuthorizationScope:
- * @POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT: The authorization is
- * limited for a single shot for a single process on the system
- * @POLKIT_AUTHORIZATION_SCOPE_PROCESS: The authorization is limited
- * for a single process on the system
- * @POLKIT_AUTHORIZATION_SCOPE_SESSION: The authorization is limited
- * for processes originating from a given session
- * @POLKIT_AUTHORIZATION_SCOPE_ALWAYS: The authorization is retained
- * indefinitely.
- *
- * The scope of an authorization; e.g. whether it's limited to a
- * process, a session or unlimited.
- *
- * Since: 0.7
- */
-typedef enum {
- POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT,
- POLKIT_AUTHORIZATION_SCOPE_PROCESS,
- POLKIT_AUTHORIZATION_SCOPE_SESSION,
- POLKIT_AUTHORIZATION_SCOPE_ALWAYS,
-} PolKitAuthorizationScope;
-
-/**
- * PolKitAuthorizationType:
- * @POLKIT_AUTHORIZATION_TYPE_UID: The authorization is for a UNIX user
- *
- * The type of authorization; e.g. whether it applies to a user,
- * group, security context and so on (right now only users are
- * supported).
- *
- * Since: 0.7
- */
-typedef enum {
- POLKIT_AUTHORIZATION_TYPE_UID,
-} PolKitAuthorizationType;
-
-PolKitAuthorizationType polkit_authorization_type (PolKitAuthorization *auth);
-
-const char *polkit_authorization_get_action_id (PolKitAuthorization *auth);
-
-uid_t polkit_authorization_get_uid (PolKitAuthorization *auth);
-
-time_t polkit_authorization_get_time_of_grant (PolKitAuthorization *auth);
-
-PolKitAuthorizationScope polkit_authorization_get_scope (PolKitAuthorization *auth);
-
-
-polkit_bool_t polkit_authorization_scope_process_get_pid (PolKitAuthorization *auth,
- pid_t *out_pid,
- polkit_uint64_t *out_pid_start_time);
-
-const char *polkit_authorization_scope_session_get_ck_objref (PolKitAuthorization *auth);
-
-
-polkit_bool_t polkit_authorization_was_granted_via_defaults (PolKitAuthorization *auth,
- uid_t *out_user_authenticated_as);
-
-polkit_bool_t polkit_authorization_was_granted_explicitly (PolKitAuthorization *auth,
- uid_t *out_by_whom,
- polkit_bool_t *out_is_negative);
-
-/**
- * PolKitAuthorizationConstraintsForeachFunc:
- * @auth: authorization
- * @authc: authorization constraint
- * @user_data: user data
- *
- * Callback function for polkit_authorization_constraints_foreach().
- *
- * Returns: Pass #TRUE to short-circuit, e.g. stop the iteration
- */
-typedef polkit_bool_t (*PolKitAuthorizationConstraintsForeachFunc) (PolKitAuthorization *auth,
- PolKitAuthorizationConstraint *authc,
- void *user_data);
-
-polkit_bool_t
-polkit_authorization_constraints_foreach (PolKitAuthorization *auth,
- PolKitAuthorizationConstraintsForeachFunc cb,
- void *user_data);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_AUTHORIZATION_H */
-
-
diff --git a/src/polkit/polkit-caller.c b/src/polkit/polkit-caller.c
deleted file mode 100644
index 147bcdc..0000000
--- a/src/polkit/polkit-caller.c
+++ /dev/null
@@ -1,461 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-caller.c : callers
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/**
- * SECTION:polkit-caller
- * @title: Caller
- * @short_description: Represents a process requesting a mechanism to do something.
- *
- * This class is used to represent a caller in another process that is
- * calling into a mechanism to make the mechanism do something.
- **/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-debug.h"
-#include "polkit-caller.h"
-#include "polkit-utils.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * PolKitCaller:
- *
- * Objects of this class are used to record information about a caller
- * in another process.
- **/
-struct _PolKitCaller
-{
- int refcount;
- char *dbus_name;
- uid_t uid;
- pid_t pid;
- char *selinux_context;
- PolKitSession *session;
-};
-
-/**
- * polkit_caller_new:
- *
- * Creates a new #PolKitCaller object.
- *
- * Returns: the new object
- **/
-PolKitCaller *
-polkit_caller_new (void)
-{
- PolKitCaller *caller;
- caller = kit_new0 (PolKitCaller, 1);
- if (caller == NULL)
- goto out;
- caller->refcount = 1;
-out:
- return caller;
-}
-
-/**
- * polkit_caller_ref:
- * @caller: The caller object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitCaller *
-polkit_caller_ref (PolKitCaller *caller)
-{
- kit_return_val_if_fail (caller != NULL, caller);
- caller->refcount++;
- return caller;
-}
-
-
-/**
- * polkit_caller_unref:
- * @caller: The caller object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_caller_unref (PolKitCaller *caller)
-{
- kit_return_if_fail (caller != NULL);
- caller->refcount--;
- if (caller->refcount > 0)
- return;
- kit_free (caller->dbus_name);
- kit_free (caller->selinux_context);
- if (caller->session != NULL)
- polkit_session_unref (caller->session);
- kit_free (caller);
-}
-
-/**
- * polkit_caller_set_dbus_name:
- * @caller: The caller object
- * @dbus_name: unique system bus connection name
- *
- * Set the callers unique system bus connection name.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_caller_set_dbus_name (PolKitCaller *caller, const char *dbus_name)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
-
- if (dbus_name != NULL && ! _pk_validate_unique_bus_name (dbus_name))
- return FALSE;
-
- if (caller->dbus_name != NULL)
- kit_free (caller->dbus_name);
- if (dbus_name == NULL) {
- caller->dbus_name = NULL;
- return TRUE;
- } else {
- caller->dbus_name = kit_strdup (dbus_name);
- if (caller->dbus_name == NULL)
- return FALSE;
- else
- return TRUE;
- }
-}
-
-/**
- * polkit_caller_set_uid:
- * @caller: The caller object
- * @uid: UNIX user id
- *
- * Set the callers UNIX user id.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_caller_set_uid (PolKitCaller *caller, uid_t uid)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- caller->uid = uid;
- return TRUE;
-}
-
-/**
- * polkit_caller_set_pid:
- * @caller: The caller object
- * @pid: UNIX process id
- *
- * Set the callers UNIX process id.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_caller_set_pid (PolKitCaller *caller, pid_t pid)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- caller->pid = pid;
- return TRUE;
-}
-
-/**
- * polkit_caller_set_selinux_context:
- * @caller: The caller object
- * @selinux_context: SELinux security context
- *
- * Set the callers SELinux security context.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_caller_set_selinux_context (PolKitCaller *caller, const char *selinux_context)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- /* TODO: probably should have a separate validation function for SELinux contexts */
- kit_return_val_if_fail (selinux_context == NULL || _pk_validate_identifier (selinux_context), FALSE);
-
- if (caller->selinux_context != NULL)
- kit_free (caller->selinux_context);
- if (selinux_context == NULL) {
- caller->selinux_context = NULL;
- return TRUE;
- } else {
- caller->selinux_context = kit_strdup (selinux_context);
- if (caller->selinux_context == NULL)
- return FALSE;
- else
- return TRUE;
- }
-}
-
-/**
- * polkit_caller_set_ck_session:
- * @caller: The caller object
- * @session: a session object
- *
- * Set the callers session. The reference count on the given object
- * will be increased by one. If an existing session object was set
- * already, the reference count on that one will be decreased by one.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_caller_set_ck_session (PolKitCaller *caller, PolKitSession *session)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (session == NULL || polkit_session_validate (session), FALSE);
- if (caller->session != NULL)
- polkit_session_unref (caller->session);
- caller->session = session != NULL ? polkit_session_ref (session) : NULL;
- return TRUE;
-}
-
-/**
- * polkit_caller_get_dbus_name:
- * @caller: The caller object
- * @out_dbus_name: Returns the unique system bus connection name. The caller shall not free this string.
- *
- * Get the callers unique system bus connection name.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_caller_get_dbus_name (PolKitCaller *caller, char **out_dbus_name)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (out_dbus_name != NULL, FALSE);
- *out_dbus_name = caller->dbus_name;
- return TRUE;
-}
-
-/**
- * polkit_caller_get_uid:
- * @caller: The caller object
- * @out_uid: Returns the UNIX user id
- *
- * Get the callers UNIX user id.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_caller_get_uid (PolKitCaller *caller, uid_t *out_uid)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (out_uid != NULL, FALSE);
- *out_uid = caller->uid;
- return TRUE;
-}
-
-/**
- * polkit_caller_get_pid:
- * @caller: The caller object
- * @out_pid: Returns the UNIX process id
- *
- * Get the callers UNIX process id.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_caller_get_pid (PolKitCaller *caller, pid_t *out_pid)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (out_pid != NULL, FALSE);
- *out_pid = caller->pid;
- return TRUE;
-}
-
-/**
- * polkit_caller_get_selinux_context:
- * @caller: The caller object
- * @out_selinux_context: Returns the SELinux security context. The caller shall not free this string.
- *
- * Get the callers SELinux security context. Note that this may be
- * #NULL if SELinux is not available on the system.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_caller_get_selinux_context (PolKitCaller *caller, char **out_selinux_context)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (out_selinux_context != NULL, FALSE);
- *out_selinux_context = caller->selinux_context;
- return TRUE;
-}
-
-/**
- * polkit_caller_get_ck_session:
- * @caller: The caller object
- * @out_session: Returns the session object. Caller shall not unref it.
- *
- * Get the callers session. Note that this may be #NULL if the caller
- * is not in any session.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_caller_get_ck_session (PolKitCaller *caller, PolKitSession **out_session)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (out_session != NULL, FALSE);
- *out_session = caller->session;
- return TRUE;
-}
-
-/**
- * polkit_caller_debug:
- * @caller: the object
- *
- * Print debug details
- **/
-void
-polkit_caller_debug (PolKitCaller *caller)
-{
- kit_return_if_fail (caller != NULL);
- polkit_debug ("PolKitCaller: refcount=%d dbus_name=%s uid=%d pid=%d selinux_context=%s",
- caller->refcount, caller->dbus_name, caller->uid, caller->pid, caller->selinux_context);
- if (caller->session != NULL)
- polkit_session_debug (caller->session);
-}
-
-
-/**
- * polkit_caller_validate:
- * @caller: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- **/
-polkit_bool_t
-polkit_caller_validate (PolKitCaller *caller)
-{
- kit_return_val_if_fail (caller != NULL, FALSE);
- kit_return_val_if_fail (caller->pid > 0, FALSE);
- return TRUE;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- char *s;
- PolKitCaller *c;
- pid_t pid;
- uid_t uid;
- PolKitSeat *seat;
- PolKitSession *session;
- PolKitSession *session2;
-
- if ((c = polkit_caller_new ()) != NULL) {
-
- kit_assert (! polkit_caller_set_dbus_name (c, "org.invalid.name"));
- kit_assert (polkit_caller_set_dbus_name (c, NULL));
- if (polkit_caller_set_dbus_name (c, ":1.43")) {
- kit_assert (polkit_caller_get_dbus_name (c, &s) && strcmp (s, ":1.43") == 0);
-
- if (polkit_caller_set_dbus_name (c, ":1.44")) {
- kit_assert (polkit_caller_get_dbus_name (c, &s) && strcmp (s, ":1.44") == 0);
- }
- }
-
- kit_assert (polkit_caller_set_selinux_context (c, NULL));
- if (polkit_caller_set_selinux_context (c, "system_u:object_r:bin_t")) {
- kit_assert (polkit_caller_get_selinux_context (c, &s) && strcmp (s, "system_u:object_r:bin_t") == 0);
-
- if (polkit_caller_set_selinux_context (c, "system_u:object_r:httpd_exec_t")) {
- kit_assert (polkit_caller_get_selinux_context (c, &s) && strcmp (s, "system_u:object_r:httpd_exec_t") == 0);
- }
- }
-
- kit_assert (polkit_caller_set_uid (c, 0));
- kit_assert (polkit_caller_get_uid (c, &uid) && uid == 0);
- kit_assert (polkit_caller_set_pid (c, 1));
- kit_assert (polkit_caller_get_pid (c, &pid) && pid == 1);
-
- /* validate where caller is not in a session */
- kit_assert (polkit_caller_validate (c));
- polkit_caller_ref (c);
- kit_assert (polkit_caller_validate (c));
- polkit_caller_unref (c);
- kit_assert (polkit_caller_validate (c));
-
- if ((session = polkit_session_new ()) != NULL) {
- if (polkit_session_set_ck_objref (session, "/somesession")) {
- if ((seat = polkit_seat_new ()) != NULL) {
- if (polkit_seat_set_ck_objref (seat, "/someseat")) {
- kit_assert (polkit_session_set_seat (session, seat));
- kit_assert (polkit_session_set_ck_is_local (session, TRUE));
-
- kit_assert (polkit_caller_set_ck_session (c, NULL));
- kit_assert (polkit_caller_get_ck_session (c, &session2) && session2 == NULL);
-
- kit_assert (polkit_caller_set_ck_session (c, session));
- kit_assert (polkit_caller_set_ck_session (c, session));
- kit_assert (polkit_caller_get_ck_session (c, &session2) && session2 == session);
- /* validate where caller is in a session */
- kit_assert (polkit_caller_validate (c));
-
- polkit_caller_debug (c);
-
-
- }
- polkit_seat_unref (seat);
- }
- }
- polkit_session_unref (session);
- }
-
-
-
- polkit_caller_unref (c);
- }
-
- return TRUE;
-}
-
-KitTest _test_caller = {
- "polkit_caller",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-caller.h b/src/polkit/polkit-caller.h
deleted file mode 100644
index 28f032e..0000000
--- a/src/polkit/polkit-caller.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-caller.h : callers
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_CALLER_H
-#define POLKIT_CALLER_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-session.h>
-#include <sys/types.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitCaller;
-typedef struct _PolKitCaller PolKitCaller;
-
-PolKitCaller *polkit_caller_new (void);
-PolKitCaller *polkit_caller_ref (PolKitCaller *caller);
-void polkit_caller_unref (PolKitCaller *caller);
-polkit_bool_t polkit_caller_set_dbus_name (PolKitCaller *caller, const char *dbus_name);
-polkit_bool_t polkit_caller_set_uid (PolKitCaller *caller, uid_t uid);
-polkit_bool_t polkit_caller_set_pid (PolKitCaller *caller, pid_t pid);
-polkit_bool_t polkit_caller_set_selinux_context (PolKitCaller *caller, const char *selinux_context);
-polkit_bool_t polkit_caller_set_ck_session (PolKitCaller *caller, PolKitSession *session);
-polkit_bool_t polkit_caller_get_dbus_name (PolKitCaller *caller, char **out_dbus_name);
-polkit_bool_t polkit_caller_get_uid (PolKitCaller *caller, uid_t *out_uid);
-polkit_bool_t polkit_caller_get_pid (PolKitCaller *caller, pid_t *out_pid);
-polkit_bool_t polkit_caller_get_selinux_context (PolKitCaller *caller, char **out_selinux_context);
-polkit_bool_t polkit_caller_get_ck_session (PolKitCaller *caller, PolKitSession **out_session);
-
-void polkit_caller_debug (PolKitCaller *caller);
-polkit_bool_t polkit_caller_validate (PolKitCaller *caller);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_H */
diff --git a/src/polkit/polkit-context.c b/src/polkit/polkit-context.c
deleted file mode 100644
index fac4f12..0000000
--- a/src/polkit/polkit-context.c
+++ /dev/null
@@ -1,622 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-context.c : context for PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#if HAVE_SOLARIS
-#include <sys/stat.h>
-#endif
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-#include <syslog.h>
-#include <fcntl.h>
-#include <dirent.h>
-
-#include "polkit-debug.h"
-#include "polkit-context.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-
-/**
- * SECTION:polkit
- * @short_description: Centralized policy management.
- *
- * libpolkit is a C library for centralized policy management.
- **/
-
-/**
- * SECTION:polkit-context
- * @title: Context
- * @short_description: The main interface used to query PolicyKit.
- *
- * This class is used to represent the interface to PolicyKit - it is
- * used by Mechanisms that use PolicyKit for making
- * decisions. Typically, it's used as a singleton:
- *
- * <itemizedlist>
- * <listitem>First, the Mechanism need to declare one or more PolicyKit Actions by dropping a <literal>.policy</literal> file into <literal>/usr/share/polkit-1/actions</literal>. This is described in the PolicyKit specification.</listitem>
- * <listitem>The mechanism starts up and uses polkit_context_new() to create a new context</listitem>
- * <listitem>If the mechanism is a long running daemon, it should use polkit_context_set_config_changed() to register a callback when configuration changes. This is useful if, for example, the mechanism needs to revise decisions based on earlier answers from libpolkit. For example, a daemon that manages permissions on <literal>/dev</literal> may want to add/remove ACL's when configuration changes.
- * <listitem>If polkit_context_set_config_changed() is used, the mechanism must also use polkit_context_set_io_watch_functions() to integrate libpolkit into the mainloop.</listitem>
- * <listitem>The mechanism needs to call polkit_context_init() such that libpolkit can load configuration files and properly initialize.</listitem>
- * <listitem>Whenever the mechanism needs to make a decision whether a caller is allowed to make a perform some action, the mechanism prepares a #PolKitAction and #PolKitCaller object (or #PolKitSession if applicable) and calls polkit_context_can_caller_do_action() (or polkit_context_can_session_do_action() if applicable). The mechanism may use the libpolkit-dbus library (specifically the polkit_caller_new_from_dbus_name() or polkit_caller_new_from_pid() functions) but may opt, for performance reasons, to construct #PolKitCaller (or #PolKitSession if applicable) from it's own cache of information.</listitem>
- * <listitem>The mechanism will get a #PolKitResult object back that describes whether it should carry out the action. This result stems from a number of sources, see the PolicyKit specification document for details.</listitem>
- * <listitem>If the result is #POLKIT_RESULT_YES, the mechanism should carry out the action. If the result is not #POLKIT_RESULT_YES nor #POLKIT_RESULT_UNKNOWN (this would never be returned but is mentioned here for completeness), the mechanism should throw an expcetion to the caller detailing the #PolKitResult as a textual string using polkit_result_to_string_representation(). For example, if the mechanism is using D-Bus it could throw an com.some-mechanism.DeniedByPolicy exception with the #PolKitResult textual representation in the detail field. Then the caller can interpret this exception and then act on it (for example it can attempt to gain that privilege).</listitem>
- * </itemizedlist>
- *
- * For more information about using PolicyKit in mechanisms and
- * callers, refer to the PolicyKit-gnome project which includes a
- * sample application on how to use this in the GNOME desktop.
- **/
-
-/**
- * PolKitContext:
- *
- * Context object for users of PolicyKit.
- **/
-struct _PolKitContext
-{
- int refcount;
-
- PolKitContextConfigChangedCB config_changed_cb;
- void *config_changed_user_data;
-
- char *policy_dir;
-
- PolKitAuthorizationDB *authdb;
-
- KitList *action_descriptions;
-};
-
-/**
- * polkit_context_new:
- *
- * Create a new context
- *
- * Returns: the object
- **/
-PolKitContext *
-polkit_context_new (void)
-{
- PolKitContext *pk_context;
- pk_context = kit_new0 (PolKitContext, 1);
- pk_context->refcount = 1;
- /* TODO: May want to rethink instantiating this on demand.. */
- pk_context->authdb = _polkit_authorization_db_new ();
- return pk_context;
-}
-
-/**
- * polkit_context_init:
- * @pk_context: the context object
- * @error: return location for error
- *
- * Initializes a new context; loads PolicyKit files from
- * /usr/share/polkit-1/actions.
- *
- * Returns: #FALSE if @error was set, otherwise #TRUE
- **/
-polkit_bool_t
-polkit_context_init (PolKitContext *pk_context, PolKitError **error)
-{
-
- kit_return_val_if_fail (pk_context != NULL, FALSE);
-
- pk_context->policy_dir = kit_strdup (PACKAGE_DATA_DIR "/polkit-1/actions");
- polkit_debug ("Using policy files from directory %s", pk_context->policy_dir);
-
- return TRUE;
- //error:
- //return FALSE;
-}
-
-/**
- * polkit_context_ref:
- * @pk_context: the context object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitContext *
-polkit_context_ref (PolKitContext *pk_context)
-{
- kit_return_val_if_fail (pk_context != NULL, pk_context);
- pk_context->refcount++;
- return pk_context;
-}
-
-/**
- * polkit_context_unref:
- * @pk_context: the context object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_context_unref (PolKitContext *pk_context)
-{
-
- kit_return_if_fail (pk_context != NULL);
- pk_context->refcount--;
- if (pk_context->refcount > 0)
- return;
-
- kit_free (pk_context);
-}
-
-/**
- * polkit_context_set_config_changed:
- * @pk_context: the context object
- * @cb: the callback to invoke
- * @user_data: user data to pass to the callback
- *
- * Register the callback function for when configuration changes.
- * Mechanisms should use this callback to e.g. reconfigure all
- * permissions / acl's they have set in response to policy decisions
- * made from information provided by PolicyKit.
- *
- * Note that this function may be called many times within a short
- * interval due to how file monitoring works if e.g. the user is
- * editing a configuration file (editors typically create back-up
- * files). Mechanisms should use a "cool-off" timer (of, say, one
- * second) to avoid doing many expensive operations (such as
- * reconfiguring all ACL's for all devices) within a very short
- * timeframe.
- *
- * This method must be called before polkit_context_init().
- **/
-void
-polkit_context_set_config_changed (PolKitContext *pk_context,
- PolKitContextConfigChangedCB cb,
- void *user_data)
-{
- kit_return_if_fail (pk_context != NULL);
- pk_context->config_changed_cb = cb;
- pk_context->config_changed_user_data = user_data;
-}
-
-/**
- * polkit_context_is_session_authorized:
- * @pk_context: the PolicyKit context
- * @action: the type of access to check for
- * @session: the session in question
- * @error: return location for error
- *
- * Determine if any caller from a giver session is authorized to do a
- * given action.
- *
- * Returns: A #PolKitResult specifying if, and how, the caller can
- * do a specific action.
- *
- * Since: 0.7
- */
-PolKitResult
-polkit_context_is_session_authorized (PolKitContext *pk_context,
- PolKitAction *action,
- PolKitSession *session,
- PolKitError **error)
-{
- //PolKitPolicyCache *cache;
- PolKitResult result_from_grantdb;
- polkit_bool_t from_authdb;
- polkit_bool_t from_authdb_negative;
- PolKitResult result;
-
- result = POLKIT_RESULT_NO;
- kit_return_val_if_fail (pk_context != NULL, result);
-
- if (action == NULL || session == NULL)
- goto out;
-
- /* now validate the incoming objects */
- if (!polkit_action_validate (action))
- goto out;
- if (!polkit_session_validate (session))
- goto out;
-
- //cache = polkit_context_get_policy_cache (pk_context);
- //if (cache == NULL)
- // goto out;
-
- result_from_grantdb = POLKIT_RESULT_UNKNOWN;
- from_authdb_negative = FALSE;
- if (polkit_authorization_db_is_session_authorized (pk_context->authdb,
- action,
- session,
- &from_authdb,
- &from_authdb_negative,
- NULL /* TODO */)) {
- if (from_authdb)
- result_from_grantdb = POLKIT_RESULT_YES;
- }
-
- /* If we have a positive answer from the authdb, use it */
- if (result_from_grantdb == POLKIT_RESULT_YES) {
- result = POLKIT_RESULT_YES;
- goto found;
- }
-
- /* Otherwise, unless we found a negative auth, fall back to defaults as specified in the .policy file */
- if (!from_authdb_negative) {
- PolKitActionDescription *pfe;
-
- pfe = NULL; //pfe = polkit_policy_cache_get_entry (cache, action);
- if (pfe != NULL) {
- PolKitImplicitAuthorization *implicit_authorization;
-
- implicit_authorization = polkit_action_description_get_implicit_authorization (pfe);
- if (implicit_authorization != NULL) {
- result = polkit_implicit_authorization_can_session_do_action (implicit_authorization, action, session);
- }
- }
- }
-
-found:
- /* Never return UNKNOWN to user */
- if (result == POLKIT_RESULT_UNKNOWN)
- result = POLKIT_RESULT_NO;
-
-out:
- polkit_debug ("... result was %s", polkit_result_to_string_representation (result));
- return result;
-}
-
-/**
- * polkit_context_is_caller_authorized:
- * @pk_context: the PolicyKit context
- * @action: the type of access to check for
- * @caller: the caller in question
- * @revoke_if_one_shot: Whether to revoke one-shot authorizations. See
- * below for discussion.
- * @error: return location for error
- *
- * Determine if a given caller is authorized to do a given
- * action.
- *
- * It is important to understand how one-shot authorizations work.
- * The revoke_if_one_shot parameter, if #TRUE, specifies whether
- * one-shot authorizations should be revoked if they are used
- * to make the decision to return #POLKIT_RESULT_YES.
- *
- * UI applications wanting to hint whether a caller is authorized must
- * pass #FALSE here. Mechanisms that wants to check authorizations
- * before carrying out work on behalf of a caller must pass #TRUE
- * here.
- *
- * As a side-effect, any process with the authorization
- * org.freedesktop.policykit.read can revoke one-shot authorizations
- * from other users. Even though the window for doing so is small
- * (one-shot auths are typically used right away), be careful who you
- * grant that authorization to.
- *
- * This can fail with the following errors:
- * #POLKIT_ERROR_NOT_AUTHORIZED_TO_READ_AUTHORIZATIONS_FOR_OTHER_USERS
- *
- * Returns: A #PolKitResult specifying if, and how, the caller can
- * do a specific action.
- *
- * Since: 0.7
- */
-PolKitResult
-polkit_context_is_caller_authorized (PolKitContext *pk_context,
- PolKitAction *action,
- PolKitCaller *caller,
- polkit_bool_t revoke_if_one_shot,
- PolKitError **error)
-{
- //PolKitPolicyCache *cache;
- PolKitResult result;
- PolKitResult result_from_grantdb;
- polkit_bool_t from_authdb;
- polkit_bool_t from_authdb_negative;
-
- result = POLKIT_RESULT_NO;
- kit_return_val_if_fail (pk_context != NULL, result);
-
- if (action == NULL || caller == NULL)
- goto out;
-
- //cache = polkit_context_get_policy_cache (pk_context);
- //if (cache == NULL)
- // goto out;
-
- /* now validate the incoming objects */
- if (!polkit_action_validate (action))
- goto out;
- if (!polkit_caller_validate (caller))
- goto out;
-
- result_from_grantdb = POLKIT_RESULT_UNKNOWN;
- from_authdb_negative = FALSE;
- if (polkit_authorization_db_is_caller_authorized (pk_context->authdb,
- action,
- caller,
- revoke_if_one_shot,
- &from_authdb,
- &from_authdb_negative,
- NULL /* TODO */)) {
- if (from_authdb)
- result_from_grantdb = POLKIT_RESULT_YES;
- }
-
- /* If we have a positive answer from the authdb, use it */
- if (result_from_grantdb == POLKIT_RESULT_YES) {
- result = POLKIT_RESULT_YES;
- goto found;
- }
-
- /* Otherwise, unless we found a negative auth, fall back to defaults as specified in the .policy file */
- if (!from_authdb_negative) {
- PolKitActionDescription *pfe;
-
- pfe = NULL; //pfe = polkit_policy_cache_get_entry (cache, action);
- if (pfe != NULL) {
- PolKitImplicitAuthorization *implicit_authorization;
-
- implicit_authorization = polkit_action_description_get_implicit_authorization (pfe);
- if (implicit_authorization != NULL) {
- result = polkit_implicit_authorization_can_caller_do_action (implicit_authorization, action, caller);
- }
- }
- }
-
-found:
-
- /* Never return UNKNOWN to user */
- if (result == POLKIT_RESULT_UNKNOWN)
- result = POLKIT_RESULT_NO;
-out:
- polkit_debug ("... result was %s", polkit_result_to_string_representation (result));
- return result;
-}
-
-/**
- * polkit_context_get_authorization_db:
- * @pk_context: the PolicyKit context
- *
- * Returns an object that provides access to the authorization
- * database. Applications using PolicyKit should never use this
- * method; it's only here for integration with other PolicyKit
- * components.
- *
- * Returns: A #PolKitAuthorizationDB object. Caller should not unref
- * this object.
- */
-PolKitAuthorizationDB *
-polkit_context_get_authorization_db (PolKitContext *pk_context)
-{
- return pk_context->authdb;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-KitTest _test_context = {
- "polkit_context",
- NULL,
- NULL,
- _run_test
-};
-
-
-#endif /* POLKIT_BUILD_TESTS */
-
-
-static polkit_bool_t
-_prepend_entry (PolKitActionDescription *action_description,
- void *user_data)
-{
- KitList *l;
- PolKitContext *pk_context = user_data;
-
- polkit_action_description_ref (action_description);
- l = kit_list_prepend (pk_context->action_descriptions, action_description);
- if (l == NULL) {
- polkit_action_description_unref (action_description);
- goto oom;
- }
- pk_context->action_descriptions = l;
- return FALSE;
-oom:
- return TRUE;
-}
-
-static void
-get_descriptions (PolKitContext *pk_context, PolKitError **error)
-{
- DIR *dir;
-#ifdef HAVE_READDIR64
- struct dirent64 *d;
-#else
- struct dirent *d;
-#endif
- struct stat statbuf;
- const char *dirname = PACKAGE_DATA_DIR "/polkit-1/actions";
-
- dir = NULL;
-
- dir = opendir (dirname);
- if (dir == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
- "Cannot load policy files from directory %s: %m",
- dirname);
- goto out;
- }
-
-#ifdef HAVE_READDIR64
- while ((d = readdir64 (dir)) != NULL) {
-#else
- while ((d = readdir (dir)) != NULL) {
-#endif
- char *path;
- PolKitError *pk_error;
- size_t name_len;
- char *filename;
- static const char suffix[] = ".policy";
-
- path = kit_strdup_printf ("%s/%s", dirname, d->d_name);
- if (path == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY, "Out of memory");
- goto out;
- }
-
- if (stat (path, &statbuf) != 0) {
- polkit_error_set_error (error, POLKIT_ERROR_GENERAL_ERROR, "stat()");
- kit_free (path);
- goto out;
- }
-
- if (!S_ISREG (statbuf.st_mode)) {
- kit_free (path);
- continue;
- }
-
- filename = d->d_name;
- name_len = strlen (filename);
- if (name_len < sizeof (suffix) || strcmp ((filename + name_len - sizeof (suffix) + 1), suffix) != 0) {
- kit_free (path);
- continue;
- }
-
- polkit_debug ("Loading %s", path);
- pk_error = NULL;
-
- if (polkit_action_description_get_from_file (path, _prepend_entry, pk_context, &pk_error)) {
- /* OOM failure from _prepend_entry */
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY, "Out of memory");
- goto out;
- }
-
- if (polkit_error_is_set (pk_error)) {
- if (polkit_error_get_error_code (pk_error) == POLKIT_ERROR_OUT_OF_MEMORY) {
- if (error != NULL)
- *error = pk_error;
- else
- polkit_error_free (pk_error);
- goto out;
- }
-
- kit_warning ("ignoring malformed policy file: %s",
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- }
-
- }
- closedir (dir);
-
- return;
-
-out:
- if (dir != NULL)
- closedir(dir);
-}
-
-static void
-ensure_descriptions (PolKitContext *pk_context)
-{
- PolKitError *error;
- error = NULL;
-
- if (pk_context->action_descriptions != NULL)
- goto out;
-
- get_descriptions (pk_context, &error);
- if (polkit_error_is_set (error)) {
- kit_warning ("Error loading policy files: %s: %s",
- polkit_error_get_error_name (error),
- polkit_error_get_error_message (error));
- polkit_error_free (error);
- goto out;
- }
-
- out:
- ;
-}
-
-polkit_bool_t
-polkit_context_action_description_foreach (PolKitContext *pk_context,
- PolKitActionDescriptionForeachFunc cb,
- void *user_data)
-{
- KitList *l;
- polkit_bool_t short_circuit;
-
- ensure_descriptions (pk_context);
-
- short_circuit = FALSE;
- for (l = pk_context->action_descriptions; l != NULL; l = l->next) {
- PolKitActionDescription *action_description = l->data;
-
- if (cb (action_description, user_data)) {
- short_circuit = TRUE;
- break;
- }
- }
-
- return short_circuit;
-}
-
-PolKitActionDescription *
-polkit_context_get_action_description (PolKitContext *pk_context,
- const char *action_id)
-{
- KitList *l;
- PolKitActionDescription *action_description;
-
- ensure_descriptions (pk_context);
-
- action_description = NULL;
-
- for (l = pk_context->action_descriptions; l != NULL; l = l->next) {
- PolKitActionDescription *ad = l->data;
- if (strcmp (polkit_action_description_get_id (ad), action_id) == 0) {
- action_description = ad;
- break;
- }
- }
-
- return action_description;
-}
diff --git a/src/polkit/polkit-context.h b/src/polkit/polkit-context.h
deleted file mode 100644
index 3c14e4f..0000000
--- a/src/polkit/polkit-context.h
+++ /dev/null
@@ -1,129 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-context.h : PolicyKit context
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_CONTEXT_H
-#define POLKIT_CONTEXT_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-error.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-context.h>
-#include <polkit/polkit-action.h>
-#include <polkit/polkit-action-description.h>
-#include <polkit/polkit-seat.h>
-#include <polkit/polkit-session.h>
-#include <polkit/polkit-caller.h>
-#include <polkit/polkit-authorization-db.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitContext;
-typedef struct _PolKitContext PolKitContext;
-
-/**
- * PolKitContextConfigChangedCB:
- * @pk_context: PolicyKit context
- * @user_data: user data
- *
- * The type of the callback function for when configuration changes.
- * Mechanisms should use this callback to e.g. reconfigure all
- * permissions / acl's they have set in response to policy decisions
- * made from information provided by PolicyKit.
- *
- * The user must have set up watches using #polkit_context_set_io_watch_functions
- * for this to work.
- *
- * Note that this function may be called many times within a short
- * interval due to how file monitoring works if e.g. the user is
- * editing a configuration file (editors typically create back-up
- * files). Mechanisms should use a "cool-off" timer (of, say, one
- * second) to avoid doing many expensive operations (such as
- * reconfiguring all ACL's for all devices) within a very short
- * timeframe.
- */
-typedef void (*PolKitContextConfigChangedCB) (PolKitContext *pk_context,
- void *user_data);
-
-/**
- * PolKitActionDescriptionForeachFunc:
- * @action_description: the entry
- * @user_data: user data
- *
- * Type for function used in to iterate over action descriptions.
- *
- * Returns: #TRUE to short-circuit, e.g. stop the iteration
- **/
-typedef polkit_bool_t (*PolKitActionDescriptionForeachFunc) (PolKitActionDescription *action_description,
- void *user_data);
-
-PolKitContext *polkit_context_new (void);
-void polkit_context_set_config_changed (PolKitContext *pk_context,
- PolKitContextConfigChangedCB cb,
- void *user_data);
-polkit_bool_t polkit_context_init (PolKitContext *pk_context,
- PolKitError **error);
-PolKitContext *polkit_context_ref (PolKitContext *pk_context);
-void polkit_context_unref (PolKitContext *pk_context);
-
-PolKitResult polkit_context_is_caller_authorized (PolKitContext *pk_context,
- PolKitAction *action,
- PolKitCaller *caller,
- polkit_bool_t revoke_if_one_shot,
- PolKitError **error);
-
-PolKitResult polkit_context_is_session_authorized (PolKitContext *pk_context,
- PolKitAction *action,
- PolKitSession *session,
- PolKitError **error);
-
-polkit_bool_t polkit_context_action_description_foreach (PolKitContext *pk_context,
- PolKitActionDescriptionForeachFunc cb,
- void *user_data);
-
-PolKitActionDescription *polkit_context_get_action_description (PolKitContext *pk_context,
- const char *action_id);
-
-/* TODO: move to private static lib */
-polkit_bool_t polkit_action_description_get_from_file (const char *path,
- PolKitActionDescriptionForeachFunc cb,
- void *user_data,
- PolKitError **error);
-
-
-PolKitAuthorizationDB *polkit_context_get_authorization_db (PolKitContext *pk_context);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_CONTEXT_H */
-
-
diff --git a/src/polkit/polkit-debug.c b/src/polkit/polkit-debug.c
deleted file mode 100644
index 72ef71a..0000000
--- a/src/polkit/polkit-debug.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit.c : library for querying system-wide policy
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/**
- * SECTION:polkit-debug
- * @short_description: Internal debug functions for polkit.
- *
- * These functions are used for debug purposes.
- **/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <sys/time.h>
-#include <time.h>
-
-#include "polkit-types.h"
-#include "polkit-debug.h"
-
-/**
- * polkit_debug:
- * @format: format
- *
- * Prints a debug message to stdout if the environment variable
- * POLKIT_DEBUG is set. In production builds this function may
- * be a no-op.
- **/
-void
-polkit_debug (const char *format, ...)
-{
- va_list args;
- static polkit_bool_t show_debug = FALSE;
- static polkit_bool_t init = FALSE;
-
- if (!init) {
- init = TRUE;
- if (getenv ("POLKIT_DEBUG") != NULL) {
- show_debug = TRUE;
- }
- }
-
- if (show_debug) {
- struct timeval tnow;
- struct tm *tlocaltime;
- struct timezone tzone;
- char tbuf[256];
- gettimeofday (&tnow, &tzone);
- tlocaltime = localtime ((time_t *) &tnow.tv_sec);
- strftime (tbuf, sizeof (tbuf), "%H:%M:%S", tlocaltime);
- fprintf (stdout, "%s.%03d: ", tbuf, (int)(tnow.tv_usec/1000));
-
- va_start (args, format);
- vfprintf (stdout, format, args);
- va_end (args);
- fprintf (stdout, "\n");
- }
-}
diff --git a/src/polkit/polkit-debug.h b/src/polkit/polkit-debug.h
deleted file mode 100644
index 4a8256f..0000000
--- a/src/polkit/polkit-debug.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-debug.h : debug infrastructure for polkit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifndef POLKIT_DEBUG_H
-#define POLKIT_DEBUG_H
-
-#ifdef __sun
-void polkit_debug (const char *format, ...);
-#else
-void polkit_debug (const char *format, ...) __attribute__((__format__ (__printf__, 1, 2)));
-#endif
-
-#endif /* POLKIT_DEBUG_H */
-
-
diff --git a/src/polkit/polkit-error.c b/src/polkit/polkit-error.c
deleted file mode 100644
index 3583162..0000000
--- a/src/polkit/polkit-error.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-error.c : GError error codes from PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/**
- * SECTION:polkit-error
- * @title: Error reporting
- * @short_description: Representation of recoverable errors.
- *
- * Error codes from PolicyKit.
- **/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-types.h"
-#include "polkit-error.h"
-#include "polkit-debug.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * PolKitError:
- *
- * Objects of this class are used for error reporting.
- **/
-struct _PolKitError
-{
- polkit_bool_t is_static;
- PolKitErrorCode error_code;
- char *error_message;
-};
-
-/**
- * polkit_error_is_set:
- * @error: the error
- *
- * Determine if an error set
- *
- * Returns: #TRUE if, and only if, the error is set
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_error_is_set (PolKitError *error)
-{
- return error != NULL;
-}
-
-static const char *error_names[POLKIT_ERROR_NUM_ERROR_CODES] = {
- "OutOfMemory",
- "PolicyFileInvalid",
- "GeneralError",
- "NotAuthorizedToReadAuthorizationsForOtherUsers",
- "NotAuthorizedToRevokeAuthorizationsFromOtherUsers",
- "NotAuthorizedToGrantAuthorization",
- "AuthorizationAlreadyExists",
- "NotSupported",
- "NotAuthorizedToModifyDefaults",
-};
-
-/**
- * polkit_error_get_error_name:
- * @error: the error
- *
- * Get the CamelCase name for the error;
- * e.g. #POLKIT_ERROR_OUT_OF_MEMORY maps to "OutOfMemory" and so on.
- *
- * Returns: the string
- *
- * Since: 0.7
- */
-const char *
-polkit_error_get_error_name (PolKitError *error)
-{
- kit_return_val_if_fail (error != NULL, NULL);
- kit_return_val_if_fail (error->error_code >= 0 && error->error_code < POLKIT_ERROR_NUM_ERROR_CODES, NULL);
-
- return error_names[error->error_code];
-}
-
-/**
- * polkit_error_get_error_code:
- * @error: the error object
- *
- * Returns the error code.
- *
- * Returns: A value from the #PolKitErrorCode enumeration.
- **/
-PolKitErrorCode
-polkit_error_get_error_code (PolKitError *error)
-{
- kit_return_val_if_fail (error != NULL, -1);
- return error->error_code;
-}
-
-/**
- * polkit_error_get_error_message:
- * @error: the error object
- *
- * Get the error message.
- *
- * Returns: A string describing the error. Caller shall not free this string.
- **/
-const char *
-polkit_error_get_error_message (PolKitError *error)
-{
- kit_return_val_if_fail (error != NULL, NULL);
- return error->error_message;
-}
-
-/**
- * polkit_error_free:
- * @error: the error
- *
- * Free an error.
- **/
-void
-polkit_error_free (PolKitError *error)
-{
- kit_return_if_fail (error != NULL);
- if (!error->is_static) {
- kit_free (error->error_message);
- kit_free (error);
- }
-}
-
-
-static PolKitError _oom_error = {TRUE, POLKIT_ERROR_OUT_OF_MEMORY, "Pre-allocated OOM error object"};
-
-/**
- * polkit_error_set_error:
- * @error: the error object
- * @error_code: A value from the #PolKitErrorCode enumeration.
- * @format: printf style formatting string
- * @Varargs: printf style arguments
- *
- * Sets an error. If OOM, the error will be set to a pre-allocated OOM error.
- *
- * Returns: TRUE if the error was set
- **/
-polkit_bool_t
-polkit_error_set_error (PolKitError **error, PolKitErrorCode error_code, const char *format, ...)
-{
- va_list args;
- PolKitError *e;
-
- kit_return_val_if_fail (format != NULL, FALSE);
-
- if (error_code < 0 || error_code >= POLKIT_ERROR_NUM_ERROR_CODES)
- return FALSE;
-
- if (error == NULL)
- goto out;
-
- e = kit_new0 (PolKitError, 1);
- if (e == NULL) {
- *error = &_oom_error;
- } else {
- e->is_static = FALSE;
- e->error_code = error_code;
- va_start (args, format);
- e->error_message = kit_strdup_vprintf (format, args);
- va_end (args);
- if (e->error_message == NULL) {
- kit_free (e);
- *error = &_oom_error;
- } else {
- *error = e;
- }
- }
-
-out:
- return TRUE;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- unsigned int n;
- PolKitError *e;
- char s[256];
-
- e = NULL;
- kit_assert (! polkit_error_is_set (e));
- kit_assert (! polkit_error_set_error (&e, -1, "Testing"));
- kit_assert (! polkit_error_set_error (&e, POLKIT_ERROR_NUM_ERROR_CODES, "Testing"));
-
- for (n = 0; n < POLKIT_ERROR_NUM_ERROR_CODES; n++) {
- polkit_error_set_error (&e, n, "Testing error code %d", n);
- kit_assert (polkit_error_is_set (e));
- kit_assert (polkit_error_get_error_code (e) == n || polkit_error_get_error_code (e) == POLKIT_ERROR_OUT_OF_MEMORY);
- kit_assert (strcmp (polkit_error_get_error_name (e), error_names[polkit_error_get_error_code (e)]) == 0);
-
- if (polkit_error_get_error_code (e) != POLKIT_ERROR_OUT_OF_MEMORY) {
- snprintf (s, sizeof (s), "Testing error code %d", n);
- kit_assert (strcmp (polkit_error_get_error_message (e), s) == 0);
- }
-
- polkit_error_free (e);
- }
-
- kit_assert (polkit_error_set_error (NULL, POLKIT_ERROR_OUT_OF_MEMORY, "This error will never get set"));
-
- return TRUE;
-}
-
-
-KitTest _test_error = {
- "polkit_error",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-error.h b/src/polkit/polkit-error.h
deleted file mode 100644
index 6044677..0000000
--- a/src/polkit/polkit-error.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-error.h : error reporting from PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_ERROR_H
-#define POLKIT_ERROR_H
-
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-/**
- * PolKitErrorCode:
- * @POLKIT_ERROR_OUT_OF_MEMORY: Out of memory
- * @POLKIT_ERROR_POLICY_FILE_INVALID: There was an error parsing the given policy file
- * @POLKIT_ERROR_GENERAL_ERROR: A general error code typically
- * indicating problems with the installation of PolicyKit,
- * e.g. helpers missing or wrong owner / permission.
- * @POLKIT_ERROR_NOT_AUTHORIZED_TO_READ_AUTHORIZATIONS_FOR_OTHER_USERS:
- * An attempt was made to read authorizations for other users and the
- * calling process is not authorized.
- * @POLKIT_ERROR_NOT_AUTHORIZED_TO_REVOKE_AUTHORIZATIONS_FROM_OTHER_USERS:
- * An attempt was made to revoke authorizations for other users and the
- * calling process is not authorized.
- * @POLKIT_ERROR_NOT_AUTHORIZED_TO_GRANT_AUTHORIZATION: An attempt was
- * made to grant an authorization and the calling process is not
- * authorized.
- * @POLKIT_ERROR_AUTHORIZATION_ALREADY_EXISTS: Subject already has an
- * similar authorization already (modulo time of grant and who granted).
- * @POLKIT_ERROR_NOT_SUPPORTED: The operation is not supported by the
- * authorization database backend
- * @POLKIT_ERROR_NOT_AUTHORIZED_TO_MODIFY_DEFAULTS: An attempt was
- * made to modify the defaults for implicit authorizations and the
- * calling process is not authorized.
- * @POLKIT_ERROR_NUM_ERROR_CODES: Number of error codes. This may change
- * from version to version; do not rely on it.
- *
- * Errors returned by PolicyKit
- */
-typedef enum
-{
- POLKIT_ERROR_OUT_OF_MEMORY,
- POLKIT_ERROR_POLICY_FILE_INVALID,
- POLKIT_ERROR_GENERAL_ERROR,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_READ_AUTHORIZATIONS_FOR_OTHER_USERS,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_REVOKE_AUTHORIZATIONS_FROM_OTHER_USERS,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_GRANT_AUTHORIZATION,
- POLKIT_ERROR_AUTHORIZATION_ALREADY_EXISTS,
- POLKIT_ERROR_NOT_SUPPORTED,
- POLKIT_ERROR_NOT_AUTHORIZED_TO_MODIFY_DEFAULTS,
-
- POLKIT_ERROR_NUM_ERROR_CODES
-} PolKitErrorCode;
-
-struct _PolKitError;
-typedef struct _PolKitError PolKitError;
-
-polkit_bool_t polkit_error_is_set (PolKitError *error);
-const char *polkit_error_get_error_name (PolKitError *error);
-PolKitErrorCode polkit_error_get_error_code (PolKitError *error);
-const char *polkit_error_get_error_message (PolKitError *error);
-void polkit_error_free (PolKitError *error);
-#ifdef __sun
-polkit_bool_t polkit_error_set_error (PolKitError **error, PolKitErrorCode error_code, const char *format, ...);
-#else
-polkit_bool_t polkit_error_set_error (PolKitError **error, PolKitErrorCode error_code, const char *format, ...) __attribute__((__format__ (__printf__, 3, 4)));
-#endif
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_ERROR_H */
diff --git a/src/polkit/polkit-implicit-authorization.c b/src/polkit/polkit-implicit-authorization.c
deleted file mode 100644
index 68aac21..0000000
--- a/src/polkit/polkit-implicit-authorization.c
+++ /dev/null
@@ -1,572 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-implicit-authorization.c : policy definition for the defaults
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-debug.h"
-#include "polkit-error.h"
-#include "polkit-implicit-authorization.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-implicit-authorization
- * @title: Defaults
- * @short_description: Models the default policy for an action.
- *
- * This class records the default policy of an action.
- **/
-
-/**
- * PolKitImplicitAuthorization:
- *
- * Objects of this class are used to record information about a
- * default policy for an action.
- **/
-struct _PolKitImplicitAuthorization
-{
- int refcount;
- PolKitResult default_any;
- PolKitResult default_inactive;
- PolKitResult default_active;
-};
-
-/**
- * polkit_implicit_authorization_new:
- *
- * Construct a new object with all defaults set as restrictive as possible.
- *
- * Returns: a new object or #NULL on OOM.
- *
- * Since: 0.7
- */
-PolKitImplicitAuthorization *
-polkit_implicit_authorization_new (void)
-{
- PolKitImplicitAuthorization *pd;
-
- pd = kit_new0 (PolKitImplicitAuthorization, 1);
- if (pd == NULL)
- goto out;
- pd->refcount = 1;
- pd->default_any = POLKIT_RESULT_NO;
- pd->default_inactive = POLKIT_RESULT_NO;
- pd->default_active = POLKIT_RESULT_NO;
-out:
- return pd;
-}
-
-/**
- * polkit_implicit_authorization_clone:
- * @implicit_authorization: object to clone
- *
- * Create a new object with the same value as the given object
- *
- * Returns: a new object or #NULL on OOM.
- *
- * Since: 0.7
- */
-PolKitImplicitAuthorization *
-polkit_implicit_authorization_clone (PolKitImplicitAuthorization *implicit_authorization)
-{
- PolKitImplicitAuthorization *pd;
-
- kit_return_val_if_fail (implicit_authorization != NULL, NULL);
-
- pd = polkit_implicit_authorization_new ();
- if (pd == NULL)
- goto out;
- pd->refcount = 1;
- pd->default_any = implicit_authorization->default_any;
- pd->default_inactive = implicit_authorization->default_inactive;
- pd->default_active = implicit_authorization->default_active;
-out:
- return pd;
-}
-
-
-/**
- * polkit_implicit_authorization_equals:
- * @a: a #PolKitImplicitAuthorization object
- * @b: a #PolKitImplicitAuthorization object
- *
- * Compare if two objects are equal.
- *
- * Returns: %TRUE only if the objects are equal
- */
-polkit_bool_t
-polkit_implicit_authorization_equals (PolKitImplicitAuthorization *a, PolKitImplicitAuthorization *b)
-{
- polkit_bool_t ret;
-
- kit_return_val_if_fail (a != NULL, FALSE);
- kit_return_val_if_fail (b != NULL, FALSE);
-
- if (a->default_any == b->default_any &&
- a->default_inactive == b->default_inactive &&
- a->default_active == b->default_active) {
- ret = TRUE;
- } else {
- ret = FALSE;
- }
-
- return ret;
-}
-
-PolKitImplicitAuthorization *
-_polkit_implicit_authorization_new (PolKitResult defaults_allow_any,
- PolKitResult defaults_allow_inactive,
- PolKitResult defaults_allow_active)
-{
- PolKitImplicitAuthorization *pd;
-
- pd = kit_new0 (PolKitImplicitAuthorization, 1);
- if (pd == NULL)
- goto out;
- pd->refcount = 1;
- pd->default_any = defaults_allow_any;
- pd->default_inactive = defaults_allow_inactive;
- pd->default_active = defaults_allow_active;
-out:
- return pd;
-}
-
-/**
- * polkit_implicit_authorization_ref:
- * @implicit_authorization: the policy object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitImplicitAuthorization *
-polkit_implicit_authorization_ref (PolKitImplicitAuthorization *implicit_authorization)
-{
- kit_return_val_if_fail (implicit_authorization != NULL, implicit_authorization);
- implicit_authorization->refcount++;
- return implicit_authorization;
-}
-
-/**
- * polkit_implicit_authorization_unref:
- * @implicit_authorization: the object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_implicit_authorization_unref (PolKitImplicitAuthorization *implicit_authorization)
-{
- kit_return_if_fail (implicit_authorization != NULL);
- implicit_authorization->refcount--;
- if (implicit_authorization->refcount > 0)
- return;
- kit_free (implicit_authorization);
-}
-
-/**
- * polkit_implicit_authorization_debug:
- * @implicit_authorization: the object
- *
- * Print debug details
- **/
-void
-polkit_implicit_authorization_debug (PolKitImplicitAuthorization *implicit_authorization)
-{
- kit_return_if_fail (implicit_authorization != NULL);
- polkit_debug ("PolKitImplicitAuthorization: refcount=%d\n"
- " default_any=%s\n"
- " default_inactive=%s\n"
- " default_active=%s",
- implicit_authorization->refcount,
- polkit_result_to_string_representation (implicit_authorization->default_any),
- polkit_result_to_string_representation (implicit_authorization->default_inactive),
- polkit_result_to_string_representation (implicit_authorization->default_active));
-}
-
-
-/**
- * polkit_implicit_authorization_can_session_do_action:
- * @implicit_authorization: the object
- * @action: the type of access to check for
- * @session: the session in question
- *
- * Using the default policy for an action, determine if a given
- * session can do a given action.
- *
- * Returns: A #PolKitResult - can only be one of
- * #POLKIT_RESULT_YES, #POLKIT_RESULT_NO.
- **/
-PolKitResult
-polkit_implicit_authorization_can_session_do_action (PolKitImplicitAuthorization *implicit_authorization,
- PolKitAction *action,
- PolKitSession *session)
-{
- polkit_bool_t is_local;
- polkit_bool_t is_active;
- PolKitResult ret;
-
- ret = POLKIT_RESULT_NO;
-
- kit_return_val_if_fail (implicit_authorization != NULL, ret);
- kit_return_val_if_fail (action != NULL, ret);
- kit_return_val_if_fail (session != NULL, ret);
-
- ret = implicit_authorization->default_any;
-
- polkit_session_get_ck_is_local (session, &is_local);
- polkit_session_get_ck_is_active (session, &is_active);
-
- if (!is_local)
- goto out;
-
- if (is_active) {
- ret = implicit_authorization->default_active;
- } else {
- ret = implicit_authorization->default_inactive;
- }
-out:
- return ret;
-}
-
-/**
- * polkit_implicit_authorization_can_caller_do_action:
- * @implicit_authorization: the object
- * @action: the type of access to check for
- * @caller: the caller in question
- *
- * Using the default policy for an action, determine if a given
- * caller can do a given action.
- *
- * Returns: A #PolKitResult specifying if, and how, the caller can
- * do the given action.
- **/
-PolKitResult
-polkit_implicit_authorization_can_caller_do_action (PolKitImplicitAuthorization *implicit_authorization,
- PolKitAction *action,
- PolKitCaller *caller)
-{
- polkit_bool_t is_local;
- polkit_bool_t is_active;
- PolKitSession *session;
- PolKitResult ret;
-
- ret = POLKIT_RESULT_NO;
-
- kit_return_val_if_fail (implicit_authorization != NULL, ret);
- kit_return_val_if_fail (action != NULL, ret);
- kit_return_val_if_fail (caller != NULL, ret);
-
- ret = implicit_authorization->default_any;
-
- polkit_caller_get_ck_session (caller, &session);
- if (session == NULL)
- goto out;
-
- polkit_session_get_ck_is_local (session, &is_local);
- polkit_session_get_ck_is_active (session, &is_active);
-
- if (!is_local)
- goto out;
-
- if (is_active) {
- ret = implicit_authorization->default_active;
- } else {
- ret = implicit_authorization->default_inactive;
- }
-
-out:
- return ret;
-}
-
-/**
- * polkit_implicit_authorization_set_allow_any:
- * @implicit_authorization: the object
- * @value: the value to set
- *
- * Set default policy.
- *
- **/
-void
-polkit_implicit_authorization_set_allow_any (PolKitImplicitAuthorization *implicit_authorization, PolKitResult value)
-{
- kit_return_if_fail (implicit_authorization != NULL);
- implicit_authorization->default_any = value;
-}
-
-/**
- * polkit_implicit_authorization_set_allow_inactive:
- * @implicit_authorization: the object
- * @value: the value to set
- *
- * Set default policy.
- *
- **/
-void
-polkit_implicit_authorization_set_allow_inactive (PolKitImplicitAuthorization *implicit_authorization, PolKitResult value)
-{
- kit_return_if_fail (implicit_authorization != NULL);
- implicit_authorization->default_inactive = value;
-}
-
-/**
- * polkit_implicit_authorization_set_allow_active:
- * @implicit_authorization: the object
- * @value: the value to set
- *
- * Set default policy.
- *
- **/
-void
-polkit_implicit_authorization_set_allow_active (PolKitImplicitAuthorization *implicit_authorization, PolKitResult value)
-{
- kit_return_if_fail (implicit_authorization != NULL);
- implicit_authorization->default_active = value;
-}
-
-/**
- * polkit_implicit_authorization_get_allow_any:
- * @implicit_authorization: the object
- *
- * Get default policy.
- *
- * Returns: default policy
- **/
-PolKitResult
-polkit_implicit_authorization_get_allow_any (PolKitImplicitAuthorization *implicit_authorization)
-{
- kit_return_val_if_fail (implicit_authorization != NULL, POLKIT_RESULT_NO);
- return implicit_authorization->default_any;
-}
-
-/**
- * polkit_implicit_authorization_get_allow_inactive:
- * @implicit_authorization: the object
- *
- * Get default policy.
- *
- * Returns: default policy
- **/
-PolKitResult
-polkit_implicit_authorization_get_allow_inactive (PolKitImplicitAuthorization *implicit_authorization)
-{
- kit_return_val_if_fail (implicit_authorization != NULL, POLKIT_RESULT_NO);
- return implicit_authorization->default_inactive;
-}
-
-/**
- * polkit_implicit_authorization_get_allow_active:
- * @implicit_authorization: the object
- *
- * Get default policy.
- *
- * Returns: default policy
- **/
-PolKitResult
-polkit_implicit_authorization_get_allow_active (PolKitImplicitAuthorization *implicit_authorization)
-{
- kit_return_val_if_fail (implicit_authorization != NULL, POLKIT_RESULT_NO);
- return implicit_authorization->default_active;
-}
-
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_ts (PolKitSession *s, PolKitResult any, PolKitResult inactive, PolKitResult active, PolKitResult *ret)
-{
- PolKitAction *a;
- PolKitImplicitAuthorization *d;
- polkit_bool_t oom;
-
- oom = TRUE;
-
- if (s == NULL)
- goto out;
-
- if ((a = polkit_action_new ()) != NULL) {
- if (polkit_action_set_action_id (a, "org.dummy")) {
- if ((d = _polkit_implicit_authorization_new (any,
- inactive,
- active)) != NULL) {
- PolKitCaller *c;
-
- *ret = polkit_implicit_authorization_can_session_do_action (d, a, s);
- oom = FALSE;
-
- if ((c = polkit_caller_new ()) != NULL) {
- kit_assert (polkit_implicit_authorization_can_caller_do_action (d, a, c) == any);
-
- kit_assert (polkit_caller_set_ck_session (c, s));
- kit_assert (polkit_implicit_authorization_can_caller_do_action (d, a, c) == *ret);
- polkit_caller_unref (c);
- }
-
- polkit_implicit_authorization_ref (d);
- polkit_implicit_authorization_get_allow_any (d);
- polkit_implicit_authorization_get_allow_inactive (d);
- polkit_implicit_authorization_get_allow_active (d);
- polkit_implicit_authorization_unref (d);
- polkit_implicit_authorization_debug (d);
- polkit_implicit_authorization_unref (d);
- }
- }
- polkit_action_unref (a);
- }
-
-out:
- return oom;
-}
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitResult ret;
- PolKitSession *s_active;
- PolKitSession *s_inactive;
- PolKitSession *s_active_remote;
- PolKitSession *s_inactive_remote;
-
- if ((s_active = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_active, "/session1")) {
- polkit_session_unref (s_active);
- s_active = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_active, TRUE));
- kit_assert (polkit_session_set_ck_is_active (s_active, TRUE));
- }
- }
-
- if ((s_inactive = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_inactive, "/session2")) {
- polkit_session_unref (s_inactive);
- s_inactive = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_inactive, TRUE));
- kit_assert (polkit_session_set_ck_is_active (s_inactive, FALSE));
- }
- }
-
- if ((s_active_remote = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_active_remote, "/session3") ||
- !polkit_session_set_ck_remote_host (s_active_remote, "remotehost.com")) {
- polkit_session_unref (s_active_remote);
- s_active_remote = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_active_remote, FALSE));
- kit_assert (polkit_session_set_ck_is_active (s_active_remote, TRUE));
- }
- }
-
- if ((s_inactive_remote = polkit_session_new ()) != NULL) {
- if (!polkit_session_set_ck_objref (s_inactive_remote, "/session4") ||
- !polkit_session_set_ck_remote_host (s_inactive_remote, "remotehost.com")) {
- polkit_session_unref (s_inactive_remote);
- s_inactive_remote = NULL;
- } else {
- kit_assert (polkit_session_set_ck_is_local (s_inactive_remote, FALSE));
- kit_assert (polkit_session_set_ck_is_active (s_inactive_remote, FALSE));
- }
- }
-
- kit_assert (_ts (s_active,
- POLKIT_RESULT_NO, POLKIT_RESULT_NO, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
- kit_assert (_ts (s_inactive,
- POLKIT_RESULT_NO, POLKIT_RESULT_NO, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_NO);
- kit_assert (_ts (s_active_remote,
- POLKIT_RESULT_NO, POLKIT_RESULT_NO, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_NO);
- kit_assert (_ts (s_inactive_remote,
- POLKIT_RESULT_NO, POLKIT_RESULT_NO, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_NO);
-
- kit_assert (_ts (s_active,
- POLKIT_RESULT_NO, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
- kit_assert (_ts (s_inactive,
- POLKIT_RESULT_NO, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
- kit_assert (_ts (s_active_remote,
- POLKIT_RESULT_NO, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_NO);
- kit_assert (_ts (s_inactive_remote,
- POLKIT_RESULT_NO, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_NO);
-
- kit_assert (_ts (s_active,
- POLKIT_RESULT_YES, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
- kit_assert (_ts (s_inactive,
- POLKIT_RESULT_YES, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
- kit_assert (_ts (s_active_remote,
- POLKIT_RESULT_YES, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
- kit_assert (_ts (s_inactive_remote,
- POLKIT_RESULT_YES, POLKIT_RESULT_YES, POLKIT_RESULT_YES, &ret) ||
- ret == POLKIT_RESULT_YES);
-
- if (s_active != NULL)
- polkit_session_unref (s_active);
-
- if (s_inactive != NULL)
- polkit_session_unref (s_inactive);
-
- if (s_active_remote != NULL)
- polkit_session_unref (s_active_remote);
-
- if (s_inactive_remote != NULL)
- polkit_session_unref (s_inactive_remote);
-
- return TRUE;
-}
-
-KitTest _test_implicit_authorization = {
- "polkit_implicit_authorization",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-implicit-authorization.h b/src/polkit/polkit-implicit-authorization.h
deleted file mode 100644
index 3bc55e3..0000000
--- a/src/polkit/polkit-implicit-authorization.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-implicit-authorization.h : policy definition for the defaults
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_IMPLICIT_AUTHORIZATION_H
-#define POLKIT_IMPLICIT_AUTHORIZATION_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-action.h>
-#include <polkit/polkit-session.h>
-#include <polkit/polkit-caller.h>
-#include <polkit/polkit-error.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitImplicitAuthorization;
-typedef struct _PolKitImplicitAuthorization PolKitImplicitAuthorization;
-
-PolKitImplicitAuthorization *polkit_implicit_authorization_new (void);
-PolKitImplicitAuthorization *polkit_implicit_authorization_ref (PolKitImplicitAuthorization *implicit_authorization);
-void polkit_implicit_authorization_unref (PolKitImplicitAuthorization *implicit_authorization);
-void polkit_implicit_authorization_debug (PolKitImplicitAuthorization *implicit_authorization);
-PolKitImplicitAuthorization *polkit_implicit_authorization_clone (PolKitImplicitAuthorization *implicit_authorization);
-
-polkit_bool_t polkit_implicit_authorization_equals (PolKitImplicitAuthorization *a, PolKitImplicitAuthorization *b);
-
-PolKitResult polkit_implicit_authorization_can_session_do_action (PolKitImplicitAuthorization *implicit_authorization,
- PolKitAction *action,
- PolKitSession *session);
-
-PolKitResult polkit_implicit_authorization_can_caller_do_action (PolKitImplicitAuthorization *implicit_authorization,
- PolKitAction *action,
- PolKitCaller *caller);
-
-PolKitResult polkit_implicit_authorization_get_allow_any (PolKitImplicitAuthorization *implicit_authorization);
-PolKitResult polkit_implicit_authorization_get_allow_inactive (PolKitImplicitAuthorization *implicit_authorization);
-PolKitResult polkit_implicit_authorization_get_allow_active (PolKitImplicitAuthorization *implicit_authorization);
-
-void polkit_implicit_authorization_set_allow_any (PolKitImplicitAuthorization *implicit_authorization, PolKitResult value);
-void polkit_implicit_authorization_set_allow_inactive (PolKitImplicitAuthorization *implicit_authorization, PolKitResult value);
-void polkit_implicit_authorization_set_allow_active (PolKitImplicitAuthorization *implicit_authorization, PolKitResult value);
-
-
-/* TODO: export knobs for "default policy" */
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_IMPLICIT_AUTHORIZATION_H */
-
-
diff --git a/src/polkit/polkit-private.h b/src/polkit/polkit-private.h
deleted file mode 100644
index 51a240f..0000000
--- a/src/polkit/polkit-private.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-private.h : Private functions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION)
-#error "This is a private file and shouldn't be included outside PolicyKit."
-#endif
-
-#ifndef POLKIT_PRIVATE_H
-#define POLKIT_PRIVATE_H
-
-#include <kit/kit.h>
-#include <polkit/polkit.h>
-#include <polkit/polkit-debug.h>
-
-/**
- * SECTION:polkit-private
- * @short_description: Private symbols for libpolkit
- *
- * Private symbols for libpolkit.
- */
-
-POLKIT_BEGIN_DECLS
-
-void _polkit_memory_reset (void);
-int _polkit_memory_get_current_allocations (void);
-int _polkit_memory_get_total_allocations (void);
-void _polkit_memory_fail_nth_alloc (int number);
-
-PolKitAuthorization *_polkit_authorization_new_for_uid (const char *entry_in_auth_file, uid_t uid);
-const char *_polkit_authorization_get_authfile_entry (PolKitAuthorization *auth);
-
-polkit_bool_t _polkit_authorization_db_auth_file_add (polkit_bool_t transient, uid_t uid, char *str_to_add);
-
-PolKitAuthorizationDB *_polkit_authorization_db_new (void);
-void _polkit_authorization_db_invalidate_cache (PolKitAuthorizationDB *authdb);
-
-
-PolKitImplicitAuthorization *_polkit_implicit_authorization_new (PolKitResult defaults_allow_any,
- PolKitResult defaults_allow_inactive,
- PolKitResult defaults_allow_active);
-
-polkit_bool_t _polkit_action_description_set_descriptions (PolKitActionDescription *pfe,
- const char *policy_description,
- const char *policy_message);
-
-
-PolKitImplicitAuthorization *_polkit_implicit_authorization_new (PolKitResult defaults_allow_any,
- PolKitResult defaults_allow_inactive,
- PolKitResult defaults_allow_active);
-
-
-PolKitActionDescription *_polkit_action_description_new (const char *action_id,
- const char *vendor,
- const char *vendor_url,
- const char *icon_name,
- PolKitResult defaults_allow_any,
- PolKitResult defaults_allow_inactive,
- PolKitResult defaults_allow_active,
- KitHash *annotations);
-
-
-#ifdef POLKIT_AUTHDB_DUMMY
-struct _PolKitAuthorizationDB
-{
- /*< private >*/
- int refcount;
-};
-#elif POLKIT_AUTHDB_DEFAULT
-struct _PolKitAuthorizationDB
-{
- /*< private >*/
- int refcount;
- KitHash *uid_to_authlist;
-};
-
-#endif
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_PRIVATE_H */
-
diff --git a/src/polkit/polkit-read-auth-helper.c b/src/polkit/polkit-read-auth-helper.c
deleted file mode 100644
index 65ca8b7..0000000
--- a/src/polkit/polkit-read-auth-helper.c
+++ /dev/null
@@ -1,421 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-read-auth-helper.c : setgid polkituser helper for PolicyKit
- * to read authorizations
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#define _GNU_SOURCE
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/stat.h>
-#include <grp.h>
-#include <pwd.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-#include <utime.h>
-#include <fcntl.h>
-#include <dirent.h>
-#ifdef HAVE_SOLARIS
-#include <limits.h>
-#define LOG_AUTHPRIV (10<<3)
-#endif
-
-#include <polkit/polkit.h>
-#include <polkit/polkit-private.h>
-
-static polkit_bool_t
-dump_auths_from_file (const char *path, uid_t uid)
-{
- int ret;
- int fd;
- char buf[256];
- struct stat statbuf;
- ssize_t num_bytes_read;
- ssize_t num_bytes_to_read;
- ssize_t num_bytes_remaining_to_read;
- ssize_t num_bytes_to_write;
- ssize_t num_bytes_written;
- ssize_t num_bytes_remaining_to_write;
- polkit_bool_t have_written_uid;
-
- ret = FALSE;
-
- if (stat (path, &statbuf) != 0) {
- /* this is fine; the file does not have to exist.. */
- if (errno == ENOENT) {
- ret = TRUE;
- goto out;
- }
- fprintf (stderr, "polkit-read-auth-helper: cannot stat %s: %m\n", path);
- goto out;
- }
-
- fd = open (path, O_RDONLY);
- if (fd < 0) {
- fprintf (stderr, "polkit-read-auth-helper: cannot open %s: %m\n", path);
- goto out;
- }
-
- num_bytes_remaining_to_read = statbuf.st_size;
-
- have_written_uid = FALSE;
- while (num_bytes_remaining_to_read > 0) {
-
- /* start with writing the uid - this is necessary when dumping all authorizations via uid=1 */
- if (!have_written_uid) {
- have_written_uid = TRUE;
- snprintf (buf, sizeof (buf), "#uid=%d\n", uid);
- num_bytes_read = strlen (buf);
- } else {
-
- if (num_bytes_remaining_to_read > (ssize_t) sizeof (buf))
- num_bytes_to_read = (ssize_t) sizeof (buf);
- else
- num_bytes_to_read = num_bytes_remaining_to_read;
-
- again:
- num_bytes_read = read (fd, buf, num_bytes_to_read);
- if (num_bytes_read == -1) {
- if (errno == EAGAIN || errno == EINTR) {
- goto again;
- } else {
- fprintf (stderr, "polkit-read-auth-helper: error reading file %s: %m\n", path);
- close (fd);
- goto out;
- }
- }
-
- num_bytes_remaining_to_read -= num_bytes_read;
- }
-
- /* write to stdout */
- num_bytes_to_write = num_bytes_read;
- num_bytes_remaining_to_write = num_bytes_read;
-
- while (num_bytes_remaining_to_write > 0) {
- again_write:
- num_bytes_written = write (STDOUT_FILENO,
- buf + (num_bytes_to_write - num_bytes_remaining_to_write),
- num_bytes_remaining_to_write);
- if (num_bytes_written == -1) {
- if (errno == EAGAIN || errno == EINTR) {
- goto again_write;
- } else {
- fprintf (stderr, "polkit-read-auth-helper: error writing to stdout: %m\n");
- close (fd);
- goto out;
- }
- }
-
- num_bytes_remaining_to_write -= num_bytes_written;
- }
-
- }
-
-
- close (fd);
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-static polkit_bool_t
-dump_auths_all (const char *root)
-{
- DIR *dir;
- int dfd;
-#ifdef HAVE_READDIR64
- struct dirent64 *d;
-#else
- struct dirent *d;
-#endif
- polkit_bool_t ret;
-
- ret = FALSE;
-
- dir = opendir (root);
- if (dir == NULL) {
- fprintf (stderr, "polkit-read-auth-helper: error calling opendir on %s: %m\n", root);
- goto out;
- }
-
- dfd = dirfd (dir);
- if (dfd == -1) {
- fprintf (stderr, "polkit-read-auth-helper: error calling dirfd(): %m\n");
- goto out;
- }
-
-#ifdef HAVE_READDIR64
- while ((d = readdir64(dir)) != NULL) {
-#else
- while ((d = readdir(dir)) != NULL) {
-#endif
- unsigned int n, m;
- uid_t uid;
- size_t name_len;
- char *filename;
- char username[PATH_MAX];
- char path[PATH_MAX];
- static const char suffix[] = ".auths";
- struct passwd *pw;
- struct stat statbuf;
-
- if (d->d_name == NULL)
- continue;
-
- if (snprintf (path, sizeof (path), "%s/%s", root, d->d_name) >= (int) sizeof (path)) {
- fprintf (stderr, "polkit-read-auth-helper: string was truncated (1)\n");
- goto out;
- }
-
- if (stat (path, &statbuf) != 0) {
- fprintf (stderr, "polkit-read-auth-helper: cannot stat %s: %m\n", path);
- goto out;
- }
-
- if (!S_ISREG(statbuf.st_mode))
- continue;
-
- filename = d->d_name;
- name_len = strlen (filename);
- if (name_len < sizeof (suffix))
- continue;
-
- if (strcmp ((filename + name_len - sizeof (suffix) + 1), suffix) != 0)
- continue;
-
- /* find the user name.. */
- for (n = 0; n < name_len; n++) {
- if (filename[n] == '-')
- break;
- }
- if (filename[n] == '\0') {
- fprintf (stderr, "polkit-read-auth-helper: file name '%s' is malformed (1)\n", filename);
- continue;
- }
- n++;
- m = n;
- for ( ; n < name_len; n++) {
- if (filename[n] == '.')
- break;
- }
-
- if (filename[n] == '\0') {
- fprintf (stderr, "polkit-read-auth-helper: file name '%s' is malformed (2)\n", filename);
- continue;
- }
- if (n - m > sizeof (username) - 1) {
- fprintf (stderr, "polkit-read-auth-helper: file name '%s' is malformed (3)\n", filename);
- continue;
- }
- strncpy (username, filename + m, n - m);
- username[n - m] = '\0';
-
- pw = kit_getpwnam (username);
- if (pw == NULL) {
- fprintf (stderr, "polkit-read-auth-helper: cannot look up uid for username %s\n", username);
- continue;
- }
- uid = pw->pw_uid;
-
- if (!dump_auths_from_file (path, uid))
- goto out;
- }
-
- ret = TRUE;
-
-out:
- if (dir != NULL)
- closedir (dir);
- return ret;
-}
-
-static polkit_bool_t
-dump_auths_for_uid (const char *root, uid_t uid)
-{
- char path[256];
- struct passwd *pw;
-
- pw = kit_getpwuid (uid);
- if (pw == NULL) {
- fprintf (stderr, "polkit-read-auth-helper: cannot lookup user name for uid %d\n", uid);
- return FALSE;
- }
-
- if (snprintf (path, sizeof (path), "%s/user-%s.auths", root, pw->pw_name) >= (int) sizeof (path)) {
- fprintf (stderr, "polkit-read-auth-helper: string was truncated (1)\n");
- return FALSE;
- }
-
- return dump_auths_from_file (path, uid);
-}
-
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- uid_t caller_uid;
- uid_t requesting_info_for_uid;
- char *endp;
- uid_t uid_for_polkit_user;
-
- ret = 1;
-
-#ifndef POLKIT_BUILD_TESTS
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto out;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-#endif
-
- openlog ("polkit-read-auth-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 2) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-read-auth-helper: wrong number of arguments. This incident has been logged.\n");
- goto out;
- }
-
- caller_uid = getuid ();
-
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-read-auth-helper: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto out;
- }
-
-#ifdef POLKIT_BUILD_TESTS
- char *pretend;
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_UID")) != NULL) {
- caller_uid = atoi (pretend);
- goto skip_check;
- }
-#endif
- gid_t egid;
- struct group *group;
- struct passwd *pw;
-
- /* check that we are setgid polkituser */
- egid = getegid ();
- group = getgrgid (egid);
- if (group == NULL) {
- fprintf (stderr, "polkit-read-auth-helper: cannot lookup group info for gid %d\n", egid);
- goto out;
- }
- if (strcmp (group->gr_name, POLKIT_GROUP) != 0) {
- fprintf (stderr, "polkit-read-auth-helper: needs to be setgid " POLKIT_GROUP "\n");
- goto out;
- }
-
-#ifdef POLKIT_BUILD_TESTS
-skip_check:
-#endif
-
- pw = kit_getpwnam (POLKIT_USER);
- if (pw == NULL) {
- fprintf (stderr, "polkit-read-auth-helper: cannot lookup uid for " POLKIT_USER "\n");
- goto out;
- }
- uid_for_polkit_user = pw->pw_uid;
-
- /*----------------------------------------------------------------------------------------------------*/
-
- requesting_info_for_uid = strtoul (argv[1], &endp, 10);
- if (strlen (argv[1]) == 0 || *endp != '\0') {
- fprintf (stderr, "polkit-read-auth-helper: requesting_info_for_uid malformed (3)\n");
- goto out;
- }
-
- /* uid 0 and user polkituser is allowed to read anything */
- if (caller_uid != 0 && caller_uid != uid_for_polkit_user) {
- if (caller_uid != requesting_info_for_uid) {
- pid_t ppid;
-
- ppid = getppid ();
- if (ppid == 1)
- goto out;
-
- if (polkit_check_auth (ppid,
- "org.freedesktop.policykit.read",
- "org.freedesktop.policykit.grant", NULL) == 0) {
- goto out;
- }
- }
- }
-
-#ifdef POLKIT_BUILD_TESTS
- char *test_dir;
- char dir_run[256];
- char dir_lib[256];
-
- if ((test_dir = getenv ("POLKIT_TEST_LOCALSTATE_DIR")) == NULL) {
- test_dir = PACKAGE_LOCALSTATE_DIR;
- }
- kit_assert ((size_t) snprintf (dir_run, sizeof (dir_run), "%s/run/polkit-1", test_dir) < sizeof (dir_run));
- kit_assert ((size_t) snprintf (dir_lib, sizeof (dir_lib), "%s/lib/polkit-1", test_dir) < sizeof (dir_lib));
-
-#else
- char *dir_run = PACKAGE_LOCALSTATE_DIR "/run/polkit-1";
- char *dir_lib = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1";
-#endif
-
- if (requesting_info_for_uid == (uid_t) -1) {
- if (!dump_auths_all (dir_run))
- goto out;
-
- if (!dump_auths_all (dir_lib))
- goto out;
- } else {
- if (!dump_auths_for_uid (dir_run, requesting_info_for_uid))
- goto out;
-
- if (!dump_auths_for_uid (dir_lib, requesting_info_for_uid))
- goto out;
- }
-
- ret = 0;
-
-out:
- return ret;
-}
-
diff --git a/src/polkit/polkit-resolve-exe-helper.c b/src/polkit/polkit-resolve-exe-helper.c
deleted file mode 100644
index 36dc018..0000000
--- a/src/polkit/polkit-resolve-exe-helper.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-resolve-exe-helper.c : setuid root helper for PolicyKit to
- * resolve /proc/$pid/exe symlinks
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#define _GNU_SOURCE
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#ifdef HAVE_FREEBSD
-#include <sys/param.h>
-#endif
-#include <security/pam_appl.h>
-#include <grp.h>
-#include <pwd.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-#include <utime.h>
-#include <fcntl.h>
-#include <dirent.h>
-
-#include <polkit/polkit.h>
-#include <polkit/polkit-private.h>
-
-#ifdef HAVE_SOLARIS
-#define LOG_AUTHPRIV (10<<3)
-#define PATH_MAX 1024
-#endif
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- uid_t caller_uid;
- pid_t requesting_info_for_pid;
- char *endp;
- uid_t uid_for_polkit_user;
- struct passwd *pw;
- gid_t egid;
- struct group *group;
- int n;
- char buf[PATH_MAX];
- polkit_bool_t is_setgid_polkit;
-
- ret = 1;
-
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto out;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-
- openlog ("polkit-resolve-exe-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (argc != 2) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-resolve-exe-helper: wrong number of arguments. This incident has been logged.\n");
- goto out;
- }
-
- caller_uid = getuid ();
-
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-resolve-exe-helper: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto out;
- }
-
- pw = getpwnam (POLKIT_USER);
- if (pw == NULL) {
- fprintf (stderr, "polkit-resolve-exe-helper: cannot lookup uid for " POLKIT_USER "\n");
- goto out;
- }
- uid_for_polkit_user = pw->pw_uid;
-
- /* check if we are setgid polkituser */
- egid = getegid ();
- group = getgrgid (egid);
- if (group == NULL) {
- fprintf (stderr, "polkit-resolve-exe-helper: cannot lookup group info for gid %d\n", egid);
- goto out;
- }
- if (strcmp (group->gr_name, POLKIT_GROUP) == 0) {
- is_setgid_polkit = TRUE;
- } else {
- is_setgid_polkit = FALSE;
- }
-
- /*----------------------------------------------------------------------------------------------------*/
-
- requesting_info_for_pid = strtoul (argv[1], &endp, 10);
- if (strlen (argv[1]) == 0 || *endp != '\0') {
- fprintf (stderr, "polkit-resolve-exe-helper: requesting_info_for_pid malformed\n");
- goto out;
- }
-
- /* user polkituser is allowed to resolve anything. So is any program that is setgid polkituser. */
- if (caller_uid != uid_for_polkit_user && !is_setgid_polkit) {
- pid_t ppid;
-
- ppid = getppid ();
- if (ppid == 1)
- goto out;
-
- /* need to set the real uid of the process to root ... otherwise D-Bus won't work */
- if (setuid (0) != 0) {
- fprintf (stderr, "polkit-resolve-exe-helper: cannot do setuid(0): %m\n");
- goto out;
- }
-
- if (polkit_check_auth (ppid,
- "org.freedesktop.policykit.read", NULL) == 0) {
- fprintf (stderr, "polkit-resolve-exe-helper: not authorized for org.freedesktop.policykit.read\n");
- goto out;
- }
- }
-
- n = polkit_sysdeps_get_exe_for_pid (requesting_info_for_pid, buf, sizeof (buf));
- if (n == -1 || n >= (int) sizeof (buf)) {
- fprintf (stderr, "polkit-resolve-exe-helper: Cannot resolve link for pid %d\n",
- requesting_info_for_pid);
- goto out;
- }
-
- printf ("%s", buf);
-
- ret = 0;
-
-out:
- return ret;
-}
-
diff --git a/src/polkit/polkit-result.c b/src/polkit/polkit-result.c
deleted file mode 100644
index 6fb5219..0000000
--- a/src/polkit/polkit-result.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-result.c : result codes from PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/**
- * SECTION:polkit-result
- * @title: Results
- * @short_description: Definition of results of PolicyKit queries.
- *
- * These functions are used to manipulate PolicyKit results.
- **/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-result.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-
-static const struct {
- PolKitResult result;
- const char *str;
-} mapping[POLKIT_RESULT_N_RESULTS] =
-{
- {POLKIT_RESULT_UNKNOWN, "unknown"},
- {POLKIT_RESULT_NO, "no"},
- {POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH, "auth_admin"},
- {POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION, "auth_admin_keep_session"},
- {POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS, "auth_admin_keep_always"},
- {POLKIT_RESULT_ONLY_VIA_SELF_AUTH, "auth_self"},
- {POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION, "auth_self_keep_session"},
- {POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS, "auth_self_keep_always"},
- {POLKIT_RESULT_YES, "yes"},
- {POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT, "auth_admin_one_shot"},
- {POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT, "auth_self_one_shot"},
-};
-
-
-/**
- * polkit_result_to_string_representation:
- * @result: the given result to get a textual representation of
- *
- * Gives a textual representation of a #PolKitResult object. This
- * string is not suitable for displaying to an end user (it's not
- * localized for starters) but is useful for serialization as it can
- * be converted back to a #PolKitResult object using
- * polkit_result_from_string_representation().
- *
- * Returns: string representing the result (do not free) or #NULL if the given result is invalid
- **/
-const char *
-polkit_result_to_string_representation (PolKitResult result)
-{
- if (result < 0 || result >= POLKIT_RESULT_N_RESULTS) {
- kit_warning ("The passed result code, %d, is not valid", result);
- return NULL;
- }
-
- return mapping[result].str;
-}
-
-/**
- * polkit_result_from_string_representation:
- * @string: textual representation of a #PolKitResult object
- * @out_result: return location for #PolKitResult
- *
- * Given a textual representation of a #PolKitResult object, find the
- * #PolKitResult value.
- *
- * Returns: TRUE if the textual representation was valid, otherwise FALSE
- **/
-polkit_bool_t
-polkit_result_from_string_representation (const char *string, PolKitResult *out_result)
-{
- int n;
-
- kit_return_val_if_fail (out_result != NULL, FALSE);
-
- for (n = 0; n < POLKIT_RESULT_N_RESULTS; n++) {
- if (strcmp (mapping[n].str, string) == 0) {
- *out_result = mapping[n].result;
- goto found;
- }
- }
-
- return FALSE;
-found:
- return TRUE;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitResult n;
- PolKitResult m;
-
- for (n = 0; n < POLKIT_RESULT_N_RESULTS; n++) {
- kit_assert (polkit_result_from_string_representation (polkit_result_to_string_representation (n), &m) && n== m);
- }
-
- kit_assert (polkit_result_to_string_representation ((PolKitResult) -1) == NULL);
- kit_assert (polkit_result_to_string_representation (POLKIT_RESULT_N_RESULTS) == NULL);
-
- kit_assert (! polkit_result_from_string_representation ("non-exiting-result-id", &m));
-
-
- return TRUE;
-}
-
-KitTest _test_result = {
- "polkit_result",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-result.h b/src/polkit/polkit-result.h
deleted file mode 100644
index 16d0a0b..0000000
--- a/src/polkit/polkit-result.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-result.h : result codes from PolicyKit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_RESULT_H
-#define POLKIT_RESULT_H
-
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-/**
- * PolKitResult:
- * @POLKIT_RESULT_UNKNOWN: The result is unknown / cannot be
- * computed. This is mostly used internally in libpolkit.
- * @POLKIT_RESULT_NO: Access denied.
- * @POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT: Access denied, but
- * authentication by the caller as administrator (e.g. root or a
- * member in the wheel group depending on configuration) will grant
- * access exactly one time to the process the caller is originating
- * from. See polkit_context_is_caller_authorized() for discussion (and
- * limitations) about one-shot authorizations.
- * @POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH: Access denied, but
- * authentication by the caller as administrator (e.g. root or a
- * member in the wheel group depending on configuration) will grant
- * access to the process the caller is originating from.
- * @POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION: Access denied, but
- * authentication by the caller as administrator (e.g. root or a
- * member in the wheel group depending on configuration) will grant
- * access for the remainder of the session
- * @POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS: Access denied, but
- * authentication by the caller as administrator (e.g. root or a
- * member in the wheel group depending on configuration) will grant
- * access in the future.
- * @POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT: Access denied, but
- * authentication by the caller as himself will grant access exactly
- * one time to the process the caller is originating from. See
- * polkit_context_is_caller_authorized() for discussion (and
- * limitations) about one-shot authorizations.
- * @POLKIT_RESULT_ONLY_VIA_SELF_AUTH: Access denied, but
- * authentication by the caller as himself will grant access to the
- * process the caller is originating from.
- * @POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION: Access denied, but
- * authentication by the caller as himself will grant access to the
- * resource for the remainder of the session
- * @POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS: Access denied, but
- * authentication by the caller as himself will grant access to the
- * resource in the future.
- * @POLKIT_RESULT_YES: Access granted.
- * @POLKIT_RESULT_N_RESULTS: Number of result codes
- *
- * Result codes from queries to PolicyKit. This enumeration may grow
- * in the future. One should never rely on the ordering
- */
-typedef enum
-{
- POLKIT_RESULT_UNKNOWN,
-
- POLKIT_RESULT_NO,
-
- POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH,
- POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION,
- POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS,
-
- POLKIT_RESULT_ONLY_VIA_SELF_AUTH,
- POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION,
- POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS,
-
- POLKIT_RESULT_YES,
-
- POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT,
- POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT,
-
- POLKIT_RESULT_N_RESULTS
-} PolKitResult;
-
-const char *
-polkit_result_to_string_representation (PolKitResult result);
-
-polkit_bool_t
-polkit_result_from_string_representation (const char *string, PolKitResult *out_result);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_RESULT_H */
diff --git a/src/polkit/polkit-seat.c b/src/polkit/polkit-seat.c
deleted file mode 100644
index b7880dd..0000000
--- a/src/polkit/polkit-seat.c
+++ /dev/null
@@ -1,234 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-seat.c : seat
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-debug.h"
-#include "polkit-seat.h"
-#include "polkit-utils.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-seat
- * @title: Seat
- * @short_description: Represents a ConsoleKit Seat.
- *
- * This class is used to represent a seat.
- **/
-
-/**
- * PolKitSeat:
- *
- * Objects of this class are used to record information about a
- * seat.
- **/
-struct _PolKitSeat
-{
- int refcount;
- char *ck_objref;
-};
-
-/**
- * polkit_seat_new:
- *
- * Creates a new #PolKitSeat object.
- *
- * Returns: the new object
- **/
-PolKitSeat *
-polkit_seat_new (void)
-{
- PolKitSeat *seat;
- seat = kit_new0 (PolKitSeat, 1);
- if (seat == NULL)
- goto out;
- seat->refcount = 1;
-out:
- return seat;
-}
-
-/**
- * polkit_seat_ref:
- * @seat: the seat object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitSeat *
-polkit_seat_ref (PolKitSeat *seat)
-{
- kit_return_val_if_fail (seat != NULL, seat);
- seat->refcount++;
- return seat;
-}
-
-/**
- * polkit_seat_unref:
- * @seat: the seat object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_seat_unref (PolKitSeat *seat)
-{
- kit_return_if_fail (seat != NULL);
- seat->refcount--;
- if (seat->refcount > 0)
- return;
- kit_free (seat->ck_objref);
- kit_free (seat);
-}
-
-/**
- * polkit_seat_set_ck_objref:
- * @seat: the seat object
- * @ck_objref: the D-Bus object path to the ConsoleKit seat object
- *
- * Set the D-Bus object path to the ConsoleKit seat object.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_seat_set_ck_objref (PolKitSeat *seat, const char *ck_objref)
-{
- kit_return_val_if_fail (seat != NULL, FALSE);
- kit_return_val_if_fail (_pk_validate_identifier (ck_objref), FALSE);
- if (seat->ck_objref != NULL)
- kit_free (seat->ck_objref);
- seat->ck_objref = kit_strdup (ck_objref);
- if (seat->ck_objref == NULL)
- return FALSE;
- else
- return TRUE;
-}
-
-/**
- * polkit_seat_get_ck_objref:
- * @seat: the seat object
- * @out_ck_objref: Returns the D-Bus object path to the ConsoleKit seat object. The caller shall not free this string.
- *
- * Get the D-Bus object path to the ConsoleKit seat object.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_seat_get_ck_objref (PolKitSeat *seat, char **out_ck_objref)
-{
- kit_return_val_if_fail (seat != NULL, FALSE);
- kit_return_val_if_fail (out_ck_objref != NULL, FALSE);
- *out_ck_objref = seat->ck_objref;
- return TRUE;
-}
-
-/**
- * polkit_seat_debug:
- * @seat: the object
- *
- * Print debug details
- **/
-void
-polkit_seat_debug (PolKitSeat *seat)
-{
- kit_return_if_fail (seat != NULL);
- polkit_debug ("PolKitSeat: refcount=%d objpath=%s", seat->refcount, seat->ck_objref);
-}
-
-/**
- * polkit_seat_validate:
- * @seat: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- **/
-polkit_bool_t
-polkit_seat_validate (PolKitSeat *seat)
-{
- kit_return_val_if_fail (seat != NULL, FALSE);
- kit_return_val_if_fail (seat->ck_objref != NULL, FALSE);
- return TRUE;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- char *str;
- PolKitSeat *s;
-
- s = polkit_seat_new ();
- if (s == NULL) {
- /* OOM */
- } else {
- if (! polkit_seat_set_ck_objref (s, "/someseat")) {
- /* OOM */
- } else {
- kit_assert (polkit_seat_get_ck_objref (s, &str) && strcmp (str, "/someseat") == 0);
- kit_assert (polkit_seat_validate (s));
- polkit_seat_ref (s);
- kit_assert (polkit_seat_validate (s));
- polkit_seat_unref (s);
- kit_assert (polkit_seat_validate (s));
- polkit_seat_debug (s);
- if (! polkit_seat_set_ck_objref (s, "/someseat2")) {
- /* OOM */
- } else {
- kit_assert (polkit_seat_get_ck_objref (s, &str) && strcmp (str, "/someseat2") == 0);
- }
- }
- polkit_seat_unref (s);
- }
-
- return TRUE;
-}
-
-KitTest _test_seat = {
- "polkit_seat",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-seat.h b/src/polkit/polkit-seat.h
deleted file mode 100644
index 25e9b59..0000000
--- a/src/polkit/polkit-seat.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-seat.h : seats
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_SEAT_H
-#define POLKIT_SEAT_H
-
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitSeat;
-typedef struct _PolKitSeat PolKitSeat;
-
-PolKitSeat *polkit_seat_new (void);
-PolKitSeat *polkit_seat_ref (PolKitSeat *seat);
-void polkit_seat_unref (PolKitSeat *seat);
-polkit_bool_t polkit_seat_set_ck_objref (PolKitSeat *seat, const char *ck_objref);
-polkit_bool_t polkit_seat_get_ck_objref (PolKitSeat *seat, char **out_ck_objref);
-
-void polkit_seat_debug (PolKitSeat *seat);
-polkit_bool_t polkit_seat_validate (PolKitSeat *seat);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_SEAT_H */
-
-
diff --git a/src/polkit/polkit-session.c b/src/polkit/polkit-session.c
deleted file mode 100644
index 1900209..0000000
--- a/src/polkit/polkit-session.c
+++ /dev/null
@@ -1,504 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-session.c : sessions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include "polkit-debug.h"
-#include "polkit-session.h"
-#include "polkit-utils.h"
-#include "polkit-test.h"
-#include "polkit-private.h"
-
-/**
- * SECTION:polkit-session
- * @title: Session
- * @short_description: Represents a ConsoleKit Session.
- *
- * This class is used to represent a session.
- **/
-
-/**
- * PolKitSession:
- *
- * Objects of this class are used to record information about a
- * session.
- **/
-struct _PolKitSession
-{
- int refcount;
- uid_t uid;
- PolKitSeat *seat;
- char *ck_objref;
- polkit_bool_t is_active;
- polkit_bool_t is_local;
- char *remote_host;
-};
-
-/**
- * polkit_session_new:
- *
- * Creates a new #PolKitSession object.
- *
- * Returns: the new object
- **/
-PolKitSession *
-polkit_session_new (void)
-{
- PolKitSession *session;
- session = kit_new0 (PolKitSession, 1);
- if (session == NULL)
- goto out;
- session->refcount = 1;
-out:
- return session;
-}
-
-/**
- * polkit_session_ref:
- * @session: The session object
- *
- * Increase reference count.
- *
- * Returns: the object
- **/
-PolKitSession *
-polkit_session_ref (PolKitSession *session)
-{
- kit_return_val_if_fail (session != NULL, session);
- session->refcount++;
- return session;
-}
-
-
-/**
- * polkit_session_unref:
- * @session: The session object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- **/
-void
-polkit_session_unref (PolKitSession *session)
-{
- kit_return_if_fail (session != NULL);
- session->refcount--;
- if (session->refcount > 0)
- return;
- kit_free (session->ck_objref);
- kit_free (session->remote_host);
- if (session->seat != NULL)
- polkit_seat_unref (session->seat);
- kit_free (session);
-}
-
-/**
- * polkit_session_set_uid:
- * @session: The session object
- * @uid: UNIX user id
- *
- * Set the UNIX user id of the user owning the session.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_session_set_uid (PolKitSession *session, uid_t uid)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- session->uid = uid;
- return TRUE;
-}
-
-/**
- * polkit_session_set_ck_objref:
- * @session: The session object
- * @ck_objref: D-Bus object path
- *
- * Set the D-Bus object path to the ConsoleKit session object.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_session_set_ck_objref (PolKitSession *session, const char *ck_objref)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (_pk_validate_identifier (ck_objref), FALSE);
- if (session->ck_objref != NULL)
- kit_free (session->ck_objref);
- session->ck_objref = kit_strdup (ck_objref);
- if (session->ck_objref == NULL)
- return FALSE;
- else
- return TRUE;
-}
-
-/**
- * polkit_session_set_ck_is_active:
- * @session: The session object
- * @is_active: whether ConsoleKit reports the session as active
- *
- * Set whether ConsoleKit regard the session as active.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_session_set_ck_is_active (PolKitSession *session, polkit_bool_t is_active)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- session->is_active = is_active;
- return TRUE;
-}
-
-/**
- * polkit_session_set_ck_is_local:
- * @session: The session object
- * @is_local: whether ConsoleKit reports the session as local
- *
- * Set whether ConsoleKit regard the session as local.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_session_set_ck_is_local (PolKitSession *session, polkit_bool_t is_local)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- session->is_local = is_local;
- return TRUE;
-}
-
-/**
- * polkit_session_set_ck_remote_host:
- * @session: The session object
- * @remote_host: hostname of the host/display that ConsoleKit reports
- * the session to occur at
- *
- * Set the remote host/display that ConsoleKit reports the session to
- * occur at.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_session_set_ck_remote_host (PolKitSession *session, const char *remote_host)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- /* TODO: FIXME: probably need to allow a lot more here */
- kit_return_val_if_fail (_pk_validate_identifier (remote_host), FALSE);
- if (session->remote_host != NULL)
- kit_free (session->remote_host);
- session->remote_host = kit_strdup (remote_host);
- if (session->remote_host == NULL)
- return FALSE;
- else
- return TRUE;
-}
-
-/**
- * polkit_session_set_seat:
- * @session: The session object
- * @seat: a #PolKitSeat object
- *
- * Set the seat that the session belongs to. The reference count on
- * the given object will be increased by one. If an existing seat
- * object was set already, the reference count on that one will be
- * decreased by one.
- *
- * Returns: #TRUE only if the value validated and was set
- **/
-polkit_bool_t
-polkit_session_set_seat (PolKitSession *session, PolKitSeat *seat)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (polkit_seat_validate (seat), FALSE);
- if (session->seat != NULL)
- polkit_seat_unref (session->seat);
- session->seat = seat != NULL ? polkit_seat_ref (seat) : NULL;
- return TRUE;
-}
-
-/**
- * polkit_session_get_uid:
- * @session: The session object
- * @out_uid: UNIX user id
- *
- * Get the UNIX user id of the user owning the session.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_session_get_uid (PolKitSession *session, uid_t *out_uid)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_uid != NULL, FALSE);
- *out_uid = session->uid;
- return TRUE;
-}
-
-/**
- * polkit_session_get_ck_objref:
- * @session: The session object
- * @out_ck_objref: D-Bus object path. Shall not be freed by the caller.
- *
- * Get the D-Bus object path to the ConsoleKit session object.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_session_get_ck_objref (PolKitSession *session, char **out_ck_objref)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_ck_objref != NULL, FALSE);
- *out_ck_objref = session->ck_objref;
- return TRUE;
-}
-
-/**
- * polkit_session_get_ck_is_active:
- * @session: The session object
- * @out_is_active: whether ConsoleKit reports the session as active
- *
- * Get whether ConsoleKit regard the session as active.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_session_get_ck_is_active (PolKitSession *session, polkit_bool_t *out_is_active)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_is_active != NULL, FALSE);
- *out_is_active = session->is_active;
- return TRUE;
-}
-
-/**
- * polkit_session_get_ck_is_local:
- * @session: The session object
- * @out_is_local: whether ConsoleKit reports the session as local
- *
- * Set whether ConsoleKit regard the session as local.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_session_get_ck_is_local (PolKitSession *session, polkit_bool_t *out_is_local)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_is_local != NULL, FALSE);
- *out_is_local = session->is_local;
- return TRUE;
-}
-
-/**
- * polkit_session_get_ck_remote_host:
- * @session: The session object
- * @out_remote_host: hostname of the host/display that ConsoleKit
- * reports the session to occur at. Shall not be freed by the caller.
- *
- * Get the remote host/display that ConsoleKit reports the session to
- * occur at.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_session_get_ck_remote_host (PolKitSession *session, char **out_remote_host)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_remote_host != NULL, FALSE);
- *out_remote_host = session->remote_host;
- return TRUE;
-}
-
-/**
- * polkit_session_get_seat:
- * @session: The session object
- * @out_seat: Returns the seat the session belongs to. Shall not
- * be unreffed by the caller.
- *
- * Get the seat that the session belongs to.
- *
- * Returns: TRUE iff the value is returned
- **/
-polkit_bool_t
-polkit_session_get_seat (PolKitSession *session, PolKitSeat **out_seat)
-{
- kit_return_val_if_fail (session != NULL, FALSE);
- kit_return_val_if_fail (out_seat != NULL, FALSE);
- *out_seat = session->seat;
- return TRUE;
-}
-
-/**
- * polkit_session_debug:
- * @session: the object
- *
- * Print debug details
- **/
-void
-polkit_session_debug (PolKitSession *session)
-{
- kit_return_if_fail (session != NULL);
- polkit_debug ("PolKitSession: refcount=%d uid=%d objpath=%s is_active=%d is_local=%d remote_host=%s",
- session->refcount, session->uid,
- session->ck_objref, session->is_active, session->is_local, session->remote_host);
- if (session->seat != NULL)
- polkit_seat_debug (session->seat);
-}
-
-
-/**
- * polkit_session_validate:
- * @session: the object
- *
- * Validate the object
- *
- * Returns: #TRUE iff the object is valid.
- **/
-polkit_bool_t
-polkit_session_validate (PolKitSession *session)
-{
- polkit_bool_t ret;
- kit_return_val_if_fail (session != NULL, FALSE);
-
- ret = FALSE;
- if (session->is_local) {
- if (session->remote_host != NULL)
- goto error;
- } else {
- if (session->remote_host == NULL)
- goto error;
- }
- ret = TRUE;
-error:
- return ret;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- char *str;
- PolKitSession *s;
- PolKitSeat *seat;
- PolKitSeat *seat2;
- uid_t uid;
- polkit_bool_t b;
-
- s = polkit_session_new ();
- if (s == NULL) {
- /* OOM */
- } else {
- if (! polkit_session_set_ck_objref (s, "/somesession")) {
- /* OOM */
- } else {
- kit_assert (polkit_session_get_ck_objref (s, &str) && strcmp (str, "/somesession") == 0);
- polkit_session_ref (s);
- polkit_session_unref (s);
- polkit_session_debug (s);
- if (! polkit_session_set_ck_objref (s, "/somesession2")) {
- /* OOM */
- } else {
- kit_assert (polkit_session_get_ck_objref (s, &str) && strcmp (str, "/somesession2") == 0);
- }
-
- if ((seat = polkit_seat_new ()) != NULL) {
- if (polkit_seat_set_ck_objref (seat, "/someseat")) {
- kit_assert (polkit_session_set_seat (s, seat));
- kit_assert (polkit_session_get_seat (s, &seat2) && seat == seat2);
- }
- polkit_seat_unref (seat);
- if ((seat = polkit_seat_new ()) != NULL) {
- if (polkit_seat_set_ck_objref (seat, "/someseat2")) {
- kit_assert (polkit_session_set_seat (s, seat));
- kit_assert (polkit_session_get_seat (s, &seat2) && seat == seat2);
- }
- polkit_seat_unref (seat);
- }
- }
-
- kit_assert (polkit_session_set_uid (s, 0));
- kit_assert (polkit_session_get_uid (s, &uid) && uid == 0);
- kit_assert (polkit_session_set_ck_is_active (s, TRUE));
- kit_assert (polkit_session_get_ck_is_active (s, &b) && b == TRUE);
- kit_assert (polkit_session_set_ck_is_local (s, TRUE));
- kit_assert (polkit_session_get_ck_is_local (s, &b) && b == TRUE);
- kit_assert (polkit_session_validate (s));
-
- kit_assert (polkit_session_set_uid (s, 500));
- kit_assert (polkit_session_get_uid (s, &uid) && uid == 500);
- kit_assert (polkit_session_set_ck_is_active (s, FALSE));
- kit_assert (polkit_session_get_ck_is_active (s, &b) && b == FALSE);
- kit_assert (polkit_session_set_ck_is_local (s, FALSE));
- kit_assert (polkit_session_get_ck_is_local (s, &b) && b == FALSE);
-
- /* not valid because remote host is not set.. */
- kit_assert (!polkit_session_validate (s));
-
-
- if (polkit_session_set_ck_remote_host (s, "somehost.com")) {
- kit_assert (polkit_session_get_ck_remote_host (s, &str) && strcmp (str, "somehost.com") == 0);
- kit_assert (polkit_session_validate (s));
-
- /* not valid because remote host is set and local==TRUE */
- kit_assert (polkit_session_set_ck_is_local (s, TRUE));
- kit_assert (!polkit_session_validate (s));
- kit_assert (polkit_session_set_ck_is_local (s, FALSE));
-
- if (polkit_session_set_ck_remote_host (s, "somehost2.com")) {
- kit_assert (polkit_session_get_ck_remote_host (s, &str) && strcmp (str, "somehost2.com") == 0);
- kit_assert (polkit_session_validate (s));
- }
- polkit_session_debug (s);
- }
-
- }
- polkit_session_unref (s);
- }
-
- return TRUE;
-}
-
-KitTest _test_session = {
- "polkit_session",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-session.h b/src/polkit/polkit-session.h
deleted file mode 100644
index 5a371cb..0000000
--- a/src/polkit/polkit-session.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-session.h : sessions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_SESSION_H
-#define POLKIT_SESSION_H
-
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-seat.h>
-
-#include <sys/types.h>
-
-POLKIT_BEGIN_DECLS
-
-struct _PolKitSession;
-typedef struct _PolKitSession PolKitSession;
-
-PolKitSession *polkit_session_new (void);
-PolKitSession *polkit_session_ref (PolKitSession *session);
-void polkit_session_unref (PolKitSession *session);
-polkit_bool_t polkit_session_set_uid (PolKitSession *session, uid_t uid);
-polkit_bool_t polkit_session_set_seat (PolKitSession *session, PolKitSeat *seat);
-polkit_bool_t polkit_session_set_ck_objref (PolKitSession *session, const char *ck_objref);
-polkit_bool_t polkit_session_set_ck_is_active (PolKitSession *session, polkit_bool_t is_active);
-polkit_bool_t polkit_session_set_ck_is_local (PolKitSession *session, polkit_bool_t is_local);
-polkit_bool_t polkit_session_set_ck_remote_host (PolKitSession *session, const char *remote_host);
-polkit_bool_t polkit_session_get_uid (PolKitSession *session, uid_t *out_uid);
-polkit_bool_t polkit_session_get_seat (PolKitSession *session, PolKitSeat **out_seat);
-polkit_bool_t polkit_session_get_ck_objref (PolKitSession *session, char **out_ck_objref);
-polkit_bool_t polkit_session_get_ck_is_active (PolKitSession *session, polkit_bool_t *out_is_active);
-polkit_bool_t polkit_session_get_ck_is_local (PolKitSession *session, polkit_bool_t *out_is_local);
-polkit_bool_t polkit_session_get_ck_remote_host (PolKitSession *session, char **out_remote_host);
-
-void polkit_session_debug (PolKitSession *session);
-polkit_bool_t polkit_session_validate (PolKitSession *session);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_SESSION_H */
diff --git a/src/polkit/polkit-set-default-helper.c b/src/polkit/polkit-set-default-helper.c
deleted file mode 100644
index eb1fb9d..0000000
--- a/src/polkit/polkit-set-default-helper.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-set-default-helper.c : setgid polkituser helper for PolicyKit
- * to set defaults
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#define _GNU_SOURCE
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/time.h>
-#include <grp.h>
-#include <pwd.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-#include <utime.h>
-#include <fcntl.h>
-#include <dirent.h>
-#include <utime.h>
-
-#include <polkit/polkit.h>
-#include <polkit/polkit-private.h>
-
-#ifdef HAVE_SOLARIS
-#define LOG_AUTHPRIV (10<<3)
-#endif
-
-static polkit_bool_t
-set_default (const char *action_id, const char *any, const char *inactive, const char *active)
-{
- char *path;
- char *contents;
- polkit_bool_t ret;
-
- path = NULL;
- contents = NULL;
- ret = FALSE;
-
- path = kit_strdup_printf (PACKAGE_LOCALSTATE_DIR "/lib/polkit-public-1/%s.defaults-override", action_id);
- if (path == NULL)
- goto out;
-
- contents = kit_strdup_printf ("%s:%s:%s",
- any, inactive, active);
- if (contents == NULL)
- goto out;
-
- if (!kit_file_set_contents (path, 0644, contents, strlen (contents))) {
- kit_warning ("Error writing override file '%s': %m\n", path);
- goto out;
- }
-
- ret = TRUE;
-
-out:
- if (path == NULL)
- kit_free (path);
- if (contents == NULL)
- kit_free (contents);
- return ret;
-}
-
-static polkit_bool_t
-clear_default (const char *action_id)
-{
- char *path;
- polkit_bool_t ret;
-
- ret = FALSE;
-
- path = kit_strdup_printf (PACKAGE_LOCALSTATE_DIR "/lib/polkit-public-1/%s.defaults-override", action_id);
- if (path == NULL)
- goto out;
-
- if (unlink (path) != 0) {
- kit_warning ("Error unlinking file %s: %m", path);
- }
-
- ret = TRUE;
-
-out:
- if (path == NULL)
- kit_free (path);
- return ret;
-
-}
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- uid_t caller_uid;
- uid_t euid;
- struct passwd *pw;
-
- ret = 1;
- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
- if (kit_clearenv () != 0)
- goto out;
- /* set a minimal environment */
- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-
- openlog ("polkit-set-default-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-
- /* check for correct invocation */
- if (! (argc == 3 || argc == 6)) {
- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
- fprintf (stderr, "polkit-set-default-helper: wrong number of arguments. This incident has been logged.\n");
- goto out;
- }
-
- caller_uid = getuid ();
-
- /* check we're running with a non-tty stdin */
- if (isatty (STDIN_FILENO) != 0) {
- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
- fprintf (stderr, "polkit-set-default-helper: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
- goto out;
- }
-
- /* check that we are setuid polkituser */
- euid = geteuid ();
- pw = getpwuid (euid);
- if (pw == NULL) {
- fprintf (stderr, "polkit-set-default-helper: cannot lookup passwd info for uid %d\n", euid);
- goto out;
- }
- if (strcmp (pw->pw_name, POLKIT_USER) != 0) {
- fprintf (stderr, "polkit-set-default-helper: needs to be setuid " POLKIT_USER "\n");
- goto out;
- }
-
- /*----------------------------------------------------------------------------------------------------*/
-
- /* uid 0 is allowed to set anything */
- if (caller_uid != 0) {
- pid_t ppid;
-
- ppid = getppid ();
- if (ppid == 1)
- goto out;
-
- if (polkit_check_auth (ppid, "org.freedesktop.policykit.modify-defaults", NULL) == 0) {
- goto out;
- }
- }
-
- PolKitResult any;
- PolKitResult inactive;
- PolKitResult active;
-
- if (!polkit_action_validate_id (argv[1])) {
- goto out;
- }
-
- /* sanity check */
- if (argc == 3) {
- if (strcmp (argv[2], "clear") != 0)
- goto out;
-
- if (!clear_default (argv[1]))
- goto out;
- } else if (argc == 6) {
- if (strcmp (argv[2], "set") != 0)
- goto out;
-
- if (!polkit_result_from_string_representation (argv[3], &any)) {
- goto out;
- }
- if (!polkit_result_from_string_representation (argv[4], &inactive)) {
- goto out;
- }
- if (!polkit_result_from_string_representation (argv[5], &active)) {
- goto out;
- }
-
- if (!set_default (argv[1], argv[3], argv[4], argv[5]))
- goto out;
- } else {
- goto out;
- }
-
- /* trigger a reload */
- if (utimes (PACKAGE_LOCALSTATE_DIR "/lib/misc/polkit-1.reload", NULL) != 0) {
- kit_warning ("Error updating access+modification time on file '%s': %m\n",
- PACKAGE_LOCALSTATE_DIR "/lib/misc/polkit-1.reload");
- }
-
- ret = 0;
-
-out:
- return ret;
-}
-
diff --git a/src/polkit/polkit-simple.c b/src/polkit/polkit-simple.c
deleted file mode 100644
index abdcdfe..0000000
--- a/src/polkit/polkit-simple.c
+++ /dev/null
@@ -1,599 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-simple.c : Simple convenience interface
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-/**
- * SECTION:polkit-simple
- * @title: Simple convenience interface
- * @short_description: Simple convenience interface
- *
- * Simple convenience interface
- **/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-#include <limits.h>
-
-#include <polkit/polkit-private.h>
-#include "polkit-simple.h"
-
-/**
- * polkit_check_auth:
- * @pid: process to check for; typically you want to pass the result of getpid() here
- * @...: %NULL terminated list of action identifiers to check for
- *
- * A simple convenience function to check whether a given process is
- * authorized for a number of actions.
- *
- * This is useful for programs that just wants to check whether they
- * should carry out some action. Note that the user identity used for
- * the purpose of checking authorizations is the Real one compared to
- * the e.g. Effective one (e.g. getuid(), getgid() is used instead of
- * e.g. geteuid(), getegid()). This is typically what one wants in a
- * setuid root program if the setuid root program is designed to do
- * work on behalf of the unprivileged user who invoked it (for
- * example, the PulseAudio sound server is setuid root only so it can
- * become a real time process; after that it drops all privileges).
- *
- * It varies whether one wants to pass getpid() or getppid() as the
- * process id to this function. For example, in the PulseAudio case it
- * is the right thing to pass getpid(). However, in a setup where the
- * process is a privileged helper, one wants to pass the process id of
- * the parent. Beware though, if the parent dies, getppid() will
- * return 1 (the process id of <literal>/sbin/init</literal>) which is
- * almost certainly guaranteed to be privileged as it is running as
- * uid 0.
- *
- * Note that this function will open a connection to the system
- * message bus and query ConsoleKit for details. In addition, it will
- * load PolicyKit specific files and spawn privileged helpers if
- * necessary. As such, there is a bit of IPC, context switching,
- * syscall overhead and I/O involved in using this function. If you
- * are planning on calling this function multiple times (e.g. from a
- * daemon) on a frequent basis and/or need more detail you should use
- * the #PolKitContext and #PolKitTracker classes instead as these are
- * designed to aggresively cache information.
- *
- * The return value is a bit mask indicating whether the given process
- * is authorized for the given actions. Bit 0 represents the first
- * action; bit 1 represents the 2nd action and so forth. A bit is set
- * to 1 if, and only if, the caller is authorized for the given
- * action. If the given action is unknown zero will be returned as well.
- *
- * If the function succeeds, errno will be set to 0. If an error
- * occurs 0 is returned and errno will be set:
- * <itemizedlist>
- * <listitem><literal>ENOMEM</literal>: Out of memory.</listitem>
- * <listitem><literal>ENOENT</literal>: Failed to connect to either the system message bus or ConsoleKit.</listitem>
- * </itemizedlist>
- *
- * Returns: See above
- *
- * Since: 0.7
- */
-polkit_uint64_t
-polkit_check_auth (pid_t pid, ...)
-{
- int n;
- va_list args;
- char *action_id;
- polkit_uint64_t ret;
- const char *action_ids[65];
-
- ret = 0;
-
- n = 0;
- va_start (args, pid);
- while ((action_id = va_arg (args, char *)) != NULL) {
- if (n == 64) {
- errno = EOVERFLOW;
- goto out;
- }
- action_ids[n++] = action_id;
- }
- va_end (args);
- action_ids[n] = NULL;
-
- ret = polkit_check_authv (pid, action_ids);
-out:
- return ret;
-}
-
-/**
- * polkit_check_authv:
- * @pid: See docs for polkit_check_auth()
- * @action_ids: %NULL terminated array of action id's
- *
- * This function is similar to polkit_check_auth() but takes an %NULL
- * terminated array instead of being a varadic function.
- *
- * Returns: See docs for polkit_check_auth()
- *
- * Since: 0.7
- */
-polkit_uint64_t
-polkit_check_authv (pid_t pid, const char **action_ids)
-{
- int n;
- polkit_uint64_t ret;
- DBusError error;
- DBusConnection *bus;
- PolKitCaller *caller;
- PolKitContext *context;
- PolKitError *pk_error;
- PolKitResult pk_result;
-
- ret = 0;
- errno = ENOENT;
- context = NULL;
- caller = NULL;
- bus = NULL;
-
- dbus_error_init (&error);
-
-#ifdef POLKIT_BUILD_TESTS
- char *pretend;
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH")) != NULL) {
- /* see polkit_caller_new_from_pid() - basically, it's
- * if POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH is set
- * then the bus won't be used at all
- */
- goto no_bus;
- }
-#endif
- bus = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
- if (bus == NULL) {
- kit_warning ("cannot connect to system bus: %s: %s", error.name, error.message);
- dbus_error_free (&error);
- goto out;
- }
-#ifdef POLKIT_BUILD_TESTS
-no_bus:
-#endif
-
- caller = polkit_caller_new_from_pid (bus, pid, &error);
- if (caller == NULL) {
- kit_warning ("cannot get caller from pid: %s: %s", error.name, error.message);
- goto out;
- }
-
- context = polkit_context_new ();
- if (context == NULL) {
- kit_warning ("cannot allocate PolKitContext");
- errno = ENOMEM;
- goto out;
- }
-
- pk_error = NULL;
- if (!polkit_context_init (context, &pk_error)) {
- kit_warning ("cannot initialize polkit context: %s: %s",
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
-
- for (n = 0; action_ids[n] != NULL; n++) {
- PolKitAction *action;
-
- action = polkit_action_new ();
- if (action == NULL) {
- kit_warning ("cannot allocate PolKitAction");
- errno = ENOMEM;
- goto out;
- }
- if (!polkit_action_set_action_id (action, action_ids[n])) {
- polkit_action_unref (action);
- kit_warning ("cannot set action_id");
- errno = ENOMEM;
- goto out;
- }
-
- pk_error = NULL;
- pk_result = polkit_context_is_caller_authorized (context, action, caller, FALSE, &pk_error);
-
- if (polkit_error_is_set (pk_error)) {
- polkit_error_free (pk_error);
- pk_error = NULL;
- } else {
- if (pk_result == POLKIT_RESULT_YES)
- ret |= (1<<n);
- }
-
- polkit_action_unref (action);
- }
-
-out:
- if (bus != NULL)
- dbus_connection_unref (bus);
- if (caller != NULL)
- polkit_caller_unref (caller);
- if (context != NULL)
- polkit_context_unref (context);
-
- return ret;
-}
-
-extern char **environ;
-
-static polkit_bool_t
-_auth_show_dialog_text (const char *action_id, pid_t pid, DBusError *error)
-{
- unsigned int n;
- polkit_bool_t ret;
- int exit_status;
- char *helper_argv[] = {PACKAGE_BIN_DIR "/polkit-auth", "--obtain", NULL, NULL};
- char **envp;
- size_t envsize;
- char buf[256];
-
- ret = FALSE;
-
- if (isatty (STDOUT_FILENO) != 1 || isatty (STDIN_FILENO) != 1) {
- dbus_set_error (error,
- "org.freedesktop.PolicyKit.LocalError",
- "stdout and/or stdin is not a tty");
- goto out;
- }
-
- envsize = kit_strv_length (environ);
- envp = kit_new0 (char *, envsize + 3);
- if (envp == NULL)
- goto out;
- for (n = 0; n < envsize; n++)
- envp[n] = environ[n];
- envp[envsize] = "POLKIT_AUTH_FORCE_TEXT=1";
- snprintf (buf, sizeof (buf), "POLKIT_AUTH_GRANT_TO_PID=%d", pid);
- envp[envsize+1] = buf;
-
- helper_argv[2] = (char *) action_id;
-
- if (!kit_spawn_sync (NULL, /* const char *working_directory */
- KIT_SPAWN_CHILD_INHERITS_STDIN, /* flags */
- helper_argv, /* char **argv */
- envp, /* char **envp */
- NULL, /* char *stdin */
- NULL, /* char **stdout */
- NULL, /* char **stderr */
- &exit_status)) { /* int *exit_status */
- dbus_set_error (error,
- "org.freedesktop.PolicyKit.LocalError",
- "Error spawning polkit-auth: %m");
- goto out;
- }
-
- if (!WIFEXITED (exit_status)) {
- dbus_set_error (error,
- "org.freedesktop.PolicyKit.LocalError",
- "polkit-auth crashed!");
- goto out;
- } else if (WEXITSTATUS(exit_status) != 0) {
- goto out;
- }
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-/**
- * polkit_auth_obtain:
- * @action_id: The action_id for the #PolKitAction to make the user
- * authenticate for
- * @xid: X11 window ID for the window that the dialog will be
- * transient for. If there is no window, pass 0.
- * @pid: Process ID of process to grant authorization to. Normally one wants to pass result of getpid().
- * @error: return location for error; cannot be %NULL
- *
- * Convenience function to prompt the user to authenticate to gain an
- * authorization for the given action. First, an attempt to reach an
- * Authentication Agent on the session message bus is made. If that
- * doesn't work and stdout/stdin are both tty's, polkit-auth(1) is
- * invoked.
- *
- * This is a blocking call. If you're using GTK+ see
- * polkit_gnome_auth_obtain() for a non-blocking version.
- *
- * Returns: %TRUE if, and only if, the user successfully
- * authenticated. %FALSE if the user failed to authenticate or if
- * error is set
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_auth_obtain (const char *action_id, polkit_uint32_t xid, pid_t pid, DBusError *error)
-{
- polkit_bool_t ret;
- DBusConnection *bus;
- DBusMessage *message;
- DBusMessage *reply;
-
- kit_return_val_if_fail (action_id != NULL, FALSE);
- kit_return_val_if_fail (error != NULL, FALSE);
- kit_return_val_if_fail (!dbus_error_is_set (error), FALSE);
-
- bus = NULL;
- message = NULL;
- reply = NULL;
- ret = FALSE;
-
- bus = dbus_bus_get (DBUS_BUS_SESSION, error);
- if (bus == NULL) {
- dbus_error_init (error);
- ret = _auth_show_dialog_text (action_id, pid, error);
- goto out;
- }
-
- message = dbus_message_new_method_call ("org.freedesktop.PolicyKit.AuthenticationAgent", /* service */
- "/", /* object path */
- "org.freedesktop.PolicyKit.AuthenticationAgent", /* interface */
- "ObtainAuthorization");
- dbus_message_append_args (message,
- DBUS_TYPE_STRING, &action_id,
- DBUS_TYPE_UINT32, &xid,
- DBUS_TYPE_UINT32, &pid,
- DBUS_TYPE_INVALID);
- reply = dbus_connection_send_with_reply_and_block (bus, message, INT_MAX, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- ret = _auth_show_dialog_text (action_id, pid, error);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_BOOLEAN, &ret,
- DBUS_TYPE_INVALID)) {
- dbus_error_init (error);
- ret = _auth_show_dialog_text (action_id, pid, error);
- goto out;
- }
-
-out:
- if (bus != NULL)
- dbus_connection_unref (bus);
- if (message != NULL)
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
-
- return ret;
-}
-
-
-/**
- * polkit_dbus_error_generate:
- * @action: the action that the caller needs an authorization for
- * @result: the result from e.g. polkit_context_is_caller_authorized()
- * @error: the #DBusError to set
- *
- * Convenience function to generate a #DBusError that encapsulates
- * information that the caller is not authorized. This includes
- * information such as @action that describes what action the caller
- * lacks an authorization for, as well as @result that describes if
- * the caller can obtain an authorization through authentication.
- *
- * Typically a privileged mechanism uses this function to generate
- * errors. At the other end of the wire, the caller can use
- * polkit_dbus_error_parse() to extract @action and @result.
- *
- * The form of the #DBusError is as follows. The name is
- * set to
- * <literal>org.freedesktop.PolicyKit.Error.NotAuthorized</literal>
- * and the message consists of two strings separated by a single
- * space: the string representation of the action
- * (cf. polkit_action_to_string_representation()) and the string
- * representation of the result
- * (cf. polkit_result_to_string_representation()).
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: TRUE if @error was set. FALSE on error or OOM.
- *
- * Since: 0.8
- */
-polkit_bool_t
-polkit_dbus_error_generate (PolKitAction *action, PolKitResult result, DBusError *error)
-{
- polkit_bool_t ret;
- const char *action_str;
- const char *result_str;
-
- ret = FALSE;
-
- kit_return_val_if_fail (error != NULL && !dbus_error_is_set (error), FALSE);
- kit_return_val_if_fail (action != NULL && polkit_action_validate (action), FALSE);
-
- action_str = polkit_action_to_string_representation (action);
- if (action_str == NULL)
- goto out;
-
- result_str = polkit_result_to_string_representation (result);
- if (result_str == NULL)
- goto out;
-
- dbus_set_error (error,
- "org.freedesktop.PolicyKit.Error.NotAuthorized",
- "%s %s",
- action_str, result_str);
-
- /* on OOM, error->name and error->message are set to preallocated strings */
- if (strcmp (error->name, "org.freedesktop.PolicyKit.Error.NotAuthorized") != 0)
- goto out;
-
- ret = TRUE;
-
-out:
- return ret;
-}
-
-/**
- * polkit_dbus_error_parse:
- * @error: error to parse; must be set
- * @action: return location for #PolKitAction object
- * @result: return location for #PolKitResult variable
- *
- * Parse an error received over D-Bus, typically generated by
- * polkit_dbus_error_generate(), into what action an authorization is
- * missing for and whether that authorization can be obtained.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: TRUE only if @error was successfully parsed and @action
- * and @result is set (and caller must free @action using
- * polkit_action_unref()).
- *
- * Since: 0.8
- */
-polkit_bool_t
-polkit_dbus_error_parse (DBusError *error, PolKitAction **action, PolKitResult *result)
-{
- char **tokens;
- size_t num_tokens;
- polkit_bool_t ret;
-
- kit_return_val_if_fail (error != NULL && dbus_error_is_set (error), FALSE);
- kit_return_val_if_fail (action != NULL, FALSE);
- kit_return_val_if_fail (result != NULL, FALSE);
-
- ret = FALSE;
- tokens = NULL;
- *action = NULL;
-
- if (!dbus_error_has_name (error, "org.freedesktop.PolicyKit.Error.NotAuthorized"))
- goto out;
-
- tokens = kit_strsplit (error->message, ' ', &num_tokens);
- if (tokens == NULL || num_tokens != 2)
- goto out;
-
- *action = polkit_action_new_from_string_representation (tokens[0]);
- if (*action == NULL)
- goto out;
-
- if (!polkit_result_from_string_representation (tokens[1], result)) {
- polkit_action_unref (*action);
- *action = NULL;
- goto out;
- }
-
- ret = TRUE;
-
-out:
- if (!ret)
- *result = POLKIT_RESULT_UNKNOWN;
-
-
- if (tokens != NULL)
- kit_strfreev (tokens);
-
- return ret;
-}
-
-/**
- * polkit_dbus_error_parse_from_strings:
- * @error_name: name of D-Bus error
- * @error_message: message of D-Bus error
- * @action: return location for #PolKitAction object
- * @result: return location for #PolKitResult variable
- *
- * Like polkit_dbus_error_parse(), only it takes the name and message
- * instead of a #DBusError. This is useful when usings D-Bus bindings
- * (such as dbus-glib) that don't expose the #DBusError object
- * directly.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: See polkit_dbus_error_parse().
- *
- * Since: 0.8
- */
-polkit_bool_t
-polkit_dbus_error_parse_from_strings (const char *error_name,
- const char *error_message,
- PolKitAction **action,
- PolKitResult *result)
-{
- DBusError error;
-
- dbus_error_init (&error);
- dbus_set_error_const (&error, error_name, error_message);
-
- return polkit_dbus_error_parse (&error, action, result);
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- PolKitAction *a;
- PolKitResult r;
-
- a = polkit_action_new ();
- r = POLKIT_RESULT_ONLY_VIA_SELF_AUTH;
- if (a != NULL) {
- if (polkit_action_set_action_id (a, "org.example.foo")) {
- DBusError error;
-
- dbus_error_init (&error);
- if (polkit_dbus_error_generate (a, r, &error)) {
- PolKitAction *a2;
- PolKitResult r2;
-
- if (polkit_dbus_error_parse_from_strings (error.name, error.message, &a2, &r2)) {
- kit_assert (polkit_action_equal (a, a2));
- kit_assert (r == r2);
- polkit_action_unref (a2);
- }
- }
- }
- polkit_action_unref (a);
- }
-
- return TRUE;
-}
-
-KitTest _test_simple = {
- "polkit_simple",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-simple.h b/src/polkit/polkit-simple.h
deleted file mode 100644
index 1cf9753..0000000
--- a/src/polkit/polkit-simple.h
+++ /dev/null
@@ -1,52 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-simple.h : Simple convenience interface
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_SIMPLE_H
-#define POLKIT_SIMPLE_H
-
-#include <polkit/polkit.h>
-
-POLKIT_BEGIN_DECLS
-
-polkit_uint64_t polkit_check_auth (pid_t pid, ...);
-polkit_uint64_t polkit_check_authv (pid_t pid, const char **action_ids);
-
-polkit_bool_t polkit_auth_obtain (const char *action_id, polkit_uint32_t xid, pid_t pid, DBusError *error);
-
-polkit_bool_t polkit_dbus_error_generate (PolKitAction *action, PolKitResult result, DBusError *error);
-polkit_bool_t polkit_dbus_error_parse (DBusError *error, PolKitAction **action, PolKitResult *result);
-polkit_bool_t polkit_dbus_error_parse_from_strings (const char *error_name, const char *error_message, PolKitAction **action, PolKitResult *result);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_SIMPLE_H */
diff --git a/src/polkit/polkit-sysdeps.c b/src/polkit/polkit-sysdeps.c
deleted file mode 100644
index ad8b7a0..0000000
--- a/src/polkit/polkit-sysdeps.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-sysdeps.c : Various platform specific utility functions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#ifdef HAVE_SOLARIS
-#include <fcntl.h>
-#include <sys/time.h>
-#if _FILE_OFFSET_BITS==64
-#undef _FILE_OFFSET_BITS
-#include <procfs.h>
-#define _FILE_OFFSET_BITS 64
-#else
-#include <procfs.h>
-#endif
-#elif defined(HAVE_INOTIFY)
-#include <sys/inotify.h>
-#endif
-#include <syslog.h>
-
-#include "polkit-sysdeps.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-
-/**
- * SECTION:polkit-sysdeps
- * @title: System Dependencies
- * @short_description: Various platform specific utility functions
- *
- * Various platform specific utility functions.
- *
- * Since: 0.7
- **/
-
-
-/**
- * polkit_sysdeps_get_start_time_for_pid:
- * @pid: process id
- *
- * Get when a process started.
- *
- * Returns: start time for the process or 0 if an error occured and errno will be set
- *
- * Since: 0.7
- */
-polkit_uint64_t
-polkit_sysdeps_get_start_time_for_pid (pid_t pid)
-{
- char *filename;
- char *contents;
- size_t length;
- polkit_uint64_t start_time;
-#ifdef HAVE_SOLARIS
- struct psinfo info;
-#else
- char **tokens;
- size_t num_tokens;
- char *p;
- char *endp;
-#endif
-
- start_time = 0;
- contents = NULL;
-
-#ifdef HAVE_SOLARIS
- if (polkit_sysdeps_pid_psinfo ( pid, &info)) {
- goto out;
- }
- start_time = (unsigned long long) (info.pr_start.tv_sec);
-#else
-#ifdef __FreeBSD__
- filename = kit_strdup_printf ("/proc/%d/status", pid);
-#else
- filename = kit_strdup_printf ("/proc/%d/stat", pid);
-#endif
- if (filename == NULL) {
- errno = ENOMEM;
- goto out;
- }
-
- if (!kit_file_get_contents (filename, &contents, &length)) {
- //fprintf (stderr, "Cannot get contents of '%s': %s\n", filename, error->message);
- goto out;
- }
-
-#ifdef __FreeBSD__
- tokens = kit_strsplit (contents, ' ', &num_tokens);
- if (tokens == NULL)
- goto out;
- if (num_tokens < 8) {
- kit_strfreev (tokens);
- goto out;
- }
-
- p = kit_strdup (tokens[7]);
- kit_strfreev (tokens);
-
- tokens = kit_strsplit (p, ',', &num_tokens);
- kit_free (p);
- if (tokens == NULL)
- goto out;
- if (num_tokens >= 1) {
- start_time = strtoll (tokens[0], &endp, 10);
- if (endp == tokens[0]) {
- kit_strfreev (tokens);
- goto out;
- }
- } else {
- kit_strfreev (tokens);
- goto out;
- }
-
- kit_strfreev (tokens);
-#else
-
- /* start time is the 19th token after the '(process name)' entry */
-
- p = strchr (contents, ')');
- if (p == NULL) {
- goto out;
- }
- p += 2; /* skip ') ' */
- if (p - contents >= (int) length) {
- goto out;
- }
-
- tokens = kit_strsplit (p, ' ', &num_tokens);
- if (tokens == NULL)
- goto out;
-
- if (num_tokens < 20) {
- goto out;
- }
-
- start_time = strtoll (tokens[19], &endp, 10);
- if (endp == tokens[19]) {
- goto out;
- }
-
- kit_strfreev (tokens);
-#endif
-#endif
-
-out:
-#ifndef HAVE_SOLARIS
- kit_free (filename);
- kit_free (contents);
-#endif
- return start_time;
-}
-
-/**
- * polkit_sysdeps_get_exe_for_pid:
- * @pid: process id
- * @out_buf: buffer to store the string representation in
- * @buf_size: size of buffer
- *
- * Get the name of the binary a given process was started from.
- *
- * Note that this is not necessary reliable information and as such
- * shouldn't be relied on 100% to make a security decision. In fact,
- * this information is only trustworthy in situations where the given
- * binary is securely locked down meaning that 1) it can't be
- * <literal>ptrace(2)</literal>'d; 2) libc secure mode kicks in (e.g
- * <literal>LD_PRELOAD</literal> won't work); 3) there are no other
- * attack vectors (e.g. GTK_MODULES, X11, CORBA, D-Bus) to patch
- * running code into the process.
- *
- * In other words: the risk of relying on constraining an
- * authorization to the output of this function is high. Suppose that
- * the program <literal>/usr/bin/gullible</literal> obtains an
- * authorization via authentication for the action
- * <literal>org.example.foo</literal>. We add a constraint to say that
- * the gained authorization only applies to processes for whom
- * <literal>/proc/pid/exe</literal> points to
- * <literal>/usr/bin/gullible</literal>. Now enter
- * <literal>/usr/bin/evil</literal>. It knows that the program
- * <literal>/usr/bin/gullible</literal> is not "securely locked down"
- * (per the definition in the above paragraph). So
- * <literal>/usr/bin/evil</literal> simply sets
- * <literal>LD_PRELOAD</literal> and execs
- * <literal>/usr/bin/gullible</literal> and it can now run code in a
- * process where <literal>/proc/pid/exe</literal> points to
- * <literal>/usr/bin/gullible</literal>. Thus, the recently gained
- * authorization for <literal>org.example.foo</literal> applies. Also,
- * <literal>/usr/bin/evil</literal> could use a host of other attack
- * vectors to run it's own code under the disguise of pretending to be
- * <literal>/usr/bin/gullible</literal>.
- *
- * Specifically for interpreted languages like Python and Mono it is
- * the case that <literal>/proc/pid/exe</literal> always points to
- * <literal>/usr/bin/python</literal>
- * resp. <literal>/usr/bin/mono</literal>. Thus, it's not very useful
- * to rely on that the result for this function if you want to
- * constrain an authorization to
- * e.g. <literal>/usr/bin/tomboy</literal> or
- * <literal>/usr/bin/banshee</literal>.
- *
- * If the information could not be obtained, such as if the given
- * process is owned by another user than the caller, -1 is returned
- * and out_buf will be set to "(unknown)". See also the function
- * polkit_sysdeps_get_exe_for_pid_with_helper().
- *
- * Returns: Number of characters written (not including trailing
- * '\0'). If the output was truncated due to the buffer being too
- * small, buf_size will be returned. Thus, a return value of buf_size
- * or more indicates that the output was truncated (see snprintf(3))
- * or an error occured. If the name cannot be found, -1 will be
- * returned.
- *
- * Since: 0.7
- */
-int
-polkit_sysdeps_get_exe_for_pid (pid_t pid, char *out_buf, size_t buf_size)
-{
- int ret;
- char proc_name[32];
-
- /* TODO: to avoid work we should maintain a cache. The key
- * into the cache should be (pid, pid_start_time) and the
- * values should be the exe-paths
- */
-
- ret = 0;
-
-#ifdef HAVE_SOLARIS
- struct psinfo info;
-
- if (polkit_sysdeps_pid_psinfo (pid, &info)) {
- goto out;
- }
- ret = strlen (info.pr_psargs);
- strncpy (out_buf, info.pr_psargs, ret);
-#else
-#ifdef __FreeBSD__
- snprintf (proc_name, sizeof (proc_name), "/proc/%d/file", pid);
-#else
- snprintf (proc_name, sizeof (proc_name), "/proc/%d/exe", pid);
-#endif
- ret = readlink (proc_name, out_buf, buf_size - 1);
- if (ret == -1) {
- strncpy (out_buf, "(unknown)", buf_size);
- goto out;
- }
-#endif
- kit_assert (ret >= 0 && ret < (int) buf_size - 1);
- out_buf[ret] = '\0';
-
-out:
- return ret;
-}
-
-/**
- * polkit_sysdeps_get_exe_for_pid_with_helper:
- * @pid: process id
- * @out_buf: buffer to store the string representation in
- * @buf_size: size of buffer
- *
- * Like polkit_sysdeps_get_exe_for_pid() but if the given process is
- * owned by another user, a setuid root helper is used to obtain the
- * information. This helper only works if 1) the caller is authorized
- * for the org.freedesktop.policykit.read authorization; or 2) the
- * calling user is polkituser; or 3) the calling user is setegid
- * polkituser.
- *
- * So -1 might still be returned (the process might also have exited).
- *
- * Returns: See polkit_sysdeps_get_exe_for_pid().
- *
- * Since: 0.8
- */
-int
-polkit_sysdeps_get_exe_for_pid_with_helper (pid_t pid, char *out_buf, size_t buf_size)
-{
- int ret;
-
- /* TODO: to avoid work we should maintain a cache. The key
- * into the cache should be (pid, pid_start_time) and the
- * values should be the exe-paths
- */
-
- ret = polkit_sysdeps_get_exe_for_pid (pid, out_buf, buf_size);
- if (ret == -1) {
- char buf[32];
- char *helper_argv[3] = {PACKAGE_LIBEXEC_DIR "/polkit-resolve-exe-helper-1", buf, NULL};
- char *standard_output;
- int exit_status;
-
- /* Uh uh.. This means that we don't have permission to read /proc/$pid/exe for
- * the given process id... this can happen if the mechanism in question runs
- * as an unprivileged user instead of uid 0 (e.g. user 'haldaemon').
- *
- * This blows.
- *
- * To work around this we use a setuid root helper that
- *
- * 1. checks whether the caller (us) has the 1) org.freedesktop.policykit.read
- * authorization; or 2) is $POLKIT_USER; or 3) is group $POLKIT_USER
- *
- * 2. If so, resolves /prod/$pid/exe and writes it to stdout
- */
-
- snprintf (buf, sizeof (buf), "%d", pid);
-
- if (!kit_spawn_sync (NULL, /* const char *working_directory */
- 0, /* flags */
- helper_argv, /* char **argv */
- NULL, /* char **envp */
- NULL, /* char *stdin */
- &standard_output, /* char **stdout */
- NULL, /* char **stderr */
- &exit_status)) { /* int *exit_status */
- goto out;
- }
-
- if (!WIFEXITED (exit_status)) {
- kit_warning ("resolve exe helper crashed!");
- goto out;
- } else if (WEXITSTATUS(exit_status) != 0) {
- goto out;
- }
-
- strncpy (out_buf, standard_output, buf_size);
- out_buf[buf_size - 1] = '\0';
- ret = strlen (standard_output);
- }
-
-out:
- return ret;
-}
-
-
-#ifdef HAVE_SOLARIS
-int
-polkit_sysdeps_pid_psinfo (pid_t pid, struct psinfo *ps)
-{
- char pname[32];
- int procfd;
-
- (void) snprintf(pname, sizeof(pname), "/proc/%d/psinfo", pid);
- if ((procfd = open(pname, O_RDONLY)) == -1) {
- return -1;
- }
- if (read(procfd, ps, sizeof(struct psinfo)) < 0) {
- (void) close(procfd);
- return -1;
- }
- (void) close(procfd);
- return 0;
-}
-#endif
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-KitTest _test_sysdeps = {
- "polkit_sysdeps",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-sysdeps.h b/src/polkit/polkit-sysdeps.h
deleted file mode 100644
index 6203bc2..0000000
--- a/src/polkit/polkit-sysdeps.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-sysdeps.h : Various platform specific utility functions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_SYSDEPS_H
-#define POLKIT_SYSDEPS_H
-
-#include <sys/types.h>
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-polkit_uint64_t polkit_sysdeps_get_start_time_for_pid (pid_t pid);
-
-int polkit_sysdeps_get_exe_for_pid (pid_t pid, char *out_buf, size_t buf_size);
-
-int polkit_sysdeps_get_exe_for_pid_with_helper (pid_t pid, char *out_buf, size_t buf_size);
-
-
-POLKIT_END_DECLS
-
-#endif
diff --git a/src/polkit/polkit-test.c b/src/polkit/polkit-test.c
deleted file mode 100644
index 927339c..0000000
--- a/src/polkit/polkit-test.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-test.c : PolicyKit test
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <syslog.h>
-#include <polkit/polkit-test.h>
-#include <polkit/polkit-private.h>
-#include <polkit/polkit-private.h>
-
-#define MAX_TESTS 64
-
-/**
- * SECTION:polkit-test
- * @short_description: Testing code for libpolkit
- *
- * Testing code for libpolkit.
- */
-
-static KitTest *tests[] = {
- &_test_action,
- &_test_error,
- &_test_result,
- &_test_seat,
- &_test_session,
- &_test_caller,
- &_test_policy_default,
- &_test_policy_file_entry,
- &_test_policy_file,
- &_test_policy_cache,
- &_test_authorization_constraint,
- &_test_authorization,
- &_test_authorization_db,
- &_test_sysdeps,
- &_test_utils,
- &_test_context,
-};
-
-int
-main (int argc, char *argv[])
-{
- /* Some of the code will log to syslog because .policy files
- * etc. may be malformed. Since this will open a socket to the
- * system logger preempt this so the fd-leak checking don't
- * freak out.
- */
- syslog (LOG_INFO, "libpolkit: initiating test; bogus alerts may be written to syslog");
-
- if (kit_test_run (tests, sizeof (tests) / sizeof (KitTest*)))
- return 0;
- else
- return 1;
-}
diff --git a/src/polkit/polkit-test.h b/src/polkit/polkit-test.h
deleted file mode 100644
index 056b3dc..0000000
--- a/src/polkit/polkit-test.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-test.h : PolicyKit test
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION)
-#error "polkit-test.h is a private file"
-#endif
-
-#ifndef POLKIT_TEST_H
-#define POLKIT_TEST_H
-
-#include <kit/kit.h>
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-extern KitTest _test_action;
-extern KitTest _test_error;
-extern KitTest _test_result;
-extern KitTest _test_seat;
-extern KitTest _test_session;
-extern KitTest _test_caller;
-extern KitTest _test_policy_default;
-extern KitTest _test_policy_file_entry;
-extern KitTest _test_policy_file;
-extern KitTest _test_policy_cache;
-extern KitTest _test_authorization_constraint;
-extern KitTest _test_authorization;
-extern KitTest _test_authorization_db;
-extern KitTest _test_sysdeps;
-extern KitTest _test_utils;
-extern KitTest _test_context;
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_TEST_H */
-
-
diff --git a/src/polkit/polkit-tracker.c b/src/polkit/polkit-tracker.c
deleted file mode 100644
index 0dad442..0000000
--- a/src/polkit/polkit-tracker.c
+++ /dev/null
@@ -1,1556 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-tracker.c : track callers
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-#include <ctype.h>
-
-#include "polkit-debug.h"
-#include "polkit-tracker.h"
-
-/**
- * SECTION:polkit-tracker
- * @title: Track callers
- * @short_description: Obtaining seat, session and caller information
- * via D-Bus and ConsoleKit.
- *
- * Helper class for obtaining seat, session and caller information
- * via D-Bus and ConsoleKit. This library is only useful when writing
- * a mechanism.
- *
- * If the mechanism itself is a daemon exposing a remote services via
- * the system message bus it's often a better idea, to reduce
- * roundtrips, to use the high-level #PolKitTracker class rather than
- * the low-level functions polkit_caller_new_from_dbus_name() and
- * polkit_caller_new_from_pid().
- *
- **/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <errno.h>
-#include <time.h>
-#include <string.h>
-
-#ifdef HAVE_SELINUX
-#include <selinux/selinux.h>
-#endif
-
-#include <polkit/polkit-debug.h>
-#include <polkit/polkit-test.h>
-#include <polkit/polkit-private.h>
-#include "polkit-tracker.h"
-
-/**
- * polkit_session_new_from_objpath:
- * @con: D-Bus system bus connection
- * @objpath: object path of ConsoleKit session object
- * @uid: the user owning the session or -1 if unknown
- * @error: D-Bus error
- *
- * This function will construct a #PolKitSession object by querying
- * the ConsoleKit daemon for information. Note that this will do a lot
- * of blocking IO so it is best avoided if your process already
- * tracks/caches all the information. If you pass in @uid as a
- * non-negative number, a round trip can be saved.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: the new object or #NULL if an error occured (in which case
- * @error will be set)
- **/
-PolKitSession *
-polkit_session_new_from_objpath (DBusConnection *con, const char *objpath, uid_t uid, DBusError *error)
-{
- PolKitSeat *seat;
- PolKitSession *session;
- DBusMessage *message;
- DBusMessage *reply;
- char *str;
- dbus_bool_t is_active;
- dbus_bool_t is_local;
- char *remote_host;
- char *seat_path;
-
- kit_return_val_if_fail (con != NULL, NULL);
- kit_return_val_if_fail (objpath != NULL, NULL);
- kit_return_val_if_fail (error != NULL, NULL);
- kit_return_val_if_fail (! dbus_error_is_set (error), NULL);
-
- session = NULL;
- remote_host = NULL;
- seat_path = NULL;
-
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- objpath,
- "org.freedesktop.ConsoleKit.Session",
- "IsActive");
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing Session.IsActive on ConsoleKit: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_BOOLEAN, &is_active,
- DBUS_TYPE_INVALID)) {
- kit_warning ("Invalid IsActive reply from CK");
- goto out;
- }
- dbus_message_unref (message);
- dbus_message_unref (reply);
-
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- objpath,
- "org.freedesktop.ConsoleKit.Session",
- "IsLocal");
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing Session.IsLocal on ConsoleKit: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_BOOLEAN, &is_local,
- DBUS_TYPE_INVALID)) {
- kit_warning ("Invalid IsLocal reply from CK");
- goto out;
- }
- dbus_message_unref (message);
- dbus_message_unref (reply);
-
- if (!is_local) {
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- objpath,
- "org.freedesktop.ConsoleKit.Session",
- "GetRemoteHostName");
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing Session.GetRemoteHostName on ConsoleKit: %s: %s",
- error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_STRING, &str,
- DBUS_TYPE_INVALID)) {
- kit_warning ("Invalid GetRemoteHostName reply from CK");
- goto out;
- }
- remote_host = kit_strdup (str);
- dbus_message_unref (message);
- dbus_message_unref (reply);
- }
-
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- objpath,
- "org.freedesktop.ConsoleKit.Session",
- "GetSeatId");
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing Session.GetSeatId on ConsoleKit: %s: %s",
- error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_OBJECT_PATH, &str,
- DBUS_TYPE_INVALID)) {
- kit_warning ("Invalid GetSeatId reply from CK");
- goto out;
- }
- seat_path = kit_strdup (str);
- dbus_message_unref (message);
- dbus_message_unref (reply);
-
- if ((int) uid == -1) {
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- objpath,
- "org.freedesktop.ConsoleKit.Session",
- "GetUnixUser");
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing Session.GetUnixUser on ConsoleKit: %s: %s",error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_INT32, &uid,
- DBUS_TYPE_INVALID)) {
- kit_warning ("Invalid GetUnixUser reply from CK");
- goto out;
- }
- dbus_message_unref (message);
- dbus_message_unref (reply);
- }
-
- session = polkit_session_new ();
- if (session == NULL) {
- goto out;
- }
- if (!polkit_session_set_uid (session, uid)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- if (!polkit_session_set_ck_objref (session, objpath)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- if (!polkit_session_set_ck_is_active (session, is_active)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- if (!polkit_session_set_ck_is_local (session, is_local)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- if (!is_local) {
- if (!polkit_session_set_ck_remote_host (session, remote_host)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
-
- }
-
- seat = polkit_seat_new ();
- if (seat == NULL) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- if (!polkit_seat_set_ck_objref (seat, seat_path)) {
- polkit_seat_unref (seat);
- seat = NULL;
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- if (!polkit_seat_validate (seat)) {
- polkit_seat_unref (seat);
- seat = NULL;
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
-
- if (!polkit_session_set_seat (session, seat)) {
- polkit_seat_unref (seat);
- seat = NULL;
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
- polkit_seat_unref (seat); /* session object now owns this object */
- seat = NULL;
-
- if (!polkit_session_validate (session)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
-
-out:
- kit_free (remote_host);
- kit_free (seat_path);
- return session;
-}
-
-/**
- * polkit_session_new_from_cookie:
- * @con: D-Bus system bus connection
- * @cookie: a ConsoleKit XDG_SESSION_COOKIE
- * @error: D-Bus error
- *
- * This function will construct a #PolKitSession object by querying
- * the ConsoleKit daemon for information. Note that this will do a lot
- * of blocking IO so it is best avoided if your process already
- * tracks/caches all the information.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: the new object or #NULL if an error occured (in which case
- * @error will be set)
- **/
-PolKitSession *
-polkit_session_new_from_cookie (DBusConnection *con, const char *cookie, DBusError *error)
-{
- PolKitSession *session;
- DBusMessage *message;
- DBusMessage *reply;
- char *str;
- char *objpath;
-
- kit_return_val_if_fail (con != NULL, NULL);
- kit_return_val_if_fail (cookie != NULL, NULL);
- kit_return_val_if_fail (error != NULL, NULL);
- kit_return_val_if_fail (! dbus_error_is_set (error), NULL);
-
- objpath = NULL;
- session = NULL;
-
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- "/org/freedesktop/ConsoleKit/Manager",
- "org.freedesktop.ConsoleKit.Manager",
- "GetSessionForCookie");
- dbus_message_append_args (message, DBUS_TYPE_STRING, &cookie, DBUS_TYPE_INVALID);
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- //kit_warning ("Error doing Manager.GetSessionForCookie on ConsoleKit: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- if (!dbus_message_get_args (reply, NULL,
- DBUS_TYPE_OBJECT_PATH, &str,
- DBUS_TYPE_INVALID)) {
- kit_warning ("Invalid GetSessionForCookie reply from CK");
- goto out;
- }
- objpath = kit_strdup (str);
- dbus_message_unref (message);
- dbus_message_unref (reply);
-
- session = polkit_session_new_from_objpath (con, objpath, -1, error);
-
-out:
- kit_free (objpath);
- return session;
-}
-
-
-/**
- * polkit_caller_new_from_dbus_name:
- * @con: D-Bus system bus connection
- * @dbus_name: unique system bus connection name
- * @error: D-Bus error
- *
- * This function will construct a #PolKitCaller object by querying
- * both the system bus daemon and the ConsoleKit daemon for
- * information. Note that this will do a lot of blocking IO so it is
- * best avoided if your process already tracks/caches all the
- * information. You can use the #PolKitTracker class for this.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: the new object or #NULL if an error occured (in which case
- * @error will be set)
- **/
-PolKitCaller *
-polkit_caller_new_from_dbus_name (DBusConnection *con, const char *dbus_name, DBusError *error)
-{
- PolKitCaller *caller;
- pid_t pid;
- uid_t uid;
- char *selinux_context;
- char *ck_session_objpath;
- PolKitSession *session;
- DBusMessage *message;
- DBusMessage *reply;
- DBusMessageIter iter;
- DBusMessageIter sub_iter;
- char *str;
- int num_elems;
-
- kit_return_val_if_fail (con != NULL, NULL);
- kit_return_val_if_fail (dbus_name != NULL, NULL);
- kit_return_val_if_fail (error != NULL, NULL);
- kit_return_val_if_fail (! dbus_error_is_set (error), NULL);
-
- selinux_context = NULL;
- ck_session_objpath = NULL;
-
- caller = NULL;
- session = NULL;
-
- uid = dbus_bus_get_unix_user (con, dbus_name, error);
- if (dbus_error_is_set (error)) {
- kit_warning ("Could not get uid for connection: %s %s", error->name, error->message);
- goto out;
- }
-
- message = dbus_message_new_method_call ("org.freedesktop.DBus",
- "/org/freedesktop/DBus/Bus",
- "org.freedesktop.DBus",
- "GetConnectionUnixProcessID");
- dbus_message_iter_init_append (message, &iter);
- dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &dbus_name);
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing GetConnectionUnixProcessID on Bus: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- }
- dbus_message_iter_init (reply, &iter);
- dbus_message_iter_get_basic (&iter, &pid);
- dbus_message_unref (message);
- dbus_message_unref (reply);
-
- message = dbus_message_new_method_call ("org.freedesktop.DBus",
- "/org/freedesktop/DBus/Bus",
- "org.freedesktop.DBus",
- "GetConnectionSELinuxSecurityContext");
- dbus_message_iter_init_append (message, &iter);
- dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &dbus_name);
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- /* SELinux might not be enabled */
- if (dbus_error_is_set (error) &&
- strcmp (error->name, "org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown") == 0) {
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- dbus_error_init (error);
- } else if (reply == NULL || dbus_error_is_set (error)) {
- kit_warning ("Error doing GetConnectionSELinuxSecurityContext on Bus: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- goto out;
- } else {
- /* TODO: verify signature */
- dbus_message_iter_init (reply, &iter);
- dbus_message_iter_recurse (&iter, &sub_iter);
- dbus_message_iter_get_fixed_array (&sub_iter, (void *) &str, &num_elems);
- if (str != NULL && num_elems > 0)
- selinux_context = kit_strndup (str, num_elems);
- dbus_message_unref (message);
- dbus_message_unref (reply);
- }
-
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- "/org/freedesktop/ConsoleKit/Manager",
- "org.freedesktop.ConsoleKit.Manager",
- "GetSessionForUnixProcess");
- dbus_message_iter_init_append (message, &iter);
- dbus_message_iter_append_basic (&iter, DBUS_TYPE_UINT32, &pid);
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- //kit_warning ("Error doing GetSessionForUnixProcess on ConsoleKit: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- /* OK, this is not a catastrophe; just means the caller is not a
- * member of any session or that ConsoleKit is not available..
- */
- goto not_in_session;
- }
- dbus_message_iter_init (reply, &iter);
- dbus_message_iter_get_basic (&iter, &str);
- ck_session_objpath = kit_strdup (str);
- dbus_message_unref (message);
- dbus_message_unref (reply);
-
- session = polkit_session_new_from_objpath (con, ck_session_objpath, uid, error);
- if (session == NULL) {
- kit_warning ("Got a session objpath but couldn't construct session object!");
- goto out;
- }
- if (!polkit_session_validate (session)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
-
-not_in_session:
-
- caller = polkit_caller_new ();
- if (caller == NULL) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- goto out;
- }
-
- if (!polkit_caller_set_dbus_name (caller, dbus_name)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- if (!polkit_caller_set_uid (caller, uid)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- if (!polkit_caller_set_pid (caller, pid)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- if (selinux_context != NULL) {
- if (!polkit_caller_set_selinux_context (caller, selinux_context)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- }
- if (session != NULL) {
- if (!polkit_caller_set_ck_session (caller, session)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- polkit_session_unref (session); /* caller object now own this object */
- session = NULL;
- }
-
- if (!polkit_caller_validate (caller)) {
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
-
-out:
- kit_free (selinux_context);
- kit_free (ck_session_objpath);
- return caller;
-}
-
-/**
- * polkit_caller_new_from_pid:
- * @con: D-Bus system bus connection
- * @pid: process id
- * @error: D-Bus error
- *
- * This function will construct a #PolKitCaller object by querying
- * both information in /proc (on Linux) and the ConsoleKit daemon for
- * information about a given process. Note that this will do a lot of
- * blocking IO so it is best avoided if your process already
- * tracks/caches all the information. You can use the #PolKitTracker
- * class for this.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: the new object or #NULL if an error occured (in which case
- * @error will be set)
- **/
-PolKitCaller *
-polkit_caller_new_from_pid (DBusConnection *con, pid_t pid, DBusError *error)
-{
- PolKitCaller *caller;
- uid_t uid;
- char *selinux_context;
- char *ck_session_objpath;
- PolKitSession *session;
- DBusMessage *message;
- DBusMessage *reply;
- DBusMessageIter iter;
- char *str;
- char *proc_path;
- struct stat statbuf;
-#ifdef HAVE_SELINUX
- security_context_t secon;
-#endif
-
-#ifndef POLKIT_BUILD_TESTS
- /* for testing it's fine to pass con==NULL if POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH is set */
- kit_return_val_if_fail (con != NULL, NULL);
-#endif
- kit_return_val_if_fail (error != NULL, NULL);
- kit_return_val_if_fail (! dbus_error_is_set (error), NULL);
-
- selinux_context = NULL;
- ck_session_objpath = NULL;
- uid = (uid_t) -1;
- caller = NULL;
- session = NULL;
- proc_path = NULL;
-
-#ifdef POLKIT_BUILD_TESTS
- char *pretend;
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_UID")) != NULL) {
- uid = atoi (pretend);
- }
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_PID")) != NULL) {
- pid = atoi (pretend);
- }
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_SELINUX_CONTEXT")) != NULL) {
- selinux_context = kit_strdup (pretend);
- }
- if ((pretend = getenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH")) != NULL) {
- ck_session_objpath = kit_strdup (pretend);
- } else {
- kit_return_val_if_fail (con != NULL, NULL);
- }
-#endif
-
- if (uid == (uid_t) -1) {
- proc_path = kit_strdup_printf ("/proc/%d", pid);
- if (proc_path && stat (proc_path, &statbuf) != 0) {
- kit_warning ("Cannot lookup information for pid %d: %s", pid, strerror (errno));
- goto out;
- }
- uid = statbuf.st_uid;
- }
-
-#ifdef HAVE_SELINUX
- /* only get the context if we are enabled */
- if (selinux_context == NULL) {
- if (is_selinux_enabled () != 0) {
- if (getpidcon (pid, &secon) != 0) {
- kit_warning ("Cannot lookup SELinux context for pid %d: %s", pid, strerror (errno));
- goto out;
- }
- selinux_context = kit_strdup (secon);
- freecon (secon);
- }
- }
-#else
- selinux_context = NULL;
-#endif
-
- if (ck_session_objpath == NULL) {
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- "/org/freedesktop/ConsoleKit/Manager",
- "org.freedesktop.ConsoleKit.Manager",
- "GetSessionForUnixProcess");
- dbus_message_iter_init_append (message, &iter);
- dbus_message_iter_append_basic (&iter, DBUS_TYPE_UINT32, &pid);
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- //kit_warning ("Error doing GetSessionForUnixProcess on ConsoleKit: %s: %s", error->name, error->message);
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- /* OK, this is not a catastrophe; just means the caller is not a
- * member of any session or that ConsoleKit is not available..
- */
- goto not_in_session;
- }
- dbus_message_iter_init (reply, &iter);
- dbus_message_iter_get_basic (&iter, &str);
- ck_session_objpath = kit_strdup (str);
- dbus_message_unref (message);
- dbus_message_unref (reply);
- } else {
- if (strlen (ck_session_objpath) == 0)
- goto not_in_session;
- }
-
- session = polkit_session_new_from_objpath (con, ck_session_objpath, uid, error);
- if (session == NULL) {
- kit_warning ("Got a session objpath but couldn't construct session object!");
- goto out;
- }
- if (!polkit_session_validate (session)) {
- polkit_session_unref (session);
- session = NULL;
- goto out;
- }
-
-not_in_session:
-
- caller = polkit_caller_new ();
- if (caller == NULL) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- goto out;
- }
-
- if (!polkit_caller_set_uid (caller, uid)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
-
- if (!polkit_caller_set_pid (caller, pid)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- if (selinux_context != NULL) {
- if (!polkit_caller_set_selinux_context (caller, selinux_context)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- }
- if (session != NULL) {
- if (!polkit_caller_set_ck_session (caller, session)) {
- if (session != NULL) {
- polkit_session_unref (session);
- session = NULL;
- }
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
- polkit_session_unref (session); /* caller object now own this object */
- session = NULL;
- }
-
- if (!polkit_caller_validate (caller)) {
- polkit_caller_unref (caller);
- caller = NULL;
- goto out;
- }
-
-out:
- kit_free (selinux_context);
- kit_free (ck_session_objpath);
- kit_free (proc_path);
- return caller;
-}
-
-static kit_bool_t
-_free_elem_in_list (void *data, void *user_data, KitList *list)
-{
- kit_free (data);
- return FALSE;
-}
-
-static KitList *
-_get_list_of_sessions (DBusConnection *con, uid_t uid, DBusError *error)
-{
- KitList *ret;
- DBusMessage *message;
- DBusMessage *reply;
- DBusMessageIter iter;
- DBusMessageIter iter_array;
- const char *value;
-
- ret = NULL;
-
- message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
- "/org/freedesktop/ConsoleKit/Manager",
- "org.freedesktop.ConsoleKit.Manager",
- "GetSessionsForUnixUser");
- dbus_message_append_args (message, DBUS_TYPE_UINT32, &uid, DBUS_TYPE_INVALID);
- reply = dbus_connection_send_with_reply_and_block (con, message, -1, error);
- if (reply == NULL || dbus_error_is_set (error)) {
- goto out;
- }
-
- dbus_message_iter_init (reply, &iter);
- if (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_ARRAY) {
- kit_warning ("Wrong reply from ConsoleKit (not an array)");
- goto out;
- }
-
- dbus_message_iter_recurse (&iter, &iter_array);
- while (dbus_message_iter_get_arg_type (&iter_array) != DBUS_TYPE_INVALID) {
-
- if (dbus_message_iter_get_arg_type (&iter_array) != DBUS_TYPE_OBJECT_PATH) {
- kit_warning ("Wrong reply from ConsoleKit (element is not a string)");
- kit_list_foreach (ret, _free_elem_in_list, NULL);
- kit_list_free (ret);
- goto out;
- }
-
- dbus_message_iter_get_basic (&iter_array, &value);
- ret = kit_list_append (ret, kit_strdup (value));
-
- dbus_message_iter_next (&iter_array);
- }
-
-out:
- if (message != NULL)
- dbus_message_unref (message);
- if (reply != NULL)
- dbus_message_unref (reply);
- return ret;
-}
-
-static polkit_bool_t
-_polkit_is_authorization_relevant_internal (DBusConnection *con,
- PolKitAuthorization *auth,
- KitList *sessions,
- DBusError *error)
-{
- pid_t pid;
- polkit_uint64_t pid_start_time;
- polkit_bool_t ret;
- polkit_bool_t del_sessions;
- KitList *i;
- uid_t uid;
-
- kit_return_val_if_fail (con != NULL, FALSE);
- kit_return_val_if_fail (auth != NULL, FALSE);
- kit_return_val_if_fail (error != NULL, FALSE);
- kit_return_val_if_fail (! dbus_error_is_set (error), FALSE);
-
- ret = FALSE;
-
- uid = polkit_authorization_get_uid (auth);
-
- switch (polkit_authorization_get_scope (auth)) {
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT:
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS:
- if (!polkit_authorization_scope_process_get_pid (auth,
- &pid,
- &pid_start_time)) {
- /* this should never fail */
- kit_warning ("Cannot determine (pid,start_time) for authorization");
- goto out;
- }
- if (polkit_sysdeps_get_start_time_for_pid (pid) == pid_start_time) {
- ret = TRUE;
- goto out;
- }
- break;
-
- case POLKIT_AUTHORIZATION_SCOPE_SESSION:
- del_sessions = FALSE;
- if (sessions == NULL) {
- sessions = _get_list_of_sessions (con, uid, error);
- del_sessions = TRUE;
- }
-
- if (sessions != NULL) {
- for (i = sessions; i != NULL; i = i->next) {
- char *session_id = i->data;
- if (strcmp (session_id, polkit_authorization_scope_session_get_ck_objref (auth)) == 0) {
- ret = TRUE;
- break;
- }
- }
-
- if (del_sessions) {
- kit_list_foreach (sessions, _free_elem_in_list, NULL);
- kit_list_free (sessions);
- }
- }
- break;
-
- case POLKIT_AUTHORIZATION_SCOPE_ALWAYS:
- ret = TRUE;
- break;
- }
-
-out:
- return ret;
-}
-
-/**
- * polkit_is_authorization_relevant:
- * @con: D-Bus system bus connection
- * @auth: authorization to check for
- * @error: return location for error
- *
- * As explicit authorizations are scoped (process single shot,
- * process, session or everything), they become irrelevant once the
- * entity (process or session) ceases to exist. This function
- * determines whether the authorization is still relevant; it's useful
- * for reporting and graphical tools displaying authorizations.
- *
- * Note that this may do blocking IO to check for session
- * authorizations so it is best avoided if your process already
- * tracks/caches all the information. You can use the
- * polkit_tracker_is_authorization_relevant() method on the
- * #PolKitTracker class for this.
- *
- * Returns: #TRUE if the authorization still applies, #FALSE if an
- * error occurred (then error will be set) or if the entity the
- * authorization refers to has gone out of scope.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_is_authorization_relevant (DBusConnection *con, PolKitAuthorization *auth, DBusError *error)
-{
- return _polkit_is_authorization_relevant_internal (con, auth, NULL, error);
-}
-
-/**
- * PolKitTracker:
- *
- * Instances of this class are used to cache information about
- * callers; typically this is used in scenarios where the same caller
- * is calling into a mechanism multiple times.
- *
- * Thus, an application can use this class to get the #PolKitCaller
- * object; the class will listen to both NameOwnerChanged and
- * ActivityChanged signals from the message bus and update / retire
- * the #PolKitCaller objects.
- *
- * An example of how to use #PolKitTracker is provided here. First, build the following program
- *
- * <programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../examples/tracker-example/tracker-example.c" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
- *
- * with
- *
- * <programlisting>gcc -o tracker-example `pkg-config --cflags --libs dbus-glib-1 polkit-dbus` tracker-example.c</programlisting>
- *
- * Then put the following content
- *
- * <programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../examples/tracker-example/dk.fubar.PolKitTestService.conf" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
- *
- * in the file <literal>/etc/dbus-1/system.d/dk.fubar.PolKitTestService.conf</literal>. Finally,
- * create a small Python client like this
- *
- * <programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../examples/tracker-example/tracker-example-client.py" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
- *
- * as <literal>tracker-example-client.py</literal>. Now, run <literal>tracker-example</literal>
- * in one window and <literal>tracker-example-client</literal> in another. The output of
- * the former should look like this
- *
- *
- * <programlisting>
- * 18:20:00.414: PolKitCaller: refcount=1 dbus_name=:1.473 uid=500 pid=8636 selinux_context=system_u:system_r:unconfined_t
- * 18:20:00.414: PolKitSession: refcount=1 uid=0 objpath=/org/freedesktop/ConsoleKit/Session1 is_active=1 is_local=1 remote_host=(null)
- * 18:20:00.414: PolKitSeat: refcount=1 objpath=/org/freedesktop/ConsoleKit/Seat1
- *
- * 18:20:01.424: PolKitCaller: refcount=1 dbus_name=:1.473 uid=500 pid=8636 selinux_context=system_u:system_r:unconfined_t
- * 18:20:01.424: PolKitSession: refcount=1 uid=0 objpath=/org/freedesktop/ConsoleKit/Session1 is_active=1 is_local=1 remote_host=(null)
- * 18:20:01.424: PolKitSeat: refcount=1 objpath=/org/freedesktop/ConsoleKit/Seat1
- *
- * 18:20:02.434: PolKitCaller: refcount=1 dbus_name=:1.473 uid=500 pid=8636 selinux_context=system_u:system_r:unconfined_t
- * 18:20:02.434: PolKitSession: refcount=1 uid=0 objpath=/org/freedesktop/ConsoleKit/Session1 is_active=0 is_local=1 remote_host=(null)
- * 18:20:02.434: PolKitSeat: refcount=1 objpath=/org/freedesktop/ConsoleKit/Seat1
- *
- * 18:20:03.445: PolKitCaller: refcount=1 dbus_name=:1.473 uid=500 pid=8636 selinux_context=system_u:system_r:unconfined_t
- * 18:20:03.445: PolKitSession: refcount=1 uid=0 objpath=/org/freedesktop/ConsoleKit/Session1 is_active=1 is_local=1 remote_host=(null)
- * 18:20:03.445: PolKitSeat: refcount=1 objpath=/org/freedesktop/ConsoleKit/Seat1
- * </programlisting>
- *
- * The point of the test program is simply to gather caller
- * information about clients (the small Python program, you may launch
- * multiple instances of it) that repeatedly calls into the D-Bus
- * service; if one runs <literal>strace(1)</literal> in front of the
- * test program one will notice that there is only syscall / IPC
- * overhead (except for printing to stdout) on the first call from the
- * client.
- *
- * The careful reader will notice that, during the testing session, we
- * did a quick VT switch away from the session (and back) which is
- * reflected in the output.
- *
- * These functions are in <literal>libpolkit-dbus</literal>.
- **/
-struct _PolKitTracker {
- int refcount;
- DBusConnection *con;
-
- KitHash *dbus_name_to_caller;
-
- KitHash *pid_start_time_to_caller;
-};
-
-typedef struct {
- pid_t pid;
- polkit_uint64_t start_time;
-} _PidStartTimePair;
-
-static _PidStartTimePair *
-_pid_start_time_new (pid_t pid, polkit_uint64_t start_time)
-{
- _PidStartTimePair *obj;
- obj = kit_new (_PidStartTimePair, 1);
- obj->pid = pid;
- obj->start_time = start_time;
- return obj;
-}
-
-static uint32_t
-_pid_start_time_hash (const void *a)
-{
- uint32_t val;
- _PidStartTimePair *pst = (_PidStartTimePair *) a;
-
- val = pst->pid + ((int) pst->start_time);
-
- return val;
-}
-
-static kit_bool_t
-_pid_start_time_equal (const void *a, const void *b)
-{
- _PidStartTimePair *_a = (_PidStartTimePair *) a;
- _PidStartTimePair *_b = (_PidStartTimePair *) b;
-
- return (_a->pid == _b->pid) && (_a->start_time == _b->start_time);
-}
-
-/**
- * polkit_tracker_new:
- *
- * Creates a new #PolKitTracker object.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: the new object
- *
- * Since: 0.7
- **/
-PolKitTracker *
-polkit_tracker_new (void)
-{
- PolKitTracker *pk_tracker;
- pk_tracker = kit_new0 (PolKitTracker, 1);
- pk_tracker->refcount = 1;
- pk_tracker->dbus_name_to_caller = kit_hash_new (kit_hash_str_hash_func,
- kit_hash_str_equal_func,
- NULL,
- NULL,
- (KitFreeFunc) kit_free,
- (KitFreeFunc) polkit_caller_unref);
- pk_tracker->pid_start_time_to_caller = kit_hash_new (_pid_start_time_hash,
- _pid_start_time_equal,
- NULL,
- NULL,
- (KitFreeFunc) kit_free,
- (KitFreeFunc) polkit_caller_unref);
- return pk_tracker;
-}
-
-/**
- * polkit_tracker_ref:
- * @pk_tracker: the tracker object
- *
- * Increase reference count.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: the object
- *
- * Since: 0.7
- **/
-PolKitTracker *
-polkit_tracker_ref (PolKitTracker *pk_tracker)
-{
- kit_return_val_if_fail (pk_tracker != NULL, pk_tracker);
- pk_tracker->refcount++;
- return pk_tracker;
-}
-
-/**
- * polkit_tracker_unref:
- * @pk_tracker: the tracker object
- *
- * Decreases the reference count of the object. If it becomes zero,
- * the object is freed. Before freeing, reference counts on embedded
- * objects are decresed by one.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- **/
-void
-polkit_tracker_unref (PolKitTracker *pk_tracker)
-{
- kit_return_if_fail (pk_tracker != NULL);
- pk_tracker->refcount--;
- if (pk_tracker->refcount > 0)
- return;
- kit_hash_unref (pk_tracker->dbus_name_to_caller);
- kit_hash_unref (pk_tracker->pid_start_time_to_caller);
- dbus_connection_unref (pk_tracker->con);
- kit_free (pk_tracker);
-}
-
-/**
- * polkit_tracker_set_system_bus_connection:
- * @pk_tracker: the tracker object
- * @con: the connection to the system message bus
- *
- * Tell the #PolKitTracker object to use the given D-Bus connection
- * when it needs to fetch information from the system message bus and
- * ConsoleKit services. This is used for priming the cache.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- */
-void
-polkit_tracker_set_system_bus_connection (PolKitTracker *pk_tracker, DBusConnection *con)
-{
- kit_return_if_fail (pk_tracker != NULL);
- pk_tracker->con = dbus_connection_ref (con);
-}
-
-/**
- * polkit_tracker_init:
- * @pk_tracker: the tracker object
- *
- * Initialize the tracker.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- */
-void
-polkit_tracker_init (PolKitTracker *pk_tracker)
-{
- kit_return_if_fail (pk_tracker != NULL);
- /* This is currently a no-op */
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-static void
-_set_session_inactive_iter (void *key, PolKitCaller *caller, const char *session_objpath, KitHash *hash)
-{
- char *objpath;
- PolKitSession *session;
- if (!polkit_caller_get_ck_session (caller, &session))
- return;
- if (!polkit_session_get_ck_objref (session, &objpath))
- return;
- if (strcmp (objpath, session_objpath) != 0)
- return;
- polkit_session_set_ck_is_active (session, FALSE);
-}
-
-static void
-_set_session_active_iter (void *key, PolKitCaller *caller, const char *session_objpath, KitHash *hash)
-{
- char *objpath;
- PolKitSession *session;
- if (!polkit_caller_get_ck_session (caller, &session))
- return;
- if (!polkit_session_get_ck_objref (session, &objpath))
- return;
- if (strcmp (objpath, session_objpath) != 0)
- return;
- polkit_session_set_ck_is_active (session, TRUE);
-}
-
-static void
-_update_session_is_active (PolKitTracker *pk_tracker, const char *session_objpath, kit_bool_t is_active)
-{
- kit_hash_foreach (pk_tracker->dbus_name_to_caller,
- (KitHashForeachFunc) (is_active ? _set_session_active_iter : _set_session_inactive_iter),
- (void *) session_objpath);
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-static kit_bool_t
-_remove_caller_by_session_iter (void *key, PolKitCaller *caller, const char *session_objpath, KitHash *hash)
-{
- char *objpath;
- PolKitSession *session;
- if (!polkit_caller_get_ck_session (caller, &session))
- return FALSE;
- if (!polkit_session_get_ck_objref (session, &objpath))
- return FALSE;
- if (strcmp (objpath, session_objpath) != 0)
- return FALSE;
- return TRUE;
-}
-
-static void
-_remove_caller_by_session (PolKitTracker *pk_tracker, const char *session_objpath)
-{
- kit_hash_foreach_remove (pk_tracker->dbus_name_to_caller,
- (KitHashForeachFunc) _remove_caller_by_session_iter,
- (void *) session_objpath);
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-static kit_bool_t
-_remove_caller_by_dbus_name_iter (void *key, PolKitCaller *caller, const char *dbus_name, KitHash *hash)
-{
- char *name;
- if (!polkit_caller_get_dbus_name (caller, &name))
- return FALSE;
- if (strcmp (name, dbus_name) != 0)
- return FALSE;
- return TRUE;
-}
-
-static void
-_remove_caller_by_dbus_name (PolKitTracker *pk_tracker, const char *dbus_name)
-{
- kit_hash_foreach_remove (pk_tracker->dbus_name_to_caller,
- (KitHashForeachFunc) _remove_caller_by_dbus_name_iter,
- (void *) dbus_name);
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-/**
- * polkit_tracker_dbus_func:
- * @pk_tracker: the tracker object
- * @message: message to pass
- *
- * The owner of the #PolKitTracker object must pass signals from the
- * system message bus (just NameOwnerChanged will do) and all signals
- * from the ConsoleKit service into this function.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Returns: #TRUE only if there was a change in the ConsoleKit database.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_tracker_dbus_func (PolKitTracker *pk_tracker, DBusMessage *message)
-{
- kit_bool_t ret;
-
- ret = FALSE;
-
- if (dbus_message_is_signal (message, DBUS_INTERFACE_DBUS, "NameOwnerChanged")) {
- char *name;
- char *new_service_name;
- char *old_service_name;
-
- if (!dbus_message_get_args (message, NULL,
- DBUS_TYPE_STRING, &name,
- DBUS_TYPE_STRING, &old_service_name,
- DBUS_TYPE_STRING, &new_service_name,
- DBUS_TYPE_INVALID)) {
-
- /* TODO: should be _pk_critical */
- polkit_debug ("The NameOwnerChanged signal on the " DBUS_INTERFACE_DBUS " "
- "interface has the wrong signature! Your system is misconfigured.");
- goto out;
- }
-
- if (strlen (new_service_name) == 0) {
- _remove_caller_by_dbus_name (pk_tracker, name);
- }
-
- } else if (dbus_message_is_signal (message, "org.freedesktop.ConsoleKit.Session", "ActiveChanged")) {
- dbus_bool_t is_active;
- DBusError error;
- const char *session_objpath;
-
- ret = TRUE;
-
- dbus_error_init (&error);
- session_objpath = dbus_message_get_path (message);
- if (!dbus_message_get_args (message, &error,
- DBUS_TYPE_BOOLEAN, &is_active,
- DBUS_TYPE_INVALID)) {
-
- /* TODO: should be _pk_critical */
- kit_warning ("The ActiveChanged signal on the org.freedesktop.ConsoleKit.Session "
- "interface for object %s has the wrong signature! "
- "Your system is misconfigured.", session_objpath);
-
- /* as a security measure, remove all sessions with this path from the cache;
- * cuz then the user of PolKitTracker probably gets to deal with a DBusError
- * the next time he tries something...
- */
- _remove_caller_by_session (pk_tracker, session_objpath);
- goto out;
- }
-
- /* now go through all Caller objects and update the is_active field as appropriate */
- _update_session_is_active (pk_tracker, session_objpath, is_active);
-
- } else if (dbus_message_is_signal (message, "org.freedesktop.ConsoleKit.Seat", "SessionAdded")) {
- DBusError error;
- const char *seat_objpath;
- const char *session_objpath;
-
- /* If a session is added, update our list of sessions.. also notify the user.. */
-
- ret = TRUE;
-
- dbus_error_init (&error);
- seat_objpath = dbus_message_get_path (message);
- if (!dbus_message_get_args (message, &error,
- DBUS_TYPE_STRING, &session_objpath,
- DBUS_TYPE_INVALID)) {
-
- /* TODO: should be _pk_critical */
- kit_warning ("The SessionAdded signal on the org.freedesktop.ConsoleKit.Seat "
- "interface for object %s has the wrong signature! "
- "Your system is misconfigured.", seat_objpath);
-
- goto out;
- }
-
- /* TODO: add to sessions - see polkit_tracker_is_authorization_relevant() */
-
- } else if (dbus_message_is_signal (message, "org.freedesktop.ConsoleKit.Seat", "SessionRemoved")) {
- DBusError error;
- const char *seat_objpath;
- const char *session_objpath;
-
- /* If a session is removed, authorizations scoped for that session
- * may become inactive.. so do notify the user about it..
- */
-
- ret = TRUE;
-
- dbus_error_init (&error);
- seat_objpath = dbus_message_get_path (message);
- if (!dbus_message_get_args (message, &error,
- DBUS_TYPE_STRING, &session_objpath,
- DBUS_TYPE_INVALID)) {
-
- /* TODO: should be _pk_critical */
- kit_warning ("The SessionRemoved signal on the org.freedesktop.ConsoleKit.Seat "
- "interface for object %s has the wrong signature! "
- "Your system is misconfigured.", seat_objpath);
-
- goto out;
- }
-
- _remove_caller_by_session (pk_tracker, session_objpath);
-
- /* TODO: remove from sessions - see polkit_tracker_is_authorization_relevant() */
- }
-
- /* TODO: when ConsoleKit gains the ability to attach/detach a session to a seat (think
- * hot-desking), we want to update our local caches too
- */
-
-out:
- return ret;
-}
-
-/**
- * polkit_tracker_get_caller_from_dbus_name:
- * @pk_tracker: the tracker object
- * @dbus_name: unique name on the system message bus
- * @error: D-Bus error
- *
- * This function is similar to polkit_caller_new_from_dbus_name()
- * except that it uses the cache in #PolKitTracker. So on the second
- * and subsequent calls, for the same D-Bus name, there will be no
- * syscall or IPC overhead in calling this function.
- *
- * Returns: A #PolKitCaller object; the caller must use
- * polkit_caller_unref() on the object when done with it. Returns
- * #NULL if an error occured (in which case error will be set).
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- */
-PolKitCaller *
-polkit_tracker_get_caller_from_dbus_name (PolKitTracker *pk_tracker, const char *dbus_name, DBusError *error)
-{
- PolKitCaller *caller;
-
- kit_return_val_if_fail (pk_tracker != NULL, NULL);
- kit_return_val_if_fail (pk_tracker->con != NULL, NULL);
- kit_return_val_if_fail (! dbus_error_is_set (error), NULL);
-
- /* kit_debug ("Looking up cache for PolKitCaller for dbus_name %s...", dbus_name); */
-
- caller = kit_hash_lookup (pk_tracker->dbus_name_to_caller, (void *) dbus_name, NULL);
- if (caller != NULL)
- return polkit_caller_ref (caller);
-
- /* kit_debug ("Have to compute PolKitCaller for dbus_name %s...", dbus_name); */
-
- caller = polkit_caller_new_from_dbus_name (pk_tracker->con, dbus_name, error);
- if (caller == NULL)
- return NULL;
-
- kit_hash_insert (pk_tracker->dbus_name_to_caller, kit_strdup (dbus_name), caller);
- return polkit_caller_ref (caller);
-}
-
-
-/**
- * polkit_tracker_get_caller_from_pid:
- * @pk_tracker: the tracker object
- * @pid: UNIX process id to look at
- * @error: D-Bus error
- *
- * This function is similar to polkit_caller_new_from_pid()
- * except that it uses the cache in #PolKitTracker. So on the second
- * and subsequent calls, for the same D-Bus name, there will be no
- * IPC overhead in calling this function.
- *
- * There will be some syscall overhead to lookup the time when the
- * given process is started (on Linux, looking up /proc/$pid/stat);
- * this is needed because pid's can be recycled and the cache thus
- * needs to record this in addition to the pid.
- *
- * Returns: A #PolKitCaller object; the caller must use
- * polkit_caller_unref() on the object when done with it. Returns
- * #NULL if an error occured (in which case error will be set).
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- */
-PolKitCaller *
-polkit_tracker_get_caller_from_pid (PolKitTracker *pk_tracker, pid_t pid, DBusError *error)
-{
- PolKitCaller *caller;
- polkit_uint64_t start_time;
- _PidStartTimePair *pst;
-
- kit_return_val_if_fail (pk_tracker != NULL, NULL);
- kit_return_val_if_fail (pk_tracker->con != NULL, NULL);
- kit_return_val_if_fail (! dbus_error_is_set (error), NULL);
-
- start_time = polkit_sysdeps_get_start_time_for_pid (pid);
- if (start_time == 0) {
- if (error != NULL) {
- dbus_set_error (error,
- "org.freedesktop.PolicyKit",
- "Cannot look up start time for pid %d", pid);
- }
- return NULL;
- }
-
- pst = _pid_start_time_new (pid, start_time);
-
- /* kit_debug ("Looking up cache for pid %d (start_time %lld)...", pid, start_time); */
-
- caller = kit_hash_lookup (pk_tracker->pid_start_time_to_caller, (void *) pst, NULL);
- if (caller != NULL) {
- kit_free (pst);
- return polkit_caller_ref (caller);
- }
-
- /* kit_debug ("Have to compute PolKitCaller from pid %d (start_time %lld)...", pid, start_time); */
-
- caller = polkit_caller_new_from_pid (pk_tracker->con, pid, error);
- if (caller == NULL) {
- kit_free (pst);
- return NULL;
- }
-
- /* TODO: we need to evict old entries..
- *
- * Say, timestamp the entries in _PidStartTimePair and do
- * garbage collection every hour or so (e.g. record when we
- * last did garbage collection and check this time on the next
- * call into this function).
- */
-
- kit_hash_insert (pk_tracker->pid_start_time_to_caller, pst, caller);
- return polkit_caller_ref (caller);
-}
-
-
-/**
- * polkit_tracker_is_authorization_relevant:
- * @pk_tracker: the tracker
- * @auth: authorization to check for
- * @error: return location for error
- *
- * As explicit authorizations are scoped (process single shot,
- * process, session or everything), they become irrelevant once the
- * entity (process or session) ceases to exist. This function
- * determines whether the authorization is still relevant; it's useful
- * for reporting and graphical tools displaying authorizations.
- *
- * This function is similar to polkit_is_authorization_relevant() only
- * that it avoids IPC overhead on the 2nd and subsequent calls when
- * checking authorizations scoped for a session.
- *
- * Returns: #TRUE if the authorization still applies, #FALSE if an
- * error occurred (then error will be set) or if the entity the
- * authorization refers to has gone out of scope.
- *
- * This function is in <literal>libpolkit-dbus</literal>.
- *
- * Since: 0.7
- */
-polkit_bool_t
-polkit_tracker_is_authorization_relevant (PolKitTracker *pk_tracker, PolKitAuthorization *auth, DBusError *error)
-{
-
- kit_return_val_if_fail (pk_tracker != NULL, FALSE);
- kit_return_val_if_fail (pk_tracker->con != NULL, FALSE);
- kit_return_val_if_fail (! dbus_error_is_set (error), FALSE);
-
- /* TODO: optimize... in order to do this sanely we need CK's Manager object to export
- * a method GetAllSessions() - otherwise we'd need to key off every uid.
- *
- * It's no biggie we don't have this optimization yet.. it's only used by polkit-auth(1)
- * and the GNOME utility for managing authorizations.
- */
- return _polkit_is_authorization_relevant_internal (pk_tracker->con, auth, NULL, error);
-}
diff --git a/src/polkit/polkit-tracker.h b/src/polkit/polkit-tracker.h
deleted file mode 100644
index f994129..0000000
--- a/src/polkit/polkit-tracker.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-tracker.h : track callers
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_TRACKER_H
-#define POLKIT_TRACKER_H
-
-#include <dbus/dbus.h>
-#include <polkit/polkit-caller.h>
-#include <polkit/polkit-authorization.h>
-
-POLKIT_BEGIN_DECLS
-
-PolKitSession *polkit_session_new_from_objpath (DBusConnection *con, const char *objpath, uid_t uid, DBusError *error);
-PolKitSession *polkit_session_new_from_cookie (DBusConnection *con, const char *cookie, DBusError *error);
-
-PolKitCaller *polkit_caller_new_from_dbus_name (DBusConnection *con, const char *dbus_name, DBusError *error);
-
-PolKitCaller *polkit_caller_new_from_pid (DBusConnection *con, pid_t pid, DBusError *error);
-
-polkit_bool_t polkit_is_authorization_relevant (DBusConnection *con, PolKitAuthorization *auth, DBusError *error);
-
-struct _PolKitTracker;
-typedef struct _PolKitTracker PolKitTracker;
-
-PolKitTracker *polkit_tracker_new (void);
-PolKitTracker *polkit_tracker_ref (PolKitTracker *pk_tracker);
-void polkit_tracker_unref (PolKitTracker *pk_tracker);
-void polkit_tracker_set_system_bus_connection (PolKitTracker *pk_tracker, DBusConnection *con);
-void polkit_tracker_init (PolKitTracker *pk_tracker);
-polkit_bool_t polkit_tracker_dbus_func (PolKitTracker *pk_tracker, DBusMessage *message);
-PolKitCaller *polkit_tracker_get_caller_from_dbus_name (PolKitTracker *pk_tracker, const char *dbus_name, DBusError *error);
-PolKitCaller *polkit_tracker_get_caller_from_pid (PolKitTracker *pk_tracker, pid_t pid, DBusError *error);
-polkit_bool_t
-polkit_tracker_is_authorization_relevant (PolKitTracker *pk_tracker, PolKitAuthorization *auth, DBusError *error);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_ACTION_H */
-
-
diff --git a/src/polkit/polkit-types.h b/src/polkit/polkit-types.h
deleted file mode 100644
index 8144dee..0000000
--- a/src/polkit/polkit-types.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-types.h : fundamental types such as polkit_bool_t
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#if !defined (POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef POLKIT_TYPES_H
-#define POLKIT_TYPES_H
-
-#ifdef __cplusplus
-# define POLKIT_BEGIN_DECLS extern "C" {
-# define POLKIT_END_DECLS }
-#else
-/**
- * POLKIT_BEGIN_DECLS:
- *
- * C++ include header guard.
- */
-# define POLKIT_BEGIN_DECLS
-/**
- * POLKIT_END_DECLS:
- *
- * C++ include header guard.
- */
-# define POLKIT_END_DECLS
-#endif
-
-#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1)
-#define POLKIT_GNUC_DEPRECATED \
- __attribute__((__deprecated__))
-#else
-/**
- * POLKIT_GNUC_DEPRECATED:
- *
- * Used in front of deprecated functions.
- */
-#define POLKIT_GNUC_DEPRECATED
-#endif /* __GNUC__ */
-
-POLKIT_BEGIN_DECLS
-
-/**
- * SECTION:polkit-types
- * @title: Basic types
- * @short_description: Type definitions for common primitive types.
- *
- * Type definitions for common primitive types.
- **/
-
-/**
- * polkit_bool_t:
- *
- * A boolean, valid values are #TRUE and #FALSE.
- */
-typedef int polkit_bool_t;
-
-/**
- * polkit_uint32_t:
- *
- * Type for unsigned 32 bit integer.
- */
-typedef unsigned int polkit_uint32_t;
-
-/**
- * polkit_uint64_t:
- *
- * Type for unsigned 64 bit integer.
- */
-typedef unsigned long long polkit_uint64_t;
-
-#ifndef TRUE
-# define TRUE 1
-#endif
-#ifndef FALSE
-# define FALSE 0
-#endif
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_TYPES_H */
-
-
diff --git a/src/polkit/polkit-utils.c b/src/polkit/polkit-utils.c
deleted file mode 100644
index be68086..0000000
--- a/src/polkit/polkit-utils.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-utils.c : internal utilities used in polkit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <sys/time.h>
-#include <time.h>
-#include <string.h>
-
-#include "polkit-utils.h"
-#include "polkit-debug.h"
-#include "polkit-private.h"
-#include "polkit-test.h"
-
-/**
- * SECTION:polkit-utils
- * @short_description: Internal utility functions for polkit.
- *
- * Internal utility functions for polkit.
- **/
-
-/**
- * _pk_validate_identifier:
- * @identifier: the NUL-terminated string to validate
- *
- * Validates strings used for an identifier; PolicyKit conventions
- * state that identifiers must be NUL-terminated ASCII strings less
- * than 256 bytes and only contain the characters "[a-z][A-Z]0-9]._-:/"
- *
- * Returns: #TRUE iff the identifier validates
- **/
-polkit_bool_t
-_pk_validate_identifier (const char *identifier)
-{
- unsigned int n;
- polkit_bool_t ret;
-
- kit_return_val_if_fail (identifier != NULL, FALSE);
-
- ret = FALSE;
- for (n = 0; identifier[n] != '\0'; n++) {
- char c = identifier[n];
-
- if (n >= 255) {
- polkit_debug ("identifier too long");
- goto out;
- }
-
- if ((c >= 'a' && c <= 'z') ||
- (c >= 'A' && c <= 'Z') ||
- (c >= '0' && c <= '9') ||
- c == '.' ||
- c == '_' ||
- c == '-' ||
- c == ':' ||
- c == '/')
- continue;
-
- polkit_debug ("invalid character in identifier");
- goto out;
- }
-
- ret = TRUE;
-out:
- return ret;
-}
-
-
-/* Determine wether the given character is valid as a second or later character in a bus name */
-#define VALID_BUS_NAME_CHARACTER(c) \
- ( ((c) >= '0' && (c) <= '9') || \
- ((c) >= 'A' && (c) <= 'Z') || \
- ((c) >= 'a' && (c) <= 'z') || \
- ((c) == '_') || ((c) == '-'))
-
-polkit_bool_t
-_pk_validate_unique_bus_name (const char *unique_bus_name)
-{
- int len;
- const char *s;
- const char *end;
- const char *last_dot;
- polkit_bool_t ret;
-
- ret = FALSE;
-
- if (unique_bus_name == NULL)
- goto error;
-
- len = strlen (unique_bus_name);
- if (len == 0)
- goto error;
-
- end = unique_bus_name + len;
- last_dot = NULL;
-
- s = unique_bus_name;
-
- /* check special cases of first char so it doesn't have to be done
- * in the loop. Note we know len > 0
- */
- if (*s == ':') {
- /* unique name */
- ++s;
- while (s != end) {
- if (*s == '.') {
- if ((s + 1) == end)
- goto error;
- if (!VALID_BUS_NAME_CHARACTER (*(s + 1)))
- goto error;
- ++s; /* we just validated the next char, so skip two */
- } else if (!VALID_BUS_NAME_CHARACTER (*s)) {
- goto error;
- }
- ++s;
- }
- } else {
- goto error;
- }
-
- ret = TRUE;
-
-error:
- if (!ret)
- polkit_debug ("name '%s' did not validate", unique_bus_name);
- return ret;
-}
-
-#ifdef POLKIT_BUILD_TESTS
-
-static polkit_bool_t
-_run_test (void)
-{
- return TRUE;
-}
-
-KitTest _test_utils = {
- "polkit_utils",
- NULL,
- NULL,
- _run_test
-};
-
-#endif /* POLKIT_BUILD_TESTS */
diff --git a/src/polkit/polkit-utils.h b/src/polkit/polkit-utils.h
deleted file mode 100644
index fc65178..0000000
--- a/src/polkit/polkit-utils.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-utils.h : internal utilities used in polkit
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifndef POLKIT_UTILS_H
-#define POLKIT_UTILS_H
-
-#include <polkit/polkit-types.h>
-
-POLKIT_BEGIN_DECLS
-
-polkit_bool_t _pk_validate_identifier (const char *identifier);
-
-polkit_bool_t _pk_validate_unique_bus_name (const char *unique_bus_name);
-
-POLKIT_END_DECLS
-
-#endif /* POLKIT_UTILS_H */
-
-
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
deleted file mode 100644
index 3487c95..0000000
--- a/src/polkit/polkit.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit.h : library for querying system-wide policy
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifndef POLKIT_H
-#define POLKIT_H
-
-#define _POLKIT_INSIDE_POLKIT_H 1
-#include <polkit/polkit-types.h>
-#include <polkit/polkit-sysdeps.h>
-#include <polkit/polkit-error.h>
-#include <polkit/polkit-result.h>
-#include <polkit/polkit-context.h>
-#include <polkit/polkit-action.h>
-#include <polkit/polkit-seat.h>
-#include <polkit/polkit-session.h>
-#include <polkit/polkit-caller.h>
-#include <polkit/polkit-action-description.h>
-#include <polkit/polkit-implicit-authorization.h>
-#include <polkit/polkit-authorization.h>
-#include <polkit/polkit-authorization-db.h>
-#include <polkit/polkit-tracker.h>
-#include <polkit/polkit-simple.h>
-#undef _POLKIT_INSIDE_POLKIT_H
-
-#endif /* POLKIT_H */
-
-
diff --git a/test/Makefile.am b/test/Makefile.am
deleted file mode 100644
index c062a69..0000000
--- a/test/Makefile.am
+++ /dev/null
@@ -1,16 +0,0 @@
-
-EXTRA_DIST = \
- create-coverage-report.sh \
- invalid/test-invalid-1-action-id.policy \
- invalid/test-invalid-2-bogus-any.policy \
- invalid/test-invalid-3-bogus-inactive.policy \
- invalid/test-invalid-4-bogus-active.policy \
- invalid/test-invalid-5-max-depth.policy \
- valid/test-valid-1.policy \
- valid/test-valid-2-annotations.policy \
- valid/test-valid-3-lang.policy \
- valid/test-valid-4-unknown-tags.policy \
- valid/test-valid-5-wrong-extension.policy~
-
-clean-local :
- rm -f *~
diff --git a/test/authdb-test/.gitignore b/test/authdb-test/.gitignore
deleted file mode 100644
index e69de29..0000000
diff --git a/test/authdb-test/lib/polkit-1/.gitignore b/test/authdb-test/lib/polkit-1/.gitignore
deleted file mode 100644
index e69de29..0000000
diff --git a/test/authdb-test/misc/.gitignore b/test/authdb-test/misc/.gitignore
deleted file mode 100644
index e69de29..0000000
diff --git a/test/authdb-test/run/polkit-1/.gitignore b/test/authdb-test/run/polkit-1/.gitignore
deleted file mode 100644
index e69de29..0000000
diff --git a/test/create-coverage-report.sh b/test/create-coverage-report.sh
deleted file mode 100755
index 68ce8f6..0000000
--- a/test/create-coverage-report.sh
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/sh
-
-TOTAL_ACTUAL=0
-TOTAL_COVERED=0
-TOTAL_SOURCE=0
-
-P=$(dirname $0)/..
-
-MODULE=$1
-shift
-
-
-echo "=============================================================================="
-echo "Test coverage for $MODULE:"
-echo "=============================================================================="
-
-while [ $# -gt 0 ] ; do
- SOURCE=`cat $P/$1 |wc -l`
- TOTAL_SOURCE=$(($TOTAL_SOURCE + $SOURCE))
-
- echo -n "$1"
-
- n=${#1}
- while [ $n -lt 55 ] ; do
- echo -n " "
- n=$(($n + 1))
- done
-
- echo -n " : "
-
- if [ -e $P/$1.gcov ] ; then
- ACTUAL=`grep -v " -:" $P/$1.gcov |wc -l`
- NOT_COVERED=`grep " #####:" $P/$1.gcov |wc -l`
- COVERED=$(($ACTUAL - $NOT_COVERED))
- PERCENT=$((100 * $COVERED / $ACTUAL))
-
- TOTAL_ACTUAL=$(($TOTAL_ACTUAL + $ACTUAL))
- TOTAL_COVERED=$(($TOTAL_COVERED + $COVERED))
-
- if [ $PERCENT -lt 10 ] ; then
- echo -n " $PERCENT%"
- elif [ $PERCENT -lt 100 ] ; then
- echo -n " $PERCENT%"
- else
- echo -n "100%"
- fi
-
- echo " ($COVERED of $ACTUAL)"
-
- else
- echo " 0% (not tested)"
- fi
-
- shift
-done
-
-TOTAL_PERCENT=$((100 * $TOTAL_COVERED / $TOTAL_ACTUAL))
-
-echo
-echo "Source lines : $TOTAL_SOURCE"
-echo "Actual statements : $TOTAL_ACTUAL"
-echo "Executed statements : $TOTAL_COVERED"
-echo "Test coverage : $TOTAL_PERCENT%"
-echo
diff --git a/test/invalid/test-invalid-1-action-id.policy b/test/invalid/test-invalid-1-action-id.policy
deleted file mode 100644
index 0875d5f..0000000
--- a/test/invalid/test-invalid-1-action-id.policy
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="4org.example.invalid1">
- <description>foo</description>
- <message>bar</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/invalid/test-invalid-2-bogus-any.policy b/test/invalid/test-invalid-2-bogus-any.policy
deleted file mode 100644
index 529e2c5..0000000
--- a/test/invalid/test-invalid-2-bogus-any.policy
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.invalid2">
- <description>foo</description>
- <message>bar</message>
- <defaults>
- <allow_any>_bogus_</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/invalid/test-invalid-3-bogus-inactive.policy b/test/invalid/test-invalid-3-bogus-inactive.policy
deleted file mode 100644
index 555976d..0000000
--- a/test/invalid/test-invalid-3-bogus-inactive.policy
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.invalid3">
- <description>foo</description>
- <message>bar</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>_bogus_</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/invalid/test-invalid-4-bogus-active.policy b/test/invalid/test-invalid-4-bogus-active.policy
deleted file mode 100644
index 0f82e7b..0000000
--- a/test/invalid/test-invalid-4-bogus-active.policy
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.invalid4">
- <description>foo</description>
- <message>bar</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>_bogus_</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/invalid/test-invalid-5-max-depth.policy b/test/invalid/test-invalid-5-max-depth.policy
deleted file mode 100644
index 1dd1520..0000000
--- a/test/invalid/test-invalid-5-max-depth.policy
+++ /dev/null
@@ -1,87 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- <future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
- </future>
-
- <action id="org.example.invalid5">
- <description>foo</description>
- <message>bar</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/valid/test-valid-1.policy b/test/valid/test-valid-1.policy
deleted file mode 100644
index 24bd602..0000000
--- a/test/valid/test-valid-1.policy
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.valid1">
- <description>example</description>
- <message>example</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/valid/test-valid-2-annotations.policy b/test/valid/test-valid-2-annotations.policy
deleted file mode 100644
index 3fbfd33..0000000
--- a/test/valid/test-valid-2-annotations.policy
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.valid2">
- <description>example 2</description>
- <message>message 2</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- <annotate key="the.key1">Some Value 1</annotate>
- <annotate key="the.key2">Some Value 2</annotate>
- </action>
-
- <action id="org.example.valid2b">
- <description>example 2</description>
- <message>message 2</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- <annotate key="the.key1">Some Value 1b</annotate>
- </action>
-
-</policyconfig>
diff --git a/test/valid/test-valid-3-lang.policy b/test/valid/test-valid-3-lang.policy
deleted file mode 100644
index c13bd14..0000000
--- a/test/valid/test-valid-3-lang.policy
+++ /dev/null
@@ -1,28 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.valid3">
- <description>example</description>
- <message>message</message>
- <description xml:lang="da">example (danish)</description>
- <message xml:lang="da">message (danish)</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
- <action id="org.example.valid3b">
- <description>example 2</description>
- <message>message 2</message>
- <description xml:lang="da">example 2 (danish)</description>
- <message xml:lang="da">message 2 (danish)</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/test/valid/test-valid-4-unknown-tags.policy b/test/valid/test-valid-4-unknown-tags.policy
deleted file mode 100644
index af0ba07..0000000
--- a/test/valid/test-valid-4-unknown-tags.policy
+++ /dev/null
@@ -1,20 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.valid4">
- <description>example</description>
- <message>example</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- <future_tag>
- <future_tag2/>
- <future_tag3>
- <future_tag4/>
- </future_tag3>
- </future_tag>
- </action>
-
-</policyconfig>
diff --git a/test/valid/test-valid-5-wrong-extension.policy~ b/test/valid/test-valid-5-wrong-extension.policy~
deleted file mode 100644
index 24bd602..0000000
--- a/test/valid/test-valid-5-wrong-extension.policy~
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<policyconfig>
-
- <action id="org.example.valid1">
- <description>example</description>
- <message>example</message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/tools/.gitignore b/tools/.gitignore
deleted file mode 100644
index 21fa53c..0000000
--- a/tools/.gitignore
+++ /dev/null
@@ -1,9 +0,0 @@
-.deps
-.libs
-*.o
-Makefile
-Makefile.in
-polkit-is-privileged
-polkit-list-privileges
-polkit-grant-privilege
-polkit-revoke-privilege
diff --git a/tools/Makefile.am b/tools/Makefile.am
deleted file mode 100644
index 050260d..0000000
--- a/tools/Makefile.am
+++ /dev/null
@@ -1,31 +0,0 @@
-## Process this file with automake to produce Makefile.in
-
-INCLUDES = \
- -I$(top_builddir)/src -I$(top_srcdir)/src \
- -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
- -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
- -DPACKAGE_LOCALSTATEDIR=\""$(localstatedir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
- @GLIB_CFLAGS@ \
- @DBUS_CFLAGS@
-
-bin_PROGRAMS = polkit-policy-file-validate-1 polkit-action-1 polkit-auth-1
-
-polkit_policy_file_validate_1_SOURCES = polkit-policy-file-validate.c
-polkit_policy_file_validate_1_LDADD = $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la
-
-polkit_auth_1_SOURCES = polkit-auth.c
-polkit_auth_1_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ $(top_builddir)/src/polkit/libpolkit-1.la $(top_builddir)/src/polkit-grant/libpolkit-grant-1.la
-
-polkit_action_1_SOURCES = polkit-action.c
-polkit_action_1_LDADD = $(top_builddir)/src/kit/libkit.la $(top_builddir)/src/polkit/libpolkit-1.la
-
-profiledir = $(sysconfdir)/profile.d
-profile_SCRIPTS = polkit-bash-completion-1.sh
-
-EXTRA_DIST = $(profile_SCRIPTS)
-
-clean-local :
- rm -f *~ polkit-reload-config
diff --git a/tools/polkit-action.c b/tools/polkit-action.c
deleted file mode 100644
index e7af31c..0000000
--- a/tools/polkit-action.c
+++ /dev/null
@@ -1,356 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-action.c : list all registered PolicyKit actions
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdbool.h>
-#include <getopt.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include <polkit/polkit.h>
-
-static void
-usage (int argc, char *argv[])
-{
- execlp ("man", "man", "polkit-action", NULL);
- fprintf (stderr, "Cannot show man page: %m\n");
- exit (1);
-}
-
-static polkit_bool_t
-_print_annotations (PolKitActionDescription *action_description,
- const char *key,
- const char *value,
- void *user_data)
-{
- printf ("annotation: %s -> %s\n", key, value);
- return FALSE;
-}
-
-static void
-_print_details_for_entry (PolKitActionDescription *pfe)
-{
- int n;
- const char *action_id;
- PolKitImplicitAuthorization *def;
- PolKitImplicitAuthorization *def_factory;
-
- action_id = polkit_action_description_get_id (pfe);
- def = polkit_action_description_get_implicit_authorization (pfe);
- def_factory = polkit_action_description_get_implicit_authorization_factory (pfe);
-
- printf ("action_id: %s\n"
- "description: %s\n"
- "message: %s\n",
- action_id,
- polkit_action_description_get_action_description (pfe),
- polkit_action_description_get_action_message (pfe));
-
- for (n = 0; n < 3; n++) {
- PolKitResult result;
- PolKitResult result_factory;
- char *str;
-
- switch (n) {
- default:
- case 0:
- str = "default_any: ";
- result = polkit_implicit_authorization_get_allow_any (def);
- result_factory = polkit_implicit_authorization_get_allow_any (def_factory);
- break;
- case 1:
- str = "default_inactive:";
- result = polkit_implicit_authorization_get_allow_inactive (def);
- result_factory = polkit_implicit_authorization_get_allow_inactive (def_factory);
- break;
- case 2:
- str = "default_active: ";
- result = polkit_implicit_authorization_get_allow_active (def);
- result_factory = polkit_implicit_authorization_get_allow_active (def_factory);
- break;
- }
-
- if (result == result_factory) {
- printf ("%s %s\n", str, polkit_result_to_string_representation (result));
- } else {
- printf ("%s %s (factory default: %s)\n", str,
- polkit_result_to_string_representation (result),
- polkit_result_to_string_representation (result_factory));
- }
- }
-
- polkit_action_description_annotations_foreach (pfe, _print_annotations, NULL);
-}
-
-static polkit_bool_t
-_print_entry (PolKitActionDescription *pfe,
- void *user_data)
-{
- const char *action_id;
-
- action_id = polkit_action_description_get_id (pfe);
- printf ("%s\n", action_id);
-
- return FALSE;
-}
-
-static polkit_bool_t
-_print_entry_override (PolKitActionDescription *pfe,
- void *user_data)
-{
- const char *action_id;
- PolKitImplicitAuthorization *def;
- PolKitImplicitAuthorization *def_factory;
-
- def = polkit_action_description_get_implicit_authorization (pfe);
- def_factory = polkit_action_description_get_implicit_authorization_factory (pfe);
-
- if (!polkit_implicit_authorization_equals (def, def_factory)) {
- action_id = polkit_action_description_get_id (pfe);
- printf ("%s\n", action_id);
- }
-
- return FALSE;
-}
-
-int
-main (int argc, char *argv[])
-{
- int n;
- int ret;
- PolKitContext *ctx;
- PolKitError *error;
- char *action_id;
- char *reset_action_id;
- char *set_def_any_action_id;
- char *set_def_inactive_action_id;
- char *set_def_active_action_id;
- PolKitResult set_def_any_value;
- PolKitResult set_def_inactive_value;
- PolKitResult set_def_active_value;
- polkit_bool_t show_overrides;
-
- ret = 1;
- action_id = NULL;
- reset_action_id = NULL;
- set_def_any_action_id = NULL;
- set_def_inactive_action_id = NULL;
- set_def_active_action_id = NULL;
- show_overrides = FALSE;
-
- for (n = 1; n < argc; n++) {
- if (strcmp (argv[n], "--help") == 0) {
- usage (argc, argv);
- return 0;
- } else if (strcmp (argv[n], "--version") == 0) {
- printf ("polkit-action " PACKAGE_VERSION "\n");
- return 0;
- } else if (strcmp (argv[n], "--action") == 0 && n + 1 < argc) {
- action_id = argv[++n];
- } else if (strcmp (argv[n], "--reset-defaults") == 0 && n + 1 < argc) {
- reset_action_id = argv[++n];
- } else if (strcmp (argv[n], "--show-overrides") == 0) {
- show_overrides = TRUE;
- } else if (strcmp (argv[n], "--set-defaults-any") == 0 && n + 2 < argc) {
- set_def_any_action_id = argv[++n];
- if (!polkit_result_from_string_representation (argv[++n], &set_def_any_value))
- usage (argc, argv);
- } else if (strcmp (argv[n], "--set-defaults-inactive") == 0 && n + 2 < argc) {
- set_def_inactive_action_id = argv[++n];
- if (!polkit_result_from_string_representation (argv[++n], &set_def_inactive_value))
- usage (argc, argv);
- } else if (strcmp (argv[n], "--set-defaults-active") == 0 && n + 2 < argc) {
- set_def_active_action_id = argv[++n];
- if (!polkit_result_from_string_representation (argv[++n], &set_def_active_value))
- usage (argc, argv);
- } else {
- usage (argc, argv);
- return 0;
- }
- }
-
- ctx = polkit_context_new ();
- if (ctx == NULL)
- goto out;
- error = NULL;
- if (!polkit_context_init (ctx, &error)) {
- fprintf (stderr, "Init failed: %s\n", polkit_error_get_error_message (error));
- polkit_context_unref (ctx);
- goto out;
- }
-
- if (argc == 1) {
- polkit_context_action_description_foreach (ctx, _print_entry, NULL);
- goto done;
- }
-
- if (show_overrides) {
- polkit_context_action_description_foreach (ctx, _print_entry_override, NULL);
- goto done;
- }
-
- while (TRUE) {
- if (reset_action_id != NULL) {
- PolKitImplicitAuthorization *def;
- PolKitActionDescription *pfe;
- PolKitError *pk_error;
-
- pfe = polkit_context_get_action_description (ctx, reset_action_id);
- if (pfe == NULL) {
- fprintf (stderr, "Cannot find policy file entry for action id '%s'\n", reset_action_id);
- goto out;
- }
- def = polkit_action_description_get_implicit_authorization_factory (pfe);
-
- pk_error = NULL;
- if (!polkit_action_description_set_implicit_authorization (pfe, def, &pk_error)) {
- fprintf (stderr, "Error: code=%d: %s: %s\n",
- polkit_error_get_error_code (pk_error),
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
-
- reset_action_id = NULL;
- }
-
- if (set_def_any_action_id != NULL) {
- PolKitImplicitAuthorization *def;
- PolKitActionDescription *pfe;
- PolKitError *pk_error;
-
- pfe = polkit_context_get_action_description (ctx, set_def_any_action_id);
- if (pfe == NULL) {
- fprintf (stderr, "Cannot find policy file entry for action id '%s'\n", set_def_any_action_id);
- goto out;
- }
-
- def = polkit_implicit_authorization_clone (polkit_action_description_get_implicit_authorization (pfe));
- polkit_implicit_authorization_set_allow_any (def, set_def_any_value);
- pk_error = NULL;
- if (!polkit_action_description_set_implicit_authorization (pfe, def, &pk_error)) {
- fprintf (stderr, "Error: code=%d: %s: %s\n",
- polkit_error_get_error_code (pk_error),
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
- polkit_implicit_authorization_unref (def);
-
- set_def_any_action_id = NULL;
- }
-
- if (set_def_inactive_action_id != NULL) {
- PolKitImplicitAuthorization *def;
- PolKitActionDescription *pfe;
- PolKitError *pk_error;
-
- pfe = polkit_context_get_action_description (ctx, set_def_inactive_action_id);
- if (pfe == NULL) {
- fprintf (stderr, "Cannot find policy file entry for action id '%s'\n", set_def_inactive_action_id);
- goto out;
- }
-
- def = polkit_implicit_authorization_clone (polkit_action_description_get_implicit_authorization (pfe));
- polkit_implicit_authorization_set_allow_inactive (def, set_def_inactive_value);
- pk_error = NULL;
- if (!polkit_action_description_set_implicit_authorization (pfe, def, &pk_error)) {
- fprintf (stderr, "Error: code=%d: %s: %s\n",
- polkit_error_get_error_code (pk_error),
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
- polkit_implicit_authorization_unref (def);
-
- set_def_inactive_action_id = NULL;
- }
-
- if (set_def_active_action_id != NULL) {
- PolKitImplicitAuthorization *def;
- PolKitActionDescription *pfe;
- PolKitError *pk_error;
-
- pfe = polkit_context_get_action_description (ctx, set_def_active_action_id);
- if (pfe == NULL) {
- fprintf (stderr, "Cannot find policy file entry for action id '%s'\n", set_def_active_action_id);
- goto out;
- }
-
- def = polkit_implicit_authorization_clone (polkit_action_description_get_implicit_authorization (pfe));
- polkit_implicit_authorization_set_allow_active (def, set_def_active_value);
- pk_error = NULL;
- if (!polkit_action_description_set_implicit_authorization (pfe, def, &pk_error)) {
- fprintf (stderr, "Error: code=%d: %s: %s\n",
- polkit_error_get_error_code (pk_error),
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
- polkit_implicit_authorization_unref (def);
-
- set_def_active_action_id = NULL;
- }
-
- if (action_id != NULL) {
- PolKitActionDescription *pfe;
- pfe = polkit_context_get_action_description (ctx, action_id);
- if (pfe == NULL) {
- fprintf (stderr, "Cannot find policy file entry for action id '%s'\n", action_id);
- goto out;
- }
- _print_details_for_entry (pfe);
-
- action_id = NULL;
- } else {
- goto done;
- }
- }
-
-done:
-
- polkit_context_unref (ctx);
-
- ret = 0;
-out:
- return ret;
-}
diff --git a/tools/polkit-auth.c b/tools/polkit-auth.c
deleted file mode 100644
index bc60d83..0000000
--- a/tools/polkit-auth.c
+++ /dev/null
@@ -1,1023 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-auth.c : grant privileges to a user through authentication
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#define _GNU_SOURCE
-#include <getopt.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#if defined(HAVE_SOLARIS) || defined(HAVE_FREEBSD)
-#include <sys/wait.h>
-#endif
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-#include <termios.h>
-
-#include <polkit/polkit.h>
-#include <polkit-grant/polkit-grant.h>
-
-#include <glib.h>
-
-static DBusConnection *system_bus;
-static PolKitContext *pk_context;
-static PolKitAuthorizationDB *pk_authdb;
-static PolKitTracker *pk_tracker;
-static PolKitCaller *pk_caller;
-
-static gboolean opt_is_version;
-static char *opt_obtain_action_id;
-static polkit_bool_t opt_show_explicit;
-static polkit_bool_t opt_show_explicit_detail;
-static polkit_bool_t opt_show_obtainable;
-static char *opt_revoke_action_id;
-static char *opt_user;
-static char *opt_grant_action_id;
-static char *opt_block_action_id;
-
-typedef struct {
- gboolean obtained_privilege;
- GMainLoop *loop;
-} UserData;
-
-#ifndef HAVE_GETLINE
-static ssize_t
-getline (char **lineptr, size_t *n, FILE *stream)
-{
- char *line, *p;
- long size, copy;
-
- if (lineptr == NULL || n == NULL) {
- errno = EINVAL;
- return (ssize_t) -1;
- }
-
- if (ferror (stream))
- return (ssize_t) -1;
-
- /* Make sure we have a line buffer to start with. */
- if (*lineptr == NULL || *n < 2) /* !seen and no buf yet need 2 chars. */ {
-#ifndef MAX_CANON
-#define MAX_CANON 256
-#endif
- if (!*lineptr)
- line = (char *) malloc (MAX_CANON);
- else
- line = (char *) realloc (*lineptr, MAX_CANON);
- if (line == NULL)
- return (ssize_t) -1;
- *lineptr = line;
- *n = MAX_CANON;
- }
-
- line = *lineptr;
- size = *n;
-
- copy = size;
- p = line;
-
- while (1) {
- long len;
-
- while (--copy > 0) {
- int c = getc (stream);
-
- if (c == EOF)
- goto lose;
- else if ((*p++ = c) == '\n')
- goto win;
- }
-
- /* Need to enlarge the line buffer. */
- len = p - line;
- size *= 2;
- line = (char *) realloc (line, size);
- if (line == NULL)
- goto lose;
- *lineptr = line;
- *n = size;
- p = line + len;
- copy = size - len;
- }
-
-lose:
- if (p == *lineptr)
- return (ssize_t) -1;
-
- /* Return a partial line since we got an error in the middle. */
-win:
- *p = '\0';
- return p - *lineptr;
-}
-#endif
-
-static void
-conversation_type (PolKitGrant *polkit_grant, PolKitResult auth_type, void *user_data)
-{
- switch (auth_type) {
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS:
- printf ("Authentication as an administrative user is required.\n");
- break;
-
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS:
- printf ("Authentication is required.\n");
- break;
-
- default:
- /* should never happen */
- exit (1);
- }
-}
-
-static char *
-conversation_select_admin_user (PolKitGrant *polkit_grant, char **admin_users, void *user_data)
-{
- int n;
- char *user;
- char *lineptr = NULL;
- size_t linelen = 0;
-
- printf ("The following users qualify as administrative users: ");
- for (n = 0; admin_users[n] != NULL; n++) {
- printf ("%s ", admin_users[n]);
- }
- printf ("\n");
- printf ("Select user: ");
- getline (&lineptr, &linelen, stdin);
- user = strdup (lineptr);
- free (lineptr);
- return user;
-}
-
-static char *
-conversation_pam_prompt_echo_off (PolKitGrant *polkit_grant, const char *request, void *user_data)
-{
- char *lineptr = NULL;
- size_t linelen = 0;
- struct termios old, new;
- char *result;
-
- printf ("%s", request);
-
- /* Turn echo off */
- if (tcgetattr (fileno (stdout), &old) != 0) {
- exit (1);
- }
- new = old;
- new.c_lflag &= ~ECHO;
- if (tcsetattr (fileno (stdout), TCSAFLUSH, &new) != 0) {
- exit (1);
- }
-
- getline (&lineptr, &linelen, stdin);
-
- /* Restore terminal. */
- tcsetattr (fileno (stdout), TCSAFLUSH, &old);
-
- result = strdup (lineptr);
- free (lineptr);
- printf ("\n");
- return result;
-}
-
-static char *
-conversation_pam_prompt_echo_on (PolKitGrant *polkit_grant, const char *request, void *user_data)
-{
- char *lineptr = NULL;
- size_t linelen = 0;
- char *result;
- printf ("%s", request);
- getline (&lineptr, &linelen, stdin);
- result = strdup (lineptr);
- free (lineptr);
- printf ("\n");
- return result;
-}
-
-static void
-conversation_pam_error_msg (PolKitGrant *polkit_grant, const char *msg, void *user_data)
-{
- printf ("Error from PAM: %s\n", msg);
-}
-
-static void
-conversation_pam_text_info (PolKitGrant *polkit_grant, const char *msg, void *user_data)
-{
- printf ("Info from PAM: %s\n", msg);
-}
-
-static PolKitResult
-conversation_override_grant_type (PolKitGrant *polkit_grant, PolKitResult auth_type, void *user_data)
-{
- char *lineptr = NULL;
- size_t linelen = 0;
- polkit_bool_t keep_session = FALSE;
- polkit_bool_t keep_always = FALSE;
- PolKitResult overridden_auth_type;
-
- switch (auth_type) {
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH:
- break;
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION:
- printf ("Keep this privilege for the session? [no/session]?\n");
- again:
- getline (&lineptr, &linelen, stdin);
- if (g_str_has_prefix (lineptr, "no")) {
- ;
- } else if (g_str_has_prefix (lineptr, "session")) {
- keep_session = TRUE;
- } else {
- printf ("Valid responses are 'no' and 'session'. Try again.\n");
- goto again;
- }
- free (lineptr);
- break;
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS:
- printf ("Keep this privilege for the session or always? [no/session/always]?\n");
- again2:
- getline (&lineptr, &linelen, stdin);
- if (g_str_has_prefix (lineptr, "no")) {
- ;
- } else if (g_str_has_prefix (lineptr, "session")) {
- keep_session = TRUE;
- } else if (g_str_has_prefix (lineptr, "always")) {
- keep_always = TRUE;
- } else {
- printf ("Valid responses are 'no', 'session' and 'always'. Try again.\n");
- goto again2;
- }
- free (lineptr);
- break;
- default:
- /* should never happen */
- exit (1);
- }
-
- switch (auth_type) {
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS:
- overridden_auth_type = POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH;
- if (keep_session)
- overridden_auth_type = POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION;
- else if (keep_always)
- overridden_auth_type = POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS;
- break;
-
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS:
- overridden_auth_type = POLKIT_RESULT_ONLY_VIA_SELF_AUTH;
- if (keep_session)
- overridden_auth_type = POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION;
- else if (keep_always)
- overridden_auth_type = POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS;
- break;
-
- default:
- /* should never happen */
- exit (1);
- }
-
- return overridden_auth_type;
-}
-
-static void
-conversation_done (PolKitGrant *polkit_grant,
- polkit_bool_t obtained_privilege,
- polkit_bool_t invalid_data,
- void *user_data)
-{
- UserData *ud = user_data;
- ud->obtained_privilege = obtained_privilege;
- g_main_loop_quit (ud->loop);
-}
-
-
-
-
-static void
-child_watch_func (GPid pid,
- gint status,
- gpointer user_data)
-{
- PolKitGrant *polkit_grant = user_data;
- polkit_grant_child_func (polkit_grant, pid, WEXITSTATUS (status));
-}
-
-static int
-add_child_watch (PolKitGrant *polkit_grant, pid_t pid)
-{
- return g_child_watch_add (pid, child_watch_func, polkit_grant);
-}
-
-static gboolean
-io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data)
-{
- int fd;
- PolKitGrant *polkit_grant = user_data;
- fd = g_io_channel_unix_get_fd (channel);
- polkit_grant_io_func (polkit_grant, fd);
- return TRUE;
-}
-
-static int
-add_io_watch (PolKitGrant *polkit_grant, int fd)
-{
- guint id = 0;
- GIOChannel *channel;
- channel = g_io_channel_unix_new (fd);
- if (channel == NULL)
- goto out;
- id = g_io_add_watch (channel, G_IO_IN, io_watch_have_data, polkit_grant);
- if (id == 0) {
- g_io_channel_unref (channel);
- goto out;
- }
- g_io_channel_unref (channel);
-out:
- return id;
-}
-
-static void
-remove_watch (PolKitGrant *polkit_auth, int watch_id)
-{
- g_source_remove (watch_id);
-}
-
-static polkit_bool_t
-obtain_authorization (const char *action_id)
-{
- UserData ud;
- PolKitAction *action;
- PolKitGrant *polkit_grant;
-
- /* TODO: Attempt to use a service like PolicyKit-gnome on the session bus if available.. */
-
- printf ("Attempting to obtain authorization for %s.\n", action_id);
-
- ud.loop = g_main_loop_new (NULL, TRUE);
- ud.obtained_privilege = FALSE;
-
- action = polkit_action_new ();
- polkit_action_set_action_id (action, action_id);
-
-
- polkit_grant = polkit_grant_new ();
- if (polkit_grant == NULL) {
- fprintf (stderr, "polkit-auth: authorization database does not support this operation.\n");
- goto out;
- }
-
- polkit_grant_set_functions (polkit_grant,
- add_io_watch,
- add_child_watch,
- remove_watch,
- conversation_type,
- conversation_select_admin_user,
- conversation_pam_prompt_echo_off,
- conversation_pam_prompt_echo_on,
- conversation_pam_error_msg,
- conversation_pam_text_info,
- conversation_override_grant_type,
- conversation_done,
- &ud);
-
- if (!polkit_grant_initiate_auth (polkit_grant,
- action,
- pk_caller)) {
- fprintf (stderr, "polkit-auth: failed to initiate privilege grant.\n");
- goto out;
- }
- g_main_loop_run (ud.loop);
- polkit_grant_unref (polkit_grant);
-
- if (ud.obtained_privilege)
- printf ("Successfully obtained the authorization for %s.\n", action_id);
- else
- printf ("Failed to obtain authorization for %s.\n", action_id);
-
-out:
- return ud.obtained_privilege;
-}
-
-static const char *
-get_name_from_uid (uid_t uid)
-{
- const char *name;
- struct passwd *pw;
-
- pw = getpwuid (uid);
- if (pw != NULL)
- name = (const char *) pw->pw_name;
- else
- name = "(unknown)";
-
- return name;
-}
-
-static polkit_bool_t
-_print_constraint (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data)
-{
- switch (polkit_authorization_constraint_type (authc)) {
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_LOCAL:
- printf (" Constraint: Session must be on a local console\n");
- break;
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_ACTIVE:
- printf (" Constraint: Session must be active\n");
- break;
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_EXE:
- printf (" Constraint: Only allowed for program %s\n",
- polkit_authorization_constraint_get_exe (authc));
- break;
- case POLKIT_AUTHORIZATION_CONSTRAINT_TYPE_REQUIRE_SELINUX_CONTEXT:
- printf (" Constraint: Only allowed for SELinux Context %s\n",
- polkit_authorization_constraint_get_selinux_context (authc));
- break;
- }
- return FALSE;
-}
-
-static polkit_bool_t
-auth_iterator_cb (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- void *user_data)
-{
- const char *action_id;
- DBusError dbus_error;
- GHashTable *already_shown = (GHashTable *) user_data;
-
- action_id = polkit_authorization_get_action_id (auth);
-
- if (!opt_show_explicit_detail) {
- if (g_hash_table_lookup (already_shown, action_id) != NULL)
- goto out;
- }
-
- dbus_error_init (&dbus_error);
- if (!polkit_tracker_is_authorization_relevant (pk_tracker, auth, &dbus_error)) {
- if (dbus_error_is_set (&dbus_error)) {
- g_warning ("Cannot determine if authorization is relevant: %s: %s",
- dbus_error.name,
- dbus_error.message);
- dbus_error_free (&dbus_error);
- } else {
- goto out;
- }
- }
-
- if (!opt_show_explicit_detail) {
- g_hash_table_insert (already_shown, g_strdup (action_id), (gpointer) 1);
- }
-
- if (opt_show_explicit_detail) {
- char *s;
- time_t time_granted;
- struct tm *time_tm;
- char time_string[128];
- uid_t auth_uid;
- uid_t pimp_uid;
- polkit_bool_t is_negative;
- pid_t pid;
- polkit_uint64_t pid_start_time;
- PolKitAction *pk_action;
- PolKitResult pk_result;
- char exe[PATH_MAX];
-
- printf ("%s\n", action_id);
-
- pk_action = polkit_action_new ();
- polkit_action_set_action_id (pk_action, action_id);
- pk_result = polkit_context_is_caller_authorized (pk_context, pk_action, pk_caller, FALSE, NULL);
- polkit_action_unref (pk_action);
- printf (" Authorized: %s\n", pk_result == POLKIT_RESULT_YES ? "Yes" : "No");
-
- switch (polkit_authorization_get_scope (auth)) {
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT:
- case POLKIT_AUTHORIZATION_SCOPE_PROCESS:
- polkit_authorization_scope_process_get_pid (auth, &pid, &pid_start_time);
- if (polkit_sysdeps_get_exe_for_pid (pid, exe, sizeof (exe)) == -1)
- strncpy (exe, "unknown", sizeof (exe));
-
- if (polkit_authorization_get_scope (auth) == POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT) {
- printf (" Scope: Confined to single shot from pid %d (%s)\n", pid, exe);
- } else {
- printf (" Scope: Confined to pid %d (%s)\n", pid, exe);
- }
- break;
- case POLKIT_AUTHORIZATION_SCOPE_SESSION:
- printf (" Scope: Confined to session %s\n", polkit_authorization_scope_session_get_ck_objref (auth));
- break;
- case POLKIT_AUTHORIZATION_SCOPE_ALWAYS:
- printf (" Scope: Indefinitely\n");
- break;
- }
-
- time_granted = polkit_authorization_get_time_of_grant (auth);
- time_tm = localtime (&time_granted);
-
- is_negative = FALSE;
- if (polkit_authorization_was_granted_via_defaults (auth, &auth_uid)) {
- s = g_strdup_printf ("%%c by auth as %s (uid %d)", get_name_from_uid (auth_uid), auth_uid);
- strftime (time_string, sizeof (time_string), s, time_tm);
- g_free (s);
- } else if (polkit_authorization_was_granted_explicitly (auth, &pimp_uid, &is_negative)) {
- s = g_strdup_printf ("%%c from %s (uid %d)", get_name_from_uid (pimp_uid), pimp_uid);
- strftime (time_string, sizeof (time_string), s, time_tm);
- g_free (s);
- } else {
- strftime (time_string, sizeof (time_string), "%c", time_tm);
- }
- printf (" Obtained: %s\n", time_string);
-
- polkit_authorization_constraints_foreach (auth, _print_constraint, NULL);
-
- if (is_negative) {
- printf (" Negative: Yes\n");
- }
-
- printf ("\n");
- } else {
- uid_t pimp_uid;
- polkit_bool_t is_negative;
-
- if (!polkit_authorization_was_granted_explicitly (auth, &pimp_uid, &is_negative))
- is_negative = FALSE;
-
- if (!is_negative)
- printf ("%s\n", action_id);
- }
-
-
-out:
- return FALSE;
-}
-
-static polkit_bool_t
-pfe_iterator_cb (PolKitActionDescription *pfe,
- void *user_data)
-{
- PolKitAction *action;
-
- action = polkit_action_new ();
- polkit_action_set_action_id (action, polkit_action_description_get_id (pfe));
-
- if (polkit_context_is_caller_authorized (pk_context,
- action,
- pk_caller,
- FALSE,
- NULL) == POLKIT_RESULT_YES) {
- printf ("%s\n", polkit_action_description_get_id (pfe));
- }
-
- polkit_action_unref (action);
-
- return FALSE;
-}
-
-static polkit_bool_t
-pfe_iterator_show_obtainable_cb (PolKitActionDescription *pfe,
- void *user_data)
-{
- PolKitAction *action;
-
- action = polkit_action_new ();
- polkit_action_set_action_id (action, polkit_action_description_get_id (pfe));
-
- switch (polkit_context_is_caller_authorized (pk_context,
- action,
- pk_caller,
- FALSE,
- NULL)) {
- default:
- case POLKIT_RESULT_UNKNOWN:
- case POLKIT_RESULT_NO:
- case POLKIT_RESULT_YES:
- break;
-
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION:
- case POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS:
- printf ("%s\n", polkit_action_description_get_id (pfe));
- break;
- }
-
- polkit_action_unref (action);
-
- return FALSE;
-}
-
-
-static polkit_bool_t
-auth_revoke_iterator_cb (PolKitAuthorizationDB *authdb,
- PolKitAuthorization *auth,
- void *user_data)
-{
- PolKitError *pk_error;
-
- pk_error = NULL;
- if (!polkit_authorization_db_revoke_entry (authdb, auth, &pk_error)) {
- fprintf (stderr, "polkit-auth: %s: %s\n",
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- }
-
- return FALSE;
-}
-
-static polkit_bool_t
-revoke_authorizations (const char *action_id, uid_t uid)
-{
- PolKitAction *pk_action;
- PolKitError *pk_error;
- polkit_bool_t ret;
-
- ret = FALSE;
-
- pk_action = polkit_action_new ();
- polkit_action_set_action_id (pk_action, action_id);
-
- pk_error = NULL;
- if (!polkit_authorization_db_foreach_for_action_for_uid (pk_authdb,
- pk_action,
- uid,
- auth_revoke_iterator_cb,
- NULL,
- &pk_error)) {
- if (polkit_error_is_set (pk_error)) {
- fprintf (stderr, "polkit-auth: %s\n",
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
- }
-
- ret = TRUE;
-out:
- return ret;
-}
-
-static void
-usage (int argc, char *argv[])
-{
- execlp ("man", "man", "polkit-auth", NULL);
- fprintf (stderr, "Cannot show man page: %m\n");
- exit (1);
-}
-
-static polkit_bool_t
-ensure_dbus_and_ck (void)
-{
- if (pk_caller != NULL)
- return TRUE;
-
- fprintf (stderr, "polkit-auth: This operation requires the system message bus and ConsoleKit to be running\n");
-
- return FALSE;
-}
-
-#define MAX_CONSTRAINTS 64
-
-int
-main (int argc, char *argv[])
-{
- int ret;
- PolKitError *pk_error;
- DBusError dbus_error;
- struct passwd *pw;
- uid_t uid;
- pid_t pid;
- char *s;
- PolKitAuthorizationConstraint *constraints[MAX_CONSTRAINTS];
- unsigned int num_constraints = 0;
-
- ret = 1;
-
- pk_error = NULL;
- pk_context = polkit_context_new ();
- if (!polkit_context_init (pk_context, &pk_error)) {
- fprintf (stderr, "polkit-auth: %s: %s\n",
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
-
- pk_authdb = polkit_context_get_authorization_db (pk_context);
-
- /* Since polkit-auth will be used in e.g. RPM's %post (for example to grant
- * org.freedesktop.policykit.read to services dropping privileges (like hald))
- * we need to be able to run even when D-Bus and/or ConsoleKit aren't available...
- */
-
- if ((s = getenv ("POLKIT_AUTH_GRANT_TO_PID")) != NULL) {
- pid = atoi (s);
- } else {
- pid = getppid ();
- }
-
- dbus_error_init (&dbus_error);
- system_bus = dbus_bus_get (DBUS_BUS_SYSTEM, &dbus_error);
- if (system_bus != NULL) {
- pk_tracker = polkit_tracker_new ();
- polkit_tracker_set_system_bus_connection (pk_tracker, system_bus);
- polkit_tracker_init (pk_tracker);
-
- pk_caller = polkit_caller_new_from_pid (system_bus, pid, &dbus_error);
- if (pk_caller == NULL) {
- if (dbus_error_is_set (&dbus_error)) {
- fprintf (stderr, "polkit-auth: polkit_caller_new_from_dbus_name(): %s: %s\n",
- dbus_error.name, dbus_error.message);
- goto out;
- }
- }
- } else {
- pk_tracker = NULL;
- pk_caller = NULL;
- }
-
- opt_show_explicit = FALSE;
- opt_show_explicit_detail = FALSE;
- opt_is_version = FALSE;
- opt_obtain_action_id = NULL;
- opt_grant_action_id = NULL;
- opt_block_action_id = NULL;
- opt_revoke_action_id = NULL;
- opt_show_obtainable = FALSE;
- opt_user = NULL;
-
- while (argc > 1) {
- int c;
- int option_index = 0;
- const char *opt;
- static struct option long_options[] = {
- {"explicit", 0, NULL, 0},
- {"explicit-detail", 0, NULL, 0},
- {"obtain", 1, NULL, 0},
- {"grant", 1, NULL, 0},
- {"block", 1, NULL, 0},
- {"constraint", 1, NULL, 0},
- {"revoke", 1, NULL, 0},
- {"show-obtainable", 0, NULL, 0},
- {"user", 1, NULL, 0},
- {"version", 0, NULL, 0},
- {"help", 0, NULL, 0},
- {NULL, 0, NULL, 0}
- };
-
- c = getopt_long (argc, argv, "", long_options, &option_index);
- if (c == -1)
- break;
-
- switch (c) {
- case 0:
- opt = long_options[option_index].name;
-
- if (strcmp (opt, "help") == 0) {
- usage (argc, argv);
- return 0;
- } else if (strcmp (opt, "version") == 0) {
- opt_is_version = TRUE;
- } else if (strcmp (opt, "obtain") == 0) {
- opt_obtain_action_id = strdup (optarg);
- } else if (strcmp (opt, "grant") == 0) {
- opt_grant_action_id = strdup (optarg);
- } else if (strcmp (opt, "block") == 0) {
- opt_block_action_id = strdup (optarg);
- } else if (strcmp (opt, "constraint") == 0) {
- PolKitAuthorizationConstraint *c;
-
- c = polkit_authorization_constraint_from_string (optarg);
- if (c == NULL) {
- fprintf (stderr, "polkit-auth: constraint '%s' not recognized\n", optarg);
- goto out;
- }
-
- if (num_constraints >= MAX_CONSTRAINTS - 1) {
- fprintf (stderr, "polkit-auth: Too many constraints specified\n");
- goto out;
- }
- constraints[num_constraints++] = c;
-
- } else if (strcmp (opt, "revoke") == 0) {
- opt_revoke_action_id = strdup (optarg);
- } else if (strcmp (opt, "show-obtainable") == 0) {
- opt_show_obtainable = TRUE;
- } else if (strcmp (opt, "explicit") == 0) {
- opt_show_explicit = TRUE;
- } else if (strcmp (opt, "explicit-detail") == 0) {
- opt_show_explicit_detail = TRUE;
- } else if (strcmp (opt, "user") == 0) {
- opt_user = strdup (optarg);
- }
- break;
- case '?':
- usage (argc, argv);
- goto out;
- }
- }
-
- if (opt_is_version) {
- printf ("polkit-auth " PACKAGE_VERSION "\n");
- ret = 0;
- goto out;
- }
-
- if (opt_user != NULL) {
- pw = getpwnam (opt_user);
- if (pw == NULL) {
- fprintf (stderr, "polkit-auth: cannot look up uid for user '%s'\n", opt_user);
- goto out;
- }
- uid = pw->pw_uid;
- } else {
- uid = getuid ();
- }
-
- if (opt_obtain_action_id != NULL) {
- if (!ensure_dbus_and_ck ())
- goto out;
-
- if (getenv ("POLKIT_AUTH_FORCE_TEXT") != NULL) {
- if (!obtain_authorization (opt_obtain_action_id))
- goto out;
- } else {
- DBusError dbus_error;
-
- dbus_error_init (&dbus_error);
- if (!polkit_auth_obtain (opt_obtain_action_id, 0, pid, &dbus_error)) {
- if (dbus_error_is_set (&dbus_error)) {
-
- /* fall back to text mode */
- if (!obtain_authorization (opt_obtain_action_id))
- goto out;
-
- //fprintf (stderr,
- // "polkit-auth: failed to use session service: %s: %s\n",
- // dbus_error.name, dbus_error.message);
- } else {
- goto out;
- }
- }
- }
-
- ret = 0;
- } else if (opt_grant_action_id != NULL ||
- opt_block_action_id != NULL) {
- PolKitAction *pk_action;
- PolKitError *pk_error;
- polkit_bool_t res;
-
- if (opt_user == NULL && uid == 0) {
- fprintf (stderr, "polkit-auth: Cowardly refusing to grant authorization to uid 0 (did you forget to specify what user to grant to?). To force, run with --user root.\n");
- goto out;
- }
-
- pk_action = polkit_action_new ();
- if (opt_block_action_id != NULL)
- polkit_action_set_action_id (pk_action, opt_block_action_id);
- else
- polkit_action_set_action_id (pk_action, opt_grant_action_id);
-
- constraints[num_constraints] = NULL;
-
- pk_error = NULL;
- if (opt_block_action_id != NULL) {
- res = polkit_authorization_db_grant_negative_to_uid (pk_authdb,
- pk_action,
- uid,
- constraints,
- &pk_error);
- } else {
- res = polkit_authorization_db_grant_to_uid (pk_authdb,
- pk_action,
- uid,
- constraints,
- &pk_error);
- }
-
- if (!res) {
- fprintf (stderr, "polkit-auth: %s: %s\n",
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
-
- ret = 0;
-
- } else if (opt_revoke_action_id != NULL) {
- if (!revoke_authorizations (opt_revoke_action_id, uid))
- goto out;
- ret = 0;
- } else if (opt_show_explicit || opt_show_explicit_detail) {
- GHashTable *already_shown;
-
- if (!ensure_dbus_and_ck ())
- goto out;
-
- already_shown = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- NULL);
-
-
- /* first the explicit authorizations */
- pk_error = NULL;
- if (!polkit_authorization_db_foreach_for_uid (pk_authdb,
- uid,
- auth_iterator_cb,
- already_shown,
- &pk_error)) {
- if (polkit_error_is_set (pk_error)) {
- fprintf (stderr, "polkit-auth: %s: %s\n",
- polkit_error_get_error_name (pk_error),
- polkit_error_get_error_message (pk_error));
- polkit_error_free (pk_error);
- goto out;
- }
- }
-
- g_hash_table_destroy (already_shown);
-
- ret = 0;
- } else if (opt_show_obtainable) {
- if (!ensure_dbus_and_ck ())
- goto out;
-
- /* show all authorizations; we do this by iterating over all actions and
- * then querying whether the caller is authorized
- */
-
- polkit_context_action_description_foreach (pk_context,
- pfe_iterator_show_obtainable_cb,
- NULL);
- ret = 0;
- } else {
- if (!ensure_dbus_and_ck ())
- goto out;
-
- /* show all authorizations; we do this by iterating over all actions and
- * then querying whether the caller is authorized
- */
-
- polkit_context_action_description_foreach (pk_context,
- pfe_iterator_cb,
- NULL);
- ret = 0;
- }
-
-out:
- return ret;
-}
diff --git a/tools/polkit-bash-completion-1.sh b/tools/polkit-bash-completion-1.sh
deleted file mode 100644
index 4d67fe3..0000000
--- a/tools/polkit-bash-completion-1.sh
+++ /dev/null
@@ -1,125 +0,0 @@
-
-# Check for bash
-[ -z "$BASH_VERSION" ] && return
-
-####################################################################################################
-
-__polkit_auth_1() {
- local IFS=$'\n'
- local cur="${COMP_WORDS[COMP_CWORD]}"
-
- case $COMP_CWORD in
- 1)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--obtain:--show-obtainable:--explicit:--explicit-detail:--grant:--block:--revoke:--user:--version:--help" -- $cur))
- ;;
- 2)
- case "${COMP_WORDS[1]}" in
- --obtain)
- COMPREPLY=($(compgen -W "$(polkit-auth-1 --show-obtainable)" -- $cur))
- ;;
- --revoke)
- COMPREPLY=($(compgen -W "$(polkit-auth-1 --explicit)" -- $cur))
- ;;
- --grant|--block)
- COMPREPLY=($(compgen -W "$(polkit-action-1)" -- $cur))
- ;;
- --user)
- COMPREPLY=($(compgen -u -- $cur))
- ;;
- esac
- ;;
- 3)
- case "${COMP_WORDS[1]}" in
- --user)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--explicit:--explicit-detail:--grant:--block:--revoke" -- $cur))
- ;;
- --grant|--block)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--constraint" -- $cur))
- ;;
- esac
- ;;
- 4)
- case "${COMP_WORDS[3]}" in
- --revoke)
- case "${COMP_WORDS[1]}" in
- --user)
- local afou
- # we may not be authorized to read the explicit auths for the given user..
- afou=$(polkit-auth-1 --user ${COMP_WORDS[2]} --explicit 2> /dev/null)
- if [ $? != 0 ] ; then
- # .. so if that fails, fall back to showing all actions
- afou=$(polkit-action-1)
- fi
- COMPREPLY=($(compgen -W "$afou" -- $cur))
- ;;
- *)
- COMPREPLY=($(compgen -W "$(polkit-action-1)" -- $cur))
- ;;
- esac
- ;;
- --grant|--block)
- COMPREPLY=($(compgen -W "$(polkit-action-1)" -- $cur))
- ;;
- --constraint)
- COMPREPLY=($(IFS=: compgen -S' ' -W "local:active:exe\::selinux_context\:" -- $cur))
- ;;
- esac
- ;;
- 5)
- case "${COMP_WORDS[3]}" in
- --grant|--block)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--constraint" -- $cur))
- ;;
- esac
- case "${COMP_WORDS[1]}" in
- --grant|--block)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--constraint" -- $cur))
- ;;
- esac
- ;;
- *)
- case "${COMP_WORDS[$(($COMP_CWORD - 1))]}" in
- --constraint)
- COMPREPLY=($(IFS=: compgen -S' ' -W "local:active:exe\::selinux_context\:" -- $cur))
- ;;
- *)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--constraint" -- $cur))
- ;;
- esac
- ;;
- esac
-}
-
-####################################################################################################
-
-__polkit_action_1() {
- local IFS=$'\n'
- local cur="${COMP_WORDS[COMP_CWORD]}"
-
- case $COMP_CWORD in
- 1)
- COMPREPLY=($(IFS=: compgen -S' ' -W "--action:--reset-defaults:--set-defaults-any:--set-defaults-inactive:--set-defaults-active:--show-overrides:--version:--help" -- $cur))
- ;;
- 2)
- case "${COMP_WORDS[1]}" in
- --action|--set-defaults-any|--set-defaults-inactive|--set-defaults-active)
- COMPREPLY=($(compgen -W "$(polkit-action-1)" -- $cur))
- ;;
- --reset-defaults)
- COMPREPLY=($(compgen -W "$(polkit-action-1 --show-overrides)" -- $cur))
- ;;
- esac
- ;;
- 3)
- case "${COMP_WORDS[1]}" in
- --set-defaults-any|--set-defaults-inactive|--set-defaults-active)
- COMPREPLY=($(IFS=: compgen -S' ' -W "yes:no:auth_admin_one_shot:auth_admin:auth_admin_keep_session:auth_admin_keep_always:auth_self_one_shot:auth_self:auth_self_keep_session:auth_self_keep_always" -- $cur))
- ;;
- esac
- esac
-}
-
-####################################################################################################
-
-complete -o nospace -F __polkit_auth_1 polkit-auth-1
-complete -o nospace -F __polkit_action_1 polkit-action-1
diff --git a/tools/polkit-policy-file-validate.c b/tools/polkit-policy-file-validate.c
deleted file mode 100644
index 94b454e..0000000
--- a/tools/polkit-policy-file-validate.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-/***************************************************************************
- *
- * polkit-policy-file-validate.c : validate policy file
- *
- * Copyright (C) 2007 David Zeuthen, <david at fubar.dk>
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- *
- **************************************************************************/
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdbool.h>
-#include <getopt.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include <unistd.h>
-#include <errno.h>
-
-#include <kit/kit.h>
-#include <polkit/polkit.h>
-
-static polkit_bool_t warned = FALSE;
-
-static void
-usage (int argc, char *argv[])
-{
- execlp ("man", "man", "polkit-policy-file-validate", NULL);
- fprintf (stderr, "Cannot show man page: %m\n");
- exit (1);
-}
-
-static polkit_bool_t
-entry_foreach_cb (PolKitActionDescription *action_description,
- void *user_data)
-{
- const char *id;
- const char *prefix = user_data;
-
- id = polkit_action_description_get_id (action_description);
- if (!kit_str_has_prefix (id, prefix) ||
- strchr (id + strlen (prefix), '.') != NULL) {
- printf ("WARNING: The action %s does not\n"
- " belong in a policy file named %spolicy.\n"
- " A future version of PolicyKit will ignore this action.\n"
- "\n",
- id, prefix);
- warned = TRUE;
- }
-
- return FALSE;
-}
-
-static polkit_bool_t
-validate_file (const char *file)
-{
- PolKitError *error;
- char *prefix;
- polkit_bool_t ret;
- const char *basename;
-
- ret = FALSE;
- prefix = NULL;
-
- if (!kit_str_has_suffix (file, ".policy")) {
- printf ("%s doesn't have a .policy suffix\n", file);
- goto out;
- }
- basename = strrchr (file, '/');
- if (basename != NULL)
- basename++;
- else
- basename = file;
- if ((prefix = kit_strdup (basename)) == NULL)
- goto out;
- /* strip out "policy" - retain the dot */
- prefix [strlen (prefix) - 6] = '\0';
-
- error = NULL;
- warned = FALSE;
- polkit_action_description_get_from_file (file, entry_foreach_cb, prefix, &error);
- if (polkit_error_is_set (error)) {
- printf ("%s did not validate: %s\n", file, polkit_error_get_error_message (error));
- polkit_error_free (error);
- goto out;
- }
- if (warned) {
- goto out;
- }
-
- ret = TRUE;
-out:
- kit_free (prefix);
- return ret;
-}
-
-int
-main (int argc, char *argv[])
-{
- int n;
- int ret;
-
- if (argc <= 1) {
- usage (argc, argv);
- ret = 1;
- goto out;
- }
-
- ret = 0;
- for (n = 1; n < argc; n++) {
- if (strcmp (argv[n], "--help") == 0) {
- usage (argc, argv);
- goto out;
- }
- if (strcmp (argv[n], "--version") == 0) {
- printf ("polkit-policy-file-validate " PACKAGE_VERSION "\n");
- goto out;
- }
-
- if (!validate_file (argv[n])) {
- printf ("ERROR: %s did not validate\n"
- "\n",
- argv[n]);
- ret = 1;
- }
- }
-
-out:
- return ret;
-}
commit 83770671b211adf47f815624428c9a69dde71ba8
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 26 16:40:43 2009 -0500
split core TODO items into separate groups for core and backend
diff --git a/docs/TODO b/docs/TODO
index 0a6890e..b62b7e6 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -10,34 +10,29 @@ Core TODO items
- should be done in eggdbus; e.g.
- D-Bus XML --(eggdbus-binding-tool)--> DocBook --(gtk-doc)--> HTML
- - document the GObject API
-
- - local files authority backend
- - split out AuthorizationStore into separate class
- - split out AuthenticationAgent and AuthenticationSession to separate classes
+ - properly document the GObject API
- maybe rename .policy to .action for policy XML files
- provide a polkit-validate-action-file-1 tool to check/validate
.policy/.action XML files
- - check / validate all incoming arguments
- - and other security/paranoia code
-
- write a couple of introductory sections detailing the system architecture
- a developer-audience; and
- a system administrator audience
- write a PolicyKit 0.9.x -> polkit 1.0 porting guide
- - use a GIO extension point to decide what authority backend to use
-
- expose a public ObtainAuthorization() method
- separate core API (e.g. CheckAuthorization()) from the administration API
(e.g. AddAuthorization()) both in the D-Bus interface and in the GObject
client libraries
+ - guard off administration API with I_KNOW_THIS_API_IS_SUBJECT_TO_CHANGE_ETC
+
+ - guard off backend API with I_KNOW_THIS_API_IS_SUBJECT_TO_CHANGE_ETC
+
- provide a way to tweak the defaults for actions (or maybe not)
- do we need negative authorizations? If so, implement code for it, otherwise
@@ -46,6 +41,19 @@ Core TODO items
- make sure simple operations work when no system bus is present
- e.g. %post RPM scripts adding/removing authorizations to identities
+Backend TODO items
+------------------
+
+ - use a GIO extension point to decide what authority backend to use
+
+ - check / validate all incoming arguments
+ - and other security/paranoia stuff
+
+ - local files authority backend
+ - split out AuthorizationStore into separate class
+ - split out AuthenticationAgent and AuthenticationSession to separate classes
+
+
polkit-gnome TODO items
-----------------------
commit cf11a107b37fd902283397a5ae02ef7aa536ce4b
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 26 16:33:27 2009 -0500
update TODO list
diff --git a/docs/TODO b/docs/TODO
index 27757d6..0a6890e 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -1,6 +1,63 @@
-TODO:
+Core TODO items
+---------------
- move all commits to main PolicyKit repo
- - [MORE STUFF HERE]
+ - trawl through all TODO's in code and update this file
+
+ - document the D-Bus interfaces
+ - should be done in eggdbus; e.g.
+ - D-Bus XML --(eggdbus-binding-tool)--> DocBook --(gtk-doc)--> HTML
+
+ - document the GObject API
+
+ - local files authority backend
+ - split out AuthorizationStore into separate class
+ - split out AuthenticationAgent and AuthenticationSession to separate classes
+
+ - maybe rename .policy to .action for policy XML files
+
+ - provide a polkit-validate-action-file-1 tool to check/validate
+ .policy/.action XML files
+
+ - check / validate all incoming arguments
+ - and other security/paranoia code
+
+ - write a couple of introductory sections detailing the system architecture
+ - a developer-audience; and
+ - a system administrator audience
+
+ - write a PolicyKit 0.9.x -> polkit 1.0 porting guide
+
+ - use a GIO extension point to decide what authority backend to use
+
+ - expose a public ObtainAuthorization() method
+
+ - separate core API (e.g. CheckAuthorization()) from the administration API
+ (e.g. AddAuthorization()) both in the D-Bus interface and in the GObject
+ client libraries
+
+ - provide a way to tweak the defaults for actions (or maybe not)
+
+ - do we need negative authorizations? If so, implement code for it, otherwise
+ remove it from the PolkitAuthorization class
+
+ - make sure simple operations work when no system bus is present
+ - e.g. %post RPM scripts adding/removing authorizations to identities
+
+polkit-gnome TODO items
+-----------------------
+
+ - show a notification icon when the session/user has temporary authorizations
+ - along with an option to give these up
+
+ - make the AuthenticationAgent process (which runs for the lifetime of the
+ session) spawn a process to display the authentication dialog
+ - to make it lighter on resource usage
+ - to work around Metacity focus stealing prevention bugs
+
+ - port libpolkit-gnome to new API
+
+ - port polkit-gnome-authorization to new API
+
commit 11f24c5ed407d2bd4a4d9363bdb49258eef9e9f5
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 26 12:20:54 2009 -0500
start writing a TODO list
diff --git a/docs/TODO b/docs/TODO
new file mode 100644
index 0000000..27757d6
--- /dev/null
+++ b/docs/TODO
@@ -0,0 +1,6 @@
+
+TODO:
+
+ - move all commits to main PolicyKit repo
+
+ - [MORE STUFF HERE]
commit ca0f612bd4481aca65a138535f412a9d2e0d2174
Author: Richard Hughes <hughsient at gmail.com>
Date: Mon Jan 26 12:06:50 2009 -0500
also dist org.freedesktop.ConsoleKit.xml
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index da6f2a3..f34370e 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -87,6 +87,10 @@ libpolkit_backend_1_la_LIBADD = \
CLEANFILES = $(BUILT_SOURCES)
+EXTRA_DIST = \
+ org.freedesktop.ConsoleKit.xml \
+ $(NULL)
+
clean-local :
rm -f *~
commit 595e32dbc594bc51c00e221cbd9bf749c42af01e
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Jan 21 01:31:34 2009 -0500
fix 'make distcheck'
diff --git a/Makefile.am b/Makefile.am
index fef10e3..6516385 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -6,7 +6,6 @@ NULL =
EXTRA_DIST = \
HACKING \
- mkinstalldirs \
$(NULL)
# xsltproc barfs on 'make distcheck'; disable for now
diff --git a/data/Makefile.am b/data/Makefile.am
index 3794c98..0a6b4d8 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -31,9 +31,10 @@ EXTRA_DIST = \
org.freedesktop.PolicyKit1.AuthenticationAgent.xml \
$(service_in_files) \
$(dbusconf_in_files) \
- polkit-gobject-1.in \
- polkit-backend-1.in \
- polkit-agent-1.in \
+ polkit-1.in \
+ polkit-gobject-1.pc.in \
+ polkit-backend-1.pc.in \
+ polkit-agent-1.pc.in \
$(NULL)
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 9251ef6..3f6b268 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -43,6 +43,7 @@ libpolkit_gobject_1includedir=$(includedir)/polkit-1/polkit
libpolkit_gobject_1include_HEADERS = \
polkit.h \
+ polkitprivate.h \
polkittypes.h \
polkitactiondescription.h \
polkitauthority.h \
commit 5dc7ed5e713415c448be9e31e7c8ec99c09b83b0
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Jan 21 01:01:58 2009 -0500
fix up docs
diff --git a/configure.ac b/configure.ac
index db31cf1..c526662 100644
--- a/configure.ac
+++ b/configure.ac
@@ -419,6 +419,7 @@ docs/version.xml
docs/Makefile
docs/polkit/Makefile
docs/polkitbackend/Makefile
+docs/polkitagent/Makefile
docs/man/Makefile
po/Makefile.in
])
diff --git a/docs/Makefile.am b/docs/Makefile.am
index a349fad..3c4336d 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = man polkitbackend polkit
+SUBDIRS = man polkitbackend polkitagent polkit
EXTRA_DIST = version.xml.in
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index 6a779f1..e37b9ab 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -56,18 +56,13 @@
</bookinfo>
<reference id="ref-api">
- <title>API Reference</title>
- <partintro>
- <para>
- This part presents the class and function reference for the
- <literal>libpolkit-gobject-1</literal> library.
- </para>
- </partintro>
+ <title>Core API Reference</title>
<xi:include href="xml/polkitauthority.xml"/>
- <xi:include href="xml/polkitauthorizationclaim.xml"/>
+ <xi:include href="xml/polkiterror.xml"/>
<xi:include href="xml/polkitauthorizationresult.xml"/>
<xi:include href="xml/polkitactiondescription.xml"/>
- <xi:include href="xml/polkiterror.xml"/>
+ <xi:include href="xml/polkitauthorization.xml"/>
+ <xi:include href="xml/polkitimplicitauthorization.xml"/>
<chapter id="subjects">
<title>Subjects</title>
<xi:include href="xml/polkitsubject.xml"/>
@@ -81,26 +76,28 @@
<xi:include href="xml/polkitunixuser.xml"/>
<xi:include href="xml/polkitunixgroup.xml"/>
</chapter>
- <chapter id="extending">
- <title>Extending PolicyKit</title>
- <xi:include href="../polkitbackend/xml/polkitbackendauthority.xml"/>
- <xi:include href="../polkitbackend/xml/polkitbackendlocalauthority.xml"/>
- <xi:include href="../polkitbackend/xml/polkitbackendactionpool.xml"/>
- <xi:include href="../polkitbackend/xml/polkitbackendserver.xml"/>
- <xi:include href="../polkitbackend/xml/polkitbackendsessionmonitor.xml"/>
- </chapter>
</reference>
- <chapter id="manpages">
- <title>Manual Pages</title>
- <xi:include href="../man/PolicyKit.xml"/>
- <xi:include href="../man/polkit.xml"/>
- </chapter>
+ <reference id="ref-backend-api">
+ <title>Backend API Reference</title>
+ <xi:include href="../polkitbackend/xml/polkitbackendauthority.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendlocalauthority.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendactionpool.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendserver.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendsessionmonitor.xml"/>
+ </reference>
+
+ <reference id="ref-authentication-agent-api">
+ <title>Authentication Agent API Reference</title>
+ <xi:include href="../polkitagent/xml/polkitagentauthenticationagent.xml"/>
+ <xi:include href="../polkitagent/xml/polkitagentauthenticationsession.xml"/>
+ </reference>
- <chapter id="polkit-hierarchy">
- <title>Object Hierarchy</title>
- <xi:include href="xml/tree_index.sgml"/>
- </chapter>
+ <reference id="manpages">
+ <title>Manual Pages</title>
+ <xi:include href="../man/PolicyKit.xml"/>
+ <xi:include href="../man/polkit.xml"/>
+ </reference>
<index>
<title>Index</title>
diff --git a/docs/polkitagent/Makefile.am b/docs/polkitagent/Makefile.am
new file mode 100644
index 0000000..248aa35
--- /dev/null
+++ b/docs/polkitagent/Makefile.am
@@ -0,0 +1,88 @@
+
+NULL =
+
+AUTOMAKE_OPTIONS = 1.7
+
+# The name of the module.
+DOC_MODULE=polkitagent
+
+# The top-level SGML file.
+DOC_MAIN_SGML_FILE=polkitagent-docs.xml
+
+# Extra options to supply to gtkdoc-scan
+SCAN_OPTIONS=--ignore-headers=config.h
+
+# The directory containing the source code. Relative to $(srcdir)
+DOC_SOURCE_DIR=../../src/polkitagent
+
+# Used for dependencies
+HFILE_GLOB=$(top_srcdir)/src/polkitagent/*.h
+CFILE_GLOB=$(top_srcdir)/src/polkitagent/*.c
+
+# Headers to ignore
+IGNORE_HFILES= \
+ $(NULL)
+
+# CFLAGS and LDFLAGS for compiling scan program. Only needed
+# if $(DOC_MODULE).types is non-empty.
+INCLUDES = \
+ $(DBUS_GLIB_CFLAGS) \
+ $(GLIB_CFLAGS) \
+ $(GIO_CFLAGS) \
+ -I$(top_srcdir)/src/polkitagent \
+ -I$(top_builddir)/src/polkitagent \
+ $(NULL)
+
+GTKDOC_LIBS = \
+ $(DBUS_GLIB_LIBS) \
+ $(GLIB_LIBS) \
+ $(GIO_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(top_builddir)/src/polkitagent/libpolkit-agent-1.la \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-mkdb
+MKDB_OPTIONS=--sgml-mode --output-format=xml
+
+# Extra options to supply to gtkdoc-mktmpl
+MKTMPL_OPTIONS=
+
+# Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
+content_files = \
+ ../version.xml \
+ $(NULL)
+
+# Images to copy into HTML directory
+HTML_IMAGES = \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-fixref
+FIXXREF_OPTIONS=
+
+MAINTAINERCLEANFILES = \
+ *~ \
+ Makefile.in \
+ polkitagent.types \
+ polkit-*.txt \
+ $(NULL)
+
+if ENABLE_GTK_DOC
+include $(top_srcdir)/gtk-doc.make
+else
+CLEANFILES =
+endif
+
+CLEANFILES += *~ \
+ polkitagent-scan.* \
+ polkitagent.* \
+ *.bak \
+ polkitagent-decl-list.txt \
+ polkitagent-decl.txt \
+ polkitagent-overrides.txt \
+ polkitagent-undeclared.txt \
+ polkitagent-undocumented.txt \
+ polkitagent-sections.txt \
+ *.stamp \
+ -rf html xml \
+ $(NULL)
+
diff --git a/docs/polkitagent/polkitagent-docs.xml b/docs/polkitagent/polkitagent-docs.xml
new file mode 100644
index 0000000..7a56075
--- /dev/null
+++ b/docs/polkitagent/polkitagent-docs.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
+<!ENTITY version SYSTEM "../version.xml">
+]>
+<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
+</book>
diff --git a/src/polkit/polkiterror.c b/src/polkit/polkiterror.c
index 604b9c7..0d9f39d 100644
--- a/src/polkit/polkiterror.c
+++ b/src/polkit/polkiterror.c
@@ -26,6 +26,14 @@
#include "polkiterror.h"
#include "polkitprivate.h"
+/**
+ * SECTION:polkiterror
+ * @title: PolkitError
+ * @short_description: Error codes
+ *
+ * Error codes.
+ */
+
GQuark
polkit_error_quark (void)
{
diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c
index 36436af..f1eb852 100644
--- a/src/polkit/polkitidentity.c
+++ b/src/polkit/polkitidentity.c
@@ -31,6 +31,14 @@
#include "polkiterror.h"
#include "polkitprivate.h"
+/**
+ * SECTION:polkitidentity
+ * @title: PolkitIdentity
+ * @short_description: Identities
+ *
+ * Identities.
+ */
+
static void
base_init (gpointer g_iface)
{
diff --git a/src/polkit/polkitimplicitauthorization.c b/src/polkit/polkitimplicitauthorization.c
index d2b59fb..5723335 100644
--- a/src/polkit/polkitimplicitauthorization.c
+++ b/src/polkit/polkitimplicitauthorization.c
@@ -31,7 +31,7 @@
/**
* SECTION:polkitimplicitauthorization
* @title: PolkitImplicitAuthorization
- * @short_result: Implicit Authorizations
+ * @short_description: Implicit Authorizations
*
* Possible implicit authorizations.
*/
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index 124a595..ba097f4 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -32,6 +32,14 @@
#include "polkiterror.h"
#include "polkitprivate.h"
+/**
+ * SECTION:polkitsubject
+ * @title: PolkitSubject
+ * @short_description: Subjects
+ *
+ * Subjects.
+ */
+
static void
base_init (gpointer g_iface)
{
diff --git a/src/polkitagent/polkitagentauthenticationagent.c b/src/polkitagent/polkitagentauthenticationagent.c
index 5014b37..1be919c 100644
--- a/src/polkitagent/polkitagentauthenticationagent.c
+++ b/src/polkitagent/polkitagentauthenticationagent.c
@@ -26,6 +26,14 @@
#include "polkitagentauthenticationagent.h"
+/**
+ * SECTION:polkitagentauthenticationagent
+ * @title: PolkitAgentAuthenticationAgent
+ * @short_description: Authentication Agent
+ *
+ * The #PolkitAgentAuthenticationAgent class is used for implementing authentication agents.
+ */
+
struct _PolkitAgentAuthenticationAgent
{
GObject parent_instance;
diff --git a/src/polkitagent/polkitagentauthenticationsession.c b/src/polkitagent/polkitagentauthenticationsession.c
index 993313c..8d1a165 100644
--- a/src/polkitagent/polkitagentauthenticationsession.c
+++ b/src/polkitagent/polkitagentauthenticationsession.c
@@ -24,6 +24,14 @@
* And we REALLY REALLY really really should use signals instead of callbacks...
*/
+/**
+ * SECTION:polkitagentauthenticationsession
+ * @title: PolkitAgentAuthenticationSession
+ * @short_description: Authentcation Sessions
+ *
+ * The #PolkitAgentAuthenticationSession class is used for implementing authentication agents.
+ */
+
/* for getline(), see below */
#define _GNU_SOURCE
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 3cb6c46..394967e 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -1591,7 +1591,7 @@ polkit_backend_local_authority_system_bus_name_owner_changed (PolkitBackendAutho
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
- g_debug ("name-owner-changed: '%s' '%s' '%s'", name, old_owner, new_owner);
+ //g_debug ("name-owner-changed: '%s' '%s' '%s'", name, old_owner, new_owner);
if (name[0] == ':' && strlen (new_owner) == 0)
{
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index d89cb37..ae1940a 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -30,6 +30,14 @@
#include "polkitbackendserver.h"
#include "polkitbackendprivate.h"
+/**
+ * SECTION:polkitbackendserver
+ * @title: PolkitBackendServer
+ * @short_description: Proxies authorization backends
+ *
+ * The #PolkitBackendServer class is used for proxying #PolkitBackendAuthority instances on the system message bus.
+ */
+
struct _PolkitBackendServer
{
GObject parent_instance;
diff --git a/src/polkitbackend/polkitbackendserver.h b/src/polkitbackend/polkitbackendserver.h
index 95567bf..62f4085 100644
--- a/src/polkitbackend/polkitbackendserver.h
+++ b/src/polkitbackend/polkitbackendserver.h
@@ -38,6 +38,9 @@ G_BEGIN_DECLS
#define POLKIT_BACKEND_IS_SERVER(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_SERVER))
#define POLKIT_BACKEND_IS_SERVER_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_SERVER))
+#if 0
+typedef struct _PolkitBackendServer PolkitBackendServer;
+#endif
typedef struct _PolkitBackendServerClass PolkitBackendServerClass;
GType polkit_backend_server_get_type (void) G_GNUC_CONST;
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index 5e47f0a..212c3ef 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -28,6 +28,14 @@
#include "polkitbackendsessionmonitor.h"
#include "ckbindings.h"
+/**
+ * SECTION:polkitbackendsessionmonitor
+ * @title: PolkitBackendSessionMonitor
+ * @short_description: Monitor sessions
+ *
+ * The #PolkitBackendSessionMonitor is a utility class to track and monitor sessions.
+ */
+
struct _PolkitBackendSessionMonitor
{
GObject parent_instance;
commit 13821cff7c2d31c9f990f6ac635c773dba060d97
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Jan 21 00:27:13 2009 -0500
finish authentication agent integration
Yay, it works!
diff --git a/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml b/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
index 1a2063c..cf0040b 100644
--- a/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
+++ b/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
@@ -6,7 +6,6 @@
<interface name="org.freedesktop.PolicyKit1.AuthenticationAgent">
<method name="BeginAuthentication">
-
<!-- The action id for the action that the user is authentication for -->
<arg name="action_id" direction="in" type="s"/>
@@ -15,13 +14,10 @@
<!-- A list of identities of that the user can use for authentication -->
<arg name="identities" direction="in" type="a(sa{sv})"/>
-
</method>
- <method name="EndAuthentication">
-
+ <method name="CancelAuthentication">
<arg name="cookie" direction="in" type="s"/>
-
</method>
</interface>
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index c21fa84..4a15f74 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -238,5 +238,16 @@
</arg>
</method>
+ <method name="AuthenticationAgentResponse">
+ <arg name="cookie" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="The cookie identifying the authentication request that was passed to the authentication agent"/>
+ </arg>
+
+ <arg name="identity" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Identity"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The identity that was authenticated"/>
+ </arg>
+ </method>
+
</interface>
</node>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 3d36c14..70324fe 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -1046,3 +1046,107 @@ polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *auth
}
/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_authentication_agent_response_async (PolkitAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+ _PolkitIdentity *real_identity;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_authentication_agent_response_async);
+
+ real_identity = polkit_identity_get_real (identity);
+
+ call_id = _polkit_authority_authentication_agent_response (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ cookie,
+ real_identity,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ g_object_unref (real_identity);
+
+ return call_id;
+}
+
+void
+polkit_authority_authentication_agent_response (PolkitAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_authentication_agent_response_async (authority,
+ cookie,
+ identity,
+ cancellable,
+ callback,
+ user_data);
+}
+
+gboolean
+polkit_authority_authentication_agent_response_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_authentication_agent_response_async);
+
+ ret = _polkit_authority_authentication_agent_response_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+
+gboolean
+polkit_authority_authentication_agent_response_sync (PolkitAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean ret;
+
+ call_id = polkit_authority_authentication_agent_response_async (authority,
+ cookie,
+ identity,
+ cancellable,
+ generic_cb,
+ &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ ret = polkit_authority_authentication_agent_response_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index e6ece8e..db1bb46 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -93,6 +93,12 @@ gboolean polkit_authority_unregister_authentication_agent_sync
GCancellable *cancellable,
GError **error);
+gboolean polkit_authority_authentication_agent_response_sync (PolkitAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ GCancellable *cancellable,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
void polkit_authority_enumerate_actions (PolkitAuthority *authority,
@@ -188,6 +194,17 @@ gboolean polkit_authority_unregister_authentication_agent_fini
GAsyncResult *res,
GError **error);
+void polkit_authority_authentication_agent_response (PolkitAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_authentication_agent_response_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
G_END_DECLS
diff --git a/src/polkitagent/Makefile.am b/src/polkitagent/Makefile.am
index d227661..b792f93 100644
--- a/src/polkitagent/Makefile.am
+++ b/src/polkitagent/Makefile.am
@@ -65,7 +65,8 @@ libpolkit_agent_1_la_LIBADD = \
libexec_PROGRAMS = polkit-agent-helper-1
polkit_agent_helper_1_SOURCES = polkitagenthelper.c
-polkit_agent_helper_1_LDADD = $(AUTH_LIBS)
+polkit_agent_helper_1_CFLAGS = $(GLIB_CFLAGS)
+polkit_agent_helper_1_LDADD = $(AUTH_LIBS) $(top_builddir)/src/polkit/libpolkit-gobject-1.la
# polkit-agent-helper-1 need to be setuid root because it's used to
# authenticate not only the invoking user, but possibly also root
diff --git a/src/polkitagent/polkitagentauthenticationagent.c b/src/polkitagent/polkitagentauthenticationagent.c
index 844a32e..5014b37 100644
--- a/src/polkitagent/polkitagentauthenticationagent.c
+++ b/src/polkitagent/polkitagentauthenticationagent.c
@@ -35,7 +35,7 @@ struct _PolkitAgentAuthenticationAgent
PolkitAuthority *authority;
PolkitAgentAuthenticationAgentBeginFunc begin_func;
- PolkitAgentAuthenticationAgentEndFunc end_func;
+ PolkitAgentAuthenticationAgentCancelFunc cancel_func;
gpointer user_data;
};
@@ -100,7 +100,7 @@ polkit_agent_authentication_agent_class_init (PolkitAgentAuthenticationAgentClas
PolkitAgentAuthenticationAgent *
polkit_agent_authentication_agent_new (PolkitAgentAuthenticationAgentBeginFunc begin_func,
- PolkitAgentAuthenticationAgentEndFunc end_func,
+ PolkitAgentAuthenticationAgentCancelFunc cancel_func,
gpointer user_data,
GError **error)
{
@@ -109,7 +109,7 @@ polkit_agent_authentication_agent_new (PolkitAgentAuthenticationAgentBeginFunc b
agent = POLKIT_AGENT_AUTHENTICATION_AGENT (g_object_new (POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT, NULL));
agent->begin_func = begin_func;
- agent->end_func = end_func;
+ agent->cancel_func = cancel_func;
agent->user_data = user_data;
if (!polkit_authority_register_authentication_agent_sync (agent->authority,
@@ -147,41 +147,51 @@ handle_begin_authentication (_PolkitAgentAuthenticationAgent *instance,
list = g_list_reverse (list);
error = NULL;
- if (!agent->begin_func (agent,
- action_id,
- cookie,
- list,
- &error,
- agent->user_data))
+
+ agent->begin_func (agent,
+ action_id,
+ cookie,
+ list,
+ (gpointer) method_invocation);
+
+ g_list_free (list);
+}
+
+void
+polkit_agent_authentication_agent_finish (PolkitAgentAuthenticationAgent *agent,
+ gpointer pending_call,
+ GError *error)
+{
+ EggDBusMethodInvocation *method_invocation = EGG_DBUS_METHOD_INVOCATION (pending_call);
+
+ if (error != NULL)
{
egg_dbus_method_invocation_return_gerror (method_invocation, error);
- g_error_free (error);
}
else
{
_polkit_agent_authentication_agent_handle_begin_authentication_finish (method_invocation);
}
-
- g_list_free (list);
}
+
static void
-handle_end_authentication (_PolkitAgentAuthenticationAgent *instance,
- const gchar *cookie,
- EggDBusMethodInvocation *method_invocation)
+handle_cancel_authentication (_PolkitAgentAuthenticationAgent *instance,
+ const gchar *cookie,
+ EggDBusMethodInvocation *method_invocation)
{
PolkitAgentAuthenticationAgent *agent = POLKIT_AGENT_AUTHENTICATION_AGENT (instance);
- agent->end_func (agent,
- cookie,
- agent->user_data);
+ agent->cancel_func (agent,
+ cookie,
+ agent->user_data);
- _polkit_agent_authentication_agent_handle_end_authentication_finish (method_invocation);
+ _polkit_agent_authentication_agent_handle_cancel_authentication_finish (method_invocation);
}
static void
authentication_agent_iface_init (_PolkitAgentAuthenticationAgentIface *agent_iface)
{
agent_iface->handle_begin_authentication = handle_begin_authentication;
- agent_iface->handle_end_authentication = handle_end_authentication;
+ agent_iface->handle_cancel_authentication = handle_cancel_authentication;
}
diff --git a/src/polkitagent/polkitagentauthenticationagent.h b/src/polkitagent/polkitagentauthenticationagent.h
index 9d315ff..96d009b 100644
--- a/src/polkitagent/polkitagentauthenticationagent.h
+++ b/src/polkitagent/polkitagentauthenticationagent.h
@@ -19,8 +19,8 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
-#ifndef __POLKIT_AGENT_AUTHENTICATION_SESSION_H
-#define __POLKIT_AGENT_AUTHENTICATION_SESSION_H
+#ifndef __POLKIT_AGENT_AUTHENTICATION_AGENT_H
+#define __POLKIT_AGENT_AUTHENTICATION_AGENT_H
#include <polkit/polkit.h>
#include <polkitagent/polkitagenttypes.h>
@@ -41,25 +41,29 @@ typedef struct _PolkitAgentAuthenticationAgentClass PolkitAgentAuthentication
/* TODO: we probably want to express this interface in another way but this is good enough for now */
-typedef gboolean (*PolkitAgentAuthenticationAgentBeginFunc) (PolkitAgentAuthenticationAgent *agent,
- const gchar *action_id,
- const gchar *cookie,
- GList *identities,
- GError **error,
- gpointer user_data);
-
-typedef void (*PolkitAgentAuthenticationAgentEndFunc) (PolkitAgentAuthenticationAgent *agent,
+typedef void (*PolkitAgentAuthenticationAgentBeginFunc) (PolkitAgentAuthenticationAgent *agent,
+ const gchar *action_id,
const gchar *cookie,
- gpointer user_data);
+ GList *identities,
+ gpointer pending_call);
+
+typedef void (*PolkitAgentAuthenticationAgentCancelFunc) (PolkitAgentAuthenticationAgent *agent,
+ const gchar *cookie,
+ gpointer user_data);
GType polkit_agent_authentication_agent_get_type (void) G_GNUC_CONST;
+
PolkitAgentAuthenticationAgent *polkit_agent_authentication_agent_new (PolkitAgentAuthenticationAgentBeginFunc begin_func,
- PolkitAgentAuthenticationAgentEndFunc end_func,
+ PolkitAgentAuthenticationAgentCancelFunc cancel_func,
gpointer user_data,
GError **error);
+void polkit_agent_authentication_agent_finish (PolkitAgentAuthenticationAgent *agent,
+ gpointer pending_call,
+ GError *error);
+
/* --- */
G_END_DECLS
-#endif /* __POLKIT_AGENT_AUTHENTICATION_SESSION_H */
+#endif /* __POLKIT_AGENT_AUTHENTICATION_AGENT_H */
diff --git a/src/polkitagent/polkitagentauthenticationsession.c b/src/polkitagent/polkitagentauthenticationsession.c
index 2c6bc65..993313c 100644
--- a/src/polkitagent/polkitagentauthenticationsession.c
+++ b/src/polkitagent/polkitagentauthenticationsession.c
@@ -286,7 +286,7 @@ polkit_agent_authentication_session_initiate_auth (PolkitAgentAuthenticationSess
goto error;
}
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-session-helper-1";
+ helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-agent-helper-1";
helper_argv[1] = passwd->pw_name;
helper_argv[2] = session->cookie;
helper_argv[3] = NULL;
diff --git a/src/polkitagent/polkitagenthelper.c b/src/polkitagent/polkitagenthelper.c
index df59f18..d5844e5 100644
--- a/src/polkitagent/polkitagenthelper.c
+++ b/src/polkitagent/polkitagenthelper.c
@@ -29,6 +29,8 @@
#include <syslog.h>
#include <security/pam_appl.h>
+#include <polkit/polkit.h>
+
#ifdef HAVE_SOLARIS
# define LOG_AUTHPRIV (10<<3)
#endif
@@ -38,7 +40,9 @@
* sensitive information.
*/
#undef PAH_DEBUG
-#define PAH_DEBUG
+//#define PAH_DEBUG
+
+static gboolean send_dbus_message (const char *cookie, const char *user);
static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data);
@@ -154,9 +158,11 @@ main (int argc, char *argv[])
fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth);
#endif /* PAH_DEBUG */
- /* TODO: now send a D-Bus message to the PolicyKit daemon that
- * includes a) the cookie; and b) the user we authenticated
+ /* now send a D-Bus message to the PolicyKit daemon that
+ * includes a) the cookie; and b) the user we authenticated
*/
+ if (!send_dbus_message (cookie, user_to_auth))
+ goto error;
fprintf (stdout, "SUCCESS\n");
fflush (stdout);
@@ -253,3 +259,51 @@ error:
*resp = NULL;
return PAM_CONV_ERR;
}
+
+static gboolean
+send_dbus_message (const char *cookie, const char *user)
+{
+ PolkitAuthority *authority;
+ PolkitIdentity *identity;
+ GError *error;
+ gboolean ret;
+
+ ret = FALSE;
+
+ error = NULL;
+
+ g_type_init ();
+
+ authority = polkit_authority_get ();
+
+ identity = polkit_unix_user_new_for_name (user, &error);
+ if (identity == NULL)
+ {
+ g_printerr ("Error constructing identity: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ if (!polkit_authority_authentication_agent_response_sync (authority,
+ cookie,
+ identity,
+ NULL,
+ &error))
+ {
+ g_printerr ("Error sending response to PolicyKit daemon: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ ret = TRUE;
+
+ out:
+
+ if (identity != NULL)
+ g_object_unref (identity);
+
+ if (authority != NULL)
+ g_object_unref (authority);
+
+ return ret;
+}
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 5b6d7ea..da6f2a3 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -15,23 +15,33 @@ INCLUDES = \
-DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
-BUILT_SOURCES = \
- ckmanager.c ckmanager.h \
- cksession.c cksession.h \
- ckseat.c ckseat.h \
- ckdevice.c ckdevice.h \
- ckbindings.c ckbindings.h \
- ckbindingsmarshal.list \
- ckbindingsmarshal.c ckbindingsmarshal.h \
- ckbindingstypes.h \
- ckerror.c ckerror.h \
+BUILT_SOURCES = \
+ ckmanager.c ckmanager.h \
+ cksession.c cksession.h \
+ ckseat.c ckseat.h \
+ ckdevice.c ckdevice.h \
+ ckbindings.c ckbindings.h \
+ ckbindingsmarshal.list \
+ ckbindingsmarshal.c ckbindingsmarshal.h \
+ ckbindingstypes.h \
+ ckerror.c ckerror.h \
+ _polkitagentauthenticationagent.c _polkitagentauthenticationagent.h \
+ _polkitagentbindings.c _polkitagentbindings.h \
+ _polkitagentbindingsmarshal.list \
+ _polkitagentbindingsmarshal.c _polkitagentbindingsmarshal.h \
+ _polkitagentbindingstypes.h \
$(NULL)
-$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml
- eggdbus-binding-tool \
- --namespace "Ck" \
- --dbus-namespace "org.freedesktop.ConsoleKit" \
- --introspection-xml $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml \
+$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml $(top_srcdir)/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
+ eggdbus-binding-tool \
+ --namespace "Ck" \
+ --dbus-namespace "org.freedesktop.ConsoleKit" \
+ --introspection-xml $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml \
+ $(NULL)
+ eggdbus-binding-tool \
+ --namespace "_PolkitAgent" \
+ --dbus-namespace "org.freedesktop.PolicyKit1" \
+ --introspection-xml $(top_srcdir)/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml \
$(NULL)
lib_LTLIBRARIES=libpolkit-backend-1.la
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 399b4c7..5f06e10 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -161,3 +161,16 @@ polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority
klass->unregister_authentication_agent (authority, object_path, pending_call);
}
+void
+polkit_backend_authority_authentication_agent_response (PolkitBackendAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->authentication_agent_response (authority, cookie, identity, pending_call);
+}
+
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index a35ad7e..06f54fa 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -95,6 +95,11 @@ struct _PolkitBackendAuthorityClass
const gchar *object_path,
PolkitBackendPendingCall *pending_call);
+ void (*authentication_agent_response) (PolkitBackendAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ PolkitBackendPendingCall *pending_call);
+
/*< private >*/
/* Padding for future expansion */
void (*_polkit_reserved1) (void);
@@ -154,6 +159,11 @@ void polkit_backend_authority_unregister_authentication_agent (PolkitBackend
const gchar *object_path,
PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_authentication_agent_response (PolkitBackendAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ PolkitBackendPendingCall *pending_call);
+
/* --- */
void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
@@ -176,8 +186,11 @@ void polkit_backend_authority_add_authorization_finish (PolkitBackend
void polkit_backend_authority_remove_authorization_finish (PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_register_authentication_agent_finish (PolkitBackendPendingCall *pending_call);
+
void polkit_backend_authority_unregister_authentication_agent_finish (PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_authentication_agent_response_finish (PolkitBackendPendingCall *pending_call);
+
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index d97da1d..3cb6c46 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -32,6 +32,10 @@
#include "polkitbackendpendingcall.h"
#include "polkitbackendsessionmonitor.h"
+#include "_polkitagentbindings.h"
+#include <polkit/polkitprivate.h>
+
+
typedef struct
{
PolkitBackendActionPool *action_pool;
@@ -59,8 +63,13 @@ static AuthorizationStore *get_authorization_store_for_identity (PolkitBackendLo
struct AuthenticationAgent;
typedef struct AuthenticationAgent AuthenticationAgent;
+struct AuthenticationSession;
+typedef struct AuthenticationSession AuthenticationSession;
+
typedef void (*AuthenticationAgentCallback) (AuthenticationAgent *agent,
PolkitSubject *subject,
+ PolkitIdentity *user_of_subject,
+ PolkitBackendLocalAuthority *authority,
const gchar *action_id,
PolkitImplicitAuthorization implicit_authorization,
gboolean authentication_success,
@@ -70,7 +79,10 @@ static void authentication_agent_free (AuthenticationAgent *agent
static void authentication_agent_initiate_challenge (AuthenticationAgent *agent,
PolkitSubject *subject,
+ PolkitIdentity *user_of_subject,
+ PolkitBackendLocalAuthority *authority,
const gchar *action_id,
+ PolkitSubject *caller,
PolkitImplicitAuthorization implicit_authorization,
AuthenticationAgentCallback callback,
gpointer user_data);
@@ -78,6 +90,14 @@ static void authentication_agent_initiate_challenge (Authenticati
static AuthenticationAgent *get_authentication_agent_for_subject (PolkitBackendLocalAuthority *authority,
PolkitSubject *subject);
+static AuthenticationSession *get_authentication_session_for_cookie (PolkitBackendLocalAuthority *authority,
+ const gchar *cookie);
+
+static GList *get_authentication_sessions_initiated_by_system_bus_unique_name (PolkitBackendLocalAuthority *authority,
+ const gchar *system_bus_unique_name);
+
+static void authentication_session_cancel (AuthenticationSession *session);
+
/* ---------------------------------------------------------------------------------------------------- */
static gboolean check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
@@ -157,6 +177,11 @@ static void polkit_backend_local_authority_unregister_authentication_agent (Polk
const gchar *object_path,
PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_authentication_agent_response (PolkitBackendAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ PolkitBackendPendingCall *pending_call);
+
/* ---------------------------------------------------------------------------------------------------- */
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
@@ -231,6 +256,8 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
authority_class->remove_authorization = polkit_backend_local_authority_remove_authorization;
authority_class->register_authentication_agent = polkit_backend_local_authority_register_authentication_agent;
authority_class->unregister_authentication_agent = polkit_backend_local_authority_unregister_authentication_agent;
+ authority_class->authentication_agent_response = polkit_backend_local_authority_authentication_agent_response;
+
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -359,6 +386,8 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho
static void
check_authorization_challenge_cb (AuthenticationAgent *agent,
PolkitSubject *subject,
+ PolkitIdentity *user_of_subject,
+ PolkitBackendLocalAuthority *authority,
const gchar *action_id,
PolkitImplicitAuthorization implicit_authorization,
gboolean authentication_success,
@@ -382,7 +411,30 @@ check_authorization_challenge_cb (AuthenticationAgent *agent,
{
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
- /* TODO: store temporary authorization depending on value of implicit_authorization */
+ /* store temporary authorization depending on value of implicit_authorization */
+ if (implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED ||
+ implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED)
+ {
+ GError *error;
+ PolkitAuthorization *authorization;
+
+ authorization = polkit_authorization_new (action_id,
+ subject,
+ FALSE);
+
+ if (!add_authorization_for_identity (authority,
+ user_of_subject,
+ authorization,
+ &error))
+ {
+ g_warning ("Error adding temporary authorization gained from authentication: %s",
+ error->message);
+
+ g_error_free (error);
+ }
+
+ g_object_unref (authorization);
+ }
}
else
{
@@ -529,7 +581,10 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
authentication_agent_initiate_challenge (agent,
subject,
+ user_of_subject,
+ local_authority,
action_id,
+ inquirer,
implicit_authorization,
check_authorization_challenge_cb,
pending_call);
@@ -891,11 +946,120 @@ struct AuthenticationAgent
gchar *object_path;
gchar *unique_system_bus_name;
+
+ EggDBusObjectProxy *object_proxy;
+
+ GList *active_sessions;
+};
+
+struct AuthenticationSession
+{
+ AuthenticationAgent *agent;
+
+ gchar *cookie;
+
+ PolkitSubject *subject;
+
+ PolkitIdentity *user_of_subject;
+
+ PolkitBackendLocalAuthority *authority;
+
+ GList *identities;
+
+ gchar *action_id;
+
+ gchar *initiated_by_system_bus_unique_name;
+
+ PolkitImplicitAuthorization implicit_authorization;
+
+ AuthenticationAgentCallback callback;
+
+ gpointer user_data;
+
+ guint call_id;
+
+ gboolean is_authenticated;
};
+static AuthenticationSession *
+authentication_session_new (AuthenticationAgent *agent,
+ const gchar *cookie,
+ PolkitSubject *subject,
+ PolkitIdentity *user_of_subject,
+ PolkitBackendLocalAuthority *authority,
+ GList *identities,
+ const gchar *action_id,
+ const gchar *initiated_by_system_bus_unique_name,
+ PolkitImplicitAuthorization implicit_authorization,
+ AuthenticationAgentCallback callback,
+ gpointer user_data)
+{
+ AuthenticationSession *session;
+
+ session = g_new0 (AuthenticationSession, 1);
+ session->agent = agent;
+ session->cookie = g_strdup (cookie);
+ session->subject = g_object_ref (subject);
+ session->user_of_subject = g_object_ref (user_of_subject);
+ session->authority = g_object_ref (authority);
+ session->identities = g_list_copy (identities);
+ g_list_foreach (session->identities, (GFunc) g_object_ref, NULL);
+ session->action_id = g_strdup (action_id);
+ session->initiated_by_system_bus_unique_name = g_strdup (initiated_by_system_bus_unique_name);
+ session->implicit_authorization = implicit_authorization;
+ session->callback = callback;
+ session->user_data = user_data;
+
+ return session;
+}
+
+static void
+authentication_session_free (AuthenticationSession *session)
+{
+ g_free (session->cookie);
+ g_list_foreach (session->identities, (GFunc) g_object_unref, NULL);
+ g_list_free (session->identities);
+ g_object_unref (session->subject);
+ g_object_unref (session->user_of_subject);
+ g_object_unref (session->authority);
+ g_free (session->action_id);
+ g_free (session->initiated_by_system_bus_unique_name);
+ g_free (session);
+}
+
+static gchar *
+authentication_agent_new_cookie (AuthenticationAgent *agent)
+{
+ static gint counter = 0;
+
+ /* TODO: use a more random-looking cookie */
+
+ return g_strdup_printf ("cookie%d", counter++);
+}
+
static void
authentication_agent_free (AuthenticationAgent *agent)
{
+ /* cancel all active authentication sessions; use a copy of the list since
+ * callbacks will modify the list
+ */
+ if (agent->active_sessions != NULL)
+ {
+ GList *l;
+ GList *active_sessions;
+
+ active_sessions = g_list_copy (agent->active_sessions);
+ for (l = active_sessions; l != NULL; l = l->next)
+ {
+ AuthenticationSession *session = l->data;
+
+ authentication_session_cancel (session);
+ }
+ g_list_free (active_sessions);
+ }
+
+ g_object_unref (agent->object_proxy);
+
g_object_unref (agent->session);
g_free (agent->object_path);
g_free (agent->unique_system_bus_name);
@@ -908,6 +1072,7 @@ authentication_agent_new (PolkitSubject *session,
const gchar *object_path)
{
AuthenticationAgent *agent;
+ EggDBusConnection *system_bus;
agent = g_new0 (AuthenticationAgent, 1);
@@ -915,6 +1080,14 @@ authentication_agent_new (PolkitSubject *session,
agent->object_path = g_strdup (object_path);
agent->unique_system_bus_name = g_strdup (unique_system_bus_name);
+ system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+
+ agent->object_proxy = egg_dbus_connection_get_object_proxy (system_bus,
+ agent->unique_system_bus_name,
+ agent->object_path);
+
+ g_object_unref (system_bus);
+
return agent;
}
@@ -946,6 +1119,77 @@ get_authentication_agent_for_subject (PolkitBackendLocalAuthority *authority,
return agent;
}
+static AuthenticationSession *
+get_authentication_session_for_cookie (PolkitBackendLocalAuthority *authority,
+ const gchar *cookie)
+{
+ PolkitBackendLocalAuthorityPrivate *priv;
+ GHashTableIter hash_iter;
+ AuthenticationAgent *agent;
+ AuthenticationSession *result;
+
+ result = NULL;
+
+ /* TODO: perhaps use a hash on the cookie to speed this up */
+
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
+
+ g_hash_table_iter_init (&hash_iter, priv->hash_session_to_authentication_agent);
+ while (g_hash_table_iter_next (&hash_iter, NULL, (gpointer) &agent))
+ {
+ GList *l;
+
+ for (l = agent->active_sessions; l != NULL; l = l->next)
+ {
+ AuthenticationSession *session = l->data;
+
+ if (strcmp (session->cookie, cookie) == 0)
+ {
+ result = session;
+ goto out;
+ }
+ }
+ }
+
+ out:
+ return result;
+}
+
+static GList *
+get_authentication_sessions_initiated_by_system_bus_unique_name (PolkitBackendLocalAuthority *authority,
+ const gchar *system_bus_unique_name)
+{
+ PolkitBackendLocalAuthorityPrivate *priv;
+ GHashTableIter hash_iter;
+ AuthenticationAgent *agent;
+ GList *result;
+
+ result = NULL;
+
+ /* TODO: perhaps use a hash on the cookie to speed this up */
+
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
+
+ g_hash_table_iter_init (&hash_iter, priv->hash_session_to_authentication_agent);
+ while (g_hash_table_iter_next (&hash_iter, NULL, (gpointer) &agent))
+ {
+ GList *l;
+
+ for (l = agent->active_sessions; l != NULL; l = l->next)
+ {
+ AuthenticationSession *session = l->data;
+
+ if (strcmp (session->initiated_by_system_bus_unique_name, system_bus_unique_name) == 0)
+ {
+ result = g_list_prepend (result, session);
+ }
+ }
+ }
+
+ return result;
+}
+
+
static AuthenticationAgent *
get_authentication_agent_by_unique_system_bus_name (PolkitBackendLocalAuthority *authority,
const gchar *unique_system_bus_name)
@@ -970,21 +1214,139 @@ get_authentication_agent_by_unique_system_bus_name (PolkitBackendLocalAuthority
}
static void
+authentication_agent_begin_callback (GObject *source_object,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ _PolkitAgentAuthenticationAgent *agent_dbus = _POLKIT_AGENT_AUTHENTICATION_AGENT (source_object);
+ AuthenticationSession *session = user_data;
+ GError *error;
+ gboolean gained_authorization;
+
+ error = NULL;
+ if (!_polkit_agent_authentication_agent_begin_authentication_finish (agent_dbus,
+ res,
+ &error))
+ {
+ g_warning ("Error performing authentication: %s", error->message);
+ g_error_free (error);
+
+ gained_authorization = FALSE;
+ }
+ else
+ {
+ gained_authorization = session->is_authenticated;
+
+ g_debug ("Authentication complete, is_authenticated = %d", session->is_authenticated);
+ }
+
+ session->agent->active_sessions = g_list_remove (session->agent->active_sessions, session);
+
+ session->callback (session->agent,
+ session->subject,
+ session->user_of_subject,
+ session->authority,
+ session->action_id,
+ session->implicit_authorization,
+ gained_authorization,
+ session->user_data);
+
+ authentication_session_free (session);
+}
+
+static void
authentication_agent_initiate_challenge (AuthenticationAgent *agent,
PolkitSubject *subject,
+ PolkitIdentity *user_of_subject,
+ PolkitBackendLocalAuthority *authority,
const gchar *action_id,
+ PolkitSubject *caller,
PolkitImplicitAuthorization implicit_authorization,
AuthenticationAgentCallback callback,
gpointer user_data)
{
- /* TODO */
-
- callback (agent,
- subject,
- action_id,
- implicit_authorization,
- FALSE,
- user_data);
+ AuthenticationSession *session;
+ _PolkitAgentAuthenticationAgent *agent_dbus;
+ gchar *cookie;
+ GList *l;
+ GList *identities;
+ EggDBusArraySeq *real_identities;
+
+ cookie = authentication_agent_new_cookie (agent);
+
+ /* TODO: add uid 0 OR users in wheel group depending on value of @implicit_authorization */
+ identities = g_list_prepend (NULL, g_object_ref (user_of_subject));
+
+ session = authentication_session_new (agent,
+ cookie,
+ subject,
+ user_of_subject,
+ authority,
+ identities,
+ action_id,
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller)),
+ implicit_authorization,
+ callback,
+ user_data);
+
+ agent->active_sessions = g_list_prepend (agent->active_sessions, session);
+
+ agent_dbus = _POLKIT_AGENT_QUERY_INTERFACE_AUTHENTICATION_AGENT (agent->object_proxy);
+
+ real_identities = egg_dbus_array_seq_new (EGG_DBUS_TYPE_STRUCTURE, g_object_unref, NULL, NULL);
+ for (l = identities; l != NULL; l = l->next)
+ {
+ PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
+ egg_dbus_array_seq_add (real_identities, polkit_identity_get_real (identity));
+ }
+
+ session->call_id = _polkit_agent_authentication_agent_begin_authentication (agent_dbus,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ action_id,
+ session->cookie,
+ real_identities,
+ NULL,
+ authentication_agent_begin_callback,
+ session);
+
+ g_list_foreach (identities, (GFunc) g_object_unref, NULL);
+ g_list_free (identities);
+ g_object_unref (real_identities);
+ g_free (cookie);
+}
+
+static void
+authentication_agent_cancel_callback (GObject *source_object,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ _PolkitAgentAuthenticationAgent *agent_dbus = _POLKIT_AGENT_AUTHENTICATION_AGENT (source_object);
+
+ _polkit_agent_authentication_agent_cancel_authentication_finish (agent_dbus,
+ res,
+ NULL);
+}
+
+static void
+authentication_session_cancel (AuthenticationSession *session)
+{
+ EggDBusConnection *system_bus;
+ _PolkitAgentAuthenticationAgent *agent_dbus;
+
+ system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+
+ agent_dbus = _POLKIT_AGENT_QUERY_INTERFACE_AUTHENTICATION_AGENT (session->agent->object_proxy);
+
+ _polkit_agent_authentication_agent_cancel_authentication (agent_dbus,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ session->cookie,
+ NULL,
+ authentication_agent_cancel_callback,
+ NULL);
+
+ egg_dbus_connection_pending_call_cancel (system_bus, session->call_id);
+
+ g_object_unref (system_bus);
}
/* ---------------------------------------------------------------------------------------------------- */
@@ -1127,6 +1489,97 @@ polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAut
/* ---------------------------------------------------------------------------------------------------- */
static void
+polkit_backend_local_authority_authentication_agent_response (PolkitBackendAuthority *authority,
+ const gchar *cookie,
+ PolkitIdentity *identity,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitSubject *caller;
+ PolkitIdentity *user_of_caller;
+ gchar *identity_str;
+ GError *error;
+ AuthenticationSession *session;
+ GList *l;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ error = NULL;
+ user_of_caller = NULL;
+
+ identity_str = polkit_identity_to_string (identity);
+
+ g_debug ("In authentication_agent_response for cookie '%s' and identity %s",
+ cookie,
+ identity_str);
+
+ caller = polkit_backend_pending_call_get_caller (pending_call);
+
+ user_of_caller = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
+ caller,
+ &error);
+ if (error != NULL)
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ goto out;
+ }
+
+ /* only uid 0 is allowed to invoke this method */
+ if (!POLKIT_IS_UNIX_USER (user_of_caller) || polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) != 0)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Only uid 0 may invoke this method. This incident has been logged.");
+ goto out;
+ }
+
+ /* find the authentication session */
+ session = get_authentication_session_for_cookie (local_authority, cookie);
+ if (session == NULL)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "No session for cookie");
+ goto out;
+ }
+
+ /* check that the authentication identity was one of the possibilities we allowed */
+ for (l = session->identities; l != NULL; l = l->next)
+ {
+ PolkitIdentity *i = POLKIT_IDENTITY (l->data);
+
+ if (polkit_identity_equal (i, identity))
+ break;
+ }
+ if (l == NULL)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "The authenticated identity is wrong");
+ goto out;
+ }
+
+ /* checks out, mark the session as authenticated */
+ session->is_authenticated = TRUE;
+
+ polkit_backend_authority_authentication_agent_response_finish (pending_call);
+
+ out:
+ g_free (identity_str);
+
+ if (user_of_caller != NULL)
+ g_object_unref (user_of_caller);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
polkit_backend_local_authority_system_bus_name_owner_changed (PolkitBackendAuthority *authority,
const gchar *name,
const gchar *old_owner,
@@ -1134,15 +1587,18 @@ polkit_backend_local_authority_system_bus_name_owner_changed (PolkitBackendAutho
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
- AuthenticationAgent *agent;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
- //g_debug ("name-owner-changed: '%s' '%s' '%s'", name, old_owner, new_owner);
+ g_debug ("name-owner-changed: '%s' '%s' '%s'", name, old_owner, new_owner);
if (name[0] == ':' && strlen (new_owner) == 0)
{
+ AuthenticationAgent *agent;
+ GList *sessions;
+ GList *l;
+
agent = get_authentication_agent_by_unique_system_bus_name (local_authority, name);
if (agent != NULL)
{
@@ -1154,6 +1610,15 @@ polkit_backend_local_authority_system_bus_name_owner_changed (PolkitBackendAutho
/* this works because we have exactly one agent per session */
g_hash_table_remove (priv->hash_session_to_authentication_agent, agent->session);
}
+
+ sessions = get_authentication_sessions_initiated_by_system_bus_unique_name (local_authority, name);
+ for (l = sessions; l != NULL; l = l->next)
+ {
+ AuthenticationSession *session = l->data;
+
+ authentication_session_cancel (session);
+ }
+ g_list_free (sessions);
}
}
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 2414bde..d89cb37 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -473,6 +473,37 @@ polkit_backend_authority_unregister_authentication_agent_finish (PolkitBackendPe
/* ---------------------------------------------------------------------------------------------------- */
static void
+authority_handle_authentication_agent_response (_PolkitAuthority *instance,
+ const gchar *cookie,
+ _PolkitIdentity *real_identity,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+ PolkitIdentity *identity;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ identity = polkit_identity_new_for_real (real_identity);
+
+ g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref);
+
+ polkit_backend_authority_authentication_agent_response (server->authority,
+ cookie,
+ identity,
+ pending_call);
+}
+
+void
+polkit_backend_authority_authentication_agent_response_finish (PolkitBackendPendingCall *pending_call)
+{
+ _polkit_authority_handle_authentication_agent_response_finish (_polkit_backend_pending_call_get_method_invocation (pending_call));
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
@@ -484,4 +515,5 @@ authority_iface_init (_PolkitAuthorityIface *authority_iface)
authority_iface->handle_remove_authorization = authority_handle_remove_authorization;
authority_iface->handle_register_authentication_agent = authority_handle_register_authentication_agent;
authority_iface->handle_unregister_authentication_agent = authority_handle_unregister_authentication_agent;
+ authority_iface->handle_authentication_agent_response = authority_handle_authentication_agent_response;
}
commit 39427166d5f77945cc21e1458f184e54c02cefe9
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 18:29:29 2009 -0500
add more infrastructure for authentication agent integration
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 976d9fc..d97da1d 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -59,8 +59,22 @@ static AuthorizationStore *get_authorization_store_for_identity (PolkitBackendLo
struct AuthenticationAgent;
typedef struct AuthenticationAgent AuthenticationAgent;
+typedef void (*AuthenticationAgentCallback) (AuthenticationAgent *agent,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitImplicitAuthorization implicit_authorization,
+ gboolean authentication_success,
+ gpointer user_data);
+
static void authentication_agent_free (AuthenticationAgent *agent);
+static void authentication_agent_initiate_challenge (AuthenticationAgent *agent,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitImplicitAuthorization implicit_authorization,
+ AuthenticationAgentCallback callback,
+ gpointer user_data);
+
static AuthenticationAgent *get_authentication_agent_for_subject (PolkitBackendLocalAuthority *authority,
PolkitSubject *subject);
@@ -343,6 +357,45 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho
/* ---------------------------------------------------------------------------------------------------- */
static void
+check_authorization_challenge_cb (AuthenticationAgent *agent,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitImplicitAuthorization implicit_authorization,
+ gboolean authentication_success,
+ gpointer user_data)
+{
+ PolkitBackendPendingCall *pending_call = POLKIT_BACKEND_PENDING_CALL (user_data);
+ PolkitAuthorizationResult result;
+ gchar *subject_str;
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_debug ("In check_authorization_challenge_cb\n"
+ " subject %s\n"
+ " action_id %s\n"
+ " authentication_success %d\n",
+ subject_str,
+ action_id,
+ authentication_success);
+
+ if (authentication_success)
+ {
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+
+ /* TODO: store temporary authorization depending on value of implicit_authorization */
+ }
+ else
+ {
+ /* TODO: maybe return FAILED_CHALLENGE instead? */
+ result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+ }
+
+ polkit_backend_authority_check_authorization_finish (pending_call, result);
+
+ g_free (subject_str);
+}
+
+static void
polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -456,6 +509,35 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
goto out;
}
+ /* TODO: temporary hack */
+ flags |= POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION;
+
+ /* Caller is up for a challenge! With light sabers! Use an authentication agent if one exists... */
+ if ((result == POLKIT_AUTHORIZATION_RESULT_CHALLENGE) &&
+ (flags & POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION))
+ {
+ AuthenticationAgent *agent;
+
+ agent = get_authentication_agent_for_subject (local_authority, subject);
+ if (agent == NULL)
+ {
+ g_debug (" challenge requested, but no authentication agent available");
+ }
+ else
+ {
+ g_debug (" using authentication agent for challenge");
+
+ authentication_agent_initiate_challenge (agent,
+ subject,
+ action_id,
+ implicit_authorization,
+ check_authorization_challenge_cb,
+ pending_call);
+ goto out;
+ }
+
+ }
+
polkit_backend_authority_check_authorization_finish (pending_call, result);
out:
@@ -860,6 +942,8 @@ get_authentication_agent_for_subject (PolkitBackendLocalAuthority *authority,
out:
if (session_for_subject != NULL)
g_object_unref (session_for_subject);
+
+ return agent;
}
static AuthenticationAgent *
@@ -885,6 +969,24 @@ get_authentication_agent_by_unique_system_bus_name (PolkitBackendLocalAuthority
return agent;
}
+static void
+authentication_agent_initiate_challenge (AuthenticationAgent *agent,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitImplicitAuthorization implicit_authorization,
+ AuthenticationAgentCallback callback,
+ gpointer user_data)
+{
+ /* TODO */
+
+ callback (agent,
+ subject,
+ action_id,
+ implicit_authorization,
+ FALSE,
+ user_data);
+}
+
/* ---------------------------------------------------------------------------------------------------- */
static void
commit 19dc13e92ed684fa2b50f5ca4b73d5537394c995
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 18:04:49 2009 -0500
honor implicit authorizations
Yay, only major bit remaining now is to call out to the authentication
agent on CHALLENGE...
diff --git a/src/polkit/polkitimplicitauthorization.c b/src/polkit/polkitimplicitauthorization.c
index a691160..d2b59fb 100644
--- a/src/polkit/polkitimplicitauthorization.c
+++ b/src/polkit/polkitimplicitauthorization.c
@@ -85,8 +85,6 @@ polkit_implicit_authorization_from_string (const gchar *string,
if (out_implicit_authorization != NULL)
*out_implicit_authorization = result;
- g_debug ("parsed '%s' to %d", string, result);
-
return ret;
}
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index e3f14d3..976d9fc 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -118,6 +118,7 @@ static PolkitAuthorizationResult check_authorization_sync (PolkitBackendAuthorit
PolkitSubject *subject,
const gchar *action_id,
PolkitCheckAuthorizationFlags flags,
+ PolkitImplicitAuthorization *out_implicit_authorization,
GError **error);
static void polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
@@ -358,6 +359,7 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
gchar *user_of_inquirer_str;
gchar *user_of_subject_str;
PolkitAuthorizationResult result;
+ PolkitImplicitAuthorization implicit_authorization;
GError *error;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
@@ -420,6 +422,7 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
inquirer,
"org.freedesktop.policykit.read",
POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE, /* no user interaction */
+ NULL,
&error);
if (error != NULL)
@@ -440,16 +443,20 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
}
}
- result = check_authorization_sync (authority, subject, action_id, flags, &error);
+ result = check_authorization_sync (authority,
+ subject,
+ action_id,
+ flags,
+ &implicit_authorization,
+ &error);
if (error != NULL)
{
polkit_backend_pending_call_return_gerror (pending_call, error);
g_error_free (error);
+ goto out;
}
- else
- {
- polkit_backend_authority_check_authorization_finish (pending_call, result);
- }
+
+ polkit_backend_authority_check_authorization_finish (pending_call, result);
out:
@@ -472,15 +479,21 @@ check_authorization_sync (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
PolkitCheckAuthorizationFlags flags,
+ PolkitImplicitAuthorization *out_implicit_authorization,
GError **error)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
PolkitAuthorizationResult result;
PolkitIdentity *user_of_subject;
+ PolkitSubject *session_for_subject;
gchar *subject_str;
GList *groups_of_user;
GList *l;
+ PolkitActionDescription *action_desc;
+ gboolean session_is_local;
+ gboolean session_is_active;
+ PolkitImplicitAuthorization implicit_authorization;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
@@ -490,6 +503,10 @@ check_authorization_sync (PolkitBackendAuthority *authority,
user_of_subject = NULL;
groups_of_user = NULL;
subject_str = NULL;
+ session_for_subject = NULL;
+
+ session_is_local = FALSE;
+ session_is_active = FALSE;
subject_str = polkit_subject_to_string (subject);
@@ -497,6 +514,21 @@ check_authorization_sync (PolkitBackendAuthority *authority,
subject_str,
action_id);
+ /* get the action description */
+ action_desc = polkit_backend_action_pool_get_action (priv->action_pool,
+ action_id,
+ NULL);
+
+ if (action_desc == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Action %s is not registered",
+ action_id);
+ goto out;
+ }
+
/* every subject has a user */
user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
subject,
@@ -511,7 +543,44 @@ check_authorization_sync (PolkitBackendAuthority *authority,
goto out;
}
- /* TODO: first see if there's an implicit authorization for subject available */
+ /* a subject *may* be in a session */
+ session_for_subject = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
+ subject,
+ NULL);
+ g_debug (" %p", session_for_subject);
+ if (session_for_subject != NULL)
+ {
+ session_is_local = polkit_backend_session_monitor_is_session_local (priv->session_monitor, session_for_subject);
+ session_is_active = polkit_backend_session_monitor_is_session_active (priv->session_monitor, session_for_subject);
+
+ g_debug (" subject is in session %s (local=%d active=%d)",
+ polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session_for_subject)),
+ session_is_local,
+ session_is_active);
+ }
+
+ /* find the implicit authorization to use; it depends on is_local and is_active */
+ if (session_is_local)
+ {
+ if (session_is_active)
+ implicit_authorization = polkit_action_description_get_implicit_active (action_desc);
+ else
+ implicit_authorization = polkit_action_description_get_implicit_inactive (action_desc);
+ }
+ else
+ {
+ implicit_authorization = polkit_action_description_get_implicit_any (action_desc);
+ }
+
+ /* first see if there's an implicit authorization for subject available */
+ if (implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED)
+ {
+ g_debug (" is authorized (has implicit authorization local=%d active=%d)",
+ session_is_local,
+ session_is_active);
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+ goto out;
+ }
/* then see if there's a temporary authorization for the subject */
if (check_temporary_authorization_for_identity (local_authority, user_of_subject, subject, action_id))
@@ -543,8 +612,21 @@ check_authorization_sync (PolkitBackendAuthority *authority,
}
}
- g_debug (" not authorized");
+ if (implicit_authorization != POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED)
+ {
+ result = POLKIT_AUTHORIZATION_RESULT_CHALLENGE;
+
+ /* return implicit_authorization so the caller can use an authentication agent if applicable */
+ if (out_implicit_authorization != NULL)
+ *out_implicit_authorization = implicit_authorization;
+ g_debug (" challenge (implicit_authorization = %s)",
+ polkit_implicit_authorization_to_string (implicit_authorization));
+ }
+ else
+ {
+ g_debug (" not authorized");
+ }
out:
g_free (subject_str);
@@ -554,6 +636,12 @@ check_authorization_sync (PolkitBackendAuthority *authority,
if (user_of_subject != NULL)
g_object_unref (user_of_subject);
+ if (session_for_subject != NULL)
+ g_object_unref (session_for_subject);
+
+ if (action_desc != NULL)
+ g_object_unref (action_desc);
+
g_debug (" ");
return result;
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index 61fc86a..5e47f0a 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -141,7 +141,7 @@ manager_seat_added (CkManager *manager,
{
PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
- g_debug ("seat %s added", object_path);
+ //g_debug ("seat %s added", object_path);
add_seat (monitor, object_path);
}
@@ -153,7 +153,7 @@ manager_seat_removed (CkManager *manager,
{
PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
- g_debug ("seat %s removed", object_path);
+ //g_debug ("seat %s removed", object_path);
remove_seat (monitor, object_path);
}
@@ -165,7 +165,7 @@ seat_session_added (CkSeat *seat,
{
PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
- g_debug ("session %s added", object_path);
+ //g_debug ("session %s added", object_path);
add_session (monitor, object_path);
}
@@ -177,7 +177,7 @@ seat_session_removed (CkSeat *seat,
{
PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
- g_debug ("session %s removed", object_path);
+ //g_debug ("session %s removed", object_path);
remove_session (monitor, object_path);
}
@@ -191,9 +191,7 @@ session_active_changed (CkSession *session,
object_proxy = egg_dbus_interface_proxy_get_object_proxy (EGG_DBUS_INTERFACE_PROXY (session));
- g_debug ("session %s active changed to %d",
- egg_dbus_object_proxy_get_object_path (object_proxy),
- is_active);
+ //g_debug ("session %s active changed to %d", egg_dbus_object_proxy_get_object_path (object_proxy), is_active);
egg_dbus_object_proxy_invalidate_properties (object_proxy);
}
@@ -452,7 +450,23 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni
session = NULL;
- if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
+ if (POLKIT_IS_UNIX_PROCESS (subject))
+ {
+ gchar *session_id;
+
+ if (!ck_manager_get_session_for_unix_process_sync (monitor->ck_manager,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)),
+ &session_id,
+ NULL,
+ error))
+ goto out;
+
+ session = polkit_unix_session_new (session_id);
+
+ g_free (session_id);
+ }
+ else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
{
pid_t pid;
gchar *session_id;
@@ -492,3 +506,58 @@ polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMoni
return session;
}
+gboolean
+polkit_backend_session_monitor_is_session_local (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *session)
+{
+ EggDBusObjectProxy *object_proxy;
+ const gchar *session_id;
+ CkSession *ck_session;
+ gboolean ret;
+
+ g_return_val_if_fail (POLKIT_IS_UNIX_SESSION (session), FALSE);
+
+ ret = FALSE;
+
+ session_id = polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session));
+
+ object_proxy = egg_dbus_hash_map_lookup (monitor->session_object_path_to_object_proxy, session_id);
+ if (object_proxy == NULL)
+ goto out;
+
+ ck_session = CK_QUERY_INTERFACE_SESSION (object_proxy);
+
+ ret = ck_session_get_is_local (ck_session);
+
+ out:
+ return ret;
+}
+
+
+gboolean
+polkit_backend_session_monitor_is_session_active (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *session)
+{
+ EggDBusObjectProxy *object_proxy;
+ const gchar *session_id;
+ CkSession *ck_session;
+ gboolean ret;
+
+ g_return_val_if_fail (POLKIT_IS_UNIX_SESSION (session), FALSE);
+
+ ret = FALSE;
+
+ session_id = polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session));
+
+ object_proxy = egg_dbus_hash_map_lookup (monitor->session_object_path_to_object_proxy, session_id);
+ if (object_proxy == NULL)
+ goto out;
+
+ ck_session = CK_QUERY_INTERFACE_SESSION (object_proxy);
+
+ ret = ck_session_get_active (ck_session);
+
+ out:
+ return ret;
+}
+
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h
index a4194a9..e498598 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.h
+++ b/src/polkitbackend/polkitbackendsessionmonitor.h
@@ -55,6 +55,12 @@ PolkitSubject *polkit_backend_session_monitor_get_session_for_subj
PolkitSubject *subject,
GError **error);
+gboolean polkit_backend_session_monitor_is_session_local (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *session);
+
+gboolean polkit_backend_session_monitor_is_session_active (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *session);
+
G_END_DECLS
#endif /* __POLKIT_BACKEND_SESSION_MONITOR_H */
commit affe51cb9543dd6091d9722b15902e29a8610b7c
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 16:18:18 2009 -0500
add enumeration and handling of implicit authorizations
Now to actually use them...
diff --git a/actions/org.freedesktop.policykit.policy.in b/actions/org.freedesktop.policykit.policy.in
index 9613355..72aa67e 100644
--- a/actions/org.freedesktop.policykit.policy.in
+++ b/actions/org.freedesktop.policykit.policy.in
@@ -15,7 +15,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
@@ -25,7 +25,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
@@ -35,7 +35,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
@@ -45,7 +45,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
</policyconfig>
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 840a79a..c21fa84 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -32,33 +32,81 @@
</annotation>
+ <!-- An enumeration for implicit authorizations -->
+ <annotation name="org.gtk.EggDBus.DeclareEnum" value="ImplicitAuthorization">
+
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="NotAuthorized">
+ <annotation name="org.gtk.EggDBus.DocString" value="Subject is not authorized."/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="AuthenticationRequired">
+ <annotation name="org.gtk.EggDBus.DocString" value="Authentication is required."/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="AdministratorAuthenticationRequired">
+ <annotation name="org.gtk.EggDBus.DocString" value="Authentication as an administrator is required."/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="AuthenticationRequiredRetained">
+ <annotation name="org.gtk.EggDBus.DocString" value="Authentication is required. If the authorization is obtained, it is retained."/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="AdministratorAuthenticationRequiredRetained">
+ <annotation name="org.gtk.EggDBus.DocString" value="Authentication as an administrator is required. If the authorization is obtained, it is retained."/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="Authorized">
+ <annotation name="org.gtk.EggDBus.DocString" value="The subject is authorized"/>
+ </annotation>
+
+ </annotation>
+
<!-- ActionDescription struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="ActionDescription">
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
<annotation name="org.gtk.EggDBus.DocString" value="Action Identifier"/>
</annotation>
+
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:description">
<annotation name="org.gtk.EggDBus.DocString" value="Action Description"/>
</annotation>
+
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:message">
<annotation name="org.gtk.EggDBus.DocString" value="Action Message"/>
</annotation>
+
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:vendor_name">
<annotation name="org.gtk.EggDBus.DocString" value="Vendor Name"/>
</annotation>
+
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:vendor_url">
<annotation name="org.gtk.EggDBus.DocString" value="Vendor URL"/>
</annotation>
+
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:icon_name">
<annotation name="org.gtk.EggDBus.DocString" value="Icon Name"/>
</annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="i:implicit_any">
+ <annotation name="org.gtk.EggDBus.EnumType" value="ImplicitAuthorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="Defaults for any kind of subject"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="i:implicit_inactive">
+ <annotation name="org.gtk.EggDBus.EnumType" value="ImplicitAuthorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="Defaults for subjects in local inactive sessions"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="i:implicit_active">
+ <annotation name="org.gtk.EggDBus.EnumType" value="ImplicitAuthorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="Defaults for subjects in local active sessions"/>
+ </annotation>
+
<annotation name="org.gtk.EggDBus.Struct.Member" value="a{ss}:annotations">
<annotation name="org.gtk.EggDBus.DocString" value="Annotations"/>
</annotation>
- <!-- TODO: also include defaults -->
-
</annotation>
<!-- The error domain used for reporting errors -->
@@ -126,7 +174,7 @@
<method name="EnumerateActions">
<arg name="locale" direction="in" type="s"/>
- <arg name="action_descriptions" direction="out" type="a(ssssssa{ss})">
+ <arg name="action_descriptions" direction="out" type="a(ssssssiiia{ss})">
<annotation name="org.gtk.EggDBus.StructType" value="ActionDescription"/>
</arg>
</method>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 6d8ba69..9251ef6 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -20,6 +20,7 @@ BUILT_SOURCES = \
_polkitauthority.c _polkitauthority.h \
_polkitauthorization.c _polkitauthorization.h \
_polkitauthorizationresult.c _polkitauthorizationresult.h \
+ _polkitimplicitauthorization.c _polkitimplicitauthorization.h \
_polkitcheckauthorizationflags.c _polkitcheckauthorizationflags.h \
_polkitbindings.c _polkitbindings.h \
_polkitbindingsmarshal.c _polkitbindingsmarshal.h \
@@ -56,6 +57,7 @@ libpolkit_gobject_1include_HEADERS = \
polkitauthorizationresult.h \
polkitcheckauthorizationflags.h \
polkitauthorization.h \
+ polkitimplicitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
@@ -74,6 +76,7 @@ libpolkit_gobject_1_la_SOURCES = \
polkitauthorizationresult.c polkitauthorizationresult.h \
polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
polkitauthorization.c polkitauthorization.h \
+ polkitimplicitauthorization.c polkitimplicitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 19d130d..6de31f2 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -24,6 +24,7 @@
#define _POLKIT_INSIDE_POLKIT_H 1
+#include <polkit/polkitimplicitauthorization.h>
#include <polkit/polkitactiondescription.h>
#include <polkit/polkiterror.h>
#include <polkit/polkitidentity.h>
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index 2133024..44e14a1 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -24,6 +24,7 @@
#endif
#include <string.h>
+#include "polkitimplicitauthorization.h"
#include "polkitactiondescription.h"
#include "_polkitactiondescription.h"
@@ -133,6 +134,25 @@ polkit_action_description_get_vendor_url (PolkitActionDescription *action_descri
return _polkit_action_description_get_vendor_url (action_description->real);
}
+PolkitImplicitAuthorization
+polkit_action_description_get_implicit_any (PolkitActionDescription *action_description)
+{
+ return _polkit_action_description_get_implicit_any (action_description->real);
+}
+
+PolkitImplicitAuthorization
+polkit_action_description_get_implicit_inactive (PolkitActionDescription *action_description)
+{
+ return _polkit_action_description_get_implicit_inactive (action_description->real);
+}
+
+PolkitImplicitAuthorization
+polkit_action_description_get_implicit_active (PolkitActionDescription *action_description)
+{
+ return _polkit_action_description_get_implicit_active (action_description->real);
+}
+
+
GIcon *
polkit_action_description_get_icon (PolkitActionDescription *action_description)
{
diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h
index 60f1b3d..948d0c1 100644
--- a/src/polkit/polkitactiondescription.h
+++ b/src/polkit/polkitactiondescription.h
@@ -47,6 +47,11 @@ const gchar *polkit_action_description_get_message (PolkitActi
const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description);
+
+PolkitImplicitAuthorization polkit_action_description_get_implicit_any (PolkitActionDescription *action_description);
+PolkitImplicitAuthorization polkit_action_description_get_implicit_inactive (PolkitActionDescription *action_description);
+PolkitImplicitAuthorization polkit_action_description_get_implicit_active (PolkitActionDescription *action_description);
+
const gchar *polkit_action_description_get_annotation (PolkitActionDescription *action_description,
const gchar *key);
const gchar * const *polkit_action_description_get_annotation_keys (PolkitActionDescription *action_description);
diff --git a/src/polkit/polkitimplicitauthorization.c b/src/polkit/polkitimplicitauthorization.c
new file mode 100644
index 0000000..a691160
--- /dev/null
+++ b/src/polkit/polkitimplicitauthorization.c
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+
+#include "polkitimplicitauthorization.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitimplicitauthorization
+ * @title: PolkitImplicitAuthorization
+ * @short_result: Implicit Authorizations
+ *
+ * Possible implicit authorizations.
+ */
+
+GType
+polkit_implicit_authorization_get_type (void)
+{
+ return _polkit_implicit_authorization_get_type ();
+}
+
+gboolean
+polkit_implicit_authorization_from_string (const gchar *string,
+ PolkitImplicitAuthorization *out_implicit_authorization)
+{
+ PolkitImplicitAuthorization result;
+ gboolean ret;
+
+ ret = TRUE;
+ result = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
+
+ if (strcmp (string, "no") == 0)
+ {
+ result = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
+ }
+ else if (strcmp (string, "auth_self") == 0)
+ {
+ result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED;
+ }
+ else if (strcmp (string, "auth_admin") == 0)
+ {
+ result = POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED;
+ }
+ else if (strcmp (string, "auth_self_keep") == 0)
+ {
+ result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED;
+ }
+ else if (strcmp (string, "auth_admin_keep") == 0)
+ {
+ result = POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED;
+ }
+ else if (strcmp (string, "yes") == 0)
+ {
+ result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED;
+ }
+ else
+ {
+ g_warning ("Unknown PolkitImplicitAuthorization string '%s'", string);
+ ret = FALSE;
+ }
+
+ if (out_implicit_authorization != NULL)
+ *out_implicit_authorization = result;
+
+ g_debug ("parsed '%s' to %d", string, result);
+
+ return ret;
+}
+
+const gchar *
+polkit_implicit_authorization_to_string (PolkitImplicitAuthorization implicit_authorization)
+{
+ const gchar *s;
+
+ s = "(unknown)";
+
+ switch (implicit_authorization)
+ {
+ case POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED:
+ s = "no";
+ break;
+
+ case POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED:
+ s = "auth_self";
+ break;
+
+ case POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED:
+ s = "auth_admin";
+ break;
+
+ case POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED:
+ s = "auth_self_keep";
+ break;
+
+ case POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED:
+ s = "auth_admin_keep";
+ break;
+
+ case POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED:
+ s = "yes";
+ break;
+ }
+
+ return s;
+}
diff --git a/src/polkit/polkitimplicitauthorization.h b/src/polkit/polkitimplicitauthorization.h
new file mode 100644
index 0000000..12d2880
--- /dev/null
+++ b/src/polkit/polkitimplicitauthorization.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_IMPLICIT_AUTHORIZATION_H
+#define __POLKIT_IMPLICIT_AUTHORIZATION_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+GType polkit_implicit_authorization_get_type (void) G_GNUC_CONST;
+
+#define POLKIT_TYPE_IMPLICIT_AUTHORIZATION (polkit_implicit_authorization_get_type ())
+
+/**
+ * PolkitImplicitAuthorization:
+ * @POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED: Subject is not authorized.
+ * @POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED: Authentication is required.
+ * @POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED: Authentication as an administrator is required.
+ * @POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED: Authentication is required. If the authorization is obtained, it is retained.
+ * @POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED: Authentication as an administrator is required. If the authorization is obtained, it is retained.
+ * @POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED: The subject is authorized
+ *
+ * Possible implicit authorizations.
+ */
+typedef enum
+{
+ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED = 0,
+ POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED = 1,
+ POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED = 2,
+ POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED = 3,
+ POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED = 4,
+ POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED = 5,
+} PolkitImplicitAuthorization;
+
+const gchar *polkit_implicit_authorization_to_string (PolkitImplicitAuthorization implicit_authorization);
+
+gboolean polkit_implicit_authorization_from_string (const gchar *string,
+ PolkitImplicitAuthorization *out_implicit_authorization);
+
+
+G_END_DECLS
+
+#endif /* __POLKIT_IMPLICIT_AUTHORIZATION_H */
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index 2ec46b5..88b4b41 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -22,6 +22,7 @@
#ifndef __POLKIT_PRIVATE_H
#define __POLKIT_PRIVATE_H
+#include "polkitimplicitauthorization.h"
#include "polkitactiondescription.h"
#include "polkitsubject.h"
#include "_polkitbindings.h"
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
index b5a7398..7604906 100644
--- a/src/polkitbackend/polkitbackendactionpool.c
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -41,6 +41,10 @@ typedef struct
gchar *description;
gchar *message;
+ PolkitImplicitAuthorization implicit_authorization_any;
+ PolkitImplicitAuthorization implicit_authorization_inactive;
+ PolkitImplicitAuthorization implicit_authorization_active;
+
/* each of these map from the locale identifer (e.g. da_DK) to the localized value */
GHashTable *localized_description;
GHashTable *localized_message;
@@ -293,6 +297,9 @@ polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool,
parsed_action->vendor_name,
parsed_action->vendor_url,
parsed_action->icon_name,
+ parsed_action->implicit_authorization_any,
+ parsed_action->implicit_authorization_inactive,
+ parsed_action->implicit_authorization_active,
parsed_action->annotations);
ret = polkit_action_description_new_for_real (real);
@@ -492,9 +499,9 @@ typedef struct {
char *vendor_url;
char *icon_name;
- //PolKitResult defaults_allow_any;
- //PolKitResult defaults_allow_inactive;
- //PolKitResult defaults_allow_active;
+ PolkitImplicitAuthorization implicit_authorization_any;
+ PolkitImplicitAuthorization implicit_authorization_inactive;
+ PolkitImplicitAuthorization implicit_authorization_active;
GHashTable *policy_descriptions;
GHashTable *policy_messages;
@@ -605,9 +612,9 @@ _start (void *data, const char *el, const char **attr)
g_free);
pd->annotations = egg_dbus_hash_map_new (G_TYPE_STRING, g_free, G_TYPE_STRING, g_free);
/* initialize defaults */
- //pd->defaults_allow_any = POLKIT_RESULT_NO;
- //pd->defaults_allow_inactive = POLKIT_RESULT_NO;
- //pd->defaults_allow_active = POLKIT_RESULT_NO;
+ pd->implicit_authorization_any = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
+ pd->implicit_authorization_inactive = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
+ pd->implicit_authorization_active = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
}
else if (strcmp (el, "vendor") == 0 && num_attr == 0)
{
@@ -819,18 +826,18 @@ _cdata (void *data, const char *s, int len)
break;
case STATE_IN_DEFAULTS_ALLOW_ANY:
- //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any))
- // goto error;
+ if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_any))
+ goto error;
break;
case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
- //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive))
- // goto error;
+ if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_inactive))
+ goto error;
break;
case STATE_IN_DEFAULTS_ALLOW_ACTIVE:
- //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active))
- // goto error;
+ if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_active))
+ goto error;
break;
case STATE_IN_ANNOTATE:
@@ -896,6 +903,10 @@ _end (void *data, const char *el)
action->localized_message = pd->policy_messages;
action->annotations = pd->annotations;
+ action->implicit_authorization_any = pd->implicit_authorization_any;
+ action->implicit_authorization_inactive = pd->implicit_authorization_inactive;
+ action->implicit_authorization_active = pd->implicit_authorization_active;
+
g_hash_table_insert (priv->parsed_actions, action->action_id, action);
/* we steal these hash tables */
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index ce730fb..25d8891 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -371,21 +371,25 @@ print_action (PolkitActionDescription *action)
icon = polkit_action_description_get_icon (action);
g_print ("%s:\n", polkit_action_description_get_action_id (action));
- g_print (" description: %s\n", polkit_action_description_get_description (action));
- g_print (" message: %s\n", polkit_action_description_get_message (action));
+ g_print (" description: %s\n", polkit_action_description_get_description (action));
+ g_print (" message: %s\n", polkit_action_description_get_message (action));
if (vendor != NULL)
- g_print (" vendor: %s\n", vendor);
+ g_print (" vendor: %s\n", vendor);
if (vendor_url != NULL)
- g_print (" vendor_url: %s\n", vendor_url);
+ g_print (" vendor_url: %s\n", vendor_url);
if (icon != NULL)
{
gchar *s;
s = g_icon_to_string (icon);
- g_print (" icon: %s\n", s);
+ g_print (" icon: %s\n", s);
g_free (s);
}
+ g_print (" implicit any: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_any (action)));
+ g_print (" implicit inactive: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_inactive (action)));
+ g_print (" implicit active: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_active (action)));
+
annotation_keys = polkit_action_description_get_annotation_keys (action);
for (n = 0; annotation_keys[n] != NULL; n++)
{
@@ -394,7 +398,7 @@ print_action (PolkitActionDescription *action)
key = annotation_keys[n];
value = polkit_action_description_get_annotation (action, key);
- g_print (" annotation: %s -> %s\n", key, value);
+ g_print (" annotation: %s -> %s\n", key, value);
}
}
commit d1baf04d6a9169f50b47e5b415ababd1d279a5d9
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 15:05:59 2009 -0500
implement UnregisterAuthenticationAgent()
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 067d0c2..e3f14d3 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -809,9 +809,7 @@ polkit_backend_local_authority_register_authentication_agent (PolkitBackendAutho
PolkitSubject *caller;
PolkitSubject *session_for_caller;
AuthenticationAgent *agent;
- GError *error;
- error = NULL;
session_for_caller = NULL;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
@@ -820,16 +818,14 @@ polkit_backend_local_authority_register_authentication_agent (PolkitBackendAutho
caller = polkit_backend_pending_call_get_caller (pending_call);
session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
- caller,
- &error);
-
+ caller,
+ NULL);
if (session_for_caller == NULL)
{
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_FAILED,
"Cannot determine session");
-
goto out;
}
@@ -870,10 +866,72 @@ polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAut
const gchar *object_path,
PolkitBackendPendingCall *pending_call)
{
- polkit_backend_pending_call_return_error (pending_call,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "Not implemented");
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitSubject *caller;
+ PolkitSubject *session_for_caller;
+ AuthenticationAgent *agent;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ caller = polkit_backend_pending_call_get_caller (pending_call);
+
+ session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
+ caller,
+ NULL);
+ if (session_for_caller == NULL)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot determine session");
+ goto out;
+ }
+
+ agent = g_hash_table_lookup (priv->hash_session_to_authentication_agent, session_for_caller);
+ if (agent == NULL)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "No such agent registered");
+ goto out;
+ }
+
+ if (strcmp (agent->unique_system_bus_name,
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller))) != 0)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "System bus names do not match");
+ goto out;
+ }
+
+ if (strcmp (agent->object_path, object_path) != 0)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Object paths do not match");
+ goto out;
+ }
+
+
+ g_debug ("Removing authentication agent for session %s at name %s, object path %s (unregistered)",
+ polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (agent->session)),
+ agent->unique_system_bus_name,
+ agent->object_path);
+
+ /* this works because we have exactly one agent per session */
+ g_hash_table_remove (priv->hash_session_to_authentication_agent, agent->session);
+
+ polkit_backend_authority_unregister_authentication_agent_finish (pending_call);
+
+ out:
+ if (session_for_caller != NULL)
+ g_object_unref (session_for_caller);
}
/* ---------------------------------------------------------------------------------------------------- */
commit ccacb4e8fa8a12259e352ed206c426ec5a0d9fa6
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 14:56:28 2009 -0500
add infrastructure for registering/unregistering authentication agents
diff --git a/data/Makefile.am b/data/Makefile.am
index afe5f06..3794c98 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -1,5 +1,7 @@
## Process this file with automake to produce Makefile.in
+NULL =
+
servicedir = $(datadir)/dbus-1/system-services
service_in_files = org.freedesktop.PolicyKit1.service.in
service_DATA = $(service_in_files:.service.in=.service)
@@ -24,13 +26,16 @@ pkgconfig_DATA = polkit-gobject-1.pc polkit-backend-1.pc polkit-agent-1.pc
CLEANFILES = $(BUILT_SOURCES)
-EXTRA_DIST = \
- org.freedesktop.PolicyKit1.Authority.xml \
- $(service_in_files) \
- $(dbusconf_in_files) \
- polkit-gobject-1.in \
- polkit-backend-1.in \
- polkit-agent-1.in
+EXTRA_DIST = \
+ org.freedesktop.PolicyKit1.Authority.xml \
+ org.freedesktop.PolicyKit1.AuthenticationAgent.xml \
+ $(service_in_files) \
+ $(dbusconf_in_files) \
+ polkit-gobject-1.in \
+ polkit-backend-1.in \
+ polkit-agent-1.in \
+ $(NULL)
+
clean-local :
rm -f *~ $(service_DATA) $(dbusconf_DATA)
diff --git a/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml b/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
new file mode 100644
index 0000000..1a2063c
--- /dev/null
+++ b/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
@@ -0,0 +1,29 @@
+<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
+
+<node name="/">
+
+ <interface name="org.freedesktop.PolicyKit1.AuthenticationAgent">
+
+ <method name="BeginAuthentication">
+
+ <!-- The action id for the action that the user is authentication for -->
+ <arg name="action_id" direction="in" type="s"/>
+
+ <!-- A cookie identifying the authentication request -->
+ <arg name="cookie" direction="in" type="s"/>
+
+ <!-- A list of identities of that the user can use for authentication -->
+ <arg name="identities" direction="in" type="a(sa{sv})"/>
+
+ </method>
+
+ <method name="EndAuthentication">
+
+ <arg name="cookie" direction="in" type="s"/>
+
+ </method>
+
+ </interface>
+
+</node>
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 6b33bc1..840a79a 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -178,5 +178,17 @@
</arg>
</method>
+ <method name="RegisterAuthenticationAgent">
+ <arg name="object_path" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="Path of authentication agent object on the unique name of the caller"/>
+ </arg>
+ </method>
+
+ <method name="UnregisterAuthenticationAgent">
+ <arg name="object_path" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="Path of authentication agent object on the unique name of the caller"/>
+ </arg>
+ </method>
+
</interface>
</node>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 6a17036..3d36c14 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -860,3 +860,189 @@ polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
}
/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_register_authentication_agent_async (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_register_authentication_agent_async);
+
+ call_id = _polkit_authority_register_authentication_agent (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ object_path,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ return call_id;
+}
+
+void
+polkit_authority_register_authentication_agent (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_register_authentication_agent_async (authority,
+ object_path,
+ cancellable,
+ callback,
+ user_data);
+}
+
+gboolean
+polkit_authority_register_authentication_agent_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_register_authentication_agent_async);
+
+ ret = _polkit_authority_register_authentication_agent_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+
+gboolean
+polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean ret;
+
+ call_id = polkit_authority_register_authentication_agent_async (authority,
+ object_path,
+ cancellable,
+ generic_cb,
+ &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ ret = polkit_authority_register_authentication_agent_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_unregister_authentication_agent_async (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_unregister_authentication_agent_async);
+
+ call_id = _polkit_authority_unregister_authentication_agent (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ object_path,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ return call_id;
+}
+
+void
+polkit_authority_unregister_authentication_agent (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_unregister_authentication_agent_async (authority,
+ object_path,
+ cancellable,
+ callback,
+ user_data);
+}
+
+gboolean
+polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_unregister_authentication_agent_async);
+
+ ret = _polkit_authority_unregister_authentication_agent_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+
+gboolean
+polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean ret;
+
+ call_id = polkit_authority_unregister_authentication_agent_async (authority,
+ object_path,
+ cancellable,
+ generic_cb,
+ &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ ret = polkit_authority_unregister_authentication_agent_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index bd41107..e6ece8e 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -83,6 +83,16 @@ gboolean polkit_authority_remove_authorization_sync (PolkitAut
GCancellable *cancellable,
GError **error);
+gboolean polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GError **error);
+
+gboolean polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
void polkit_authority_enumerate_actions (PolkitAuthority *authority,
@@ -158,6 +168,26 @@ gboolean polkit_authority_remove_authorization_finish (PolkitA
GError **error);
+void polkit_authority_register_authentication_agent (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_register_authentication_agent_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_unregister_authentication_agent (PolkitAuthority *authority,
+ const gchar *object_path,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
G_END_DECLS
diff --git a/src/polkitagent/Makefile.am b/src/polkitagent/Makefile.am
index ac74bd5..d227661 100644
--- a/src/polkitagent/Makefile.am
+++ b/src/polkitagent/Makefile.am
@@ -12,23 +12,41 @@ INCLUDES = \
-DPACKAGE_LIB_DIR=\""$(libdir)"\" \
-D_POSIX_PTHREAD_SEMANTICS \
-D_REENTRANT \
+ -DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
+BUILT_SOURCES = \
+ _polkitagentauthenticationagent.c _polkitagentauthenticationagent.h \
+ _polkitagentbindings.c _polkitagentbindings.h \
+ _polkitagentbindingsmarshal.list \
+ _polkitagentbindingsmarshal.c _polkitagentbindingsmarshal.h \
+ _polkitagentbindingstypes.h \
+ $(NULL)
+
+$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml
+ eggdbus-binding-tool \
+ --namespace "_PolkitAgent" \
+ --dbus-namespace "org.freedesktop.PolicyKit1" \
+ --introspection-xml $(top_srcdir)/data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml \
+ $(NULL)
lib_LTLIBRARIES=libpolkit-agent-1.la
libpolkit_agent_1includedir=$(includedir)/polkit-1/polkitagent
-libpolkit_agent_1include_HEADERS = \
- polkitagent.h \
- polkitagenttypes.h \
- polkitauthenticationsession.h \
+libpolkit_agent_1include_HEADERS = \
+ polkitagent.h \
+ polkitagenttypes.h \
+ polkitagentauthenticationsession.h \
+ polkitagentauthenticationagent.h \
$(NULL)
-libpolkit_agent_1_la_SOURCES = \
- polkitagent.h \
- polkitagenttypes.h \
- polkitauthenticationsession.h polkitauthenticationsession.c \
+libpolkit_agent_1_la_SOURCES = \
+ polkitagent.h \
+ polkitagenttypes.h \
+ polkitagentauthenticationsession.h polkitagentauthenticationsession.c \
+ polkitagentauthenticationagent.h polkitagentauthenticationagent.c \
+ $(BUILT_SOURCES) \
$(NULL)
libpolkit_agent_1_la_CFLAGS = \
diff --git a/src/polkitagent/polkitagent.h b/src/polkitagent/polkitagent.h
index b6c2ffb..0bc8fdc 100644
--- a/src/polkitagent/polkitagent.h
+++ b/src/polkitagent/polkitagent.h
@@ -23,7 +23,8 @@
#define __POLKIT_AGENT_H
#define _POLKIT_AGENT_INSIDE_POLKIT_AGENT_H 1
-#include <polkitagent/polkitauthenticationsession.h>
+#include <polkitagent/polkitagentauthenticationagent.h>
+#include <polkitagent/polkitagentauthenticationsession.h>
#undef _POLKIT_AGENT_INSIDE_POLKIT_AGENT_H
#endif /* __POLKIT_AGENT_H */
diff --git a/src/polkitagent/polkitagentauthenticationagent.c b/src/polkitagent/polkitagentauthenticationagent.c
new file mode 100644
index 0000000..844a32e
--- /dev/null
+++ b/src/polkitagent/polkitagentauthenticationagent.c
@@ -0,0 +1,187 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+
+#include <polkit/polkitprivate.h>
+#include "_polkitagentbindings.h"
+
+#include "polkitagentauthenticationagent.h"
+
+struct _PolkitAgentAuthenticationAgent
+{
+ GObject parent_instance;
+
+ EggDBusConnection *system_bus;
+
+ PolkitAuthority *authority;
+
+ PolkitAgentAuthenticationAgentBeginFunc begin_func;
+ PolkitAgentAuthenticationAgentEndFunc end_func;
+ gpointer user_data;
+};
+
+struct _PolkitAgentAuthenticationAgentClass
+{
+ GObjectClass parent_class;
+
+};
+
+static void authentication_agent_iface_init (_PolkitAgentAuthenticationAgentIface *agent_iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitAgentAuthenticationAgent, polkit_agent_authentication_agent, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (_POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT,
+ authentication_agent_iface_init)
+ );
+
+static void
+polkit_agent_authentication_agent_init (PolkitAgentAuthenticationAgent *agent)
+{
+ agent->system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+
+ egg_dbus_connection_register_interface (agent->system_bus,
+ "/org/freedesktop/PolicyKit1/AuthenticationAgent",
+ _POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT,
+ G_OBJECT (agent),
+ G_TYPE_INVALID);
+
+ agent->authority = polkit_authority_get ();
+}
+
+static void
+polkit_agent_authentication_agent_finalize (GObject *object)
+{
+ PolkitAgentAuthenticationAgent *agent = POLKIT_AGENT_AUTHENTICATION_AGENT (object);
+ GError *error;
+
+ error = NULL;
+ if (!polkit_authority_unregister_authentication_agent_sync (agent->authority,
+ "/org/freedesktop/PolicyKit1/AuthenticationAgent",
+ NULL,
+ &error))
+ {
+ g_warning ("Error unregistering authentication agent: %s", error->message);
+ g_error_free (error);
+ }
+
+ g_object_unref (agent->authority);
+
+ g_object_unref (agent->system_bus);
+
+ if (G_OBJECT_CLASS (polkit_agent_authentication_agent_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_agent_authentication_agent_parent_class)->finalize (object);
+}
+
+static void
+polkit_agent_authentication_agent_class_init (PolkitAgentAuthenticationAgentClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_agent_authentication_agent_finalize;
+}
+
+PolkitAgentAuthenticationAgent *
+polkit_agent_authentication_agent_new (PolkitAgentAuthenticationAgentBeginFunc begin_func,
+ PolkitAgentAuthenticationAgentEndFunc end_func,
+ gpointer user_data,
+ GError **error)
+{
+ PolkitAgentAuthenticationAgent *agent;
+
+ agent = POLKIT_AGENT_AUTHENTICATION_AGENT (g_object_new (POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT, NULL));
+
+ agent->begin_func = begin_func;
+ agent->end_func = end_func;
+ agent->user_data = user_data;
+
+ if (!polkit_authority_register_authentication_agent_sync (agent->authority,
+ "/org/freedesktop/PolicyKit1/AuthenticationAgent",
+ NULL,
+ error))
+ {
+ g_object_unref (agent);
+ agent = NULL;
+ }
+
+ return agent;
+}
+
+static void
+handle_begin_authentication (_PolkitAgentAuthenticationAgent *instance,
+ const gchar *action_id,
+ const gchar *cookie,
+ EggDBusArraySeq *identities,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitAgentAuthenticationAgent *agent = POLKIT_AGENT_AUTHENTICATION_AGENT (instance);
+ GList *list;
+ guint n;
+ GError *error;
+
+ list = NULL;
+ for (n = 0; n < identities->size; n++)
+ {
+ _PolkitIdentity *real_identity = _POLKIT_IDENTITY (identities->data.v_ptr[n]);
+
+ list = g_list_prepend (list, polkit_identity_new_for_real (real_identity));
+ }
+
+ list = g_list_reverse (list);
+
+ error = NULL;
+ if (!agent->begin_func (agent,
+ action_id,
+ cookie,
+ list,
+ &error,
+ agent->user_data))
+ {
+ egg_dbus_method_invocation_return_gerror (method_invocation, error);
+ g_error_free (error);
+ }
+ else
+ {
+ _polkit_agent_authentication_agent_handle_begin_authentication_finish (method_invocation);
+ }
+
+ g_list_free (list);
+}
+
+static void
+handle_end_authentication (_PolkitAgentAuthenticationAgent *instance,
+ const gchar *cookie,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitAgentAuthenticationAgent *agent = POLKIT_AGENT_AUTHENTICATION_AGENT (instance);
+
+ agent->end_func (agent,
+ cookie,
+ agent->user_data);
+
+ _polkit_agent_authentication_agent_handle_end_authentication_finish (method_invocation);
+}
+
+static void
+authentication_agent_iface_init (_PolkitAgentAuthenticationAgentIface *agent_iface)
+{
+ agent_iface->handle_begin_authentication = handle_begin_authentication;
+ agent_iface->handle_end_authentication = handle_end_authentication;
+}
diff --git a/src/polkitagent/polkitagentauthenticationagent.h b/src/polkitagent/polkitagentauthenticationagent.h
new file mode 100644
index 0000000..9d315ff
--- /dev/null
+++ b/src/polkitagent/polkitagentauthenticationagent.h
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AGENT_AUTHENTICATION_SESSION_H
+#define __POLKIT_AGENT_AUTHENTICATION_SESSION_H
+
+#include <polkit/polkit.h>
+#include <polkitagent/polkitagenttypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT (polkit_agent_authentication_agent_get_type ())
+#define POLKIT_AGENT_AUTHENTICATION_AGENT(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT, PolkitAgentAuthenticationAgent))
+#define POLKIT_AGENT_AUTHENTICATION_AGENT_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT, PolkitAgentAuthenticationAgentClass))
+#define POLKIT_AGENT_AUTHENTICATION_AGENT_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT,PolkitAgentAuthenticationAgentClass))
+#define POLKIT_AGENT_IS_AUTHENTICATION_AGENT(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT))
+#define POLKIT_AGENT_IS_AUTHENTICATION_AGENT_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_AGENT_TYPE_AUTHENTICATION_AGENT))
+
+#if 0
+typedef struct _PolkitAgentAuthenticationAgent PolkitAgentAuthenticationAgent;
+#endif
+typedef struct _PolkitAgentAuthenticationAgentClass PolkitAgentAuthenticationAgentClass;
+
+/* TODO: we probably want to express this interface in another way but this is good enough for now */
+
+typedef gboolean (*PolkitAgentAuthenticationAgentBeginFunc) (PolkitAgentAuthenticationAgent *agent,
+ const gchar *action_id,
+ const gchar *cookie,
+ GList *identities,
+ GError **error,
+ gpointer user_data);
+
+typedef void (*PolkitAgentAuthenticationAgentEndFunc) (PolkitAgentAuthenticationAgent *agent,
+ const gchar *cookie,
+ gpointer user_data);
+
+GType polkit_agent_authentication_agent_get_type (void) G_GNUC_CONST;
+PolkitAgentAuthenticationAgent *polkit_agent_authentication_agent_new (PolkitAgentAuthenticationAgentBeginFunc begin_func,
+ PolkitAgentAuthenticationAgentEndFunc end_func,
+ gpointer user_data,
+ GError **error);
+
+/* --- */
+
+G_END_DECLS
+
+#endif /* __POLKIT_AGENT_AUTHENTICATION_SESSION_H */
diff --git a/src/polkitagent/polkitagentauthenticationsession.c b/src/polkitagent/polkitagentauthenticationsession.c
new file mode 100644
index 0000000..2c6bc65
--- /dev/null
+++ b/src/polkitagent/polkitagentauthenticationsession.c
@@ -0,0 +1,354 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+/* TODO: This whole class needs to be rewritten so it uses the main loop etc. etc.
+ *
+ * And we REALLY REALLY really really should use signals instead of callbacks...
+ */
+
+
+/* for getline(), see below */
+#define _GNU_SOURCE
+
+#include "config.h"
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <pwd.h>
+
+#include "polkitagentauthenticationsession.h"
+
+struct _PolkitAgentAuthenticationSession
+{
+ GObject parent_instance;
+
+ gchar *cookie;
+ PolkitIdentity *identity;
+
+ int child_stdin;
+ int child_stdout;
+ GPid child_pid;
+ FILE *child_stdout_f;
+
+ int child_watch_id;
+ int io_watch_id;
+
+ gboolean success;
+ gboolean helper_is_running;
+
+ PolkitAgentAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off;
+ PolkitAgentAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on;
+ PolkitAgentAuthenticationSessionConversationErrorMessage func_error_message;
+ PolkitAgentAuthenticationSessionConversationTextInfo func_text_info;
+ PolkitAgentAuthenticationSessionDone func_done;
+ void *user_data;
+};
+
+struct _PolkitAgentAuthenticationSessionClass
+{
+ GObjectClass parent_class;
+
+};
+
+G_DEFINE_TYPE (PolkitAgentAuthenticationSession, polkit_agent_authentication_session, G_TYPE_OBJECT);
+
+static void
+polkit_agent_authentication_session_init (PolkitAgentAuthenticationSession *session)
+{
+}
+
+static void
+polkit_agent_authentication_session_finalize (GObject *object)
+{
+ PolkitAgentAuthenticationSession *session;
+
+ session = POLKIT_AGENT_AUTHENTICATION_SESSION (object);
+
+ g_free (session->cookie);
+ if (session->identity != NULL)
+ g_object_unref (session->identity);
+
+ if (G_OBJECT_CLASS (polkit_agent_authentication_session_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_agent_authentication_session_parent_class)->finalize (object);
+}
+
+static void
+polkit_agent_authentication_session_class_init (PolkitAgentAuthenticationSessionClass *klass)
+{
+ GObjectClass *gobject_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_agent_authentication_session_finalize;
+
+
+
+}
+
+PolkitAgentAuthenticationSession *
+polkit_agent_authentication_session_new (PolkitIdentity *identity,
+ const gchar *cookie)
+{
+ PolkitAgentAuthenticationSession *session;
+
+ session = POLKIT_AGENT_AUTHENTICATION_SESSION (g_object_new (POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION, NULL));
+
+ session->identity = g_object_ref (identity);
+ session->cookie = g_strdup (cookie);
+
+ return session;
+}
+
+void
+polkit_agent_authentication_session_set_functions (PolkitAgentAuthenticationSession *session,
+ PolkitAgentAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off,
+ PolkitAgentAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on,
+ PolkitAgentAuthenticationSessionConversationErrorMessage func_error_message,
+ PolkitAgentAuthenticationSessionConversationTextInfo func_text_info,
+ PolkitAgentAuthenticationSessionDone func_done,
+ void *user_data)
+{
+ session->func_prompt_echo_off = func_prompt_echo_off;
+ session->func_prompt_echo_on = func_prompt_echo_on;
+ session->func_error_message = func_error_message;
+ session->func_text_info = func_text_info;
+ session->func_done = func_done;
+ session->user_data = user_data;
+}
+
+static void
+child_watch_func (GPid pid, gint status, gpointer user_data)
+{
+ PolkitAgentAuthenticationSession *session = POLKIT_AGENT_AUTHENTICATION_SESSION (user_data);
+ gint exit_code;
+ gboolean input_was_bogus;
+
+ g_return_if_fail (session->helper_is_running);
+
+ exit_code = WEXITSTATUS (status);
+
+ g_debug ("pid %d terminated", pid);
+ waitpid (pid, &status, 0);
+
+ if (exit_code >= 2)
+ input_was_bogus = TRUE;
+ else
+ input_was_bogus = FALSE;
+
+ session->success = (exit_code == 0);
+ session->helper_is_running = FALSE;
+ session->func_done (session, session->success, input_was_bogus, session->user_data);
+}
+
+static gboolean
+io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data)
+{
+ PolkitAgentAuthenticationSession *session = POLKIT_AGENT_AUTHENTICATION_SESSION (user_data);
+ char *line;
+ size_t line_len;
+ gchar *id;
+ size_t id_len;
+ gchar *response;
+ gchar *response_prefix;
+ int fd;
+
+ g_return_val_if_fail (session->helper_is_running, FALSE);
+
+ fd = g_io_channel_unix_get_fd (channel);
+
+ line = NULL;
+ line_len = 0;
+
+ /* TODO: getline is GNU only, see kit_getline() in old polkit */
+ while (getline (&line, &line_len, session->child_stdout_f) != -1)
+ {
+ if (strlen (line) > 0 && line[strlen (line) - 1] == '\n')
+ line[strlen (line) - 1] = '\0';
+
+ response = NULL;
+ response_prefix = NULL;
+
+ id = "PAM_PROMPT_ECHO_OFF ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ response_prefix = "";
+ response = session->func_prompt_echo_off (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ id = "PAM_PROMPT_ECHO_ON ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ response_prefix = "";
+ response = session->func_prompt_echo_on (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ id = "PAM_ERROR_MSG ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ session->func_error_message (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ id = "PAM_TEXT_INFO ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ session->func_text_info (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ processed:
+ if (response != NULL && response_prefix != NULL)
+ {
+ char *buf;
+ gboolean add_newline;
+
+ /* add a newline if there isn't one already... */
+ add_newline = FALSE;
+ if (response[strlen (response) - 1] != '\n')
+ {
+ add_newline = TRUE;
+ }
+ buf = g_strdup_printf ("%s%s%c",
+ response_prefix,
+ response,
+ add_newline ? '\n' : '\0');
+ write (session->child_stdin, buf, strlen (buf));
+ g_free (buf);
+ g_free (response);
+ }
+ }
+
+ if (line != NULL)
+ free (line);
+
+ return FALSE;
+}
+
+gboolean
+polkit_agent_authentication_session_initiate_auth (PolkitAgentAuthenticationSession *session)
+{
+ uid_t uid;
+ GError *error;
+ gchar *helper_argv[4];
+ GIOChannel *channel;
+ gboolean ret;
+ struct passwd *passwd;
+
+ ret = FALSE;
+
+ /* TODO: also support authorization for other kinds of identities */
+ if (!POLKIT_IS_UNIX_USER (session->identity))
+ {
+ g_warning ("Unsupported identity type");
+ goto error;
+ }
+
+ uid = polkit_unix_user_get_uid (POLKIT_UNIX_USER (session->identity));
+
+ passwd = getpwuid (uid);
+ if (passwd == NULL)
+ {
+ g_warning ("No user with uid %d", uid);
+ goto error;
+ }
+
+ helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-session-helper-1";
+ helper_argv[1] = passwd->pw_name;
+ helper_argv[2] = session->cookie;
+ helper_argv[3] = NULL;
+
+ session->child_stdin = -1;
+ session->child_stdout = -1;
+
+ error = NULL;
+ if (!g_spawn_async_with_pipes (NULL,
+ (char **) helper_argv,
+ NULL,
+ G_SPAWN_DO_NOT_REAP_CHILD |
+ 0,//G_SPAWN_STDERR_TO_DEV_NULL,
+ NULL,
+ NULL,
+ &session->child_pid,
+ &session->child_stdin,
+ &session->child_stdout,
+ NULL,
+ &error))
+ {
+ g_warning ("Cannot spawn helper: %s\n", error->message);
+ g_error_free (error);
+ goto error;
+ }
+
+ session->child_watch_id = g_child_watch_add (session->child_pid, child_watch_func, session);
+
+ channel = g_io_channel_unix_new (session->child_stdout);
+ session->io_watch_id = g_io_add_watch (channel, G_IO_IN, io_watch_have_data, session);
+ g_io_channel_unref (channel);
+
+ /* so we can use getline... */
+ session->child_stdout_f = fdopen (session->child_stdout, "r");
+
+ session->success = FALSE;
+
+ session->helper_is_running = TRUE;
+
+ ret = TRUE;
+
+error:
+
+ return ret;
+}
+
+
+void
+polkit_agent_authentication_session_cancel (PolkitAgentAuthenticationSession *session)
+{
+ GPid pid;
+
+ g_return_if_fail (session->helper_is_running);
+
+ pid = session->child_pid;
+ session->child_pid = 0;
+ if (pid > 0)
+ {
+ int status;
+ kill (pid, SIGTERM);
+ waitpid (pid, &status, 0);
+ session->helper_is_running = FALSE;
+ }
+ session->func_done (session, FALSE, FALSE, session->user_data);
+}
diff --git a/src/polkitagent/polkitagentauthenticationsession.h b/src/polkitagent/polkitagentauthenticationsession.h
new file mode 100644
index 0000000..b1239fe
--- /dev/null
+++ b/src/polkitagent/polkitagentauthenticationsession.h
@@ -0,0 +1,139 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AGENT_AUTHENTICATION_SESSION_H
+#define __POLKIT_AGENT_AUTHENTICATION_SESSION_H
+
+#include <polkit/polkit.h>
+#include <polkitagent/polkitagenttypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION (polkit_agent_authentication_session_get_type())
+#define POLKIT_AGENT_AUTHENTICATION_SESSION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION, PolkitAgentAuthenticationSession))
+#define POLKIT_AGENT_AUTHENTICATION_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION, PolkitAgentAuthenticationSessionClass))
+#define POLKIT_AGENT_AUTHENTICATION_SESSION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION, PolkitAgentAuthenticationSessionClass))
+#define POLKIT_AGENT_IS_AUTHENTICATION_SESSION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION))
+#define POLKIT_AGENT_IS_AUTHENTICATION_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_AGENT_TYPE_AUTHENTICATION_SESSION))
+
+/**
+ * PolkitAgentAuthenticationSessionConversationPromptEchoOff:
+ * @session: A #PolkitAgentAuthenticationSession.
+ * @prompt: prompt passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_agent_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer needs to ask the user a secret and the UI should NOT echo what
+ * the user types on the screen.
+ *
+ * Returns: the answer obtained from the user; must be allocated with
+ * malloc(3) and will be freed by the #PolkitAgentAuthenticationSession class.
+ **/
+typedef char* (*PolkitAgentAuthenticationSessionConversationPromptEchoOff) (PolkitAgentAuthenticationSession *session,
+ const gchar *prompt,
+ gpointer user_data);
+
+/**
+ * PolkitAgentAuthenticationSessionConversationPromptEchoOn:
+ * @session: A #PolkitAgentAuthenticationSession.
+ * @prompt: prompt passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_agent_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer needs to ask the user a secret and the UI should echo what
+ * the user types on the screen.
+ *
+ * Returns: the answer obtained from the user; must be allocated with
+ * malloc(3) and will be freed by the #PolkitAgentAuthenticationSession class.
+ **/
+typedef char* (*PolkitAgentAuthenticationSessionConversationPromptEchoOn) (PolkitAgentAuthenticationSession *session,
+ const gchar *prompt,
+ gpointer user_data);
+
+/**
+ * PolkitAgentAuthenticationSessionConversationErrorMessage:
+ * @session: A #PolkitAgentAuthenticationSession.
+ * @error_message: error message passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_agent_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer produces an error message that should be displayed in the UI.
+ **/
+typedef void (*PolkitAgentAuthenticationSessionConversationErrorMessage) (PolkitAgentAuthenticationSession *session,
+ const gchar *error_message,
+ gpointer user_data);
+
+/**
+ * PolkitAgentAuthenticationSessionConversationTextInfo:
+ * @session: A #PolkitAgentAuthenticationSession.
+ * @text_info: information passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_agent_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer produces an informational message that should be displayed in
+ * the UI.
+ **/
+typedef void (*PolkitAgentAuthenticationSessionConversationTextInfo) (PolkitAgentAuthenticationSession *session,
+ const gchar *text_info,
+ gpointer user_data);
+
+/**
+ * PolkitAgentAuthenticationSessionDone:
+ * @session: A #PolkitAgentAuthenticationSession.
+ * @gained_authorization: whether the authorization was obtained
+ * @invalid_data: whether the input data was bogus (not including bad passwords)
+ * @user_data: user data pointer as passed into polkit_agent_authorization_session_set_functions()
+ *
+ * This function is called when the granting process ends; either if
+ * successful or if it was canceled using e.g. polkit_agent_authorization_session_cancel_auth().
+ **/
+typedef void (*PolkitAgentAuthenticationSessionDone) (PolkitAgentAuthenticationSession *session,
+ gboolean gained_authorization,
+ gboolean invalid_data,
+ gpointer user_data);
+
+
+#if 0
+typedef struct _PolkitAgentAuthenticationSession PolkitAgentAuthenticationSession;
+#endif
+typedef struct _PolkitAgentAuthenticationSessionClass PolkitAgentAuthenticationSessionClass;
+
+GType polkit_agent_authentication_session_get_type (void) G_GNUC_CONST;
+PolkitAgentAuthenticationSession *polkit_agent_authentication_session_new (PolkitIdentity *identity,
+ const gchar *cookie);
+
+/* TODO: would be much nicer to use signals here */
+void polkit_agent_authentication_session_set_functions
+ (PolkitAgentAuthenticationSession *session,
+ PolkitAgentAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off,
+ PolkitAgentAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on,
+ PolkitAgentAuthenticationSessionConversationErrorMessage func_error_message,
+ PolkitAgentAuthenticationSessionConversationTextInfo func_text_info,
+ PolkitAgentAuthenticationSessionDone func_done,
+ void *user_data);
+
+gboolean polkit_agent_authentication_session_initiate_auth (PolkitAgentAuthenticationSession *session);
+
+void polkit_agent_authentication_session_cancel (PolkitAgentAuthenticationSession *session);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AGENT_AUTHENTICATION_SESSION_H */
diff --git a/src/polkitagent/polkitagenttypes.h b/src/polkitagent/polkitagenttypes.h
index de62caa..c82ed1a 100644
--- a/src/polkitagent/polkitagenttypes.h
+++ b/src/polkitagent/polkitagenttypes.h
@@ -26,8 +26,11 @@
G_BEGIN_DECLS
-struct _PolkitAuthenticationSession;
-typedef struct _PolkitAuthenticationSession PolkitAuthenticationSession;
+struct _PolkitAgentAuthenticationSession;
+typedef struct _PolkitAgentAuthenticationSession PolkitAgentAuthenticationSession;
+
+struct _PolkitAgentAuthenticationAgent;
+typedef struct _PolkitAgentAuthenticationAgent PolkitAgentAuthenticationAgent;
G_END_DECLS
diff --git a/src/polkitagent/polkitauthenticationsession.c b/src/polkitagent/polkitauthenticationsession.c
deleted file mode 100644
index 62dcd7a..0000000
--- a/src/polkitagent/polkitauthenticationsession.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-/* TODO: This whole class needs to be rewritten so it uses the main loop etc. etc.
- *
- * And we REALLY REALLY really really should use signals instead of callbacks...
- */
-
-
-/* for getline(), see below */
-#define _GNU_SOURCE
-
-#include "config.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <pwd.h>
-
-#include "polkitauthenticationsession.h"
-
-struct _PolkitAuthenticationSession
-{
- GObject parent_instance;
-
- gchar *cookie;
- PolkitIdentity *identity;
-
- int child_stdin;
- int child_stdout;
- GPid child_pid;
- FILE *child_stdout_f;
-
- int child_watch_id;
- int io_watch_id;
-
- gboolean success;
- gboolean helper_is_running;
-
- PolkitAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off;
- PolkitAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on;
- PolkitAuthenticationSessionConversationErrorMessage func_error_message;
- PolkitAuthenticationSessionConversationTextInfo func_text_info;
- PolkitAuthenticationSessionDone func_done;
- void *user_data;
-};
-
-struct _PolkitAuthenticationSessionClass
-{
- GObjectClass parent_class;
-
-};
-
-G_DEFINE_TYPE (PolkitAuthenticationSession, polkit_authentication_session, G_TYPE_OBJECT);
-
-static void
-polkit_authentication_session_init (PolkitAuthenticationSession *session)
-{
-}
-
-static void
-polkit_authentication_session_finalize (GObject *object)
-{
- PolkitAuthenticationSession *session;
-
- session = POLKIT_AUTHENTICATION_SESSION (object);
-
- g_free (session->cookie);
- if (session->identity != NULL)
- g_object_unref (session->identity);
-
- if (G_OBJECT_CLASS (polkit_authentication_session_parent_class)->finalize != NULL)
- G_OBJECT_CLASS (polkit_authentication_session_parent_class)->finalize (object);
-}
-
-static void
-polkit_authentication_session_class_init (PolkitAuthenticationSessionClass *klass)
-{
- GObjectClass *gobject_class;
-
- gobject_class = G_OBJECT_CLASS (klass);
-
- gobject_class->finalize = polkit_authentication_session_finalize;
-
-
-
-}
-
-PolkitAuthenticationSession *
-polkit_authentication_session_new (PolkitIdentity *identity,
- const gchar *cookie)
-{
- PolkitAuthenticationSession *session;
-
- session = POLKIT_AUTHENTICATION_SESSION (g_object_new (POLKIT_TYPE_AUTHENTICATION_SESSION, NULL));
-
- session->identity = g_object_ref (identity);
- session->cookie = g_strdup (cookie);
-
- return session;
-}
-
-void
-polkit_authentication_session_set_functions (PolkitAuthenticationSession *session,
- PolkitAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off,
- PolkitAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on,
- PolkitAuthenticationSessionConversationErrorMessage func_error_message,
- PolkitAuthenticationSessionConversationTextInfo func_text_info,
- PolkitAuthenticationSessionDone func_done,
- void *user_data)
-{
- session->func_prompt_echo_off = func_prompt_echo_off;
- session->func_prompt_echo_on = func_prompt_echo_on;
- session->func_error_message = func_error_message;
- session->func_text_info = func_text_info;
- session->func_done = func_done;
- session->user_data = user_data;
-}
-
-static void
-child_watch_func (GPid pid, gint status, gpointer user_data)
-{
- PolkitAuthenticationSession *session = POLKIT_AUTHENTICATION_SESSION (user_data);
- gint exit_code;
- gboolean input_was_bogus;
-
- g_return_if_fail (session->helper_is_running);
-
- exit_code = WEXITSTATUS (status);
-
- g_debug ("pid %d terminated", pid);
- waitpid (pid, &status, 0);
-
- if (exit_code >= 2)
- input_was_bogus = TRUE;
- else
- input_was_bogus = FALSE;
-
- session->success = (exit_code == 0);
- session->helper_is_running = FALSE;
- session->func_done (session, session->success, input_was_bogus, session->user_data);
-}
-
-static gboolean
-io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data)
-{
- PolkitAuthenticationSession *session = POLKIT_AUTHENTICATION_SESSION (user_data);
- char *line;
- size_t line_len;
- gchar *id;
- size_t id_len;
- gchar *response;
- gchar *response_prefix;
- int fd;
-
- g_return_val_if_fail (session->helper_is_running, FALSE);
-
- fd = g_io_channel_unix_get_fd (channel);
-
- line = NULL;
- line_len = 0;
-
- /* TODO: getline is GNU only, see kit_getline() in old polkit */
- while (getline (&line, &line_len, session->child_stdout_f) != -1)
- {
- if (strlen (line) > 0 && line[strlen (line) - 1] == '\n')
- line[strlen (line) - 1] = '\0';
-
- response = NULL;
- response_prefix = NULL;
-
- id = "PAM_PROMPT_ECHO_OFF ";
- if (g_str_has_prefix (line, id))
- {
- id_len = strlen (id);
- response_prefix = "";
- response = session->func_prompt_echo_off (session,
- line + id_len,
- session->user_data);
- goto processed;
- }
-
- id = "PAM_PROMPT_ECHO_ON ";
- if (g_str_has_prefix (line, id))
- {
- id_len = strlen (id);
- response_prefix = "";
- response = session->func_prompt_echo_on (session,
- line + id_len,
- session->user_data);
- goto processed;
- }
-
- id = "PAM_ERROR_MSG ";
- if (g_str_has_prefix (line, id))
- {
- id_len = strlen (id);
- session->func_error_message (session,
- line + id_len,
- session->user_data);
- goto processed;
- }
-
- id = "PAM_TEXT_INFO ";
- if (g_str_has_prefix (line, id))
- {
- id_len = strlen (id);
- session->func_text_info (session,
- line + id_len,
- session->user_data);
- goto processed;
- }
-
- processed:
- if (response != NULL && response_prefix != NULL)
- {
- char *buf;
- gboolean add_newline;
-
- /* add a newline if there isn't one already... */
- add_newline = FALSE;
- if (response[strlen (response) - 1] != '\n')
- {
- add_newline = TRUE;
- }
- buf = g_strdup_printf ("%s%s%c",
- response_prefix,
- response,
- add_newline ? '\n' : '\0');
- write (session->child_stdin, buf, strlen (buf));
- g_free (buf);
- g_free (response);
- }
- }
-
- if (line != NULL)
- free (line);
-
- return FALSE;
-}
-
-gboolean
-polkit_authentication_session_initiate_auth (PolkitAuthenticationSession *session)
-{
- uid_t uid;
- GError *error;
- gchar *helper_argv[4];
- GIOChannel *channel;
- gboolean ret;
- struct passwd *passwd;
-
- ret = FALSE;
-
- /* TODO: also support authorization for other kinds of identities */
- if (!POLKIT_IS_UNIX_USER (session->identity))
- {
- g_warning ("Unsupported identity type");
- goto error;
- }
-
- uid = polkit_unix_user_get_uid (POLKIT_UNIX_USER (session->identity));
-
- passwd = getpwuid (uid);
- if (passwd == NULL)
- {
- g_warning ("No user with uid %d", uid);
- goto error;
- }
-
- helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-session-helper-1";
- helper_argv[1] = passwd->pw_name;
- helper_argv[2] = session->cookie;
- helper_argv[3] = NULL;
-
- session->child_stdin = -1;
- session->child_stdout = -1;
-
- error = NULL;
- if (!g_spawn_async_with_pipes (NULL,
- (char **) helper_argv,
- NULL,
- G_SPAWN_DO_NOT_REAP_CHILD |
- 0,//G_SPAWN_STDERR_TO_DEV_NULL,
- NULL,
- NULL,
- &session->child_pid,
- &session->child_stdin,
- &session->child_stdout,
- NULL,
- &error))
- {
- g_warning ("Cannot spawn helper: %s\n", error->message);
- g_error_free (error);
- goto error;
- }
-
- session->child_watch_id = g_child_watch_add (session->child_pid, child_watch_func, session);
-
- channel = g_io_channel_unix_new (session->child_stdout);
- session->io_watch_id = g_io_add_watch (channel, G_IO_IN, io_watch_have_data, session);
- g_io_channel_unref (channel);
-
- /* so we can use getline... */
- session->child_stdout_f = fdopen (session->child_stdout, "r");
-
- session->success = FALSE;
-
- session->helper_is_running = TRUE;
-
- ret = TRUE;
-
-error:
-
- return ret;
-}
-
-
-void
-polkit_authentication_session_cancel (PolkitAuthenticationSession *session)
-{
- GPid pid;
-
- g_return_if_fail (session->helper_is_running);
-
- pid = session->child_pid;
- session->child_pid = 0;
- if (pid > 0)
- {
- int status;
- kill (pid, SIGTERM);
- waitpid (pid, &status, 0);
- session->helper_is_running = FALSE;
- }
- session->func_done (session, FALSE, FALSE, session->user_data);
-}
diff --git a/src/polkitagent/polkitauthenticationsession.h b/src/polkitagent/polkitauthenticationsession.h
deleted file mode 100644
index 1ccc4ca..0000000
--- a/src/polkitagent/polkitauthenticationsession.h
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#ifndef __POLKIT_AUTHENTICATION_SESSION_H
-#define __POLKIT_AUTHENTICATION_SESSION_H
-
-#include <polkit/polkit.h>
-#include <polkitagent/polkitagenttypes.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_AUTHENTICATION_SESSION (polkit_authentication_session_get_type())
-#define POLKIT_AUTHENTICATION_SESSION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHENTICATION_SESSION, PolkitAuthenticationSession))
-#define POLKIT_AUTHENTICATION_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHENTICATION_SESSION, PolkitAuthenticationSessionClass))
-#define POLKIT_AUTHENTICATION_SESSION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHENTICATION_SESSION, PolkitAuthenticationSessionClass))
-#define POLKIT_IS_AUTHENTICATION_SESSION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHENTICATION_SESSION))
-#define POLKIT_IS_AUTHENTICATION_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHENTICATION_SESSION))
-
-/**
- * PolkitAuthenticationSessionConversationPromptEchoOff:
- * @session: A #PolkitAuthenticationSession.
- * @prompt: prompt passed by the authentication layer; do not free this string
- * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer needs to ask the user a secret and the UI should NOT echo what
- * the user types on the screen.
- *
- * Returns: the answer obtained from the user; must be allocated with
- * malloc(3) and will be freed by the #PolkitAuthenticationSession class.
- **/
-typedef char* (*PolkitAuthenticationSessionConversationPromptEchoOff) (PolkitAuthenticationSession *session,
- const gchar *prompt,
- gpointer user_data);
-
-/**
- * PolkitAuthenticationSessionConversationPromptEchoOn:
- * @session: A #PolkitAuthenticationSession.
- * @prompt: prompt passed by the authentication layer; do not free this string
- * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer needs to ask the user a secret and the UI should echo what
- * the user types on the screen.
- *
- * Returns: the answer obtained from the user; must be allocated with
- * malloc(3) and will be freed by the #PolkitAuthenticationSession class.
- **/
-typedef char* (*PolkitAuthenticationSessionConversationPromptEchoOn) (PolkitAuthenticationSession *session,
- const gchar *prompt,
- gpointer user_data);
-
-/**
- * PolkitAuthenticationSessionConversationErrorMessage:
- * @session: A #PolkitAuthenticationSession.
- * @error_message: error message passed by the authentication layer; do not free this string
- * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer produces an error message that should be displayed in the UI.
- **/
-typedef void (*PolkitAuthenticationSessionConversationErrorMessage) (PolkitAuthenticationSession *session,
- const gchar *error_message,
- gpointer user_data);
-
-/**
- * PolkitAuthenticationSessionConversationTextInfo:
- * @session: A #PolkitAuthenticationSession.
- * @text_info: information passed by the authentication layer; do not free this string
- * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
- *
- * Type for callback function that is invoked when the authentication
- * layer produces an informational message that should be displayed in
- * the UI.
- **/
-typedef void (*PolkitAuthenticationSessionConversationTextInfo) (PolkitAuthenticationSession *session,
- const gchar *text_info,
- gpointer user_data);
-
-/**
- * PolkitAuthenticationSessionDone:
- * @session: A #PolkitAuthenticationSession.
- * @gained_authorization: whether the authorization was obtained
- * @invalid_data: whether the input data was bogus (not including bad passwords)
- * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
- *
- * This function is called when the granting process ends; either if
- * successful or if it was canceled using e.g. polkit_authorization_session_cancel_auth().
- **/
-typedef void (*PolkitAuthenticationSessionDone) (PolkitAuthenticationSession *session,
- gboolean gained_authorization,
- gboolean invalid_data,
- gpointer user_data);
-
-
-#if 0
-typedef struct _PolkitAuthenticationSession PolkitAuthenticationSession;
-#endif
-typedef struct _PolkitAuthenticationSessionClass PolkitAuthenticationSessionClass;
-
-GType polkit_authentication_session_get_type (void) G_GNUC_CONST;
-PolkitAuthenticationSession *polkit_authentication_session_new (PolkitIdentity *identity,
- const gchar *cookie);
-
-/* TODO: would be much nicer to use signals here */
-void polkit_authentication_session_set_functions
- (PolkitAuthenticationSession *session,
- PolkitAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off,
- PolkitAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on,
- PolkitAuthenticationSessionConversationErrorMessage func_error_message,
- PolkitAuthenticationSessionConversationTextInfo func_text_info,
- PolkitAuthenticationSessionDone func_done,
- void *user_data);
-
-gboolean polkit_authentication_session_initiate_auth (PolkitAuthenticationSession *session);
-
-void polkit_authentication_session_cancel (PolkitAuthenticationSession *session);
-
-G_END_DECLS
-
-#endif /* __POLKIT_AUTHENTICATION_SESSION_H */
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index b18ac0f..399b4c7 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -39,6 +39,19 @@ polkit_backend_authority_class_init (PolkitBackendAuthorityClass *klass)
}
void
+polkit_backend_authority_system_bus_name_owner_changed (PolkitBackendAuthority *authority,
+ const gchar *name,
+ const gchar *old_owner,
+ const gchar *new_owner)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->system_bus_name_owner_changed (authority, name, old_owner, new_owner);
+}
+
+void
polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
const gchar *locale,
PolkitBackendPendingCall *pending_call)
@@ -123,3 +136,28 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho
klass->remove_authorization (authority, identity, authorization, pending_call);
}
+
+void
+polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->register_authentication_agent (authority, object_path, pending_call);
+}
+
+void
+polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->unregister_authentication_agent (authority, object_path, pending_call);
+}
+
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 09ef3f5..a35ad7e 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -51,6 +51,12 @@ struct _PolkitBackendAuthorityClass
/*< public >*/
+ /* TODO: need something more efficient such that we don't watch all name changes */
+ void (*system_bus_name_owner_changed) (PolkitBackendAuthority *authority,
+ const gchar *name,
+ const gchar *old_owner,
+ const gchar *new_owner);
+
void (*enumerate_actions) (PolkitBackendAuthority *authority,
const gchar *locale,
PolkitBackendPendingCall *pending_call);
@@ -81,6 +87,14 @@ struct _PolkitBackendAuthorityClass
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
+ void (*register_authentication_agent) (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call);
+
+ void (*unregister_authentication_agent) (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call);
+
/*< private >*/
/* Padding for future expansion */
void (*_polkit_reserved1) (void);
@@ -97,6 +111,11 @@ GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
/* --- */
+void polkit_backend_authority_system_bus_name_owner_changed (PolkitBackendAuthority *authority,
+ const gchar *name,
+ const gchar *old_owner,
+ const gchar *new_owner);
+
void polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
const gchar *locale,
PolkitBackendPendingCall *pending_call);
@@ -127,6 +146,14 @@ void polkit_backend_authority_remove_authorization (PolkitBackendAuthor
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call);
+
/* --- */
void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
@@ -148,6 +175,9 @@ void polkit_backend_authority_add_authorization_finish (PolkitBackend
void polkit_backend_authority_remove_authorization_finish (PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_register_authentication_agent_finish (PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_unregister_authentication_agent_finish (PolkitBackendPendingCall *pending_call);
+
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index fdb6449..067d0c2 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -40,6 +40,8 @@ typedef struct
GHashTable *hash_identity_to_authority_store;
+ GHashTable *hash_session_to_authentication_agent;
+
} PolkitBackendLocalAuthorityPrivate;
/* ---------------------------------------------------------------------------------------------------- */
@@ -49,13 +51,21 @@ typedef struct AuthorizationStore AuthorizationStore;
static void authorization_store_free (AuthorizationStore *store);
-/* ---------------------------------------------------------------------------------------------------- */
-
static AuthorizationStore *get_authorization_store_for_identity (PolkitBackendLocalAuthority *authority,
PolkitIdentity *identity);
/* ---------------------------------------------------------------------------------------------------- */
+struct AuthenticationAgent;
+typedef struct AuthenticationAgent AuthenticationAgent;
+
+static void authentication_agent_free (AuthenticationAgent *agent);
+
+static AuthenticationAgent *get_authentication_agent_for_subject (PolkitBackendLocalAuthority *authority,
+ PolkitSubject *subject);
+
+/* ---------------------------------------------------------------------------------------------------- */
+
static gboolean check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
PolkitIdentity *identity,
const gchar *action_id);
@@ -83,6 +93,11 @@ static gboolean remove_authorization_for_identity (PolkitBackendLocalAuthority *
/* ---------------------------------------------------------------------------------------------------- */
+static void polkit_backend_local_authority_system_bus_name_owner_changed (PolkitBackendAuthority *authority,
+ const gchar *name,
+ const gchar *old_owner,
+ const gchar *new_owner);
+
static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
const gchar *locale,
PolkitBackendPendingCall *pending_call);
@@ -119,6 +134,14 @@ static void polkit_backend_local_authority_remove_authorization (PolkitBackendAu
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_register_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call);
+
+static void polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call);
+
/* ---------------------------------------------------------------------------------------------------- */
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
@@ -142,6 +165,11 @@ polkit_backend_local_authority_init (PolkitBackendLocalAuthority *local_authorit
(GDestroyNotify) g_object_unref,
(GDestroyNotify) authorization_store_free);
+ priv->hash_session_to_authentication_agent = g_hash_table_new_full ((GHashFunc) polkit_subject_hash,
+ (GEqualFunc) polkit_subject_equal,
+ (GDestroyNotify) g_object_unref,
+ (GDestroyNotify) authentication_agent_free);
+
priv->session_monitor = polkit_backend_session_monitor_new ();
}
@@ -162,6 +190,8 @@ polkit_backend_local_authority_finalize (GObject *object)
g_hash_table_unref (priv->hash_identity_to_authority_store);
+ g_hash_table_unref (priv->hash_session_to_authentication_agent);
+
G_OBJECT_CLASS (polkit_backend_local_authority_parent_class)->finalize (object);
}
@@ -176,13 +206,16 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
gobject_class->finalize = polkit_backend_local_authority_finalize;
- authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
- authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
- authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
- authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
- authority_class->enumerate_authorizations = polkit_backend_local_authority_enumerate_authorizations;
- authority_class->add_authorization = polkit_backend_local_authority_add_authorization;
- authority_class->remove_authorization = polkit_backend_local_authority_remove_authorization;
+ authority_class->system_bus_name_owner_changed = polkit_backend_local_authority_system_bus_name_owner_changed;
+ authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
+ authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
+ authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
+ authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
+ authority_class->enumerate_authorizations = polkit_backend_local_authority_enumerate_authorizations;
+ authority_class->add_authorization = polkit_backend_local_authority_add_authorization;
+ authority_class->remove_authorization = polkit_backend_local_authority_remove_authorization;
+ authority_class->register_authentication_agent = polkit_backend_local_authority_register_authentication_agent;
+ authority_class->unregister_authentication_agent = polkit_backend_local_authority_unregister_authentication_agent;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -682,6 +715,203 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
/* ---------------------------------------------------------------------------------------------------- */
+struct AuthenticationAgent
+{
+ PolkitSubject *session;
+
+ gchar *object_path;
+ gchar *unique_system_bus_name;
+};
+
+static void
+authentication_agent_free (AuthenticationAgent *agent)
+{
+ g_object_unref (agent->session);
+ g_free (agent->object_path);
+ g_free (agent->unique_system_bus_name);
+ g_free (agent);
+}
+
+static AuthenticationAgent *
+authentication_agent_new (PolkitSubject *session,
+ const gchar *unique_system_bus_name,
+ const gchar *object_path)
+{
+ AuthenticationAgent *agent;
+
+ agent = g_new0 (AuthenticationAgent, 1);
+
+ agent->session = g_object_ref (session);
+ agent->object_path = g_strdup (object_path);
+ agent->unique_system_bus_name = g_strdup (unique_system_bus_name);
+
+ return agent;
+}
+
+static AuthenticationAgent *
+get_authentication_agent_for_subject (PolkitBackendLocalAuthority *authority,
+ PolkitSubject *subject)
+{
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitSubject *session_for_subject;
+ AuthenticationAgent *agent;
+
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
+
+ agent = NULL;
+ session_for_subject = NULL;
+
+ session_for_subject = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
+ subject,
+ NULL);
+ if (session_for_subject == NULL)
+ goto out;
+
+ agent = g_hash_table_lookup (priv->hash_session_to_authentication_agent, session_for_subject);
+
+ out:
+ if (session_for_subject != NULL)
+ g_object_unref (session_for_subject);
+}
+
+static AuthenticationAgent *
+get_authentication_agent_by_unique_system_bus_name (PolkitBackendLocalAuthority *authority,
+ const gchar *unique_system_bus_name)
+{
+ PolkitBackendLocalAuthorityPrivate *priv;
+ GHashTableIter hash_iter;
+ AuthenticationAgent *agent;
+
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
+
+ g_hash_table_iter_init (&hash_iter, priv->hash_session_to_authentication_agent);
+ while (g_hash_table_iter_next (&hash_iter, NULL, (gpointer) &agent))
+ {
+ if (strcmp (agent->unique_system_bus_name, unique_system_bus_name) == 0)
+ goto out;
+ }
+
+ agent = NULL;
+
+ out:
+ return agent;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+polkit_backend_local_authority_register_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitSubject *caller;
+ PolkitSubject *session_for_caller;
+ AuthenticationAgent *agent;
+ GError *error;
+
+ error = NULL;
+ session_for_caller = NULL;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ caller = polkit_backend_pending_call_get_caller (pending_call);
+
+ session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
+ caller,
+ &error);
+
+ if (session_for_caller == NULL)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot determine session");
+
+ goto out;
+ }
+
+ agent = g_hash_table_lookup (priv->hash_session_to_authentication_agent, session_for_caller);
+ if (agent != NULL)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "An authentication agent already exists for session");
+ goto out;
+ }
+
+ /* TODO: validate that object path is well-formed */
+
+ agent = authentication_agent_new (session_for_caller,
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller)),
+ object_path);
+
+ g_hash_table_insert (priv->hash_session_to_authentication_agent,
+ g_object_ref (session_for_caller),
+ agent);
+
+ g_debug ("Added authentication agent for session %s at name %s, object path %s",
+ polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (session_for_caller)),
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller)),
+ object_path);
+
+ polkit_backend_authority_register_authentication_agent_finish (pending_call);
+
+ out:
+ if (session_for_caller != NULL)
+ g_object_unref (session_for_caller);
+}
+
+static void
+polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
+ const gchar *object_path,
+ PolkitBackendPendingCall *pending_call)
+{
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Not implemented");
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+polkit_backend_local_authority_system_bus_name_owner_changed (PolkitBackendAuthority *authority,
+ const gchar *name,
+ const gchar *old_owner,
+ const gchar *new_owner)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ AuthenticationAgent *agent;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ //g_debug ("name-owner-changed: '%s' '%s' '%s'", name, old_owner, new_owner);
+
+ if (name[0] == ':' && strlen (new_owner) == 0)
+ {
+ agent = get_authentication_agent_by_unique_system_bus_name (local_authority, name);
+ if (agent != NULL)
+ {
+ g_debug ("Removing authentication agent for session %s at name %s, object path %s (disconnected from bus)",
+ polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (agent->session)),
+ agent->unique_system_bus_name,
+ agent->object_path);
+
+ /* this works because we have exactly one agent per session */
+ g_hash_table_remove (priv->hash_session_to_authentication_agent, agent->session);
+ }
+ }
+
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
struct AuthorizationStore
{
PolkitIdentity *identity;
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 9ed4127..2414bde 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -35,6 +35,14 @@ struct _PolkitBackendServer
GObject parent_instance;
PolkitBackendAuthority *authority;
+
+ EggDBusConnection *system_bus;
+
+ EggDBusObjectProxy *bus_proxy;
+
+ EggDBusBus *bus;
+
+ gulong name_owner_changed_id;
};
struct _PolkitBackendServerClass
@@ -60,6 +68,12 @@ polkit_backend_server_finalize (GObject *object)
server = POLKIT_BACKEND_SERVER (object);
+ g_signal_handler_disconnect (server->bus, server->name_owner_changed_id);
+
+ g_object_unref (server->bus_proxy);
+
+ g_object_unref (server->system_bus);
+
g_object_unref (server->authority);
}
@@ -73,6 +87,16 @@ polkit_backend_server_class_init (PolkitBackendServerClass *klass)
gobject_class->finalize = polkit_backend_server_finalize;
}
+static void
+name_owner_changed (EggDBusBus *instance,
+ gchar *name,
+ gchar *old_owner,
+ gchar *new_owner,
+ PolkitBackendServer *server)
+{
+ polkit_backend_authority_system_bus_name_owner_changed (server->authority, name, old_owner, new_owner);
+}
+
PolkitBackendServer *
polkit_backend_server_new (PolkitBackendAuthority *authority)
{
@@ -82,6 +106,20 @@ polkit_backend_server_new (PolkitBackendAuthority *authority)
server->authority = g_object_ref (authority);
+ /* TODO: it's a bit wasteful listening to all name-owner-changed signals... needs to be optimized */
+
+ server->system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+ server->bus_proxy = egg_dbus_connection_get_object_proxy (server->system_bus,
+ "org.freedesktop.DBus",
+ "/org/freedesktop/DBus");
+
+ server->bus = EGG_DBUS_QUERY_INTERFACE_BUS (server->bus_proxy);
+
+ server->name_owner_changed_id = g_signal_connect (server->bus,
+ "name-owner-changed",
+ (GCallback) name_owner_changed,
+ server);
+
return server;
}
@@ -387,13 +425,63 @@ polkit_backend_authority_remove_authorization_finish (PolkitBackendPendingCall
/* ---------------------------------------------------------------------------------------------------- */
static void
+authority_handle_register_authentication_agent (_PolkitAuthority *instance,
+ const gchar *object_path,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ polkit_backend_authority_register_authentication_agent (server->authority,
+ object_path,
+ pending_call);
+}
+
+void
+polkit_backend_authority_register_authentication_agent_finish (PolkitBackendPendingCall *pending_call)
+{
+ _polkit_authority_handle_register_authentication_agent_finish (_polkit_backend_pending_call_get_method_invocation (pending_call));
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_handle_unregister_authentication_agent (_PolkitAuthority *instance,
+ const gchar *object_path,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ polkit_backend_authority_unregister_authentication_agent (server->authority,
+ object_path,
+ pending_call);
+}
+
+void
+polkit_backend_authority_unregister_authentication_agent_finish (PolkitBackendPendingCall *pending_call)
+{
+ _polkit_authority_handle_unregister_authentication_agent_finish (_polkit_backend_pending_call_get_method_invocation (pending_call));
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
- authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
- authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
- authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
- authority_iface->handle_check_authorization = authority_handle_check_authorization;
- authority_iface->handle_enumerate_authorizations = authority_handle_enumerate_authorizations;
- authority_iface->handle_add_authorization = authority_handle_add_authorization;
- authority_iface->handle_remove_authorization = authority_handle_remove_authorization;
+ authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
+ authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
+ authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
+ authority_iface->handle_check_authorization = authority_handle_check_authorization;
+ authority_iface->handle_enumerate_authorizations = authority_handle_enumerate_authorizations;
+ authority_iface->handle_add_authorization = authority_handle_add_authorization;
+ authority_iface->handle_remove_authorization = authority_handle_remove_authorization;
+ authority_iface->handle_register_authentication_agent = authority_handle_register_authentication_agent;
+ authority_iface->handle_unregister_authentication_agent = authority_handle_unregister_authentication_agent;
}
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index ee225ca..61fc86a 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -432,3 +432,63 @@ polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor
return user;
}
+
+/**
+ * polkit_backend_session_monitor_get_session_for_subject:
+ * @monitor: A #PolkitBackendSessionMonitor.
+ * @subject: A #PolkitSubject.
+ * @error: Return location for error.
+ *
+ * Gets the session corresponding to @subject or %NULL if no session exists.
+ *
+ * Returns: %NULL if @error is set otherwise a #PolkitUnixSession that should be freed with g_object_unref().
+ */
+PolkitSubject *
+polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *subject,
+ GError **error)
+{
+ PolkitSubject *session;
+
+ session = NULL;
+
+ if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
+ {
+ pid_t pid;
+ gchar *session_id;
+
+ /* TODO: cache this stuff */
+ if (!egg_dbus_bus_get_connection_unix_process_id_sync (egg_dbus_connection_get_bus (monitor->system_bus),
+ EGG_DBUS_CALL_FLAGS_NONE,
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject)),
+ &pid,
+ NULL,
+ error))
+ goto out;
+
+ if (!ck_manager_get_session_for_unix_process_sync (monitor->ck_manager,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ pid,
+ &session_id,
+ NULL,
+ error))
+ goto out;
+
+ session = polkit_unix_session_new (session_id);
+
+ g_free (session_id);
+ }
+ else
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Cannot get user for subject of type %s",
+ g_type_name (G_TYPE_FROM_INSTANCE (subject)));
+ }
+
+ out:
+
+ return session;
+}
+
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h
index 8569266..a4194a9 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.h
+++ b/src/polkitbackend/polkitbackendsessionmonitor.h
@@ -51,6 +51,10 @@ PolkitIdentity *polkit_backend_session_monitor_get_user_for_subject
PolkitSubject *subject,
GError **error);
+PolkitSubject *polkit_backend_session_monitor_get_session_for_subject (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *subject,
+ GError **error);
+
G_END_DECLS
#endif /* __POLKIT_BACKEND_SESSION_MONITOR_H */
commit 83bf3b054fe1caeb16155da92e3f9e5df9f00809
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 13:31:41 2009 -0500
add a hash() method to the Subject interface
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index 5df1a65..124a595 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -66,6 +66,12 @@ polkit_subject_get_type (void)
return iface_type;
}
+guint
+polkit_subject_hash (PolkitSubject *subject)
+{
+ return POLKIT_SUBJECT_GET_IFACE (subject)->hash (subject);
+}
+
gboolean
polkit_subject_equal (PolkitSubject *a,
PolkitSubject *b)
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
index 22899ee..6f95c29 100644
--- a/src/polkit/polkitsubject.h
+++ b/src/polkit/polkitsubject.h
@@ -42,6 +42,8 @@ struct _PolkitSubjectIface
{
GTypeInterface parent_iface;
+ guint (*hash) (PolkitSubject *subject);
+
gboolean (*equal) (PolkitSubject *a,
PolkitSubject *b);
@@ -49,6 +51,7 @@ struct _PolkitSubjectIface
};
GType polkit_subject_get_type (void) G_GNUC_CONST;
+guint polkit_subject_hash (PolkitSubject *subject);
gboolean polkit_subject_equal (PolkitSubject *a,
PolkitSubject *b);
gchar *polkit_subject_to_string (PolkitSubject *subject);
diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
index 7045dbe..bd0c13d 100644
--- a/src/polkit/polkitsystembusname.c
+++ b/src/polkit/polkitsystembusname.c
@@ -166,6 +166,14 @@ polkit_system_bus_name_new (const gchar *name)
NULL));
}
+static guint
+polkit_system_bus_name_hash (PolkitSubject *subject)
+{
+ PolkitSystemBusName *system_bus_name = POLKIT_SYSTEM_BUS_NAME (subject);
+
+ return g_str_hash (system_bus_name->name);
+}
+
static gboolean
polkit_system_bus_name_equal (PolkitSubject *a,
PolkitSubject *b)
@@ -190,6 +198,7 @@ polkit_system_bus_name_to_string (PolkitSubject *subject)
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
+ subject_iface->hash = polkit_system_bus_name_hash;
subject_iface->equal = polkit_system_bus_name_equal;
subject_iface->to_string = polkit_system_bus_name_to_string;
}
diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
index d2fab0c..f3f67de 100644
--- a/src/polkit/polkitunixprocess.c
+++ b/src/polkit/polkitunixprocess.c
@@ -203,6 +203,13 @@ polkit_unix_process_new_full (pid_t pid,
return POLKIT_SUBJECT (process);
}
+static guint
+polkit_unix_process_hash (PolkitSubject *subject)
+{
+ PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (subject);
+
+ return g_direct_hash (GINT_TO_POINTER ((process->pid + process->start_time))) ;
+}
static gboolean
polkit_unix_process_equal (PolkitSubject *a,
@@ -230,6 +237,7 @@ polkit_unix_process_to_string (PolkitSubject *subject)
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
+ subject_iface->hash = polkit_unix_process_hash;
subject_iface->equal = polkit_unix_process_equal;
subject_iface->to_string = polkit_unix_process_to_string;
}
diff --git a/src/polkit/polkitunixsession.c b/src/polkit/polkitunixsession.c
index b81bbd0..ff0c36a 100644
--- a/src/polkit/polkitunixsession.c
+++ b/src/polkit/polkitunixsession.c
@@ -154,6 +154,14 @@ polkit_unix_session_new (const gchar *session_id)
NULL));
}
+static guint
+polkit_unix_session_hash (PolkitSubject *subject)
+{
+ PolkitUnixSession *session = POLKIT_UNIX_SESSION (subject);
+
+ return g_str_hash (session->session_id);
+}
+
static gboolean
polkit_unix_session_equal (PolkitSubject *a,
PolkitSubject *b)
@@ -178,6 +186,7 @@ polkit_unix_session_to_string (PolkitSubject *subject)
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
+ subject_iface->hash = polkit_unix_session_hash;
subject_iface->equal = polkit_unix_session_equal;
subject_iface->to_string = polkit_unix_session_to_string;
}
commit 81d0619d9cbb7fc0ee08d6236530cec83d868a27
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 13:30:50 2009 -0500
remember to install polkittypes.h
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 89752db..6d8ba69 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -42,6 +42,7 @@ libpolkit_gobject_1includedir=$(includedir)/polkit-1/polkit
libpolkit_gobject_1include_HEADERS = \
polkit.h \
+ polkittypes.h \
polkitactiondescription.h \
polkitauthority.h \
polkiterror.h \
commit 10cdbe0e5087e6156f43214245bfda241972928b
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 00:36:25 2009 -0500
first cut at authentication helper library
Not finished yet...
diff --git a/src/Makefile.am b/src/Makefile.am
index 7538232..33d3284 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,5 +1,5 @@
-SUBDIRS = polkit polkitbackend polkitd programs
+SUBDIRS = polkit polkitbackend polkitagent polkitd programs
clean-local :
rm -f *~
diff --git a/src/polkitagent/Makefile.am b/src/polkitagent/Makefile.am
new file mode 100644
index 0000000..ac74bd5
--- /dev/null
+++ b/src/polkitagent/Makefile.am
@@ -0,0 +1,63 @@
+NULL =
+
+INCLUDES = \
+ -I$(top_builddir)/src \
+ -I$(top_srcdir)/src \
+ -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
+ -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
+ -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
+ -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
+ -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
+ -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
+ -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -D_POSIX_PTHREAD_SEMANTICS \
+ -D_REENTRANT \
+ $(NULL)
+
+
+lib_LTLIBRARIES=libpolkit-agent-1.la
+
+libpolkit_agent_1includedir=$(includedir)/polkit-1/polkitagent
+
+libpolkit_agent_1include_HEADERS = \
+ polkitagent.h \
+ polkitagenttypes.h \
+ polkitauthenticationsession.h \
+ $(NULL)
+
+libpolkit_agent_1_la_SOURCES = \
+ polkitagent.h \
+ polkitagenttypes.h \
+ polkitauthenticationsession.h polkitauthenticationsession.c \
+ $(NULL)
+
+libpolkit_agent_1_la_CFLAGS = \
+ -D_POLKIT_AGENT_COMPILATION \
+ $(GLIB_CFLAGS) \
+ $(EGG_DBUS_CFLAGS) \
+ $(NULL)
+
+libpolkit_agent_1_la_LIBADD = \
+ $(GLIB_LIBS) \
+ $(EGG_DBUS_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(EXPAT_LIBS) \
+ $(NULL)
+
+libexec_PROGRAMS = polkit-agent-helper-1
+
+polkit_agent_helper_1_SOURCES = polkitagenthelper.c
+polkit_agent_helper_1_LDADD = $(AUTH_LIBS)
+
+# polkit-agent-helper-1 need to be setuid root because it's used to
+# authenticate not only the invoking user, but possibly also root
+# and/or other users.
+#
+install-exec-hook:
+ -chown root $(DESTDIR)$(libexecdir)/polkit-agent-helper-1
+ -chmod 4755 $(DESTDIR)$(libexecdir)/polkit-agent-helper-1
+
+CLEANFILES = $(BUILT_SOURCES)
+
+clean-local :
+ rm -f *~
diff --git a/src/polkitagent/polkitagent.h b/src/polkitagent/polkitagent.h
new file mode 100644
index 0000000..b6c2ffb
--- /dev/null
+++ b/src/polkitagent/polkitagent.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AGENT_H
+#define __POLKIT_AGENT_H
+
+#define _POLKIT_AGENT_INSIDE_POLKIT_AGENT_H 1
+#include <polkitagent/polkitauthenticationsession.h>
+#undef _POLKIT_AGENT_INSIDE_POLKIT_AGENT_H
+
+#endif /* __POLKIT_AGENT_H */
diff --git a/src/polkitagent/polkitagenthelper.c b/src/polkitagent/polkitagenthelper.c
new file mode 100644
index 0000000..df59f18
--- /dev/null
+++ b/src/polkitagent/polkitagenthelper.c
@@ -0,0 +1,255 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <syslog.h>
+#include <security/pam_appl.h>
+
+#ifdef HAVE_SOLARIS
+# define LOG_AUTHPRIV (10<<3)
+#endif
+
+/* Development aid: define PAH_DEBUG to get debugging output. Do _NOT_
+ * enable this in production builds; it may leak passwords and other
+ * sensitive information.
+ */
+#undef PAH_DEBUG
+#define PAH_DEBUG
+
+static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data);
+
+int
+main (int argc, char *argv[])
+{
+ int rc;
+ const char *user_to_auth;
+ const char *cookie;
+ struct pam_conv pam_conversation;
+ pam_handle_t *pam_h;
+ const void *authed_user;
+
+ rc = 0;
+ pam_h = NULL;
+
+ /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
+ if (clearenv () != 0)
+ goto error;
+
+ /* set a minimal environment */
+ setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
+
+ /* check that we are setuid root */
+ if (geteuid () != 0)
+ {
+ fprintf (stderr, "polkit-grant-helper-pam: needs to be setuid root\n");
+ goto error;
+ }
+
+ openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
+
+ /* check for correct invocation */
+ if (argc != 3)
+ {
+ syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
+ fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n");
+ goto error;
+ }
+
+ user_to_auth = argv[1];
+ cookie = argv[2];
+
+ if (getuid () != 0)
+ {
+ /* check we're running with a non-tty stdin */
+ if (isatty (STDIN_FILENO) != 0)
+ {
+ syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
+ fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
+ goto error;
+ }
+ }
+
+#ifdef PAH_DEBUG
+ fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth);
+#endif /* PAH_DEBUG */
+
+ pam_conversation.conv = conversation_function;
+ pam_conversation.appdata_ptr = NULL;
+
+ /* start the pam stack */
+ rc = pam_start ("polkit-1",
+ user_to_auth,
+ &pam_conversation,
+ &pam_h);
+ if (rc != PAM_SUCCESS)
+ {
+ fprintf (stderr, "polkit-agent-helper-1: pam_start failed: %s\n", pam_strerror (pam_h, rc));
+ goto error;
+ }
+
+ /* set the requesting user */
+ rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth);
+ if (rc != PAM_SUCCESS)
+ {
+ fprintf (stderr, "polkit-agent-helper-1: pam_set_item failed: %s\n", pam_strerror (pam_h, rc));
+ goto error;
+ }
+
+ /* is user really user? */
+ rc = pam_authenticate (pam_h, 0);
+ if (rc != PAM_SUCCESS)
+ {
+ fprintf (stderr, "polkit-agent-helper-1: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc));
+ goto error;
+ }
+
+ /* permitted access? */
+ rc = pam_acct_mgmt (pam_h, 0);
+ if (rc != PAM_SUCCESS)
+ {
+ fprintf (stderr, "polkit-agent-helper-1: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc));
+ goto error;
+ }
+
+ /* did we auth the right user? */
+ rc = pam_get_item (pam_h, PAM_USER, &authed_user);
+ if (rc != PAM_SUCCESS)
+ {
+ fprintf (stderr, "polkit-agent-helper-1: pam_get_item failed: %s\n", pam_strerror (pam_h, rc));
+ goto error;
+ }
+
+ if (strcmp (authed_user, user_to_auth) != 0)
+ {
+ fprintf (stderr, "polkit-agent-helper-1: Tried to auth user '%s' but we got auth for user '%s' instead",
+ user_to_auth, (const char *) authed_user);
+ goto error;
+ }
+
+#ifdef PAH_DEBUG
+ fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth);
+#endif /* PAH_DEBUG */
+
+ /* TODO: now send a D-Bus message to the PolicyKit daemon that
+ * includes a) the cookie; and b) the user we authenticated
+ */
+
+ fprintf (stdout, "SUCCESS\n");
+ fflush (stdout);
+
+ pam_end (pam_h, rc);
+ return 0;
+
+error:
+ if (pam_h != NULL)
+ pam_end (pam_h, rc);
+
+ fprintf (stdout, "FAILURE\n");
+ fflush (stdout);
+ return 1;
+}
+
+static int
+conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data)
+{
+ struct pam_response *aresp;
+ char buf[PAM_MAX_RESP_SIZE];
+ int i;
+
+ data = data;
+ if (n <= 0 || n > PAM_MAX_NUM_MSG)
+ return PAM_CONV_ERR;
+
+ if ((aresp = calloc(n, sizeof *aresp)) == NULL)
+ return PAM_BUF_ERR;
+
+ for (i = 0; i < n; ++i)
+ {
+ aresp[i].resp_retcode = 0;
+ aresp[i].resp = NULL;
+ switch (msg[i]->msg_style)
+ {
+
+ case PAM_PROMPT_ECHO_OFF:
+ fprintf (stdout, "PAM_PROMPT_ECHO_OFF ");
+ goto conv1;
+
+ case PAM_PROMPT_ECHO_ON:
+ fprintf (stdout, "PAM_PROMPT_ECHO_ON ");
+ conv1:
+ fputs (msg[i]->msg, stdout);
+ if (strlen (msg[i]->msg) > 0 && msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n')
+ fputc ('\n', stdout);
+ fflush (stdout);
+
+ if (fgets (buf, sizeof buf, stdin) == NULL)
+ goto error;
+
+ if (strlen (buf) > 0 &&
+ buf[strlen (buf) - 1] == '\n')
+ buf[strlen (buf) - 1] = '\0';
+
+ aresp[i].resp = strdup (buf);
+ if (aresp[i].resp == NULL)
+ goto error;
+ break;
+
+ case PAM_ERROR_MSG:
+ fprintf (stdout, "PAM_ERROR_MSG ");
+ goto conv2;
+
+ case PAM_TEXT_INFO:
+ fprintf (stdout, "PAM_TEXT_INFO ");
+ conv2:
+ fputs (msg[i]->msg, stdout);
+ if (strlen (msg[i]->msg) > 0 &&
+ msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n')
+ fputc ('\n', stdout);
+ fflush (stdout);
+ break;
+
+ default:
+ goto error;
+ }
+ }
+
+ *resp = aresp;
+ return PAM_SUCCESS;
+
+error:
+
+ for (i = 0; i < n; ++i)
+ {
+ if (aresp[i].resp != NULL) {
+ memset (aresp[i].resp, 0, strlen(aresp[i].resp));
+ free (aresp[i].resp);
+ }
+ }
+ memset (aresp, 0, n * sizeof *aresp);
+ *resp = NULL;
+ return PAM_CONV_ERR;
+}
diff --git a/src/polkitagent/polkitagenttypes.h b/src/polkitagent/polkitagenttypes.h
new file mode 100644
index 0000000..de62caa
--- /dev/null
+++ b/src/polkitagent/polkitagenttypes.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AGENT_TYPES_H
+#define __POLKIT_AGENT_TYPES_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+struct _PolkitAuthenticationSession;
+typedef struct _PolkitAuthenticationSession PolkitAuthenticationSession;
+
+
+G_END_DECLS
+
+#endif /* __POLKIT_AGENT_TYPES_H */
diff --git a/src/polkitagent/polkitauthenticationsession.c b/src/polkitagent/polkitauthenticationsession.c
new file mode 100644
index 0000000..62dcd7a
--- /dev/null
+++ b/src/polkitagent/polkitauthenticationsession.c
@@ -0,0 +1,354 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+/* TODO: This whole class needs to be rewritten so it uses the main loop etc. etc.
+ *
+ * And we REALLY REALLY really really should use signals instead of callbacks...
+ */
+
+
+/* for getline(), see below */
+#define _GNU_SOURCE
+
+#include "config.h"
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <pwd.h>
+
+#include "polkitauthenticationsession.h"
+
+struct _PolkitAuthenticationSession
+{
+ GObject parent_instance;
+
+ gchar *cookie;
+ PolkitIdentity *identity;
+
+ int child_stdin;
+ int child_stdout;
+ GPid child_pid;
+ FILE *child_stdout_f;
+
+ int child_watch_id;
+ int io_watch_id;
+
+ gboolean success;
+ gboolean helper_is_running;
+
+ PolkitAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off;
+ PolkitAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on;
+ PolkitAuthenticationSessionConversationErrorMessage func_error_message;
+ PolkitAuthenticationSessionConversationTextInfo func_text_info;
+ PolkitAuthenticationSessionDone func_done;
+ void *user_data;
+};
+
+struct _PolkitAuthenticationSessionClass
+{
+ GObjectClass parent_class;
+
+};
+
+G_DEFINE_TYPE (PolkitAuthenticationSession, polkit_authentication_session, G_TYPE_OBJECT);
+
+static void
+polkit_authentication_session_init (PolkitAuthenticationSession *session)
+{
+}
+
+static void
+polkit_authentication_session_finalize (GObject *object)
+{
+ PolkitAuthenticationSession *session;
+
+ session = POLKIT_AUTHENTICATION_SESSION (object);
+
+ g_free (session->cookie);
+ if (session->identity != NULL)
+ g_object_unref (session->identity);
+
+ if (G_OBJECT_CLASS (polkit_authentication_session_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_authentication_session_parent_class)->finalize (object);
+}
+
+static void
+polkit_authentication_session_class_init (PolkitAuthenticationSessionClass *klass)
+{
+ GObjectClass *gobject_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_authentication_session_finalize;
+
+
+
+}
+
+PolkitAuthenticationSession *
+polkit_authentication_session_new (PolkitIdentity *identity,
+ const gchar *cookie)
+{
+ PolkitAuthenticationSession *session;
+
+ session = POLKIT_AUTHENTICATION_SESSION (g_object_new (POLKIT_TYPE_AUTHENTICATION_SESSION, NULL));
+
+ session->identity = g_object_ref (identity);
+ session->cookie = g_strdup (cookie);
+
+ return session;
+}
+
+void
+polkit_authentication_session_set_functions (PolkitAuthenticationSession *session,
+ PolkitAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off,
+ PolkitAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on,
+ PolkitAuthenticationSessionConversationErrorMessage func_error_message,
+ PolkitAuthenticationSessionConversationTextInfo func_text_info,
+ PolkitAuthenticationSessionDone func_done,
+ void *user_data)
+{
+ session->func_prompt_echo_off = func_prompt_echo_off;
+ session->func_prompt_echo_on = func_prompt_echo_on;
+ session->func_error_message = func_error_message;
+ session->func_text_info = func_text_info;
+ session->func_done = func_done;
+ session->user_data = user_data;
+}
+
+static void
+child_watch_func (GPid pid, gint status, gpointer user_data)
+{
+ PolkitAuthenticationSession *session = POLKIT_AUTHENTICATION_SESSION (user_data);
+ gint exit_code;
+ gboolean input_was_bogus;
+
+ g_return_if_fail (session->helper_is_running);
+
+ exit_code = WEXITSTATUS (status);
+
+ g_debug ("pid %d terminated", pid);
+ waitpid (pid, &status, 0);
+
+ if (exit_code >= 2)
+ input_was_bogus = TRUE;
+ else
+ input_was_bogus = FALSE;
+
+ session->success = (exit_code == 0);
+ session->helper_is_running = FALSE;
+ session->func_done (session, session->success, input_was_bogus, session->user_data);
+}
+
+static gboolean
+io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data)
+{
+ PolkitAuthenticationSession *session = POLKIT_AUTHENTICATION_SESSION (user_data);
+ char *line;
+ size_t line_len;
+ gchar *id;
+ size_t id_len;
+ gchar *response;
+ gchar *response_prefix;
+ int fd;
+
+ g_return_val_if_fail (session->helper_is_running, FALSE);
+
+ fd = g_io_channel_unix_get_fd (channel);
+
+ line = NULL;
+ line_len = 0;
+
+ /* TODO: getline is GNU only, see kit_getline() in old polkit */
+ while (getline (&line, &line_len, session->child_stdout_f) != -1)
+ {
+ if (strlen (line) > 0 && line[strlen (line) - 1] == '\n')
+ line[strlen (line) - 1] = '\0';
+
+ response = NULL;
+ response_prefix = NULL;
+
+ id = "PAM_PROMPT_ECHO_OFF ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ response_prefix = "";
+ response = session->func_prompt_echo_off (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ id = "PAM_PROMPT_ECHO_ON ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ response_prefix = "";
+ response = session->func_prompt_echo_on (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ id = "PAM_ERROR_MSG ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ session->func_error_message (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ id = "PAM_TEXT_INFO ";
+ if (g_str_has_prefix (line, id))
+ {
+ id_len = strlen (id);
+ session->func_text_info (session,
+ line + id_len,
+ session->user_data);
+ goto processed;
+ }
+
+ processed:
+ if (response != NULL && response_prefix != NULL)
+ {
+ char *buf;
+ gboolean add_newline;
+
+ /* add a newline if there isn't one already... */
+ add_newline = FALSE;
+ if (response[strlen (response) - 1] != '\n')
+ {
+ add_newline = TRUE;
+ }
+ buf = g_strdup_printf ("%s%s%c",
+ response_prefix,
+ response,
+ add_newline ? '\n' : '\0');
+ write (session->child_stdin, buf, strlen (buf));
+ g_free (buf);
+ g_free (response);
+ }
+ }
+
+ if (line != NULL)
+ free (line);
+
+ return FALSE;
+}
+
+gboolean
+polkit_authentication_session_initiate_auth (PolkitAuthenticationSession *session)
+{
+ uid_t uid;
+ GError *error;
+ gchar *helper_argv[4];
+ GIOChannel *channel;
+ gboolean ret;
+ struct passwd *passwd;
+
+ ret = FALSE;
+
+ /* TODO: also support authorization for other kinds of identities */
+ if (!POLKIT_IS_UNIX_USER (session->identity))
+ {
+ g_warning ("Unsupported identity type");
+ goto error;
+ }
+
+ uid = polkit_unix_user_get_uid (POLKIT_UNIX_USER (session->identity));
+
+ passwd = getpwuid (uid);
+ if (passwd == NULL)
+ {
+ g_warning ("No user with uid %d", uid);
+ goto error;
+ }
+
+ helper_argv[0] = PACKAGE_LIBEXEC_DIR "/polkit-session-helper-1";
+ helper_argv[1] = passwd->pw_name;
+ helper_argv[2] = session->cookie;
+ helper_argv[3] = NULL;
+
+ session->child_stdin = -1;
+ session->child_stdout = -1;
+
+ error = NULL;
+ if (!g_spawn_async_with_pipes (NULL,
+ (char **) helper_argv,
+ NULL,
+ G_SPAWN_DO_NOT_REAP_CHILD |
+ 0,//G_SPAWN_STDERR_TO_DEV_NULL,
+ NULL,
+ NULL,
+ &session->child_pid,
+ &session->child_stdin,
+ &session->child_stdout,
+ NULL,
+ &error))
+ {
+ g_warning ("Cannot spawn helper: %s\n", error->message);
+ g_error_free (error);
+ goto error;
+ }
+
+ session->child_watch_id = g_child_watch_add (session->child_pid, child_watch_func, session);
+
+ channel = g_io_channel_unix_new (session->child_stdout);
+ session->io_watch_id = g_io_add_watch (channel, G_IO_IN, io_watch_have_data, session);
+ g_io_channel_unref (channel);
+
+ /* so we can use getline... */
+ session->child_stdout_f = fdopen (session->child_stdout, "r");
+
+ session->success = FALSE;
+
+ session->helper_is_running = TRUE;
+
+ ret = TRUE;
+
+error:
+
+ return ret;
+}
+
+
+void
+polkit_authentication_session_cancel (PolkitAuthenticationSession *session)
+{
+ GPid pid;
+
+ g_return_if_fail (session->helper_is_running);
+
+ pid = session->child_pid;
+ session->child_pid = 0;
+ if (pid > 0)
+ {
+ int status;
+ kill (pid, SIGTERM);
+ waitpid (pid, &status, 0);
+ session->helper_is_running = FALSE;
+ }
+ session->func_done (session, FALSE, FALSE, session->user_data);
+}
diff --git a/src/polkitagent/polkitauthenticationsession.h b/src/polkitagent/polkitauthenticationsession.h
new file mode 100644
index 0000000..1ccc4ca
--- /dev/null
+++ b/src/polkitagent/polkitauthenticationsession.h
@@ -0,0 +1,139 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AUTHENTICATION_SESSION_H
+#define __POLKIT_AUTHENTICATION_SESSION_H
+
+#include <polkit/polkit.h>
+#include <polkitagent/polkitagenttypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_AUTHENTICATION_SESSION (polkit_authentication_session_get_type())
+#define POLKIT_AUTHENTICATION_SESSION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHENTICATION_SESSION, PolkitAuthenticationSession))
+#define POLKIT_AUTHENTICATION_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHENTICATION_SESSION, PolkitAuthenticationSessionClass))
+#define POLKIT_AUTHENTICATION_SESSION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHENTICATION_SESSION, PolkitAuthenticationSessionClass))
+#define POLKIT_IS_AUTHENTICATION_SESSION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHENTICATION_SESSION))
+#define POLKIT_IS_AUTHENTICATION_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHENTICATION_SESSION))
+
+/**
+ * PolkitAuthenticationSessionConversationPromptEchoOff:
+ * @session: A #PolkitAuthenticationSession.
+ * @prompt: prompt passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer needs to ask the user a secret and the UI should NOT echo what
+ * the user types on the screen.
+ *
+ * Returns: the answer obtained from the user; must be allocated with
+ * malloc(3) and will be freed by the #PolkitAuthenticationSession class.
+ **/
+typedef char* (*PolkitAuthenticationSessionConversationPromptEchoOff) (PolkitAuthenticationSession *session,
+ const gchar *prompt,
+ gpointer user_data);
+
+/**
+ * PolkitAuthenticationSessionConversationPromptEchoOn:
+ * @session: A #PolkitAuthenticationSession.
+ * @prompt: prompt passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer needs to ask the user a secret and the UI should echo what
+ * the user types on the screen.
+ *
+ * Returns: the answer obtained from the user; must be allocated with
+ * malloc(3) and will be freed by the #PolkitAuthenticationSession class.
+ **/
+typedef char* (*PolkitAuthenticationSessionConversationPromptEchoOn) (PolkitAuthenticationSession *session,
+ const gchar *prompt,
+ gpointer user_data);
+
+/**
+ * PolkitAuthenticationSessionConversationErrorMessage:
+ * @session: A #PolkitAuthenticationSession.
+ * @error_message: error message passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer produces an error message that should be displayed in the UI.
+ **/
+typedef void (*PolkitAuthenticationSessionConversationErrorMessage) (PolkitAuthenticationSession *session,
+ const gchar *error_message,
+ gpointer user_data);
+
+/**
+ * PolkitAuthenticationSessionConversationTextInfo:
+ * @session: A #PolkitAuthenticationSession.
+ * @text_info: information passed by the authentication layer; do not free this string
+ * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
+ *
+ * Type for callback function that is invoked when the authentication
+ * layer produces an informational message that should be displayed in
+ * the UI.
+ **/
+typedef void (*PolkitAuthenticationSessionConversationTextInfo) (PolkitAuthenticationSession *session,
+ const gchar *text_info,
+ gpointer user_data);
+
+/**
+ * PolkitAuthenticationSessionDone:
+ * @session: A #PolkitAuthenticationSession.
+ * @gained_authorization: whether the authorization was obtained
+ * @invalid_data: whether the input data was bogus (not including bad passwords)
+ * @user_data: user data pointer as passed into polkit_authorization_session_set_functions()
+ *
+ * This function is called when the granting process ends; either if
+ * successful or if it was canceled using e.g. polkit_authorization_session_cancel_auth().
+ **/
+typedef void (*PolkitAuthenticationSessionDone) (PolkitAuthenticationSession *session,
+ gboolean gained_authorization,
+ gboolean invalid_data,
+ gpointer user_data);
+
+
+#if 0
+typedef struct _PolkitAuthenticationSession PolkitAuthenticationSession;
+#endif
+typedef struct _PolkitAuthenticationSessionClass PolkitAuthenticationSessionClass;
+
+GType polkit_authentication_session_get_type (void) G_GNUC_CONST;
+PolkitAuthenticationSession *polkit_authentication_session_new (PolkitIdentity *identity,
+ const gchar *cookie);
+
+/* TODO: would be much nicer to use signals here */
+void polkit_authentication_session_set_functions
+ (PolkitAuthenticationSession *session,
+ PolkitAuthenticationSessionConversationPromptEchoOff func_prompt_echo_off,
+ PolkitAuthenticationSessionConversationPromptEchoOn func_prompt_echo_on,
+ PolkitAuthenticationSessionConversationErrorMessage func_error_message,
+ PolkitAuthenticationSessionConversationTextInfo func_text_info,
+ PolkitAuthenticationSessionDone func_done,
+ void *user_data);
+
+gboolean polkit_authentication_session_initiate_auth (PolkitAuthenticationSession *session);
+
+void polkit_authentication_session_cancel (PolkitAuthenticationSession *session);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHENTICATION_SESSION_H */
commit e800e80f7e9adcd21fe8c63fd1c49fa6aec642bc
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 20 00:35:43 2009 -0500
add pkgconfig files
diff --git a/configure.ac b/configure.ac
index 24685c5..db31cf1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -406,9 +406,13 @@ Makefile
actions/Makefile
data/Makefile
data/polkit-1
+data/polkit-gobject-1.pc
+data/polkit-backend-1.pc
+data/polkit-agent-1.pc
src/Makefile
src/polkit/Makefile
src/polkitbackend/Makefile
+src/polkitagent/Makefile
src/polkitd/Makefile
src/programs/Makefile
docs/version.xml
diff --git a/data/Makefile.am b/data/Makefile.am
index 92e8df4..afe5f06 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -19,9 +19,18 @@ pamdir = $(sysconfdir)/pam.d
pam_DATA = polkit-1
endif
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = polkit-gobject-1.pc polkit-backend-1.pc polkit-agent-1.pc
+
CLEANFILES = $(BUILT_SOURCES)
-EXTRA_DIST = org.freedesktop.PolicyKit1.Authority.xml $(service_in_files) $(dbusconf_in_files) polkit-1.in
+EXTRA_DIST = \
+ org.freedesktop.PolicyKit1.Authority.xml \
+ $(service_in_files) \
+ $(dbusconf_in_files) \
+ polkit-gobject-1.in \
+ polkit-backend-1.in \
+ polkit-agent-1.in
clean-local :
rm -f *~ $(service_DATA) $(dbusconf_DATA)
diff --git a/data/polkit-agent-1.pc.in b/data/polkit-agent-1.pc.in
new file mode 100644
index 0000000..6402c2f
--- /dev/null
+++ b/data/polkit-agent-1.pc.in
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: polkit-agent-1
+Description: PolicyKit Authentication Agent API
+Version: @VERSION@
+Libs: -L${libdir} -lpolkit-agent-1
+Cflags: -I${includedir}/polkit-1
+Requires: polkit-gobject-1
diff --git a/data/polkit-backend-1.pc.in b/data/polkit-backend-1.pc.in
new file mode 100644
index 0000000..7f6197d
--- /dev/null
+++ b/data/polkit-backend-1.pc.in
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: polkit-backend-1
+Description: PolicyKit Backend API
+Version: @VERSION@
+Libs: -L${libdir} -lpolkit-backend-1
+Cflags: -I${includedir}/polkit-1
+Requires: polkit-gobject-1
diff --git a/data/polkit-gobject-1.pc.in b/data/polkit-gobject-1.pc.in
new file mode 100644
index 0000000..c39677d
--- /dev/null
+++ b/data/polkit-gobject-1.pc.in
@@ -0,0 +1,13 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+policydir=@datarootdir@/polkit-1/actions/
+actiondir=@datarootdir@/polkit-1/actions/
+
+Name: polkit-gobject-1
+Description: PolicyKit Authorization API
+Version: @VERSION@
+Libs: -L${libdir} -lpolkit-gobject-1
+Cflags: -I${includedir}/polkit-1
+Requires: gio-2.0 >= 2.18 glib-2.0 >= 2.18
commit b0e1ab0c8978a83b2a1d47fb521fa9d074341102
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 19:40:34 2009 -0500
add buildsys stuff for authentication library support
diff --git a/configure.ac b/configure.ac
index fbe843c..24685c5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -144,6 +144,253 @@ if test "x$GCC" = "xyes"; then
LDFLAGS="-Wl,--as-needed $LDFLAGS"
fi
+dnl ---------------------------------------------------------------------------
+dnl - User
+dnl ---------------------------------------------------------------------------
+
+AC_ARG_WITH(polkit_user,[ --with-polkit-user=<user> user for PolicyKit])
+if test -z "$with_polkit_user" ; then
+ POLKIT_USER=polkituser
+else
+ POLKIT_USER=$with_polkit_user
+fi
+AC_SUBST(POLKIT_USER)
+AC_DEFINE_UNQUOTED(POLKIT_USER, "$POLKIT_USER", [User for PolicyKit])
+
+dnl ---------------------------------------------------------------------------
+dnl - Select which authentication framework to use
+dnl ---------------------------------------------------------------------------
+
+AC_ARG_WITH([authfw],
+ AS_HELP_STRING([--with-authfw=<name>],
+ [Authentication framework (none/pam/shadow)]))
+if ! test -z "$with_authfw" ; then
+ if test x$with_authdb = xdummy ; then
+ if ! test x$with_authfw = xnone ; then
+ AC_MSG_ERROR([Only 'none' is a valid authentication framework for the dummy authorization database])
+ fi
+ else
+ if test x$with_authfw = xnone ; then
+ AC_MSG_ERROR(['none' is only a valid authentication framework for the dummy authorization database])
+ fi
+ fi
+ POLKIT_AUTHFW=$with_authfw
+else
+ if test x$with_authdb = xdummy ; then
+ POLKIT_AUTHFW=none
+ else
+ POLKIT_AUTHFW=pam
+ fi
+fi
+
+AC_SUBST(POLKIT_AUTHFW)
+AC_DEFINE_UNQUOTED(POLKIT_AUTHFW,"$POLKIT_AUTHFW", [Authentication Framework to use])
+
+case $POLKIT_AUTHFW in
+ none)
+ need_pam=no
+ AC_DEFINE(POLKIT_AUTHFW_NONE, 1, [If using no authentication framework])
+ ;;
+
+ pam)
+ need_pam=yes
+ AC_DEFINE(POLKIT_AUTHFW_PAM, 1, [If using the PAM authentication framework])
+ ;;
+
+ shadow)
+ need_pam=no
+ AUTH_LIBS="${AUTH_LIBS} -lcrypt"
+ AC_DEFINE(POLKIT_AUTHFW_SHADOW, 1, [If using the Shadow authentication framework])
+ ;;
+
+ *)
+ AC_MSG_ERROR([Unknown Authentication Framework: $POLKIT_AUTHFW])
+ ;;
+esac
+
+AM_CONDITIONAL(POLKIT_AUTHFW_NONE, [test x$POLKIT_AUTHFW = xnone], [Using no authfw])
+AM_CONDITIONAL(POLKIT_AUTHFW_PAM, [test x$POLKIT_AUTHFW = xpam], [Using PAM authfw])
+AM_CONDITIONAL(POLKIT_AUTHFW_SHADOW, [test x$POLKIT_AUTHFW = xshadow], [Using Shadow authfw])
+
+
+dnl ---------------------------------------------------------------------------
+dnl - Check for PAM
+dnl ---------------------------------------------------------------------------
+
+withval=""
+AC_ARG_WITH(pam-prefix,
+[ --with-pam-prefix=<prefix> specify where pam files go],[
+if test x$withval != x; then
+ AC_MSG_RESULT("PAM files will be installed in prefix ${withval}.")
+fi])
+if test x$withval != x; then
+ PAM_PREFIX_UNEXPANDED="$withval"
+else
+ PAM_PREFIX_UNEXPANDED="$sysconfdir"
+fi
+PAM_PREFIX=`eval echo $PAM_PREFIX_UNEXPANDED`
+AC_SUBST(PAM_PREFIX)
+
+have_pam=no
+if test "$need_pam" = yes ; then
+ AC_CHECK_LIB(pam, pam_start, have_pam=yes)
+fi
+
+if test x$have_pam = xno; then
+ if test "$need_pam" = yes ; then
+ AC_ERROR([Could not find pam/pam-devel, please install the needed packages.])
+ fi
+else
+ AUTH_LIBS="${AUTH_LIBS} -lpam"
+ AC_DEFINE(HAVE_PAM, 1, [Define if PAM support is included])
+
+ # On Linux, sigtimedwait() is in libc; on Solaris, it's in librt.
+ have_timedwait=no
+ AC_CHECK_LIB(c, sigtimedwait, [have_timedwait=yes])
+ if test "$have_timedwait" = no ; then
+ AC_CHECK_LIB(rt, sigtimedwait, [AUTH_LIBS="${AUTH_LIBS} -lrt"])
+ fi
+
+ AC_MSG_CHECKING(how to call pam_strerror)
+ AC_CACHE_VAL(ac_cv_pam_strerror_args,
+ [AC_TRY_COMPILE([#include <stdio.h>
+ #include <stdlib.h>
+ #include <security/pam_appl.h>],
+ [pam_handle_t *pamh = 0;
+ char *s = pam_strerror(pamh, PAM_SUCCESS);],
+ [ac_pam_strerror_args=2],
+ [AC_TRY_COMPILE([#include <stdio.h>
+ #include <stdlib.h>
+ #include <security/pam_appl.h>],
+ [char *s =
+ pam_strerror(PAM_SUCCESS);],
+ [ac_pam_strerror_args=1],
+ [ac_pam_strerror_args=0])])
+ ac_cv_pam_strerror_args=$ac_pam_strerror_args])
+ ac_pam_strerror_args=$ac_cv_pam_strerror_args
+ if test "$ac_pam_strerror_args" = 1 ; then
+ AC_MSG_RESULT(one argument)
+ elif test "$ac_pam_strerror_args" = 2 ; then
+ AC_DEFINE(PAM_STRERROR_TWO_ARGS, 1, [Define if pam_strerror takes two arguments])
+ AC_MSG_RESULT(two arguments)
+ else
+ AC_MSG_RESULT(unknown)
+ fi
+
+fi
+
+AM_CONDITIONAL(HAVE_PAM, test x$have_pam = xyes)
+AC_SUBST(HAVE_PAM)
+AC_SUBST(AUTH_LIBS)
+
+AC_CHECK_HEADER(security/pam_modutil.h, [AC_DEFINE(HAVE_PAM_MODUTIL_H, [], "Have pam_modutil.h")])
+AC_CHECK_HEADER(security/pam_ext.h, [AC_DEFINE(HAVE_PAM_EXT_H, [], "Have pam_ext.h")])
+AC_CHECK_LIB(pam, pam_vsyslog, [AC_DEFINE(HAVE_PAM_VSYSLOG, [], "Have pam_vsyslog")])
+
+AC_ARG_WITH(pam-module-dir, [ --with-pam-module-dir=[dirname] directory to install PAM security module])
+if ! test -z "$with_pam_module_dir"; then
+ PAM_MODULE_DIR=$with_pam_module_dir
+else
+ PAM_MODULE_DIR="/lib/security"
+fi
+
+AC_SUBST(PAM_MODULE_DIR)
+
+AC_ARG_WITH(os-type, [ --with-os-type=<os> distribution or OS (redhat/suse/gentoo/pardus/solaris)])
+
+#### Check our operating system (distro-tweaks required)
+if test "z$with_os_type" = "z"; then
+ AC_CHECK_FILE(/etc/redhat-release,distro_type="redhat")
+ AC_CHECK_FILE(/etc/SuSE-release,distro_type="suse")
+ AC_CHECK_FILE(/etc/gentoo-release,distro_type="gentoo")
+ AC_CHECK_FILE(/etc/pardus-release,distro_type="pardus")
+ if test "z$distro_type" = "z"; then
+ echo "Linux distribution autodetection failed, specify the distribution to target using --with-os-type="
+ else
+ operating_system=`echo ${distro_type} | tr '[[:upper:]]' '[[:lower:]]' `
+ fi
+fi
+
+#### Sort out OS (distro-tweaks required)
+if test x$with_os_type = x; then
+ if test x$operating_system = xredhat ; then
+ with_os_type=redhat
+ elif test x$operating_system = xsuse ; then
+ with_os_type=suse
+ elif test x$operating_system = xgentoo ; then
+ with_os_type=gentoo
+ elif test x$operating_system = xpardus ; then
+ with_os_type=pardus
+ elif test x$operating_system = xsolaris ; then
+ with_os_type=solaris
+ else
+ with_os_type=unknown
+ fi
+fi
+
+# (distro-tweaks required)
+AM_CONDITIONAL(OS_TYPE_UNKNOWN, test x$with_os_type = xunknown, [Running on unknown OS])
+AM_CONDITIONAL(OS_TYPE_RED_HAT, test x$with_os_type = xredhat, [Running on Red Hat OS'es])
+AM_CONDITIONAL(OS_TYPE_SUSE, test x$with_os_type = xsuse, [Running on SUSE OS'es])
+AM_CONDITIONAL(OS_TYPE_GENTOO, test x$with_os_type = xgentoo, [Running on Gentoo OS'es])
+AM_CONDITIONAL(OS_TYPE_PARDUS, test x$with_os_type = xpardus, [Running on Pardus OS'es])
+AM_CONDITIONAL(OS_TYPE_SOLARIS, test x$with_os_type = xsolaris, [Running os Solaris OS'es])
+AM_CONDITIONAL(OS_TYPE_FREEBSD, test x$with_os_type = xfreebsd, [Running on FreeBSD OS'es])
+
+AC_ARG_WITH(pam-include, [ --with-pam-include=<file> pam file to include])
+
+#### Set up pam file to include (distro-tweaks required)
+if ! test -z "$with_pam_include"; then
+ PAM_FILE_INCLUDE_AUTH=$with_pam_include
+ PAM_FILE_INCLUDE_ACCOUNT=$with_pam_include
+ PAM_FILE_INCLUDE_PASSWORD=$with_pam_include
+ PAM_FILE_INCLUDE_SESSION=$with_pam_include
+elif test x$with_os_type = xredhat -o x$with_os_type = xgentoo -o x$with_os_type = xpardus ; then
+ PAM_FILE_INCLUDE_AUTH=system-auth
+ PAM_FILE_INCLUDE_ACCOUNT=system-auth
+ PAM_FILE_INCLUDE_PASSWORD=system-auth
+ PAM_FILE_INCLUDE_SESSION=system-auth
+elif test x$with_os_type = xsuse -o x$with_os_type = xsolaris ; then
+ PAM_FILE_INCLUDE_AUTH=common-auth
+ PAM_FILE_INCLUDE_ACCOUNT=common-account
+ PAM_FILE_INCLUDE_PASSWORD=common-password
+ PAM_FILE_INCLUDE_SESSION=common-session
+elif test x$with_os_type = xfreebsd ; then
+ PAM_FILE_INCLUDE_AUTH=system
+ PAM_FILE_INCLUDE_ACCOUNT=system
+ PAM_FILE_INCLUDE_PASSWORD=system
+ PAM_FILE_INCLUDE_SESSION=system
+else
+ PAM_FILE_INCLUDE_AUTH=system-auth
+ PAM_FILE_INCLUDE_ACCOUNT=system-auth
+ PAM_FILE_INCLUDE_PASSWORD=system-auth
+ PAM_FILE_INCLUDE_SESSION=system-auth
+fi
+
+AC_SUBST(PAM_FILE_INCLUDE_AUTH)
+AC_SUBST(PAM_FILE_INCLUDE_ACCOUNT)
+AC_SUBST(PAM_FILE_INCLUDE_PASSWORD)
+AC_SUBST(PAM_FILE_INCLUDE_SESSION)
+AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_AUTH, "$PAM_FILE_INCLUDE_AUTH", [pam file auth])
+AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_ACCOUNT, "$PAM_FILE_INCLUDE_ACCOUNT", [pam file account])
+AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_PASSWORD, "$PAM_FILE_INCLUDE_PASSWORD", [pam file password])
+AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE_SESSION, "$PAM_FILE_INCLUDE_SESSION", [pam file session])
+
+dnl ---------------------------------------------------------------------------
+dnl - check OS
+dnl ---------------------------------------------------------------------------
+case "$host_os" in
+ *linux*)
+ ;;
+ *solaris*)
+ AC_DEFINE([HAVE_SOLARIS], 1, [Is this a Solaris system?])
+ ;;
+ *freebsd*)
+ AC_DEFINE([HAVE_FREEBSD], 1, [Is this a FreeBSD system?])
+ ;;
+esac
+
+
# ********************
# Internationalisation
# ********************
@@ -158,6 +405,7 @@ AC_OUTPUT([
Makefile
actions/Makefile
data/Makefile
+data/polkit-1
src/Makefile
src/polkit/Makefile
src/polkitbackend/Makefile
@@ -191,9 +439,21 @@ echo "
cppflags: ${CPPFLAGS}
xsltproc: ${XSLTPROC}
+ Distribution/OS: ${with_os_type}
+ user for PolicyKit: ${POLKIT_USER}
+ authentication framework: ${POLKIT_AUTHFW}
+ PAM support: ${have_pam}"
+
+if test "$have_pam" = yes ; then
+echo "
+ PAM file auth: ${PAM_FILE_INCLUDE_AUTH}
+ PAM file account: ${PAM_FILE_INCLUDE_ACCOUNT}
+ PAM file password: ${PAM_FILE_INCLUDE_PASSWORD}
+ PAM file session: ${PAM_FILE_INCLUDE_SESSION}"
+fi
+
+echo "
Maintainer mode: ${USE_MAINTAINER_MODE}
- Building unit tests: ${enable_tests}
- GCC coverage profiling: ${enable_gcov}
Building verbose mode: ${enable_verbose_mode}
Building api docs: ${enable_gtk_doc}
Building man pages: ${enable_man_pages}
diff --git a/data/Makefile.am b/data/Makefile.am
index 319217b..92e8df4 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -14,9 +14,14 @@ dbusconf_DATA = $(dbusconf_in_files:.conf.in=.conf)
$(dbusconf_DATA): $(dbusconf_in_files) Makefile
@sed -e "s|\@polkituser\@|$(POLKIT_USER)|" $< > $@
+if POLKIT_AUTHFW_PAM
+pamdir = $(sysconfdir)/pam.d
+pam_DATA = polkit-1
+endif
+
CLEANFILES = $(BUILT_SOURCES)
-EXTRA_DIST = org.freedesktop.PolicyKit1.Authority.xml $(service_in_files) $(dbusconf_in_files)
+EXTRA_DIST = org.freedesktop.PolicyKit1.Authority.xml $(service_in_files) $(dbusconf_in_files) polkit-1.in
clean-local :
rm -f *~ $(service_DATA) $(dbusconf_DATA)
diff --git a/data/polkit-1.in b/data/polkit-1.in
new file mode 100644
index 0000000..142dadd
--- /dev/null
+++ b/data/polkit-1.in
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+auth include @PAM_FILE_INCLUDE_AUTH@
+account include @PAM_FILE_INCLUDE_ACCOUNT@
+password include @PAM_FILE_INCLUDE_PASSWORD@
+session include @PAM_FILE_INCLUDE_SESSION@
commit 899454b37ceb20ad34b2ccb8983710136b7bd7d7
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 19:08:10 2009 -0500
restrict add/remove of temporary authorizations to users
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 79a1e7c..fdb6449 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -589,6 +589,16 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
/* TODO: check if caller is authorized */
+ /* We can only add temporary authorizations to users, not e.g. groups */
+ if (subject != NULL && !POLKIT_IS_UNIX_USER (identity))
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Can only add temporary authorizations to users");
+ goto out;
+ }
+
if (!add_authorization_for_identity (local_authority,
identity,
authorization,
@@ -602,6 +612,7 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
polkit_backend_authority_add_authorization_finish (pending_call);
}
+ out:
g_free (subject_str);
}
@@ -641,6 +652,16 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
/* TODO: check if caller is authorized */
+ /* We can only remove temporary authorizations to users, not e.g. groups */
+ if (subject != NULL && !POLKIT_IS_UNIX_USER (identity))
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Can only remove temporary authorizations from users");
+ goto out;
+ }
+
if (!remove_authorization_for_identity (local_authority,
identity,
authorization,
@@ -654,6 +675,8 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
polkit_backend_authority_remove_authorization_finish (pending_call);
}
+ out:
+
g_free (subject_str);
}
commit ce7a3643787a58def1344f49db0c27d9f3acedd2
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 19:03:07 2009 -0500
rename check_temporary_authorization_for_subject() to something more logical
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index c9e7b93..79a1e7c 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -60,7 +60,7 @@ static gboolean check_authorization_for_identity (PolkitBackendLocalAuthority *a
PolkitIdentity *identity,
const gchar *action_id);
-static gboolean check_temporary_authorization_for_subject (PolkitBackendLocalAuthority *authority,
+static gboolean check_temporary_authorization_for_identity (PolkitBackendLocalAuthority *authority,
PolkitIdentity *identity,
PolkitSubject *subject,
const gchar *action_id);
@@ -481,7 +481,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
/* TODO: first see if there's an implicit authorization for subject available */
/* then see if there's a temporary authorization for the subject */
- if (check_temporary_authorization_for_subject (local_authority, user_of_subject, subject, action_id))
+ if (check_temporary_authorization_for_identity (local_authority, user_of_subject, subject, action_id))
{
g_debug (" is authorized (has temporary authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
@@ -496,7 +496,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
goto out;
}
- /* then see if we have an authorization for any of the groups the user is in */
+ /* then see if we have a permanent authorization for any of the groups the user is in */
groups_of_user = get_groups_for_user (local_authority, user_of_subject);
for (l = groups_of_user; l != NULL; l = l->next)
{
@@ -1147,10 +1147,10 @@ check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
}
static gboolean
-check_temporary_authorization_for_subject (PolkitBackendLocalAuthority *authority,
- PolkitIdentity *identity,
- PolkitSubject *subject,
- const gchar *action_id)
+check_temporary_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ PolkitSubject *subject,
+ const gchar *action_id)
{
AuthorizationStore *store;
gboolean result;
commit a0faf5619bfb0c6c78ed7f4109c562959ce8611a
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 19:00:08 2009 -0500
make it possible to grant/revoke/use authorizations from groups
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index febbf0b..c9e7b93 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -24,6 +24,8 @@
#include <pwd.h>
#include <grp.h>
#include <string.h>
+#include <glib/gstdio.h>
+
#include <polkit/polkit.h>
#include "polkitbackendlocalauthority.h"
#include "polkitbackendactionpool.h"
@@ -825,6 +827,24 @@ authorization_store_save_permanent_authorizations (AuthorizationStore *store,
gboolean ret;
ret = FALSE;
+ str = NULL;
+
+ /* simply unlink the file if there are no authorizations */
+ if (store->authorizations == NULL)
+ {
+ if (g_unlink (store->path) != 0)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot remove authorization. Error unlinking file %s: %m",
+ store->path);
+ goto out;
+ }
+
+ ret = TRUE;
+ goto out;
+ }
s = g_string_new ("# polkit-1 " PACKAGE_VERSION " authorizations file\n"
"#\n"
@@ -1151,8 +1171,42 @@ static GList *
get_groups_for_user (PolkitBackendLocalAuthority *authority,
PolkitIdentity *user)
{
- /* TODO */
- return NULL;
+ uid_t uid;
+ struct passwd *passwd;
+ GList *result;
+ gid_t groups[512];
+ int num_groups = 512;
+ int n;
+
+ result = NULL;
+
+ /* TODO: it would be, uhm, good to cache this information */
+
+ uid = polkit_unix_user_get_uid (POLKIT_UNIX_USER (user));
+ passwd = getpwuid (uid);
+ if (passwd == NULL)
+ {
+ g_warning ("No user with uid %d", uid);
+ goto out;
+ }
+
+ /* TODO: should resize etc etc etc */
+
+ if (getgrouplist (passwd->pw_name,
+ passwd->pw_gid,
+ groups,
+ &num_groups) < 0)
+ {
+ g_warning ("Error looking up groups for uid %d: %m", uid);
+ goto out;
+ }
+
+ for (n = 0; n < num_groups; n++)
+ result = g_list_prepend (result, polkit_unix_group_new (groups[n]));
+
+ out:
+
+ return result;
}
static GList *
commit 594a6d50b8eb26aaaf512bdd10501343e697ccbf
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 18:34:40 2009 -0500
implement adding/removing temporary authorizations
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index 38efe66..f2f2d2c 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -62,12 +62,14 @@
<command>polkit-1 grant</command>
<arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg><option>--subject <replaceable>subject</replaceable></option></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>polkit-1 revoke</command>
<arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg><option>--subject <replaceable>subject</replaceable></option></arg>
</cmdsynopsis>
<cmdsynopsis>
@@ -211,10 +213,13 @@
<command>polkit-1 grant</command>
<arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg><option>--subject <replaceable>subject</replaceable></option></arg>
</para>
<para>
- Grants an authorization to <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>.
- See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
+ Grants an authorization to <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>
+ optionally constraining its use for <replaceable>subject</replaceable>.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>
+ and <xref linkend="polkit-1-subject"/> for details about <replaceable>subject</replaceable>.
</para>
</refsect2>
@@ -223,10 +228,13 @@
<command>polkit-1 revoke</command>
<arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg><option>--subject <replaceable>subject</replaceable></option></arg>
</para>
<para>
- Revokes an authorization from <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>.
- See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
+ Revokes an authorization from <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>
+ which, optionally, is constrained to <replaceable>subject</replaceable>.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>
+ and <xref linkend="polkit-1-subject"/> for details about <replaceable>subject</replaceable>.
</para>
</refsect2>
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index a9d000f..febbf0b 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -59,6 +59,7 @@ static gboolean check_authorization_for_identity (PolkitBackendLocalAuthority *a
const gchar *action_id);
static gboolean check_temporary_authorization_for_subject (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
PolkitSubject *subject,
const gchar *action_id);
@@ -478,7 +479,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
/* TODO: first see if there's an implicit authorization for subject available */
/* then see if there's a temporary authorization for the subject */
- if (check_temporary_authorization_for_subject (local_authority, subject, action_id))
+ if (check_temporary_authorization_for_subject (local_authority, user_of_subject, subject, action_id))
{
g_debug (" is authorized (has temporary authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
@@ -672,7 +673,11 @@ static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
static PolkitAuthorization *authorization_store_find_permanent_authorization (AuthorizationStore *store,
- const gchar *action_id);
+ const gchar *action_id);
+
+static PolkitAuthorization *authorization_store_find_temporary_authorization (AuthorizationStore *store,
+ PolkitSubject *subject,
+ const gchar *action_id);
static gboolean authorization_store_add_authorization (AuthorizationStore *store,
PolkitAuthorization *authorization,
@@ -897,6 +902,37 @@ authorization_store_find_permanent_authorization (AuthorizationStore *store,
return ret;
}
+static PolkitAuthorization *
+authorization_store_find_temporary_authorization (AuthorizationStore *store,
+ PolkitSubject *subject,
+ const gchar *action_id)
+{
+ GList *l;
+ PolkitAuthorization *ret;
+
+ ret = NULL;
+
+ for (l = store->temporary_authorizations; l != NULL; l = l->next)
+ {
+ PolkitAuthorization *authorization = POLKIT_AUTHORIZATION (l->data);
+ const gchar *authorization_action_id;
+ PolkitSubject *authorization_subject;
+
+ authorization_action_id = polkit_authorization_get_action_id (authorization);
+ authorization_subject = polkit_authorization_get_subject (authorization);
+
+ if (strcmp (authorization_action_id, action_id) == 0 &&
+ polkit_subject_equal (authorization_subject, subject))
+ {
+ ret = authorization;
+ goto out;
+ }
+ }
+
+ out:
+ return ret;
+}
+
static gboolean
authorization_store_add_authorization (AuthorizationStore *store,
PolkitAuthorization *authorization,
@@ -913,11 +949,27 @@ authorization_store_add_authorization (AuthorizationStore *store,
if (subject != NULL)
{
- g_set_error (error,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "Temporary authorizations not yet implemented");
- goto out;
+ /* check if authorization is already present */
+ if (authorization_store_find_temporary_authorization (store, subject, action_id) != NULL)
+ {
+ gchar *subject_str;
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot add authorization. Identity already has an authorization for %s for the subject %s",
+ action_id,
+ subject_str);
+
+ g_free (subject_str);
+ goto out;
+ }
+
+ store->temporary_authorizations = g_list_prepend (store->temporary_authorizations, g_object_ref (authorization));
+
+ ret = TRUE;
}
else
{
@@ -956,6 +1008,7 @@ authorization_store_remove_authorization (AuthorizationStore *store,
gboolean ret;
PolkitSubject *subject;
const gchar *action_id;
+ PolkitAuthorization *target;
ret = FALSE;
@@ -964,15 +1017,32 @@ authorization_store_remove_authorization (AuthorizationStore *store,
if (subject != NULL)
{
- g_set_error (error,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "Temporary authorizations not yet implemented");
+
+ target = authorization_store_find_temporary_authorization (store, subject, action_id);
+
+ if (target == NULL)
+ {
+ gchar *subject_str;
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot remove authorization. Identity doesn't has an authorization for %s constrained to the subject %s", action_id, subject_str);
+
+ g_free (subject_str);
+ goto out;
+ }
+
+ store->temporary_authorizations = g_list_remove (store->temporary_authorizations, target);
+
+ ret = TRUE;
+
goto out;
}
else
{
- PolkitAuthorization *target;
GList *old_list;
target = authorization_store_find_permanent_authorization (store, action_id);
@@ -1058,11 +1128,23 @@ check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
static gboolean
check_temporary_authorization_for_subject (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
PolkitSubject *subject,
const gchar *action_id)
{
- /* TODO */
- return FALSE;
+ AuthorizationStore *store;
+ gboolean result;
+
+ result = FALSE;
+
+ store = get_authorization_store_for_identity (authority, identity);
+ if (store == NULL)
+ goto out;
+
+ result = (authorization_store_find_temporary_authorization (store, subject, action_id) != NULL);
+
+ out:
+ return result;
}
static GList *
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 83c3313..ce730fb 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -175,7 +175,7 @@ main (int argc, char *argv[])
goto out;
}
- action_id = g_strdup (argv[n++]);
+ action_id = g_strdup (argv[n]);
}
else if (strcmp (argv[n], "grant") == 0)
{
@@ -203,7 +203,7 @@ main (int argc, char *argv[])
goto out;
}
- action_id = g_strdup (argv[n++]);
+ action_id = g_strdup (argv[n]);
}
else if (strcmp (argv[n], "revoke") == 0)
{
@@ -231,7 +231,24 @@ main (int argc, char *argv[])
goto out;
}
- action_id = g_strdup (argv[n++]);
+ action_id = g_strdup (argv[n]);
+ }
+ else if (strcmp (argv[n], "--subject") == 0)
+ {
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ subject = polkit_subject_from_string (argv[n], &error);
+ if (subject == NULL)
+ {
+ g_printerr ("Error parsing subject: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
}
else if (strcmp (argv[n], "--help") == 0)
{
@@ -779,9 +796,27 @@ list_explicit_authorizations (void)
action_id = polkit_authorization_get_action_id (authorization);
- /* TODO: verbose */
+ if (opt_verbose)
+ {
+ gchar *constrain_str;
+ PolkitSubject *subject;
- g_print ("%s\n", action_id);
+ subject = polkit_authorization_get_subject (authorization);
+ if (subject != NULL)
+ constrain_str = polkit_subject_to_string (subject);
+ else
+ constrain_str = g_strdup ("<nothing>");
+
+ g_print ("%s:\n", action_id);
+ g_print (" constrained to: %s\n", constrain_str);
+ g_print ("\n");
+
+ g_free (constrain_str);
+ }
+ else
+ {
+ g_print ("%s\n", action_id);
+ }
}
g_list_foreach (authorizations, (GFunc) g_object_unref, NULL);
@@ -806,7 +841,7 @@ do_grant (void)
ret = FALSE;
authorization = polkit_authorization_new (action_id,
- NULL, /* TODO: handle subject */
+ subject,
FALSE); /* TODO: handle negative */
if (!polkit_authority_add_authorization_sync (authority,
@@ -842,7 +877,7 @@ do_revoke (void)
ret = FALSE;
authorization = polkit_authorization_new (action_id,
- NULL, /* TODO: handle subject */
+ subject,
FALSE); /* TODO: handle negative */
if (!polkit_authority_remove_authorization_sync (authority,
commit ad8345a908c6ed2851e2f76340f575b0aa4cc510
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 17:48:09 2009 -0500
implement grant and revoke for permanent authorizations
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index ff77bbc..a9d000f 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -68,6 +68,16 @@ static GList *get_groups_for_user (PolkitBackendLocalAuthority *authority,
static GList *get_authorizations_for_identity (PolkitBackendLocalAuthority *authority,
PolkitIdentity *identity);
+static gboolean add_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ PolkitAuthorization *authorization,
+ GError **error);
+
+static gboolean remove_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ PolkitAuthorization *authorization,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
@@ -554,11 +564,13 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
const gchar *action_id;
gboolean is_negative;
gchar *subject_str;
+ GError *error;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
subject_str = NULL;
+ error = NULL;
subject = polkit_authorization_get_subject (authorization);
action_id = polkit_authorization_get_action_id (authorization);
@@ -574,11 +586,18 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
/* TODO: check if caller is authorized */
- polkit_backend_pending_call_return_error (pending_call,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented (subject=%s action_id=%s is_negative=%d)",
- subject_str, action_id, is_negative);
+ if (!add_authorization_for_identity (local_authority,
+ identity,
+ authorization,
+ &error))
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ }
+ else
+ {
+ polkit_backend_authority_add_authorization_finish (pending_call);
+ }
g_free (subject_str);
}
@@ -597,11 +616,13 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
const gchar *action_id;
gboolean is_negative;
gchar *subject_str;
+ GError *error;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
subject_str = NULL;
+ error = NULL;
subject = polkit_authorization_get_subject (authorization);
action_id = polkit_authorization_get_action_id (authorization);
@@ -617,11 +638,18 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
/* TODO: check if caller is authorized */
- polkit_backend_pending_call_return_error (pending_call,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented (subject=%s action_id=%s is_negative=%d)",
- subject_str, action_id, is_negative);
+ if (!remove_authorization_for_identity (local_authority,
+ identity,
+ authorization,
+ &error))
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ }
+ else
+ {
+ polkit_backend_authority_remove_authorization_finish (pending_call);
+ }
g_free (subject_str);
}
@@ -640,14 +668,24 @@ struct AuthorizationStore
};
-static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
-static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
+static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
+static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
-static gboolean authorization_store_has_permanent_authorization (AuthorizationStore *store,
- const gchar *action_id);
+static PolkitAuthorization *authorization_store_find_permanent_authorization (AuthorizationStore *store,
+ const gchar *action_id);
+
+static gboolean authorization_store_add_authorization (AuthorizationStore *store,
+ PolkitAuthorization *authorization,
+ GError **error);
+
+static gboolean authorization_store_remove_authorization (AuthorizationStore *store,
+ PolkitAuthorization *authorization,
+ GError **error);
/* private */
-static void authorization_store_reload_permanent_authorizations (AuthorizationStore *store);
+static void authorization_store_reload_permanent_authorizations (AuthorizationStore *store);
+static gboolean authorization_store_save_permanent_authorizations (AuthorizationStore *store,
+ GError **error);
static void
authorization_store_free (AuthorizationStore *store)
@@ -766,10 +804,59 @@ authorization_store_reload_permanent_authorizations (AuthorizationStore *store)
}
g_strfreev (lines);
+ store->authorizations = g_list_reverse (store->authorizations);
+
out:
g_free (data);
}
+static gboolean
+authorization_store_save_permanent_authorizations (AuthorizationStore *store,
+ GError **error)
+{
+ GString *s;
+ gchar *str;
+ GList *l;
+ gboolean ret;
+
+ ret = FALSE;
+
+ s = g_string_new ("# polkit-1 " PACKAGE_VERSION " authorizations file\n"
+ "#\n"
+ "# Do not edit, use polkit-1(1) to manipulate authorizations\n"
+ "#\n"
+ "\n");
+
+ for (l = store->authorizations; l != NULL; l = l->next)
+ {
+ PolkitAuthorization *authorization = POLKIT_AUTHORIZATION (l->data);
+ const gchar *action_id;
+ gboolean is_negative;
+
+ action_id = polkit_authorization_get_action_id (authorization);
+ is_negative = polkit_authorization_get_is_negative (authorization);
+
+ g_string_append_printf (s, "%s %d\n", action_id, is_negative);
+ }
+
+ str = g_string_free (s, FALSE);
+
+ if (!g_file_set_contents (store->path,
+ str,
+ strlen (str),
+ error))
+ goto out;
+
+ ret = TRUE;
+
+ out:
+
+ g_free (str);
+
+ return ret;
+}
+
+
/* caller must free list after unreffing all elements */
static GList *
authorization_store_get_all_authorizations (AuthorizationStore *store)
@@ -784,14 +871,14 @@ authorization_store_get_all_authorizations (AuthorizationStore *store)
return result;
}
-static gboolean
-authorization_store_has_permanent_authorization (AuthorizationStore *store,
- const gchar *action_id)
+static PolkitAuthorization *
+authorization_store_find_permanent_authorization (AuthorizationStore *store,
+ const gchar *action_id)
{
GList *l;
- gboolean ret;
+ PolkitAuthorization *ret;
- ret = FALSE;
+ ret = NULL;
for (l = store->authorizations; l != NULL; l = l->next)
{
@@ -801,9 +888,119 @@ authorization_store_has_permanent_authorization (AuthorizationStore *store,
authorization_action_id = polkit_authorization_get_action_id (authorization);
if (strcmp (authorization_action_id, action_id) == 0)
{
- ret = TRUE;
+ ret = authorization;
+ goto out;
+ }
+ }
+
+ out:
+ return ret;
+}
+
+static gboolean
+authorization_store_add_authorization (AuthorizationStore *store,
+ PolkitAuthorization *authorization,
+ GError **error)
+{
+ gboolean ret;
+ PolkitSubject *subject;
+ const gchar *action_id;
+
+ ret = FALSE;
+
+ action_id = polkit_authorization_get_action_id (authorization);
+ subject = polkit_authorization_get_subject (authorization);
+
+ if (subject != NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Temporary authorizations not yet implemented");
+ goto out;
+ }
+ else
+ {
+ /* check if authorization is already present */
+ if (authorization_store_find_permanent_authorization (store, action_id) != NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot add authorization. Identity already has an authorization for %s", action_id);
+ goto out;
+ }
+
+ store->authorizations = g_list_prepend (store->authorizations, g_object_ref (authorization));
+
+ if (!authorization_store_save_permanent_authorizations (store, error))
+ {
+ /* roll back then */
+ store->authorizations = g_list_remove (store->authorizations, authorization);
+ g_object_unref (authorization);
goto out;
}
+
+ ret = TRUE;
+ }
+
+ out:
+ return ret;
+}
+
+static gboolean
+authorization_store_remove_authorization (AuthorizationStore *store,
+ PolkitAuthorization *authorization,
+ GError **error)
+{
+ gboolean ret;
+ PolkitSubject *subject;
+ const gchar *action_id;
+
+ ret = FALSE;
+
+ action_id = polkit_authorization_get_action_id (authorization);
+ subject = polkit_authorization_get_subject (authorization);
+
+ if (subject != NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Temporary authorizations not yet implemented");
+ goto out;
+ }
+ else
+ {
+ PolkitAuthorization *target;
+ GList *old_list;
+
+ target = authorization_store_find_permanent_authorization (store, action_id);
+
+ if (target == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Cannot remove authorization. Identity doesn't has an authorization for %s", action_id);
+ goto out;
+ }
+
+ old_list = g_list_copy (store->authorizations);
+
+ store->authorizations = g_list_remove (store->authorizations, target);
+
+ if (!authorization_store_save_permanent_authorizations (store, error))
+ {
+ /* roll back then */
+ g_list_free (store->authorizations);
+ store->authorizations = old_list;
+ goto out;
+ }
+
+ g_object_unref (target);
+
+ ret = TRUE;
}
out:
@@ -853,7 +1050,7 @@ check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
if (store == NULL)
goto out;
- result = authorization_store_has_permanent_authorization (store, action_id);
+ result = (authorization_store_find_permanent_authorization (store, action_id) != NULL);
out:
return result;
@@ -895,4 +1092,62 @@ get_authorizations_for_identity (PolkitBackendLocalAuthority *authority,
return result;
}
+static gboolean
+add_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ PolkitAuthorization *authorization,
+ GError **error)
+{
+ AuthorizationStore *store;
+ gboolean ret;
+
+ ret = FALSE;
+
+ store = get_authorization_store_for_identity (authority, identity);
+ if (store == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Malformed identity");
+ goto out;
+ }
+
+ ret = authorization_store_add_authorization (store,
+ authorization,
+ error);
+
+ out:
+ return ret;
+}
+
+static gboolean
+remove_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ PolkitAuthorization *authorization,
+ GError **error)
+{
+ AuthorizationStore *store;
+ gboolean ret;
+
+ ret = FALSE;
+
+ store = get_authorization_store_for_identity (authority, identity);
+ if (store == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Malformed identity");
+ goto out;
+ }
+
+ ret = authorization_store_remove_authorization (store,
+ authorization,
+ error);
+
+ out:
+ return ret;
+}
+
/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 1b31371..9ed4127 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -107,7 +107,10 @@ polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pen
EggDBusArraySeq *array;
GList *l;
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_ACTION_DESCRIPTION, (GDestroyNotify) g_object_unref, NULL, NULL);
+ array = egg_dbus_array_seq_new (G_TYPE_OBJECT, //_POLKIT_TYPE_ACTION_DESCRIPTION,
+ (GDestroyNotify) g_object_unref,
+ NULL,
+ NULL);
for (l = actions; l != NULL; l = l->next)
{
@@ -150,7 +153,10 @@ polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pendi
EggDBusArraySeq *array;
GList *l;
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_IDENTITY, (GDestroyNotify) g_object_unref, NULL, NULL);
+ array = egg_dbus_array_seq_new (G_TYPE_OBJECT, //_POLKIT_TYPE_IDENTITY,
+ (GDestroyNotify) g_object_unref,
+ NULL,
+ NULL);
for (l = users; l != NULL; l = l->next)
{
@@ -193,7 +199,10 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend
EggDBusArraySeq *array;
GList *l;
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_IDENTITY, (GDestroyNotify) g_object_unref, NULL, NULL);
+ array = egg_dbus_array_seq_new (G_TYPE_OBJECT, //_POLKIT_TYPE_IDENTITY,
+ (GDestroyNotify) g_object_unref,
+ NULL,
+ NULL);
for (l = groups; l != NULL; l = l->next)
{
@@ -280,7 +289,10 @@ polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCa
EggDBusArraySeq *array;
GList *l;
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_AUTHORIZATION, (GDestroyNotify) g_object_unref, NULL, NULL);
+ array = egg_dbus_array_seq_new (G_TYPE_OBJECT, //_POLKIT_TYPE_AUTHORIZATION,
+ (GDestroyNotify) g_object_unref,
+ NULL,
+ NULL);
for (l = authorizations; l != NULL; l = l->next)
{
commit ae62e84cab5f548658b0e8b3ed6bcf00a058dff6
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 16:45:49 2009 -0500
make CheckAuthorization() use permanent authorizations on disk
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index ba726ff..ff77bbc 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -45,12 +45,8 @@ typedef struct
struct AuthorizationStore;
typedef struct AuthorizationStore AuthorizationStore;
-static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
-
static void authorization_store_free (AuthorizationStore *store);
-static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
-
/* ---------------------------------------------------------------------------------------------------- */
static AuthorizationStore *get_authorization_store_for_identity (PolkitBackendLocalAuthority *authority,
@@ -474,6 +470,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
/* then see if there's a temporary authorization for the subject */
if (check_temporary_authorization_for_subject (local_authority, subject, action_id))
{
+ g_debug (" is authorized (has temporary authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
@@ -481,6 +478,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
/* then see if we have an authorization for the user */
if (check_authorization_for_identity (local_authority, user_of_subject, action_id))
{
+ g_debug (" is authorized (user identity has authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
@@ -493,20 +491,13 @@ check_authorization_sync (PolkitBackendAuthority *authority,
if (check_authorization_for_identity (local_authority, group, action_id))
{
+ g_debug (" is authorized (group identity has authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
}
-#if 0
- g_set_error (error,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented (subject=%s action_id=%s)",
- subject_str, action_id);
-#endif
-
- /* TODO */
+ g_debug (" not authorized");
out:
g_free (subject_str);
@@ -517,6 +508,8 @@ check_authorization_sync (PolkitBackendAuthority *authority,
if (user_of_subject != NULL)
g_object_unref (user_of_subject);
+ g_debug (" ");
+
return result;
}
@@ -538,7 +531,7 @@ polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority
g_debug ("enumerating authorizations for %s", identity_str);
- /* TODO: check caller is authorized */
+ /* TODO: check if caller is authorized */
polkit_backend_authority_enumerate_authorizations_finish (pending_call,
get_authorizations_for_identity (local_authority,
@@ -579,6 +572,8 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
action_id,
is_negative);
+ /* TODO: check if caller is authorized */
+
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
@@ -620,6 +615,8 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
action_id,
is_negative);
+ /* TODO: check if caller is authorized */
+
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
@@ -643,6 +640,12 @@ struct AuthorizationStore
};
+static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
+static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
+
+static gboolean authorization_store_has_permanent_authorization (AuthorizationStore *store,
+ const gchar *action_id);
+
/* private */
static void authorization_store_reload_permanent_authorizations (AuthorizationStore *store);
@@ -740,6 +743,10 @@ authorization_store_reload_permanent_authorizations (AuthorizationStore *store)
gboolean is_negative;
PolkitAuthorization *authorization;
+ /* skip blank lines and comments */
+ if (strlen (line) == 0 || line[0] == '#')
+ continue;
+
tokens = g_strsplit (line, " ", 0);
num_tokens = g_strv_length (tokens);
@@ -777,6 +784,32 @@ authorization_store_get_all_authorizations (AuthorizationStore *store)
return result;
}
+static gboolean
+authorization_store_has_permanent_authorization (AuthorizationStore *store,
+ const gchar *action_id)
+{
+ GList *l;
+ gboolean ret;
+
+ ret = FALSE;
+
+ for (l = store->authorizations; l != NULL; l = l->next)
+ {
+ PolkitAuthorization *authorization = POLKIT_AUTHORIZATION (l->data);
+ const gchar *authorization_action_id;
+
+ authorization_action_id = polkit_authorization_get_action_id (authorization);
+ if (strcmp (authorization_action_id, action_id) == 0)
+ {
+ ret = TRUE;
+ goto out;
+ }
+ }
+
+ out:
+ return ret;
+}
+
/* ---------------------------------------------------------------------------------------------------- */
static AuthorizationStore *
@@ -811,8 +844,19 @@ check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
PolkitIdentity *identity,
const gchar *action_id)
{
- /* TODO */
- return FALSE;
+ AuthorizationStore *store;
+ gboolean result;
+
+ result = FALSE;
+
+ store = get_authorization_store_for_identity (authority, identity);
+ if (store == NULL)
+ goto out;
+
+ result = authorization_store_has_permanent_authorization (store, action_id);
+
+ out:
+ return result;
}
static gboolean
@@ -839,6 +883,8 @@ get_authorizations_for_identity (PolkitBackendLocalAuthority *authority,
AuthorizationStore *store;
GList *result;
+ result = NULL;
+
store = get_authorization_store_for_identity (authority, identity);
if (store == NULL)
goto out;
commit 44681b9542249f11fd11ab7365928c8d7a74781b
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 16:29:35 2009 -0500
begin writing the implementation of the local authorization backend
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index b9f3e98..ba726ff 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -36,8 +36,44 @@ typedef struct
PolkitBackendSessionMonitor *session_monitor;
+ GHashTable *hash_identity_to_authority_store;
+
} PolkitBackendLocalAuthorityPrivate;
+/* ---------------------------------------------------------------------------------------------------- */
+
+struct AuthorizationStore;
+typedef struct AuthorizationStore AuthorizationStore;
+
+static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
+
+static void authorization_store_free (AuthorizationStore *store);
+
+static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static AuthorizationStore *get_authorization_store_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity);
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ const gchar *action_id);
+
+static gboolean check_temporary_authorization_for_subject (PolkitBackendLocalAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id);
+
+static GList *get_groups_for_user (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *user);
+
+static GList *get_authorizations_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity);
+
+/* ---------------------------------------------------------------------------------------------------- */
+
static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
const gchar *locale,
PolkitBackendPendingCall *pending_call);
@@ -74,6 +110,8 @@ static void polkit_backend_local_authority_remove_authorization (PolkitBackendAu
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
+/* ---------------------------------------------------------------------------------------------------- */
+
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
@@ -90,6 +128,11 @@ polkit_backend_local_authority_init (PolkitBackendLocalAuthority *local_authorit
priv->action_pool = polkit_backend_action_pool_new (action_desc_directory);
g_object_unref (action_desc_directory);
+ priv->hash_identity_to_authority_store = g_hash_table_new_full ((GHashFunc) polkit_identity_hash,
+ (GEqualFunc) polkit_identity_equal,
+ (GDestroyNotify) g_object_unref,
+ (GDestroyNotify) authorization_store_free);
+
priv->session_monitor = polkit_backend_session_monitor_new ();
}
@@ -108,6 +151,8 @@ polkit_backend_local_authority_finalize (GObject *object)
if (priv->session_monitor != NULL)
g_object_unref (priv->session_monitor);
+ g_hash_table_unref (priv->hash_identity_to_authority_store);
+
G_OBJECT_CLASS (polkit_backend_local_authority_parent_class)->finalize (object);
}
@@ -328,13 +373,12 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
{
/* TODO */
result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
-#if 0
+
result = check_authorization_sync (authority,
- user_of_inquirer,
+ inquirer,
"org.freedesktop.policykit.read",
POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE, /* no user interaction */
&error);
-#endif
if (error != NULL)
{
@@ -348,7 +392,7 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
POLKIT_ERROR,
POLKIT_ERROR_NOT_AUTHORIZED,
"%s is not authorized to know about authorizations for %s (requires org.freedesktop.policykit.read authorization)",
- user_of_inquirer_str,
+ inquirer_str,
subject_str);
goto out;
}
@@ -393,12 +437,16 @@ check_authorization_sync (PolkitBackendAuthority *authority,
PolkitAuthorizationResult result;
PolkitIdentity *user_of_subject;
gchar *subject_str;
+ GList *groups_of_user;
+ GList *l;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+
user_of_subject = NULL;
+ groups_of_user = NULL;
subject_str = NULL;
subject_str = polkit_subject_to_string (subject);
@@ -407,19 +455,49 @@ check_authorization_sync (PolkitBackendAuthority *authority,
subject_str,
action_id);
+ /* every subject has a user */
user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
subject,
error);
if (user_of_subject == NULL)
goto out;
+ /* special case: uid 0, root, is _always_ authorized for anything */
if (POLKIT_IS_UNIX_USER (user_of_subject) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_subject)) == 0)
{
- /* uid 0, root, is _always_ authorized for anything */
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
+ /* TODO: first see if there's an implicit authorization for subject available */
+
+ /* then see if there's a temporary authorization for the subject */
+ if (check_temporary_authorization_for_subject (local_authority, subject, action_id))
+ {
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+ goto out;
+ }
+
+ /* then see if we have an authorization for the user */
+ if (check_authorization_for_identity (local_authority, user_of_subject, action_id))
+ {
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+ goto out;
+ }
+
+ /* then see if we have an authorization for any of the groups the user is in */
+ groups_of_user = get_groups_for_user (local_authority, user_of_subject);
+ for (l = groups_of_user; l != NULL; l = l->next)
+ {
+ PolkitIdentity *group = POLKIT_IDENTITY (l->data);
+
+ if (check_authorization_for_identity (local_authority, group, action_id))
+ {
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+ goto out;
+ }
+ }
+
#if 0
g_set_error (error,
POLKIT_ERROR,
@@ -429,11 +507,13 @@ check_authorization_sync (PolkitBackendAuthority *authority,
#endif
/* TODO */
- result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
out:
g_free (subject_str);
+ g_list_foreach (groups_of_user, (GFunc) g_object_unref, NULL);
+ g_list_free (groups_of_user);
+
if (user_of_subject != NULL)
g_object_unref (user_of_subject);
@@ -458,10 +538,11 @@ polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority
g_debug ("enumerating authorizations for %s", identity_str);
- polkit_backend_pending_call_return_error (pending_call,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented (identity=%s)", identity_str);
+ /* TODO: check caller is authorized */
+
+ polkit_backend_authority_enumerate_authorizations_finish (pending_call,
+ get_authorizations_for_identity (local_authority,
+ identity));
g_free (identity_str);
}
@@ -549,3 +630,223 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
}
/* ---------------------------------------------------------------------------------------------------- */
+
+struct AuthorizationStore
+{
+ PolkitIdentity *identity;
+
+ gchar *path;
+
+ GList *authorizations;
+
+ GList *temporary_authorizations;
+
+};
+
+/* private */
+static void authorization_store_reload_permanent_authorizations (AuthorizationStore *store);
+
+static void
+authorization_store_free (AuthorizationStore *store)
+{
+ g_object_unref (store->identity);
+ g_list_foreach (store->authorizations, (GFunc) g_object_unref, NULL);
+ g_list_free (store->authorizations);
+ g_list_foreach (store->temporary_authorizations, (GFunc) g_object_unref, NULL);
+ g_list_free (store->temporary_authorizations);
+ g_free (store->path);
+ g_free (store);
+}
+
+static AuthorizationStore *
+authorization_store_new (PolkitIdentity *identity)
+{
+ AuthorizationStore *store;
+ gchar *filename;
+ gchar *identity_str;
+
+ store = NULL;
+ filename = NULL;
+
+ identity_str = polkit_identity_to_string (identity);
+
+ if (POLKIT_IS_UNIX_USER (identity))
+ {
+ filename = g_strdup_printf ("unix-user-%s.authz", identity_str + sizeof ("unix-user:") - 1);
+ }
+ else if (POLKIT_IS_UNIX_GROUP (identity))
+ {
+ filename = g_strdup_printf ("unix-group-%s.authz", identity_str + sizeof ("unix-group:") - 1);
+ }
+ else
+ {
+ g_error ("Unknown identity %s", identity_str);
+ goto out;
+ }
+
+ store = g_new0 (AuthorizationStore, 1);
+ store->identity = g_object_ref (identity);
+
+ if (filename != NULL)
+ store->path = g_strdup_printf (PACKAGE_LOCALSTATE_DIR "/lib/polkit-1/%s", filename);
+
+ authorization_store_reload_permanent_authorizations (store);
+
+ out:
+ g_free (filename);
+ g_free (identity_str);
+ return store;
+}
+
+static void
+authorization_store_reload_permanent_authorizations (AuthorizationStore *store)
+{
+ GError *error;
+ gchar *data;
+ gchar **lines;
+ gint n;
+
+ error = NULL;
+ data = NULL;
+
+ g_list_foreach (store->authorizations, (GFunc) g_object_unref, NULL);
+ g_list_free (store->authorizations);
+ store->authorizations = NULL;
+
+ if (store->path == NULL)
+ goto out;
+
+ if (!g_file_get_contents (store->path,
+ &data,
+ NULL,
+ &error))
+ {
+ /* it's not a bug if the file doesn't exist */
+ if (error->code != G_FILE_ERROR_NOENT)
+ {
+ g_warning ("Error loading authorizations file at %s: %s", store->path, error->message);
+ }
+ g_error_free (error);
+ goto out;
+ }
+
+ lines = g_strsplit (data, "\n", 0);
+ for (n = 0; lines[n] != NULL; n++)
+ {
+ gchar *line = lines[n];
+ gchar **tokens;
+ guint num_tokens;
+ const gchar *action_id;
+ gboolean is_negative;
+ PolkitAuthorization *authorization;
+
+ tokens = g_strsplit (line, " ", 0);
+ num_tokens = g_strv_length (tokens);
+
+ if (num_tokens != 2)
+ {
+ g_warning ("Malformed authorizations line '%s' in file %s at line %d", line, store->path, n);
+ g_strfreev (tokens);
+ continue;
+ }
+
+ action_id = tokens[0];
+ is_negative = (strcmp (tokens[1], "1") == 0);
+
+ authorization = polkit_authorization_new (action_id, NULL, is_negative);
+
+ store->authorizations = g_list_prepend (store->authorizations, authorization);
+ }
+ g_strfreev (lines);
+
+ out:
+ g_free (data);
+}
+
+/* caller must free list after unreffing all elements */
+static GList *
+authorization_store_get_all_authorizations (AuthorizationStore *store)
+{
+ GList *result;
+
+ result = g_list_copy (store->authorizations);
+ result = g_list_concat (result, g_list_copy (store->temporary_authorizations));
+
+ g_list_foreach (result, (GFunc) g_object_ref, NULL);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static AuthorizationStore *
+get_authorization_store_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity)
+{
+ PolkitBackendLocalAuthorityPrivate *priv;
+ AuthorizationStore *store;
+
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
+
+ store = g_hash_table_lookup (priv->hash_identity_to_authority_store, identity);
+ if (store != NULL)
+ goto out;
+
+ store = authorization_store_new (identity);
+ if (store == NULL)
+ goto out;
+
+ g_hash_table_insert (priv->hash_identity_to_authority_store,
+ g_object_ref (identity),
+ store);
+
+ out:
+ return store;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean
+check_authorization_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity,
+ const gchar *action_id)
+{
+ /* TODO */
+ return FALSE;
+}
+
+static gboolean
+check_temporary_authorization_for_subject (PolkitBackendLocalAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id)
+{
+ /* TODO */
+ return FALSE;
+}
+
+static GList *
+get_groups_for_user (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *user)
+{
+ /* TODO */
+ return NULL;
+}
+
+static GList *
+get_authorizations_for_identity (PolkitBackendLocalAuthority *authority,
+ PolkitIdentity *identity)
+{
+ AuthorizationStore *store;
+ GList *result;
+
+ store = get_authorization_store_for_identity (authority, identity);
+ if (store == NULL)
+ goto out;
+
+ result = authorization_store_get_all_authorizations (store);
+
+ out:
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
commit f95ca7ac7d25946c877f6de8ac083a6b8597ef14
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 16:28:59 2009 -0500
add a hash() method to PolkitIdentity
diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c
index 0d88f0d..36436af 100644
--- a/src/polkit/polkitidentity.c
+++ b/src/polkit/polkitidentity.c
@@ -65,6 +65,12 @@ polkit_identity_get_type (void)
return iface_type;
}
+guint
+polkit_identity_hash (PolkitIdentity *identity)
+{
+ return POLKIT_IDENTITY_GET_IFACE (identity)->hash (identity);
+}
+
gboolean
polkit_identity_equal (PolkitIdentity *a,
PolkitIdentity *b)
diff --git a/src/polkit/polkitidentity.h b/src/polkit/polkitidentity.h
index 5bebcd4..2b81008 100644
--- a/src/polkit/polkitidentity.h
+++ b/src/polkit/polkitidentity.h
@@ -42,6 +42,8 @@ struct _PolkitIdentityIface
{
GTypeInterface parent_iface;
+ guint (*hash) (PolkitIdentity *identity);
+
gboolean (*equal) (PolkitIdentity *a,
PolkitIdentity *b);
@@ -49,6 +51,7 @@ struct _PolkitIdentityIface
};
GType polkit_identity_get_type (void) G_GNUC_CONST;
+guint polkit_identity_hash (PolkitIdentity *a);
gboolean polkit_identity_equal (PolkitIdentity *a,
PolkitIdentity *b);
gchar *polkit_identity_to_string (PolkitIdentity *identity);
diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c
index 67f6387..fc8bf04 100644
--- a/src/polkit/polkitunixgroup.c
+++ b/src/polkit/polkitunixgroup.c
@@ -183,6 +183,16 @@ polkit_unix_group_new_for_name (const gchar *name,
return identity;
}
+static guint
+polkit_unix_group_hash (PolkitIdentity *identity)
+{
+ PolkitUnixGroup *group;
+
+ group = POLKIT_UNIX_GROUP (identity);
+
+ return g_direct_hash (GINT_TO_POINTER (((gint) (group->gid)) * 2 + 1));
+}
+
static gboolean
polkit_unix_group_equal (PolkitIdentity *a,
PolkitIdentity *b)
@@ -213,6 +223,7 @@ polkit_unix_group_to_string (PolkitIdentity *identity)
static void
identity_iface_init (PolkitIdentityIface *identity_iface)
{
+ identity_iface->hash = polkit_unix_group_hash;
identity_iface->equal = polkit_unix_group_equal;
identity_iface->to_string = polkit_unix_group_to_string;
}
diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c
index 830fc79..a70d64a 100644
--- a/src/polkit/polkitunixuser.c
+++ b/src/polkit/polkitunixuser.c
@@ -196,6 +196,16 @@ polkit_unix_user_equal (PolkitIdentity *a,
return user_a->uid == user_b->uid;
}
+static guint
+polkit_unix_user_hash (PolkitIdentity *identity)
+{
+ PolkitUnixUser *user;
+
+ user = POLKIT_UNIX_USER (identity);
+
+ return g_direct_hash (GINT_TO_POINTER (((gint) (user->uid)) * 2));
+}
+
static gchar *
polkit_unix_user_to_string (PolkitIdentity *identity)
{
@@ -213,6 +223,7 @@ polkit_unix_user_to_string (PolkitIdentity *identity)
static void
identity_iface_init (PolkitIdentityIface *identity_iface)
{
+ identity_iface->hash = polkit_unix_user_hash;
identity_iface->equal = polkit_unix_user_equal;
identity_iface->to_string = polkit_unix_user_to_string;
}
commit aa46c2f39da71c0f85029fd52c8631d13b006ef7
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 14:53:48 2009 -0500
forgot to add new PolkitIdentity interface
diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c
new file mode 100644
index 0000000..0d88f0d
--- /dev/null
+++ b/src/polkit/polkitidentity.c
@@ -0,0 +1,205 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+
+#include "polkitidentity.h"
+#include "polkitunixuser.h"
+#include "polkitunixgroup.h"
+#include "polkiterror.h"
+#include "polkitprivate.h"
+
+static void
+base_init (gpointer g_iface)
+{
+}
+
+GType
+polkit_identity_get_type (void)
+{
+ static GType iface_type = 0;
+
+ if (iface_type == 0)
+ {
+ static const GTypeInfo info =
+ {
+ sizeof (PolkitIdentityIface),
+ base_init, /* base_init */
+ NULL, /* base_finalize */
+ NULL, /* class_init */
+ NULL, /* class_finalize */
+ NULL, /* class_data */
+ 0, /* instance_size */
+ 0, /* n_preallocs */
+ NULL, /* instance_init */
+ NULL /* value_table */
+ };
+
+ iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitIdentity", &info, 0);
+
+ g_type_interface_add_prerequisite (iface_type, G_TYPE_OBJECT);
+ }
+
+ return iface_type;
+}
+
+gboolean
+polkit_identity_equal (PolkitIdentity *a,
+ PolkitIdentity *b)
+{
+ if (!g_type_is_a (G_TYPE_FROM_INSTANCE (a), G_TYPE_FROM_INSTANCE (b)))
+ return FALSE;
+
+ return POLKIT_IDENTITY_GET_IFACE (a)->equal (a, b);
+}
+
+gchar *
+polkit_identity_to_string (PolkitIdentity *identity)
+{
+ return POLKIT_IDENTITY_GET_IFACE (identity)->to_string (identity);
+}
+
+PolkitIdentity *
+polkit_identity_from_string (const gchar *str,
+ GError **error)
+{
+ PolkitIdentity *identity;
+ guint64 val;
+ gchar *endptr;
+
+ g_return_val_if_fail (str != NULL, NULL);
+
+ /* TODO: we could do something with VFuncs like in g_icon_from_string() */
+
+ identity = NULL;
+
+ if (g_str_has_prefix (str, "unix-user:"))
+ {
+ val = g_ascii_strtoull (str + sizeof "unix-user:" - 1,
+ &endptr,
+ 10);
+ if (*endptr == '\0')
+ identity = polkit_unix_user_new ((uid_t) val);
+ else
+ identity = polkit_unix_user_new_for_name (str + sizeof "unix-user:" - 1,
+ error);
+ }
+ else if (g_str_has_prefix (str, "unix-group:"))
+ {
+ val = g_ascii_strtoull (str + sizeof "unix-group:" - 1,
+ &endptr,
+ 10);
+ if (*endptr == '\0')
+ identity = polkit_unix_group_new ((gid_t) val);
+ else
+ identity = polkit_unix_group_new_for_name (str + sizeof "unix-group:" - 1,
+ error);
+ }
+
+ if (identity == NULL && (error != NULL && *error == NULL))
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Malformed identity string '%s'",
+ str);
+ }
+
+
+ return identity;
+}
+
+PolkitIdentity *
+polkit_identity_new_for_real (_PolkitIdentity *real)
+{
+ PolkitIdentity *s;
+ const gchar *kind;
+ EggDBusHashMap *details;
+ EggDBusVariant *variant;
+
+ s = NULL;
+
+ kind = _polkit_identity_get_identity_kind (real);
+ details = _polkit_identity_get_identity_details (real);
+
+ if (strcmp (kind, "unix-user") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "uid");
+ s = polkit_unix_user_new (egg_dbus_variant_get_uint (variant));
+ }
+ else if (strcmp (kind, "unix-group") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "gid");
+ s = polkit_unix_group_new (egg_dbus_variant_get_uint (variant));
+ }
+ else
+ {
+ g_warning ("Unknown identity kind %s:", kind);
+ }
+
+ return s;
+}
+
+_PolkitIdentity *
+polkit_identity_get_real (PolkitIdentity *identity)
+{
+ _PolkitIdentity *real;
+ const gchar *kind;
+ EggDBusHashMap *details;
+
+ real = NULL;
+ kind = NULL;
+ details = egg_dbus_hash_map_new (G_TYPE_STRING, NULL, EGG_DBUS_TYPE_VARIANT, (GDestroyNotify) g_object_unref);
+
+ if (POLKIT_IS_UNIX_USER (identity))
+ {
+ kind = "unix-user";
+ egg_dbus_hash_map_insert (details,
+ "uid",
+ egg_dbus_variant_new_for_uint (polkit_unix_user_get_uid (POLKIT_UNIX_USER (identity))));
+ }
+ else if (POLKIT_IS_UNIX_GROUP (identity))
+ {
+ kind = "unix-group";
+ egg_dbus_hash_map_insert (details,
+ "gid",
+ egg_dbus_variant_new_for_uint (polkit_unix_group_get_gid (POLKIT_UNIX_GROUP (identity))));
+ }
+ else
+ {
+ g_warning ("Unknown class %s implementing PolkitIdentity", g_type_name (G_TYPE_FROM_INSTANCE (identity)));
+ }
+
+ if (kind != NULL)
+ {
+ real = _polkit_identity_new (kind, details);
+ }
+
+ if (details != NULL)
+ g_object_unref (details);
+
+ return real;
+}
+
diff --git a/src/polkit/polkitidentity.h b/src/polkit/polkitidentity.h
new file mode 100644
index 0000000..5bebcd4
--- /dev/null
+++ b/src/polkit/polkitidentity.h
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_IDENTITY_H
+#define __POLKIT_IDENTITY_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_IDENTITY (polkit_identity_get_type())
+#define POLKIT_IDENTITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_IDENTITY, PolkitIdentity))
+#define POLKIT_IS_IDENTITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_IDENTITY))
+#define POLKIT_IDENTITY_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_IDENTITY, PolkitIdentityIface))
+
+#if 0
+typedef struct _PolkitIdentity PolkitIdentity; /* Dummy typedef */
+#endif
+typedef struct _PolkitIdentityIface PolkitIdentityIface;
+
+struct _PolkitIdentityIface
+{
+ GTypeInterface parent_iface;
+
+ gboolean (*equal) (PolkitIdentity *a,
+ PolkitIdentity *b);
+
+ gchar * (*to_string) (PolkitIdentity *identity);
+};
+
+GType polkit_identity_get_type (void) G_GNUC_CONST;
+gboolean polkit_identity_equal (PolkitIdentity *a,
+ PolkitIdentity *b);
+gchar *polkit_identity_to_string (PolkitIdentity *identity);
+PolkitIdentity *polkit_identity_from_string (const gchar *str,
+ GError **error);
+
+G_END_DECLS
+
+#endif /* __POLKIT_IDENTITY_H */
commit dea6b10fc197cbec5b394eee256ebb3416100e1b
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 19 14:52:46 2009 -0500
split Subject into Subject and Identity and revise API
... also remove EnumerateSessions
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index f258c53..6b33bc1 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -17,6 +17,21 @@
</annotation>
+ <!-- Identity struct -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="Identity">
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:identity_kind">
+ <annotation name="org.gtk.EggDBus.DocString" value="Kind of identity"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="a{sv}:identity_details">
+ <annotation name="org.gtk.EggDBus.DocString" value="Details about the identity"/>
+ </annotation>
+
+ <!-- TODO: document values in hash map for each identity type-->
+
+ </annotation>
+
<!-- ActionDescription struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="ActionDescription">
@@ -99,19 +114,13 @@
<method name="EnumerateUsers">
<arg name="users" direction="out" type="a(sa{sv})">
- <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ <annotation name="org.gtk.EggDBus.StructType" value="Identity"/>
</arg>
</method>
<method name="EnumerateGroups">
<arg name="groups" direction="out" type="a(sa{sv})">
- <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
- </arg>
- </method>
-
- <method name="EnumerateSessions">
- <arg name="sessions" direction="out" type="a(sa{sv})">
- <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ <annotation name="org.gtk.EggDBus.StructType" value="Identity"/>
</arg>
</method>
@@ -137,26 +146,37 @@
</method>
<method name="AddAuthorization">
+ <arg name="identity" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Identity"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The identity to add @authorization to"/>
+ </arg>
<arg name="authorization" direction="in" type="(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The authorization to add for @identity"/>
</arg>
</method>
<method name="RemoveAuthorization">
+ <arg name="identity" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Identity"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The identity to remove @authorization from"/>
+ </arg>
<arg name="authorization" direction="in" type="(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The authorization to remove from @identity"/>
</arg>
</method>
<method name="EnumerateAuthorizations">
- <arg name="subject" direction="in" type="(sa{sv})">
- <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ <arg name="identity" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Identity"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The identity to enumerate authorizations for"/>
</arg>
<arg name="authorizations" direction="out" type="a(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="An array of authorizations for @identity"/>
</arg>
</method>
-
</interface>
</node>
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index 680b964..38efe66 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -42,16 +42,11 @@
</arg>
<arg choice="plain">
<sbr/>
- sessions
- <arg><option>--verbose</option></arg>
- </arg>
- <arg choice="plain">
- <sbr/>
authorizations
</arg>
<arg choice="plain">
<sbr/>
- explicit-authorizations <replaceable>subject</replaceable>
+ explicit-authorizations <replaceable>identity</replaceable>
<arg><option>--verbose</option></arg>
</arg>
</group>
@@ -65,13 +60,13 @@
<cmdsynopsis>
<command>polkit-1 grant</command>
- <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>polkit-1 revoke</command>
- <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
</cmdsynopsis>
@@ -159,8 +154,9 @@
</para>
<para>
Lists all users.
- The returned identifiers can be used as <replaceable>subject</replaceable> parameters.
+ The returned identifiers can be used as <replaceable>identity</replaceable> parameters.
Prints detailed information about each user if <option>--verbose</option> is given.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
</para>
</refsect2>
@@ -171,20 +167,9 @@
</para>
<para>
Lists all groups.
- The returned identifiers can be used as <replaceable>subject</replaceable> parameters.
+ The returned identifiers can be used as <replaceable>identity</replaceable> parameters.
Prints detailed information about each group if <option>--verbose</option> is given.
- </para>
- </refsect2>
-
- <refsect2>
- <para>
- <command>polkit-1 list sessions</command>
- <arg><option>--verbose</option></arg>
- </para>
- <para>
- Lists all sessions.
- The returned identifiers can be used as <replaceable>subject</replaceable> parameters.
- Prints detailed information about each session if <option>--verbose</option> is given.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
</para>
</refsect2>
@@ -199,12 +184,13 @@
<refsect2>
<para>
- <command>polkit-1 list explicit-authorizations <replaceable>subject</replaceable></command>
+ <command>polkit-1 list explicit-authorizations <replaceable>identity</replaceable></command>
<arg><option>--verbose</option></arg>
</para>
<para>
- Lists all explicit authorizations for <replaceable>subject</replaceable>.
+ Lists all explicit authorizations for <replaceable>identity</replaceable>.
Prints detailed information about each authorization if <option>--verbose</option> is given.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
</para>
</refsect2>
@@ -216,28 +202,31 @@
</para>
<para>
Checks if <replaceable>subject</replaceable> is authorized for <replaceable>action-id</replaceable>.
+ See <xref linkend="polkit-1-subject"/> for details about <replaceable>subject</replaceable>.
</para>
</refsect2>
<refsect2>
<para>
<command>polkit-1 grant</command>
- <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
</para>
<para>
- Grants an authorization to <replaceable>subject</replaceable> for <replaceable>action-id</replaceable>.
+ Grants an authorization to <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
</para>
</refsect2>
<refsect2>
<para>
<command>polkit-1 revoke</command>
- <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>identity</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
</para>
<para>
- Revokes an authorization from <replaceable>subject</replaceable> for <replaceable>action-id</replaceable>.
+ Revokes an authorization from <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>.
+ See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>.
</para>
</refsect2>
@@ -319,6 +308,20 @@
</refsect1>
+ <refsect1 id="polkit-1-subject">
+ <title>SUBJECTS</title>
+ <para>
+ TODO: Write me.
+ </para>
+ </refsect1>
+
+ <refsect1 id="polkit-1-identity">
+ <title>IDENTITIES</title>
+ <para>
+ TODO: Write me.
+ </para>
+ </refsect1>
+
<refsect1><title>AUTHOR</title>
<para>
Written by David Zeuthen <email>davidz at redhat.com</email> with
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index df9a03d..6a779f1 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -69,14 +69,18 @@
<xi:include href="xml/polkitactiondescription.xml"/>
<xi:include href="xml/polkiterror.xml"/>
<chapter id="subjects">
- <title>Subjects and Identities</title>
+ <title>Subjects</title>
<xi:include href="xml/polkitsubject.xml"/>
- <xi:include href="xml/polkitunixuser.xml"/>
- <xi:include href="xml/polkitunixgroup.xml"/>
<xi:include href="xml/polkitunixprocess.xml"/>
<xi:include href="xml/polkitunixsession.xml"/>
<xi:include href="xml/polkitsystembusname.xml"/>
</chapter>
+ <chapter id="Identities">
+ <title>Identities</title>
+ <xi:include href="xml/polkitidentity.xml"/>
+ <xi:include href="xml/polkitunixuser.xml"/>
+ <xi:include href="xml/polkitunixgroup.xml"/>
+ </chapter>
<chapter id="extending">
<title>Extending PolicyKit</title>
<xi:include href="../polkitbackend/xml/polkitbackendauthority.xml"/>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 4b490e3..89752db 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -26,6 +26,7 @@ BUILT_SOURCES = \
_polkitbindingstypes.h \
_polkiterror.c _polkiterror.h \
_polkitsubject.c _polkitsubject.h \
+ _polkitidentity.c _polkitidentity.h \
$(NULL)
$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -45,11 +46,12 @@ libpolkit_gobject_1include_HEADERS = \
polkitauthority.h \
polkiterror.h \
polkitsubject.h \
- polkitunixuser.h \
- polkitunixgroup.h \
polkitunixprocess.h \
polkitunixsession.h \
polkitsystembusname.h \
+ polkitidentity.h \
+ polkitunixuser.h \
+ polkitunixgroup.h \
polkitauthorizationresult.h \
polkitcheckauthorizationflags.h \
polkitauthorization.h \
@@ -62,11 +64,12 @@ libpolkit_gobject_1_la_SOURCES = \
polkitauthority.c polkitauthority.h \
polkiterror.c polkiterror.h \
polkitsubject.c polkitsubject.h \
- polkitunixuser.c polkitunixuser.h \
- polkitunixgroup.c polkitunixgroup.h \
polkitunixprocess.c polkitunixprocess.h \
polkitunixsession.c polkitunixsession.h \
polkitsystembusname.c polkitsystembusname.h \
+ polkitidentity.c polkitidentity.h \
+ polkitunixuser.c polkitunixuser.h \
+ polkitunixgroup.c polkitunixgroup.h \
polkitauthorizationresult.c polkitauthorizationresult.h \
polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
polkitauthorization.c polkitauthorization.h \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 7f025eb..19d130d 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -26,9 +26,10 @@
#include <polkit/polkitactiondescription.h>
#include <polkit/polkiterror.h>
-#include <polkit/polkitsubject.h>
+#include <polkit/polkitidentity.h>
#include <polkit/polkitunixuser.h>
#include <polkit/polkitunixgroup.h>
+#include <polkit/polkitsubject.h>
#include <polkit/polkitunixprocess.h>
#include <polkit/polkitunixsession.h>
#include <polkit/polkitsystembusname.h>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 31450b4..6a17036 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -289,11 +289,11 @@ polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
for (n = 0; n < array_seq->size; n++)
{
- _PolkitSubject *real_subject;
+ _PolkitIdentity *real_identity;
- real_subject = array_seq->data.v_ptr[n];
+ real_identity = array_seq->data.v_ptr[n];
- result = g_list_prepend (result, polkit_subject_new_for_real (real_subject));
+ result = g_list_prepend (result, polkit_identity_new_for_real (real_identity));
}
result = g_list_reverse (result);
@@ -385,11 +385,11 @@ polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
for (n = 0; n < array_seq->size; n++)
{
- _PolkitSubject *real_subject;
+ _PolkitIdentity *real_identity;
- real_subject = array_seq->data.v_ptr[n];
+ real_identity = array_seq->data.v_ptr[n];
- result = g_list_prepend (result, polkit_subject_new_for_real (real_subject));
+ result = g_list_prepend (result, polkit_identity_new_for_real (real_identity));
}
result = g_list_reverse (result);
@@ -424,102 +424,6 @@ polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
/* ---------------------------------------------------------------------------------------------------- */
static guint
-polkit_authority_enumerate_sessions_async (PolkitAuthority *authority,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
-{
- guint call_id;
- GSimpleAsyncResult *simple;
-
- simple = g_simple_async_result_new (G_OBJECT (authority),
- callback,
- user_data,
- polkit_authority_enumerate_sessions_async);
-
- call_id = _polkit_authority_enumerate_sessions (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- cancellable,
- generic_async_cb,
- simple);
-
- return call_id;
-}
-
-void
-polkit_authority_enumerate_sessions (PolkitAuthority *authority,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
-{
- polkit_authority_enumerate_sessions_async (authority, cancellable, callback, user_data);
-}
-
-GList *
-polkit_authority_enumerate_sessions_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error)
-{
- EggDBusArraySeq *array_seq;
- GList *result;
- guint n;
- GSimpleAsyncResult *simple;
- GAsyncResult *real_res;
-
- simple = G_SIMPLE_ASYNC_RESULT (res);
- real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
-
- g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_sessions_async);
-
- result = NULL;
-
- if (!_polkit_authority_enumerate_sessions_finish (authority->real,
- &array_seq,
- real_res,
- error))
- goto out;
-
- for (n = 0; n < array_seq->size; n++)
- {
- _PolkitSubject *real_subject;
-
- real_subject = array_seq->data.v_ptr[n];
-
- result = g_list_prepend (result, polkit_subject_new_for_real (real_subject));
- }
-
- result = g_list_reverse (result);
-
- g_object_unref (array_seq);
-
- out:
- g_object_unref (real_res);
- return result;
-}
-
-GList *
-polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority,
- GCancellable *cancellable,
- GError **error)
-{
- guint call_id;
- GAsyncResult *res;
- GList *result;
-
- call_id = polkit_authority_enumerate_sessions_async (authority, cancellable, generic_cb, &res);
-
- egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
-
- result = polkit_authority_enumerate_sessions_finish (authority, res, error);
-
- g_object_unref (res);
-
- return result;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static guint
polkit_authority_check_authorization_async (PolkitAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -631,42 +535,46 @@ polkit_authority_check_authorization_sync (PolkitAuthority *author
static guint
polkit_authority_enumerate_authorizations_async (PolkitAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
guint call_id;
GSimpleAsyncResult *simple;
- _PolkitSubject *real_subject;
+ _PolkitIdentity *real_identity;
simple = g_simple_async_result_new (G_OBJECT (authority),
callback,
user_data,
polkit_authority_enumerate_authorizations_async);
- real_subject = polkit_subject_get_real (subject);
+ real_identity = polkit_identity_get_real (identity);
call_id = _polkit_authority_enumerate_authorizations (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
- real_subject,
+ real_identity,
cancellable,
generic_async_cb,
simple);
- g_object_unref (real_subject);
+ g_object_unref (real_identity);
return call_id;
}
void
polkit_authority_enumerate_authorizations (PolkitAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
- polkit_authority_enumerate_authorizations_async (authority, subject, cancellable, callback, user_data);
+ polkit_authority_enumerate_authorizations_async (authority,
+ identity,
+ cancellable,
+ callback,
+ user_data);
}
GList *
@@ -714,7 +622,7 @@ polkit_authority_enumerate_authorizations_finish (PolkitAuthority *authority,
GList *
polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
GCancellable *cancellable,
GError **error)
{
@@ -722,7 +630,11 @@ polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
GAsyncResult *res;
GList *result;
- call_id = polkit_authority_enumerate_authorizations_async (authority, subject, cancellable, generic_cb, &res);
+ call_id = polkit_authority_enumerate_authorizations_async (authority,
+ identity,
+ cancellable,
+ generic_cb,
+ &res);
egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
@@ -737,6 +649,7 @@ polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
static guint
polkit_authority_add_authorization_async (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
@@ -745,34 +658,44 @@ polkit_authority_add_authorization_async (PolkitAuthority *authority,
guint call_id;
GSimpleAsyncResult *simple;
_PolkitAuthorization *real_authorization;
+ _PolkitIdentity *real_identity;
simple = g_simple_async_result_new (G_OBJECT (authority),
callback,
user_data,
polkit_authority_add_authorization_async);
+ real_identity = polkit_identity_get_real (identity);
real_authorization = polkit_authorization_get_real (authorization);
call_id = _polkit_authority_add_authorization (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
+ real_identity,
real_authorization,
cancellable,
generic_async_cb,
simple);
g_object_unref (real_authorization);
+ g_object_unref (real_identity);
return call_id;
}
void
polkit_authority_add_authorization (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
- polkit_authority_add_authorization_async (authority, authorization, cancellable, callback, user_data);
+ polkit_authority_add_authorization_async (authority,
+ identity,
+ authorization,
+ cancellable,
+ callback,
+ user_data);
}
gboolean
@@ -804,6 +727,7 @@ polkit_authority_add_authorization_finish (PolkitAuthority *authority,
gboolean
polkit_authority_add_authorization_sync (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GError **error)
@@ -812,7 +736,12 @@ polkit_authority_add_authorization_sync (PolkitAuthority *authority,
GAsyncResult *res;
gboolean ret;
- call_id = polkit_authority_add_authorization_async (authority, authorization, cancellable, generic_cb, &res);
+ call_id = polkit_authority_add_authorization_async (authority,
+ identity,
+ authorization,
+ cancellable,
+ generic_cb,
+ &res);
egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
@@ -827,6 +756,7 @@ polkit_authority_add_authorization_sync (PolkitAuthority *authority,
static guint
polkit_authority_remove_authorization_async (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
@@ -835,34 +765,44 @@ polkit_authority_remove_authorization_async (PolkitAuthority *authority,
guint call_id;
GSimpleAsyncResult *simple;
_PolkitAuthorization *real_authorization;
+ _PolkitIdentity *real_identity;
simple = g_simple_async_result_new (G_OBJECT (authority),
callback,
user_data,
polkit_authority_remove_authorization_async);
+ real_identity = polkit_identity_get_real (identity);
real_authorization = polkit_authorization_get_real (authorization);
call_id = _polkit_authority_remove_authorization (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- real_authorization,
- cancellable,
- generic_async_cb,
- simple);
+ EGG_DBUS_CALL_FLAGS_NONE,
+ real_identity,
+ real_authorization,
+ cancellable,
+ generic_async_cb,
+ simple);
g_object_unref (real_authorization);
+ g_object_unref (real_identity);
return call_id;
}
void
polkit_authority_remove_authorization (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
- polkit_authority_remove_authorization_async (authority, authorization, cancellable, callback, user_data);
+ polkit_authority_remove_authorization_async (authority,
+ identity,
+ authorization,
+ cancellable,
+ callback,
+ user_data);
}
gboolean
@@ -894,6 +834,7 @@ polkit_authority_remove_authorization_finish (PolkitAuthority *authority,
gboolean
polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GError **error)
@@ -902,7 +843,12 @@ polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
GAsyncResult *res;
gboolean ret;
- call_id = polkit_authority_remove_authorization_async (authority, authorization, cancellable, generic_cb, &res);
+ call_id = polkit_authority_remove_authorization_async (authority,
+ identity,
+ authorization,
+ cancellable,
+ generic_cb,
+ &res);
egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index e5937a2..bd41107 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -59,10 +59,6 @@ GList *polkit_authority_enumerate_groups_sync (PolkitAuthori
GCancellable *cancellable,
GError **error);
-GList *polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority,
- GCancellable *cancellable,
- GError **error);
-
PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -71,16 +67,18 @@ PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuth
GError **error);
GList *polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_add_authorization_sync (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GError **error);
@@ -115,15 +113,6 @@ GList * polkit_authority_enumerate_groups_finish (PolkitAutho
GAsyncResult *res,
GError **error);
-void polkit_authority_enumerate_sessions (PolkitAuthority *authority,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data);
-
-GList * polkit_authority_enumerate_sessions_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error);
-
void polkit_authority_check_authorization (PolkitAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -137,7 +126,7 @@ PolkitAuthorizationResult polkit_authority_check_authorization_finish (PolkitAu
GError **error);
void polkit_authority_enumerate_authorizations (PolkitAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
@@ -147,6 +136,7 @@ GList * polkit_authority_enumerate_authorizations_finish (Pol
GError **error);
void polkit_authority_add_authorization (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
@@ -157,6 +147,7 @@ gboolean polkit_authority_add_authorization_finish (PolkitAuth
GError **error);
void polkit_authority_remove_authorization (PolkitAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index 9eec3a2..2ec46b5 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -39,6 +39,9 @@ _PolkitActionDescription *polkit_action_description_get_real (PolkitActionDe
PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real);
_PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
+PolkitIdentity *polkit_identity_new_for_real (_PolkitIdentity *real);
+_PolkitIdentity *polkit_identity_get_real (PolkitIdentity *identity);
+
PolkitAuthorization *polkit_authorization_new_for_real (_PolkitAuthorization *real);
_PolkitAuthorization *polkit_authorization_get_real (PolkitAuthorization *authorization);
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index e34bddc..5df1a65 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -26,8 +26,6 @@
#include <string.h>
#include "polkitsubject.h"
-#include "polkitunixuser.h"
-#include "polkitunixgroup.h"
#include "polkitunixprocess.h"
#include "polkitunixsession.h"
#include "polkitsystembusname.h"
@@ -98,29 +96,7 @@ polkit_subject_from_string (const gchar *str,
subject = NULL;
- if (g_str_has_prefix (str, "unix-user:"))
- {
- val = g_ascii_strtoull (str + sizeof "unix-user:" - 1,
- &endptr,
- 10);
- if (*endptr == '\0')
- subject = polkit_unix_user_new ((uid_t) val);
- else
- subject = polkit_unix_user_new_for_name (str + sizeof "unix-user:" - 1,
- error);
- }
- else if (g_str_has_prefix (str, "unix-group:"))
- {
- val = g_ascii_strtoull (str + sizeof "unix-group:" - 1,
- &endptr,
- 10);
- if (*endptr == '\0')
- subject = polkit_unix_group_new ((gid_t) val);
- else
- subject = polkit_unix_group_new_for_name (str + sizeof "unix-group:" - 1,
- error);
- }
- else if (g_str_has_prefix (str, "unix-process:"))
+ if (g_str_has_prefix (str, "unix-process:"))
{
val = g_ascii_strtoull (str + sizeof "unix-process:" - 1,
&endptr,
@@ -176,15 +152,9 @@ polkit_subject_new_for_real (_PolkitSubject *real)
kind = _polkit_subject_get_subject_kind (real);
details = _polkit_subject_get_subject_details (real);
- if (strcmp (kind, "unix-user") == 0)
- {
- variant = egg_dbus_hash_map_lookup (details, "uid");
- s = polkit_unix_user_new (egg_dbus_variant_get_uint (variant));
- }
- else if (strcmp (kind, "unix-group") == 0)
+ if (strcmp (kind, "") == 0)
{
- variant = egg_dbus_hash_map_lookup (details, "gid");
- s = polkit_unix_group_new (egg_dbus_variant_get_uint (variant));
+ /* explicitly left blank (for subjects that are NULL) */
}
else if (strcmp (kind, "unix-process") == 0)
{
@@ -222,19 +192,9 @@ polkit_subject_get_real (PolkitSubject *subject)
kind = NULL;
details = egg_dbus_hash_map_new (G_TYPE_STRING, NULL, EGG_DBUS_TYPE_VARIANT, (GDestroyNotify) g_object_unref);
- if (POLKIT_IS_UNIX_USER (subject))
+ if (subject == NULL)
{
- kind = "unix-user";
- egg_dbus_hash_map_insert (details,
- "uid",
- egg_dbus_variant_new_for_uint (polkit_unix_user_get_uid (POLKIT_UNIX_USER (subject))));
- }
- else if (POLKIT_IS_UNIX_GROUP (subject))
- {
- kind = "unix-group";
- egg_dbus_hash_map_insert (details,
- "gid",
- egg_dbus_variant_new_for_uint (polkit_unix_group_get_gid (POLKIT_UNIX_GROUP (subject))));
+ kind = "";
}
else if (POLKIT_IS_UNIX_PROCESS (subject))
{
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
index bc089c4..4d6aa28 100644
--- a/src/polkit/polkittypes.h
+++ b/src/polkit/polkittypes.h
@@ -32,12 +32,6 @@ typedef struct _PolkitActionDescription PolkitActionDescription;
typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */
-struct _PolkitUnixUser;
-typedef struct _PolkitUnixUser PolkitUnixUser;
-
-struct _PolkitUnixGroup;
-typedef struct _PolkitUnixGroup PolkitUnixGroup;
-
struct _PolkitUnixProcess;
typedef struct _PolkitUnixProcess PolkitUnixProcess;
@@ -47,6 +41,14 @@ typedef struct _PolkitUnixSession PolkitUnixSession;
struct _PolkitSystemBusName;
typedef struct _PolkitSystemBusName PolkitSystemBusName;
+typedef struct _PolkitIdentity PolkitIdentity; /* Dummy typedef */
+
+struct _PolkitUnixUser;
+typedef struct _PolkitUnixUser PolkitUnixUser;
+
+struct _PolkitUnixGroup;
+typedef struct _PolkitUnixGroup PolkitUnixGroup;
+
struct _PolkitAuthorization;
typedef struct _PolkitAuthorization PolkitAuthorization;
diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c
index b5aed68..67f6387 100644
--- a/src/polkit/polkitunixgroup.c
+++ b/src/polkit/polkitunixgroup.c
@@ -26,7 +26,7 @@
#include <string.h>
#include <grp.h>
#include "polkitunixgroup.h"
-#include "polkitsubject.h"
+#include "polkitidentity.h"
#include "polkiterror.h"
#include "polkitprivate.h"
@@ -56,10 +56,10 @@ enum
PROP_GID,
};
-static void subject_iface_init (PolkitSubjectIface *subject_iface);
+static void identity_iface_init (PolkitIdentityIface *identity_iface);
G_DEFINE_TYPE_WITH_CODE (PolkitUnixGroup, polkit_unix_group, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_IDENTITY, identity_iface_init)
);
static void
@@ -149,22 +149,22 @@ polkit_unix_group_set_gid (PolkitUnixGroup *group,
group->gid = gid;
}
-PolkitSubject *
+PolkitIdentity *
polkit_unix_group_new (gid_t gid)
{
- return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_GROUP,
+ return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_GROUP,
"gid", gid,
NULL));
}
-PolkitSubject *
+PolkitIdentity *
polkit_unix_group_new_for_name (const gchar *name,
GError **error)
{
struct group *group;
- PolkitSubject *subject;
+ PolkitIdentity *identity;
- subject = NULL;
+ identity = NULL;
group = getgrnam (name);
if (group == NULL)
@@ -177,15 +177,15 @@ polkit_unix_group_new_for_name (const gchar *name,
goto out;
}
- subject = polkit_unix_group_new (group->gr_gid);
+ identity = polkit_unix_group_new (group->gr_gid);
out:
- return subject;
+ return identity;
}
static gboolean
-polkit_unix_group_equal (PolkitSubject *a,
- PolkitSubject *b)
+polkit_unix_group_equal (PolkitIdentity *a,
+ PolkitIdentity *b)
{
PolkitUnixGroup *group_a;
PolkitUnixGroup *group_b;
@@ -197,9 +197,9 @@ polkit_unix_group_equal (PolkitSubject *a,
}
static gchar *
-polkit_unix_group_to_string (PolkitSubject *subject)
+polkit_unix_group_to_string (PolkitIdentity *identity)
{
- PolkitUnixGroup *group = POLKIT_UNIX_GROUP (subject);
+ PolkitUnixGroup *group = POLKIT_UNIX_GROUP (identity);
struct group *gr;
gr = getgrgid (group->gid);
@@ -211,8 +211,8 @@ polkit_unix_group_to_string (PolkitSubject *subject)
}
static void
-subject_iface_init (PolkitSubjectIface *subject_iface)
+identity_iface_init (PolkitIdentityIface *identity_iface)
{
- subject_iface->equal = polkit_unix_group_equal;
- subject_iface->to_string = polkit_unix_group_to_string;
+ identity_iface->equal = polkit_unix_group_equal;
+ identity_iface->to_string = polkit_unix_group_to_string;
}
diff --git a/src/polkit/polkitunixgroup.h b/src/polkit/polkitunixgroup.h
index 548e963..714b1b1 100644
--- a/src/polkit/polkitunixgroup.h
+++ b/src/polkit/polkitunixgroup.h
@@ -43,8 +43,8 @@ typedef struct _PolkitUnixGroup PolkitUnixGroup;
typedef struct _PolkitUnixGroupClass PolkitUnixGroupClass;
GType polkit_unix_group_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_unix_group_new (gid_t gid);
-PolkitSubject *polkit_unix_group_new_for_name (const gchar *name,
+PolkitIdentity *polkit_unix_group_new (gid_t gid);
+PolkitIdentity *polkit_unix_group_new_for_name (const gchar *name,
GError **error);
gid_t polkit_unix_group_get_gid (PolkitUnixGroup *group);
void polkit_unix_group_set_gid (PolkitUnixGroup *group,
diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c
index ca637ba..830fc79 100644
--- a/src/polkit/polkitunixuser.c
+++ b/src/polkit/polkitunixuser.c
@@ -26,7 +26,7 @@
#include <string.h>
#include <pwd.h>
#include "polkitunixuser.h"
-#include "polkitsubject.h"
+#include "polkitidentity.h"
#include "polkiterror.h"
#include "polkitprivate.h"
@@ -56,10 +56,10 @@ enum
PROP_UID,
};
-static void subject_iface_init (PolkitSubjectIface *subject_iface);
+static void identity_iface_init (PolkitIdentityIface *identity_iface);
G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_IDENTITY, identity_iface_init)
);
static void
@@ -149,22 +149,22 @@ polkit_unix_user_set_uid (PolkitUnixUser *user,
user->uid = uid;
}
-PolkitSubject *
+PolkitIdentity *
polkit_unix_user_new (uid_t uid)
{
- return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_USER,
- "uid", uid,
- NULL));
+ return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_USER,
+ "uid", uid,
+ NULL));
}
-PolkitSubject *
+PolkitIdentity *
polkit_unix_user_new_for_name (const gchar *name,
GError **error)
{
struct passwd *passwd;
- PolkitSubject *subject;
+ PolkitIdentity *identity;
- subject = NULL;
+ identity = NULL;
passwd = getpwnam (name);
if (passwd == NULL)
@@ -177,15 +177,15 @@ polkit_unix_user_new_for_name (const gchar *name,
goto out;
}
- subject = polkit_unix_user_new (passwd->pw_uid);
+ identity = polkit_unix_user_new (passwd->pw_uid);
out:
- return subject;
+ return identity;
}
static gboolean
-polkit_unix_user_equal (PolkitSubject *a,
- PolkitSubject *b)
+polkit_unix_user_equal (PolkitIdentity *a,
+ PolkitIdentity *b)
{
PolkitUnixUser *user_a;
PolkitUnixUser *user_b;
@@ -197,9 +197,9 @@ polkit_unix_user_equal (PolkitSubject *a,
}
static gchar *
-polkit_unix_user_to_string (PolkitSubject *subject)
+polkit_unix_user_to_string (PolkitIdentity *identity)
{
- PolkitUnixUser *user = POLKIT_UNIX_USER (subject);
+ PolkitUnixUser *user = POLKIT_UNIX_USER (identity);
struct passwd *passwd;
passwd = getpwuid (user->uid);
@@ -211,8 +211,8 @@ polkit_unix_user_to_string (PolkitSubject *subject)
}
static void
-subject_iface_init (PolkitSubjectIface *subject_iface)
+identity_iface_init (PolkitIdentityIface *identity_iface)
{
- subject_iface->equal = polkit_unix_user_equal;
- subject_iface->to_string = polkit_unix_user_to_string;
+ identity_iface->equal = polkit_unix_user_equal;
+ identity_iface->to_string = polkit_unix_user_to_string;
}
diff --git a/src/polkit/polkitunixuser.h b/src/polkit/polkitunixuser.h
index 1140789..012856c 100644
--- a/src/polkit/polkitunixuser.h
+++ b/src/polkit/polkitunixuser.h
@@ -43,8 +43,8 @@ typedef struct _PolkitUnixUser PolkitUnixUser;
typedef struct _PolkitUnixUserClass PolkitUnixUserClass;
GType polkit_unix_user_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_unix_user_new (uid_t uid);
-PolkitSubject *polkit_unix_user_new_for_name (const gchar *name,
+PolkitIdentity *polkit_unix_user_new (uid_t uid);
+PolkitIdentity *polkit_unix_user_new_for_name (const gchar *name,
GError **error);
uid_t polkit_unix_user_get_uid (PolkitUnixUser *user);
void polkit_unix_user_set_uid (PolkitUnixUser *user,
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 3de7e8a..b18ac0f 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -73,17 +73,6 @@ polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
}
void
-polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call)
-{
- PolkitBackendAuthorityClass *klass;
-
- klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
-
- klass->enumerate_sessions (authority, pending_call);
-}
-
-void
polkit_backend_authority_check_authorization (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -99,18 +88,19 @@ polkit_backend_authority_check_authorization (PolkitBackendAuthority *aut
void
polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- klass->enumerate_authorizations (authority, subject, pending_call);
+ klass->enumerate_authorizations (authority, identity, pending_call);
}
void
polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
@@ -118,11 +108,12 @@ polkit_backend_authority_add_authorization (PolkitBackendAuthority *authorit
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- klass->add_authorization (authority, authorization, pending_call);
+ klass->add_authorization (authority, identity, authorization, pending_call);
}
void
polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
@@ -130,5 +121,5 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- klass->remove_authorization (authority, authorization, pending_call);
+ klass->remove_authorization (authority, identity, authorization, pending_call);
}
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 1220ada..09ef3f5 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -61,9 +61,6 @@ struct _PolkitBackendAuthorityClass
void (*enumerate_groups) (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
- void (*enumerate_sessions) (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
-
void (*check_authorization) (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -71,14 +68,16 @@ struct _PolkitBackendAuthorityClass
PolkitBackendPendingCall *pending_call);
void (*enumerate_authorizations) (PolkitBackendAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
PolkitBackendPendingCall *pending_call);
void (*add_authorization) (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
void (*remove_authorization) (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
@@ -108,9 +107,6 @@ void polkit_backend_authority_enumerate_users (PolkitBackendAuthor
void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
-void polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
-
void polkit_backend_authority_check_authorization (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -118,14 +114,16 @@ void polkit_backend_authority_check_authorization (PolkitBackendAuthor
PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
@@ -140,14 +138,11 @@ void polkit_backend_authority_enumerate_users_finish (PolkitBackend
void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
GList *groups);
-void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
- GList *sessions);
-
void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
PolkitAuthorizationResult result);
void polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCall *pending_call,
- GList *sessions);
+ GList *authorizations);
void polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pending_call);
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 5d76f16..b9f3e98 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -48,9 +48,6 @@ static void polkit_backend_local_authority_enumerate_users (PolkitBackendAuth
static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
-static void polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
-
static void polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -64,14 +61,16 @@ static PolkitAuthorizationResult check_authorization_sync (PolkitBackendAuthorit
GError **error);
static void polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
PolkitBackendPendingCall *pending_call);
static void polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
static void polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
@@ -126,7 +125,6 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
- authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
authority_class->enumerate_authorizations = polkit_backend_local_authority_enumerate_authorizations;
authority_class->add_authorization = polkit_backend_local_authority_add_authorization;
@@ -191,11 +189,11 @@ polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *author
do
{
- PolkitSubject *subject;
+ PolkitIdentity *identity;
- subject = polkit_unix_user_new (passwd->pw_uid);
+ identity = polkit_unix_user_new (passwd->pw_uid);
- list = g_list_prepend (list, subject);
+ list = g_list_prepend (list, identity);
}
while ((passwd = getpwent ()) != NULL);
endpwent ();
@@ -237,11 +235,11 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho
do
{
- PolkitSubject *subject;
+ PolkitIdentity *identity;
- subject = polkit_unix_group_new (group->gr_gid);
+ identity = polkit_unix_group_new (group->gr_gid);
- list = g_list_prepend (list, subject);
+ list = g_list_prepend (list, identity);
}
while ((group = getgrent ()) != NULL);
endgrent ();
@@ -257,24 +255,6 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho
/* ---------------------------------------------------------------------------------------------------- */
static void
-polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call)
-{
- PolkitBackendLocalAuthority *local_authority;
- PolkitBackendLocalAuthorityPrivate *priv;
- GList *list;
-
- local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
- priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
-
- list = polkit_backend_session_monitor_get_sessions (priv->session_monitor);
-
- polkit_backend_authority_enumerate_sessions_finish (pending_call, list);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority,
PolkitSubject *subject,
const gchar *action_id,
@@ -286,8 +266,8 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
PolkitSubject *inquirer;
gchar *inquirer_str;
gchar *subject_str;
- PolkitSubject *user_of_inquirer;
- PolkitSubject *user_of_subject;
+ PolkitIdentity *user_of_inquirer;
+ PolkitIdentity *user_of_subject;
gchar *user_of_inquirer_str;
gchar *user_of_subject_str;
PolkitAuthorizationResult result;
@@ -325,7 +305,7 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
goto out;
}
- user_of_inquirer_str = polkit_subject_to_string (user_of_inquirer);
+ user_of_inquirer_str = polkit_identity_to_string (user_of_inquirer);
g_debug (" user of inquirer is %s", user_of_inquirer_str);
user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
@@ -338,19 +318,23 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority
goto out;
}
- user_of_subject_str = polkit_subject_to_string (user_of_subject);
+ user_of_subject_str = polkit_identity_to_string (user_of_subject);
g_debug (" user of subject is %s", user_of_subject_str);
/* if the user of the inquirer and the user of the subject isn't the same, then
* the org.freedesktop.policykit.read authorization is required for the inquirer
*/
- if (!polkit_subject_equal (user_of_inquirer, user_of_subject))
+ if (!polkit_identity_equal (user_of_inquirer, user_of_subject))
{
+ /* TODO */
+ result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+#if 0
result = check_authorization_sync (authority,
user_of_inquirer,
"org.freedesktop.policykit.read",
POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE, /* no user interaction */
&error);
+#endif
if (error != NULL)
{
@@ -407,7 +391,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
PolkitAuthorizationResult result;
- PolkitSubject *user_of_subject;
+ PolkitIdentity *user_of_subject;
gchar *subject_str;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
@@ -460,32 +444,33 @@ check_authorization_sync (PolkitBackendAuthority *authority,
static void
polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
- PolkitSubject *subject,
+ PolkitIdentity *identity,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
- gchar *subject_str;
+ gchar *identity_str;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
- subject_str = polkit_subject_to_string (subject);
+ identity_str = polkit_identity_to_string (identity);
- g_debug ("enumerating authorizations for %s", subject_str);
+ g_debug ("enumerating authorizations for %s", identity_str);
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented (subject=%s)", subject_str);
+ "Not implemented (identity=%s)", identity_str);
- g_free (subject_str);
+ g_free (identity_str);
}
/* ---------------------------------------------------------------------------------------------------- */
static void
polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
@@ -499,14 +484,19 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+ subject_str = NULL;
+
subject = polkit_authorization_get_subject (authorization);
action_id = polkit_authorization_get_action_id (authorization);
is_negative = polkit_authorization_get_is_negative (authorization);
- subject_str = polkit_subject_to_string (subject);
+ if (subject != NULL)
+ subject_str = polkit_subject_to_string (subject);
g_debug ("add authorization with subject=%s, action_id=%s, is_negative=%d",
- subject_str, action_id, is_negative);
+ subject_str != NULL ? subject_str : "<none>",
+ action_id,
+ is_negative);
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
@@ -521,6 +511,7 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth
static void
polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitIdentity *identity,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
@@ -534,14 +525,19 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+ subject_str = NULL;
+
subject = polkit_authorization_get_subject (authorization);
action_id = polkit_authorization_get_action_id (authorization);
is_negative = polkit_authorization_get_is_negative (authorization);
- subject_str = polkit_subject_to_string (subject);
+ if (subject != NULL)
+ subject_str = polkit_subject_to_string (subject);
g_debug ("remove authorization with subject=%s, action_id=%s, is_negative=%d",
- subject_str, action_id, is_negative);
+ subject_str != NULL ? subject_str : "<none>",
+ action_id,
+ is_negative);
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 3a8637c..1b31371 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -150,14 +150,14 @@ polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pendi
EggDBusArraySeq *array;
GList *l;
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_IDENTITY, (GDestroyNotify) g_object_unref, NULL, NULL);
for (l = users; l != NULL; l = l->next)
{
- PolkitSubject *subject = POLKIT_SUBJECT (l->data);
- _PolkitSubject *real;
+ PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
+ _PolkitIdentity *real;
- real = polkit_subject_get_real (subject);
+ real = polkit_identity_get_real (identity);
egg_dbus_array_seq_add (array, real);
}
@@ -193,14 +193,14 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend
EggDBusArraySeq *array;
GList *l;
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_IDENTITY, (GDestroyNotify) g_object_unref, NULL, NULL);
for (l = groups; l != NULL; l = l->next)
{
- PolkitSubject *subject = POLKIT_SUBJECT (l->data);
- _PolkitSubject *real;
+ PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
+ _PolkitIdentity *real;
- real = polkit_subject_get_real (subject);
+ real = polkit_identity_get_real (identity);
egg_dbus_array_seq_add (array, real);
}
@@ -218,49 +218,6 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend
/* ---------------------------------------------------------------------------------------------------- */
static void
-authority_handle_enumerate_sessions (_PolkitAuthority *instance,
- EggDBusMethodInvocation *method_invocation)
-{
- PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
- PolkitBackendPendingCall *pending_call;
-
- pending_call = _polkit_backend_pending_call_new (method_invocation, server);
-
- polkit_backend_authority_enumerate_sessions (server->authority, pending_call);
-}
-
-void
-polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
- GList *sessions)
-{
- EggDBusArraySeq *array;
- GList *l;
-
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
-
- for (l = sessions; l != NULL; l = l->next)
- {
- PolkitSubject *subject = POLKIT_SUBJECT (l->data);
- _PolkitSubject *real;
-
- real = polkit_subject_get_real (subject);
- egg_dbus_array_seq_add (array, real);
- }
-
- _polkit_authority_handle_enumerate_sessions_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
- array);
-
- g_object_unref (array);
-
- g_list_foreach (sessions, (GFunc) g_object_unref, NULL);
- g_list_free (sessions);
-
- g_object_unref (pending_call);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
authority_handle_check_authorization (_PolkitAuthority *instance,
_PolkitSubject *real_subject,
const gchar *action_id,
@@ -298,21 +255,21 @@ polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *
static void
authority_handle_enumerate_authorizations (_PolkitAuthority *instance,
- _PolkitSubject *real_subject,
+ _PolkitIdentity *real_identity,
EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
PolkitBackendPendingCall *pending_call;
- PolkitSubject *subject;
+ PolkitIdentity *identity;
pending_call = _polkit_backend_pending_call_new (method_invocation, server);
- subject = polkit_subject_new_for_real (real_subject);
+ identity = polkit_identity_new_for_real (real_identity);
- g_object_set_data_full (G_OBJECT (pending_call), "subject", subject, (GDestroyNotify) g_object_unref);
+ g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref);
polkit_backend_authority_enumerate_authorizations (server->authority,
- subject,
+ identity,
pending_call);
}
@@ -349,20 +306,26 @@ polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCa
static void
authority_handle_add_authorization (_PolkitAuthority *instance,
+ _PolkitIdentity *real_identity,
_PolkitAuthorization *real_authorization,
EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
PolkitBackendPendingCall *pending_call;
+ PolkitIdentity *identity;
PolkitAuthorization *authorization;
pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+ identity = polkit_identity_new_for_real (real_identity);
+
authorization = polkit_authorization_new_for_real (real_authorization);
+ g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref);
g_object_set_data_full (G_OBJECT (pending_call), "authorization", authorization, (GDestroyNotify) g_object_unref);
polkit_backend_authority_add_authorization (server->authority,
+ identity,
authorization,
pending_call);
}
@@ -378,20 +341,26 @@ polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pe
static void
authority_handle_remove_authorization (_PolkitAuthority *instance,
+ _PolkitIdentity *real_identity,
_PolkitAuthorization *real_authorization,
EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
PolkitBackendPendingCall *pending_call;
+ PolkitIdentity *identity;
PolkitAuthorization *authorization;
pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+ identity = polkit_identity_new_for_real (real_identity);
+
authorization = polkit_authorization_new_for_real (real_authorization);
+ g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref);
g_object_set_data_full (G_OBJECT (pending_call), "authorization", authorization, (GDestroyNotify) g_object_unref);
polkit_backend_authority_remove_authorization (server->authority,
+ identity,
authorization,
pending_call);
}
@@ -411,7 +380,6 @@ authority_iface_init (_PolkitAuthorityIface *authority_iface)
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
- authority_iface->handle_enumerate_sessions = authority_handle_enumerate_sessions;
authority_iface->handle_check_authorization = authority_handle_check_authorization;
authority_iface->handle_enumerate_authorizations = authority_handle_enumerate_authorizations;
authority_iface->handle_add_authorization = authority_handle_add_authorization;
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index de69ba1..ee225ca 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -361,21 +361,17 @@ polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monito
*
* Returns: %NULL if @error is set otherwise a #PolkitUnixUser that should be freed with g_object_unref().
*/
-PolkitSubject *
+PolkitIdentity *
polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor,
PolkitSubject *subject,
GError **error)
{
- PolkitSubject *user;
+ PolkitIdentity *user;
uid_t uid;
user = NULL;
- if (POLKIT_IS_UNIX_USER (subject))
- {
- user = g_object_ref (subject);
- }
- else if (POLKIT_IS_UNIX_PROCESS (subject))
+ if (POLKIT_IS_UNIX_PROCESS (subject))
{
pid_t pid;
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h
index 46ca247..8569266 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.h
+++ b/src/polkitbackend/polkitbackendsessionmonitor.h
@@ -47,7 +47,7 @@ GType polkit_backend_session_monitor_get_type (void)
PolkitBackendSessionMonitor *polkit_backend_session_monitor_new (void);
GList *polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor);
-PolkitSubject *polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor,
+PolkitIdentity *polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor,
PolkitSubject *subject,
GError **error);
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index c276970..83c3313 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -31,7 +31,6 @@ static PolkitAuthority *authority;
static gboolean opt_list_actions = FALSE;
static gboolean opt_list_users = FALSE;
static gboolean opt_list_groups = FALSE;
-static gboolean opt_list_sessions = FALSE;
static gboolean opt_list_authorizations = FALSE;
static gboolean opt_list_explicit_authorizations = FALSE;
static gboolean opt_check = FALSE;
@@ -44,6 +43,7 @@ static gboolean opt_show_version = FALSE;
static gboolean opt_verbose = FALSE;
static PolkitSubject *subject = NULL;
+static PolkitIdentity *identity = NULL;
static gchar *action_id = NULL;
@@ -52,7 +52,6 @@ static gchar *action_id = NULL;
static gboolean list_actions (void);
static gboolean list_users (void);
static gboolean list_groups (void);
-static gboolean list_sessions (void);
static gboolean list_authorizations (void);
static gboolean list_explicit_authorizations (void);
@@ -113,10 +112,6 @@ main (int argc, char *argv[])
{
opt_list_groups = TRUE;
}
- else if (strcmp (argv[n], "sessions") == 0)
- {
- opt_list_sessions = TRUE;
- }
else if (strcmp (argv[n], "authorizations") == 0)
{
opt_list_authorizations = TRUE;
@@ -132,10 +127,10 @@ main (int argc, char *argv[])
goto out;
}
- subject = polkit_subject_from_string (argv[n], &error);
- if (subject == NULL)
+ identity = polkit_identity_from_string (argv[n], &error);
+ if (identity == NULL)
{
- g_printerr ("Error parsing subject: %s\n", error->message);
+ g_printerr ("Error parsing identity: %s\n", error->message);
g_error_free (error);
goto out;
}
@@ -193,10 +188,10 @@ main (int argc, char *argv[])
goto out;
}
- subject = polkit_subject_from_string (argv[n], &error);
- if (subject == NULL)
+ identity = polkit_identity_from_string (argv[n], &error);
+ if (identity == NULL)
{
- g_printerr ("Error parsing subject: %s\n", error->message);
+ g_printerr ("Error parsing identity: %s\n", error->message);
g_error_free (error);
goto out;
}
@@ -221,10 +216,10 @@ main (int argc, char *argv[])
goto out;
}
- subject = polkit_subject_from_string (argv[n], &error);
- if (subject == NULL)
+ identity = polkit_identity_from_string (argv[n], &error);
+ if (identity == NULL)
{
- g_printerr ("Error parsing subject: %s\n", error->message);
+ g_printerr ("Error parsing identity: %s\n", error->message);
g_error_free (error);
goto out;
}
@@ -284,10 +279,6 @@ main (int argc, char *argv[])
{
ret = list_groups ();
}
- else if (opt_list_sessions)
- {
- ret = list_sessions ();
- }
else if (opt_list_authorizations)
{
ret = list_authorizations ();
@@ -308,7 +299,7 @@ main (int argc, char *argv[])
}
else if (opt_grant)
{
- if (subject == NULL || action_id == NULL)
+ if (identity == NULL || action_id == NULL)
{
usage (argc, argv);
goto out;
@@ -318,7 +309,7 @@ main (int argc, char *argv[])
}
else if (opt_revoke)
{
- if (subject == NULL || action_id == NULL)
+ if (identity == NULL || action_id == NULL)
{
usage (argc, argv);
goto out;
@@ -339,6 +330,9 @@ main (int argc, char *argv[])
if (subject != NULL)
g_object_unref (subject);
+ if (identity != NULL)
+ g_object_unref (identity);
+
g_free (action_id);
return ret ? 0 : 1;
@@ -493,16 +487,16 @@ list_actions (void)
/* ---------------------------------------------------------------------------------------------------- */
static void
-print_subjects (GList *subjects)
+print_identities (GList *identities)
{
GList *l;
- for (l = subjects; l != NULL; l = l->next)
+ for (l = identities; l != NULL; l = l->next)
{
- PolkitSubject *subject = POLKIT_SUBJECT (l->data);
+ PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
gchar *s;
- s = polkit_subject_to_string (subject);
+ s = polkit_identity_to_string (identity);
g_print ("%s\n", s);
g_free (s);
}
@@ -515,12 +509,12 @@ list_users (void)
{
gboolean ret;
GError *error;
- GList *subjects;
+ GList *identities;
ret = FALSE;
error = NULL;
- subjects = polkit_authority_enumerate_users_sync (authority,
+ identities = polkit_authority_enumerate_users_sync (authority,
NULL,
&error);
if (error != NULL)
@@ -530,10 +524,10 @@ list_users (void)
goto out;
}
- print_subjects (subjects);
+ print_identities (identities);
- g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
- g_list_free (subjects);
+ g_list_foreach (identities, (GFunc) g_object_unref, NULL);
+ g_list_free (identities);
ret = TRUE;
@@ -548,12 +542,12 @@ list_groups (void)
{
gboolean ret;
GError *error;
- GList *subjects;
+ GList *identities;
ret = FALSE;
error = NULL;
- subjects = polkit_authority_enumerate_groups_sync (authority,
+ identities = polkit_authority_enumerate_groups_sync (authority,
NULL,
&error);
if (error != NULL)
@@ -563,43 +557,10 @@ list_groups (void)
goto out;
}
- print_subjects (subjects);
-
- g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
- g_list_free (subjects);
-
- ret = TRUE;
-
- out:
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-list_sessions (void)
-{
- gboolean ret;
- GError *error;
- GList *subjects;
-
- ret = FALSE;
-
- error = NULL;
- subjects = polkit_authority_enumerate_sessions_sync (authority,
- NULL,
- &error);
- if (error != NULL)
- {
- g_printerr ("Error enumerating sessions: %s\n", error->message);
- g_error_free (error);
- goto out;
- }
-
- print_subjects (subjects);
+ print_identities (identities);
- g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
- g_list_free (subjects);
+ g_list_foreach (identities, (GFunc) g_object_unref, NULL);
+ g_list_free (identities);
ret = TRUE;
@@ -801,9 +762,9 @@ list_explicit_authorizations (void)
error = NULL;
authorizations = polkit_authority_enumerate_authorizations_sync (authority,
- subject,
- NULL,
- &error);
+ identity,
+ NULL,
+ &error);
if (error != NULL)
{
g_printerr ("Error enumerating authorizations: %s\n", error->message);
@@ -845,10 +806,11 @@ do_grant (void)
ret = FALSE;
authorization = polkit_authorization_new (action_id,
- subject,
+ NULL, /* TODO: handle subject */
FALSE); /* TODO: handle negative */
if (!polkit_authority_add_authorization_sync (authority,
+ identity,
authorization,
NULL,
&error))
@@ -880,10 +842,11 @@ do_revoke (void)
ret = FALSE;
authorization = polkit_authorization_new (action_id,
- subject,
+ NULL, /* TODO: handle subject */
FALSE); /* TODO: handle negative */
if (!polkit_authority_remove_authorization_sync (authority,
+ identity,
authorization,
NULL,
&error))
commit 1dd82a146df8b130978493e7c2297abcc124f1da
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Jan 18 20:37:02 2009 -0500
add remaining glue for {Add,Remove,Enumerate}Authorization
Now to finish implementing the local files backend....
diff --git a/configure.ac b/configure.ac
index f10a8eb..fbe843c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -197,4 +197,10 @@ echo "
Building verbose mode: ${enable_verbose_mode}
Building api docs: ${enable_gtk_doc}
Building man pages: ${enable_man_pages}
+
"
+
+echo "NOTE: The directory ${localstatedir}/lib/polkit-1 must be owned by root"
+echo " and have mode 700"
+echo
+
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 1523dbd..f258c53 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -82,11 +82,16 @@
<!-- Authorization struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="Authorization">
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
- <annotation name="org.gtk.EggDBus.DocString" value="Action Identifier for the authorization"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="Identifier for the action the authorization is for"/>
</annotation>
- <annotation name="org.gtk.EggDBus.Struct.Member" value="a{sv}:attributes">
- <annotation name="org.gtk.EggDBus.DocString" value="Attributes of the authorization"/>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="(sa{sv}):subject">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ <annotation name="org.gtk.EggDBus.DocString" value="Subject that the authorization applies to"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="b:is_negative">
+ <annotation name="org.gtk.EggDBus.DocString" value="Whether the authorization is negative"/>
</annotation>
</annotation>
@@ -131,25 +136,23 @@
</arg>
</method>
- <method name="GrantAuthorization">
- <arg name="subject" direction="in" type="(sa{sv})">
- <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ <method name="AddAuthorization">
+ <arg name="authorization" direction="in" type="(s(sa{sv})b)">
+ <annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
</arg>
- <arg name="action_id" direction="in" type="s"/>
</method>
- <method name="RevokeAuthorization">
- <arg name="subject" direction="in" type="(sa{sv})">
- <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ <method name="RemoveAuthorization">
+ <arg name="authorization" direction="in" type="(s(sa{sv})b)">
+ <annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
</arg>
- <arg name="action_id" direction="in" type="s"/>
</method>
<method name="EnumerateAuthorizations">
<arg name="subject" direction="in" type="(sa{sv})">
<annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
</arg>
- <arg name="authorizations" direction="out" type="a(sa{sv})">
+ <arg name="authorizations" direction="out" type="a(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
</arg>
</method>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 0dc1af7..4b490e3 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -52,6 +52,7 @@ libpolkit_gobject_1include_HEADERS = \
polkitsystembusname.h \
polkitauthorizationresult.h \
polkitcheckauthorizationflags.h \
+ polkitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
@@ -68,6 +69,7 @@ libpolkit_gobject_1_la_SOURCES = \
polkitsystembusname.c polkitsystembusname.h \
polkitauthorizationresult.c polkitauthorizationresult.h \
polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
+ polkitauthorization.c polkitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index d872d54..7f025eb 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -35,6 +35,7 @@
#include <polkit/polkitauthorizationresult.h>
#include <polkit/polkitcheckauthorizationflags.h>
#include <polkit/polkitauthority.h>
+#include <polkit/polkitauthorization.h>
#undef _POLKIT_INSIDE_POLKIT_H
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 60f5017..31450b4 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -628,3 +628,289 @@ polkit_authority_check_authorization_sync (PolkitAuthority *author
}
/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_enumerate_authorizations_async (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+ _PolkitSubject *real_subject;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_enumerate_authorizations_async);
+
+ real_subject = polkit_subject_get_real (subject);
+
+ call_id = _polkit_authority_enumerate_authorizations (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ real_subject,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ g_object_unref (real_subject);
+
+ return call_id;
+}
+
+void
+polkit_authority_enumerate_authorizations (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_enumerate_authorizations_async (authority, subject, cancellable, callback, user_data);
+}
+
+GList *
+polkit_authority_enumerate_authorizations_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ EggDBusArraySeq *array_seq;
+ GList *result;
+ guint n;
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_authorizations_async);
+
+ result = NULL;
+
+ if (!_polkit_authority_enumerate_authorizations_finish (authority->real,
+ &array_seq,
+ real_res,
+ error))
+ goto out;
+
+ for (n = 0; n < array_seq->size; n++)
+ {
+ _PolkitAuthorization *real_authorization;
+
+ real_authorization = array_seq->data.v_ptr[n];
+
+ result = g_list_prepend (result, polkit_authorization_new_for_real (real_authorization));
+ }
+
+ result = g_list_reverse (result);
+
+ g_object_unref (array_seq);
+
+ out:
+ g_object_unref (real_res);
+ return result;
+}
+
+
+GList *
+polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ GList *result;
+
+ call_id = polkit_authority_enumerate_authorizations_async (authority, subject, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_enumerate_authorizations_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_add_authorization_async (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+ _PolkitAuthorization *real_authorization;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_add_authorization_async);
+
+ real_authorization = polkit_authorization_get_real (authorization);
+
+ call_id = _polkit_authority_add_authorization (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ real_authorization,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ g_object_unref (real_authorization);
+
+ return call_id;
+}
+
+void
+polkit_authority_add_authorization (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_add_authorization_async (authority, authorization, cancellable, callback, user_data);
+}
+
+gboolean
+polkit_authority_add_authorization_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_add_authorization_async);
+
+ ret = _polkit_authority_add_authorization_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+
+gboolean
+polkit_authority_add_authorization_sync (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean ret;
+
+ call_id = polkit_authority_add_authorization_async (authority, authorization, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ ret = polkit_authority_add_authorization_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_remove_authorization_async (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+ _PolkitAuthorization *real_authorization;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_remove_authorization_async);
+
+ real_authorization = polkit_authorization_get_real (authorization);
+
+ call_id = _polkit_authority_remove_authorization (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ real_authorization,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ g_object_unref (real_authorization);
+
+ return call_id;
+}
+
+void
+polkit_authority_remove_authorization (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_remove_authorization_async (authority, authorization, cancellable, callback, user_data);
+}
+
+gboolean
+polkit_authority_remove_authorization_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_remove_authorization_async);
+
+ ret = _polkit_authority_remove_authorization_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+
+gboolean
+polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean ret;
+
+ call_id = polkit_authority_remove_authorization_async (authority, authorization, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ ret = polkit_authority_remove_authorization_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 2b69a4e..e5937a2 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -70,6 +70,21 @@ PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuth
GCancellable *cancellable,
GError **error);
+GList *polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ GCancellable *cancellable,
+ GError **error);
+
+gboolean polkit_authority_add_authorization_sync (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GError **error);
+
+gboolean polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
void polkit_authority_enumerate_actions (PolkitAuthority *authority,
@@ -121,6 +136,37 @@ PolkitAuthorizationResult polkit_authority_check_authorization_finish (PolkitAu
GAsyncResult *res,
GError **error);
+void polkit_authority_enumerate_authorizations (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+GList * polkit_authority_enumerate_authorizations_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_add_authorization (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_add_authorization_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_remove_authorization (PolkitAuthority *authority,
+ PolkitAuthorization *authorization,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_remove_authorization_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+
/* ---------------------------------------------------------------------------------------------------- */
G_END_DECLS
diff --git a/src/polkit/polkitauthorization.c b/src/polkit/polkitauthorization.c
new file mode 100644
index 0000000..8f67d3f
--- /dev/null
+++ b/src/polkit/polkitauthorization.c
@@ -0,0 +1,145 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "polkitauthorization.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitauthorization
+ * @title: PolkitAuthorization
+ * @short_description: Authorization
+ *
+ * This class represents an explicit authorization.
+ */
+
+struct _PolkitAuthorization
+{
+ GObject parent_instance;
+
+ _PolkitAuthorization *real;
+
+ PolkitSubject *subject;
+};
+
+struct _PolkitAuthorizationClass
+{
+ GObjectClass parent_class;
+
+};
+
+G_DEFINE_TYPE (PolkitAuthorization, polkit_authorization, G_TYPE_OBJECT);
+
+static void
+polkit_authorization_init (PolkitAuthorization *authorization)
+{
+}
+
+static void
+polkit_authorization_finalize (GObject *object)
+{
+ PolkitAuthorization *authorization;
+
+ authorization = POLKIT_AUTHORIZATION (object);
+
+ if (authorization->subject != NULL)
+ g_object_unref (authorization->subject);
+
+ g_object_unref (authorization->real);
+
+ if (G_OBJECT_CLASS (polkit_authorization_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_authorization_parent_class)->finalize (object);
+}
+
+static void
+polkit_authorization_class_init (PolkitAuthorizationClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_authorization_finalize;
+}
+
+PolkitAuthorization *
+polkit_authorization_new (const gchar *action_id,
+ PolkitSubject *subject,
+ gboolean is_negative)
+{
+ PolkitAuthorization *authorization;
+ _PolkitAuthorization *real;
+ _PolkitSubject *real_subject;
+
+ real_subject = polkit_subject_get_real (subject);
+
+ real = _polkit_authorization_new (action_id, real_subject, is_negative);
+
+ g_object_unref (real_subject);
+
+ authorization = polkit_authorization_new_for_real (real);
+
+ g_object_unref (real);
+
+ return authorization;
+}
+
+PolkitAuthorization *
+polkit_authorization_new_for_real (_PolkitAuthorization *real)
+{
+ PolkitAuthorization *authorization;
+
+ authorization = POLKIT_AUTHORIZATION (g_object_new (POLKIT_TYPE_AUTHORIZATION, NULL));
+
+ authorization->real = g_object_ref (real);
+
+ return authorization;
+}
+
+_PolkitAuthorization *
+polkit_authorization_get_real (PolkitAuthorization *authorization)
+{
+ return g_object_ref (authorization->real);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+const gchar *
+polkit_authorization_get_action_id (PolkitAuthorization *authorization)
+{
+ return _polkit_authorization_get_action_id (authorization->real);
+}
+
+
+PolkitSubject *
+polkit_authorization_get_subject (PolkitAuthorization *authorization)
+{
+ if (authorization->subject == NULL)
+ authorization->subject = polkit_subject_new_for_real (_polkit_authorization_get_subject (authorization->real));
+
+ return authorization->subject;
+}
+
+gboolean
+polkit_authorization_get_is_negative (PolkitAuthorization *authorization)
+{
+ return _polkit_authorization_get_is_negative (authorization->real);
+}
diff --git a/src/polkit/polkitauthorization.h b/src/polkit/polkitauthorization.h
new file mode 100644
index 0000000..02228c1
--- /dev/null
+++ b/src/polkit/polkitauthorization.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AUTHORIZATION_H
+#define __POLKIT_AUTHORIZATION_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_AUTHORIZATION (polkit_authorization_get_type())
+#define POLKIT_AUTHORIZATION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORIZATION, PolkitAuthorization))
+#define POLKIT_AUTHORIZATION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHORIZATION, PolkitAuthorizationClass))
+#define POLKIT_AUTHORIZATION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORIZATION, PolkitAuthorizationClass))
+#define POLKIT_IS_AUTHORIZATION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORIZATION))
+#define POLKIT_IS_AUTHORIZATION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORIZATION))
+
+#if 0
+typedef struct _PolkitAuthorization PolkitAuthorization;
+#endif
+typedef struct _PolkitAuthorizationClass PolkitAuthorizationClass;
+
+GType polkit_authorization_get_type (void) G_GNUC_CONST;
+
+PolkitAuthorization *polkit_authorization_new (const gchar *action_id,
+ PolkitSubject *subject,
+ gboolean is_negative);
+
+const gchar *polkit_authorization_get_action_id (PolkitAuthorization *authorization);
+
+PolkitSubject *polkit_authorization_get_subject (PolkitAuthorization *authorization);
+
+gboolean polkit_authorization_get_is_negative (PolkitAuthorization *authorization);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORIZATION_H */
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index 526de6a..9eec3a2 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -24,7 +24,6 @@
#include "polkitactiondescription.h"
#include "polkitsubject.h"
-#include "polkitauthorizationclaim.h"
#include "_polkitbindings.h"
/* notes:
@@ -40,9 +39,7 @@ _PolkitActionDescription *polkit_action_description_get_real (PolkitActionDe
PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real);
_PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
-#if 0
-PolkitAuthorizationClaim *polkit_authorization_claim_new_for_real (_PolkitAuthorizationClaim *real);
-_PolkitAuthorizationClaim *polkit_authorization_claim_get_real (PolkitAuthorizationClaim *claim);
-#endif
+PolkitAuthorization *polkit_authorization_new_for_real (_PolkitAuthorization *real);
+_PolkitAuthorization *polkit_authorization_get_real (PolkitAuthorization *authorization);
#endif /* __POLKIT_PRIVATE_H */
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
index e74a7ff..bc089c4 100644
--- a/src/polkit/polkittypes.h
+++ b/src/polkit/polkittypes.h
@@ -47,7 +47,7 @@ typedef struct _PolkitUnixSession PolkitUnixSession;
struct _PolkitSystemBusName;
typedef struct _PolkitSystemBusName PolkitSystemBusName;
-struct _PolkitAuthorizationClaim;
-typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim;
+struct _PolkitAuthorization;
+typedef struct _PolkitAuthorization PolkitAuthorization;
#endif /* __POLKIT_TYPES_H */
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 29cb6cc..5b6d7ea 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -79,3 +79,7 @@ CLEANFILES = $(BUILT_SOURCES)
clean-local :
rm -f *~
+
+install-exec-hook:
+ mkdir -p $(DESTDIR)$(localstatedir)/lib/polkit-1
+ -chmod 600 $(DESTDIR)$(localstatedir)/lib/polkit-1
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 8dfa873..3de7e8a 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -96,3 +96,39 @@ polkit_backend_authority_check_authorization (PolkitBackendAuthority *aut
klass->check_authorization (authority, subject, action_id, flags, pending_call);
}
+
+void
+polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->enumerate_authorizations (authority, subject, pending_call);
+}
+
+void
+polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->add_authorization (authority, authorization, pending_call);
+}
+
+void
+polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->remove_authorization (authority, authorization, pending_call);
+}
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 950e853..1220ada 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -70,6 +70,18 @@ struct _PolkitBackendAuthorityClass
PolkitCheckAuthorizationFlags flags,
PolkitBackendPendingCall *pending_call);
+ void (*enumerate_authorizations) (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ PolkitBackendPendingCall *pending_call);
+
+ void (*add_authorization) (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call);
+
+ void (*remove_authorization) (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call);
+
/*< private >*/
/* Padding for future expansion */
void (*_polkit_reserved1) (void);
@@ -105,22 +117,41 @@ void polkit_backend_authority_check_authorization (PolkitBackendAuthor
PolkitCheckAuthorizationFlags flags,
PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call);
+
/* --- */
-void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
- GList *actions);
+void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
+ GList *actions);
+
+void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
+ GList *users);
+
+void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
+ GList *groups);
+
+void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
+ GList *sessions);
-void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
- GList *users);
+void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
+ PolkitAuthorizationResult result);
-void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
- GList *groups);
+void polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCall *pending_call,
+ GList *sessions);
-void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
- GList *sessions);
+void polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pending_call);
-void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
- PolkitAuthorizationResult result);
+void polkit_backend_authority_remove_authorization_finish (PolkitBackendPendingCall *pending_call);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 4452dd7..5d76f16 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -63,6 +63,18 @@ static PolkitAuthorizationResult check_authorization_sync (PolkitBackendAuthorit
PolkitCheckAuthorizationFlags flags,
GError **error);
+static void polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ PolkitBackendPendingCall *pending_call);
+
+static void polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call);
+
+static void polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call);
+
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
@@ -111,11 +123,14 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
gobject_class->finalize = polkit_backend_local_authority_finalize;
- authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
- authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
- authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
- authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
- authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
+ authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
+ authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
+ authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
+ authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
+ authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
+ authority_class->enumerate_authorizations = polkit_backend_local_authority_enumerate_authorizations;
+ authority_class->add_authorization = polkit_backend_local_authority_add_authorization;
+ authority_class->remove_authorization = polkit_backend_local_authority_remove_authorization;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -442,3 +457,99 @@ check_authorization_sync (PolkitBackendAuthority *authority,
}
/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ gchar *subject_str;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_debug ("enumerating authorizations for %s", subject_str);
+
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Not implemented (subject=%s)", subject_str);
+
+ g_free (subject_str);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitSubject *subject;
+ const gchar *action_id;
+ gboolean is_negative;
+ gchar *subject_str;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ subject = polkit_authorization_get_subject (authorization);
+ action_id = polkit_authorization_get_action_id (authorization);
+ is_negative = polkit_authorization_get_is_negative (authorization);
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_debug ("add authorization with subject=%s, action_id=%s, is_negative=%d",
+ subject_str, action_id, is_negative);
+
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Not implemented (subject=%s action_id=%s is_negative=%d)",
+ subject_str, action_id, is_negative);
+
+ g_free (subject_str);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority,
+ PolkitAuthorization *authorization,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitSubject *subject;
+ const gchar *action_id;
+ gboolean is_negative;
+ gchar *subject_str;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ subject = polkit_authorization_get_subject (authorization);
+ action_id = polkit_authorization_get_action_id (authorization);
+ is_negative = polkit_authorization_get_is_negative (authorization);
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_debug ("remove authorization with subject=%s, action_id=%s, is_negative=%d",
+ subject_str, action_id, is_negative);
+
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Not implemented (subject=%s action_id=%s is_negative=%d)",
+ subject_str, action_id, is_negative);
+
+ g_free (subject_str);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index d7b455a..3a8637c 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -297,11 +297,123 @@ polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *
/* ---------------------------------------------------------------------------------------------------- */
static void
+authority_handle_enumerate_authorizations (_PolkitAuthority *instance,
+ _PolkitSubject *real_subject,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+ PolkitSubject *subject;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ subject = polkit_subject_new_for_real (real_subject);
+
+ g_object_set_data_full (G_OBJECT (pending_call), "subject", subject, (GDestroyNotify) g_object_unref);
+
+ polkit_backend_authority_enumerate_authorizations (server->authority,
+ subject,
+ pending_call);
+}
+
+void
+polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCall *pending_call,
+ GList *authorizations)
+{
+ EggDBusArraySeq *array;
+ GList *l;
+
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_AUTHORIZATION, (GDestroyNotify) g_object_unref, NULL, NULL);
+
+ for (l = authorizations; l != NULL; l = l->next)
+ {
+ PolkitAuthorization *a = POLKIT_AUTHORIZATION (l->data);
+ _PolkitAuthorization *real;
+
+ real = polkit_authorization_get_real (a);
+ egg_dbus_array_seq_add (array, real);
+ }
+
+ _polkit_authority_handle_enumerate_authorizations_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ array);
+
+ g_object_unref (array);
+
+ g_list_foreach (authorizations, (GFunc) g_object_unref, NULL);
+ g_list_free (authorizations);
+
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_handle_add_authorization (_PolkitAuthority *instance,
+ _PolkitAuthorization *real_authorization,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+ PolkitAuthorization *authorization;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ authorization = polkit_authorization_new_for_real (real_authorization);
+
+ g_object_set_data_full (G_OBJECT (pending_call), "authorization", authorization, (GDestroyNotify) g_object_unref);
+
+ polkit_backend_authority_add_authorization (server->authority,
+ authorization,
+ pending_call);
+}
+
+void
+polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pending_call)
+{
+ _polkit_authority_handle_add_authorization_finish (_polkit_backend_pending_call_get_method_invocation (pending_call));
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_handle_remove_authorization (_PolkitAuthority *instance,
+ _PolkitAuthorization *real_authorization,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+ PolkitAuthorization *authorization;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ authorization = polkit_authorization_new_for_real (real_authorization);
+
+ g_object_set_data_full (G_OBJECT (pending_call), "authorization", authorization, (GDestroyNotify) g_object_unref);
+
+ polkit_backend_authority_remove_authorization (server->authority,
+ authorization,
+ pending_call);
+}
+
+void
+polkit_backend_authority_remove_authorization_finish (PolkitBackendPendingCall *pending_call)
+{
+ _polkit_authority_handle_remove_authorization_finish (_polkit_backend_pending_call_get_method_invocation (pending_call));
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
- authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
- authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
- authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
- authority_iface->handle_enumerate_sessions = authority_handle_enumerate_sessions;
- authority_iface->handle_check_authorization = authority_handle_check_authorization;
+ authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
+ authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
+ authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
+ authority_iface->handle_enumerate_sessions = authority_handle_enumerate_sessions;
+ authority_iface->handle_check_authorization = authority_handle_check_authorization;
+ authority_iface->handle_enumerate_authorizations = authority_handle_enumerate_authorizations;
+ authority_iface->handle_add_authorization = authority_handle_add_authorization;
+ authority_iface->handle_remove_authorization = authority_handle_remove_authorization;
}
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index 8f9783d..de69ba1 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -98,8 +98,6 @@ add_session (PolkitBackendSessionMonitor *monitor,
CkSession *session;
EggDBusObjectProxy *object_proxy;
- g_debug ("foo %s", object_path);
-
object_proxy = egg_dbus_connection_get_object_proxy (monitor->system_bus,
"org.freedesktop.ConsoleKit",
object_path);
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 0bd8c7d..c276970 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -35,6 +35,8 @@ static gboolean opt_list_sessions = FALSE;
static gboolean opt_list_authorizations = FALSE;
static gboolean opt_list_explicit_authorizations = FALSE;
static gboolean opt_check = FALSE;
+static gboolean opt_grant = FALSE;
+static gboolean opt_revoke = FALSE;
static gboolean opt_show_help = FALSE;
static gboolean opt_show_version = FALSE;
@@ -52,8 +54,11 @@ static gboolean list_users (void);
static gboolean list_groups (void);
static gboolean list_sessions (void);
static gboolean list_authorizations (void);
+static gboolean list_explicit_authorizations (void);
-static gboolean check (void);
+static gboolean do_check (void);
+static gboolean do_grant (void);
+static gboolean do_revoke (void);
static gboolean show_action (const gchar *action_id);
@@ -177,6 +182,62 @@ main (int argc, char *argv[])
action_id = g_strdup (argv[n++]);
}
+ else if (strcmp (argv[n], "grant") == 0)
+ {
+ opt_grant = TRUE;
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ subject = polkit_subject_from_string (argv[n], &error);
+ if (subject == NULL)
+ {
+ g_printerr ("Error parsing subject: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ action_id = g_strdup (argv[n++]);
+ }
+ else if (strcmp (argv[n], "revoke") == 0)
+ {
+ opt_revoke = TRUE;
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ subject = polkit_subject_from_string (argv[n], &error);
+ if (subject == NULL)
+ {
+ g_printerr ("Error parsing subject: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ action_id = g_strdup (argv[n++]);
+ }
else if (strcmp (argv[n], "--help") == 0)
{
opt_show_help = TRUE;
@@ -231,6 +292,10 @@ main (int argc, char *argv[])
{
ret = list_authorizations ();
}
+ else if (opt_list_explicit_authorizations)
+ {
+ ret = list_explicit_authorizations ();
+ }
else if (opt_check)
{
if (subject == NULL || action_id == NULL)
@@ -239,7 +304,27 @@ main (int argc, char *argv[])
goto out;
}
- ret = check ();
+ ret = do_check ();
+ }
+ else if (opt_grant)
+ {
+ if (subject == NULL || action_id == NULL)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ ret = do_grant ();
+ }
+ else if (opt_revoke)
+ {
+ if (subject == NULL || action_id == NULL)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ ret = do_revoke ();
}
else
{
@@ -525,7 +610,7 @@ list_sessions (void)
/* ---------------------------------------------------------------------------------------------------- */
static gboolean
-check (void)
+do_check (void)
{
PolkitAuthorizationResult result;
GError *error;
@@ -703,3 +788,118 @@ list_authorizations (void)
}
/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean
+list_explicit_authorizations (void)
+{
+ gboolean ret;
+ GError *error;
+ GList *authorizations;
+ GList *l;
+
+ ret = FALSE;
+
+ error = NULL;
+ authorizations = polkit_authority_enumerate_authorizations_sync (authority,
+ subject,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating authorizations: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (l = authorizations; l != NULL; l = l->next)
+ {
+ PolkitAuthorization *authorization = POLKIT_AUTHORIZATION (l->data);
+ const gchar *action_id;
+
+ action_id = polkit_authorization_get_action_id (authorization);
+
+ /* TODO: verbose */
+
+ g_print ("%s\n", action_id);
+ }
+
+ g_list_foreach (authorizations, (GFunc) g_object_unref, NULL);
+ g_list_free (authorizations);
+
+ ret = TRUE;
+
+ out:
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean
+do_grant (void)
+{
+ PolkitAuthorization *authorization;
+ gboolean ret;
+ GError *error;
+
+ error = NULL;
+ ret = FALSE;
+
+ authorization = polkit_authorization_new (action_id,
+ subject,
+ FALSE); /* TODO: handle negative */
+
+ if (!polkit_authority_add_authorization_sync (authority,
+ authorization,
+ NULL,
+ &error))
+ {
+ g_printerr ("Error adding authorization: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ ret = TRUE;
+
+ out:
+
+ g_object_unref (authorization);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean
+do_revoke (void)
+{
+ PolkitAuthorization *authorization;
+ gboolean ret;
+ GError *error;
+
+ error = NULL;
+ ret = FALSE;
+
+ authorization = polkit_authorization_new (action_id,
+ subject,
+ FALSE); /* TODO: handle negative */
+
+ if (!polkit_authority_remove_authorization_sync (authority,
+ authorization,
+ NULL,
+ &error))
+ {
+ g_printerr ("Error removing authorization: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ ret = TRUE;
+
+ out:
+
+ g_object_unref (authorization);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
commit 4653150b07c83d9140893b115699bdc1c238ee1a
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Jan 18 16:14:39 2009 -0500
rename CheckClaim() to CheckAuthorization()
Also get rid of AuthorizationClaim type and add D-Bus prototypes for a
couple of other methods.
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 76f68d6..1523dbd 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -46,17 +46,6 @@
</annotation>
- <!-- AuthorizationClaim struct -->
- <annotation name="org.gtk.EggDBus.DeclareStruct" value="AuthorizationClaim">
- <annotation name="org.gtk.EggDBus.Struct.Member" value="(sa{sv}):subject">
- <annotation name="org.gtk.EggDBus.DocString" value="Subject the claim is for"/>
- </annotation>
-
- <annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
- <annotation name="org.gtk.EggDBus.DocString" value="Action Identifier for the claim"/>
- </annotation>
- </annotation>
-
<!-- The error domain used for reporting errors -->
<annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.Failed">
@@ -70,7 +59,7 @@
</annotation>
</annotation>
- <!-- An enumeration for results of CheckClaim() (TODO: implement this method) -->
+ <!-- An enumeration for results when checking for an authorization -->
<annotation name="org.gtk.EggDBus.DeclareEnum" value="AuthorizationResult">
<annotation name="org.gtk.EggDBus.Enum.Member" value="NotAuthorized">
<annotation name="org.gtk.EggDBus.DocString" value="The subject is not authorized for the specified action"/>
@@ -83,6 +72,23 @@
</annotation>
</annotation>
+ <!-- Flags used for checking authorizations -->
+ <annotation name="org.gtk.EggDBus.DeclareFlags" value="CheckAuthorizationFlags">
+ <annotation name="org.gtk.EggDBus.Flags.Member" value="AllowUserInteraction">
+ <annotation name="org.gtk.EggDBus.DocString" value="If the subject can obtain the authorization through authentication, and an authentication agent is available, then attempt to do so. Note, this means that the #CheckAuthorization() method is likely to block for a long time."/>
+ </annotation>
+ </annotation>
+
+ <!-- Authorization struct -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="Authorization">
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
+ <annotation name="org.gtk.EggDBus.DocString" value="Action Identifier for the authorization"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="a{sv}:attributes">
+ <annotation name="org.gtk.EggDBus.DocString" value="Attributes of the authorization"/>
+ </annotation>
+ </annotation>
<interface name="org.freedesktop.PolicyKit1.Authority">
@@ -111,14 +117,43 @@
</arg>
</method>
- <method name="CheckClaim">
- <arg name="claim" direction="in" type="((sa{sv})s)">
- <annotation name="org.gtk.EggDBus.StructType" value="AuthorizationClaim"/>
+ <method name="CheckAuthorization">
+ <arg name="subject" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
+ <arg name="action_id" direction="in" type="s"/>
+ <arg name="flags" direction="in" type="i">
+ <annotation name="org.gtk.EggDBus.FlagsType" value="CheckAuthorizationFlags"/>
</arg>
+
<arg name="result" direction="out" type="i">
<annotation name="org.gtk.EggDBus.EnumType" value="AuthorizationResult"/>
</arg>
</method>
+ <method name="GrantAuthorization">
+ <arg name="subject" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
+ <arg name="action_id" direction="in" type="s"/>
+ </method>
+
+ <method name="RevokeAuthorization">
+ <arg name="subject" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
+ <arg name="action_id" direction="in" type="s"/>
+ </method>
+
+ <method name="EnumerateAuthorizations">
+ <arg name="subject" direction="in" type="(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
+ <arg name="authorizations" direction="out" type="a(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
+ </arg>
+ </method>
+
+
</interface>
</node>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 3a62076..0dc1af7 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -18,8 +18,9 @@ INCLUDES = \
BUILT_SOURCES = \
_polkitactiondescription.c _polkitactiondescription.h \
_polkitauthority.c _polkitauthority.h \
- _polkitauthorizationclaim.c _polkitauthorizationclaim.h \
+ _polkitauthorization.c _polkitauthorization.h \
_polkitauthorizationresult.c _polkitauthorizationresult.h \
+ _polkitcheckauthorizationflags.c _polkitcheckauthorizationflags.h \
_polkitbindings.c _polkitbindings.h \
_polkitbindingsmarshal.c _polkitbindingsmarshal.h \
_polkitbindingstypes.h \
@@ -49,8 +50,8 @@ libpolkit_gobject_1include_HEADERS = \
polkitunixprocess.h \
polkitunixsession.h \
polkitsystembusname.h \
- polkitauthorizationclaim.h \
polkitauthorizationresult.h \
+ polkitcheckauthorizationflags.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
@@ -65,8 +66,8 @@ libpolkit_gobject_1_la_SOURCES = \
polkitunixprocess.c polkitunixprocess.h \
polkitunixsession.c polkitunixsession.h \
polkitsystembusname.c polkitsystembusname.h \
- polkitauthorizationclaim.c polkitauthorizationclaim.h \
polkitauthorizationresult.c polkitauthorizationresult.h \
+ polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 40df617..d872d54 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -32,8 +32,8 @@
#include <polkit/polkitunixprocess.h>
#include <polkit/polkitunixsession.h>
#include <polkit/polkitsystembusname.h>
-#include <polkit/polkitauthorizationclaim.h>
#include <polkit/polkitauthorizationresult.h>
+#include <polkit/polkitcheckauthorizationflags.h>
#include <polkit/polkitauthority.h>
#undef _POLKIT_INSIDE_POLKIT_H
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 1646467..60f5017 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -24,6 +24,7 @@
#endif
#include "polkitauthorizationresult.h"
+#include "polkitcheckauthorizationflags.h"
#include "polkitauthority.h"
#include "polkitprivate.h"
@@ -519,51 +520,61 @@ polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority,
/* ---------------------------------------------------------------------------------------------------- */
static guint
-polkit_authority_check_claim_async (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
+polkit_authority_check_authorization_async (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
{
- _PolkitAuthorizationClaim *real_claim;
+ _PolkitSubject *real_subject;
guint call_id;
GSimpleAsyncResult *simple;
- real_claim = polkit_authorization_claim_get_real (claim);
+ real_subject = polkit_subject_get_real (subject);
simple = g_simple_async_result_new (G_OBJECT (authority),
callback,
user_data,
- polkit_authority_check_claim_async);
+ polkit_authority_check_authorization_async);
- g_object_set_data_full (G_OBJECT (simple), "claim", g_object_ref (claim), (GDestroyNotify) g_object_unref);
+ call_id = _polkit_authority_check_authorization (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ real_subject,
+ action_id,
+ flags,
+ cancellable,
+ generic_async_cb,
+ simple);
- call_id = _polkit_authority_check_claim (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- real_claim,
- cancellable,
- generic_async_cb,
- simple);
-
- g_object_unref (real_claim);
+ g_object_unref (real_subject);
return call_id;
}
void
-polkit_authority_check_claim (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
+polkit_authority_check_authorization (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
{
- polkit_authority_check_claim_async (authority, claim, cancellable, callback, user_data);
+ polkit_authority_check_authorization_async (authority,
+ subject,
+ action_id,
+ flags,
+ cancellable,
+ callback,
+ user_data);
}
PolkitAuthorizationResult
-polkit_authority_check_claim_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error)
+polkit_authority_check_authorization_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
{
_PolkitAuthorizationResult result;
GSimpleAsyncResult *simple;
@@ -572,11 +583,11 @@ polkit_authority_check_claim_finish (PolkitAuthority *authority,
simple = G_SIMPLE_ASYNC_RESULT (res);
real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
- g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_check_claim_async);
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_check_authorization_async);
result = _POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
- if (!_polkit_authority_check_claim_finish (authority->real,
+ if (!_polkit_authority_check_authorization_finish (authority->real,
&result,
real_res,
error))
@@ -588,20 +599,28 @@ polkit_authority_check_claim_finish (PolkitAuthority *authority,
}
PolkitAuthorizationResult
-polkit_authority_check_claim_sync (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GError **error)
+polkit_authority_check_authorization_sync (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GCancellable *cancellable,
+ GError **error)
{
guint call_id;
GAsyncResult *res;
PolkitAuthorizationResult result;
- call_id = polkit_authority_check_claim_async (authority, claim, cancellable, generic_cb, &res);
+ call_id = polkit_authority_check_authorization_async (authority,
+ subject,
+ action_id,
+ flags,
+ cancellable,
+ generic_cb,
+ &res);
egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
- result = polkit_authority_check_claim_finish (authority, res, error);
+ result = polkit_authority_check_authorization_finish (authority, res, error);
g_object_unref (res);
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 85b1a51..2b69a4e 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -63,10 +63,12 @@ GList *polkit_authority_enumerate_sessions_sync (PolkitAutho
GCancellable *cancellable,
GError **error);
-PolkitAuthorizationResult polkit_authority_check_claim_sync (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GError **error);
+PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GCancellable *cancellable,
+ GError **error);
/* ---------------------------------------------------------------------------------------------------- */
@@ -107,15 +109,17 @@ GList * polkit_authority_enumerate_sessions_finish (PolkitAut
GAsyncResult *res,
GError **error);
-void polkit_authority_check_claim (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data);
-
-PolkitAuthorizationResult polkit_authority_check_claim_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error);
+void polkit_authority_check_authorization (PolkitAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+PolkitAuthorizationResult polkit_authority_check_authorization_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitcheckauthorizationflags.c b/src/polkit/polkitcheckauthorizationflags.c
new file mode 100644
index 0000000..f6e1e23
--- /dev/null
+++ b/src/polkit/polkitcheckauthorizationflags.c
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "polkitcheckauthorizationflags.h"
+#include "polkitprivate.h"
+
+GType
+polkit_check_authorization_flags_get_type (void)
+{
+ return _polkit_check_authorization_flags_get_type ();
+}
+
+
diff --git a/src/polkit/polkitcheckauthorizationflags.h b/src/polkit/polkitcheckauthorizationflags.h
new file mode 100644
index 0000000..8d284f5
--- /dev/null
+++ b/src/polkit/polkitcheckauthorizationflags.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_CHECK_AUTHORIZATION_FLAGS_H
+#define __POLKIT_CHECK_AUTHORIZATION_FLAGS_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+GType polkit_check_authorization_flags_get_type (void) G_GNUC_CONST;
+
+#define POLKIT_TYPE_CHECK_AUTHORIZATION_FLAGS (polkit_check_authorization_flags_get_type ())
+
+/**
+ * PolkitCheckAuthorizationFlags:
+ * @POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE: No flags set.
+ * @POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION: If the subject can obtain the authorization
+ * through authentication, and an authentication agent is available, then attempt to do so. Note, this
+ * means that the method used for checking authorization is likely to block for a long time.
+ *
+ * Possible flags when checking authorizations.
+ */
+typedef enum
+{
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE = 0x0000, /*< nick=none >*/
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION = 0x0001,
+} PolkitCheckAuthorizationFlags;
+
+G_END_DECLS
+
+#endif /* __POLKIT_CHECK_AUTHORIZATION_FLAGS_H */
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index 6aca70e..526de6a 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -40,7 +40,9 @@ _PolkitActionDescription *polkit_action_description_get_real (PolkitActionDe
PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real);
_PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
+#if 0
PolkitAuthorizationClaim *polkit_authorization_claim_new_for_real (_PolkitAuthorizationClaim *real);
_PolkitAuthorizationClaim *polkit_authorization_claim_get_real (PolkitAuthorizationClaim *claim);
+#endif
#endif /* __POLKIT_PRIVATE_H */
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index f00cfbe..8dfa873 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -84,13 +84,15 @@ polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority
}
void
-polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call)
+polkit_backend_authority_check_authorization (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- klass->check_claim (authority, claim, pending_call);
+ klass->check_authorization (authority, subject, action_id, flags, pending_call);
}
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index fd641b3..950e853 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -64,9 +64,11 @@ struct _PolkitBackendAuthorityClass
void (*enumerate_sessions) (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
- void (*check_claim) (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call);
+ void (*check_authorization) (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ PolkitBackendPendingCall *pending_call);
/*< private >*/
/* Padding for future expansion */
@@ -97,9 +99,11 @@ void polkit_backend_authority_enumerate_groups (PolkitBackendAuthor
void polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
-void polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_check_authorization (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ PolkitBackendPendingCall *pending_call);
/* --- */
@@ -115,8 +119,8 @@ void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendin
void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
GList *sessions);
-void polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
- PolkitAuthorizationResult result);
+void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
+ PolkitAuthorizationResult result);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index f6fda0b..4452dd7 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -51,13 +51,17 @@ static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuth
static void polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
-static void polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call);
-
-static PolkitAuthorizationResult check_claim_sync (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GError **error);
+static void polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ PolkitBackendPendingCall *pending_call);
+
+static PolkitAuthorizationResult check_authorization_sync (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GError **error);
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
@@ -111,7 +115,7 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
- authority_class->check_claim = polkit_backend_local_authority_check_claim;
+ authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -256,14 +260,15 @@ polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *aut
/* ---------------------------------------------------------------------------------------------------- */
static void
-polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call)
+polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
PolkitSubject *inquirer;
- PolkitSubject *subject;
gchar *inquirer_str;
gchar *subject_str;
PolkitSubject *user_of_inquirer;
@@ -271,7 +276,6 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
gchar *user_of_inquirer_str;
gchar *user_of_subject_str;
PolkitAuthorizationResult result;
- const gchar *action_id;
GError *error;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
@@ -279,7 +283,6 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
error = NULL;
inquirer = NULL;
- subject = NULL;
inquirer_str = NULL;
subject_str = NULL;
user_of_inquirer = NULL;
@@ -288,8 +291,6 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
user_of_subject_str = NULL;
inquirer = polkit_backend_pending_call_get_caller (pending_call);
- subject = polkit_authorization_claim_get_subject (claim);
- action_id = polkit_authorization_claim_get_action_id (claim);
inquirer_str = polkit_subject_to_string (inquirer);
subject_str = polkit_subject_to_string (subject);
@@ -330,11 +331,11 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
*/
if (!polkit_subject_equal (user_of_inquirer, user_of_subject))
{
- PolkitAuthorizationClaim *read_claim;
-
- read_claim = polkit_authorization_claim_new (user_of_inquirer, "org.freedesktop.policykit.read");
- result = check_claim_sync (authority, read_claim, &error);
- g_object_unref (read_claim);
+ result = check_authorization_sync (authority,
+ user_of_inquirer,
+ "org.freedesktop.policykit.read",
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE, /* no user interaction */
+ &error);
if (error != NULL)
{
@@ -354,7 +355,7 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
}
}
- result = check_claim_sync (authority, claim, &error);
+ result = check_authorization_sync (authority, subject, action_id, flags, &error);
if (error != NULL)
{
polkit_backend_pending_call_return_gerror (pending_call, error);
@@ -362,7 +363,7 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
}
else
{
- polkit_backend_authority_check_claim_finish (pending_call, result);
+ polkit_backend_authority_check_authorization_finish (pending_call, result);
}
out:
@@ -382,17 +383,17 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
/* ---------------------------------------------------------------------------------------------------- */
static PolkitAuthorizationResult
-check_claim_sync (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GError **error)
+check_authorization_sync (PolkitBackendAuthority *authority,
+ PolkitSubject *subject,
+ const gchar *action_id,
+ PolkitCheckAuthorizationFlags flags,
+ GError **error)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
PolkitAuthorizationResult result;
- PolkitSubject *subject;
PolkitSubject *user_of_subject;
gchar *subject_str;
- const gchar *action_id;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
@@ -401,9 +402,6 @@ check_claim_sync (PolkitBackendAuthority *authority,
user_of_subject = NULL;
subject_str = NULL;
- subject = polkit_authorization_claim_get_subject (claim);
- action_id = polkit_authorization_claim_get_action_id (claim);
-
subject_str = polkit_subject_to_string (subject);
g_debug ("checking whether %s is authorized for %s",
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 915873c..d7b455a 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -261,29 +261,35 @@ polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pe
/* ---------------------------------------------------------------------------------------------------- */
static void
-authority_handle_check_claim (_PolkitAuthority *instance,
- _PolkitAuthorizationClaim *real_claim,
- EggDBusMethodInvocation *method_invocation)
+authority_handle_check_authorization (_PolkitAuthority *instance,
+ _PolkitSubject *real_subject,
+ const gchar *action_id,
+ _PolkitCheckAuthorizationFlags flags,
+ EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
PolkitBackendPendingCall *pending_call;
- PolkitAuthorizationClaim *claim;
+ PolkitSubject *subject;
pending_call = _polkit_backend_pending_call_new (method_invocation, server);
- claim = polkit_authorization_claim_new_for_real (real_claim);
+ subject = polkit_subject_new_for_real (real_subject);
- g_object_set_data_full (G_OBJECT (pending_call), "claim", claim, (GDestroyNotify) g_object_unref);
+ g_object_set_data_full (G_OBJECT (pending_call), "subject", subject, (GDestroyNotify) g_object_unref);
- polkit_backend_authority_check_claim (server->authority, claim, pending_call);
+ polkit_backend_authority_check_authorization (server->authority,
+ subject,
+ action_id,
+ flags,
+ pending_call);
}
void
-polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
- PolkitAuthorizationResult result)
+polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
+ PolkitAuthorizationResult result)
{
- _polkit_authority_handle_check_claim_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
- result);
+ _polkit_authority_handle_check_authorization_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ result);
g_object_unref (pending_call);
}
@@ -297,5 +303,5 @@ authority_iface_init (_PolkitAuthorityIface *authority_iface)
authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
authority_iface->handle_enumerate_sessions = authority_handle_enumerate_sessions;
- authority_iface->handle_check_claim = authority_handle_check_claim;
+ authority_iface->handle_check_authorization = authority_handle_check_authorization;
}
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 2ad71f6..0bd8c7d 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -528,30 +528,25 @@ static gboolean
check (void)
{
PolkitAuthorizationResult result;
- PolkitAuthorizationClaim *claim;
GError *error;
error = NULL;
- claim = NULL;
result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
- claim = polkit_authorization_claim_new (subject,
- action_id);
-
- result = polkit_authority_check_claim_sync (authority,
- claim,
- NULL,
- &error);
+ result = polkit_authority_check_authorization_sync (authority,
+ subject,
+ action_id,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+ NULL,
+ &error);
if (error != NULL)
{
- g_printerr ("Error checking authorization claim: %s\n", error->message);
+ g_printerr ("Error checking authorization: %s\n", error->message);
g_error_free (error);
goto out;
}
out:
- if (claim != NULL)
- g_object_unref (claim);
return result == POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
}
@@ -561,7 +556,7 @@ check (void)
typedef struct
{
- PolkitAuthorizationClaim *claim;
+ gchar *action_id;
PolkitAuthorizationResult result;
} AuthzData;
@@ -574,7 +569,7 @@ static GMainLoop *authz_data_loop = NULL;
static void
authz_data_free (AuthzData *data)
{
- g_object_unref (data->claim);
+ g_free (data->action_id);
g_free (data);
}
@@ -582,18 +577,13 @@ static gint
authz_data_sort_func (gconstpointer a,
gconstpointer b)
{
- AuthzData *da;
- AuthzData *db;
- const gchar *aa;
- const gchar *ab;
-
- da = (AuthzData *) *((gpointer **) a);
- db = (AuthzData *) *((gpointer **) b);
+ AuthzData *data_a;
+ AuthzData *data_b;
- aa = polkit_authorization_claim_get_action_id (da->claim);
- ab = polkit_authorization_claim_get_action_id (db->claim);
+ data_a = (AuthzData *) *((gpointer **) a);
+ data_b = (AuthzData *) *((gpointer **) b);
- return strcmp (aa, ab);
+ return strcmp (data_a->action_id, data_b->action_id);
}
static void
@@ -610,12 +600,12 @@ list_authz_cb (GObject *source_obj,
data = user_data;
error = NULL;
- result = polkit_authority_check_claim_finish (authority,
- res,
- &error);
+ result = polkit_authority_check_authorization_finish (authority,
+ res,
+ &error);
if (error != NULL)
{
- g_printerr ("Unable to check claim: %s\n", error->message);
+ g_printerr ("Unable to check authorization: %s\n", error->message);
g_error_free (error);
}
else
@@ -662,26 +652,25 @@ list_authorizations (void)
for (l = actions; l != NULL; l = l->next)
{
PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
- PolkitAuthorizationClaim *claim;
+ const gchar *action_id;
AuthzData *data;
- claim = polkit_authorization_claim_new (calling_process,
- polkit_action_description_get_action_id (action));
+ action_id = polkit_action_description_get_action_id (action);
data = g_new0 (AuthzData, 1);
- data->claim = g_object_ref (claim);
+ data->action_id = g_strdup (action_id);
g_ptr_array_add (authz_data_array, data);
authz_data_num_pending += 1;
- polkit_authority_check_claim (authority,
- claim,
- NULL,
- list_authz_cb,
- data);
-
- g_object_unref (claim);
+ polkit_authority_check_authorization (authority,
+ calling_process,
+ action_id,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+ NULL,
+ list_authz_cb,
+ data);
}
g_main_loop_run (authz_data_loop);
@@ -696,7 +685,7 @@ list_authorizations (void)
AuthzData *data = authz_data_array->pdata[n];
if (data->result == POLKIT_AUTHORIZATION_RESULT_AUTHORIZED)
- g_print ("%s\n", polkit_authorization_claim_get_action_id (data->claim));
+ g_print ("%s\n", data->action_id);
}
out:
commit f8ce12a6cb950073fab66f6dccbfff4eed85849a
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Jan 18 14:39:05 2009 -0500
slighty fix up docs
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index b8161b1..680b964 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -1,4 +1,4 @@
-<refentry id="PolicyKit-1.8">
+<refentry id="polkit-1.1">
<refentryinfo>
<title>polkit-1</title>
<date>January 2009</date>
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index bb9d379..df9a03d 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -64,22 +64,35 @@
</para>
</partintro>
<xi:include href="xml/polkitauthority.xml"/>
+ <xi:include href="xml/polkitauthorizationclaim.xml"/>
+ <xi:include href="xml/polkitauthorizationresult.xml"/>
<xi:include href="xml/polkitactiondescription.xml"/>
<xi:include href="xml/polkiterror.xml"/>
- <xi:include href="xml/polkitsubject.xml"/>
- <xi:include href="xml/polkitunixuser.xml"/>
- <xi:include href="xml/polkitunixgroup.xml"/>
- <xi:include href="xml/polkitunixprocess.xml"/>
- <xi:include href="xml/polkitsystembusname.xml"/>
+ <chapter id="subjects">
+ <title>Subjects and Identities</title>
+ <xi:include href="xml/polkitsubject.xml"/>
+ <xi:include href="xml/polkitunixuser.xml"/>
+ <xi:include href="xml/polkitunixgroup.xml"/>
+ <xi:include href="xml/polkitunixprocess.xml"/>
+ <xi:include href="xml/polkitunixsession.xml"/>
+ <xi:include href="xml/polkitsystembusname.xml"/>
+ </chapter>
<chapter id="extending">
<title>Extending PolicyKit</title>
<xi:include href="../polkitbackend/xml/polkitbackendauthority.xml"/>
<xi:include href="../polkitbackend/xml/polkitbackendlocalauthority.xml"/>
<xi:include href="../polkitbackend/xml/polkitbackendactionpool.xml"/>
<xi:include href="../polkitbackend/xml/polkitbackendserver.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendsessionmonitor.xml"/>
</chapter>
</reference>
+ <chapter id="manpages">
+ <title>Manual Pages</title>
+ <xi:include href="../man/PolicyKit.xml"/>
+ <xi:include href="../man/polkit.xml"/>
+ </chapter>
+
<chapter id="polkit-hierarchy">
<title>Object Hierarchy</title>
<xi:include href="xml/tree_index.sgml"/>
commit 4a71334c22a39e11a80cfb0290d1253d41938dae
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Jan 18 14:20:51 2009 -0500
add checks for whether someone is authorized to check authorizations
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 75d9586..76f68d6 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -65,6 +65,9 @@
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.NotSupported">
<annotation name="org.gtk.EggDBus.DocString" value="Operation is not supported"/>
</annotation>
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.NotAuthorized">
+ <annotation name="org.gtk.EggDBus.DocString" value="Not authorized to perform operation"/>
+ </annotation>
</annotation>
<!-- An enumeration for results of CheckClaim() (TODO: implement this method) -->
diff --git a/src/polkit/polkiterror.h b/src/polkit/polkiterror.h
index 5dd21dc..9ef2955 100644
--- a/src/polkit/polkiterror.h
+++ b/src/polkit/polkiterror.h
@@ -42,15 +42,17 @@ GType polkit_error_get_type (void) G_GNUC_CONST;
/**
* PolkitError:
- * @POLKIT_ERROR_FAILED: The operation failed
- * @POLKIT_ERROR_NOT_SUPPORTED: Operation is not supported
+ * @POLKIT_ERROR_FAILED: The operation failed.
+ * @POLKIT_ERROR_NOT_SUPPORTED: Operation is not supported.
+ * @POLKIT_ERROR_NOT_AUTHORIZED: Not authorized to perform operation.
*
- * Errors when using PolicyKit.
+ * Possible error when using PolicyKit.
*/
typedef enum
{
POLKIT_ERROR_FAILED = 0,
POLKIT_ERROR_NOT_SUPPORTED = 1,
+ POLKIT_ERROR_NOT_AUTHORIZED = 2,
} PolkitError;
G_END_DECLS
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index d7c5434..e34bddc 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -140,6 +140,10 @@ polkit_subject_from_string (const gchar *str,
}
}
}
+ else if (g_str_has_prefix (str, "unix-session:"))
+ {
+ subject = polkit_unix_session_new (str + sizeof "unix-session:" - 1);
+ }
else if (g_str_has_prefix (str, "system-bus-name:"))
{
subject = polkit_system_bus_name_new (str + sizeof "system-bus-name:" - 1);
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index db49f99..f6fda0b 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -55,6 +55,10 @@ static void polkit_backend_local_authority_check_claim (PolkitBackendAuth
PolkitAuthorizationClaim *claim,
PolkitBackendPendingCall *pending_call);
+static PolkitAuthorizationResult check_claim_sync (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GError **error);
+
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
@@ -256,11 +260,32 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
PolkitAuthorizationClaim *claim,
PolkitBackendPendingCall *pending_call)
{
- gchar *inquirer_str;
- gchar *subject_str;
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
PolkitSubject *inquirer;
PolkitSubject *subject;
+ gchar *inquirer_str;
+ gchar *subject_str;
+ PolkitSubject *user_of_inquirer;
+ PolkitSubject *user_of_subject;
+ gchar *user_of_inquirer_str;
+ gchar *user_of_subject_str;
+ PolkitAuthorizationResult result;
const gchar *action_id;
+ GError *error;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ error = NULL;
+ inquirer = NULL;
+ subject = NULL;
+ inquirer_str = NULL;
+ subject_str = NULL;
+ user_of_inquirer = NULL;
+ user_of_subject = NULL;
+ user_of_inquirer_str = NULL;
+ user_of_subject_str = NULL;
inquirer = polkit_backend_pending_call_get_caller (pending_call);
subject = polkit_authorization_claim_get_subject (claim);
@@ -274,17 +299,148 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
subject_str,
action_id);
- /* TODO: temp */
- polkit_backend_authority_check_claim_finish (pending_call, POLKIT_AUTHORIZATION_RESULT_AUTHORIZED);
+ user_of_inquirer = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
+ inquirer,
+ &error);
+ if (error != NULL)
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ goto out;
+ }
+
+ user_of_inquirer_str = polkit_subject_to_string (user_of_inquirer);
+ g_debug (" user of inquirer is %s", user_of_inquirer_str);
+
+ user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
+ subject,
+ &error);
+ if (error != NULL)
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ goto out;
+ }
+
+ user_of_subject_str = polkit_subject_to_string (user_of_subject);
+ g_debug (" user of subject is %s", user_of_subject_str);
+
+ /* if the user of the inquirer and the user of the subject isn't the same, then
+ * the org.freedesktop.policykit.read authorization is required for the inquirer
+ */
+ if (!polkit_subject_equal (user_of_inquirer, user_of_subject))
+ {
+ PolkitAuthorizationClaim *read_claim;
+
+ read_claim = polkit_authorization_claim_new (user_of_inquirer, "org.freedesktop.policykit.read");
+ result = check_claim_sync (authority, read_claim, &error);
+ g_object_unref (read_claim);
+
+ if (error != NULL)
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ goto out;
+ }
+ else if (result != POLKIT_AUTHORIZATION_RESULT_AUTHORIZED)
+ {
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_AUTHORIZED,
+ "%s is not authorized to know about authorizations for %s (requires org.freedesktop.policykit.read authorization)",
+ user_of_inquirer_str,
+ subject_str);
+ goto out;
+ }
+ }
+
+ result = check_claim_sync (authority, claim, &error);
+ if (error != NULL)
+ {
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+ g_error_free (error);
+ }
+ else
+ {
+ polkit_backend_authority_check_claim_finish (pending_call, result);
+ }
+
+ out:
+
+ if (user_of_inquirer != NULL)
+ g_object_unref (user_of_inquirer);
+
+ if (user_of_subject != NULL)
+ g_object_unref (user_of_subject);
+
+ g_free (inquirer_str);
+ g_free (subject_str);
+ g_free (user_of_inquirer_str);
+ g_free (user_of_subject_str);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static PolkitAuthorizationResult
+check_claim_sync (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GError **error)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ PolkitAuthorizationResult result;
+ PolkitSubject *subject;
+ PolkitSubject *user_of_subject;
+ gchar *subject_str;
+ const gchar *action_id;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+ user_of_subject = NULL;
+ subject_str = NULL;
+
+ subject = polkit_authorization_claim_get_subject (claim);
+ action_id = polkit_authorization_claim_get_action_id (claim);
+
+ subject_str = polkit_subject_to_string (subject);
+
+ g_debug ("checking whether %s is authorized for %s",
+ subject_str,
+ action_id);
+
+ user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor,
+ subject,
+ error);
+ if (user_of_subject == NULL)
+ goto out;
+
+ if (POLKIT_IS_UNIX_USER (user_of_subject) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_subject)) == 0)
+ {
+ /* uid 0, root, is _always_ authorized for anything */
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+ goto out;
+ }
#if 0
- polkit_backend_pending_call_return_error (pending_call,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented");
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Not implemented (subject=%s action_id=%s)",
+ subject_str, action_id);
#endif
- g_free (inquirer_str);
+ /* TODO */
+ result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+
+ out:
g_free (subject_str);
+
+ if (user_of_subject != NULL)
+ g_object_unref (user_of_subject);
+
+ return result;
}
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index 5284c20..8f9783d 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -333,6 +333,8 @@ get_sessions_foreach_cb (EggDBusHashMap *map,
return FALSE;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
GList *
polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor)
{
@@ -349,3 +351,90 @@ polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monito
return l;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
+/**
+ * polkit_backend_session_monitor_get_user:
+ * @monitor: A #PolkitBackendSessionMonitor.
+ * @subject: A #PolkitSubject.
+ * @error: Return location for error.
+ *
+ * Gets the user corresponding to @subject or %NULL if no user exists.
+ *
+ * Returns: %NULL if @error is set otherwise a #PolkitUnixUser that should be freed with g_object_unref().
+ */
+PolkitSubject *
+polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *subject,
+ GError **error)
+{
+ PolkitSubject *user;
+ uid_t uid;
+
+ user = NULL;
+
+ if (POLKIT_IS_UNIX_USER (subject))
+ {
+ user = g_object_ref (subject);
+ }
+ else if (POLKIT_IS_UNIX_PROCESS (subject))
+ {
+ pid_t pid;
+
+ pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject));
+ uid = 500; /* TODO */
+
+ user = polkit_unix_user_new (uid);
+ }
+ else if (POLKIT_IS_UNIX_SESSION (subject))
+ {
+ const gchar *session_id;
+ EggDBusObjectProxy *session_object_proxy;
+ CkSession *session;
+
+ session_id = polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (subject));
+
+ session_object_proxy = egg_dbus_hash_map_lookup (monitor->session_object_path_to_object_proxy,
+ session_id);
+ if (session_object_proxy == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "No ConsoleKit session with id %s",
+ session_id);
+ goto out;
+ }
+
+ session = CK_QUERY_INTERFACE_SESSION (session_object_proxy);
+
+ uid = (uid_t) ck_session_get_user (session);
+
+ user = polkit_unix_user_new (uid);
+ }
+ else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
+ {
+ /* TODO: cache this stuff */
+ if (!egg_dbus_bus_get_connection_unix_user_sync (egg_dbus_connection_get_bus (monitor->system_bus),
+ EGG_DBUS_CALL_FLAGS_NONE,
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject)),
+ &uid,
+ NULL,
+ error))
+ goto out;
+
+ user = polkit_unix_user_new (uid);
+ }
+ else
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Cannot get user for subject of type %s",
+ g_type_name (G_TYPE_FROM_INSTANCE (subject)));
+ }
+
+ out:
+
+ return user;
+}
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h
index e5457bb..46ca247 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.h
+++ b/src/polkitbackend/polkitbackendsessionmonitor.h
@@ -47,6 +47,10 @@ GType polkit_backend_session_monitor_get_type (void)
PolkitBackendSessionMonitor *polkit_backend_session_monitor_new (void);
GList *polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor);
+PolkitSubject *polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor,
+ PolkitSubject *subject,
+ GError **error);
+
G_END_DECLS
#endif /* __POLKIT_BACKEND_SESSION_MONITOR_H */
commit 796bfa1deb02ea2718baad6dc82430b7b8a9f4af
Author: David Zeuthen <davidz at redhat.com>
Date: Fri Jan 16 14:41:48 2009 -0500
add PolkitUnixSession and associcated functions
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 6ebba5b..75d9586 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -84,16 +84,28 @@
<interface name="org.freedesktop.PolicyKit1.Authority">
<method name="EnumerateUsers">
- <arg name="users" direction="out" type="a(sa{sv})"/>
+ <arg name="users" direction="out" type="a(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
</method>
<method name="EnumerateGroups">
- <arg name="groups" direction="out" type="a(sa{sv})"/>
+ <arg name="groups" direction="out" type="a(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
+ </method>
+
+ <method name="EnumerateSessions">
+ <arg name="sessions" direction="out" type="a(sa{sv})">
+ <annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
+ </arg>
</method>
<method name="EnumerateActions">
<arg name="locale" direction="in" type="s"/>
- <arg name="action_descriptions" direction="out" type="a(ssssssa{ss})"/>
+ <arg name="action_descriptions" direction="out" type="a(ssssssa{ss})">
+ <annotation name="org.gtk.EggDBus.StructType" value="ActionDescription"/>
+ </arg>
</method>
<method name="CheckClaim">
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index 26ca53c..b8161b1 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -42,6 +42,11 @@
</arg>
<arg choice="plain">
<sbr/>
+ sessions
+ <arg><option>--verbose</option></arg>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
authorizations
</arg>
<arg choice="plain">
@@ -173,6 +178,18 @@
<refsect2>
<para>
+ <command>polkit-1 list sessions</command>
+ <arg><option>--verbose</option></arg>
+ </para>
+ <para>
+ Lists all sessions.
+ The returned identifiers can be used as <replaceable>subject</replaceable> parameters.
+ Prints detailed information about each session if <option>--verbose</option> is given.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
<command>polkit-1 list authorizations</command>
</para>
<para>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 8caf9d8..3a62076 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -47,6 +47,7 @@ libpolkit_gobject_1include_HEADERS = \
polkitunixuser.h \
polkitunixgroup.h \
polkitunixprocess.h \
+ polkitunixsession.h \
polkitsystembusname.h \
polkitauthorizationclaim.h \
polkitauthorizationresult.h \
@@ -62,6 +63,7 @@ libpolkit_gobject_1_la_SOURCES = \
polkitunixuser.c polkitunixuser.h \
polkitunixgroup.c polkitunixgroup.h \
polkitunixprocess.c polkitunixprocess.h \
+ polkitunixsession.c polkitunixsession.h \
polkitsystembusname.c polkitsystembusname.h \
polkitauthorizationclaim.c polkitauthorizationclaim.h \
polkitauthorizationresult.c polkitauthorizationresult.h \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index c81d14e..40df617 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -30,6 +30,7 @@
#include <polkit/polkitunixuser.h>
#include <polkit/polkitunixgroup.h>
#include <polkit/polkitunixprocess.h>
+#include <polkit/polkitunixsession.h>
#include <polkit/polkitsystembusname.h>
#include <polkit/polkitauthorizationclaim.h>
#include <polkit/polkitauthorizationresult.h>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index dbf02b9..1646467 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -242,7 +242,7 @@ polkit_authority_enumerate_users_async (PolkitAuthority *authority,
simple = g_simple_async_result_new (G_OBJECT (authority),
callback,
user_data,
- polkit_authority_enumerate_actions_async);
+ polkit_authority_enumerate_users_async);
call_id = _polkit_authority_enumerate_users (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
@@ -276,7 +276,7 @@ polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
simple = G_SIMPLE_ASYNC_RESULT (res);
real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
- g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_actions_async);
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_users_async);
result = NULL;
@@ -338,7 +338,7 @@ polkit_authority_enumerate_groups_async (PolkitAuthority *authority,
simple = g_simple_async_result_new (G_OBJECT (authority),
callback,
user_data,
- polkit_authority_enumerate_actions_async);
+ polkit_authority_enumerate_groups_async);
call_id = _polkit_authority_enumerate_groups (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
@@ -372,7 +372,7 @@ polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
simple = G_SIMPLE_ASYNC_RESULT (res);
real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
- g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_actions_async);
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_groups_async);
result = NULL;
@@ -423,6 +423,102 @@ polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
/* ---------------------------------------------------------------------------------------------------- */
static guint
+polkit_authority_enumerate_sessions_async (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_enumerate_sessions_async);
+
+ call_id = _polkit_authority_enumerate_sessions (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ return call_id;
+}
+
+void
+polkit_authority_enumerate_sessions (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_enumerate_sessions_async (authority, cancellable, callback, user_data);
+}
+
+GList *
+polkit_authority_enumerate_sessions_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ EggDBusArraySeq *array_seq;
+ GList *result;
+ guint n;
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_sessions_async);
+
+ result = NULL;
+
+ if (!_polkit_authority_enumerate_sessions_finish (authority->real,
+ &array_seq,
+ real_res,
+ error))
+ goto out;
+
+ for (n = 0; n < array_seq->size; n++)
+ {
+ _PolkitSubject *real_subject;
+
+ real_subject = array_seq->data.v_ptr[n];
+
+ result = g_list_prepend (result, polkit_subject_new_for_real (real_subject));
+ }
+
+ result = g_list_reverse (result);
+
+ g_object_unref (array_seq);
+
+ out:
+ g_object_unref (real_res);
+ return result;
+}
+
+GList *
+polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ GList *result;
+
+ call_id = polkit_authority_enumerate_sessions_async (authority, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_enumerate_sessions_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
polkit_authority_check_claim_async (PolkitAuthority *authority,
PolkitAuthorizationClaim *claim,
GCancellable *cancellable,
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index ba7bad3..85b1a51 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -59,6 +59,10 @@ GList *polkit_authority_enumerate_groups_sync (PolkitAuthori
GCancellable *cancellable,
GError **error);
+GList *polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error);
+
PolkitAuthorizationResult polkit_authority_check_claim_sync (PolkitAuthority *authority,
PolkitAuthorizationClaim *claim,
GCancellable *cancellable,
@@ -94,6 +98,15 @@ GList * polkit_authority_enumerate_groups_finish (PolkitAutho
GAsyncResult *res,
GError **error);
+void polkit_authority_enumerate_sessions (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+GList * polkit_authority_enumerate_sessions_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
void polkit_authority_check_claim (PolkitAuthority *authority,
PolkitAuthorizationClaim *claim,
GCancellable *cancellable,
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index 4732262..d7c5434 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -29,6 +29,7 @@
#include "polkitunixuser.h"
#include "polkitunixgroup.h"
#include "polkitunixprocess.h"
+#include "polkitunixsession.h"
#include "polkitsystembusname.h"
#include "polkiterror.h"
#include "polkitprivate.h"
@@ -188,6 +189,11 @@ polkit_subject_new_for_real (_PolkitSubject *real)
s = polkit_unix_process_new_full (egg_dbus_variant_get_uint (variant),
egg_dbus_variant_get_uint64 (variant2));
}
+ else if (strcmp (kind, "unix-session") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "session-id");
+ s = polkit_unix_session_new (egg_dbus_variant_get_string (variant));
+ }
else if (strcmp (kind, "system-bus-name") == 0)
{
variant = egg_dbus_hash_map_lookup (details, "name");
@@ -236,6 +242,13 @@ polkit_subject_get_real (PolkitSubject *subject)
"start-time",
egg_dbus_variant_new_for_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject))));
}
+ else if (POLKIT_IS_UNIX_SESSION (subject))
+ {
+ kind = "unix-session";
+ egg_dbus_hash_map_insert (details,
+ "session-id",
+ egg_dbus_variant_new_for_string (polkit_unix_session_get_session_id (POLKIT_UNIX_SESSION (subject))));
+ }
else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
{
kind = "system-bus-name";
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
index e1ab45d..e74a7ff 100644
--- a/src/polkit/polkittypes.h
+++ b/src/polkit/polkittypes.h
@@ -41,6 +41,9 @@ typedef struct _PolkitUnixGroup PolkitUnixGroup;
struct _PolkitUnixProcess;
typedef struct _PolkitUnixProcess PolkitUnixProcess;
+struct _PolkitUnixSession;
+typedef struct _PolkitUnixSession PolkitUnixSession;
+
struct _PolkitSystemBusName;
typedef struct _PolkitSystemBusName PolkitSystemBusName;
diff --git a/src/polkit/polkitunixsession.c b/src/polkit/polkitunixsession.c
new file mode 100644
index 0000000..b81bbd0
--- /dev/null
+++ b/src/polkit/polkitunixsession.c
@@ -0,0 +1,183 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+#include "polkitunixsession.h"
+#include "polkitsubject.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitunixsession
+ * @title: PolkitUnixSession
+ * @short_description: Unix sessions
+ *
+ * Encapsulates a login session on UNIX.
+ */
+
+struct _PolkitUnixSession
+{
+ GObject parent_instance;
+
+ gchar *session_id;
+};
+
+struct _PolkitUnixSessionClass
+{
+ GObjectClass parent_class;
+};
+
+enum
+{
+ PROP_0,
+ PROP_SESSION_ID,
+};
+
+static void subject_iface_init (PolkitSubjectIface *subject_iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitUnixSession, polkit_unix_session, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ );
+
+static void
+polkit_unix_session_init (PolkitUnixSession *unix_session)
+{
+}
+
+static void
+polkit_unix_session_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixSession *session = POLKIT_UNIX_SESSION (object);
+
+ switch (prop_id)
+ {
+ case PROP_SESSION_ID:
+ g_value_set_string (value, session->session_id);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_session_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixSession *session = POLKIT_UNIX_SESSION (object);
+
+ switch (prop_id)
+ {
+ case PROP_SESSION_ID:
+ polkit_unix_session_set_session_id (session, g_value_get_string (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_session_class_init (PolkitUnixSessionClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->get_property = polkit_unix_session_get_property;
+ gobject_class->set_property = polkit_unix_session_set_property;
+
+ /**
+ * PolkitUnixSession:session-id:
+ *
+ * The UNIX session id.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_SESSION_ID,
+ g_param_spec_string ("session-id",
+ "Session ID",
+ "The UNIX session ID",
+ NULL,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_BLURB |
+ G_PARAM_STATIC_NICK));
+
+}
+
+const gchar *
+polkit_unix_session_get_session_id (PolkitUnixSession *session)
+{
+ return session->session_id;
+}
+
+void
+polkit_unix_session_set_session_id (PolkitUnixSession *session,
+ const gchar *session_id)
+{
+ g_free (session->session_id);
+ session->session_id = g_strdup (session_id);
+}
+
+PolkitSubject *
+polkit_unix_session_new (const gchar *session_id)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_SESSION,
+ "session-id", session_id,
+ NULL));
+}
+
+static gboolean
+polkit_unix_session_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ PolkitUnixSession *session_a;
+ PolkitUnixSession *session_b;
+
+ session_a = POLKIT_UNIX_SESSION (a);
+ session_b = POLKIT_UNIX_SESSION (b);
+
+ return g_strcmp0 (session_a->session_id, session_b->session_id) == 0;
+}
+
+static gchar *
+polkit_unix_session_to_string (PolkitSubject *subject)
+{
+ PolkitUnixSession *session = POLKIT_UNIX_SESSION (subject);
+
+ return g_strdup_printf ("unix-session:%s", session->session_id);
+}
+
+static void
+subject_iface_init (PolkitSubjectIface *subject_iface)
+{
+ subject_iface->equal = polkit_unix_session_equal;
+ subject_iface->to_string = polkit_unix_session_to_string;
+}
diff --git a/src/polkit/polkitunixsession.h b/src/polkit/polkitunixsession.h
new file mode 100644
index 0000000..bbf431e
--- /dev/null
+++ b/src/polkit/polkitunixsession.h
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_UNIX_SESSION_H
+#define __POLKIT_UNIX_SESSION_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_UNIX_SESSION (polkit_unix_session_get_type())
+#define POLKIT_UNIX_SESSION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_UNIX_SESSION, PolkitUnixSession))
+#define POLKIT_UNIX_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_UNIX_SESSION, PolkitUnixSessionClass))
+#define POLKIT_UNIX_SESSION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_UNIX_SESSION, PolkitUnixSessionClass))
+#define POLKIT_IS_UNIX_SESSION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_UNIX_SESSION))
+#define POLKIT_IS_UNIX_SESSION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_UNIX_SESSION))
+
+#if 0
+typedef struct _PolkitUnixSession PolkitUnixSession;
+#endif
+typedef struct _PolkitUnixSessionClass PolkitUnixSessionClass;
+
+GType polkit_unix_session_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_unix_session_new (const gchar *session_id);
+const gchar *polkit_unix_session_get_session_id (PolkitUnixSession *session);
+void polkit_unix_session_set_session_id (PolkitUnixSession *session,
+ const gchar *session_id);
+
+G_END_DECLS
+
+#endif /* __POLKIT_UNIX_SESSION_H */
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 97ef38a..f00cfbe 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -73,6 +73,17 @@ polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
}
void
+polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->enumerate_sessions (authority, pending_call);
+}
+
+void
polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
PolkitAuthorizationClaim *claim,
PolkitBackendPendingCall *pending_call)
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 3a54a4c..fd641b3 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -51,19 +51,22 @@ struct _PolkitBackendAuthorityClass
/*< public >*/
- void (*enumerate_actions) (PolkitBackendAuthority *authority,
- const gchar *locale,
- PolkitBackendPendingCall *pending_call);
+ void (*enumerate_actions) (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
- void (*enumerate_users) (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+ void (*enumerate_users) (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
- void (*enumerate_groups) (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+ void (*enumerate_groups) (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
- void (*check_claim) (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call);
+ void (*enumerate_sessions) (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
+
+ void (*check_claim) (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call);
/*< private >*/
/* Padding for future expansion */
@@ -81,33 +84,39 @@ GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
/* --- */
-void polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-void polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-void polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call);
/* --- */
-void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
- GList *actions);
+void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
+ GList *actions);
+
+void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
+ GList *users);
-void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
- GList *users);
+void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
+ GList *groups);
-void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
- GList *groups);
+void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
+ GList *sessions);
-void polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
- PolkitAuthorizationResult result);
+void polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
+ PolkitAuthorizationResult result);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index c4dbba8..db49f99 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -38,19 +38,22 @@ typedef struct
} PolkitBackendLocalAuthorityPrivate;
-static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
-static void polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-static void polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
- PolkitAuthorizationClaim *claim,
- PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
+
+static void polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call);
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
@@ -100,10 +103,11 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
gobject_class->finalize = polkit_backend_local_authority_finalize;
- authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
- authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
- authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
- authority_class->check_claim = polkit_backend_local_authority_check_claim;
+ authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
+ authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
+ authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
+ authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
+ authority_class->check_claim = polkit_backend_local_authority_check_claim;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -135,6 +139,8 @@ polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *auth
actions);
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call)
@@ -179,6 +185,8 @@ polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *author
;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call)
@@ -223,6 +231,26 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho
;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ GList *list;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ list = polkit_backend_session_monitor_get_sessions (priv->session_monitor);
+
+ polkit_backend_authority_enumerate_sessions_finish (pending_call, list);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
PolkitAuthorizationClaim *claim,
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 3da541e..915873c 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -85,6 +85,8 @@ polkit_backend_server_new (PolkitBackendAuthority *authority)
return server;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
authority_handle_enumerate_actions (_PolkitAuthority *instance,
const gchar *locale,
@@ -127,6 +129,8 @@ polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pen
g_object_unref (pending_call);
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
authority_handle_enumerate_users (_PolkitAuthority *instance,
EggDBusMethodInvocation *method_invocation)
@@ -168,6 +172,8 @@ polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pendi
g_object_unref (pending_call);
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
authority_handle_enumerate_groups (_PolkitAuthority *instance,
EggDBusMethodInvocation *method_invocation)
@@ -209,6 +215,51 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend
g_object_unref (pending_call);
}
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_handle_enumerate_sessions (_PolkitAuthority *instance,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ polkit_backend_authority_enumerate_sessions (server->authority, pending_call);
+}
+
+void
+polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
+ GList *sessions)
+{
+ EggDBusArraySeq *array;
+ GList *l;
+
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
+
+ for (l = sessions; l != NULL; l = l->next)
+ {
+ PolkitSubject *subject = POLKIT_SUBJECT (l->data);
+ _PolkitSubject *real;
+
+ real = polkit_subject_get_real (subject);
+ egg_dbus_array_seq_add (array, real);
+ }
+
+ _polkit_authority_handle_enumerate_sessions_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ array);
+
+ g_object_unref (array);
+
+ g_list_foreach (sessions, (GFunc) g_object_unref, NULL);
+ g_list_free (sessions);
+
+ g_object_unref (pending_call);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
authority_handle_check_claim (_PolkitAuthority *instance,
_PolkitAuthorizationClaim *real_claim,
@@ -237,11 +288,14 @@ polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_
g_object_unref (pending_call);
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
- authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
- authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
- authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
- authority_iface->handle_check_claim = authority_handle_check_claim;
+ authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
+ authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
+ authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
+ authority_iface->handle_enumerate_sessions = authority_handle_enumerate_sessions;
+ authority_iface->handle_check_claim = authority_handle_check_claim;
}
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index ae97423..5284c20 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -313,3 +313,39 @@ polkit_backend_session_monitor_new (void)
return monitor;
}
+static gboolean
+get_sessions_foreach_cb (EggDBusHashMap *map,
+ gpointer key,
+ gpointer value,
+ gpointer user_data)
+{
+ GList **l;
+ const gchar *session_object_path;
+ PolkitSubject *session;
+
+ l = user_data;
+ session_object_path = key;
+
+ session = polkit_unix_session_new (session_object_path);
+
+ *l = g_list_prepend (*l, session);
+
+ return FALSE;
+}
+
+GList *
+polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor)
+{
+ GList *l;
+
+ l = NULL;
+
+ egg_dbus_hash_map_foreach (monitor->session_object_path_to_object_proxy,
+ get_sessions_foreach_cb,
+ &l);
+
+ l = g_list_reverse (l);
+
+ return l;
+}
+
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h
index a5a39f9..e5457bb 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.h
+++ b/src/polkitbackend/polkitbackendsessionmonitor.h
@@ -43,8 +43,9 @@ typedef struct _PolkitBackendSessionMonitor PolkitBackendSessionMonitor;
#endif
typedef struct _PolkitBackendSessionMonitorClass PolkitBackendSessionMonitorClass;
-GType polkit_backend_session_monitor_get_type (void) G_GNUC_CONST;
-PolkitBackendSessionMonitor *polkit_backend_session_monitor_new (void);
+GType polkit_backend_session_monitor_get_type (void) G_GNUC_CONST;
+PolkitBackendSessionMonitor *polkit_backend_session_monitor_new (void);
+GList *polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor);
G_END_DECLS
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 6c79538..2ad71f6 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -28,9 +28,10 @@
static PolkitAuthority *authority;
-static gboolean opt_list_actions = FALSE;
-static gboolean opt_list_users = FALSE;
-static gboolean opt_list_groups = FALSE;
+static gboolean opt_list_actions = FALSE;
+static gboolean opt_list_users = FALSE;
+static gboolean opt_list_groups = FALSE;
+static gboolean opt_list_sessions = FALSE;
static gboolean opt_list_authorizations = FALSE;
static gboolean opt_list_explicit_authorizations = FALSE;
static gboolean opt_check = FALSE;
@@ -49,6 +50,7 @@ static gchar *action_id = NULL;
static gboolean list_actions (void);
static gboolean list_users (void);
static gboolean list_groups (void);
+static gboolean list_sessions (void);
static gboolean list_authorizations (void);
static gboolean check (void);
@@ -106,6 +108,10 @@ main (int argc, char *argv[])
{
opt_list_groups = TRUE;
}
+ else if (strcmp (argv[n], "sessions") == 0)
+ {
+ opt_list_sessions = TRUE;
+ }
else if (strcmp (argv[n], "authorizations") == 0)
{
opt_list_authorizations = TRUE;
@@ -217,6 +223,10 @@ main (int argc, char *argv[])
{
ret = list_groups ();
}
+ else if (opt_list_sessions)
+ {
+ ret = list_sessions ();
+ }
else if (opt_list_authorizations)
{
ret = list_authorizations ();
@@ -482,6 +492,39 @@ list_groups (void)
/* ---------------------------------------------------------------------------------------------------- */
static gboolean
+list_sessions (void)
+{
+ gboolean ret;
+ GError *error;
+ GList *subjects;
+
+ ret = FALSE;
+
+ error = NULL;
+ subjects = polkit_authority_enumerate_sessions_sync (authority,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating sessions: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ print_subjects (subjects);
+
+ g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
+ g_list_free (subjects);
+
+ ret = TRUE;
+
+ out:
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean
check (void)
{
PolkitAuthorizationResult result;
commit 19eb8a92f6e61661cdec8350428b22519e61bd77
Author: David Zeuthen <davidz at redhat.com>
Date: Fri Jan 16 12:54:11 2009 -0500
remove attributes from AuthorizationClaim and CheckClaim()
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index f99855e..6ebba5b 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -55,11 +55,6 @@
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
<annotation name="org.gtk.EggDBus.DocString" value="Action Identifier for the claim"/>
</annotation>
-
- <annotation name="org.gtk.EggDBus.Struct.Member" value="a{ss}:attributes">
- <annotation name="org.gtk.EggDBus.DocString" value="Attributes for the claim"/>
- </annotation>
-
</annotation>
<!-- The error domain used for reporting errors -->
@@ -102,13 +97,12 @@
</method>
<method name="CheckClaim">
- <arg name="claim" direction="in" type="((sa{sv})sa{ss})">
+ <arg name="claim" direction="in" type="((sa{sv})s)">
<annotation name="org.gtk.EggDBus.StructType" value="AuthorizationClaim"/>
</arg>
<arg name="result" direction="out" type="i">
<annotation name="org.gtk.EggDBus.EnumType" value="AuthorizationResult"/>
</arg>
- <arg name="attributes" direction="out" type="a{ss}"/>
</method>
</interface>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 018de0f..dbf02b9 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -470,7 +470,6 @@ polkit_authority_check_claim_finish (PolkitAuthority *authority,
GError **error)
{
_PolkitAuthorizationResult result;
- EggDBusHashMap *result_attributes;
GSimpleAsyncResult *simple;
GAsyncResult *real_res;
@@ -483,15 +482,10 @@ polkit_authority_check_claim_finish (PolkitAuthority *authority,
if (!_polkit_authority_check_claim_finish (authority->real,
&result,
- &result_attributes,
real_res,
error))
goto out;
- /* TODO: pass these back? */
- if (result_attributes != NULL)
- g_object_unref (result_attributes);
-
out:
g_object_unref (real_res);
return result;
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index e9557a1..3da541e 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -231,15 +231,8 @@ void
polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
PolkitAuthorizationResult result)
{
- EggDBusHashMap *attributes;
-
- attributes = egg_dbus_hash_map_new (G_TYPE_STRING, g_free, G_TYPE_STRING, g_free);
-
_polkit_authority_handle_check_claim_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
- result,
- attributes);
-
- g_object_unref (attributes);
+ result);
g_object_unref (pending_call);
}
commit 715693a67752174b60df8431273c2f1a4ff33eaa
Author: David Zeuthen <davidz at redhat.com>
Date: Fri Jan 16 12:25:09 2009 -0500
implement 'polkit-1 list authorizations'
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 2f78472..018de0f 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -116,6 +116,17 @@ generic_cb (GObject *source_obj,
*target_res = g_object_ref (res);
}
+static void
+generic_async_cb (GObject *source_obj,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
+
+ g_simple_async_result_set_op_res_gpointer (simple, g_object_ref (res), g_object_unref);
+ g_simple_async_result_complete (simple);
+}
+
/* ---------------------------------------------------------------------------------------------------- */
static guint
@@ -126,13 +137,19 @@ polkit_authority_enumerate_actions_async (PolkitAuthority *authority,
gpointer user_data)
{
guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_enumerate_actions_async);
call_id = _polkit_authority_enumerate_actions (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
locale,
cancellable,
- callback,
- user_data);
+ generic_async_cb,
+ simple);
return call_id;
}
@@ -155,12 +172,19 @@ polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
EggDBusArraySeq *array_seq;
GList *result;
guint n;
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_actions_async);
result = NULL;
if (!_polkit_authority_enumerate_actions_finish (authority->real,
&array_seq,
- res,
+ real_res,
error))
goto out;
@@ -178,6 +202,7 @@ polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
g_object_unref (array_seq);
out:
+ g_object_unref (real_res);
return result;
}
@@ -212,12 +237,18 @@ polkit_authority_enumerate_users_async (PolkitAuthority *authority,
gpointer user_data)
{
guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_enumerate_actions_async);
call_id = _polkit_authority_enumerate_users (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
cancellable,
- callback,
- user_data);
+ generic_async_cb,
+ simple);
return call_id;
}
@@ -239,12 +270,19 @@ polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
EggDBusArraySeq *array_seq;
GList *result;
guint n;
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_actions_async);
result = NULL;
if (!_polkit_authority_enumerate_users_finish (authority->real,
&array_seq,
- res,
+ real_res,
error))
goto out;
@@ -262,6 +300,7 @@ polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
g_object_unref (array_seq);
out:
+ g_object_unref (real_res);
return result;
}
@@ -289,17 +328,23 @@ polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
static guint
polkit_authority_enumerate_groups_async (PolkitAuthority *authority,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
{
guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_enumerate_actions_async);
call_id = _polkit_authority_enumerate_groups (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- cancellable,
- callback,
- user_data);
+ EGG_DBUS_CALL_FLAGS_NONE,
+ cancellable,
+ generic_async_cb,
+ simple);
return call_id;
}
@@ -321,12 +366,19 @@ polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
EggDBusArraySeq *array_seq;
GList *result;
guint n;
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_actions_async);
result = NULL;
if (!_polkit_authority_enumerate_groups_finish (authority->real,
&array_seq,
- res,
+ real_res,
error))
goto out;
@@ -344,6 +396,7 @@ polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
g_object_unref (array_seq);
out:
+ g_object_unref (real_res);
return result;
}
@@ -378,15 +431,23 @@ polkit_authority_check_claim_async (PolkitAuthority *authority,
{
_PolkitAuthorizationClaim *real_claim;
guint call_id;
+ GSimpleAsyncResult *simple;
real_claim = polkit_authorization_claim_get_real (claim);
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_check_claim_async);
+
+ g_object_set_data_full (G_OBJECT (simple), "claim", g_object_ref (claim), (GDestroyNotify) g_object_unref);
+
call_id = _polkit_authority_check_claim (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
real_claim,
cancellable,
- callback,
- user_data);
+ generic_async_cb,
+ simple);
g_object_unref (real_claim);
@@ -410,22 +471,29 @@ polkit_authority_check_claim_finish (PolkitAuthority *authority,
{
_PolkitAuthorizationResult result;
EggDBusHashMap *result_attributes;
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_check_claim_async);
result = _POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
if (!_polkit_authority_check_claim_finish (authority->real,
&result,
&result_attributes,
- res,
+ real_res,
error))
goto out;
- /* TODO: pass these back */
+ /* TODO: pass these back? */
if (result_attributes != NULL)
g_object_unref (result_attributes);
out:
-
+ g_object_unref (real_res);
return result;
}
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index b3d0333..ba7bad3 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -46,63 +46,63 @@ PolkitAuthority *polkit_authority_get (void);
/* ---------------------------------------------------------------------------------------------------- */
-GList *polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
- const gchar *locale,
- GCancellable *cancellable,
- GError **error);
-
-GList *polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
- GCancellable *cancellable,
- GError **error);
+GList *polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GError **error);
-GList *polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
+GList *polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
GCancellable *cancellable,
GError **error);
-PolkitAuthorizationResult polkit_authority_check_claim_sync (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GError **error);
-
-/* ---------------------------------------------------------------------------------------------------- */
+GList *polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error);
-void polkit_authority_enumerate_actions (PolkitAuthority *authority,
- const gchar *locale,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data);
+PolkitAuthorizationResult polkit_authority_check_claim_sync (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GError **error);
-GList * polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error);
+/* ---------------------------------------------------------------------------------------------------- */
-void polkit_authority_enumerate_users (PolkitAuthority *authority,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data);
+void polkit_authority_enumerate_actions (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
-GList * polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error);
+GList * polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
-void polkit_authority_enumerate_groups (PolkitAuthority *authority,
+void polkit_authority_enumerate_users (PolkitAuthority *authority,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
-GList * polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
+GList * polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
GAsyncResult *res,
GError **error);
-void polkit_authority_check_claim (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data);
+void polkit_authority_enumerate_groups (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+GList * polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_check_claim (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
-PolkitAuthorizationResult polkit_authority_check_claim_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error);
+PolkitAuthorizationResult polkit_authority_check_claim_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitauthorizationresult.c b/src/polkit/polkitauthorizationresult.c
new file mode 100644
index 0000000..ad224f3
--- /dev/null
+++ b/src/polkit/polkitauthorizationresult.c
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "polkitauthorizationresult.h"
+#include "polkitprivate.h"
+
+
+/**
+ * SECTION:polkitauthorizationresult
+ * @title: PolkitAuthorizationResult
+ * @short_result: Authorization Results
+ *
+ * Results of a check for an claim.
+ */
+
+GType
+polkit_authorization_result_get_type (void)
+{
+ return _polkit_authorization_result_get_type ();
+}
+
diff --git a/src/polkit/polkitauthorizationresult.h b/src/polkit/polkitauthorizationresult.h
new file mode 100644
index 0000000..6e6f445
--- /dev/null
+++ b/src/polkit/polkitauthorizationresult.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AUTHORIZATION_RESULT_H
+#define __POLKIT_AUTHORIZATION_RESULT_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+GType polkit_authorization_result_get_type (void) G_GNUC_CONST;
+
+#define POLKIT_TYPE_AUTHORIZATION_RESULT (polkit_authorization_result_get_type ())
+
+/**
+ * PolkitAuthorizationResult:
+ * @POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED: The subject is not authorized for the specified action
+ * @POLKIT_AUTHORIZATION_RESULT_AUTHORIZED: The subject is authorized for the specified action
+ * @POLKIT_AUTHORIZATION_RESULT_CHALLENGE: The subject is authorized if more information is provided
+ *
+ * Result codes for checking whether a subject is authorized for an action.
+ */
+typedef enum
+{
+ POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED = 0,
+ POLKIT_AUTHORIZATION_RESULT_AUTHORIZED = 1,
+ POLKIT_AUTHORIZATION_RESULT_CHALLENGE = 2,
+} PolkitAuthorizationResult;
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORIZATION_RESULT_H */
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index 9976fad..6aca70e 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -43,5 +43,4 @@ _PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
PolkitAuthorizationClaim *polkit_authorization_claim_new_for_real (_PolkitAuthorizationClaim *real);
_PolkitAuthorizationClaim *polkit_authorization_claim_get_real (PolkitAuthorizationClaim *claim);
-
#endif /* __POLKIT_PRIVATE_H */
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
index 235f92d..e1ab45d 100644
--- a/src/polkit/polkittypes.h
+++ b/src/polkit/polkittypes.h
@@ -47,5 +47,4 @@ typedef struct _PolkitSystemBusName PolkitSystemBusName;
struct _PolkitAuthorizationClaim;
typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim;
-
#endif /* __POLKIT_TYPES_H */
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index ea292c2..c4dbba8 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -246,10 +246,15 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
subject_str,
action_id);
+ /* TODO: temp */
+ polkit_backend_authority_check_claim_finish (pending_call, POLKIT_AUTHORIZATION_RESULT_AUTHORIZED);
+
+#if 0
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
"Not implemented");
+#endif
g_free (inquirer_str);
g_free (subject_str);
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index d436338..6c79538 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -44,14 +44,19 @@ static PolkitSubject *subject = NULL;
static gchar *action_id = NULL;
+/* ---------------------------------------------------------------------------------------------------- */
+
static gboolean list_actions (void);
static gboolean list_users (void);
static gboolean list_groups (void);
+static gboolean list_authorizations (void);
static gboolean check (void);
static gboolean show_action (const gchar *action_id);
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
usage (int argc, char *argv[])
{
@@ -69,6 +74,8 @@ usage (int argc, char *argv[])
}
}
+/* ---------------------------------------------------------------------------------------------------- */
+
int
main (int argc, char *argv[])
{
@@ -210,6 +217,10 @@ main (int argc, char *argv[])
{
ret = list_groups ();
}
+ else if (opt_list_authorizations)
+ {
+ ret = list_authorizations ();
+ }
else if (opt_check)
{
if (subject == NULL || action_id == NULL)
@@ -238,6 +249,8 @@ main (int argc, char *argv[])
return ret ? 0 : 1;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
print_action (PolkitActionDescription *action)
{
@@ -279,6 +292,8 @@ print_action (PolkitActionDescription *action)
}
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static gboolean
show_action (const gchar *action_id)
{
@@ -380,6 +395,8 @@ list_actions (void)
return ret;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
print_subjects (GList *subjects)
{
@@ -396,6 +413,8 @@ print_subjects (GList *subjects)
}
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static gboolean
list_users (void)
{
@@ -427,6 +446,8 @@ list_users (void)
return ret;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static gboolean
list_groups (void)
{
@@ -458,6 +479,8 @@ list_groups (void)
return ret;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
static gboolean
check (void)
{
@@ -483,8 +506,6 @@ check (void)
goto out;
}
- g_debug ("result = %d", result);
-
out:
if (claim != NULL)
g_object_unref (claim);
@@ -492,3 +513,161 @@ check (void)
return result == POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
}
+/* ---------------------------------------------------------------------------------------------------- */
+
+
+typedef struct
+{
+ PolkitAuthorizationClaim *claim;
+ PolkitAuthorizationResult result;
+} AuthzData;
+
+static GPtrArray *authz_data_array;
+
+static gint authz_data_num_pending = 0;
+
+static GMainLoop *authz_data_loop = NULL;
+
+static void
+authz_data_free (AuthzData *data)
+{
+ g_object_unref (data->claim);
+ g_free (data);
+}
+
+static gint
+authz_data_sort_func (gconstpointer a,
+ gconstpointer b)
+{
+ AuthzData *da;
+ AuthzData *db;
+ const gchar *aa;
+ const gchar *ab;
+
+ da = (AuthzData *) *((gpointer **) a);
+ db = (AuthzData *) *((gpointer **) b);
+
+ aa = polkit_authorization_claim_get_action_id (da->claim);
+ ab = polkit_authorization_claim_get_action_id (db->claim);
+
+ return strcmp (aa, ab);
+}
+
+static void
+list_authz_cb (GObject *source_obj,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ PolkitAuthority *authority;
+ AuthzData *data;
+ GError *error;
+ PolkitAuthorizationResult result;
+
+ authority = POLKIT_AUTHORITY (source_obj);
+ data = user_data;
+ error = NULL;
+
+ result = polkit_authority_check_claim_finish (authority,
+ res,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Unable to check claim: %s\n", error->message);
+ g_error_free (error);
+ }
+ else
+ {
+ data->result = result;
+ }
+
+ authz_data_num_pending -= 1;
+
+ if (authz_data_num_pending == 0)
+ g_main_loop_quit (authz_data_loop);
+}
+
+static gboolean
+list_authorizations (void)
+{
+ GError *error;
+ GList *actions;
+ GList *l;
+ gboolean ret;
+ PolkitSubject *calling_process;
+ guint n;
+
+ ret = FALSE;
+
+ authz_data_array = g_ptr_array_new ();
+ authz_data_num_pending = 0;
+ authz_data_loop = g_main_loop_new (NULL, FALSE);
+
+ calling_process = polkit_unix_process_new (getppid ());
+
+ error = NULL;
+ actions = polkit_authority_enumerate_actions_sync (authority,
+ NULL,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating actions: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (l = actions; l != NULL; l = l->next)
+ {
+ PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
+ PolkitAuthorizationClaim *claim;
+ AuthzData *data;
+
+ claim = polkit_authorization_claim_new (calling_process,
+ polkit_action_description_get_action_id (action));
+
+ data = g_new0 (AuthzData, 1);
+ data->claim = g_object_ref (claim);
+
+ g_ptr_array_add (authz_data_array, data);
+
+ authz_data_num_pending += 1;
+
+ polkit_authority_check_claim (authority,
+ claim,
+ NULL,
+ list_authz_cb,
+ data);
+
+ g_object_unref (claim);
+ }
+
+ g_main_loop_run (authz_data_loop);
+
+ ret = TRUE;
+
+ /* sort authorizations by name */
+ g_ptr_array_sort (authz_data_array, authz_data_sort_func);
+
+ for (n = 0; n < authz_data_array->len; n++)
+ {
+ AuthzData *data = authz_data_array->pdata[n];
+
+ if (data->result == POLKIT_AUTHORIZATION_RESULT_AUTHORIZED)
+ g_print ("%s\n", polkit_authorization_claim_get_action_id (data->claim));
+ }
+
+ out:
+
+ g_list_foreach (actions, (GFunc) g_object_unref, NULL);
+ g_list_free (actions);
+
+ g_ptr_array_foreach (authz_data_array, (GFunc) authz_data_free, NULL);
+ g_ptr_array_free (authz_data_array, TRUE);
+
+ g_object_unref (calling_process);
+
+ g_main_loop_unref (authz_data_loop);
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
commit b21a26b2abc16f3f669eefa88b5fd1b7ebf5c642
Author: David Zeuthen <davidz at redhat.com>
Date: Thu Jan 15 12:13:59 2009 -0500
add async versions of PolkitAuthority methods
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index bb4d1c6..2f78472 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -40,6 +40,7 @@ struct _PolkitAuthority
{
GObject parent_instance;
+ EggDBusConnection *system_bus;
EggDBusObjectProxy *authority_object_proxy;
_PolkitAuthority *real;
@@ -60,17 +61,13 @@ G_DEFINE_TYPE (PolkitAuthority, polkit_authority, G_TYPE_OBJECT);
static void
polkit_authority_init (PolkitAuthority *authority)
{
- EggDBusConnection *system_bus;
-
- system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+ authority->system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
- authority->authority_object_proxy = egg_dbus_connection_get_object_proxy (system_bus,
+ authority->authority_object_proxy = egg_dbus_connection_get_object_proxy (authority->system_bus,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority");
authority->real = _POLKIT_QUERY_INTERFACE_AUTHORITY (authority->authority_object_proxy);
-
- g_object_unref (system_bus);
}
static void
@@ -81,6 +78,7 @@ polkit_authority_finalize (GObject *object)
authority = POLKIT_AUTHORITY (object);
g_object_unref (authority->authority_object_proxy);
+ g_object_unref (authority->system_bus);
the_authority = NULL;
@@ -108,11 +106,51 @@ polkit_authority_get (void)
return the_authority;
}
+static void
+generic_cb (GObject *source_obj,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ GAsyncResult **target_res = user_data;
+
+ *target_res = g_object_ref (res);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_enumerate_actions_async (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+
+ call_id = _polkit_authority_enumerate_actions (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ locale,
+ cancellable,
+ callback,
+ user_data);
+
+ return call_id;
+}
+
+void
+polkit_authority_enumerate_actions (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_enumerate_actions_async (authority, locale, cancellable, callback, user_data);
+}
+
GList *
-polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
- const gchar *locale,
- GCancellable *cancellable,
- GError **error)
+polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
{
EggDBusArraySeq *array_seq;
GList *result;
@@ -120,12 +158,10 @@ polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
result = NULL;
- if (!_polkit_authority_enumerate_actions_sync (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- locale,
- &array_seq,
- cancellable,
- error))
+ if (!_polkit_authority_enumerate_actions_finish (authority->real,
+ &array_seq,
+ res,
+ error))
goto out;
for (n = 0; n < array_seq->size; n++)
@@ -145,10 +181,60 @@ polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
return result;
}
+
GList *
-polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
- GCancellable *cancellable,
- GError **error)
+polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ GList *result;
+
+ call_id = polkit_authority_enumerate_actions_async (authority, locale, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_enumerate_actions_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_enumerate_users_async (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+
+ call_id = _polkit_authority_enumerate_users (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ cancellable,
+ callback,
+ user_data);
+
+ return call_id;
+}
+
+void
+polkit_authority_enumerate_users (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_enumerate_users_async (authority, cancellable, callback, user_data);
+}
+
+GList *
+polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
{
EggDBusArraySeq *array_seq;
GList *result;
@@ -156,11 +242,10 @@ polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
result = NULL;
- if (!_polkit_authority_enumerate_users_sync (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- &array_seq,
- cancellable,
- error))
+ if (!_polkit_authority_enumerate_users_finish (authority->real,
+ &array_seq,
+ res,
+ error))
goto out;
for (n = 0; n < array_seq->size; n++)
@@ -181,9 +266,57 @@ polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
}
GList *
-polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
- GCancellable *cancellable,
- GError **error)
+polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ GList *result;
+
+ call_id = polkit_authority_enumerate_users_async (authority, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_enumerate_users_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_enumerate_groups_async (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+
+ call_id = _polkit_authority_enumerate_groups (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ cancellable,
+ callback,
+ user_data);
+
+ return call_id;
+}
+
+void
+polkit_authority_enumerate_groups (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_enumerate_groups_async (authority, cancellable, callback, user_data);
+}
+
+GList *
+polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
{
EggDBusArraySeq *array_seq;
GList *result;
@@ -191,11 +324,10 @@ polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
result = NULL;
- if (!_polkit_authority_enumerate_groups_sync (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- &array_seq,
- cancellable,
- error))
+ if (!_polkit_authority_enumerate_groups_finish (authority->real,
+ &array_seq,
+ res,
+ error))
goto out;
for (n = 0; n < array_seq->size; n++)
@@ -215,28 +347,77 @@ polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
return result;
}
-PolkitAuthorizationResult
-polkit_authority_check_claim_sync (PolkitAuthority *authority,
- PolkitAuthorizationClaim *claim,
- GCancellable *cancellable,
- GError **error)
+GList *
+polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error)
{
- _PolkitAuthorizationResult result;
- _PolkitAuthorizationClaim *real_claim;
- EggDBusHashMap *result_attributes;
+ guint call_id;
+ GAsyncResult *res;
+ GList *result;
- result = _POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
- real_claim = NULL;
+ call_id = polkit_authority_enumerate_groups_async (authority, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_enumerate_groups_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_check_claim_async (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ _PolkitAuthorizationClaim *real_claim;
+ guint call_id;
real_claim = polkit_authorization_claim_get_real (claim);
- if (!_polkit_authority_check_claim_sync (authority->real,
+ call_id = _polkit_authority_check_claim (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
real_claim,
- &result,
- &result_attributes,
cancellable,
- error))
+ callback,
+ user_data);
+
+ g_object_unref (real_claim);
+
+ return call_id;
+}
+
+void
+polkit_authority_check_claim (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_check_claim_async (authority, claim, cancellable, callback, user_data);
+}
+
+PolkitAuthorizationResult
+polkit_authority_check_claim_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ _PolkitAuthorizationResult result;
+ EggDBusHashMap *result_attributes;
+
+ result = _POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+
+ if (!_polkit_authority_check_claim_finish (authority->real,
+ &result,
+ &result_attributes,
+ res,
+ error))
goto out;
/* TODO: pass these back */
@@ -244,9 +425,29 @@ polkit_authority_check_claim_sync (PolkitAuthority *authority,
g_object_unref (result_attributes);
out:
- if (real_claim != NULL)
- g_object_unref (real_claim);
return result;
}
+PolkitAuthorizationResult
+polkit_authority_check_claim_sync (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ PolkitAuthorizationResult result;
+
+ call_id = polkit_authority_check_claim_async (authority, claim, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_check_claim_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 0e4a45e..b3d0333 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -44,6 +44,8 @@ GType polkit_authority_get_type (void) G_GNUC_CONST;
PolkitAuthority *polkit_authority_get (void);
+/* ---------------------------------------------------------------------------------------------------- */
+
GList *polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
const gchar *locale,
GCancellable *cancellable,
@@ -62,6 +64,48 @@ PolkitAuthorizationResult polkit_authority_check_claim_sync (PolkitAuthority
GCancellable *cancellable,
GError **error);
+/* ---------------------------------------------------------------------------------------------------- */
+
+void polkit_authority_enumerate_actions (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+GList * polkit_authority_enumerate_actions_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_enumerate_users (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+GList * polkit_authority_enumerate_users_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_enumerate_groups (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+GList * polkit_authority_enumerate_groups_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_check_claim (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+PolkitAuthorizationResult polkit_authority_check_claim_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+/* ---------------------------------------------------------------------------------------------------- */
+
G_END_DECLS
#endif /* __POLKIT_AUTHORITY_H */
commit 7ae0a1ad83b467741e7b3113790e749343e7e8e8
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 13 18:37:59 2009 -0500
rudimentary monitoring of seats and sessions
Will add public API a'la
gboolean polkit_session_monitor_is_subject_active ();
as needed.
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index cbc5b4a..ea292c2 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -28,11 +28,14 @@
#include "polkitbackendlocalauthority.h"
#include "polkitbackendactionpool.h"
#include "polkitbackendpendingcall.h"
+#include "polkitbackendsessionmonitor.h"
typedef struct
{
PolkitBackendActionPool *action_pool;
+ PolkitBackendSessionMonitor *session_monitor;
+
} PolkitBackendLocalAuthorityPrivate;
static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
@@ -64,6 +67,8 @@ polkit_backend_local_authority_init (PolkitBackendLocalAuthority *local_authorit
action_desc_directory = g_file_new_for_path (PACKAGE_DATA_DIR "/polkit-1/actions");
priv->action_pool = polkit_backend_action_pool_new (action_desc_directory);
g_object_unref (action_desc_directory);
+
+ priv->session_monitor = polkit_backend_session_monitor_new ();
}
static void
@@ -78,6 +83,9 @@ polkit_backend_local_authority_finalize (GObject *object)
if (priv->action_pool != NULL)
g_object_unref (priv->action_pool);
+ if (priv->session_monitor != NULL)
+ g_object_unref (priv->session_monitor);
+
G_OBJECT_CLASS (polkit_backend_local_authority_parent_class)->finalize (object);
}
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
index ac370f7..ae97423 100644
--- a/src/polkitbackend/polkitbackendsessionmonitor.c
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -32,8 +32,13 @@ struct _PolkitBackendSessionMonitor
{
GObject parent_instance;
+ EggDBusConnection *system_bus;
+
EggDBusObjectProxy *ck_manager_object_proxy;
+
CkManager *ck_manager;
+ EggDBusHashMap *seat_object_path_to_object_proxy;
+ EggDBusHashMap *session_object_path_to_object_proxy;
};
struct _PolkitBackendSessionMonitorClass
@@ -42,22 +47,236 @@ struct _PolkitBackendSessionMonitorClass
};
+static void seat_session_added (CkSeat *seat,
+ const gchar *object_path,
+ gpointer user_data);
+
+static void seat_session_removed (CkSeat *seat,
+ const gchar *object_path,
+ gpointer user_data);
+
+static void session_active_changed (CkSession *session,
+ gboolean is_active,
+ gpointer user_data);
+
G_DEFINE_TYPE (PolkitBackendSessionMonitor, polkit_backend_session_monitor, G_TYPE_OBJECT);
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+add_seat (PolkitBackendSessionMonitor *monitor,
+ const gchar *object_path)
+{
+ CkSeat *seat;
+ EggDBusObjectProxy *object_proxy;
+
+ object_proxy = egg_dbus_connection_get_object_proxy (monitor->system_bus,
+ "org.freedesktop.ConsoleKit",
+ object_path);
+
+ egg_dbus_hash_map_insert (monitor->seat_object_path_to_object_proxy,
+ g_strdup (object_path),
+ object_proxy);
+
+ seat = CK_QUERY_INTERFACE_SEAT (object_proxy);
+
+ g_signal_connect (seat,
+ "session-added",
+ G_CALLBACK (seat_session_added),
+ monitor);
+
+ g_signal_connect (seat,
+ "session-removed",
+ G_CALLBACK (seat_session_removed),
+ monitor);
+}
+
+static void
+add_session (PolkitBackendSessionMonitor *monitor,
+ const gchar *object_path)
+{
+ CkSession *session;
+ EggDBusObjectProxy *object_proxy;
+
+ g_debug ("foo %s", object_path);
+
+ object_proxy = egg_dbus_connection_get_object_proxy (monitor->system_bus,
+ "org.freedesktop.ConsoleKit",
+ object_path);
+
+ egg_dbus_hash_map_insert (monitor->session_object_path_to_object_proxy,
+ g_strdup (object_path),
+ object_proxy);
+
+ session = CK_QUERY_INTERFACE_SESSION (object_proxy);
+
+ g_signal_connect (session,
+ "active-changed",
+ G_CALLBACK (session_active_changed),
+ monitor);
+}
+
+static void
+remove_seat (PolkitBackendSessionMonitor *monitor,
+ const gchar *object_path)
+{
+ egg_dbus_hash_map_remove (monitor->seat_object_path_to_object_proxy,
+ object_path);
+}
+
+static void
+remove_session (PolkitBackendSessionMonitor *monitor,
+ const gchar *object_path)
+{
+ egg_dbus_hash_map_remove (monitor->session_object_path_to_object_proxy,
+ object_path);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+/* D-Bus signal handlers */
+
+static void
+manager_seat_added (CkManager *manager,
+ const gchar *object_path,
+ gpointer user_data)
+{
+ PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
+
+ g_debug ("seat %s added", object_path);
+
+ add_seat (monitor, object_path);
+}
+
+static void
+manager_seat_removed (CkManager *manager,
+ const gchar *object_path,
+ gpointer user_data)
+{
+ PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
+
+ g_debug ("seat %s removed", object_path);
+
+ remove_seat (monitor, object_path);
+}
+
+static void
+seat_session_added (CkSeat *seat,
+ const gchar *object_path,
+ gpointer user_data)
+{
+ PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
+
+ g_debug ("session %s added", object_path);
+
+ add_session (monitor, object_path);
+}
+
+static void
+seat_session_removed (CkSeat *seat,
+ const gchar *object_path,
+ gpointer user_data)
+{
+ PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (user_data);
+
+ g_debug ("session %s removed", object_path);
+
+ remove_session (monitor, object_path);
+}
+
+static void
+session_active_changed (CkSession *session,
+ gboolean is_active,
+ gpointer user_data)
+{
+ EggDBusObjectProxy *object_proxy;
+
+ object_proxy = egg_dbus_interface_proxy_get_object_proxy (EGG_DBUS_INTERFACE_PROXY (session));
+
+ g_debug ("session %s active changed to %d",
+ egg_dbus_object_proxy_get_object_path (object_proxy),
+ is_active);
+
+ egg_dbus_object_proxy_invalidate_properties (object_proxy);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
static void
polkit_backend_session_monitor_init (PolkitBackendSessionMonitor *monitor)
{
- EggDBusConnection *system_bus;
+ GError *error;
+ gchar **seats_object_paths;
+ gchar **sessions_object_paths;
+ guint n;
+
+ error = NULL;
+ seats_object_paths = NULL;
+ sessions_object_paths = NULL;
- system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+ monitor->seat_object_path_to_object_proxy = egg_dbus_hash_map_new (G_TYPE_STRING,
+ g_free,
+ EGG_DBUS_TYPE_OBJECT_PROXY,
+ g_object_unref);
- monitor->ck_manager_object_proxy = egg_dbus_connection_get_object_proxy (system_bus,
+ monitor->session_object_path_to_object_proxy = egg_dbus_hash_map_new (G_TYPE_STRING,
+ g_free,
+ EGG_DBUS_TYPE_OBJECT_PROXY,
+ g_object_unref);
+
+ monitor->system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+
+ monitor->ck_manager_object_proxy = egg_dbus_connection_get_object_proxy (monitor->system_bus,
"org.freedesktop.ConsoleKit",
"/org/freedesktop/ConsoleKit/Manager");
monitor->ck_manager = CK_QUERY_INTERFACE_MANAGER (monitor->ck_manager_object_proxy);
- g_object_unref (system_bus);
+ g_signal_connect (monitor->ck_manager,
+ "seat-added",
+ G_CALLBACK (manager_seat_added),
+ monitor);
+
+ g_signal_connect (monitor->ck_manager,
+ "seat-removed",
+ G_CALLBACK (manager_seat_removed),
+ monitor);
+
+ /* TODO: it would be a lot nicer to do all of this async; once we have
+ * GFiber (bgo #565501) it will be a lot easier...
+ */
+ if (!ck_manager_get_seats_sync (monitor->ck_manager,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ &seats_object_paths,
+ NULL,
+ &error))
+ {
+ g_warning ("Error getting seats: %s", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (n = 0; seats_object_paths[n] != NULL; n++)
+ add_seat (monitor, seats_object_paths[n]);
+
+ if (!ck_manager_get_sessions_sync (monitor->ck_manager,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ &sessions_object_paths,
+ NULL,
+ &error))
+ {
+ g_warning ("Error getting sessions: %s", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (n = 0; sessions_object_paths[n] != NULL; n++)
+ add_session (monitor, sessions_object_paths[n]);
+
+ out:
+
+ g_strfreev (seats_object_paths);
+ g_strfreev (sessions_object_paths);
}
static void
@@ -65,7 +284,10 @@ polkit_backend_session_monitor_finalize (GObject *object)
{
PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (object);
+ g_object_unref (monitor->seat_object_path_to_object_proxy);
+ g_object_unref (monitor->session_object_path_to_object_proxy);
g_object_unref (monitor->ck_manager_object_proxy);
+ g_object_unref (monitor->system_bus);
if (G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize != NULL)
G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize (object);
commit 8bfa4cd6ff14b595a9a82db840727ea7d5f4d777
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 13 16:27:54 2009 -0500
start writing a SessionMonitor class
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 6e3e566..29cb6cc 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -15,6 +15,25 @@ INCLUDES = \
-DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
+BUILT_SOURCES = \
+ ckmanager.c ckmanager.h \
+ cksession.c cksession.h \
+ ckseat.c ckseat.h \
+ ckdevice.c ckdevice.h \
+ ckbindings.c ckbindings.h \
+ ckbindingsmarshal.list \
+ ckbindingsmarshal.c ckbindingsmarshal.h \
+ ckbindingstypes.h \
+ ckerror.c ckerror.h \
+ $(NULL)
+
+$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml
+ eggdbus-binding-tool \
+ --namespace "Ck" \
+ --dbus-namespace "org.freedesktop.ConsoleKit" \
+ --introspection-xml $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml \
+ $(NULL)
+
lib_LTLIBRARIES=libpolkit-backend-1.la
libpolkit_backend_1includedir=$(includedir)/polkit-1/polkitbackend
@@ -27,6 +46,7 @@ libpolkit_backend_1include_HEADERS = \
polkitbackendactionpool.h \
polkitbackendpendingcall.h \
polkitbackendserver.h \
+ polkitbackendsessionmonitor.h \
$(NULL)
libpolkit_backend_1_la_SOURCES = \
@@ -38,6 +58,8 @@ libpolkit_backend_1_la_SOURCES = \
polkitbackendactionpool.h polkitbackendactionpool.c \
polkitbackendpendingcall.h polkitbackendpendingcall.c \
polkitbackendserver.h polkitbackendserver.c \
+ polkitbackendsessionmonitor.h polkitbackendsessionmonitor.c \
+ $(BUILT_SOURCES) \
$(NULL)
libpolkit_backend_1_la_CFLAGS = \
diff --git a/src/polkitbackend/org.freedesktop.ConsoleKit.xml b/src/polkitbackend/org.freedesktop.ConsoleKit.xml
new file mode 100644
index 0000000..d0134be
--- /dev/null
+++ b/src/polkitbackend/org.freedesktop.ConsoleKit.xml
@@ -0,0 +1,276 @@
+<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
+"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
+<node>
+
+ <!-- The error domain used for reporting errors -->
+ <annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Manager.GeneralError">
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member.Value" value="0"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Manager.NotPrivileged"/>
+
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Seat.GeneralError">
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member.Value" value="100"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Session.GeneralError">
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member.Value" value="200"/>
+ </annotation>
+ </annotation>
+
+ <!-- Device -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="Device">
+ <annotation name="org.gtk.EggDBus.DocString" value="The #Device type represents devices that are associated with seats."/>
+ <annotation name="org.gtk.EggDBus.DocString.Summary" value="Devices"/>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:id1">
+ <annotation name="org.gtk.EggDBus.DocString" value="The first device identifier"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:id2">
+ <annotation name="org.gtk.EggDBus.DocString" value="The second device identifier"/>
+ </annotation>
+ </annotation>
+
+ <!-- -->
+
+ <interface name="org.freedesktop.ConsoleKit.Manager">
+
+ <!-- All of these should probably be read-only properties instead of methods -->
+ <method name="GetSystemIdleSinceHint">
+ <arg name="iso8601_datetime" type="s" direction="out"/>
+ </method>
+ <method name="GetSystemIdleHint">
+ <arg name="idle_hint" type="b" direction="out"/>
+ </method>
+ <method name="GetSessions">
+ <arg name="sessions" type="ao" direction="out"/>
+ </method>
+ <method name="GetSeats">
+ <arg name="seats" type="ao" direction="out"/>
+ </method>
+ <method name="GetCurrentSession">
+ <arg name="ssid" type="o" direction="out"/>
+ </method>
+
+ <method name="GetSessionsForUser">
+ <arg name="uid" type="u" direction="in"/>
+ <arg name="sessions" type="ao" direction="out"/>
+ </method>
+ <method name="GetSessionsForUnixUser">
+ <arg name="uid" type="u" direction="in"/>
+ <arg name="sessions" type="ao" direction="out"/>
+ </method>
+ <method name="GetSessionForUnixProcess">
+ <arg name="pid" type="u" direction="in"/>
+ <arg name="ssid" type="o" direction="out"/>
+ </method>
+ <method name="GetSessionForCookie">
+ <arg name="cookie" type="s" direction="in"/>
+ <arg name="ssid" type="o" direction="out"/>
+ </method>
+
+ <method name="CloseSession">
+ <arg name="cookie" type="s" direction="in"/>
+ <arg name="result" type="b" direction="out"/>
+ </method>
+ <method name="OpenSessionWithParameters">
+ <arg name="parameters" type="a(sv)" direction="in"/>
+ <arg name="cookie" type="s" direction="out"/>
+ </method>
+ <method name="OpenSession">
+ <arg name="cookie" type="s" direction="out"/>
+ </method>
+ <method name="Stop">
+ </method>
+ <method name="Restart">
+ </method>
+
+ <!-- If the above Get*() methods are properties and we have org.fd.Properties.Changed() these signals
+ are not needed -->
+ <signal name="SystemIdleHintChanged">
+ <arg type="b"/>
+ </signal>
+ <signal name="SeatRemoved">
+ <arg type="o"/>
+ </signal>
+ <signal name="SeatAdded">
+ <arg type="o"/>
+ </signal>
+ </interface>
+
+ <interface name="org.freedesktop.ConsoleKit.Seat">
+ <method name="ActivateSession">
+ <arg name="ssid" type="o" direction="in"/>
+ </method>
+
+ <!-- All of these should probably be read-only properties instead of Get*() methods -->
+ <method name="CanActivateSessions">
+ <arg name="can_activate" type="b" direction="out"/>
+ </method>
+ <method name="GetActiveSession">
+ <arg name="ssid" type="o" direction="out"/>
+ </method>
+ <method name="GetDevices">
+ <arg name="devices" type="a(ss)" direction="out"/>
+ </method>
+ <method name="GetSessions">
+ <arg name="sessions" type="ao" direction="out"/>
+ </method>
+ <method name="GetId">
+ <arg name="sid" type="o" direction="out"/>
+ </method>
+
+ <signal name="DeviceRemoved">
+ <arg type="(ss)"/>
+ </signal>
+ <signal name="DeviceAdded">
+ <arg type="(ss)"/>
+ </signal>
+
+ <!-- If the above Get*() methods are properties and we have org.fd.Properties.Changed() these signals
+ are not needed -->
+ <signal name="SessionRemoved">
+ <arg type="o"/>
+ </signal>
+ <signal name="SessionAdded">
+ <arg type="o"/>
+ </signal>
+ <signal name="ActiveSessionChanged">
+ <arg type="s"/>
+ </signal>
+ </interface>
+
+ <interface name="org.freedesktop.ConsoleKit.Session">
+ <method name="SetIdleHint">
+ <arg name="idle_hint" type="b" direction="in"/>
+ </method>
+
+ <!-- This should really be a read-only property, not a method -->
+ <method name="GetIdleSinceHint">
+ <arg name="iso8601_datetime" type="s" direction="out"/>
+ </method>
+
+ <!-- superfluous: there's already :idle-hint
+ <method name="GetIdleHint">
+ <arg name="idle_hint" type="b" direction="out"/>
+ </method>
+ -->
+
+ <method name="Unlock">
+ </method>
+ <method name="Lock">
+ </method>
+ <method name="Activate">
+ </method>
+
+ <!-- This should really be a read-only property, not a method -->
+ <method name="GetCreationTime">
+ <arg name="iso8601_datetime" type="s" direction="out"/>
+ </method>
+
+ <!-- superfluous: there's already :is-local
+ <method name="IsLocal">
+ <arg name="local" type="b" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :is-active
+ <method name="IsActive">
+ <arg name="active" type="b" direction="out"/>
+ </method>
+ -->
+
+ <method name="GetLoginSessionId">
+ <arg name="login_session_id" type="s" direction="out"/>
+ </method>
+
+ <!-- superfluous: there's already :remote-host-name
+ <method name="GetRemoteHostName">
+ <arg name="remote_host_name" type="s" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :display-device
+ <method name="GetDisplayDevice">
+ <arg name="display_device" type="s" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :x11-display-device
+ <method name="GetX11DisplayDevice">
+ <arg name="x11_display_device" type="s" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :x11-display
+ <method name="GetX11Display">
+ <arg name="display" type="s" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :unix-user
+ <method name="GetUnixUser">
+ <arg name="uid" type="u" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :user
+ <method name="GetUser">
+ <arg name="uid" type="u" direction="out"/>
+ </method>
+ -->
+
+ <!-- superfluous: there's already :session-type
+ <method name="GetSessionType">
+ <arg name="type" type="s" direction="out"/>
+ </method>
+ -->
+
+ <!-- This should really be a read-only property, not a method -->
+ <method name="GetSeatId">
+ <arg name="sid" type="o" direction="out"/>
+ </method>
+
+ <!-- This should really be a read-only property, not a method -->
+ <method name="GetId">
+ <arg name="ssid" type="o" direction="out"/>
+ </method>
+
+ <!-- This should probably be called Unlocked -->
+ <signal name="Unlock">
+ </signal>
+
+ <!-- This should probably be called Locked -->
+ <signal name="Lock">
+ </signal>
+
+ <!-- superfluous if you have the org.fd.Properties.Changed() signal -->
+ <signal name="IdleHintChanged">
+ <arg type="b"/>
+ </signal>
+
+ <!-- superfluous if you have the org.fd.Properties.Changed() signal -->
+ <signal name="ActiveChanged">
+ <arg type="b"/>
+ </signal>
+
+ <!--
+ Note: ConsoleKit declares these as readwrite but since setting may fail (due to lack
+ of privilege) they shouldn't be properties [1]; instead use Set* methods.
+
+ [1] : most object systems, specifically GObject, don't have a way to return
+ errors when setting properties
+ -->
+ <property name="idle-hint" type="b" access="read"/>
+ <property name="is-local" type="b" access="read"/>
+ <property name="active" type="b" access="read"/>
+ <property name="x11-display-device" type="s" access="read"/>
+ <property name="x11-display" type="s" access="read"/>
+ <property name="display-device" type="s" access="read"/>
+ <property name="remote-host-name" type="s" access="read"/>
+ <property name="session-type" type="s" access="read"/>
+ <property name="user" type="u" access="read"/>
+ <property name="unix-user" type="u" access="read"/>
+ </interface>
+
+</node>
diff --git a/src/polkitbackend/polkitbackend.h b/src/polkitbackend/polkitbackend.h
index 84de7af..b9bb362 100644
--- a/src/polkitbackend/polkitbackend.h
+++ b/src/polkitbackend/polkitbackend.h
@@ -29,6 +29,7 @@
#include <polkitbackend/polkitbackendlocalauthority.h>
#include <polkitbackend/polkitbackendactionpool.h>
#include <polkitbackend/polkitbackendserver.h>
+#include <polkitbackend/polkitbackendsessionmonitor.h>
#undef _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H
#endif /* __POLKIT_BACKEND_H */
diff --git a/src/polkitbackend/polkitbackendlocalauthority.h b/src/polkitbackend/polkitbackendlocalauthority.h
index 1bdc50f..6f8e527 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.h
+++ b/src/polkitbackend/polkitbackendlocalauthority.h
@@ -27,6 +27,7 @@
#define __POLKIT_BACKEND_LOCAL_AUTHORITY_H
#include <glib-object.h>
+#include <polkitbackend/polkitbackendtypes.h>
#include <polkitbackend/polkitbackendauthority.h>
G_BEGIN_DECLS
@@ -38,7 +39,10 @@ G_BEGIN_DECLS
#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY))
#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY))
+#if 0
typedef struct _PolkitBackendLocalAuthority PolkitBackendLocalAuthority;
+#endif
+
typedef struct _PolkitBackendLocalAuthorityClass PolkitBackendLocalAuthorityClass;
struct _PolkitBackendLocalAuthority
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c
new file mode 100644
index 0000000..ac370f7
--- /dev/null
+++ b/src/polkitbackend/polkitbackendsessionmonitor.c
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <errno.h>
+#include <pwd.h>
+#include <grp.h>
+#include <string.h>
+#include <polkit/polkit.h>
+#include "polkitbackendsessionmonitor.h"
+#include "ckbindings.h"
+
+struct _PolkitBackendSessionMonitor
+{
+ GObject parent_instance;
+
+ EggDBusObjectProxy *ck_manager_object_proxy;
+ CkManager *ck_manager;
+};
+
+struct _PolkitBackendSessionMonitorClass
+{
+ GObjectClass parent_class;
+
+};
+
+G_DEFINE_TYPE (PolkitBackendSessionMonitor, polkit_backend_session_monitor, G_TYPE_OBJECT);
+
+static void
+polkit_backend_session_monitor_init (PolkitBackendSessionMonitor *monitor)
+{
+ EggDBusConnection *system_bus;
+
+ system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+
+ monitor->ck_manager_object_proxy = egg_dbus_connection_get_object_proxy (system_bus,
+ "org.freedesktop.ConsoleKit",
+ "/org/freedesktop/ConsoleKit/Manager");
+
+ monitor->ck_manager = CK_QUERY_INTERFACE_MANAGER (monitor->ck_manager_object_proxy);
+
+ g_object_unref (system_bus);
+}
+
+static void
+polkit_backend_session_monitor_finalize (GObject *object)
+{
+ PolkitBackendSessionMonitor *monitor = POLKIT_BACKEND_SESSION_MONITOR (object);
+
+ g_object_unref (monitor->ck_manager_object_proxy);
+
+ if (G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_backend_session_monitor_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_session_monitor_class_init (PolkitBackendSessionMonitorClass *klass)
+{
+ GObjectClass *gobject_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_backend_session_monitor_finalize;
+}
+
+PolkitBackendSessionMonitor *
+polkit_backend_session_monitor_new (void)
+{
+ PolkitBackendSessionMonitor *monitor;
+
+ monitor = POLKIT_BACKEND_SESSION_MONITOR (g_object_new (POLKIT_BACKEND_TYPE_SESSION_MONITOR, NULL));
+
+ return monitor;
+}
+
diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h
new file mode 100644
index 0000000..a5a39f9
--- /dev/null
+++ b/src/polkitbackend/polkitbackendsessionmonitor.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_BACKEND_SESSION_MONITOR_H
+#define __POLKIT_BACKEND_SESSION_MONITOR_H
+
+#include <glib-object.h>
+#include <polkitbackend/polkitbackendtypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_BACKEND_TYPE_SESSION_MONITOR (polkit_backend_session_monitor_get_type ())
+#define POLKIT_BACKEND_SESSION_MONITOR(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_BACKEND_TYPE_SESSION_MONITOR, PolkitBackendSessionMonitor))
+#define POLKIT_BACKEND_SESSION_MONITOR_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_BACKEND_TYPE_SESSION_MONITOR, PolkitBackendSessionMonitorClass))
+#define POLKIT_BACKEND_SESSION_MONITOR_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_BACKEND_TYPE_SESSION_MONITOR,PolkitBackendSessionMonitorClass))
+#define POLKIT_BACKEND_IS_SESSION_MONITOR(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_SESSION_MONITOR))
+#define POLKIT_BACKEND_IS_SESSION_MONITOR_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_SESSION_MONITOR))
+
+#if 0
+typedef struct _PolkitBackendSessionMonitor PolkitBackendSessionMonitor;
+#endif
+typedef struct _PolkitBackendSessionMonitorClass PolkitBackendSessionMonitorClass;
+
+GType polkit_backend_session_monitor_get_type (void) G_GNUC_CONST;
+PolkitBackendSessionMonitor *polkit_backend_session_monitor_new (void);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_SESSION_MONITOR_H */
+
diff --git a/src/polkitbackend/polkitbackendtypes.h b/src/polkitbackend/polkitbackendtypes.h
index a1ebd8e..9f3b79a 100644
--- a/src/polkitbackend/polkitbackendtypes.h
+++ b/src/polkitbackend/polkitbackendtypes.h
@@ -27,11 +27,18 @@
struct _PolkitBackendAuthority;
typedef struct _PolkitBackendAuthority PolkitBackendAuthority;
+struct _PolkitBackendLocalAuthority;
+typedef struct _PolkitBackendLocalAuthority PolkitBackendLocalAuthority;
+
struct _PolkitBackendPendingCall;
typedef struct _PolkitBackendPendingCall PolkitBackendPendingCall;
struct _PolkitBackendServer;
typedef struct _PolkitBackendServer PolkitBackendServer;
+struct _PolkitBackendSessionMonitor;
+typedef struct _PolkitBackendSessionMonitor PolkitBackendSessionMonitor;
+
+
#endif /* __POLKIT_BACKEND_TYPES_H */
commit f7e5cd17517e8a5dafde5ba4f9f3477ed9e23d00
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 12 17:41:18 2009 -0500
add debug for each CheckClaim() call
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index ddc69c5..cbc5b4a 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -220,9 +220,30 @@ polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
PolkitAuthorizationClaim *claim,
PolkitBackendPendingCall *pending_call)
{
+ gchar *inquirer_str;
+ gchar *subject_str;
+ PolkitSubject *inquirer;
+ PolkitSubject *subject;
+ const gchar *action_id;
+
+ inquirer = polkit_backend_pending_call_get_caller (pending_call);
+ subject = polkit_authorization_claim_get_subject (claim);
+ action_id = polkit_authorization_claim_get_action_id (claim);
+
+ inquirer_str = polkit_subject_to_string (inquirer);
+ subject_str = polkit_subject_to_string (subject);
+
+ g_debug ("%s is inquiring whether %s is authorized for %s",
+ inquirer_str,
+ subject_str,
+ action_id);
+
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
"Not implemented");
+
+ g_free (inquirer_str);
+ g_free (subject_str);
}
diff --git a/src/polkitbackend/polkitbackendpendingcall.c b/src/polkitbackend/polkitbackendpendingcall.c
index baefb25..9cce8b6 100644
--- a/src/polkitbackend/polkitbackendpendingcall.c
+++ b/src/polkitbackend/polkitbackendpendingcall.c
@@ -29,6 +29,7 @@ typedef struct
{
EggDBusMethodInvocation *method_invocation;
PolkitBackendServer *server;
+ PolkitSubject *inquirer;
} PolkitBackendPendingCallPrivate;
G_DEFINE_TYPE (PolkitBackendPendingCall, polkit_backend_pending_call, G_TYPE_OBJECT);
@@ -56,6 +57,9 @@ polkit_backend_pending_call_finalize (GObject *object)
g_object_unref (priv->method_invocation);
g_object_unref (priv->server);
+ if (priv->inquirer != NULL)
+ g_object_unref (priv->inquirer);
+
G_OBJECT_CLASS (polkit_backend_pending_call_parent_class)->finalize (object);
}
@@ -109,8 +113,17 @@ _polkit_backend_pending_call_get_method_invocation (PolkitBackendPendingCall *pe
PolkitSubject *
polkit_backend_pending_call_get_caller (PolkitBackendPendingCall *pending_call)
{
- /* TODO: implement */
- return NULL;
+ PolkitBackendPendingCallPrivate *priv;
+
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+
+ if (priv->inquirer != NULL)
+ goto out;
+
+ priv->inquirer = polkit_system_bus_name_new (egg_dbus_method_invocation_get_caller (priv->method_invocation));
+
+ out:
+ return priv->inquirer;
}
void
commit 653f11c66396615a404a5c14dfa8f7e124f0c254
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 12 16:54:54 2009 -0500
add infrastructure for CheckClaim() method
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 36d997d..97ef38a 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -71,3 +71,15 @@ polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
klass->enumerate_groups (authority, pending_call);
}
+
+void
+polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ klass->check_claim (authority, claim, pending_call);
+}
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 80e9725..3a54a4c 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -61,6 +61,10 @@ struct _PolkitBackendAuthorityClass
void (*enumerate_groups) (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
+ void (*check_claim) (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call);
+
/*< private >*/
/* Padding for future expansion */
void (*_polkit_reserved1) (void);
@@ -75,24 +79,36 @@ struct _PolkitBackendAuthorityClass
GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
-void polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- PolkitBackendPendingCall *pending_call);
+/* --- */
+
+void polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_check_claim (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call);
+
+/* --- */
-void polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
+ GList *actions);
-void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
- PolkitBackendPendingCall *pending_call);
+void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
+ GList *users);
-void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
- GList *actions);
+void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
+ GList *groups);
-void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
- GList *users);
+void polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
+ PolkitAuthorizationResult result);
-void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
- GList *groups);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 94d0cbb..ddc69c5 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -45,6 +45,10 @@ static void polkit_backend_local_authority_enumerate_users (PolkitBackendAutho
static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
PolkitBackendPendingCall *pending_call);
+static void polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call);
+
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
@@ -91,6 +95,7 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
+ authority_class->check_claim = polkit_backend_local_authority_check_claim;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -209,3 +214,15 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho
out:
;
}
+
+static void
+polkit_backend_local_authority_check_claim (PolkitBackendAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ PolkitBackendPendingCall *pending_call)
+{
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Not implemented");
+}
+
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 8cc25c6..e9557a1 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -164,6 +164,8 @@ polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pendi
g_list_foreach (users, (GFunc) g_object_unref, NULL);
g_list_free (users);
+
+ g_object_unref (pending_call);
}
static void
@@ -203,6 +205,43 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend
g_list_foreach (groups, (GFunc) g_object_unref, NULL);
g_list_free (groups);
+
+ g_object_unref (pending_call);
+}
+
+static void
+authority_handle_check_claim (_PolkitAuthority *instance,
+ _PolkitAuthorizationClaim *real_claim,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ PolkitBackendPendingCall *pending_call;
+ PolkitAuthorizationClaim *claim;
+
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
+
+ claim = polkit_authorization_claim_new_for_real (real_claim);
+
+ g_object_set_data_full (G_OBJECT (pending_call), "claim", claim, (GDestroyNotify) g_object_unref);
+
+ polkit_backend_authority_check_claim (server->authority, claim, pending_call);
+}
+
+void
+polkit_backend_authority_check_claim_finish (PolkitBackendPendingCall *pending_call,
+ PolkitAuthorizationResult result)
+{
+ EggDBusHashMap *attributes;
+
+ attributes = egg_dbus_hash_map_new (G_TYPE_STRING, g_free, G_TYPE_STRING, g_free);
+
+ _polkit_authority_handle_check_claim_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ result,
+ attributes);
+
+ g_object_unref (attributes);
+
+ g_object_unref (pending_call);
}
static void
@@ -211,4 +250,5 @@ authority_iface_init (_PolkitAuthorityIface *authority_iface)
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
+ authority_iface->handle_check_claim = authority_handle_check_claim;
}
commit 454d6da49fb2b9dae4f7347a8f056fb5f4d103e8
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 12 16:06:24 2009 -0500
introduce a PendingCall type to make all backend operations async
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 41ea29a..6e3e566 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -25,15 +25,18 @@ libpolkit_backend_1include_HEADERS = \
polkitbackendauthority.h \
polkitbackendlocalauthority.h \
polkitbackendactionpool.h \
+ polkitbackendpendingcall.h \
polkitbackendserver.h \
$(NULL)
libpolkit_backend_1_la_SOURCES = \
polkitbackend.h \
polkitbackendtypes.h \
+ polkitbackendprivate.h \
polkitbackendauthority.h polkitbackendauthority.c \
polkitbackendlocalauthority.h polkitbackendlocalauthority.c \
polkitbackendactionpool.h polkitbackendactionpool.c \
+ polkitbackendpendingcall.h polkitbackendpendingcall.c \
polkitbackendserver.h polkitbackendserver.c \
$(NULL)
diff --git a/src/polkitbackend/polkitbackend.h b/src/polkitbackend/polkitbackend.h
index 63090aa..84de7af 100644
--- a/src/polkitbackend/polkitbackend.h
+++ b/src/polkitbackend/polkitbackend.h
@@ -24,6 +24,7 @@
#define _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H 1
#include <polkitbackend/polkitbackendtypes.h>
+#include <polkitbackend/polkitbackendpendingcall.h>
#include <polkitbackend/polkitbackendauthority.h>
#include <polkitbackend/polkitbackendlocalauthority.h>
#include <polkitbackend/polkitbackendactionpool.h>
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 135dcd7..36d997d 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -38,36 +38,36 @@ polkit_backend_authority_class_init (PolkitBackendAuthorityClass *klass)
{
}
-GList *
-polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- GError **error)
+void
+polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- return klass->enumerate_actions (authority, locale, error);
+ klass->enumerate_actions (authority, locale, pending_call);
}
-GList *
-polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
- GError **error)
+void
+polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- return klass->enumerate_users (authority, error);
+ klass->enumerate_users (authority, pending_call);
}
-GList *
-polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
- GError **error)
+void
+polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- return klass->enumerate_groups (authority, error);
+ klass->enumerate_groups (authority, pending_call);
}
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 413f414..80e9725 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -51,15 +51,15 @@ struct _PolkitBackendAuthorityClass
/*< public >*/
- GList * (*enumerate_actions) (PolkitBackendAuthority *authority,
- const gchar *locale,
- GError **error);
+ void (*enumerate_actions) (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
- GList * (*enumerate_users) (PolkitBackendAuthority *authority,
- GError **error);
+ void (*enumerate_users) (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
- GList * (*enumerate_groups) (PolkitBackendAuthority *authority,
- GError **error);
+ void (*enumerate_groups) (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
/*< private >*/
/* Padding for future expansion */
@@ -73,17 +73,26 @@ struct _PolkitBackendAuthorityClass
void (*_polkit_reserved8) (void);
};
-GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
+GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
-GList *polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- GError **error);
+void polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
-GList *polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
- GError **error);
+void polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-GList *polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
- GError **error);
+void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
+
+void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
+ GList *actions);
+
+void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
+ GList *users);
+
+void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
+ GList *groups);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 028adc7..94d0cbb 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -27,6 +27,7 @@
#include <polkit/polkit.h>
#include "polkitbackendlocalauthority.h"
#include "polkitbackendactionpool.h"
+#include "polkitbackendpendingcall.h"
typedef struct
{
@@ -34,15 +35,15 @@ typedef struct
} PolkitBackendLocalAuthorityPrivate;
-static GList *polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- GError **error);
+static void polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call);
-static GList *polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
- GError **error);
+static void polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
-static GList *polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
- GError **error);
+static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call);
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
@@ -103,23 +104,27 @@ polkit_backend_local_authority_new (void)
/* ---------------------------------------------------------------------------------------------------- */
-static GList *
-polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale,
- GError **error)
+static void
+polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
+ GList *actions;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
- return polkit_backend_action_pool_get_all_actions (priv->action_pool, locale);
+ actions = polkit_backend_action_pool_get_all_actions (priv->action_pool, locale);
+
+ polkit_backend_authority_enumerate_actions_finish (pending_call,
+ actions);
}
-static GList *
-polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
- GError **error)
+static void
+polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
@@ -134,11 +139,11 @@ polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authori
passwd = getpwent ();
if (passwd == NULL)
{
- g_set_error (error,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "getpwent failed: %s",
- strerror (errno));
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getpwent failed: %s",
+ strerror (errno));
goto out;
}
@@ -155,13 +160,15 @@ polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authori
list = g_list_reverse (list);
+ polkit_backend_authority_enumerate_users_finish (pending_call, list);
+
out:
- return list;
+ ;
}
-static GList *
-polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
- GError **error)
+static void
+polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
@@ -176,11 +183,11 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *author
group = getgrent ();
if (group == NULL)
{
- g_set_error (error,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "getgrent failed: %s",
- strerror (errno));
+ polkit_backend_pending_call_return_error (pending_call,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getpwent failed: %s",
+ strerror (errno));
goto out;
}
@@ -197,105 +204,8 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *author
list = g_list_reverse (list);
- out:
- return list;
-}
-
-#if 0
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-authority_iface_handle_say_hello (PolkitAuthority *authority,
- const gchar *message,
- EggDBusMethodInvocation *method_invocation)
-{
- gchar *result;
-
- result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
-
- polkit_authority_handle_say_hello_finish (method_invocation,
- result);
-
- g_free (result);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-authority_iface_handle_enumerate_users (PolkitAuthority *authority,
- EggDBusMethodInvocation *method_invocation)
-{
- struct passwd *passwd;
- GList *list;
-
- list = NULL;
-
- passwd = getpwent ();
- if (passwd == NULL)
- {
- egg_dbus_method_invocation_return_error (method_invocation,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "getpwent failed: %s",
- strerror (errno));
- goto out;
- }
-
- do
- {
- PolkitSubject *subject;
-
- subject = polkit_subject_new_for_unix_user (passwd->pw_uid);
-
- list = g_list_prepend (list, subject);
- }
- while ((passwd = getpwent ()) != NULL);
- endpwent ();
-
- list = g_list_reverse (list);
-
- polkit_authority_handle_enumerate_users_finish (method_invocation,
- list);
+ polkit_backend_authority_enumerate_groups_finish (pending_call, list);
out:
- g_list_foreach (list, (GFunc) g_object_unref, NULL);
- g_list_free (list);
+ ;
}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-authority_iface_handle_enumerate_actions (PolkitAuthority *authority,
- const gchar *locale,
- EggDBusMethodInvocation *method_invocation)
-{
- PolkitBackendLocalAuthority *local_authority;
- PolkitBackendLocalAuthorityPrivate *priv;
- GList *list;
-
- local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
- priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
-
- list = polkit_backend_action_pool_get_all_actions (priv->action_pool,
- locale);
-
- polkit_authority_handle_enumerate_actions_finish (method_invocation,
- list);
-
- g_list_foreach (list, (GFunc) g_object_unref, NULL);
- g_list_free (list);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-authority_iface_init (PolkitAuthorityIface *authority_iface,
- gpointer iface_data)
-{
- authority_iface->handle_say_hello = authority_iface_handle_say_hello;
- authority_iface->handle_enumerate_users = authority_iface_handle_enumerate_users;
- authority_iface->handle_enumerate_actions = authority_iface_handle_enumerate_actions;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-#endif
diff --git a/src/polkitbackend/polkitbackendpendingcall.c b/src/polkitbackend/polkitbackendpendingcall.c
new file mode 100644
index 0000000..baefb25
--- /dev/null
+++ b/src/polkitbackend/polkitbackendpendingcall.c
@@ -0,0 +1,154 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+
+#include <polkit/polkit.h>
+#include "polkitbackendpendingcall.h"
+#include "polkitbackendprivate.h"
+
+typedef struct
+{
+ EggDBusMethodInvocation *method_invocation;
+ PolkitBackendServer *server;
+} PolkitBackendPendingCallPrivate;
+
+G_DEFINE_TYPE (PolkitBackendPendingCall, polkit_backend_pending_call, G_TYPE_OBJECT);
+
+#define POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_PENDING_CALL, PolkitBackendPendingCallPrivate))
+
+static void
+polkit_backend_pending_call_init (PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendPendingCallPrivate *priv;
+
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+
+}
+
+static void
+polkit_backend_pending_call_finalize (GObject *object)
+{
+ PolkitBackendPendingCall *pending_call;
+ PolkitBackendPendingCallPrivate *priv;
+
+ pending_call = POLKIT_BACKEND_PENDING_CALL (object);
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+
+ g_object_unref (priv->method_invocation);
+ g_object_unref (priv->server);
+
+ G_OBJECT_CLASS (polkit_backend_pending_call_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_pending_call_class_init (PolkitBackendPendingCallClass *klass)
+{
+ GObjectClass *gobject_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_backend_pending_call_finalize;
+
+ g_type_class_add_private (klass, sizeof (PolkitBackendPendingCallPrivate));
+}
+
+PolkitBackendPendingCall *
+_polkit_backend_pending_call_new (EggDBusMethodInvocation *method_invocation,
+ PolkitBackendServer *server)
+{
+ PolkitBackendPendingCall *pending_call;
+ PolkitBackendPendingCallPrivate *priv;
+
+ pending_call = POLKIT_BACKEND_PENDING_CALL (g_object_new (POLKIT_BACKEND_TYPE_PENDING_CALL,
+ NULL));
+
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+
+ priv->method_invocation = g_object_ref (method_invocation);
+ priv->server = g_object_ref (server);
+
+ return pending_call;
+}
+
+PolkitBackendServer *
+polkit_backend_pending_call_get_server (PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendPendingCallPrivate *priv;
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+ return priv->server;
+}
+
+EggDBusMethodInvocation *
+_polkit_backend_pending_call_get_method_invocation (PolkitBackendPendingCall *pending_call)
+{
+ PolkitBackendPendingCallPrivate *priv;
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+ return priv->method_invocation;
+}
+
+
+PolkitSubject *
+polkit_backend_pending_call_get_caller (PolkitBackendPendingCall *pending_call)
+{
+ /* TODO: implement */
+ return NULL;
+}
+
+void
+polkit_backend_pending_call_return_gerror (PolkitBackendPendingCall *pending_call,
+ GError *error)
+{
+ PolkitBackendPendingCallPrivate *priv;
+
+ priv = POLKIT_BACKEND_PENDING_CALL_GET_PRIVATE (pending_call);
+
+ egg_dbus_method_invocation_return_gerror (priv->method_invocation,
+ error);
+
+ g_object_unref (pending_call);
+}
+
+void
+polkit_backend_pending_call_return_error (PolkitBackendPendingCall *pending_call,
+ GQuark domain,
+ gint code,
+ const gchar *format,
+ ...)
+{
+ GError *error;
+ va_list va_args;
+ gchar *literal_message;
+
+ va_start (va_args, format);
+ literal_message = g_strdup_vprintf (format, va_args);
+
+ error = g_error_new_literal (domain,
+ code,
+ literal_message);
+
+ polkit_backend_pending_call_return_gerror (pending_call, error);
+
+ g_error_free (error);
+ g_free (literal_message);
+ va_end (va_args);
+}
+
diff --git a/src/polkitbackend/polkitbackendpendingcall.h b/src/polkitbackend/polkitbackendpendingcall.h
new file mode 100644
index 0000000..de26e52
--- /dev/null
+++ b/src/polkitbackend/polkitbackendpendingcall.h
@@ -0,0 +1,85 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_BACKEND_PENDING_CALL_H
+#define __POLKIT_BACKEND_PENDING_CALL_H
+
+#include <glib-object.h>
+#include "polkitbackendtypes.h"
+
+G_BEGIN_DECLS
+
+#define POLKIT_BACKEND_TYPE_PENDING_CALL (polkit_backend_pending_call_get_type ())
+#define POLKIT_BACKEND_PENDING_CALL(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_BACKEND_TYPE_PENDING_CALL, PolkitBackendPendingCall))
+#define POLKIT_BACKEND_PENDING_CALL_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_BACKEND_TYPE_PENDING_CALL, PolkitBackendPendingCallClass))
+#define POLKIT_BACKEND_PENDING_CALL_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_BACKEND_TYPE_PENDING_CALL,PolkitBackendPendingCallClass))
+#define POLKIT_BACKEND_IS_PENDING_CALL(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_PENDING_CALL))
+#define POLKIT_BACKEND_IS_PENDING_CALL_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_PENDING_CALL))
+
+#if 0
+typedef struct _PolkitBackendPendingCall PolkitBackendPendingCall;
+#endif
+typedef struct _PolkitBackendPendingCallClass PolkitBackendPendingCallClass;
+
+struct _PolkitBackendPendingCall
+{
+ GObject parent_instance;
+};
+
+struct _PolkitBackendPendingCallClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /*< private >*/
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_backend_pending_call_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_backend_pending_call_get_caller (PolkitBackendPendingCall *pending_call);
+PolkitBackendServer *polkit_backend_pending_call_get_server (PolkitBackendPendingCall *pending_call);
+void polkit_backend_pending_call_return_error (PolkitBackendPendingCall *pending_call,
+ GQuark domain,
+ gint code,
+ const gchar *format,
+ ...);
+void polkit_backend_pending_call_return_gerror (PolkitBackendPendingCall *pending_call,
+ GError *error);
+
+
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_PENDING_CALL_H */
+
diff --git a/src/polkitbackend/polkitbackendprivate.h b/src/polkitbackend/polkitbackendprivate.h
new file mode 100644
index 0000000..e43635c
--- /dev/null
+++ b/src/polkitbackend/polkitbackendprivate.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_BACKEND_PRIVATE_H
+#define __POLKIT_BACKEND_PRIVATE_H
+
+#include <polkit/_polkitbindings.h>
+#include "polkitbackendpendingcall.h"
+#include "polkitbackendserver.h"
+
+PolkitBackendPendingCall *_polkit_backend_pending_call_new (EggDBusMethodInvocation *method_invocation,
+ PolkitBackendServer *server);
+
+EggDBusMethodInvocation *_polkit_backend_pending_call_get_method_invocation (PolkitBackendPendingCall *pending_call);
+
+#endif /* __POLKIT_BACKEND_PRIVATE_H */
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 05125d1..8cc25c6 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -28,6 +28,7 @@
#include "polkitbackendauthority.h"
#include "polkitbackendserver.h"
+#include "polkitbackendprivate.h"
struct _PolkitBackendServer
{
@@ -90,20 +91,19 @@ authority_handle_enumerate_actions (_PolkitAuthority *instance,
EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
- EggDBusArraySeq *array;
- GError *error;
- GList *actions;
- GList *l;
+ PolkitBackendPendingCall *pending_call;
- error = NULL;
- actions = polkit_backend_authority_enumerate_actions (server->authority, locale, &error);
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
- if (error != NULL)
- {
- egg_dbus_method_invocation_return_gerror (method_invocation, error);
- g_error_free (error);
- goto out;
- }
+ polkit_backend_authority_enumerate_actions (server->authority, locale, pending_call);
+}
+
+void
+polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
+ GList *actions)
+{
+ EggDBusArraySeq *array;
+ GList *l;
array = egg_dbus_array_seq_new (_POLKIT_TYPE_ACTION_DESCRIPTION, (GDestroyNotify) g_object_unref, NULL, NULL);
@@ -116,15 +116,15 @@ authority_handle_enumerate_actions (_PolkitAuthority *instance,
egg_dbus_array_seq_add (array, real);
}
- _polkit_authority_handle_enumerate_actions_finish (method_invocation, array);
+ _polkit_authority_handle_enumerate_actions_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ array);
g_object_unref (array);
g_list_foreach (actions, (GFunc) g_object_unref, NULL);
g_list_free (actions);
- out:
- ;
+ g_object_unref (pending_call);
}
static void
@@ -132,24 +132,23 @@ authority_handle_enumerate_users (_PolkitAuthority *instance,
EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
- EggDBusArraySeq *array;
- GError *error;
- GList *subjects;
- GList *l;
+ PolkitBackendPendingCall *pending_call;
- error = NULL;
- subjects = polkit_backend_authority_enumerate_users (server->authority, &error);
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
- if (error != NULL)
- {
- egg_dbus_method_invocation_return_gerror (method_invocation, error);
- g_error_free (error);
- goto out;
- }
+ polkit_backend_authority_enumerate_users (server->authority, pending_call);
+}
+
+void
+polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
+ GList *users)
+{
+ EggDBusArraySeq *array;
+ GList *l;
array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
- for (l = subjects; l != NULL; l = l->next)
+ for (l = users; l != NULL; l = l->next)
{
PolkitSubject *subject = POLKIT_SUBJECT (l->data);
_PolkitSubject *real;
@@ -158,15 +157,13 @@ authority_handle_enumerate_users (_PolkitAuthority *instance,
egg_dbus_array_seq_add (array, real);
}
- _polkit_authority_handle_enumerate_users_finish (method_invocation, array);
+ _polkit_authority_handle_enumerate_users_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ array);
g_object_unref (array);
- g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
- g_list_free (subjects);
-
- out:
- ;
+ g_list_foreach (users, (GFunc) g_object_unref, NULL);
+ g_list_free (users);
}
static void
@@ -174,24 +171,23 @@ authority_handle_enumerate_groups (_PolkitAuthority *instance,
EggDBusMethodInvocation *method_invocation)
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
- EggDBusArraySeq *array;
- GError *error;
- GList *subjects;
- GList *l;
+ PolkitBackendPendingCall *pending_call;
- error = NULL;
- subjects = polkit_backend_authority_enumerate_groups (server->authority, &error);
+ pending_call = _polkit_backend_pending_call_new (method_invocation, server);
- if (error != NULL)
- {
- egg_dbus_method_invocation_return_gerror (method_invocation, error);
- g_error_free (error);
- goto out;
- }
+ polkit_backend_authority_enumerate_groups (server->authority, pending_call);
+}
+
+void
+polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
+ GList *groups)
+{
+ EggDBusArraySeq *array;
+ GList *l;
array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
- for (l = subjects; l != NULL; l = l->next)
+ for (l = groups; l != NULL; l = l->next)
{
PolkitSubject *subject = POLKIT_SUBJECT (l->data);
_PolkitSubject *real;
@@ -200,15 +196,13 @@ authority_handle_enumerate_groups (_PolkitAuthority *instance,
egg_dbus_array_seq_add (array, real);
}
- _polkit_authority_handle_enumerate_groups_finish (method_invocation, array);
+ _polkit_authority_handle_enumerate_groups_finish (_polkit_backend_pending_call_get_method_invocation (pending_call),
+ array);
g_object_unref (array);
- g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
- g_list_free (subjects);
-
- out:
- ;
+ g_list_foreach (groups, (GFunc) g_object_unref, NULL);
+ g_list_free (groups);
}
static void
diff --git a/src/polkitbackend/polkitbackendtypes.h b/src/polkitbackend/polkitbackendtypes.h
index 715adda..a1ebd8e 100644
--- a/src/polkitbackend/polkitbackendtypes.h
+++ b/src/polkitbackend/polkitbackendtypes.h
@@ -27,6 +27,9 @@
struct _PolkitBackendAuthority;
typedef struct _PolkitBackendAuthority PolkitBackendAuthority;
+struct _PolkitBackendPendingCall;
+typedef struct _PolkitBackendPendingCall PolkitBackendPendingCall;
+
struct _PolkitBackendServer;
typedef struct _PolkitBackendServer PolkitBackendServer;
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index c372eb0..d436338 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -48,6 +48,8 @@ static gboolean list_actions (void);
static gboolean list_users (void);
static gboolean list_groups (void);
+static gboolean check (void);
+
static gboolean show_action (const gchar *action_id);
static void
@@ -210,8 +212,13 @@ main (int argc, char *argv[])
}
else if (opt_check)
{
- g_print ("subject '%s' action-id '%s'\n", polkit_subject_to_string (subject), action_id);
- g_assert (FALSE);
+ if (subject == NULL || action_id == NULL)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ ret = check ();
}
else
{
@@ -450,3 +457,38 @@ list_groups (void)
out:
return ret;
}
+
+static gboolean
+check (void)
+{
+ PolkitAuthorizationResult result;
+ PolkitAuthorizationClaim *claim;
+ GError *error;
+
+ error = NULL;
+ claim = NULL;
+ result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+
+ claim = polkit_authorization_claim_new (subject,
+ action_id);
+
+ result = polkit_authority_check_claim_sync (authority,
+ claim,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error checking authorization claim: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ g_debug ("result = %d", result);
+
+ out:
+ if (claim != NULL)
+ g_object_unref (claim);
+
+ return result == POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+}
+
commit 4b773b13baa954273784285982a41db29548601a
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 12 13:00:35 2009 -0500
add polkit_unix_user_new_for_name()
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index 6b20b8f..26ca53c 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -54,6 +54,7 @@
<cmdsynopsis>
<command>polkit-1 check</command>
+ <arg choice="plain"><replaceable>subject</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
</cmdsynopsis>
@@ -193,10 +194,11 @@
<refsect2>
<para>
<command>polkit-1 check</command>
+ <arg choice="plain"><replaceable>subject</replaceable></arg>
<arg choice="plain"><replaceable>action-id</replaceable></arg>
</para>
<para>
- Checks if the calling process is authorized for <replaceable>action-id</replaceable>.
+ Checks if <replaceable>subject</replaceable> is authorized for <replaceable>action-id</replaceable>.
</para>
</refsect2>
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index b140988..4732262 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -30,6 +30,7 @@
#include "polkitunixgroup.h"
#include "polkitunixprocess.h"
#include "polkitsystembusname.h"
+#include "polkiterror.h"
#include "polkitprivate.h"
static void
@@ -83,6 +84,80 @@ polkit_subject_to_string (PolkitSubject *subject)
}
PolkitSubject *
+polkit_subject_from_string (const gchar *str,
+ GError **error)
+{
+ PolkitSubject *subject;
+ guint64 val;
+ gchar *endptr;
+
+ g_return_val_if_fail (str != NULL, NULL);
+
+ /* TODO: we could do something with VFuncs like in g_icon_from_string() */
+
+ subject = NULL;
+
+ if (g_str_has_prefix (str, "unix-user:"))
+ {
+ val = g_ascii_strtoull (str + sizeof "unix-user:" - 1,
+ &endptr,
+ 10);
+ if (*endptr == '\0')
+ subject = polkit_unix_user_new ((uid_t) val);
+ else
+ subject = polkit_unix_user_new_for_name (str + sizeof "unix-user:" - 1,
+ error);
+ }
+ else if (g_str_has_prefix (str, "unix-group:"))
+ {
+ val = g_ascii_strtoull (str + sizeof "unix-group:" - 1,
+ &endptr,
+ 10);
+ if (*endptr == '\0')
+ subject = polkit_unix_group_new ((gid_t) val);
+ else
+ subject = polkit_unix_group_new_for_name (str + sizeof "unix-group:" - 1,
+ error);
+ }
+ else if (g_str_has_prefix (str, "unix-process:"))
+ {
+ val = g_ascii_strtoull (str + sizeof "unix-process:" - 1,
+ &endptr,
+ 10);
+ if (*endptr == '\0')
+ {
+ subject = polkit_unix_process_new ((pid_t) val);
+ if (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) == 0)
+ {
+ g_object_unref (subject);
+ subject = NULL;
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "No process with pid %" G_GUINT64_FORMAT,
+ val);
+ }
+ }
+ }
+ else if (g_str_has_prefix (str, "system-bus-name:"))
+ {
+ subject = polkit_system_bus_name_new (str + sizeof "system-bus-name:" - 1);
+ }
+
+ if (subject == NULL && (error != NULL && *error == NULL))
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Malformed subject string '%s'",
+ str);
+ }
+
+
+ return subject;
+}
+
+PolkitSubject *
polkit_subject_new_for_real (_PolkitSubject *real)
{
PolkitSubject *s;
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
index d944e9a..22899ee 100644
--- a/src/polkit/polkitsubject.h
+++ b/src/polkit/polkitsubject.h
@@ -48,10 +48,12 @@ struct _PolkitSubjectIface
gchar * (*to_string) (PolkitSubject *subject);
};
-GType polkit_subject_get_type (void) G_GNUC_CONST;
-gboolean polkit_subject_equal (PolkitSubject *a,
- PolkitSubject *b);
-gchar *polkit_subject_to_string (PolkitSubject *subject);
+GType polkit_subject_get_type (void) G_GNUC_CONST;
+gboolean polkit_subject_equal (PolkitSubject *a,
+ PolkitSubject *b);
+gchar *polkit_subject_to_string (PolkitSubject *subject);
+PolkitSubject *polkit_subject_from_string (const gchar *str,
+ GError **error);
G_END_DECLS
diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c
index 48ab835..b5aed68 100644
--- a/src/polkit/polkitunixgroup.c
+++ b/src/polkit/polkitunixgroup.c
@@ -27,6 +27,7 @@
#include <grp.h>
#include "polkitunixgroup.h"
#include "polkitsubject.h"
+#include "polkiterror.h"
#include "polkitprivate.h"
/**
@@ -156,6 +157,32 @@ polkit_unix_group_new (gid_t gid)
NULL));
}
+PolkitSubject *
+polkit_unix_group_new_for_name (const gchar *name,
+ GError **error)
+{
+ struct group *group;
+ PolkitSubject *subject;
+
+ subject = NULL;
+
+ group = getgrnam (name);
+ if (group == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "No UNIX group with name %s: %m",
+ name);
+ goto out;
+ }
+
+ subject = polkit_unix_group_new (group->gr_gid);
+
+ out:
+ return subject;
+}
+
static gboolean
polkit_unix_group_equal (PolkitSubject *a,
PolkitSubject *b)
diff --git a/src/polkit/polkitunixgroup.h b/src/polkit/polkitunixgroup.h
index 34c6fcf..548e963 100644
--- a/src/polkit/polkitunixgroup.h
+++ b/src/polkit/polkitunixgroup.h
@@ -42,11 +42,13 @@ typedef struct _PolkitUnixGroup PolkitUnixGroup;
#endif
typedef struct _PolkitUnixGroupClass PolkitUnixGroupClass;
-GType polkit_unix_group_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_unix_group_new (gid_t gid);
-gid_t polkit_unix_group_get_gid (PolkitUnixGroup *group);
-void polkit_unix_group_set_gid (PolkitUnixGroup *group,
- gid_t gid);
+GType polkit_unix_group_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_unix_group_new (gid_t gid);
+PolkitSubject *polkit_unix_group_new_for_name (const gchar *name,
+ GError **error);
+gid_t polkit_unix_group_get_gid (PolkitUnixGroup *group);
+void polkit_unix_group_set_gid (PolkitUnixGroup *group,
+ gid_t gid);
G_END_DECLS
diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c
index dd56c1c..ca637ba 100644
--- a/src/polkit/polkitunixuser.c
+++ b/src/polkit/polkitunixuser.c
@@ -27,6 +27,7 @@
#include <pwd.h>
#include "polkitunixuser.h"
#include "polkitsubject.h"
+#include "polkiterror.h"
#include "polkitprivate.h"
/**
@@ -156,6 +157,32 @@ polkit_unix_user_new (uid_t uid)
NULL));
}
+PolkitSubject *
+polkit_unix_user_new_for_name (const gchar *name,
+ GError **error)
+{
+ struct passwd *passwd;
+ PolkitSubject *subject;
+
+ subject = NULL;
+
+ passwd = getpwnam (name);
+ if (passwd == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "No UNIX user with name %s: %m",
+ name);
+ goto out;
+ }
+
+ subject = polkit_unix_user_new (passwd->pw_uid);
+
+ out:
+ return subject;
+}
+
static gboolean
polkit_unix_user_equal (PolkitSubject *a,
PolkitSubject *b)
diff --git a/src/polkit/polkitunixuser.h b/src/polkit/polkitunixuser.h
index c6a1233..1140789 100644
--- a/src/polkit/polkitunixuser.h
+++ b/src/polkit/polkitunixuser.h
@@ -42,11 +42,13 @@ typedef struct _PolkitUnixUser PolkitUnixUser;
#endif
typedef struct _PolkitUnixUserClass PolkitUnixUserClass;
-GType polkit_unix_user_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_unix_user_new (uid_t uid);
-uid_t polkit_unix_user_get_uid (PolkitUnixUser *user);
-void polkit_unix_user_set_uid (PolkitUnixUser *user,
- uid_t uid);
+GType polkit_unix_user_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_unix_user_new (uid_t uid);
+PolkitSubject *polkit_unix_user_new_for_name (const gchar *name,
+ GError **error);
+uid_t polkit_unix_user_get_uid (PolkitUnixUser *user);
+void polkit_unix_user_set_uid (PolkitUnixUser *user,
+ uid_t uid);
G_END_DECLS
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 17449cf..c372eb0 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -33,13 +33,16 @@ static gboolean opt_list_users = FALSE;
static gboolean opt_list_groups = FALSE;
static gboolean opt_list_authorizations = FALSE;
static gboolean opt_list_explicit_authorizations = FALSE;
+static gboolean opt_check = FALSE;
static gboolean opt_show_help = FALSE;
static gboolean opt_show_version = FALSE;
static gboolean opt_verbose = FALSE;
-static PolkitSubject *subject;
+static PolkitSubject *subject = NULL;
+
+static gchar *action_id = NULL;
static gboolean list_actions (void);
static gboolean list_users (void);
@@ -67,11 +70,13 @@ usage (int argc, char *argv[])
int
main (int argc, char *argv[])
{
- gboolean ret;
gint n;
+ gboolean ret;
gboolean in_list;
+ GError *error;
ret = FALSE;
+ error = NULL;
g_type_init ();
@@ -107,10 +112,11 @@ main (int argc, char *argv[])
goto out;
}
- subject = NULL; //polkit_subject_from_string (argv[n]);
+ subject = polkit_subject_from_string (argv[n], &error);
if (subject == NULL)
{
- g_printerr ("Malformed subject identifier '%s'", argv[n]);
+ g_printerr ("Error parsing subject: %s\n", error->message);
+ g_error_free (error);
goto out;
}
@@ -128,6 +134,34 @@ main (int argc, char *argv[])
in_list = TRUE;
continue;
}
+ else if (strcmp (argv[n], "check") == 0)
+ {
+ opt_check = TRUE;
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ subject = polkit_subject_from_string (argv[n], &error);
+ if (subject == NULL)
+ {
+ g_printerr ("Error parsing subject: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ action_id = g_strdup (argv[n++]);
+ }
else if (strcmp (argv[n], "--help") == 0)
{
opt_show_help = TRUE;
@@ -174,6 +208,11 @@ main (int argc, char *argv[])
{
ret = list_groups ();
}
+ else if (opt_check)
+ {
+ g_print ("subject '%s' action-id '%s'\n", polkit_subject_to_string (subject), action_id);
+ g_assert (FALSE);
+ }
else
{
usage (argc, argv);
@@ -187,6 +226,8 @@ main (int argc, char *argv[])
if (subject != NULL)
g_object_unref (subject);
+ g_free (action_id);
+
return ret ? 0 : 1;
}
commit d04ebf484c98748e32caa6ce2213bac01db3171d
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Jan 12 11:35:03 2009 -0500
improve output when enumerating actions using --verbose
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 126488b..17449cf 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -203,19 +203,19 @@ print_action (PolkitActionDescription *action)
vendor_url = polkit_action_description_get_vendor_url (action);
icon = polkit_action_description_get_icon (action);
- g_print ("action_id: %s\n", polkit_action_description_get_action_id (action));
- g_print ("description: %s\n", polkit_action_description_get_description (action));
- g_print ("message: %s\n", polkit_action_description_get_message (action));
+ g_print ("%s:\n", polkit_action_description_get_action_id (action));
+ g_print (" description: %s\n", polkit_action_description_get_description (action));
+ g_print (" message: %s\n", polkit_action_description_get_message (action));
if (vendor != NULL)
- g_print ("vendor: %s\n", vendor);
+ g_print (" vendor: %s\n", vendor);
if (vendor_url != NULL)
- g_print ("vendor_url: %s\n", vendor_url);
+ g_print (" vendor_url: %s\n", vendor_url);
if (icon != NULL)
{
gchar *s;
s = g_icon_to_string (icon);
- g_print ("icon: %s\n", s);
+ g_print (" icon: %s\n", s);
g_free (s);
}
@@ -227,7 +227,7 @@ print_action (PolkitActionDescription *action)
key = annotation_keys[n];
value = polkit_action_description_get_annotation (action, key);
- g_print ("annotation: %s -> %s\n", key, value);
+ g_print (" annotation: %s -> %s\n", key, value);
}
}
commit 86ea33f920cf1000a5ab30f5e7f2c2fc7a85e89e
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Jan 11 17:06:25 2009 -0500
add polkit-1 man page and rework cmd/options handling
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 510d6a7..f99855e 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -108,6 +108,7 @@
<arg name="result" direction="out" type="i">
<annotation name="org.gtk.EggDBus.EnumType" value="AuthorizationResult"/>
</arg>
+ <arg name="attributes" direction="out" type="a{ss}"/>
</method>
</interface>
diff --git a/docs/man/Makefile.am b/docs/man/Makefile.am
index a61a882..51db971 100644
--- a/docs/man/Makefile.am
+++ b/docs/man/Makefile.am
@@ -3,16 +3,20 @@ NULL =
if MAN_PAGES_ENABLED
-man_MANS = PolicyKit-1.8 \
- $(NULL)
+man_MANS = \
+ PolicyKit-1.8 \
+ polkit-1.1 \
+ $(NULL)
-%-1.8 : %.xml
+%-1.8 %-1.1 : %.xml
$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
endif # MAN_PAGES_ENABLED
-EXTRA_DIST= PolicyKit.xml \
- $(NULL)
+EXTRA_DIST = \
+ PolicyKit.xml \
+ polkit.xml \
+ $(NULL)
clean-local:
- rm -f *~ *.8
+ rm -f *~ *.1 *.8
diff --git a/docs/man/PolicyKit.xml b/docs/man/PolicyKit.xml
index 6cb9145..961bddd 100644
--- a/docs/man/PolicyKit.xml
+++ b/docs/man/PolicyKit.xml
@@ -1,60 +1,59 @@
<refentry id="PolicyKit-1.8">
<refentryinfo>
<title>PolicyKit-1</title>
- <date>August 2007</date>
+ <date>January 2009</date>
<productname>PolicyKit-1</productname>
</refentryinfo>
-
+
<refmeta>
<refentrytitle>PolicyKit-1</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class="version"></refmiscinfo>
</refmeta>
-
+
<refnamediv>
<refname>PolicyKit-1</refname>
<refpurpose>Authorization API</refpurpose>
</refnamediv>
-
- <refsect1><title>DESCRIPTION</title>
+
+ <refsect1><title>DESCRIPTION</title>
<para>
For more information about the big picture refer to the
PolicyKit specification which can be normally be found
under <filename>/usr/share/doc</filename>.
</para>
-
+
<para>
<emphasis>TODO:</emphasis> This manual page should contain a
simple introduction to PolicyKit for a system administrator
audience. Remains to be written.
</para>
</refsect1>
-
-
- <refsect1><title>AUTHOR</title>
+
+
+ <refsect1><title>AUTHOR</title>
<para>
- Written by David Zeuthen <email>david at fubar.dk</email> with
+ Written by David Zeuthen <email>davidz at redhat.com</email> with
a lot of help from many others.
</para>
</refsect1>
-
+
<refsect1>
- <title>BUGS</title>
+ <title>BUGS</title>
<para>
Please send bug reports to either the distribution or the
polkit-devel mailing list,
- see <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>.
- to subscribe.
+ see the link <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>
+ on how to subscribe.
</para>
</refsect1>
-
+
<refsect1>
<title>SEE ALSO</title>
<para>
<citerefentry>
- <refentrytitle>polkit-adm-1</refentrytitle><manvolnum>1</manvolnum>
+ <refentrytitle>polkit-1</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>
</para>
</refsect1>
</refentry>
-
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
new file mode 100644
index 0000000..6b20b8f
--- /dev/null
+++ b/docs/man/polkit.xml
@@ -0,0 +1,328 @@
+<refentry id="PolicyKit-1.8">
+ <refentryinfo>
+ <title>polkit-1</title>
+ <date>January 2009</date>
+ <productname>PolicyKit-1</productname>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>polkit-1</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="version"></refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>polkit-1</refname>
+ <refpurpose>PolicyKit Authorization Tool</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis>
+ <command>polkit-1</command>
+ <arg><option>--version</option></arg>
+ <arg><option>--help</option></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>polkit-1 list</command>
+ <group>
+ <arg choice="plain">
+ actions
+ <arg><option>--verbose</option></arg>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ users
+ <arg><option>--verbose</option></arg>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ groups
+ <arg><option>--verbose</option></arg>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ authorizations
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ explicit-authorizations <replaceable>subject</replaceable>
+ <arg><option>--verbose</option></arg>
+ </arg>
+ </group>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>polkit-1 check</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>polkit-1 grant</command>
+ <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>polkit-1 revoke</command>
+ <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>polkit-1 action</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <sbr/>
+ <group>
+ <arg choice="plain">
+ set-implicit-any
+ <replaceable>value</replaceable>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ set-implicit-inactive
+ <replaceable>value</replaceable>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ set-implicit-active
+ <replaceable>value</replaceable>
+ </arg>
+ <arg choice="plain">
+ <sbr/>
+ reset-implicit
+ </arg>
+ </group>
+ </cmdsynopsis>
+
+ <cmdsynopsis>
+ <command>polkit-1 run</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg choice="plain"><replaceable>PROGRAM</replaceable></arg>
+ <group rep="repeat">
+ <arg choice="plain"><replaceable>ARGUMENTS</replaceable></arg>
+ </group>
+ </cmdsynopsis>
+
+ </refsynopsisdiv>
+
+ <refsect1><title>DESCRIPTION</title>
+ <para>
+ Manage PolicyKit authorizations.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term><option>--version</option></term>
+ <listitem>
+ <para>
+ Show version and exit.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--help</option></term>
+ <listitem>
+ <para>
+ Show this information.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 list actions</command>
+ <arg><option>--verbose</option></arg>
+ </para>
+ <para>
+ Lists all identifiers for registered PolicyKit actions. The returned identifiers can be
+ used as <replaceable>action-id</replaceable> parameters.
+ Prints detailed information about each action if <option>--verbose</option> is given.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 list users</command>
+ <arg><option>--verbose</option></arg>
+ </para>
+ <para>
+ Lists all users.
+ The returned identifiers can be used as <replaceable>subject</replaceable> parameters.
+ Prints detailed information about each user if <option>--verbose</option> is given.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 list groups</command>
+ <arg><option>--verbose</option></arg>
+ </para>
+ <para>
+ Lists all groups.
+ The returned identifiers can be used as <replaceable>subject</replaceable> parameters.
+ Prints detailed information about each group if <option>--verbose</option> is given.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 list authorizations</command>
+ </para>
+ <para>
+ Lists all <replaceable>action-id</replaceable>s that the calling process is authorized for.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 list explicit-authorizations <replaceable>subject</replaceable></command>
+ <arg><option>--verbose</option></arg>
+ </para>
+ <para>
+ Lists all explicit authorizations for <replaceable>subject</replaceable>.
+ Prints detailed information about each authorization if <option>--verbose</option> is given.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 check</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ </para>
+ <para>
+ Checks if the calling process is authorized for <replaceable>action-id</replaceable>.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 grant</command>
+ <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ </para>
+ <para>
+ Grants an authorization to <replaceable>subject</replaceable> for <replaceable>action-id</replaceable>.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 revoke</command>
+ <arg choice="plain"><replaceable>subject</replaceable></arg>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ </para>
+ <para>
+ Revokes an authorization from <replaceable>subject</replaceable> for <replaceable>action-id</replaceable>.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 action</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg choice="plain">
+ set-implicit-any
+ <replaceable>value</replaceable>
+ </arg>
+ </para>
+ <para>
+ Sets the implicit authorizations on
+ <replaceable>action-id</replaceable> to <replaceable>value</replaceable>.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 action</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg choice="plain">
+ set-implicit-inactive
+ <replaceable>value</replaceable>
+ </arg>
+ </para>
+ <para>
+ Sets the implicit authorizations for local inactive sessions on
+ <replaceable>action-id</replaceable> to <replaceable>value</replaceable>.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 action</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg choice="plain">
+ set-implicit-active
+ <replaceable>value</replaceable>
+ </arg>
+ </para>
+ <para>
+ Sets the implicit authorizations for local active sessions on
+ <replaceable>action-id</replaceable> to <replaceable>value</replaceable>.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 action</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg choice="plain">
+ reset-implicit
+ </arg>
+ </para>
+ <para>
+ Resets all implicit authorizations on <replaceable>action-id</replaceable> to factory defaults.
+ </para>
+ </refsect2>
+
+ <refsect2>
+ <para>
+ <command>polkit-1 run</command>
+ <arg choice="plain"><replaceable>action-id</replaceable></arg>
+ <arg choice="plain"><replaceable>PROGRAM</replaceable></arg>
+ <group rep="repeat">
+ <arg choice="plain"><replaceable>ARGUMENTS</replaceable></arg>
+ </group>
+ </para>
+ <para>
+ Attempts to ensure that a PolicyKit authorization for <replaceable>action-id</replaceable>
+ is available and runs the <replaceable>PROGRAM</replaceable> if an authorization is
+ in place. This may involve having to make the user obtain the authorization through
+ authentication. If an authorization cannot be obtained, <replaceable>PROGRAM</replaceable>
+ will not be runned.
+ </para>
+ </refsect2>
+
+ </refsect1>
+
+ <refsect1><title>AUTHOR</title>
+ <para>
+ Written by David Zeuthen <email>davidz at redhat.com</email> with
+ a lot of help from many others.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>BUGS</title>
+ <para>
+ Please send bug reports to either the distribution or the
+ polkit-devel mailing list,
+ see the link <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>
+ on how to subscribe.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>PolicyKit-1</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 1761076..8caf9d8 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -48,6 +48,8 @@ libpolkit_gobject_1include_HEADERS = \
polkitunixgroup.h \
polkitunixprocess.h \
polkitsystembusname.h \
+ polkitauthorizationclaim.h \
+ polkitauthorizationresult.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
@@ -61,6 +63,8 @@ libpolkit_gobject_1_la_SOURCES = \
polkitunixgroup.c polkitunixgroup.h \
polkitunixprocess.c polkitunixprocess.h \
polkitsystembusname.c polkitsystembusname.h \
+ polkitauthorizationclaim.c polkitauthorizationclaim.h \
+ polkitauthorizationresult.c polkitauthorizationresult.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 1520fed..c81d14e 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -25,13 +25,15 @@
#define _POLKIT_INSIDE_POLKIT_H 1
#include <polkit/polkitactiondescription.h>
-#include <polkit/polkitauthority.h>
#include <polkit/polkiterror.h>
#include <polkit/polkitsubject.h>
#include <polkit/polkitunixuser.h>
#include <polkit/polkitunixgroup.h>
#include <polkit/polkitunixprocess.h>
#include <polkit/polkitsystembusname.h>
+#include <polkit/polkitauthorizationclaim.h>
+#include <polkit/polkitauthorizationresult.h>
+#include <polkit/polkitauthority.h>
#undef _POLKIT_INSIDE_POLKIT_H
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index 83de4f9..2133024 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -73,6 +73,9 @@ polkit_action_description_finalize (GObject *object)
if (action_description->icon != NULL)
g_object_unref (action_description->icon);
+
+ if (G_OBJECT_CLASS (polkit_action_description_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_action_description_parent_class)->finalize (object);
}
static void
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 6e74e5e..bb4d1c6 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -23,6 +23,7 @@
# include "config.h"
#endif
+#include "polkitauthorizationresult.h"
#include "polkitauthority.h"
#include "polkitprivate.h"
@@ -82,6 +83,9 @@ polkit_authority_finalize (GObject *object)
g_object_unref (authority->authority_object_proxy);
the_authority = NULL;
+
+ if (G_OBJECT_CLASS (polkit_authority_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_authority_parent_class)->finalize (object);
}
static void
@@ -210,3 +214,39 @@ polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
out:
return result;
}
+
+PolkitAuthorizationResult
+polkit_authority_check_claim_sync (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GError **error)
+{
+ _PolkitAuthorizationResult result;
+ _PolkitAuthorizationClaim *real_claim;
+ EggDBusHashMap *result_attributes;
+
+ result = _POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+ real_claim = NULL;
+
+ real_claim = polkit_authorization_claim_get_real (claim);
+
+ if (!_polkit_authority_check_claim_sync (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ real_claim,
+ &result,
+ &result_attributes,
+ cancellable,
+ error))
+ goto out;
+
+ /* TODO: pass these back */
+ if (result_attributes != NULL)
+ g_object_unref (result_attributes);
+
+ out:
+ if (real_claim != NULL)
+ g_object_unref (real_claim);
+
+ return result;
+}
+
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 1cb49f6..0e4a45e 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -57,6 +57,11 @@ GList *polkit_authority_enumerate_groups_sync (PolkitAuthorit
GCancellable *cancellable,
GError **error);
+PolkitAuthorizationResult polkit_authority_check_claim_sync (PolkitAuthority *authority,
+ PolkitAuthorizationClaim *claim,
+ GCancellable *cancellable,
+ GError **error);
+
G_END_DECLS
#endif /* __POLKIT_AUTHORITY_H */
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index 70662d1..9976fad 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -23,6 +23,8 @@
#define __POLKIT_PRIVATE_H
#include "polkitactiondescription.h"
+#include "polkitsubject.h"
+#include "polkitauthorizationclaim.h"
#include "_polkitbindings.h"
/* notes:
@@ -38,6 +40,8 @@ _PolkitActionDescription *polkit_action_description_get_real (PolkitActionDe
PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real);
_PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
+PolkitAuthorizationClaim *polkit_authorization_claim_new_for_real (_PolkitAuthorizationClaim *real);
+_PolkitAuthorizationClaim *polkit_authorization_claim_get_real (PolkitAuthorizationClaim *claim);
#endif /* __POLKIT_PRIVATE_H */
diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
index ec069e5..7045dbe 100644
--- a/src/polkit/polkitsystembusname.c
+++ b/src/polkit/polkitsystembusname.c
@@ -71,6 +71,9 @@ polkit_system_bus_name_finalize (GObject *object)
PolkitSystemBusName *system_bus_name = POLKIT_SYSTEM_BUS_NAME (object);
g_free (system_bus_name->name);
+
+ if (G_OBJECT_CLASS (polkit_system_bus_name_parent_class)->finalize != NULL)
+ G_OBJECT_CLASS (polkit_system_bus_name_parent_class)->finalize (object);
}
static void
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
index 8e0c3f5..235f92d 100644
--- a/src/polkit/polkittypes.h
+++ b/src/polkit/polkittypes.h
@@ -44,5 +44,8 @@ typedef struct _PolkitUnixProcess PolkitUnixProcess;
struct _PolkitSystemBusName;
typedef struct _PolkitSystemBusName PolkitSystemBusName;
+struct _PolkitAuthorizationClaim;
+typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim;
+
#endif /* __POLKIT_TYPES_H */
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 7da08e5..126488b 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -31,17 +31,15 @@ static PolkitAuthority *authority;
static gboolean opt_list_actions = FALSE;
static gboolean opt_list_users = FALSE;
static gboolean opt_list_groups = FALSE;
-static gchar *opt_show_action = NULL;
+static gboolean opt_list_authorizations = FALSE;
+static gboolean opt_list_explicit_authorizations = FALSE;
+
+static gboolean opt_show_help = FALSE;
static gboolean opt_show_version = FALSE;
-static GOptionEntry option_entries[] = {
- {"list-actions", 'l', 0, G_OPTION_ARG_NONE, &opt_list_actions, "List registered actions", NULL},
- {"list-users", 0, 0, G_OPTION_ARG_NONE, &opt_list_users, "List known users", NULL},
- {"list-groups", 0, 0, G_OPTION_ARG_NONE, &opt_list_groups, "List known groups", NULL},
- {"show-action", 's', 0, G_OPTION_ARG_STRING, &opt_show_action, "Show details for an action", "action_id"},
- {"version", 'V', 0, G_OPTION_ARG_NONE, &opt_show_version, "Show version", NULL},
- {NULL, },
-};
+static gboolean opt_verbose = FALSE;
+
+static PolkitSubject *subject;
static gboolean list_actions (void);
static gboolean list_users (void);
@@ -49,31 +47,122 @@ static gboolean list_groups (void);
static gboolean show_action (const gchar *action_id);
+static void
+usage (int argc, char *argv[])
+{
+ GError *error;
+
+ error = NULL;
+ if (!g_spawn_command_line_sync ("man polkit-1",
+ NULL,
+ NULL,
+ NULL,
+ &error))
+ {
+ g_printerr ("Cannot show manual page: %s\n", error->message);
+ g_error_free (error);
+ }
+}
+
int
main (int argc, char *argv[])
{
gboolean ret;
- GError *error;
- GOptionContext *option_ctx;
+ gint n;
+ gboolean in_list;
ret = FALSE;
g_type_init ();
- option_ctx = g_option_context_new ("polkit-1");
- g_option_context_add_main_entries (option_ctx, option_entries, NULL);
- g_option_context_set_summary (option_ctx, "PolicyKit commandline tool");
- error = NULL;
- if (!g_option_context_parse (option_ctx, &argc, &argv, &error))
+ in_list = FALSE;
+ for (n = 1; n < argc; n++)
{
- g_printerr ("Error parsing options: %s\n", error->message);
- g_error_free (error);
- goto out;
+ if (in_list)
+ {
+ if (strcmp (argv[n], "actions") == 0)
+ {
+ opt_list_actions = TRUE;
+ }
+ else if (strcmp (argv[n], "users") == 0)
+ {
+ opt_list_users = TRUE;
+ }
+ else if (strcmp (argv[n], "groups") == 0)
+ {
+ opt_list_groups = TRUE;
+ }
+ else if (strcmp (argv[n], "authorizations") == 0)
+ {
+ opt_list_authorizations = TRUE;
+ }
+ else if (strcmp (argv[n], "explicit-authorizations") == 0)
+ {
+ opt_list_explicit_authorizations = TRUE;
+
+ n++;
+ if (n >= argc)
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ subject = NULL; //polkit_subject_from_string (argv[n]);
+ if (subject == NULL)
+ {
+ g_printerr ("Malformed subject identifier '%s'", argv[n]);
+ goto out;
+ }
+
+ }
+ else
+ {
+ usage (argc, argv);
+ goto out;
+ }
+
+ in_list = FALSE;
+ }
+ else if (strcmp (argv[n], "list") == 0)
+ {
+ in_list = TRUE;
+ continue;
+ }
+ else if (strcmp (argv[n], "--help") == 0)
+ {
+ opt_show_help = TRUE;
+ }
+ else if (strcmp (argv[n], "--version") == 0)
+ {
+ opt_show_version = TRUE;
+ }
+ else if (strcmp (argv[n], "--verbose") == 0)
+ {
+ opt_verbose = TRUE;
+ }
+ else
+ {
+ usage (argc, argv);
+ goto out;
+ }
}
authority = polkit_authority_get ();
- if (opt_list_actions)
+ if (opt_show_help)
+ {
+ usage (argc, argv);
+ ret = TRUE;
+ goto out;
+ }
+ else if (opt_show_version)
+ {
+ g_print ("PolicyKit version %s\n", PACKAGE_VERSION);
+ /* TODO: print backend name / version */
+ ret = TRUE;
+ goto out;
+ }
+ else if (opt_list_actions)
{
ret = list_actions ();
}
@@ -85,33 +174,18 @@ main (int argc, char *argv[])
{
ret = list_groups ();
}
- else if (opt_show_action != NULL)
- {
- ret = show_action (opt_show_action);
- }
- else if (opt_show_version)
- {
- g_print ("polkit-1 %s\n", PACKAGE_VERSION);
- ret = TRUE;
- }
else
{
- gchar *s;
-
- /* print usage */
- s = g_option_context_get_help (option_ctx, TRUE, NULL);
- g_print ("%s", s);
- g_free (s);
- ret = 0;
- goto out;
+ usage (argc, argv);
}
- g_object_unref (authority);
-
- g_option_context_free (option_ctx);
out:
- g_free (opt_show_action);
+ if (authority != NULL)
+ g_object_unref (authority);
+
+ if (subject != NULL)
+ g_object_unref (subject);
return ret ? 0 : 1;
}
@@ -234,8 +308,19 @@ list_actions (void)
for (l = actions; l != NULL; l = l->next)
{
PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
+ const gchar *action_id;
- g_print ("%s\n", polkit_action_description_get_action_id (action));
+ action_id = polkit_action_description_get_action_id (action);
+
+ if (opt_verbose)
+ {
+ show_action (action_id);
+ g_print ("\n");
+ }
+ else
+ {
+ g_print ("%s\n", action_id);
+ }
}
g_list_foreach (actions, (GFunc) g_object_unref, NULL);
@@ -324,40 +409,3 @@ list_groups (void)
out:
return ret;
}
-
-
-#if 0
- PolkitSubject *subject1;
- PolkitSubject *subject2;
- PolkitSubject *subject3;
-
- subject1 = polkit_user_new ("moe");
- subject2 = polkit_user_new ("bernie");
- subject3 = polkit_process_new (42);
-
- GList *claims;
- claims = NULL;
- claims = g_list_prepend (claims, polkit_authorization_claim_new (subject1, "org.foo.1"));
- claims = g_list_prepend (claims, polkit_authorization_claim_new (subject2, "org.foo.2"));
- claims = g_list_prepend (claims, polkit_authorization_claim_new (subject3, "org.foo.3"));
-
- PolkitAuthorizationClaim *claim;
- claim = polkit_authorization_claim_new (subject3, "org.foo.4");
- polkit_authorization_claim_set_attribute (claim, "foo", "bar");
- polkit_authorization_claim_set_attribute (claim, "unix-device", "/dev/sda");
- claims = g_list_prepend (claims, claim);
-
-
- error = NULL;
- result = polkit_authority_check_claims_sync (authority,
- claims,
- NULL,
- &error);
- if (error != NULL) {
- g_print ("Got error: %s\n", error->message);
- g_error_free (error);
- } else {
- g_print ("Got result: %d\n", result);
- }
-
-#endif
commit c1e0322e08460acd00ccdd2e6edb86416578a159
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Jan 7 12:33:55 2009 -0500
add serialization for subjects and implement Enumerate{Users,Groups}
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 9fd3621..510d6a7 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -92,6 +92,10 @@
<arg name="users" direction="out" type="a(sa{sv})"/>
</method>
+ <method name="EnumerateGroups">
+ <arg name="groups" direction="out" type="a(sa{sv})"/>
+ </method>
+
<method name="EnumerateActions">
<arg name="locale" direction="in" type="s"/>
<arg name="action_descriptions" direction="out" type="a(ssssssa{ss})"/>
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index 827458c..83de4f9 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -97,7 +97,7 @@ polkit_action_description_new_for_real (_PolkitActionDescription *real)
_PolkitActionDescription *
polkit_action_description_get_real (PolkitActionDescription *action_description)
{
- return action_description->real;
+ return g_object_ref (action_description->real);
}
const gchar *
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 18e6181..6e74e5e 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -135,6 +135,78 @@ polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
result = g_list_reverse (result);
+ g_object_unref (array_seq);
+
+ out:
+ return result;
+}
+
+GList *
+polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error)
+{
+ EggDBusArraySeq *array_seq;
+ GList *result;
+ guint n;
+
+ result = NULL;
+
+ if (!_polkit_authority_enumerate_users_sync (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ &array_seq,
+ cancellable,
+ error))
+ goto out;
+
+ for (n = 0; n < array_seq->size; n++)
+ {
+ _PolkitSubject *real_subject;
+
+ real_subject = array_seq->data.v_ptr[n];
+
+ result = g_list_prepend (result, polkit_subject_new_for_real (real_subject));
+ }
+
+ result = g_list_reverse (result);
+
+ g_object_unref (array_seq);
+
+ out:
+ return result;
+}
+
+GList *
+polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error)
+{
+ EggDBusArraySeq *array_seq;
+ GList *result;
+ guint n;
+
+ result = NULL;
+
+ if (!_polkit_authority_enumerate_groups_sync (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ &array_seq,
+ cancellable,
+ error))
+ goto out;
+
+ for (n = 0; n < array_seq->size; n++)
+ {
+ _PolkitSubject *real_subject;
+
+ real_subject = array_seq->data.v_ptr[n];
+
+ result = g_list_prepend (result, polkit_subject_new_for_real (real_subject));
+ }
+
+ result = g_list_reverse (result);
+
+ g_object_unref (array_seq);
+
out:
return result;
}
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index eda9360..1cb49f6 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -48,6 +48,15 @@ GList *polkit_authority_enumerate_actions_sync (PolkitAuthori
const gchar *locale,
GCancellable *cancellable,
GError **error);
+
+GList *polkit_authority_enumerate_users_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error);
+
+GList *polkit_authority_enumerate_groups_sync (PolkitAuthority *authority,
+ GCancellable *cancellable,
+ GError **error);
+
G_END_DECLS
#endif /* __POLKIT_AUTHORITY_H */
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
index b4137f3..70662d1 100644
--- a/src/polkit/polkitprivate.h
+++ b/src/polkit/polkitprivate.h
@@ -25,7 +25,19 @@
#include "polkitactiondescription.h"
#include "_polkitbindings.h"
+/* notes:
+ *
+ * - the _new_for_real() functions will ref the passed arg (you will still own the ref)
+ * - the _get_real() functions will return a ref (you will own the ref)
+ *
+ */
+
PolkitActionDescription *polkit_action_description_new_for_real (_PolkitActionDescription *real);
-_PolkitActionDescription *polkit_action_description_get_real (PolkitActionDescription *action_description);
+_PolkitActionDescription *polkit_action_description_get_real (PolkitActionDescription *action_description);
+
+PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real);
+_PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
+
+
#endif /* __POLKIT_PRIVATE_H */
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index d950fb1..b140988 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -23,7 +23,14 @@
# include "config.h"
#endif
+#include <string.h>
+
#include "polkitsubject.h"
+#include "polkitunixuser.h"
+#include "polkitunixgroup.h"
+#include "polkitunixprocess.h"
+#include "polkitsystembusname.h"
+#include "polkitprivate.h"
static void
base_init (gpointer g_iface)
@@ -69,3 +76,111 @@ polkit_subject_equal (PolkitSubject *a,
return POLKIT_SUBJECT_GET_IFACE (a)->equal (a, b);
}
+gchar *
+polkit_subject_to_string (PolkitSubject *subject)
+{
+ return POLKIT_SUBJECT_GET_IFACE (subject)->to_string (subject);
+}
+
+PolkitSubject *
+polkit_subject_new_for_real (_PolkitSubject *real)
+{
+ PolkitSubject *s;
+ const gchar *kind;
+ EggDBusHashMap *details;
+ EggDBusVariant *variant;
+ EggDBusVariant *variant2;
+
+ s = NULL;
+
+ kind = _polkit_subject_get_subject_kind (real);
+ details = _polkit_subject_get_subject_details (real);
+
+ if (strcmp (kind, "unix-user") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "uid");
+ s = polkit_unix_user_new (egg_dbus_variant_get_uint (variant));
+ }
+ else if (strcmp (kind, "unix-group") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "gid");
+ s = polkit_unix_group_new (egg_dbus_variant_get_uint (variant));
+ }
+ else if (strcmp (kind, "unix-process") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "pid");
+ variant2 = egg_dbus_hash_map_lookup (details, "start-time");
+ s = polkit_unix_process_new_full (egg_dbus_variant_get_uint (variant),
+ egg_dbus_variant_get_uint64 (variant2));
+ }
+ else if (strcmp (kind, "system-bus-name") == 0)
+ {
+ variant = egg_dbus_hash_map_lookup (details, "name");
+ s = polkit_system_bus_name_new (egg_dbus_variant_get_string (variant));
+ }
+ else
+ {
+ g_warning ("Unknown subject kind %s:", kind);
+ }
+
+ return s;
+}
+
+_PolkitSubject *
+polkit_subject_get_real (PolkitSubject *subject)
+{
+ _PolkitSubject *real;
+ const gchar *kind;
+ EggDBusHashMap *details;
+
+ real = NULL;
+ kind = NULL;
+ details = egg_dbus_hash_map_new (G_TYPE_STRING, NULL, EGG_DBUS_TYPE_VARIANT, (GDestroyNotify) g_object_unref);
+
+ if (POLKIT_IS_UNIX_USER (subject))
+ {
+ kind = "unix-user";
+ egg_dbus_hash_map_insert (details,
+ "uid",
+ egg_dbus_variant_new_for_uint (polkit_unix_user_get_uid (POLKIT_UNIX_USER (subject))));
+ }
+ else if (POLKIT_IS_UNIX_GROUP (subject))
+ {
+ kind = "unix-group";
+ egg_dbus_hash_map_insert (details,
+ "gid",
+ egg_dbus_variant_new_for_uint (polkit_unix_group_get_gid (POLKIT_UNIX_GROUP (subject))));
+ }
+ else if (POLKIT_IS_UNIX_PROCESS (subject))
+ {
+ kind = "unix-process";
+ egg_dbus_hash_map_insert (details,
+ "pid",
+ egg_dbus_variant_new_for_uint (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject))));
+ egg_dbus_hash_map_insert (details,
+ "start-time",
+ egg_dbus_variant_new_for_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject))));
+ }
+ else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
+ {
+ kind = "system-bus-name";
+ egg_dbus_hash_map_insert (details,
+ "name",
+ egg_dbus_variant_new_for_string (polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject))));
+ }
+ else
+ {
+ g_warning ("Unknown class %s implementing PolkitSubject", g_type_name (G_TYPE_FROM_INSTANCE (subject)));
+ }
+
+ if (kind != NULL)
+ {
+ real = _polkit_subject_new (kind, details);
+ }
+
+ if (details != NULL)
+ g_object_unref (details);
+
+ return real;
+}
+
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
index 8106b0e..d944e9a 100644
--- a/src/polkit/polkitsubject.h
+++ b/src/polkit/polkitsubject.h
@@ -42,13 +42,16 @@ struct _PolkitSubjectIface
{
GTypeInterface parent_iface;
- gboolean (*equal) (PolkitSubject *a,
- PolkitSubject *b);
+ gboolean (*equal) (PolkitSubject *a,
+ PolkitSubject *b);
+
+ gchar * (*to_string) (PolkitSubject *subject);
};
-GType polkit_subject_get_type (void) G_GNUC_CONST;
-gboolean polkit_subject_equal (PolkitSubject *a,
- PolkitSubject *b);
+GType polkit_subject_get_type (void) G_GNUC_CONST;
+gboolean polkit_subject_equal (PolkitSubject *a,
+ PolkitSubject *b);
+gchar *polkit_subject_to_string (PolkitSubject *subject);
G_END_DECLS
diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
index 4583ccc..ec069e5 100644
--- a/src/polkit/polkitsystembusname.c
+++ b/src/polkit/polkitsystembusname.c
@@ -176,8 +176,17 @@ polkit_system_bus_name_equal (PolkitSubject *a,
return strcmp (name_a->name, name_b->name) == 0;
}
+static gchar *
+polkit_system_bus_name_to_string (PolkitSubject *subject)
+{
+ PolkitSystemBusName *system_bus_name = POLKIT_SYSTEM_BUS_NAME (subject);
+
+ return g_strdup_printf ("system-bus-name:%s", system_bus_name->name);
+}
+
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
- subject_iface->equal = polkit_system_bus_name_equal;
+ subject_iface->equal = polkit_system_bus_name_equal;
+ subject_iface->to_string = polkit_system_bus_name_to_string;
}
diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c
index d70da5f..48ab835 100644
--- a/src/polkit/polkitunixgroup.c
+++ b/src/polkit/polkitunixgroup.c
@@ -24,6 +24,7 @@
#endif
#include <string.h>
+#include <grp.h>
#include "polkitunixgroup.h"
#include "polkitsubject.h"
#include "polkitprivate.h"
@@ -168,8 +169,23 @@ polkit_unix_group_equal (PolkitSubject *a,
return group_a->gid == group_b->gid;
}
+static gchar *
+polkit_unix_group_to_string (PolkitSubject *subject)
+{
+ PolkitUnixGroup *group = POLKIT_UNIX_GROUP (subject);
+ struct group *gr;
+
+ gr = getgrgid (group->gid);
+
+ if (gr == NULL)
+ return g_strdup_printf ("unix-group:%d", group->gid);
+ else
+ return g_strdup_printf ("unix-group:%s", gr->gr_name);
+}
+
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
- subject_iface->equal = polkit_unix_group_equal;
+ subject_iface->equal = polkit_unix_group_equal;
+ subject_iface->to_string = polkit_unix_group_to_string;
}
diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
index 4991a75..d2fab0c 100644
--- a/src/polkit/polkitunixprocess.c
+++ b/src/polkit/polkitunixprocess.c
@@ -178,7 +178,8 @@ polkit_unix_process_set_pid (PolkitUnixProcess *process,
pid_t pid)
{
process->pid = pid;
- process->start_time = get_start_time_for_pid (pid);
+ if (pid != (pid_t) -1)
+ process->start_time = get_start_time_for_pid (pid);
}
PolkitSubject *
@@ -189,6 +190,20 @@ polkit_unix_process_new (pid_t pid)
NULL));
}
+PolkitSubject *
+polkit_unix_process_new_full (pid_t pid,
+ guint64 start_time)
+{
+ PolkitUnixProcess *process;
+
+ process = POLKIT_UNIX_PROCESS (polkit_unix_process_new ((pid_t) -1));
+ process->pid = pid;
+ process->start_time = start_time;
+
+ return POLKIT_SUBJECT (process);
+}
+
+
static gboolean
polkit_unix_process_equal (PolkitSubject *a,
PolkitSubject *b)
@@ -204,10 +219,19 @@ polkit_unix_process_equal (PolkitSubject *a,
(process_a->start_time == process_b->start_time);
}
+static gchar *
+polkit_unix_process_to_string (PolkitSubject *subject)
+{
+ PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (subject);
+
+ return g_strdup_printf ("unix-process:%d:%" G_GUINT64_FORMAT, process->pid, process->start_time);
+}
+
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
- subject_iface->equal = polkit_unix_process_equal;
+ subject_iface->equal = polkit_unix_process_equal;
+ subject_iface->to_string = polkit_unix_process_to_string;
}
#ifdef HAVE_SOLARIS
diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h
index 74102b2..b584bef 100644
--- a/src/polkit/polkitunixprocess.h
+++ b/src/polkit/polkitunixprocess.h
@@ -44,6 +44,8 @@ typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass;
GType polkit_unix_process_get_type (void) G_GNUC_CONST;
PolkitSubject *polkit_unix_process_new (pid_t pid);
+PolkitSubject *polkit_unix_process_new_full (pid_t pid,
+ guint64 start_time);
pid_t polkit_unix_process_get_pid (PolkitUnixProcess *process);
guint64 polkit_unix_process_get_start_time (PolkitUnixProcess *process);
diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c
index 07801f7..dd56c1c 100644
--- a/src/polkit/polkitunixuser.c
+++ b/src/polkit/polkitunixuser.c
@@ -24,6 +24,7 @@
#endif
#include <string.h>
+#include <pwd.h>
#include "polkitunixuser.h"
#include "polkitsubject.h"
#include "polkitprivate.h"
@@ -168,8 +169,23 @@ polkit_unix_user_equal (PolkitSubject *a,
return user_a->uid == user_b->uid;
}
+static gchar *
+polkit_unix_user_to_string (PolkitSubject *subject)
+{
+ PolkitUnixUser *user = POLKIT_UNIX_USER (subject);
+ struct passwd *passwd;
+
+ passwd = getpwuid (user->uid);
+
+ if (passwd == NULL)
+ return g_strdup_printf ("unix-user:%d", user->uid);
+ else
+ return g_strdup_printf ("unix-user:%s", passwd->pw_name);
+}
+
static void
subject_iface_init (PolkitSubjectIface *subject_iface)
{
- subject_iface->equal = polkit_unix_user_equal;
+ subject_iface->equal = polkit_unix_user_equal;
+ subject_iface->to_string = polkit_unix_user_to_string;
}
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 3de036a..135dcd7 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -39,13 +39,35 @@ polkit_backend_authority_class_init (PolkitBackendAuthorityClass *klass)
}
GList *
-polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale)
+polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ GError **error)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
- return klass->enumerate_actions (authority, locale);
+ return klass->enumerate_actions (authority, locale, error);
}
+GList *
+polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
+ GError **error)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ return klass->enumerate_users (authority, error);
+}
+
+GList *
+polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ GError **error)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ return klass->enumerate_groups (authority, error);
+}
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 1657251..413f414 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -51,8 +51,15 @@ struct _PolkitBackendAuthorityClass
/*< public >*/
- GList * (*enumerate_actions) (PolkitBackendAuthority *authority,
- const gchar *locale);
+ GList * (*enumerate_actions) (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ GError **error);
+
+ GList * (*enumerate_users) (PolkitBackendAuthority *authority,
+ GError **error);
+
+ GList * (*enumerate_groups) (PolkitBackendAuthority *authority,
+ GError **error);
/*< private >*/
/* Padding for future expansion */
@@ -69,7 +76,14 @@ struct _PolkitBackendAuthorityClass
GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
GList *polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale);
+ const gchar *locale,
+ GError **error);
+
+GList *polkit_backend_authority_enumerate_users (PolkitBackendAuthority *authority,
+ GError **error);
+
+GList *polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ GError **error);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 9e2ffc8..028adc7 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -22,6 +22,7 @@
#include "config.h"
#include <errno.h>
#include <pwd.h>
+#include <grp.h>
#include <string.h>
#include <polkit/polkit.h>
#include "polkitbackendlocalauthority.h"
@@ -33,9 +34,15 @@ typedef struct
} PolkitBackendLocalAuthorityPrivate;
-static GList *polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale);
+static GList *polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ GError **error);
+static GList *polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
+ GError **error);
+
+static GList *polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ GError **error);
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
@@ -81,6 +88,8 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
gobject_class->finalize = polkit_backend_local_authority_finalize;
authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
+ authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
+ authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -95,8 +104,9 @@ polkit_backend_local_authority_new (void)
/* ---------------------------------------------------------------------------------------------------- */
static GList *
-polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
- const gchar *locale)
+polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale,
+ GError **error)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
@@ -107,6 +117,90 @@ polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *author
return polkit_backend_action_pool_get_all_actions (priv->action_pool, locale);
}
+static GList *
+polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *authority,
+ GError **error)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ struct passwd *passwd;
+ GList *list;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ list = NULL;
+
+ passwd = getpwent ();
+ if (passwd == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getpwent failed: %s",
+ strerror (errno));
+ goto out;
+ }
+
+ do
+ {
+ PolkitSubject *subject;
+
+ subject = polkit_unix_user_new (passwd->pw_uid);
+
+ list = g_list_prepend (list, subject);
+ }
+ while ((passwd = getpwent ()) != NULL);
+ endpwent ();
+
+ list = g_list_reverse (list);
+
+ out:
+ return list;
+}
+
+static GList *
+polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority,
+ GError **error)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ struct group *group;
+ GList *list;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ list = NULL;
+
+ group = getgrent ();
+ if (group == NULL)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getgrent failed: %s",
+ strerror (errno));
+ goto out;
+ }
+
+ do
+ {
+ PolkitSubject *subject;
+
+ subject = polkit_unix_group_new (group->gr_gid);
+
+ list = g_list_prepend (list, subject);
+ }
+ while ((group = getgrent ()) != NULL);
+ endgrent ();
+
+ list = g_list_reverse (list);
+
+ out:
+ return list;
+}
+
#if 0
/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
index 090e37f..05125d1 100644
--- a/src/polkitbackend/polkitbackendserver.c
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -91,17 +91,29 @@ authority_handle_enumerate_actions (_PolkitAuthority *instance,
{
PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
EggDBusArraySeq *array;
+ GError *error;
GList *actions;
GList *l;
- actions = polkit_backend_authority_enumerate_actions (server->authority, locale);
+ error = NULL;
+ actions = polkit_backend_authority_enumerate_actions (server->authority, locale, &error);
- array = egg_dbus_array_seq_new (_POLKIT_TYPE_ACTION_DESCRIPTION, NULL, NULL, NULL);
+ if (error != NULL)
+ {
+ egg_dbus_method_invocation_return_gerror (method_invocation, error);
+ g_error_free (error);
+ goto out;
+ }
+
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_ACTION_DESCRIPTION, (GDestroyNotify) g_object_unref, NULL, NULL);
for (l = actions; l != NULL; l = l->next)
{
PolkitActionDescription *ad = POLKIT_ACTION_DESCRIPTION (l->data);
- egg_dbus_array_seq_add (array, polkit_action_description_get_real (ad));
+ _PolkitActionDescription *real;
+
+ real = polkit_action_description_get_real (ad);
+ egg_dbus_array_seq_add (array, real);
}
_polkit_authority_handle_enumerate_actions_finish (method_invocation, array);
@@ -110,10 +122,99 @@ authority_handle_enumerate_actions (_PolkitAuthority *instance,
g_list_foreach (actions, (GFunc) g_object_unref, NULL);
g_list_free (actions);
+
+ out:
+ ;
+}
+
+static void
+authority_handle_enumerate_users (_PolkitAuthority *instance,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ EggDBusArraySeq *array;
+ GError *error;
+ GList *subjects;
+ GList *l;
+
+ error = NULL;
+ subjects = polkit_backend_authority_enumerate_users (server->authority, &error);
+
+ if (error != NULL)
+ {
+ egg_dbus_method_invocation_return_gerror (method_invocation, error);
+ g_error_free (error);
+ goto out;
+ }
+
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
+
+ for (l = subjects; l != NULL; l = l->next)
+ {
+ PolkitSubject *subject = POLKIT_SUBJECT (l->data);
+ _PolkitSubject *real;
+
+ real = polkit_subject_get_real (subject);
+ egg_dbus_array_seq_add (array, real);
+ }
+
+ _polkit_authority_handle_enumerate_users_finish (method_invocation, array);
+
+ g_object_unref (array);
+
+ g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
+ g_list_free (subjects);
+
+ out:
+ ;
+}
+
+static void
+authority_handle_enumerate_groups (_PolkitAuthority *instance,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ EggDBusArraySeq *array;
+ GError *error;
+ GList *subjects;
+ GList *l;
+
+ error = NULL;
+ subjects = polkit_backend_authority_enumerate_groups (server->authority, &error);
+
+ if (error != NULL)
+ {
+ egg_dbus_method_invocation_return_gerror (method_invocation, error);
+ g_error_free (error);
+ goto out;
+ }
+
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL);
+
+ for (l = subjects; l != NULL; l = l->next)
+ {
+ PolkitSubject *subject = POLKIT_SUBJECT (l->data);
+ _PolkitSubject *real;
+
+ real = polkit_subject_get_real (subject);
+ egg_dbus_array_seq_add (array, real);
+ }
+
+ _polkit_authority_handle_enumerate_groups_finish (method_invocation, array);
+
+ g_object_unref (array);
+
+ g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
+ g_list_free (subjects);
+
+ out:
+ ;
}
static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
+ authority_iface->handle_enumerate_users = authority_handle_enumerate_users;
+ authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups;
}
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index f281e73..7da08e5 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -29,17 +29,23 @@
static PolkitAuthority *authority;
static gboolean opt_list_actions = FALSE;
+static gboolean opt_list_users = FALSE;
+static gboolean opt_list_groups = FALSE;
static gchar *opt_show_action = NULL;
static gboolean opt_show_version = FALSE;
static GOptionEntry option_entries[] = {
{"list-actions", 'l', 0, G_OPTION_ARG_NONE, &opt_list_actions, "List registered actions", NULL},
+ {"list-users", 0, 0, G_OPTION_ARG_NONE, &opt_list_users, "List known users", NULL},
+ {"list-groups", 0, 0, G_OPTION_ARG_NONE, &opt_list_groups, "List known groups", NULL},
{"show-action", 's', 0, G_OPTION_ARG_STRING, &opt_show_action, "Show details for an action", "action_id"},
{"version", 'V', 0, G_OPTION_ARG_NONE, &opt_show_version, "Show version", NULL},
{NULL, },
};
static gboolean list_actions (void);
+static gboolean list_users (void);
+static gboolean list_groups (void);
static gboolean show_action (const gchar *action_id);
@@ -71,6 +77,14 @@ main (int argc, char *argv[])
{
ret = list_actions ();
}
+ else if (opt_list_users)
+ {
+ ret = list_users ();
+ }
+ else if (opt_list_groups)
+ {
+ ret = list_groups ();
+ }
else if (opt_show_action != NULL)
{
ret = show_action (opt_show_action);
@@ -233,6 +247,84 @@ list_actions (void)
return ret;
}
+static void
+print_subjects (GList *subjects)
+{
+ GList *l;
+
+ for (l = subjects; l != NULL; l = l->next)
+ {
+ PolkitSubject *subject = POLKIT_SUBJECT (l->data);
+ gchar *s;
+
+ s = polkit_subject_to_string (subject);
+ g_print ("%s\n", s);
+ g_free (s);
+ }
+}
+
+static gboolean
+list_users (void)
+{
+ gboolean ret;
+ GError *error;
+ GList *subjects;
+
+ ret = FALSE;
+
+ error = NULL;
+ subjects = polkit_authority_enumerate_users_sync (authority,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating users: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ print_subjects (subjects);
+
+ g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
+ g_list_free (subjects);
+
+ ret = TRUE;
+
+ out:
+ return ret;
+}
+
+static gboolean
+list_groups (void)
+{
+ gboolean ret;
+ GError *error;
+ GList *subjects;
+
+ ret = FALSE;
+
+ error = NULL;
+ subjects = polkit_authority_enumerate_groups_sync (authority,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating users: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ print_subjects (subjects);
+
+ g_list_foreach (subjects, (GFunc) g_object_unref, NULL);
+ g_list_free (subjects);
+
+ ret = TRUE;
+
+ out:
+ return ret;
+}
+
#if 0
PolkitSubject *subject1;
commit 3559b6400ee17f9b176ce4e82559a79320c7a08a
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 19:15:26 2009 -0500
add subject interface and some classes implementing this interface
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 90f405d..9fd3621 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -88,11 +88,6 @@
<interface name="org.freedesktop.PolicyKit1.Authority">
- <method name="SayHello">
- <arg name="message" direction="in" type="s"/>
- <arg name="result" direction="out" type="s"/>
- </method>
-
<method name="EnumerateUsers">
<arg name="users" direction="out" type="a(sa{sv})"/>
</method>
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index 1edfaf0..bb9d379 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -64,15 +64,19 @@
</para>
</partintro>
<xi:include href="xml/polkitauthority.xml"/>
- <xi:include href="xml/polkitauthorizationclaim.xml"/>
- <xi:include href="xml/polkitauthorizationresult.xml"/>
<xi:include href="xml/polkitactiondescription.xml"/>
<xi:include href="xml/polkiterror.xml"/>
<xi:include href="xml/polkitsubject.xml"/>
+ <xi:include href="xml/polkitunixuser.xml"/>
+ <xi:include href="xml/polkitunixgroup.xml"/>
+ <xi:include href="xml/polkitunixprocess.xml"/>
+ <xi:include href="xml/polkitsystembusname.xml"/>
<chapter id="extending">
<title>Extending PolicyKit</title>
+ <xi:include href="../polkitbackend/xml/polkitbackendauthority.xml"/>
<xi:include href="../polkitbackend/xml/polkitbackendlocalauthority.xml"/>
<xi:include href="../polkitbackend/xml/polkitbackendactionpool.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendserver.xml"/>
</chapter>
</reference>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 9c69b5f..1761076 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -43,6 +43,11 @@ libpolkit_gobject_1include_HEADERS = \
polkitactiondescription.h \
polkitauthority.h \
polkiterror.h \
+ polkitsubject.h \
+ polkitunixuser.h \
+ polkitunixgroup.h \
+ polkitunixprocess.h \
+ polkitsystembusname.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
@@ -51,6 +56,11 @@ libpolkit_gobject_1_la_SOURCES = \
polkitactiondescription.c polkitactiondescription.h \
polkitauthority.c polkitauthority.h \
polkiterror.c polkiterror.h \
+ polkitsubject.c polkitsubject.h \
+ polkitunixuser.c polkitunixuser.h \
+ polkitunixgroup.c polkitunixgroup.h \
+ polkitunixprocess.c polkitunixprocess.h \
+ polkitsystembusname.c polkitsystembusname.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 6cab9b1..1520fed 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -27,6 +27,11 @@
#include <polkit/polkitactiondescription.h>
#include <polkit/polkitauthority.h>
#include <polkit/polkiterror.h>
+#include <polkit/polkitsubject.h>
+#include <polkit/polkitunixuser.h>
+#include <polkit/polkitunixgroup.h>
+#include <polkit/polkitunixprocess.h>
+#include <polkit/polkitsystembusname.h>
#undef _POLKIT_INSIDE_POLKIT_H
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
new file mode 100644
index 0000000..d950fb1
--- /dev/null
+++ b/src/polkit/polkitsubject.c
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "polkitsubject.h"
+
+static void
+base_init (gpointer g_iface)
+{
+}
+
+GType
+polkit_subject_get_type (void)
+{
+ static GType iface_type = 0;
+
+ if (iface_type == 0)
+ {
+ static const GTypeInfo info =
+ {
+ sizeof (PolkitSubjectIface),
+ base_init, /* base_init */
+ NULL, /* base_finalize */
+ NULL, /* class_init */
+ NULL, /* class_finalize */
+ NULL, /* class_data */
+ 0, /* instance_size */
+ 0, /* n_preallocs */
+ NULL, /* instance_init */
+ NULL /* value_table */
+ };
+
+ iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitSubject", &info, 0);
+
+ g_type_interface_add_prerequisite (iface_type, G_TYPE_OBJECT);
+ }
+
+ return iface_type;
+}
+
+gboolean
+polkit_subject_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ if (!g_type_is_a (G_TYPE_FROM_INSTANCE (a), G_TYPE_FROM_INSTANCE (b)))
+ return FALSE;
+
+ return POLKIT_SUBJECT_GET_IFACE (a)->equal (a, b);
+}
+
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
new file mode 100644
index 0000000..8106b0e
--- /dev/null
+++ b/src/polkit/polkitsubject.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_SUBJECT_H
+#define __POLKIT_SUBJECT_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_SUBJECT (polkit_subject_get_type())
+#define POLKIT_SUBJECT(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_SUBJECT, PolkitSubject))
+#define POLKIT_IS_SUBJECT(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_SUBJECT))
+#define POLKIT_SUBJECT_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_SUBJECT, PolkitSubjectIface))
+
+#if 0
+typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */
+#endif
+typedef struct _PolkitSubjectIface PolkitSubjectIface;
+
+struct _PolkitSubjectIface
+{
+ GTypeInterface parent_iface;
+
+ gboolean (*equal) (PolkitSubject *a,
+ PolkitSubject *b);
+};
+
+GType polkit_subject_get_type (void) G_GNUC_CONST;
+gboolean polkit_subject_equal (PolkitSubject *a,
+ PolkitSubject *b);
+
+G_END_DECLS
+
+#endif /* __POLKIT_SUBJECT_H */
diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
new file mode 100644
index 0000000..4583ccc
--- /dev/null
+++ b/src/polkit/polkitsystembusname.c
@@ -0,0 +1,183 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+#include "polkitsystembusname.h"
+#include "polkitsubject.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitsystembusname
+ * @title: PolkitSystemBusName
+ * @short_description: Unique system bus name
+ *
+ * Encapsulates a process with a unique name on the system bus.
+ */
+
+struct _PolkitSystemBusName
+{
+ GObject parent_instance;
+
+ gchar *name;
+};
+
+struct _PolkitSystemBusNameClass
+{
+ GObjectClass parent_class;
+};
+
+enum
+{
+ PROP_0,
+ PROP_NAME,
+};
+
+static void subject_iface_init (PolkitSubjectIface *subject_iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitSystemBusName, polkit_system_bus_name, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ );
+
+static void
+polkit_system_bus_name_init (PolkitSystemBusName *system_bus_name)
+{
+}
+
+static void
+polkit_system_bus_name_finalize (GObject *object)
+{
+ PolkitSystemBusName *system_bus_name = POLKIT_SYSTEM_BUS_NAME (object);
+
+ g_free (system_bus_name->name);
+}
+
+static void
+polkit_system_bus_name_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitSystemBusName *system_bus_name = POLKIT_SYSTEM_BUS_NAME (object);
+
+ switch (prop_id)
+ {
+ case PROP_NAME:
+ g_value_set_string (value, system_bus_name->name);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_system_bus_name_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitSystemBusName *system_bus_name = POLKIT_SYSTEM_BUS_NAME (object);
+
+ switch (prop_id)
+ {
+ case PROP_NAME:
+ polkit_system_bus_name_set_name (system_bus_name, g_value_get_string (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_system_bus_name_class_init (PolkitSystemBusNameClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->get_property = polkit_system_bus_name_get_property;
+ gobject_class->set_property = polkit_system_bus_name_set_property;
+ gobject_class->finalize = polkit_system_bus_name_finalize;
+
+ /**
+ * PolkitSystemBusName:name:
+ *
+ * The unique name on the system message bus.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_NAME,
+ g_param_spec_string ("name",
+ "Name",
+ "The unique name on the system message bus",
+ NULL,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_BLURB |
+ G_PARAM_STATIC_NICK));
+
+}
+
+const gchar *
+polkit_system_bus_name_get_name (PolkitSystemBusName *system_bus_name)
+{
+ return system_bus_name->name;
+}
+
+void
+polkit_system_bus_name_set_name (PolkitSystemBusName *system_bus_name,
+ const gchar *name)
+{
+ g_free (system_bus_name->name);
+ system_bus_name->name = g_strdup (name);
+}
+
+PolkitSubject *
+polkit_system_bus_name_new (const gchar *name)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_SYSTEM_BUS_NAME,
+ "name", name,
+ NULL));
+}
+
+static gboolean
+polkit_system_bus_name_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ PolkitSystemBusName *name_a;
+ PolkitSystemBusName *name_b;
+
+ name_a = POLKIT_SYSTEM_BUS_NAME (a);
+ name_b = POLKIT_SYSTEM_BUS_NAME (b);
+
+ return strcmp (name_a->name, name_b->name) == 0;
+}
+
+static void
+subject_iface_init (PolkitSubjectIface *subject_iface)
+{
+ subject_iface->equal = polkit_system_bus_name_equal;
+}
diff --git a/src/polkit/polkitsystembusname.h b/src/polkit/polkitsystembusname.h
new file mode 100644
index 0000000..7894a1e
--- /dev/null
+++ b/src/polkit/polkitsystembusname.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_SYSTEM_BUS_NAME_H
+#define __POLKIT_SYSTEM_BUS_NAME_H
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_SYSTEM_BUS_NAME (polkit_system_bus_name_get_type())
+#define POLKIT_SYSTEM_BUS_NAME(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_SYSTEM_BUS_NAME, PolkitSystemBusName))
+#define POLKIT_SYSTEM_BUS_NAME_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_SYSTEM_BUS_NAME, PolkitSystemBusNameClass))
+#define POLKIT_SYSTEM_BUS_NAME_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_SYSTEM_BUS_NAME, PolkitSystemBusNameClass))
+#define POLKIT_IS_SYSTEM_BUS_NAME(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_SYSTEM_BUS_NAME))
+#define POLKIT_IS_SYSTEM_BUS_NAME_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_SYSTEM_BUS_NAME))
+
+#if 0
+typedef struct _PolkitSystemBusName PolkitSystemBusName;
+#endif
+typedef struct _PolkitSystemBusNameClass PolkitSystemBusNameClass;
+
+GType polkit_system_bus_name_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_system_bus_name_new (const gchar *name);
+const gchar *polkit_system_bus_name_get_name (PolkitSystemBusName *system_bus_name);
+void polkit_system_bus_name_set_name (PolkitSystemBusName *system_bus_name,
+ const gchar *name);
+
+G_END_DECLS
+
+#endif /* __POLKIT_SYSTEM_BUS_NAME_H */
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
index 9d1dab8..8e0c3f5 100644
--- a/src/polkit/polkittypes.h
+++ b/src/polkit/polkittypes.h
@@ -30,5 +30,19 @@ typedef struct _PolkitAuthority PolkitAuthority;
struct _PolkitActionDescription;
typedef struct _PolkitActionDescription PolkitActionDescription;
+typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */
+
+struct _PolkitUnixUser;
+typedef struct _PolkitUnixUser PolkitUnixUser;
+
+struct _PolkitUnixGroup;
+typedef struct _PolkitUnixGroup PolkitUnixGroup;
+
+struct _PolkitUnixProcess;
+typedef struct _PolkitUnixProcess PolkitUnixProcess;
+
+struct _PolkitSystemBusName;
+typedef struct _PolkitSystemBusName PolkitSystemBusName;
+
#endif /* __POLKIT_TYPES_H */
diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c
new file mode 100644
index 0000000..d70da5f
--- /dev/null
+++ b/src/polkit/polkitunixgroup.c
@@ -0,0 +1,175 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+#include "polkitunixgroup.h"
+#include "polkitsubject.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitunixgroup
+ * @title: PolkitUnixGroup
+ * @short_description: Unix groups
+ *
+ * Encapsulates a UNIX group.
+ */
+
+struct _PolkitUnixGroup
+{
+ GObject parent_instance;
+
+ gid_t gid;
+};
+
+struct _PolkitUnixGroupClass
+{
+ GObjectClass parent_class;
+};
+
+enum
+{
+ PROP_0,
+ PROP_GID,
+};
+
+static void subject_iface_init (PolkitSubjectIface *subject_iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitUnixGroup, polkit_unix_group, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ );
+
+static void
+polkit_unix_group_init (PolkitUnixGroup *unix_group)
+{
+}
+
+static void
+polkit_unix_group_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixGroup *unix_group = POLKIT_UNIX_GROUP (object);
+
+ switch (prop_id)
+ {
+ case PROP_GID:
+ g_value_set_uint (value, unix_group->gid);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_group_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixGroup *unix_group = POLKIT_UNIX_GROUP (object);
+
+ switch (prop_id)
+ {
+ case PROP_GID:
+ unix_group->gid = g_value_get_uint (value);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_group_class_init (PolkitUnixGroupClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->get_property = polkit_unix_group_get_property;
+ gobject_class->set_property = polkit_unix_group_set_property;
+
+ /**
+ * PolkitUnixGroup:gid:
+ *
+ * The UNIX group id.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_GID,
+ g_param_spec_uint ("gid",
+ "Group ID",
+ "The UNIX group ID",
+ 0,
+ G_MAXUINT,
+ 0,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_BLURB |
+ G_PARAM_STATIC_NICK));
+
+}
+
+gid_t
+polkit_unix_group_get_gid (PolkitUnixGroup *group)
+{
+ return group->gid;
+}
+
+void
+polkit_unix_group_set_gid (PolkitUnixGroup *group,
+ gid_t gid)
+{
+ group->gid = gid;
+}
+
+PolkitSubject *
+polkit_unix_group_new (gid_t gid)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_GROUP,
+ "gid", gid,
+ NULL));
+}
+
+static gboolean
+polkit_unix_group_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ PolkitUnixGroup *group_a;
+ PolkitUnixGroup *group_b;
+
+ group_a = POLKIT_UNIX_GROUP (a);
+ group_b = POLKIT_UNIX_GROUP (b);
+
+ return group_a->gid == group_b->gid;
+}
+
+static void
+subject_iface_init (PolkitSubjectIface *subject_iface)
+{
+ subject_iface->equal = polkit_unix_group_equal;
+}
diff --git a/src/polkit/polkitunixgroup.h b/src/polkit/polkitunixgroup.h
new file mode 100644
index 0000000..34c6fcf
--- /dev/null
+++ b/src/polkit/polkitunixgroup.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_UNIX_GROUP_H
+#define __POLKIT_UNIX_GROUP_H
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_UNIX_GROUP (polkit_unix_group_get_type())
+#define POLKIT_UNIX_GROUP(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_UNIX_GROUP, PolkitUnixGroup))
+#define POLKIT_UNIX_GROUP_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_UNIX_GROUP, PolkitUnixGroupClass))
+#define POLKIT_UNIX_GROUP_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_UNIX_GROUP, PolkitUnixGroupClass))
+#define POLKIT_IS_UNIX_GROUP(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_UNIX_GROUP))
+#define POLKIT_IS_UNIX_GROUP_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_UNIX_GROUP))
+
+#if 0
+typedef struct _PolkitUnixGroup PolkitUnixGroup;
+#endif
+typedef struct _PolkitUnixGroupClass PolkitUnixGroupClass;
+
+GType polkit_unix_group_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_unix_group_new (gid_t gid);
+gid_t polkit_unix_group_get_gid (PolkitUnixGroup *group);
+void polkit_unix_group_set_gid (PolkitUnixGroup *group,
+ gid_t gid);
+
+G_END_DECLS
+
+#endif /* __POLKIT_UNIX_GROUP_H */
diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
new file mode 100644
index 0000000..4991a75
--- /dev/null
+++ b/src/polkit/polkitunixprocess.c
@@ -0,0 +1,358 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+#include "polkitunixprocess.h"
+#include "polkitsubject.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitunixprocess
+ * @title: PolkitUnixProcess
+ * @short_description: Unix processs
+ *
+ * Encapsulates a UNIX process.
+ */
+
+struct _PolkitUnixProcess
+{
+ GObject parent_instance;
+
+ pid_t pid;
+ guint64 start_time;
+};
+
+struct _PolkitUnixProcessClass
+{
+ GObjectClass parent_class;
+};
+
+enum
+{
+ PROP_0,
+ PROP_PID,
+ PROP_START_TIME,
+};
+
+static void subject_iface_init (PolkitSubjectIface *subject_iface);
+
+static guint64 get_start_time_for_pid (pid_t pid);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_unix_process, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ );
+
+static void
+polkit_unix_process_init (PolkitUnixProcess *unix_process)
+{
+}
+
+static void
+polkit_unix_process_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixProcess *unix_process = POLKIT_UNIX_PROCESS (object);
+
+ switch (prop_id)
+ {
+ case PROP_PID:
+ g_value_set_uint (value, unix_process->pid);
+ break;
+
+ case PROP_START_TIME:
+ g_value_set_uint64 (value, unix_process->start_time);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_process_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixProcess *unix_process = POLKIT_UNIX_PROCESS (object);
+
+ switch (prop_id)
+ {
+ case PROP_PID:
+ polkit_unix_process_set_pid (unix_process, g_value_get_uint (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->get_property = polkit_unix_process_get_property;
+ gobject_class->set_property = polkit_unix_process_set_property;
+
+ /**
+ * PolkitUnixProcess:pid:
+ *
+ * The UNIX process id.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_PID,
+ g_param_spec_uint ("pid",
+ "Process ID",
+ "The UNIX process ID",
+ 0,
+ G_MAXUINT,
+ 0,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_BLURB |
+ G_PARAM_STATIC_NICK));
+
+ /**
+ * PolkitUnixProcess:start-time:
+ *
+ * The start time of the process.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_START_TIME,
+ g_param_spec_uint64 ("start-time",
+ "Start Time",
+ "The start time of the process, since the machine booted",
+ 0,
+ G_MAXUINT64,
+ 0,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_BLURB |
+ G_PARAM_STATIC_NICK));
+
+}
+
+pid_t
+polkit_unix_process_get_pid (PolkitUnixProcess *process)
+{
+ return process->pid;
+}
+
+guint64
+polkit_unix_process_get_start_time (PolkitUnixProcess *process)
+{
+ return process->start_time;
+}
+
+void
+polkit_unix_process_set_pid (PolkitUnixProcess *process,
+ pid_t pid)
+{
+ process->pid = pid;
+ process->start_time = get_start_time_for_pid (pid);
+}
+
+PolkitSubject *
+polkit_unix_process_new (pid_t pid)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS,
+ "pid", pid,
+ NULL));
+}
+
+static gboolean
+polkit_unix_process_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ PolkitUnixProcess *process_a;
+ PolkitUnixProcess *process_b;
+
+ process_a = POLKIT_UNIX_PROCESS (a);
+ process_b = POLKIT_UNIX_PROCESS (b);
+
+ return
+ (process_a->pid == process_b->pid) &&
+ (process_a->start_time == process_b->start_time);
+}
+
+static void
+subject_iface_init (PolkitSubjectIface *subject_iface)
+{
+ subject_iface->equal = polkit_unix_process_equal;
+}
+
+#ifdef HAVE_SOLARIS
+static int
+get_pid_psinfo (pid_t pid, struct psinfo *ps)
+{
+ char pname[32];
+ int procfd;
+
+ (void) snprintf(pname, sizeof(pname), "/proc/%d/psinfo", pid);
+ if ((procfd = open(pname, O_RDONLY)) == -1)
+ {
+ return -1;
+ }
+ if (read(procfd, ps, sizeof(struct psinfo)) < 0)
+ {
+ (void) close(procfd);
+ return -1;
+ }
+ (void) close(procfd);
+ return 0;
+}
+#endif
+
+static guint64
+get_start_time_for_pid (pid_t pid)
+{
+ gchar *filename;
+ gchar *contents;
+ size_t length;
+ guint64 start_time;
+ GError *error;
+#ifdef HAVE_SOLARIS
+ struct psinfo info;
+#else
+ gchar **tokens;
+ guint num_tokens;
+ gchar *p;
+ gchar *endp;
+#endif
+
+ start_time = 0;
+ contents = NULL;
+
+#ifdef HAVE_SOLARIS
+ if (polkit_sysdeps_pid_psinfo (pid, &info))
+ {
+ goto out;
+ }
+ start_time = (unsigned long long) (info.pr_start.tv_sec);
+#else
+#ifdef __FreeBSD__
+ filename = g_strdup_printf ("/proc/%d/status", pid);
+#else
+ filename = g_strdup_printf ("/proc/%d/stat", pid);
+#endif
+
+ error = NULL;
+ if (!g_file_get_contents (filename, &contents, &length, &error))
+ {
+ g_warning ("Cannot get contents of '%s': %s\n", filename, error->message);
+ goto out;
+ }
+
+#ifdef __FreeBSD__
+ tokens = kit_strsplit (contents, " ", &num_tokens);
+ if (tokens == NULL)
+ goto out;
+
+ if (num_tokens < 8)
+ {
+ g_strfreev (tokens);
+ goto out;
+ }
+
+ p = g_strdup (tokens[7]);
+ g_strfreev (tokens);
+
+ tokens = g_strsplit (p, ",", 0);
+ g_free (p);
+
+ if (tokens == NULL)
+ goto out;
+
+ num_tokens = g_strv_length (tokens);
+
+ if (num_tokens >= 1)
+ {
+ start_time = strtoll (tokens[0], &endp, 10);
+ if (endp == tokens[0])
+ {
+ g_strfreev (tokens);
+ goto out;
+ }
+ }
+ else
+ {
+ g_strfreev (tokens);
+ goto out;
+ }
+
+ g_strfreev (tokens);
+
+#else
+
+ /* start time is the 19th token after the '(process name)' entry */
+ p = strchr (contents, ')');
+ if (p == NULL)
+ {
+ goto out;
+ }
+ p += 2; /* skip ') ' */
+ if (p - contents >= (int) length)
+ {
+ goto out;
+ }
+
+ tokens = g_strsplit (p, " ", 0);
+
+ if (tokens == NULL)
+ goto out;
+
+ num_tokens = g_strv_length (tokens);
+
+ if (num_tokens < 20)
+ goto out;
+
+ start_time = strtoll (tokens[19], &endp, 10);
+ if (endp == tokens[19])
+ goto out;
+
+ g_strfreev (tokens);
+#endif
+#endif
+
+ out:
+#ifndef HAVE_SOLARIS
+ g_free (filename);
+ g_free (contents);
+#endif
+
+ if (start_time == 0)
+ {
+ g_warning ("Cannot lookup start-time for pid %d", pid);
+ }
+
+ return start_time;
+}
diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h
new file mode 100644
index 0000000..74102b2
--- /dev/null
+++ b/src/polkit/polkitunixprocess.h
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_UNIX_PROCESS_H
+#define __POLKIT_UNIX_PROCESS_H
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_UNIX_PROCESS (polkit_unix_process_get_type())
+#define POLKIT_UNIX_PROCESS(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_UNIX_PROCESS, PolkitUnixProcess))
+#define POLKIT_UNIX_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_UNIX_PROCESS, PolkitUnixProcessClass))
+#define POLKIT_UNIX_PROCESS_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_UNIX_PROCESS, PolkitUnixProcessClass))
+#define POLKIT_IS_UNIX_PROCESS(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_UNIX_PROCESS))
+#define POLKIT_IS_UNIX_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_UNIX_PROCESS))
+
+#if 0
+typedef struct _PolkitUnixProcess PolkitUnixProcess;
+#endif
+typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass;
+
+GType polkit_unix_process_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_unix_process_new (pid_t pid);
+
+pid_t polkit_unix_process_get_pid (PolkitUnixProcess *process);
+guint64 polkit_unix_process_get_start_time (PolkitUnixProcess *process);
+
+void polkit_unix_process_set_pid (PolkitUnixProcess *process,
+ pid_t pid);
+
+G_END_DECLS
+
+#endif /* __POLKIT_UNIX_PROCESS_H */
diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c
new file mode 100644
index 0000000..07801f7
--- /dev/null
+++ b/src/polkit/polkitunixuser.c
@@ -0,0 +1,175 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <string.h>
+#include "polkitunixuser.h"
+#include "polkitsubject.h"
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitunixuser
+ * @title: PolkitUnixUser
+ * @short_description: Unix users
+ *
+ * Encapsulates a UNIX user.
+ */
+
+struct _PolkitUnixUser
+{
+ GObject parent_instance;
+
+ uid_t uid;
+};
+
+struct _PolkitUnixUserClass
+{
+ GObjectClass parent_class;
+};
+
+enum
+{
+ PROP_0,
+ PROP_UID,
+};
+
+static void subject_iface_init (PolkitSubjectIface *subject_iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
+ );
+
+static void
+polkit_unix_user_init (PolkitUnixUser *unix_user)
+{
+}
+
+static void
+polkit_unix_user_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixUser *unix_user = POLKIT_UNIX_USER (object);
+
+ switch (prop_id)
+ {
+ case PROP_UID:
+ g_value_set_uint (value, unix_user->uid);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_user_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUnixUser *unix_user = POLKIT_UNIX_USER (object);
+
+ switch (prop_id)
+ {
+ case PROP_UID:
+ unix_user->uid = g_value_get_uint (value);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_unix_user_class_init (PolkitUnixUserClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->get_property = polkit_unix_user_get_property;
+ gobject_class->set_property = polkit_unix_user_set_property;
+
+ /**
+ * PolkitUnixUser:uid:
+ *
+ * The UNIX user id.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_UID,
+ g_param_spec_uint ("uid",
+ "User ID",
+ "The UNIX user ID",
+ 0,
+ G_MAXUINT,
+ 0,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_BLURB |
+ G_PARAM_STATIC_NICK));
+
+}
+
+uid_t
+polkit_unix_user_get_uid (PolkitUnixUser *user)
+{
+ return user->uid;
+}
+
+void
+polkit_unix_user_set_uid (PolkitUnixUser *user,
+ uid_t uid)
+{
+ user->uid = uid;
+}
+
+PolkitSubject *
+polkit_unix_user_new (uid_t uid)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_USER,
+ "uid", uid,
+ NULL));
+}
+
+static gboolean
+polkit_unix_user_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ PolkitUnixUser *user_a;
+ PolkitUnixUser *user_b;
+
+ user_a = POLKIT_UNIX_USER (a);
+ user_b = POLKIT_UNIX_USER (b);
+
+ return user_a->uid == user_b->uid;
+}
+
+static void
+subject_iface_init (PolkitSubjectIface *subject_iface)
+{
+ subject_iface->equal = polkit_unix_user_equal;
+}
diff --git a/src/polkit/polkitunixuser.h b/src/polkit/polkitunixuser.h
new file mode 100644
index 0000000..c6a1233
--- /dev/null
+++ b/src/polkit/polkitunixuser.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_UNIX_USER_H
+#define __POLKIT_UNIX_USER_H
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_UNIX_USER (polkit_unix_user_get_type())
+#define POLKIT_UNIX_USER(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_UNIX_USER, PolkitUnixUser))
+#define POLKIT_UNIX_USER_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_UNIX_USER, PolkitUnixUserClass))
+#define POLKIT_UNIX_USER_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_UNIX_USER, PolkitUnixUserClass))
+#define POLKIT_IS_UNIX_USER(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_UNIX_USER))
+#define POLKIT_IS_UNIX_USER_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_UNIX_USER))
+
+#if 0
+typedef struct _PolkitUnixUser PolkitUnixUser;
+#endif
+typedef struct _PolkitUnixUserClass PolkitUnixUserClass;
+
+GType polkit_unix_user_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_unix_user_new (uid_t uid);
+uid_t polkit_unix_user_get_uid (PolkitUnixUser *user);
+void polkit_unix_user_set_uid (PolkitUnixUser *user,
+ uid_t uid);
+
+G_END_DECLS
+
+#endif /* __POLKIT_UNIX_USER_H */
commit 5dc27c3c43b0ebbfc9889be0f40c8443ec5a75d3
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 16:41:21 2009 -0500
return NULL for GIcon if there is no icon
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index d501c0b..827458c 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -23,6 +23,7 @@
# include "config.h"
#endif
+#include <string.h>
#include "polkitactiondescription.h"
#include "_polkitactiondescription.h"
@@ -139,7 +140,7 @@ polkit_action_description_get_icon (PolkitActionDescription *action_description)
goto out;
icon_name = _polkit_action_description_get_icon_name (action_description->real);
- if (icon_name == NULL)
+ if (icon_name == NULL || strlen (icon_name) == 0)
goto out;
error = NULL;
commit 7f15aecf436191a210156a70ef97767f8bcb81cd
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 16:39:58 2009 -0500
add --version option
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 11df563..f281e73 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -19,6 +19,10 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
#include <string.h>
#include <polkit/polkit.h>
@@ -26,10 +30,12 @@ static PolkitAuthority *authority;
static gboolean opt_list_actions = FALSE;
static gchar *opt_show_action = NULL;
+static gboolean opt_show_version = FALSE;
static GOptionEntry option_entries[] = {
- {"list-actions", 'l', 0, G_OPTION_ARG_NONE, &opt_list_actions, "List registered actions", NULL },
- {"show-action", 's', 0, G_OPTION_ARG_STRING, &opt_show_action, "Show details for an action", "Action ID" },
+ {"list-actions", 'l', 0, G_OPTION_ARG_NONE, &opt_list_actions, "List registered actions", NULL},
+ {"show-action", 's', 0, G_OPTION_ARG_STRING, &opt_show_action, "Show details for an action", "action_id"},
+ {"version", 'V', 0, G_OPTION_ARG_NONE, &opt_show_version, "Show version", NULL},
{NULL, },
};
@@ -69,6 +75,11 @@ main (int argc, char *argv[])
{
ret = show_action (opt_show_action);
}
+ else if (opt_show_version)
+ {
+ g_print ("polkit-1 %s\n", PACKAGE_VERSION);
+ ret = TRUE;
+ }
else
{
gchar *s;
commit 9e30ba0150f5a63bff7db530ca366199824d0c36
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 16:35:00 2009 -0500
bring back annotations
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index 05d2e47..d501c0b 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -41,6 +41,10 @@ struct _PolkitActionDescription
GObject parent_instance;
_PolkitActionDescription *real;
+
+ gchar **annotation_keys;
+
+ GIcon *icon;
};
struct _PolkitActionDescriptionClass
@@ -63,6 +67,11 @@ polkit_action_description_finalize (GObject *object)
action_description = POLKIT_ACTION_DESCRIPTION (object);
g_object_unref (action_description->real);
+
+ g_strfreev (action_description->annotation_keys);
+
+ if (action_description->icon != NULL)
+ g_object_unref (action_description->icon);
}
static void
@@ -124,18 +133,72 @@ GIcon *
polkit_action_description_get_icon (PolkitActionDescription *action_description)
{
const gchar *icon_name;
- GIcon *icon;
GError *error;
+ if (action_description->icon != NULL)
+ goto out;
+
icon_name = _polkit_action_description_get_icon_name (action_description->real);
+ if (icon_name == NULL)
+ goto out;
error = NULL;
- icon = g_icon_new_for_string (icon_name, &error);
- if (icon_name == NULL)
+ action_description->icon = g_icon_new_for_string (icon_name, &error);
+ if (action_description->icon == NULL)
{
g_warning ("polkit_action_description_get_icon: %s", error->message);
g_error_free (error);
}
- return icon;
+ out:
+ return action_description->icon;
+}
+
+const gchar *
+polkit_action_description_get_annotation (PolkitActionDescription *action_description,
+ const gchar *key)
+{
+ EggDBusHashMap *annotations;
+
+ annotations = _polkit_action_description_get_annotations (action_description->real);
+
+ return egg_dbus_hash_map_lookup (annotations, key);
}
+
+static gboolean
+collect_keys (EggDBusHashMap *hash_map,
+ gpointer key,
+ gpointer value,
+ gpointer user_data)
+{
+ GPtrArray *p = user_data;
+
+ g_ptr_array_add (p, g_strdup (key));
+
+ return FALSE;
+}
+
+
+const gchar * const *
+polkit_action_description_get_annotation_keys (PolkitActionDescription *action_description)
+{
+ EggDBusHashMap *annotations;
+ GPtrArray *p;
+
+ if (action_description->annotation_keys != NULL)
+ goto out;
+
+ annotations = _polkit_action_description_get_annotations (action_description->real);
+
+ p = g_ptr_array_new ();
+
+ egg_dbus_hash_map_foreach (annotations, collect_keys, p);
+
+ g_ptr_array_add (p, NULL);
+
+ action_description->annotation_keys = (gchar **) g_ptr_array_free (p, FALSE);
+
+ out:
+ return (const gchar * const *) action_description->annotation_keys;
+}
+
diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h
index cc4d2b4..60f1b3d 100644
--- a/src/polkit/polkitactiondescription.h
+++ b/src/polkit/polkitactiondescription.h
@@ -40,13 +40,16 @@ typedef struct _PolkitActionDescription PolkitActionDescription;
#endif
typedef struct _PolkitActionDescriptionClass PolkitActionDescriptionClass;
-GType polkit_action_description_get_type (void) G_GNUC_CONST;
-const gchar *polkit_action_description_get_action_id (PolkitActionDescription *action_description);
-const gchar *polkit_action_description_get_description (PolkitActionDescription *action_description);
-const gchar *polkit_action_description_get_message (PolkitActionDescription *action_description);
-const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
-const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
-GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description);
+GType polkit_action_description_get_type (void) G_GNUC_CONST;
+const gchar *polkit_action_description_get_action_id (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_description (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_message (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
+GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_annotation (PolkitActionDescription *action_description,
+ const gchar *key);
+const gchar * const *polkit_action_description_get_annotation_keys (PolkitActionDescription *action_description);
G_END_DECLS
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 1b6cb9d..eda9360 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -44,11 +44,10 @@ GType polkit_authority_get_type (void) G_GNUC_CONST;
PolkitAuthority *polkit_authority_get (void);
-GList *polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
- const gchar *locale,
- GCancellable *cancellable,
- GError **error);
-
+GList *polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GError **error);
G_END_DECLS
#endif /* __POLKIT_AUTHORITY_H */
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
index 7b53497..11df563 100644
--- a/src/programs/polkit.c
+++ b/src/programs/polkit.c
@@ -19,19 +19,24 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
+#include <string.h>
#include <polkit/polkit.h>
static PolkitAuthority *authority;
static gboolean opt_list_actions = FALSE;
+static gchar *opt_show_action = NULL;
static GOptionEntry option_entries[] = {
{"list-actions", 'l', 0, G_OPTION_ARG_NONE, &opt_list_actions, "List registered actions", NULL },
+ {"show-action", 's', 0, G_OPTION_ARG_STRING, &opt_show_action, "Show details for an action", "Action ID" },
{NULL, },
};
static gboolean list_actions (void);
+static gboolean show_action (const gchar *action_id);
+
int
main (int argc, char *argv[])
{
@@ -60,6 +65,10 @@ main (int argc, char *argv[])
{
ret = list_actions ();
}
+ else if (opt_show_action != NULL)
+ {
+ ret = show_action (opt_show_action);
+ }
else
{
gchar *s;
@@ -77,9 +86,104 @@ main (int argc, char *argv[])
g_option_context_free (option_ctx);
out:
+ g_free (opt_show_action);
+
return ret ? 0 : 1;
}
+static void
+print_action (PolkitActionDescription *action)
+{
+ const gchar *vendor;
+ const gchar *vendor_url;
+ GIcon *icon;
+ const gchar * const *annotation_keys;
+ guint n;
+
+ vendor = polkit_action_description_get_vendor_name (action);
+ vendor_url = polkit_action_description_get_vendor_url (action);
+ icon = polkit_action_description_get_icon (action);
+
+ g_print ("action_id: %s\n", polkit_action_description_get_action_id (action));
+ g_print ("description: %s\n", polkit_action_description_get_description (action));
+ g_print ("message: %s\n", polkit_action_description_get_message (action));
+ if (vendor != NULL)
+ g_print ("vendor: %s\n", vendor);
+ if (vendor_url != NULL)
+ g_print ("vendor_url: %s\n", vendor_url);
+
+ if (icon != NULL)
+ {
+ gchar *s;
+ s = g_icon_to_string (icon);
+ g_print ("icon: %s\n", s);
+ g_free (s);
+ }
+
+ annotation_keys = polkit_action_description_get_annotation_keys (action);
+ for (n = 0; annotation_keys[n] != NULL; n++)
+ {
+ const gchar *key;
+ const gchar *value;
+
+ key = annotation_keys[n];
+ value = polkit_action_description_get_annotation (action, key);
+ g_print ("annotation: %s -> %s\n", key, value);
+ }
+}
+
+static gboolean
+show_action (const gchar *action_id)
+{
+ gboolean ret;
+ GError *error;
+ GList *actions;
+ GList *l;
+
+ ret = FALSE;
+
+ error = NULL;
+ actions = polkit_authority_enumerate_actions_sync (authority,
+ NULL,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating actions: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (l = actions; l != NULL; l = l->next)
+ {
+ PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
+ const gchar *id;
+
+ id = polkit_action_description_get_action_id (action);
+
+ if (strcmp (id, action_id) == 0)
+ {
+ print_action (action);
+ break;
+ }
+ }
+
+ g_list_foreach (actions, (GFunc) g_object_unref, NULL);
+ g_list_free (actions);
+
+ if (l != NULL)
+ {
+ ret = TRUE;
+ }
+ else
+ {
+ g_printerr ("Error: No action with action id %s\n", action_id);
+ }
+
+ out:
+ return ret;
+}
+
static gboolean
list_actions (void)
{
commit 82714f2713afd6d8351645e1f79e5c67ace68744
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 14:14:12 2009 -0500
slightly rework commandline tool
diff --git a/src/programs/Makefile.am b/src/programs/Makefile.am
index b6a83cb..30aae64 100644
--- a/src/programs/Makefile.am
+++ b/src/programs/Makefile.am
@@ -15,18 +15,16 @@ INCLUDES = \
-D_REENTRANT \
$(NULL)
-bin_PROGRAMS = polkit-verify-claim-1
+bin_PROGRAMS = polkit-1
-polkit_verify_claim_1_SOURCES = polkit-verify-claim.c
+polkit_1_SOURCES = polkit.c
-polkit_verify_claim_1_CFLAGS = \
+polkit_1_CFLAGS = \
$(GLIB_CFLAGS) \
- $(EGG_DBUS_CFLAGS) \
$(NULL)
-polkit_verify_claim_1_LDADD = \
+polkit_1_LDADD = \
$(GLIB_LDADD) \
- $(EGG_DBUS_LDADD) \
$(top_builddir)/src/polkit/libpolkit-gobject-1.la \
$(NULL)
diff --git a/src/programs/polkit-verify-claim.c b/src/programs/polkit-verify-claim.c
deleted file mode 100644
index fb22b6a..0000000
--- a/src/programs/polkit-verify-claim.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include <polkit/polkit.h>
-
-static PolkitAuthority *authority;
-
-static void
-list_actions (void)
-{
- GError *error;
- GList *actions;
- GList *l;
-
- error = NULL;
- actions = polkit_authority_enumerate_actions_sync (authority,
- "",
- NULL,
- &error);
- if (error != NULL)
- {
- g_printerr ("Error enumerating actions: %s\n", error->message);
- g_error_free (error);
- goto out;
- }
-
- for (l = actions; l != NULL; l = l->next)
- {
- PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
-
- g_print ("%s\n", polkit_action_description_get_action_id (action));
- }
-
- g_list_foreach (actions, (GFunc) g_object_unref, NULL);
- g_list_free (actions);
-
- out:
- ;
-}
-
-int
-main (int argc, char *argv[])
-{
- g_type_init ();
-
- authority = polkit_authority_get ();
-
- list_actions ();
-
- g_object_unref (authority);
-
- return 0;
-}
-
-
-#if 0
- PolkitSubject *subject1;
- PolkitSubject *subject2;
- PolkitSubject *subject3;
-
- subject1 = polkit_user_new ("moe");
- subject2 = polkit_user_new ("bernie");
- subject3 = polkit_process_new (42);
-
- GList *claims;
- claims = NULL;
- claims = g_list_prepend (claims, polkit_authorization_claim_new (subject1, "org.foo.1"));
- claims = g_list_prepend (claims, polkit_authorization_claim_new (subject2, "org.foo.2"));
- claims = g_list_prepend (claims, polkit_authorization_claim_new (subject3, "org.foo.3"));
-
- PolkitAuthorizationClaim *claim;
- claim = polkit_authorization_claim_new (subject3, "org.foo.4");
- polkit_authorization_claim_set_attribute (claim, "foo", "bar");
- polkit_authorization_claim_set_attribute (claim, "unix-device", "/dev/sda");
- claims = g_list_prepend (claims, claim);
-
-
- error = NULL;
- result = polkit_authority_check_claims_sync (authority,
- claims,
- NULL,
- &error);
- if (error != NULL) {
- g_print ("Got error: %s\n", error->message);
- g_error_free (error);
- } else {
- g_print ("Got result: %d\n", result);
- }
-
-#endif
diff --git a/src/programs/polkit.c b/src/programs/polkit.c
new file mode 100644
index 0000000..7b53497
--- /dev/null
+++ b/src/programs/polkit.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include <polkit/polkit.h>
+
+static PolkitAuthority *authority;
+
+static gboolean opt_list_actions = FALSE;
+
+static GOptionEntry option_entries[] = {
+ {"list-actions", 'l', 0, G_OPTION_ARG_NONE, &opt_list_actions, "List registered actions", NULL },
+ {NULL, },
+};
+
+static gboolean list_actions (void);
+
+int
+main (int argc, char *argv[])
+{
+ gboolean ret;
+ GError *error;
+ GOptionContext *option_ctx;
+
+ ret = FALSE;
+
+ g_type_init ();
+
+ option_ctx = g_option_context_new ("polkit-1");
+ g_option_context_add_main_entries (option_ctx, option_entries, NULL);
+ g_option_context_set_summary (option_ctx, "PolicyKit commandline tool");
+ error = NULL;
+ if (!g_option_context_parse (option_ctx, &argc, &argv, &error))
+ {
+ g_printerr ("Error parsing options: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ authority = polkit_authority_get ();
+
+ if (opt_list_actions)
+ {
+ ret = list_actions ();
+ }
+ else
+ {
+ gchar *s;
+
+ /* print usage */
+ s = g_option_context_get_help (option_ctx, TRUE, NULL);
+ g_print ("%s", s);
+ g_free (s);
+ ret = 0;
+ goto out;
+ }
+
+ g_object_unref (authority);
+
+ g_option_context_free (option_ctx);
+
+ out:
+ return ret ? 0 : 1;
+}
+
+static gboolean
+list_actions (void)
+{
+ gboolean ret;
+ GError *error;
+ GList *actions;
+ GList *l;
+
+ ret = FALSE;
+
+ error = NULL;
+ actions = polkit_authority_enumerate_actions_sync (authority,
+ NULL,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating actions: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (l = actions; l != NULL; l = l->next)
+ {
+ PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
+
+ g_print ("%s\n", polkit_action_description_get_action_id (action));
+ }
+
+ g_list_foreach (actions, (GFunc) g_object_unref, NULL);
+ g_list_free (actions);
+
+ ret = TRUE;
+
+ out:
+ return ret;
+}
+
+
+#if 0
+ PolkitSubject *subject1;
+ PolkitSubject *subject2;
+ PolkitSubject *subject3;
+
+ subject1 = polkit_user_new ("moe");
+ subject2 = polkit_user_new ("bernie");
+ subject3 = polkit_process_new (42);
+
+ GList *claims;
+ claims = NULL;
+ claims = g_list_prepend (claims, polkit_authorization_claim_new (subject1, "org.foo.1"));
+ claims = g_list_prepend (claims, polkit_authorization_claim_new (subject2, "org.foo.2"));
+ claims = g_list_prepend (claims, polkit_authorization_claim_new (subject3, "org.foo.3"));
+
+ PolkitAuthorizationClaim *claim;
+ claim = polkit_authorization_claim_new (subject3, "org.foo.4");
+ polkit_authorization_claim_set_attribute (claim, "foo", "bar");
+ polkit_authorization_claim_set_attribute (claim, "unix-device", "/dev/sda");
+ claims = g_list_prepend (claims, claim);
+
+
+ error = NULL;
+ result = polkit_authority_check_claims_sync (authority,
+ claims,
+ NULL,
+ &error);
+ if (error != NULL) {
+ g_print ("Got error: %s\n", error->message);
+ g_error_free (error);
+ } else {
+ g_print ("Got result: %d\n", result);
+ }
+
+#endif
commit a0a9e6e1ac9b704655d5b7d98bb3f6caaad8ec84
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 13:42:42 2009 -0500
forgot to add polkitprivate.h
diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h
new file mode 100644
index 0000000..b4137f3
--- /dev/null
+++ b/src/polkit/polkitprivate.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_PRIVATE_H
+#define __POLKIT_PRIVATE_H
+
+#include "polkitactiondescription.h"
+#include "_polkitbindings.h"
+
+PolkitActionDescription *polkit_action_description_new_for_real (_PolkitActionDescription *real);
+_PolkitActionDescription *polkit_action_description_get_real (PolkitActionDescription *action_description);
+
+#endif /* __POLKIT_PRIVATE_H */
commit f7c2ca27f22cc02f5385a27ba6efa18ac6545758
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 13:42:16 2009 -0500
forgot to add polkittypes.h
diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h
new file mode 100644
index 0000000..9d1dab8
--- /dev/null
+++ b/src/polkit/polkittypes.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_TYPES_H
+#define __POLKIT_TYPES_H
+
+#include <glib-object.h>
+
+struct _PolkitAuthority;
+typedef struct _PolkitAuthority PolkitAuthority;
+
+struct _PolkitActionDescription;
+typedef struct _PolkitActionDescription PolkitActionDescription;
+
+
+#endif /* __POLKIT_TYPES_H */
commit 2645459721dabd3aed5ce7899abfce5772eb3b89
Author: David Zeuthen <davidz at redhat.com>
Date: Tue Jan 6 13:35:24 2009 -0500
update to latest EggDBus and rework how things are done
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 85826d9..90f405d 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -2,41 +2,63 @@
"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
<node>
- <!-- User defined struct for Subjects -->
+ <!-- Subject struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="Subject">
- <annotation name="org.gtk.EggDBus.Struct.Signature" value="(sa{sv})"/>
- <!-- element 0: string: the subject type; known values: "unix-user", "unix-group", "unix-process" -->
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:subject_kind">
+ <annotation name="org.gtk.EggDBus.DocString" value="Kind of subject"/>
+ </annotation>
- <!-- element 1: map<string,any>: key/value pairs depending on the subject type -->
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="a{sv}:subject_details">
+ <annotation name="org.gtk.EggDBus.DocString" value="Details about the subject"/>
+ </annotation>
- <!-- TODO: document values in hash table for each subject type-->
+ <!-- TODO: document values in hash map for each subject type-->
</annotation>
- <!-- User defined struct for ActionDescription -->
+ <!-- ActionDescription struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="ActionDescription">
- <annotation name="org.gtk.EggDBus.Struct.Signature" value="(ssssssa{ss})"/>
- <!-- element 0: string: action-id -->
- <!-- element 1: string: description -->
- <!-- element 2: string: message -->
- <!-- element 3: string: vendor name -->
- <!-- element 4: string: vendor url -->
- <!-- element 5: string: icon name -->
- <!-- element 6: map<string,string>: annotations -->
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
+ <annotation name="org.gtk.EggDBus.DocString" value="Action Identifier"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:description">
+ <annotation name="org.gtk.EggDBus.DocString" value="Action Description"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:message">
+ <annotation name="org.gtk.EggDBus.DocString" value="Action Message"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:vendor_name">
+ <annotation name="org.gtk.EggDBus.DocString" value="Vendor Name"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:vendor_url">
+ <annotation name="org.gtk.EggDBus.DocString" value="Vendor URL"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:icon_name">
+ <annotation name="org.gtk.EggDBus.DocString" value="Icon Name"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="a{ss}:annotations">
+ <annotation name="org.gtk.EggDBus.DocString" value="Annotations"/>
+ </annotation>
<!-- TODO: also include defaults -->
</annotation>
- <!-- User defined struct for AuthorizationClaim -->
+ <!-- AuthorizationClaim struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="AuthorizationClaim">
- <annotation name="org.gtk.EggDBus.Struct.Signature" value="((sa{sv})sa{ss})"/>
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="(sa{sv}):subject">
+ <annotation name="org.gtk.EggDBus.DocString" value="Subject the claim is for"/>
+ </annotation>
- <!-- element 0: (sa{sv}): subject -->
- <!-- element 1: string: action-id -->
- <!-- element 2: map<string,string>: attributes -->
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
+ <annotation name="org.gtk.EggDBus.DocString" value="Action Identifier for the claim"/>
+ </annotation>
+
+ <annotation name="org.gtk.EggDBus.Struct.Member" value="a{ss}:attributes">
+ <annotation name="org.gtk.EggDBus.DocString" value="Attributes for the claim"/>
+ </annotation>
</annotation>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 39d4a6e..9c69b5f 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -12,21 +12,24 @@ INCLUDES = \
-DPACKAGE_LIB_DIR=\""$(libdir)"\" \
-D_POSIX_PTHREAD_SEMANTICS \
-D_REENTRANT \
+ -DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
-BUILT_SOURCES = \
- polkitbindings.h polkitbindings.c \
- polkitbindingstypes.h \
- polkitauthority.h polkitauthority.c \
- polkiterror.h polkiterror.c \
- polkitbindingsmarshal.h polkitbindingsmarshal.c \
- polkitauthorizationresult.h polkitauthorizationresult.c \
- polkitbindingsmarshal.list \
- $(NULL)
+BUILT_SOURCES = \
+ _polkitactiondescription.c _polkitactiondescription.h \
+ _polkitauthority.c _polkitauthority.h \
+ _polkitauthorizationclaim.c _polkitauthorizationclaim.h \
+ _polkitauthorizationresult.c _polkitauthorizationresult.h \
+ _polkitbindings.c _polkitbindings.h \
+ _polkitbindingsmarshal.c _polkitbindingsmarshal.h \
+ _polkitbindingstypes.h \
+ _polkiterror.c _polkiterror.h \
+ _polkitsubject.c _polkitsubject.h \
+ $(NULL)
$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
- dbus2gobject \
- --namespace "Polkit" \
+ eggdbus-binding-tool \
+ --namespace "_Polkit" \
--dbus-namespace "org.freedesktop.PolicyKit1" \
--introspection-xml $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml \
$(NULL)
@@ -35,27 +38,19 @@ lib_LTLIBRARIES=libpolkit-gobject-1.la
libpolkit_gobject_1includedir=$(includedir)/polkit-1/polkit
-libpolkit_gobject_1include_HEADERS = \
- polkit.h \
- polkitauthoritystub.h \
- polkitactiondescription.h \
- polkitauthority.h \
- polkitauthorizationclaim.h \
- polkitauthorizationresult.h \
- polkiterror.h \
- polkitsubject.h \
- polkitbindings.h \
- polkitbindingstypes.h \
- polkitauthority.h \
+libpolkit_gobject_1include_HEADERS = \
+ polkit.h \
+ polkitactiondescription.h \
+ polkitauthority.h \
+ polkiterror.h \
$(NULL)
-libpolkit_gobject_1_la_SOURCES = \
- polkit.h \
- polkitauthoritystub.h polkitauthoritystub.c \
- polkitactiondescription.h polkitactiondescription.c \
- polkitauthorizationclaim.h polkitauthorizationclaim.c \
- polkitsubject.h polkitsubject.c \
- $(BUILT_SOURCES) \
+libpolkit_gobject_1_la_SOURCES = \
+ polkit.h \
+ $(BUILT_SOURCES) \
+ polkitactiondescription.c polkitactiondescription.h \
+ polkitauthority.c polkitauthority.h \
+ polkiterror.c polkiterror.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index b813cf3..6cab9b1 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -23,17 +23,11 @@
#define __POLKIT_H
#define _POLKIT_INSIDE_POLKIT_H 1
-#include <polkit/polkitbindings.h>
-#include <polkit/polkitauthoritystub.h>
-#include <polkit/polkiterror.h>
-#include <polkit/polkitsubject.h>
-#include <polkit/polkitauthorizationclaim.h>
-#include <polkit/polkitauthorizationresult.h>
#include <polkit/polkitactiondescription.h>
+#include <polkit/polkitauthority.h>
+#include <polkit/polkiterror.h>
#undef _POLKIT_INSIDE_POLKIT_H
#endif /* __POLKIT_H */
-
-
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index de6ea57..05d2e47 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -22,232 +22,120 @@
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
-#include <string.h>
-#include "polkitbindings.h"
+
#include "polkitactiondescription.h"
+#include "_polkitactiondescription.h"
+
+#include "polkitprivate.h"
/**
* SECTION:polkitactiondescription
* @title: PolkitActionDescription
- * @short_description: Descriptions of actions
+ * @short_description: Actions
*
- * The #PolkitActionDescription type is used to described registered PolicyKit actions.
+ * Encapsulates an action.
*/
-static void
-base_init (gpointer g_iface)
+struct _PolkitActionDescription
{
-}
+ GObject parent_instance;
+
+ _PolkitActionDescription *real;
+};
-GType
-polkit_action_description_get_type (void)
+struct _PolkitActionDescriptionClass
{
- static GType iface_type = 0;
+ GObjectClass parent_class;
+};
- if (iface_type == 0)
- {
- static const GTypeInfo info =
- {
- sizeof (PolkitActionDescriptionIface),
- base_init, /* base_init */
- NULL, /* base_finalize */
- NULL, /* class_init */
- NULL, /* class_finalize */
- NULL, /* class_data */
- 0, /* instance_size */
- 0, /* n_preallocs */
- NULL, /* instance_init */
- NULL /* value_table */
- };
-
- iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitActionDescription", &info, 0);
-
- g_type_interface_add_prerequisite (iface_type, EGG_DBUS_TYPE_STRUCTURE);
- }
+G_DEFINE_TYPE (PolkitActionDescription, polkit_action_description, G_TYPE_OBJECT);
- return iface_type;
+static void
+polkit_action_description_init (PolkitActionDescription *action_description)
+{
}
-#define ACTION_DESCRIPTION_SIGNATURE "(ssssssa{ss})"
-
-/**
- * polkit_action_description_get_action_id:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets the action identifer for @action_description.
- *
- * Returns: The action identifier for @action_description.
- */
-const gchar *
-polkit_action_description_get_action_id (PolkitActionDescription *action_description)
+static void
+polkit_action_description_finalize (GObject *object)
{
- const gchar *s;
+ PolkitActionDescription *action_description;
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
+ action_description = POLKIT_ACTION_DESCRIPTION (object);
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 0, &s,
- -1);
-
- return s;
+ g_object_unref (action_description->real);
}
-/**
- * polkit_action_description_get_description:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets a human readable description of @action_description.
- *
- * Returns: The human readable description for @action_description or %NULL if not set.
- */
-const gchar *
-polkit_action_description_get_description (PolkitActionDescription *action_description)
+static void
+polkit_action_description_class_init (PolkitActionDescriptionClass *klass)
{
- const gchar *s;
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 1, &s,
- -1);
-
- return strlen (s) > 0 ? s : NULL;
+ gobject_class->finalize = polkit_action_description_finalize;
}
-/**
- * polkit_action_description_get_message:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets the message shown for @action_description.
- *
- * Returns: The message for @action_description or %NULL if not set.
- */
-const gchar *
-polkit_action_description_get_message (PolkitActionDescription *action_description)
+PolkitActionDescription *
+polkit_action_description_new_for_real (_PolkitActionDescription *real)
{
- const gchar *s;
+ PolkitActionDescription *action_description;
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
+ action_description = POLKIT_ACTION_DESCRIPTION (g_object_new (POLKIT_TYPE_ACTION_DESCRIPTION, NULL));
+ action_description->real = g_object_ref (real);
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 2, &s,
- -1);
+ return action_description;
+}
- return strlen (s) > 0 ? s : NULL;
+_PolkitActionDescription *
+polkit_action_description_get_real (PolkitActionDescription *action_description)
+{
+ return action_description->real;
}
-/**
- * polkit_action_description_get_vendor_name:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets the name of the vendor for @action_description.
- *
- * Returns: The vendor of @action_description or %NULL if not set.
- */
-const gchar *
-polkit_action_description_get_vendor_name (PolkitActionDescription *action_description)
+const gchar *
+polkit_action_description_get_action_id (PolkitActionDescription *action_description)
{
- const gchar *s;
+ return _polkit_action_description_get_action_id (action_description->real);
+}
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
+const gchar *
+polkit_action_description_get_description (PolkitActionDescription *action_description)
+{
+ return _polkit_action_description_get_description (action_description->real);
+}
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 3, &s,
- -1);
+const gchar *
+polkit_action_description_get_message (PolkitActionDescription *action_description)
+{
+ return _polkit_action_description_get_message (action_description->real);
+}
- return strlen (s) > 0 ? s : NULL;
+const gchar *
+polkit_action_description_get_vendor_name (PolkitActionDescription *action_description)
+{
+ return _polkit_action_description_get_vendor_name (action_description->real);
}
-/**
- * polkit_action_description_get_vendor_url:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets the vendor URL for @action_description.
- *
- * Returns: The vendor URL for @action_description or %NULL if not set.
- */
-const gchar *
+const gchar *
polkit_action_description_get_vendor_url (PolkitActionDescription *action_description)
{
- const gchar *s;
-
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 4, &s,
- -1);
-
- return strlen (s) > 0 ? s : NULL;
+ return _polkit_action_description_get_vendor_url (action_description->real);
}
-/**
- * polkit_action_description_get_icon:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets the #GIcon for @action_description.
- *
- * Returns: A #GIcon (free with g_object_unref() when done with it) or %NULL if not set.
- */
GIcon *
polkit_action_description_get_icon (PolkitActionDescription *action_description)
{
- const gchar *s;
+ const gchar *icon_name;
GIcon *icon;
+ GError *error;
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 5, &s,
- -1);
+ icon_name = _polkit_action_description_get_icon_name (action_description->real);
- if (strlen (s) > 0)
+ error = NULL;
+ icon = g_icon_new_for_string (icon_name, &error);
+ if (icon_name == NULL)
{
- icon = NULL;
- }
- else
- {
- GError *error;
-
- error = NULL;
- icon = g_icon_new_for_string (s, &error);
- if (icon == NULL)
- {
- g_warning ("Error getting icon for action description: %s", error->message);
- g_error_free (error);
- }
+ g_warning ("polkit_action_description_get_icon: %s", error->message);
+ g_error_free (error);
}
return icon;
}
-
-/**
- * polkit_action_description_get_annotations:
- * @action_description: A #PolkitActionDescription.
- *
- * Gets the annotations for @action_description.
- *
- * Returns: A #GHashTable from strings to strings with the annotations
- * for @action_description. Do not destroy or unref this hash table;
- * it is owned by @action_description.
- */
-GHashTable *
-polkit_action_description_get_annotations (PolkitActionDescription *action_description)
-{
- GHashTable *hash;
-
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
- 6, &hash,
- -1);
-
- return hash;
-}
-
diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h
index 22a3799..cc4d2b4 100644
--- a/src/polkit/polkitactiondescription.h
+++ b/src/polkit/polkitactiondescription.h
@@ -22,27 +22,23 @@
#ifndef __POLKIT_ACTION_DESCRIPTION_H
#define __POLKIT_ACTION_DESCRIPTION_H
-#include <sys/types.h>
-#include <unistd.h>
#include <glib-object.h>
-#include <polkit/polkitbindings.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
G_BEGIN_DECLS
-#define POLKIT_TYPE_ACTION_DESCRIPTION (polkit_action_description_get_type())
-#define POLKIT_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescription))
-#define POLKIT_IS_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_ACTION_DESCRIPTION))
-#define POLKIT_ACTION_DESCRIPTION_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionIface))
+#define POLKIT_TYPE_ACTION_DESCRIPTION (polkit_action_description_get_type())
+#define POLKIT_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescription))
+#define POLKIT_ACTION_DESCRIPTION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionClass))
+#define POLKIT_ACTION_DESCRIPTION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionClass))
+#define POLKIT_IS_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_ACTION_DESCRIPTION))
+#define POLKIT_IS_ACTION_DESCRIPTION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_ACTION_DESCRIPTION))
#if 0
-typedef struct _PolkitActionDescription PolkitActionDescription; /* Dummy typedef */
+typedef struct _PolkitActionDescription PolkitActionDescription;
#endif
-typedef struct _PolkitActionDescriptionIface PolkitActionDescriptionIface;
-
-struct _PolkitActionDescriptionIface
-{
- GTypeInterface g_iface;
-};
+typedef struct _PolkitActionDescriptionClass PolkitActionDescriptionClass;
GType polkit_action_description_get_type (void) G_GNUC_CONST;
const gchar *polkit_action_description_get_action_id (PolkitActionDescription *action_description);
@@ -51,7 +47,6 @@ const gchar *polkit_action_description_get_message (PolkitActionDescriptio
const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description);
-GHashTable *polkit_action_description_get_annotations (PolkitActionDescription *action_description);
G_END_DECLS
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
new file mode 100644
index 0000000..18e6181
--- /dev/null
+++ b/src/polkit/polkitauthority.c
@@ -0,0 +1,140 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "polkitauthority.h"
+
+#include "polkitprivate.h"
+
+/**
+ * SECTION:polkitauthority
+ * @title: PolkitAuthority
+ * @short_description: Authority
+ *
+ * Checking claims.
+ */
+
+struct _PolkitAuthority
+{
+ GObject parent_instance;
+
+ EggDBusObjectProxy *authority_object_proxy;
+
+ _PolkitAuthority *real;
+};
+
+struct _PolkitAuthorityClass
+{
+ GObjectClass parent_class;
+
+};
+
+/* TODO: locking */
+
+static PolkitAuthority *the_authority = NULL;
+
+G_DEFINE_TYPE (PolkitAuthority, polkit_authority, G_TYPE_OBJECT);
+
+static void
+polkit_authority_init (PolkitAuthority *authority)
+{
+ EggDBusConnection *system_bus;
+
+ system_bus = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+
+ authority->authority_object_proxy = egg_dbus_connection_get_object_proxy (system_bus,
+ "org.freedesktop.PolicyKit1",
+ "/org/freedesktop/PolicyKit1/Authority");
+
+ authority->real = _POLKIT_QUERY_INTERFACE_AUTHORITY (authority->authority_object_proxy);
+
+ g_object_unref (system_bus);
+}
+
+static void
+polkit_authority_finalize (GObject *object)
+{
+ PolkitAuthority *authority;
+
+ authority = POLKIT_AUTHORITY (object);
+
+ g_object_unref (authority->authority_object_proxy);
+
+ the_authority = NULL;
+}
+
+static void
+polkit_authority_class_init (PolkitAuthorityClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_authority_finalize;
+}
+
+PolkitAuthority *
+polkit_authority_get (void)
+{
+ if (the_authority != NULL)
+ goto out;
+
+ the_authority = POLKIT_AUTHORITY (g_object_new (POLKIT_TYPE_AUTHORITY, NULL));
+
+ out:
+ return the_authority;
+}
+
+GList *
+polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GError **error)
+{
+ EggDBusArraySeq *array_seq;
+ GList *result;
+ guint n;
+
+ result = NULL;
+
+ if (!_polkit_authority_enumerate_actions_sync (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ locale,
+ &array_seq,
+ cancellable,
+ error))
+ goto out;
+
+ for (n = 0; n < array_seq->size; n++)
+ {
+ _PolkitActionDescription *real_ad;
+
+ real_ad = array_seq->data.v_ptr[n];
+
+ result = g_list_prepend (result, polkit_action_description_new_for_real (real_ad));
+ }
+
+ result = g_list_reverse (result);
+
+ out:
+ return result;
+}
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
new file mode 100644
index 0000000..1b6cb9d
--- /dev/null
+++ b/src/polkit/polkitauthority.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_AUTHORITY_H
+#define __POLKIT_AUTHORITY_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkittypes.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_AUTHORITY (polkit_authority_get_type())
+#define POLKIT_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORITY, PolkitAuthority))
+#define POLKIT_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHORITY, PolkitAuthorityClass))
+#define POLKIT_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORITY, PolkitAuthorityClass))
+#define POLKIT_IS_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORITY))
+#define POLKIT_IS_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORITY))
+
+#if 0
+typedef struct _PolkitAuthority PolkitAuthority;
+#endif
+typedef struct _PolkitAuthorityClass PolkitAuthorityClass;
+
+GType polkit_authority_get_type (void) G_GNUC_CONST;
+
+PolkitAuthority *polkit_authority_get (void);
+
+GList *polkit_authority_enumerate_actions_sync (PolkitAuthority *authority,
+ const gchar *locale,
+ GCancellable *cancellable,
+ GError **error);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORITY_H */
diff --git a/src/polkit/polkitauthoritystub.c b/src/polkit/polkitauthoritystub.c
deleted file mode 100644
index 9928f08..0000000
--- a/src/polkit/polkitauthoritystub.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include "polkitauthoritystub.h"
-
-/* TODO: locking */
-
-static PolkitAuthority *the_authority = NULL;
-
-/**
- * polkit_authority_get:
- *
- * Gets the default authority for checking claims.
- *
- * Returns: A reference to a #PolkitAuthority instance. Call g_object_unref() when done with it
- **/
-PolkitAuthority *
-polkit_authority_get (void)
-{
- PolkitAuthority *authority;
-
- polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
-
- if (the_authority != NULL)
- {
- authority = g_object_ref (the_authority);
- }
- else
- {
- EggDBusConnection *connection;
-
- connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
- authority = POLKIT_AUTHORITY (egg_dbus_connection_get_proxy (connection,
- "org.freedesktop.PolicyKit1",
- "/org/freedesktop/PolicyKit1/Authority"));
-
- /* TODO: take a weak reference and set the_authority to NULL on destruction */
-
- /* TODO: unref connection since authority holds a reference? */
- }
-
- return authority;
-}
diff --git a/src/polkit/polkitauthoritystub.h b/src/polkit/polkitauthoritystub.h
deleted file mode 100644
index d7fe57b..0000000
--- a/src/polkit/polkitauthoritystub.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include <polkit/polkitbindings.h>
-
-#ifndef __POLKIT_AUTHORITY_STUB_H
-#define __POLKIT_AUTHORITY_STUB_H
-
-G_BEGIN_DECLS
-
-PolkitAuthority *polkit_authority_get (void);
-
-G_END_DECLS
-
-#endif /* __POLKIT_AUTHORITY_STUB_H */
diff --git a/src/polkit/polkitauthorizationclaim.c b/src/polkit/polkitauthorizationclaim.c
deleted file mode 100644
index 81b692f..0000000
--- a/src/polkit/polkitauthorizationclaim.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <string.h>
-#include "polkitauthorizationclaim.h"
-#include "polkitsubject.h"
-
-/**
- * SECTION:polkitauthorizationclaim
- * @title: PolkitAuthorizationClaim
- * @short_description: Authorization Claim
- *
- * Represents an authorization claim.
- */
-
-static void
-base_init (gpointer g_iface)
-{
-}
-
-GType
-polkit_authorization_claim_get_type (void)
-{
- static GType iface_type = 0;
-
- if (iface_type == 0)
- {
- static const GTypeInfo info =
- {
- sizeof (PolkitAuthorizationClaimIface),
- base_init, /* base_init */
- NULL, /* base_finalize */
- NULL, /* class_init */
- NULL, /* class_finalize */
- NULL, /* class_data */
- 0, /* instance_size */
- 0, /* n_preallocs */
- NULL, /* instance_init */
- NULL /* value_table */
- };
-
- iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitAuthorizationClaim", &info, 0);
-
- g_type_interface_add_prerequisite (iface_type, EGG_DBUS_TYPE_STRUCTURE);
- }
-
- return iface_type;
-}
-
-#define AUTHORIZATION_CLAIM_SIGNATURE "((sa{sv})sa{ss})"
-
-/**
- * polkit_authorization_claim_new:
- * @subject: The subject the claim is for.
- * @action_id: The action identifier for the PolicyKit action the claim is about.
- *
- * Constructs a new #PolkitAuthorizationClaim representing a claim that @subject is authorized for @action_id.
- *
- * Returns: A #PolkitAuthorizationClaim.
- */
-PolkitAuthorizationClaim *
-polkit_authorization_claim_new (PolkitSubject *subject,
- const gchar *action_id)
-{
- GValue *values;
- EggDBusHashTable *attributes;
-
- attributes = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- (GDestroyNotify) g_free,
- (GDestroyNotify) g_object_unref);
- egg_dbus_hash_table_set_signature (attributes, "s", "s");
-
- values = g_new0 (GValue, 3);
- g_value_init (&(values[0]), POLKIT_TYPE_SUBJECT);
- g_value_set_object (&(values[0]), subject);
- g_value_init (&(values[1]), G_TYPE_STRING);
- g_value_set_string (&(values[1]), action_id);
- g_value_init (&(values[2]), EGG_DBUS_TYPE_HASH_TABLE);
- g_value_take_boxed (&(values[2]), attributes);
-
- return POLKIT_AUTHORIZATION_CLAIM (egg_dbus_structure_new (AUTHORIZATION_CLAIM_SIGNATURE, 3, values));
-}
-
-/**
- * polkit_authorization_claim_get_subject:
- * @authorization_claim: A #PolkitAuthorizationClaim.
- *
- * Gets the subject for @authorization_claim.
- *
- * Returns: A #PolkitSubject instance owned by @authorization_claim. Do not free.
- **/
-PolkitSubject *
-polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim)
-{
- PolkitSubject *subject;
-
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (authorization_claim),
- 0, &subject,
- -1);
-
- return subject;
-}
-
-/**
- * polkit_authorization_claim_get_action_id:
- * @authorization_claim: A #PolkitAuthorizationClaim.
- *
- * Gets the action identifier for @authorization_claim.
- *
- * Returns: A string owned by @authorization_claim. Do not free.
- **/
-const gchar *
-polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim)
-{
- const gchar *action_id;
-
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (authorization_claim),
- 1, &action_id,
- -1);
-
- return action_id;
-}
-
-/**
- * polkit_authorization_claim_get_attributes:
- * @authorization_claim: A #PolkitAuthorizationClaim.
- *
- * Gets the attributes for @authorization_claim.
- *
- * Returns: A #GHashTable owned by @authorization_claim. Do not free or modify.
- **/
-GHashTable *
-polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim)
-{
- GHashTable *attributes;
-
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0, NULL);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (authorization_claim),
- 2, &attributes,
- -1);
-
- return attributes;
-}
-
-/**
- * polkit_authorization_claim_set_subject:
- * @authorization_claim: A #PolkitAuthorizationClaim.
- * @subject: A #PolkitSubject.
- *
- * Sets the subject of @authorization_claim to @subject.
- **/
-void
-polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
- PolkitSubject *subject)
-{
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0);
-
- egg_dbus_structure_set_element (EGG_DBUS_STRUCTURE (authorization_claim),
- 0, subject,
- -1);
-}
-
-/**
- * polkit_authorization_claim_set_action_id:
- * @authorization_claim: A #PolkitAuthorizationClaim.
- * @action_id: The action identifier for the PolicyKit action the claim is about.
- *
- * Sets the PolicyKit action for @authorization_claim to @action_id.
- **/
-void
-polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
- const gchar *action_id)
-{
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0);
- g_return_if_fail (action_id != NULL);
-
- egg_dbus_structure_set_element (EGG_DBUS_STRUCTURE (authorization_claim),
- 1, action_id,
- -1);
-}
-
-/**
- * polkit_authorization_claim_set_attribute:
- * @authorization_claim: A #PolkitAuthorizationClaim.
- * @key: Key of the attribute.
- * @value: Value of the attribute or %NULL to clear the attribute for @key.
- *
- * Sets or clear an attribute of @authorization_claim.
- **/
-void
-polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
- const gchar *key,
- const gchar *value)
-{
- EggDBusHashTable *attributes;
-
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0);
- g_return_if_fail (key != NULL);
-
- attributes = polkit_authorization_claim_get_attributes (authorization_claim);
-
- if (value == NULL)
- g_hash_table_remove (attributes, key);
- else
- g_hash_table_insert (attributes, g_strdup (key), g_strdup (value));
-}
-
diff --git a/src/polkit/polkitauthorizationclaim.h b/src/polkit/polkitauthorizationclaim.h
deleted file mode 100644
index df948f5..0000000
--- a/src/polkit/polkitauthorizationclaim.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#include <glib-object.h>
-#include <polkit/polkitsubject.h>
-
-#ifndef __POLKIT_AUTHORIZATION_CLAIM_H__
-#define __POLKIT_AUTHORIZATION_CLAIM_H__
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_AUTHORIZATION_CLAIM (polkit_authorization_claim_get_type())
-#define POLKIT_AUTHORIZATION_CLAIM(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaim))
-#define POLKIT_IS_AUTHORIZATION_CLAIM(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM))
-#define POLKIT_AUTHORIZATION_CLAIM_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimIface))
-
-#if 0
-typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim; /* Dummy typedef */
-#endif
-typedef struct _PolkitAuthorizationClaimIface PolkitAuthorizationClaimIface;
-
-struct _PolkitAuthorizationClaimIface
-{
- GTypeInterface g_iface;
-};
-
-GType polkit_authorization_claim_get_type (void) G_GNUC_CONST;
-PolkitAuthorizationClaim *polkit_authorization_claim_new (PolkitSubject *subject,
- const gchar *action_id);
-
-void polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
- PolkitSubject *subject);
-void polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
- const gchar *action_id);
-void polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
- const gchar *key,
- const gchar *value);
-
-PolkitSubject *polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim);
-const gchar *polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim);
-GHashTable *polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim);
-
-
-G_END_DECLS
-
-#endif /* __POLKIT_AUTHORIZATION_CLAIM_H__ */
diff --git a/src/polkit/polkiterror.c b/src/polkit/polkiterror.c
new file mode 100644
index 0000000..604b9c7
--- /dev/null
+++ b/src/polkit/polkiterror.c
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "polkiterror.h"
+#include "polkitprivate.h"
+
+GQuark
+polkit_error_quark (void)
+{
+ return _polkit_error_quark ();
+}
+
+GType
+polkit_error_get_type (void)
+{
+ return _polkit_error_get_type ();
+}
+
diff --git a/src/polkit/polkiterror.h b/src/polkit/polkiterror.h
new file mode 100644
index 0000000..5dd21dc
--- /dev/null
+++ b/src/polkit/polkiterror.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_ERROR_H
+#define __POLKIT_ERROR_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+/**
+ * POLKIT_ERROR:
+ *
+ * Error domain for errors when using PolicyKit. Errors in this domain will be from the #PolkitError
+ * enumeration. See #GError for information on error domains
+ */
+#define POLKIT_ERROR polkit_error_quark()
+
+GQuark polkit_error_quark (void);
+
+GType polkit_error_get_type (void) G_GNUC_CONST;
+
+#define POLKIT_TYPE_ERROR (polkit_error_get_type ())
+
+/**
+ * PolkitError:
+ * @POLKIT_ERROR_FAILED: The operation failed
+ * @POLKIT_ERROR_NOT_SUPPORTED: Operation is not supported
+ *
+ * Errors when using PolicyKit.
+ */
+typedef enum
+{
+ POLKIT_ERROR_FAILED = 0,
+ POLKIT_ERROR_NOT_SUPPORTED = 1,
+} PolkitError;
+
+G_END_DECLS
+
+#endif /* __POLKIT_ERROR_H */
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
deleted file mode 100644
index ffa46e7..0000000
--- a/src/polkit/polkitsubject.c
+++ /dev/null
@@ -1,349 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
-#include <string.h>
-#include "polkitbindings.h"
-#include "polkitsubject.h"
-
-/**
- * SECTION:polkitsubject
- * @title: PolkitSubject
- * @short_description: Subjects
- *
- * The #PolkitSubject type is used for representing subject such as
- * users, groups and processes.
- */
-
-static void
-base_init (gpointer g_iface)
-{
-}
-
-GType
-polkit_subject_get_type (void)
-{
- static GType iface_type = 0;
-
- if (iface_type == 0)
- {
- static const GTypeInfo info =
- {
- sizeof (PolkitSubjectIface),
- base_init, /* base_init */
- NULL, /* base_finalize */
- NULL, /* class_init */
- NULL, /* class_finalize */
- NULL, /* class_data */
- 0, /* instance_size */
- 0, /* n_preallocs */
- NULL, /* instance_init */
- NULL /* value_table */
- };
-
- iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitSubject", &info, 0);
-
- g_type_interface_add_prerequisite (iface_type, EGG_DBUS_TYPE_STRUCTURE);
- }
-
- return iface_type;
-}
-
-/**
- * polkit_subject_new_for_unix_process:
- * @unix_process_id: The Process ID.
- *
- * Constructs a new #PolkitSubject for a the UNIX process with PID @process_id.
- *
- * Returns: A #PolkitSubject.
- */
-PolkitSubject *
-polkit_subject_new_for_unix_process (pid_t unix_process_id)
-{
- GValue *values;
- EggDBusHashTable *properties;
-
- properties = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- (GDestroyNotify) g_free,
- (GDestroyNotify) g_object_unref);
- egg_dbus_hash_table_set_signature (properties, "s", "v");
-
- g_hash_table_insert (properties,
- g_strdup ("unix-process-id"),
- egg_dbus_variant_new_for_uint32 (unix_process_id));
-
- values = g_new0 (GValue, 2);
- g_value_init (&(values[0]), G_TYPE_STRING);
- g_value_set_string (&(values[0]), "unix-process");
- g_value_init (&(values[1]), EGG_DBUS_TYPE_HASH_TABLE);
- g_value_set_boxed (&(values[1]), properties);
-
- return POLKIT_SUBJECT (egg_dbus_structure_new ("(sa{sv})", 2, values));
-}
-
-/**
- * polkit_subject_new_for_unix_user:
- * @unix_user_id: The User ID.
- *
- * Constructs a new #PolkitSubject for a the UNIX user with UID @user_id.
- *
- * Returns: A #PolkitSubject.
- */
-PolkitSubject *
-polkit_subject_new_for_unix_user (uid_t unix_user_id)
-{
- GValue *values;
- EggDBusHashTable *properties;
-
- properties = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- (GDestroyNotify) g_free,
- (GDestroyNotify) g_object_unref);
- egg_dbus_hash_table_set_signature (properties, "s", "v");
-
- g_hash_table_insert (properties,
- g_strdup ("unix-user-id"),
- egg_dbus_variant_new_for_uint32 (unix_user_id));
-
- values = g_new0 (GValue, 2);
- g_value_init (&(values[0]), G_TYPE_STRING);
- g_value_set_string (&(values[0]), "unix-user");
- g_value_init (&(values[1]), EGG_DBUS_TYPE_HASH_TABLE);
- g_value_set_boxed (&(values[1]), properties);
-
- return POLKIT_SUBJECT (egg_dbus_structure_new ("(sa{sv})", 2, values));
-}
-
-/**
- * polkit_subject_new_for_unix_group:
- * @unix_group_id: The Group ID.
- *
- * Constructs a new #PolkitSubject for a the UNIX group with GID @group_id.
- *
- * Returns: A #PolkitSubject.
- */
-PolkitSubject *
-polkit_subject_new_for_unix_group (gid_t unix_group_id)
-{
- GValue *values;
- EggDBusHashTable *properties;
-
- properties = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- (GDestroyNotify) g_free,
- (GDestroyNotify) g_object_unref);
- egg_dbus_hash_table_set_signature (properties, "s", "v");
-
- g_hash_table_insert (properties,
- g_strdup ("unix-group-id"),
- egg_dbus_variant_new_for_uint32 (unix_group_id));
-
- values = g_new0 (GValue, 2);
- g_value_init (&(values[0]), G_TYPE_STRING);
- g_value_set_string (&(values[0]), "unix-group");
- g_value_init (&(values[1]), EGG_DBUS_TYPE_HASH_TABLE);
- g_value_set_boxed (&(values[1]), properties);
-
- return POLKIT_SUBJECT (egg_dbus_structure_new ("(sa{sv})", 2, values));
-}
-
-/**
- * polkit_subject_get_kind:
- * @subject: A #PolkitSubject.
- *
- * Gets the kind of @subject.
- *
- * Returns: A #PolkitSubjectKind.
- */
-PolkitSubjectKind
-polkit_subject_get_kind (PolkitSubject *subject)
-{
- const gchar *kind_str;
- PolkitSubjectKind kind;
-
- g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), -1);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, -1);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
- 0, &kind_str,
- -1);
-
- if (strcmp (kind_str, "unix-process") == 0)
- kind = POLKIT_SUBJECT_KIND_UNIX_PROCESS;
- else if (strcmp (kind_str, "unix-user") == 0)
- kind = POLKIT_SUBJECT_KIND_UNIX_USER;
- else if (strcmp (kind_str, "unix-group") == 0)
- kind = POLKIT_SUBJECT_KIND_UNIX_GROUP;
- else
- {
- g_warning ("unknown kind str '%s'", kind_str);
- kind = -1;
- }
-
- return kind;
-}
-
-/**
- * polkit_subject_equal:
- * @a: A #PolkitSubject.
- * @b: A #PolkitSubject.
- *
- * Checks if the two subjects @a and @b are equal.
- *
- * Returns: %TRUE if @a and @b are equal, %FALSE otherwise.
- **/
-gboolean
-polkit_subject_equal (PolkitSubject *a,
- PolkitSubject *b)
-{
- gboolean ret;
- PolkitSubjectKind kind_a;
- PolkitSubjectKind kind_b;
-
- g_return_val_if_fail (POLKIT_IS_SUBJECT (a), FALSE);
- g_return_val_if_fail (POLKIT_IS_SUBJECT (b), FALSE);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (a)), "(sa{sv})") == 0, FALSE);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (b)), "(sa{sv})") == 0, FALSE);
-
- ret = FALSE;
-
- kind_a = polkit_subject_get_kind (a);
- kind_b = polkit_subject_get_kind (b);
-
- if (kind_a != kind_b)
- goto out;
-
- switch (kind_a)
- {
- case POLKIT_SUBJECT_KIND_UNIX_PROCESS:
- if (polkit_subject_unix_process_get_id (a) == polkit_subject_unix_process_get_id (b))
- ret = TRUE;
- break;
-
- case POLKIT_SUBJECT_KIND_UNIX_USER:
- if (polkit_subject_unix_user_get_id (a) == polkit_subject_unix_user_get_id (b))
- ret = TRUE;
- break;
-
- case POLKIT_SUBJECT_KIND_UNIX_GROUP:
- if (polkit_subject_unix_group_get_id (a) == polkit_subject_unix_group_get_id (b))
- ret = TRUE;
- break;
-
- default:
- /* get_kind() will already have warned */
- goto out;
- }
-
- out:
- return ret;
-}
-
-/**
- * polkit_subject_unix_process_get_id:
- * @subject: A #PolkitSubject of the @POLKIT_SUBJECT_KIND_UNIX_PROCESS kind.
- *
- * Gets the UNIX process id for @subject.
- *
- * Returns: UNIX process id.
- **/
-pid_t
-polkit_subject_unix_process_get_id (PolkitSubject *subject)
-{
- EggDBusHashTable *value;
- EggDBusVariant *variant;
- pid_t pid;
-
- g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), 0);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, 0);
- g_return_val_if_fail (polkit_subject_get_kind (subject) != POLKIT_SUBJECT_KIND_UNIX_PROCESS, 0);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
- 1, &value,
- -1);
-
- variant = g_hash_table_lookup (value, "unix-process-id");
- pid = (pid_t) egg_dbus_variant_get_uint32 (variant);
-
- return pid;
-}
-
-/**
- * polkit_subject_unix_user_get_id:
- * @subject: A #PolkitSubject of the @POLKIT_SUBJECT_KIND_UNIX_USER kind.
- *
- * Gets the UNIX user id for @subject.
- *
- * Returns: UNIX user id.
- **/
-uid_t
-polkit_subject_unix_user_get_id (PolkitSubject *subject)
-{
- EggDBusHashTable *value;
- EggDBusVariant *variant;
- uid_t uid;
-
- g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), 0);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, 0);
- g_return_val_if_fail (polkit_subject_get_kind (subject) != POLKIT_SUBJECT_KIND_UNIX_USER, 0);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
- 1, &value,
- -1);
-
- variant = g_hash_table_lookup (value, "unix-user-id");
- uid = (uid_t) egg_dbus_variant_get_uint32 (variant);
-
- return uid;
-}
-
-/**
- * polkit_subject_unix_group_get_id:
- * @subject: A #PolkitSubject of the @POLKIT_SUBJECT_KIND_UNIX_GROUP kind.
- *
- * Gets the UNIX group id for @subject.
- *
- * Returns: UNIX group id.
- **/
-gid_t
-polkit_subject_unix_group_get_id (PolkitSubject *subject)
-{
- EggDBusHashTable *value;
- EggDBusVariant *variant;
- gid_t gid;
-
- g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), 0);
- g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, 0);
- g_return_val_if_fail (polkit_subject_get_kind (subject) != POLKIT_SUBJECT_KIND_UNIX_GROUP, 0);
-
- egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
- 1, &value,
- -1);
-
- variant = g_hash_table_lookup (value, "unix-group-id");
- gid = (gid_t) egg_dbus_variant_get_uint32 (variant);
-
- return gid;
-}
-
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
deleted file mode 100644
index 8b47786..0000000
--- a/src/polkit/polkitsubject.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#ifndef __POLKIT_SUBJECT_H
-#define __POLKIT_SUBJECT_H
-
-#include <sys/types.h>
-#include <unistd.h>
-#include <glib-object.h>
-#include <polkit/polkitbindings.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_SUBJECT (polkit_subject_get_type())
-#define POLKIT_SUBJECT(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_SUBJECT, PolkitSubject))
-#define POLKIT_IS_SUBJECT(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_SUBJECT))
-#define POLKIT_SUBJECT_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_SUBJECT, PolkitSubjectIface))
-
-#if 0
-typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */
-#endif
-typedef struct _PolkitSubjectIface PolkitSubjectIface;
-
-typedef enum
-{
- POLKIT_SUBJECT_KIND_UNIX_PROCESS,
- POLKIT_SUBJECT_KIND_UNIX_USER,
- POLKIT_SUBJECT_KIND_UNIX_GROUP,
-} PolkitSubjectKind;
-
-struct _PolkitSubjectIface
-{
- GTypeInterface g_iface;
-};
-
-GType polkit_subject_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_subject_new_for_unix_process (pid_t unix_process_id);
-PolkitSubject *polkit_subject_new_for_unix_user (uid_t unix_user_id);
-PolkitSubject *polkit_subject_new_for_unix_group (gid_t unix_group_id);
-PolkitSubjectKind polkit_subject_get_kind (PolkitSubject *subject);
-pid_t polkit_subject_unix_process_get_id (PolkitSubject *subject);
-uid_t polkit_subject_unix_user_get_id (PolkitSubject *subject);
-gid_t polkit_subject_unix_group_get_id (PolkitSubject *subject);
-gboolean polkit_subject_equal (PolkitSubject *a,
- PolkitSubject *b);
-
-G_END_DECLS
-
-#endif /* __POLKIT_SUBJECT_H */
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 2d31cb5..41ea29a 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -12,6 +12,7 @@ INCLUDES = \
-DPACKAGE_LIB_DIR=\""$(libdir)"\" \
-D_POSIX_PTHREAD_SEMANTICS \
-D_REENTRANT \
+ -DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
lib_LTLIBRARIES=libpolkit-backend-1.la
@@ -20,14 +21,20 @@ libpolkit_backend_1includedir=$(includedir)/polkit-1/polkitbackend
libpolkit_backend_1include_HEADERS = \
polkitbackend.h \
+ polkitbackendtypes.h \
+ polkitbackendauthority.h \
polkitbackendlocalauthority.h \
polkitbackendactionpool.h \
+ polkitbackendserver.h \
$(NULL)
libpolkit_backend_1_la_SOURCES = \
polkitbackend.h \
+ polkitbackendtypes.h \
+ polkitbackendauthority.h polkitbackendauthority.c \
polkitbackendlocalauthority.h polkitbackendlocalauthority.c \
polkitbackendactionpool.h polkitbackendactionpool.c \
+ polkitbackendserver.h polkitbackendserver.c \
$(NULL)
libpolkit_backend_1_la_CFLAGS = \
diff --git a/src/polkitbackend/polkitbackend.h b/src/polkitbackend/polkitbackend.h
index 1dc847c..63090aa 100644
--- a/src/polkitbackend/polkitbackend.h
+++ b/src/polkitbackend/polkitbackend.h
@@ -23,8 +23,11 @@
#define __POLKIT_BACKEND_H
#define _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H 1
+#include <polkitbackend/polkitbackendtypes.h>
+#include <polkitbackend/polkitbackendauthority.h>
#include <polkitbackend/polkitbackendlocalauthority.h>
#include <polkitbackend/polkitbackendactionpool.h>
+#include <polkitbackend/polkitbackendserver.h>
#undef _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H
#endif /* __POLKIT_BACKEND_H */
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
index d81b0f9..b5a7398 100644
--- a/src/polkitbackend/polkitbackendactionpool.c
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -26,7 +26,10 @@
#include <pwd.h>
#include <string.h>
#include <expat.h>
+
#include <polkit/polkit.h>
+#include <polkit/polkitprivate.h>
+
#include "polkitbackendactionpool.h"
typedef struct
@@ -43,7 +46,7 @@ typedef struct
GHashTable *localized_message;
/* this maps from annotation key (string) to annotation value (also a string) */
- GHashTable *annotations;
+ EggDBusHashMap *annotations;
} ParsedAction;
static void
@@ -59,7 +62,7 @@ parsed_action_free (ParsedAction *action)
g_hash_table_unref (action->localized_description);
g_hash_table_unref (action->localized_message);
- g_hash_table_unref (action->annotations);
+ g_object_unref (action->annotations);
g_free (action);
}
@@ -256,10 +259,10 @@ polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool,
{
PolkitBackendActionPoolPrivate *priv;
PolkitActionDescription *ret;
+ _PolkitActionDescription *real;
ParsedAction *parsed_action;
gchar *description;
gchar *message;
- GValue *values;
g_return_val_if_fail (POLKIT_BACKEND_IS_ACTION_POOL (pool), NULL);
@@ -284,23 +287,16 @@ polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool,
parsed_action->message,
locale));
- values = g_new0 (GValue, 7);
- g_value_init (&(values[0]), G_TYPE_STRING);
- g_value_set_string (&(values[0]), parsed_action->action_id);
- g_value_init (&(values[1]), G_TYPE_STRING);
- g_value_set_string (&(values[1]), description != NULL ? description : g_strdup (""));
- g_value_init (&(values[2]), G_TYPE_STRING);
- g_value_set_string (&(values[2]), message != NULL ? message : g_strdup (""));
- g_value_init (&(values[3]), G_TYPE_STRING);
- g_value_set_string (&(values[3]), parsed_action->vendor_name != NULL ? parsed_action->vendor_name : g_strdup (""));
- g_value_init (&(values[4]), G_TYPE_STRING);
- g_value_set_string (&(values[4]), parsed_action->vendor_url != NULL ? parsed_action->vendor_url : g_strdup (""));
- g_value_init (&(values[5]), G_TYPE_STRING);
- g_value_set_string (&(values[5]), parsed_action->icon_name != NULL ? parsed_action->icon_name : g_strdup (""));
- g_value_init (&(values[6]), G_TYPE_HASH_TABLE);
- g_value_set_boxed (&(values[6]), parsed_action->annotations);
-
- ret = POLKIT_ACTION_DESCRIPTION (egg_dbus_structure_new ("(ssssssa{ss})", 7, values));
+ real = _polkit_action_description_new (action_id,
+ description,
+ message,
+ parsed_action->vendor_name,
+ parsed_action->vendor_url,
+ parsed_action->icon_name,
+ parsed_action->annotations);
+
+ ret = polkit_action_description_new_for_real (real);
+ g_object_unref (real);
out:
return ret;
@@ -510,7 +506,7 @@ typedef struct {
char *elem_lang;
char *annotate_key;
- GHashTable *annotations;
+ EggDBusHashMap *annotations;
PolkitBackendActionPool *pool;
} ParserData;
@@ -532,20 +528,23 @@ pd_unref_action_data (ParserData *pd)
pd->policy_description_nolang = NULL;
g_free (pd->policy_message_nolang);
pd->policy_message_nolang = NULL;
- if (pd->policy_descriptions != NULL) {
- g_hash_table_unref (pd->policy_descriptions);
- pd->policy_descriptions = NULL;
- }
- if (pd->policy_messages != NULL) {
- g_hash_table_unref (pd->policy_messages);
- pd->policy_messages = NULL;
- }
+ if (pd->policy_descriptions != NULL)
+ {
+ g_hash_table_unref (pd->policy_descriptions);
+ pd->policy_descriptions = NULL;
+ }
+ if (pd->policy_messages != NULL)
+ {
+ g_hash_table_unref (pd->policy_messages);
+ pd->policy_messages = NULL;
+ }
g_free (pd->annotate_key);
pd->annotate_key = NULL;
- if (pd->annotations != NULL) {
- g_hash_table_unref (pd->annotations);
- pd->annotations = NULL;
- }
+ if (pd->annotations != NULL)
+ {
+ g_object_unref (pd->annotations);
+ pd->annotations = NULL;
+ }
g_free (pd->elem_lang);
pd->elem_lang = NULL;
}
@@ -604,10 +603,7 @@ _start (void *data, const char *el, const char **attr)
g_str_equal,
g_free,
g_free);
- pd->annotations = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
+ pd->annotations = egg_dbus_hash_map_new (G_TYPE_STRING, g_free, G_TYPE_STRING, g_free);
/* initialize defaults */
//pd->defaults_allow_any = POLKIT_RESULT_NO;
//pd->defaults_allow_inactive = POLKIT_RESULT_NO;
@@ -838,9 +834,9 @@ _cdata (void *data, const char *s, int len)
break;
case STATE_IN_ANNOTATE:
- g_hash_table_insert (pd->annotations,
- g_strdup (pd->annotate_key),
- str);
+ egg_dbus_hash_map_insert (pd->annotations,
+ g_strdup (pd->annotate_key),
+ str);
str = NULL;
break;
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
new file mode 100644
index 0000000..3de036a
--- /dev/null
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <errno.h>
+#include <pwd.h>
+#include <string.h>
+#include <polkit/polkit.h>
+#include "polkitbackendauthority.h"
+
+G_DEFINE_ABSTRACT_TYPE (PolkitBackendAuthority, polkit_backend_authority, G_TYPE_OBJECT);
+
+static void
+polkit_backend_authority_init (PolkitBackendAuthority *local_authority)
+{
+}
+
+static void
+polkit_backend_authority_class_init (PolkitBackendAuthorityClass *klass)
+{
+}
+
+GList *
+polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ return klass->enumerate_actions (authority, locale);
+}
+
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
new file mode 100644
index 0000000..1657251
--- /dev/null
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_BACKEND_AUTHORITY_H
+#define __POLKIT_BACKEND_AUTHORITY_H
+
+#include <glib-object.h>
+#include "polkitbackendtypes.h"
+
+G_BEGIN_DECLS
+
+#define POLKIT_BACKEND_TYPE_AUTHORITY (polkit_backend_authority_get_type ())
+#define POLKIT_BACKEND_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_BACKEND_TYPE_AUTHORITY, PolkitBackendAuthority))
+#define POLKIT_BACKEND_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_BACKEND_TYPE_AUTHORITY, PolkitBackendAuthorityClass))
+#define POLKIT_BACKEND_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_BACKEND_TYPE_AUTHORITY,PolkitBackendAuthorityClass))
+#define POLKIT_BACKEND_IS_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_AUTHORITY))
+#define POLKIT_BACKEND_IS_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_AUTHORITY))
+
+typedef struct _PolkitBackendAuthorityClass PolkitBackendAuthorityClass;
+
+struct _PolkitBackendAuthority
+{
+ GObject parent_instance;
+};
+
+struct _PolkitBackendAuthorityClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ GList * (*enumerate_actions) (PolkitBackendAuthority *authority,
+ const gchar *locale);
+
+ /*< private >*/
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_backend_authority_get_type (void) G_GNUC_CONST;
+
+GList *polkit_backend_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_AUTHORITY_H */
+
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index fcac673..9e2ffc8 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -33,16 +33,13 @@ typedef struct
} PolkitBackendLocalAuthorityPrivate;
-static void authority_iface_init (PolkitAuthorityIface *authority_iface,
- gpointer iface_data);
+static GList *polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale);
-G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocalAuthority, polkit_backend_local_authority, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_AUTHORITY,
- authority_iface_init)
- );
-#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
+G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
static void
polkit_backend_local_authority_init (PolkitBackendLocalAuthority *local_authority)
@@ -75,24 +72,42 @@ polkit_backend_local_authority_finalize (GObject *object)
static void
polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *klass)
{
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+ GObjectClass *gobject_class;
+ PolkitBackendAuthorityClass *authority_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+ authority_class = POLKIT_BACKEND_AUTHORITY_CLASS (klass);
gobject_class->finalize = polkit_backend_local_authority_finalize;
+ authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
+
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
-PolkitBackendLocalAuthority *
+PolkitBackendAuthority *
polkit_backend_local_authority_new (void)
{
+ return POLKIT_BACKEND_AUTHORITY (g_object_new (POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY,
+ NULL));
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static GList *
+polkit_backend_local_authority_enumerate_actions (PolkitBackendAuthority *authority,
+ const gchar *locale)
+{
PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
- local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (g_object_new (POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY,
- NULL));
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
- return local_authority;
+ return polkit_backend_action_pool_get_all_actions (priv->action_pool, locale);
}
+#if 0
/* ---------------------------------------------------------------------------------------------------- */
static void
@@ -189,3 +204,4 @@ authority_iface_init (PolkitAuthorityIface *authority_iface,
}
/* ---------------------------------------------------------------------------------------------------- */
+#endif
diff --git a/src/polkitbackend/polkitbackendlocalauthority.h b/src/polkitbackend/polkitbackendlocalauthority.h
index 8aa2619..1bdc50f 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.h
+++ b/src/polkitbackend/polkitbackendlocalauthority.h
@@ -23,11 +23,12 @@
#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
#endif
-#include <glib-object.h>
-
#ifndef __POLKIT_BACKEND_LOCAL_AUTHORITY_H
#define __POLKIT_BACKEND_LOCAL_AUTHORITY_H
+#include <glib-object.h>
+#include <polkitbackend/polkitbackendauthority.h>
+
G_BEGIN_DECLS
#define POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY (polkit_backend_local_authority_get_type ())
@@ -42,12 +43,12 @@ typedef struct _PolkitBackendLocalAuthorityClass PolkitBackendLocalAuthorityC
struct _PolkitBackendLocalAuthority
{
- GObject parent_instance;
+ PolkitBackendAuthority parent_instance;
};
struct _PolkitBackendLocalAuthorityClass
{
- GObjectClass parent_class;
+ PolkitBackendAuthorityClass parent_class;
/*< public >*/
@@ -63,9 +64,8 @@ struct _PolkitBackendLocalAuthorityClass
void (*_polkit_reserved8) (void);
};
-GType polkit_backend_local_authority_get_type (void) G_GNUC_CONST;
-
-PolkitBackendLocalAuthority *polkit_backend_local_authority_new (void);
+GType polkit_backend_local_authority_get_type (void) G_GNUC_CONST;
+PolkitBackendAuthority *polkit_backend_local_authority_new (void);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c
new file mode 100644
index 0000000..090e37f
--- /dev/null
+++ b/src/polkitbackend/polkitbackendserver.c
@@ -0,0 +1,119 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <errno.h>
+#include <pwd.h>
+#include <string.h>
+#include <polkit/polkit.h>
+#include <polkit/polkitprivate.h>
+
+#include "polkitbackendauthority.h"
+#include "polkitbackendserver.h"
+
+struct _PolkitBackendServer
+{
+ GObject parent_instance;
+
+ PolkitBackendAuthority *authority;
+};
+
+struct _PolkitBackendServerClass
+{
+ GObjectClass parent_class;
+};
+
+static void authority_iface_init (_PolkitAuthorityIface *authority_iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitBackendServer, polkit_backend_server, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (_POLKIT_TYPE_AUTHORITY, authority_iface_init)
+ );
+
+static void
+polkit_backend_server_init (PolkitBackendServer *local_server)
+{
+}
+
+static void
+polkit_backend_server_finalize (GObject *object)
+{
+ PolkitBackendServer *server;
+
+ server = POLKIT_BACKEND_SERVER (object);
+
+ g_object_unref (server->authority);
+}
+
+static void
+polkit_backend_server_class_init (PolkitBackendServerClass *klass)
+{
+ GObjectClass *gobject_class;
+
+ gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_backend_server_finalize;
+}
+
+PolkitBackendServer *
+polkit_backend_server_new (PolkitBackendAuthority *authority)
+{
+ PolkitBackendServer *server;
+
+ server = POLKIT_BACKEND_SERVER (g_object_new (POLKIT_BACKEND_TYPE_SERVER, NULL));
+
+ server->authority = g_object_ref (authority);
+
+ return server;
+}
+
+static void
+authority_handle_enumerate_actions (_PolkitAuthority *instance,
+ const gchar *locale,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance);
+ EggDBusArraySeq *array;
+ GList *actions;
+ GList *l;
+
+ actions = polkit_backend_authority_enumerate_actions (server->authority, locale);
+
+ array = egg_dbus_array_seq_new (_POLKIT_TYPE_ACTION_DESCRIPTION, NULL, NULL, NULL);
+
+ for (l = actions; l != NULL; l = l->next)
+ {
+ PolkitActionDescription *ad = POLKIT_ACTION_DESCRIPTION (l->data);
+ egg_dbus_array_seq_add (array, polkit_action_description_get_real (ad));
+ }
+
+ _polkit_authority_handle_enumerate_actions_finish (method_invocation, array);
+
+ g_object_unref (array);
+
+ g_list_foreach (actions, (GFunc) g_object_unref, NULL);
+ g_list_free (actions);
+}
+
+static void
+authority_iface_init (_PolkitAuthorityIface *authority_iface)
+{
+ authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
+}
diff --git a/src/polkitbackend/polkitbackendserver.h b/src/polkitbackend/polkitbackendserver.h
new file mode 100644
index 0000000..95567bf
--- /dev/null
+++ b/src/polkitbackend/polkitbackendserver.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_BACKEND_SERVER_H
+#define __POLKIT_BACKEND_SERVER_H
+
+#include <glib-object.h>
+#include "polkitbackendtypes.h"
+
+G_BEGIN_DECLS
+
+#define POLKIT_BACKEND_TYPE_SERVER (polkit_backend_server_get_type ())
+#define POLKIT_BACKEND_SERVER(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_BACKEND_TYPE_SERVER, PolkitBackendServer))
+#define POLKIT_BACKEND_SERVER_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_BACKEND_TYPE_SERVER, PolkitBackendServerClass))
+#define POLKIT_BACKEND_SERVER_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_BACKEND_TYPE_SERVER,PolkitBackendServerClass))
+#define POLKIT_BACKEND_IS_SERVER(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_SERVER))
+#define POLKIT_BACKEND_IS_SERVER_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_SERVER))
+
+typedef struct _PolkitBackendServerClass PolkitBackendServerClass;
+
+GType polkit_backend_server_get_type (void) G_GNUC_CONST;
+
+PolkitBackendServer *polkit_backend_server_new (PolkitBackendAuthority *authority);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_SERVER_H */
+
diff --git a/src/polkitbackend/polkitbackendtypes.h b/src/polkitbackend/polkitbackendtypes.h
new file mode 100644
index 0000000..715adda
--- /dev/null
+++ b/src/polkitbackend/polkitbackendtypes.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_BACKEND_TYPES_H
+#define __POLKIT_BACKEND_TYPES_H
+
+#include <glib-object.h>
+
+struct _PolkitBackendAuthority;
+typedef struct _PolkitBackendAuthority PolkitBackendAuthority;
+
+struct _PolkitBackendServer;
+typedef struct _PolkitBackendServer PolkitBackendServer;
+
+#endif /* __POLKIT_BACKEND_TYPES_H */
+
diff --git a/src/polkitd/Makefile.am b/src/polkitd/Makefile.am
index f1b54dd..24e9551 100644
--- a/src/polkitd/Makefile.am
+++ b/src/polkitd/Makefile.am
@@ -12,6 +12,7 @@ INCLUDES = \
-DPACKAGE_LIB_DIR=\""$(libdir)"\" \
-D_POSIX_PTHREAD_SEMANTICS \
-D_REENTRANT \
+ -DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
libexec_PROGRAMS = polkitd-1
diff --git a/src/polkitd/main.c b/src/polkitd/main.c
index 9fc6bb6..ab43694 100644
--- a/src/polkitd/main.c
+++ b/src/polkitd/main.c
@@ -24,13 +24,24 @@
#endif
#include <polkit/polkit.h>
+#include <polkit/polkitprivate.h>
+
#include <polkitbackend/polkitbackend.h>
-static PolkitAuthority *
+static _PolkitAuthority *
get_authority_backend (void)
{
+ PolkitBackendAuthority *authority;
+ PolkitBackendServer *server;
+
/* TODO: use extension points etc. */
- return POLKIT_AUTHORITY (polkit_backend_local_authority_new ());
+ authority = polkit_backend_local_authority_new ();
+
+ server = polkit_backend_server_new (authority);
+
+ g_object_unref (authority);
+
+ return _POLKIT_AUTHORITY (server);
}
int
@@ -41,24 +52,25 @@ main (int argc, char **argv)
GError *error;
GMainLoop *loop;
EggDBusConnection *connection;
- PolkitAuthority *authority;
+ _PolkitAuthority *authority;
ret = 1;
+ authority = NULL;
+ connection = NULL;
g_type_init ();
- polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
loop = g_main_loop_new (NULL, FALSE);
connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
error = NULL;
- if (!egg_dbus_bus_invoke_request_name_sync (egg_dbus_connection_get_bus_proxy (connection),
- 0, /* call flags */
- "org.freedesktop.PolicyKit1",
- 0, /* flags */
- &rn_ret,
- NULL,
- &error))
+ if (!egg_dbus_bus_request_name_sync (egg_dbus_connection_get_bus (connection),
+ EGG_DBUS_CALL_FLAGS_NONE,
+ "org.freedesktop.PolicyKit1",
+ EGG_DBUS_REQUEST_NAME_FLAGS_NONE,
+ &rn_ret,
+ NULL,
+ &error))
{
g_warning ("error: %s", error->message);
g_error_free (error);
@@ -73,16 +85,20 @@ main (int argc, char **argv)
authority = get_authority_backend ();
- egg_dbus_connection_export_object (connection,
- G_OBJECT (authority),
- "/org/freedesktop/PolicyKit1/Authority");
+ egg_dbus_connection_register_interface (connection,
+ "/org/freedesktop/PolicyKit1/Authority",
+ _POLKIT_TYPE_AUTHORITY,
+ G_OBJECT (authority),
+ G_TYPE_INVALID);
g_main_loop_run (loop);
- g_object_unref (authority);
- g_object_unref (connection);
ret = 0;
out:
+ if (authority != NULL)
+ g_object_unref (authority);
+ if (connection != NULL)
+ g_object_unref (connection);
return ret;
}
diff --git a/src/programs/polkit-verify-claim.c b/src/programs/polkit-verify-claim.c
index 7199339..fb22b6a 100644
--- a/src/programs/polkit-verify-claim.c
+++ b/src/programs/polkit-verify-claim.c
@@ -21,26 +21,49 @@
#include <polkit/polkit.h>
-int
-main (int argc, char *argv[])
+static PolkitAuthority *authority;
+
+static void
+list_actions (void)
{
GError *error;
- PolkitAuthority *authority;
- gchar *result;
+ GList *actions;
+ GList *l;
+
+ error = NULL;
+ actions = polkit_authority_enumerate_actions_sync (authority,
+ "",
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_printerr ("Error enumerating actions: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (l = actions; l != NULL; l = l->next)
+ {
+ PolkitActionDescription *action = POLKIT_ACTION_DESCRIPTION (l->data);
+
+ g_print ("%s\n", polkit_action_description_get_action_id (action));
+ }
+ g_list_foreach (actions, (GFunc) g_object_unref, NULL);
+ g_list_free (actions);
+
+ out:
+ ;
+}
+
+int
+main (int argc, char *argv[])
+{
g_type_init ();
authority = polkit_authority_get ();
- error = NULL;
- polkit_authority_invoke_say_hello_sync (authority,
- 0, /* call_flags */
- "Hi there!",
- &result,
- NULL,
- &error);
- g_print ("Authority replied: %s\n", result);
- g_free (result);
+ list_actions ();
g_object_unref (authority);
commit fce5a409add45140c87658ea0c019a9dac94dfad
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Dec 8 01:33:00 2008 -0500
keep up with EggDBus HEAD, in the removal of _async() and addition of sync()
http://cgit.freedesktop.org/~david/eggdbus/commit/?id=27afdc7a49ee49290e048364500d5c549f8ac614
diff --git a/src/polkitd/main.c b/src/polkitd/main.c
index 05e9bae..9fc6bb6 100644
--- a/src/polkitd/main.c
+++ b/src/polkitd/main.c
@@ -52,13 +52,13 @@ main (int argc, char **argv)
connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
error = NULL;
- if (!egg_dbus_bus_invoke_request_name (egg_dbus_connection_get_bus_proxy (connection),
- 0, /* call flags */
- "org.freedesktop.PolicyKit1",
- 0, /* flags */
- &rn_ret,
- NULL,
- &error))
+ if (!egg_dbus_bus_invoke_request_name_sync (egg_dbus_connection_get_bus_proxy (connection),
+ 0, /* call flags */
+ "org.freedesktop.PolicyKit1",
+ 0, /* flags */
+ &rn_ret,
+ NULL,
+ &error))
{
g_warning ("error: %s", error->message);
g_error_free (error);
diff --git a/src/programs/polkit-verify-claim.c b/src/programs/polkit-verify-claim.c
index 87f1a5c..7199339 100644
--- a/src/programs/polkit-verify-claim.c
+++ b/src/programs/polkit-verify-claim.c
@@ -33,12 +33,12 @@ main (int argc, char *argv[])
authority = polkit_authority_get ();
error = NULL;
- polkit_authority_invoke_say_hello (authority,
- 0, /* call_flags */
- "Hi there!",
- &result,
- NULL,
- &error);
+ polkit_authority_invoke_say_hello_sync (authority,
+ 0, /* call_flags */
+ "Hi there!",
+ &result,
+ NULL,
+ &error);
g_print ("Authority replied: %s\n", result);
g_free (result);
commit 88e43be5fd3cd49a04c3e6a5c75bd3d9e7308cf8
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 17:55:36 2008 -0500
rework AuthorizationClaim to be a GInterface so we can pass it over D-Bus
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index d3e2fd5..85826d9 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -30,6 +30,16 @@
</annotation>
+ <!-- User defined struct for AuthorizationClaim -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="AuthorizationClaim">
+ <annotation name="org.gtk.EggDBus.Struct.Signature" value="((sa{sv})sa{ss})"/>
+
+ <!-- element 0: (sa{sv}): subject -->
+ <!-- element 1: string: action-id -->
+ <!-- element 2: map<string,string>: attributes -->
+
+ </annotation>
+
<!-- The error domain used for reporting errors -->
<annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.Failed">
@@ -70,5 +80,14 @@
<arg name="action_descriptions" direction="out" type="a(ssssssa{ss})"/>
</method>
+ <method name="CheckClaim">
+ <arg name="claim" direction="in" type="((sa{sv})sa{ss})">
+ <annotation name="org.gtk.EggDBus.StructType" value="AuthorizationClaim"/>
+ </arg>
+ <arg name="result" direction="out" type="i">
+ <annotation name="org.gtk.EggDBus.EnumType" value="AuthorizationResult"/>
+ </arg>
+ </method>
+
</interface>
</node>
diff --git a/src/polkit/polkitauthorizationclaim.c b/src/polkit/polkitauthorizationclaim.c
index 33b852c..81b692f 100644
--- a/src/polkit/polkitauthorizationclaim.c
+++ b/src/polkit/polkitauthorizationclaim.c
@@ -22,280 +22,217 @@
#include "config.h"
#include <string.h>
#include "polkitauthorizationclaim.h"
+#include "polkitsubject.h"
/**
* SECTION:polkitauthorizationclaim
+ * @title: PolkitAuthorizationClaim
* @short_description: Authorization Claim
- * @include: polkit/polkit.h
*
* Represents an authorization claim.
*/
-/*--------------------------------------------------------------------------------------------------------------*/
-
-struct _PolkitAuthorizationClaimPrivate
+static void
+base_init (gpointer g_iface)
{
- PolkitSubject *subject;
- char *action_id;
- GHashTable *attributes;
-};
-
-enum {
- PROP_0,
- PROP_SUBJECT,
- PROP_ACTION_ID,
- PROP_ATTRIBUTES,
-};
-
-G_DEFINE_TYPE (PolkitAuthorizationClaim, polkit_authorization_claim, G_TYPE_OBJECT)
-
-#define POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimPrivate))
+}
-static void
-polkit_authorization_claim_get_property (GObject *object,
- guint prop_id,
- GValue *value,
- GParamSpec *pspec)
+GType
+polkit_authorization_claim_get_type (void)
{
- PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+ static GType iface_type = 0;
- switch (prop_id)
+ if (iface_type == 0)
{
- case PROP_SUBJECT:
- g_value_set_object (value, authorization_claim->priv->subject);
- break;
+ static const GTypeInfo info =
+ {
+ sizeof (PolkitAuthorizationClaimIface),
+ base_init, /* base_init */
+ NULL, /* base_finalize */
+ NULL, /* class_init */
+ NULL, /* class_finalize */
+ NULL, /* class_data */
+ 0, /* instance_size */
+ 0, /* n_preallocs */
+ NULL, /* instance_init */
+ NULL /* value_table */
+ };
+
+ iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitAuthorizationClaim", &info, 0);
+
+ g_type_interface_add_prerequisite (iface_type, EGG_DBUS_TYPE_STRUCTURE);
+ }
- case PROP_ACTION_ID:
- g_value_set_string (value, authorization_claim->priv->action_id);
- break;
+ return iface_type;
+}
- case PROP_ATTRIBUTES:
- g_value_set_boxed (value, authorization_claim->priv->attributes);
- break;
+#define AUTHORIZATION_CLAIM_SIGNATURE "((sa{sv})sa{ss})"
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
+/**
+ * polkit_authorization_claim_new:
+ * @subject: The subject the claim is for.
+ * @action_id: The action identifier for the PolicyKit action the claim is about.
+ *
+ * Constructs a new #PolkitAuthorizationClaim representing a claim that @subject is authorized for @action_id.
+ *
+ * Returns: A #PolkitAuthorizationClaim.
+ */
+PolkitAuthorizationClaim *
+polkit_authorization_claim_new (PolkitSubject *subject,
+ const gchar *action_id)
+{
+ GValue *values;
+ EggDBusHashTable *attributes;
+
+ attributes = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ (GDestroyNotify) g_free,
+ (GDestroyNotify) g_object_unref);
+ egg_dbus_hash_table_set_signature (attributes, "s", "s");
+
+ values = g_new0 (GValue, 3);
+ g_value_init (&(values[0]), POLKIT_TYPE_SUBJECT);
+ g_value_set_object (&(values[0]), subject);
+ g_value_init (&(values[1]), G_TYPE_STRING);
+ g_value_set_string (&(values[1]), action_id);
+ g_value_init (&(values[2]), EGG_DBUS_TYPE_HASH_TABLE);
+ g_value_take_boxed (&(values[2]), attributes);
+
+ return POLKIT_AUTHORIZATION_CLAIM (egg_dbus_structure_new (AUTHORIZATION_CLAIM_SIGNATURE, 3, values));
}
-static void
-polkit_authorization_claim_set_property (GObject *object,
- guint prop_id,
- const GValue *value,
- GParamSpec *pspec)
+/**
+ * polkit_authorization_claim_get_subject:
+ * @authorization_claim: A #PolkitAuthorizationClaim.
+ *
+ * Gets the subject for @authorization_claim.
+ *
+ * Returns: A #PolkitSubject instance owned by @authorization_claim. Do not free.
+ **/
+PolkitSubject *
+polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim)
{
- PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
-
- switch (prop_id)
- {
- case PROP_SUBJECT:
- polkit_authorization_claim_set_subject (authorization_claim, POLKIT_SUBJECT (g_value_get_object (value)));
- break;
-
- case PROP_ACTION_ID:
- polkit_authorization_claim_set_action_id (authorization_claim, g_value_get_string (value));
- break;
+ PolkitSubject *subject;
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0, NULL);
-static void
-polkit_authorization_claim_init (PolkitAuthorizationClaim *authorization_claim)
-{
- authorization_claim->priv = POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE (authorization_claim);
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (authorization_claim),
+ 0, &subject,
+ -1);
- authorization_claim->priv->attributes = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
+ return subject;
}
-static void
-polkit_authorization_claim_finalize (GObject *object)
+/**
+ * polkit_authorization_claim_get_action_id:
+ * @authorization_claim: A #PolkitAuthorizationClaim.
+ *
+ * Gets the action identifier for @authorization_claim.
+ *
+ * Returns: A string owned by @authorization_claim. Do not free.
+ **/
+const gchar *
+polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim)
{
- PolkitAuthorizationClaim *authorization_claim;
+ const gchar *action_id;
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (object));
-
- authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0, NULL);
- if (authorization_claim->priv->subject != NULL)
- g_object_unref (authorization_claim->priv->subject);
- g_free (authorization_claim->priv->action_id);
- g_hash_table_unref (authorization_claim->priv->attributes);
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (authorization_claim),
+ 1, &action_id,
+ -1);
- G_OBJECT_CLASS (polkit_authorization_claim_parent_class)->finalize (object);
+ return action_id;
}
-static void
-polkit_authorization_claim_class_init (PolkitAuthorizationClaimClass *klass)
+/**
+ * polkit_authorization_claim_get_attributes:
+ * @authorization_claim: A #PolkitAuthorizationClaim.
+ *
+ * Gets the attributes for @authorization_claim.
+ *
+ * Returns: A #GHashTable owned by @authorization_claim. Do not free or modify.
+ **/
+GHashTable *
+polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim)
{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->get_property = polkit_authorization_claim_get_property;
- object_class->set_property = polkit_authorization_claim_set_property;
- object_class->finalize = polkit_authorization_claim_finalize;
-
- /**
- * PolkitAuthorizationClaim:subject:
- *
- * The subject making the authorization claim.
- */
- g_object_class_install_property (object_class,
- PROP_SUBJECT,
- g_param_spec_object ("subject",
- "subject",
- "The subject making the authorization claim",
- POLKIT_TYPE_SUBJECT,
- G_PARAM_CONSTRUCT |
- G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitAuthorizationClaim:action-id:
- *
- * The action id for the authorization claim.
- */
- g_object_class_install_property (object_class,
- PROP_ACTION_ID,
- g_param_spec_string ("action-id",
- "action-id",
- "The action for the authorization claim",
- NULL,
- G_PARAM_CONSTRUCT |
- G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitAuthorizationClaim:attributes:
- *
- * A #GHashTable from strings into the strings containing
- * attributes for the claim.
- */
- g_object_class_install_property (object_class,
- PROP_ATTRIBUTES,
- g_param_spec_boxed ("attributes",
- "attributes",
- "The attributes for the authorization claim",
- G_TYPE_HASH_TABLE,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- g_type_class_add_private (klass, sizeof (PolkitAuthorizationClaimPrivate));
-}
+ GHashTable *attributes;
-PolkitSubject *
-polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim)
-{
g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- return g_object_ref (authorization_claim->priv->subject);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0, NULL);
+
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (authorization_claim),
+ 2, &attributes,
+ -1);
+
+ return attributes;
}
+/**
+ * polkit_authorization_claim_set_subject:
+ * @authorization_claim: A #PolkitAuthorizationClaim.
+ * @subject: A #PolkitSubject.
+ *
+ * Sets the subject of @authorization_claim to @subject.
+ **/
void
polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
PolkitSubject *subject)
{
g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (POLKIT_IS_SUBJECT (subject));
+ g_return_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0);
- if (!polkit_subject_equal (authorization_claim->priv->subject, subject)) {
- if (authorization_claim->priv->subject != NULL)
- g_object_unref (authorization_claim->priv->subject);
- authorization_claim->priv->subject = g_object_ref (subject);
- }
-}
-
-gchar *
-polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim)
-{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- return g_strdup (authorization_claim->priv->action_id);
+ egg_dbus_structure_set_element (EGG_DBUS_STRUCTURE (authorization_claim),
+ 0, subject,
+ -1);
}
+/**
+ * polkit_authorization_claim_set_action_id:
+ * @authorization_claim: A #PolkitAuthorizationClaim.
+ * @action_id: The action identifier for the PolicyKit action the claim is about.
+ *
+ * Sets the PolicyKit action for @authorization_claim to @action_id.
+ **/
void
polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
const gchar *action_id)
{
g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0);
g_return_if_fail (action_id != NULL);
- if (authorization_claim->priv->action_id == NULL ||
- strcmp (authorization_claim->priv->action_id, action_id) != 0) {
- g_free (authorization_claim->priv->action_id);
- authorization_claim->priv->action_id = g_strdup (action_id);
- g_object_notify (G_OBJECT (authorization_claim), "action-id");
- }
+ egg_dbus_structure_set_element (EGG_DBUS_STRUCTURE (authorization_claim),
+ 1, action_id,
+ -1);
}
/**
- * polkit_authorization_claim_get_attributes:
+ * polkit_authorization_claim_set_attribute:
* @authorization_claim: A #PolkitAuthorizationClaim.
+ * @key: Key of the attribute.
+ * @value: Value of the attribute or %NULL to clear the attribute for @key.
*
- * Gets the attributes (a #GHashTable mapping strings to strings) for
- * @authorization_claim.
- *
- * Returns: A #GHashTable. Caller should not free it, it is owned by
- * @authorization_claim.
+ * Sets or clear an attribute of @authorization_claim.
**/
-GHashTable *
-polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim)
-{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- return authorization_claim->priv->attributes;
-}
-
-char *
-polkit_authorization_claim_get_attribute (PolkitAuthorizationClaim *authorization_claim,
- const gchar *key)
-{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- g_return_val_if_fail (key != NULL, NULL);
-
- return g_strdup (g_hash_table_lookup (authorization_claim->priv->attributes, key));
-}
-
void
-polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
- const gchar *key,
- const gchar *value)
+polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *key,
+ const gchar *value)
{
+ EggDBusHashTable *attributes;
+
g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (authorization_claim)), AUTHORIZATION_CLAIM_SIGNATURE) == 0);
g_return_if_fail (key != NULL);
+ attributes = polkit_authorization_claim_get_attributes (authorization_claim);
+
if (value == NULL)
- {
- g_hash_table_remove (authorization_claim->priv->attributes, key);
- }
+ g_hash_table_remove (attributes, key);
else
- {
- g_hash_table_replace (authorization_claim->priv->attributes,
- g_strdup (key),
- g_strdup (value));
- }
+ g_hash_table_insert (attributes, g_strdup (key), g_strdup (value));
}
-
-PolkitAuthorizationClaim *
-polkit_authorization_claim_new (PolkitSubject *subject,
- const gchar *action_id)
-{
- PolkitAuthorizationClaim *authorization_claim;
-
- authorization_claim = POLKIT_AUTHORIZATION_CLAIM (g_object_new (POLKIT_TYPE_AUTHORIZATION_CLAIM,
- "subject", subject,
- "action-id", action_id,
- NULL));
-
- return authorization_claim;
-}
diff --git a/src/polkit/polkitauthorizationclaim.h b/src/polkit/polkitauthorizationclaim.h
index ab481ca..df948f5 100644
--- a/src/polkit/polkitauthorizationclaim.h
+++ b/src/polkit/polkitauthorizationclaim.h
@@ -31,43 +31,37 @@
G_BEGIN_DECLS
-#define POLKIT_TYPE_AUTHORIZATION_CLAIM (polkit_authorization_claim_get_type ())
+#define POLKIT_TYPE_AUTHORIZATION_CLAIM (polkit_authorization_claim_get_type())
#define POLKIT_AUTHORIZATION_CLAIM(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaim))
-#define POLKIT_AUTHORIZATION_CLAIM_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimClass))
#define POLKIT_IS_AUTHORIZATION_CLAIM(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM))
-#define POLKIT_IS_AUTHORIZATION_CLAIM_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORIZATION_CLAIM))
-#define POLKIT_AUTHORIZATION_CLAIM_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimClass))
+#define POLKIT_AUTHORIZATION_CLAIM_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimIface))
-typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim;
-typedef struct _PolkitAuthorizationClaimClass PolkitAuthorizationClaimClass;
-typedef struct _PolkitAuthorizationClaimPrivate PolkitAuthorizationClaimPrivate;
+#if 0
+typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim; /* Dummy typedef */
+#endif
+typedef struct _PolkitAuthorizationClaimIface PolkitAuthorizationClaimIface;
-struct _PolkitAuthorizationClaim
+struct _PolkitAuthorizationClaimIface
{
- GObject parent_instance;
- PolkitAuthorizationClaimPrivate *priv;
+ GTypeInterface g_iface;
};
-struct _PolkitAuthorizationClaimClass
-{
- GObjectClass parent_class;
-};
+GType polkit_authorization_claim_get_type (void) G_GNUC_CONST;
+PolkitAuthorizationClaim *polkit_authorization_claim_new (PolkitSubject *subject,
+ const gchar *action_id);
+
+void polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
+ PolkitSubject *subject);
+void polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *action_id);
+void polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *key,
+ const gchar *value);
+
+PolkitSubject *polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim);
+const gchar *polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim);
+GHashTable *polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim);
-GType polkit_authorization_claim_get_type (void) G_GNUC_CONST;
-PolkitAuthorizationClaim * polkit_authorization_claim_new (PolkitSubject *subject,
- const gchar *action_id);
-PolkitSubject * polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim);
-void polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
- PolkitSubject *subject);
-gchar * polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim);
-void polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
- const gchar *action_id);
-GHashTable * polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim);
-char * polkit_authorization_claim_get_attribute (PolkitAuthorizationClaim *authorization_claim,
- const gchar *key);
-void polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
- const gchar *key,
- const gchar *value);
G_END_DECLS
commit f7ee1f5f07831039f23243f8bb92654bfe11d3f6
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 16:59:50 2008 -0500
fix up namespacing for backend
the namespace is PolkitBackend so use POLKIT_BACKEND_TYPE rather than
POLKIT_TYPE_BACKEND.
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index 4f2c389..1edfaf0 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -71,7 +71,7 @@
<xi:include href="xml/polkitsubject.xml"/>
<chapter id="extending">
<title>Extending PolicyKit</title>
- <xi:include href="../polkitbackend/xml/polkitbackendlocal.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendlocalauthority.xml"/>
<xi:include href="../polkitbackend/xml/polkitbackendactionpool.xml"/>
</chapter>
</reference>
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
index 32285a1..d81b0f9 100644
--- a/src/polkitbackend/polkitbackendactionpool.c
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -98,7 +98,7 @@ enum
PROP_DIRECTORY,
};
-#define POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_ACTION_POOL, PolkitBackendActionPoolPrivate))
+#define POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_ACTION_POOL, PolkitBackendActionPoolPrivate))
G_DEFINE_TYPE (PolkitBackendActionPool, polkit_backend_action_pool, G_TYPE_OBJECT);
@@ -231,7 +231,7 @@ polkit_backend_action_pool_new (GFile *directory)
{
PolkitBackendActionPool *pool;
- pool = POLKIT_BACKEND_ACTION_POOL (g_object_new (POLKIT_TYPE_BACKEND_ACTION_POOL,
+ pool = POLKIT_BACKEND_ACTION_POOL (g_object_new (POLKIT_BACKEND_TYPE_ACTION_POOL,
"directory", directory,
NULL));
diff --git a/src/polkitbackend/polkitbackendactionpool.h b/src/polkitbackend/polkitbackendactionpool.h
index 49e9570..ace9151 100644
--- a/src/polkitbackend/polkitbackendactionpool.h
+++ b/src/polkitbackend/polkitbackendactionpool.h
@@ -30,12 +30,12 @@
G_BEGIN_DECLS
-#define POLKIT_TYPE_BACKEND_ACTION_POOL (polkit_backend_action_pool_get_type ())
-#define POLKIT_BACKEND_ACTION_POOL(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_ACTION_POOL, PolkitBackendActionPool))
-#define POLKIT_BACKEND_ACTION_POOL_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND_ACTION_POOL, PolkitBackendActionPoolClass))
-#define POLKIT_BACKEND_ACTION_POOL_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_ACTION_POOL,PolkitBackendActionPoolClass))
-#define POLKIT_BACKEND_IS_ACTION_POOL(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_ACTION_POOL))
-#define POLKIT_BACKEND_IS_ACTION_POOL_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_ACTION_POOL))
+#define POLKIT_BACKEND_TYPE_ACTION_POOL (polkit_backend_action_pool_get_type ())
+#define POLKIT_BACKEND_ACTION_POOL(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_BACKEND_TYPE_ACTION_POOL, PolkitBackendActionPool))
+#define POLKIT_BACKEND_ACTION_POOL_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_BACKEND_TYPE_ACTION_POOL, PolkitBackendActionPoolClass))
+#define POLKIT_BACKEND_ACTION_POOL_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_BACKEND_TYPE_ACTION_POOL,PolkitBackendActionPoolClass))
+#define POLKIT_BACKEND_IS_ACTION_POOL(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_ACTION_POOL))
+#define POLKIT_BACKEND_IS_ACTION_POOL_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_ACTION_POOL))
typedef struct _PolkitBackendActionPool PolkitBackendActionPool;
typedef struct _PolkitBackendActionPoolClass PolkitBackendActionPoolClass;
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 9ca675f..fcac673 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -41,7 +41,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocalAuthority, polkit_backend_local_autho
authority_iface_init)
);
-#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
static void
@@ -87,7 +87,7 @@ polkit_backend_local_authority_new (void)
{
PolkitBackendLocalAuthority *local_authority;
- local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (g_object_new (POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY,
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (g_object_new (POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY,
NULL));
return local_authority;
diff --git a/src/polkitbackend/polkitbackendlocalauthority.h b/src/polkitbackend/polkitbackendlocalauthority.h
index 0dd4f35..8aa2619 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.h
+++ b/src/polkitbackend/polkitbackendlocalauthority.h
@@ -30,12 +30,12 @@
G_BEGIN_DECLS
-#define POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY (polkit_backend_local_authority_get_type ())
-#define POLKIT_BACKEND_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY, PolkitBackendLocalAuthority))
-#define POLKIT_BACKEND_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityClass))
-#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY,PolkitBackendLocalAuthorityClass))
-#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY))
-#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY))
+#define POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY (polkit_backend_local_authority_get_type ())
+#define POLKIT_BACKEND_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthority))
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityClass))
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY,PolkitBackendLocalAuthorityClass))
+#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY))
+#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY))
typedef struct _PolkitBackendLocalAuthority PolkitBackendLocalAuthority;
typedef struct _PolkitBackendLocalAuthorityClass PolkitBackendLocalAuthorityClass;
commit 14013ef2833feac77883536ba4054e6af31d16ad
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 16:44:11 2008 -0500
port the .policy file parser and implement EnumerateActions
Also added Danish translations to test that translations work
$ dbus-send --system --print-reply --dest=org.freedesktop.PolicyKit1 /org/freedesktop/PolicyKit1/Authority org.freedesktop.PolicyKit1.Authority.EnumerateActions string:da
method return sender=:1.4481 -> dest=:1.4483 reply_serial=2
array [
struct {
string "org.freedesktop.policykit.modify-defaults"
string "Konfigurer implicit autorisering"
string "Autentificering er påkrævet for ændre implicit autorisering"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.read"
string "Læs andre brugers autoriseringer"
string "Autentificering er påkrævet for at læse andre brugers autoriseringer"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
dict entry(
string "org.freedesktop.PolicyKit.run-as-superuser.path"
string "/usr/bin/BlahBlaster"
)
]
}
struct {
string "org.freedesktop.policykit.grant"
string "Autoriser en anden bruger"
string "Autentificering er påkrævet for at autorisere andre brugere"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.revoke"
string "Fjern autorisering fra en anden bruger"
string "Autentificering er påkrævet for at fjerne en autosering fra en anden bruger"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
]
$ dbus-send --system --print-reply --dest=org.freedesktop.PolicyKit1 /org/freedesktop/PolicyKit1/Authority org.freedesktop.PolicyKit1.Authority.EnumerateActions string:
method return sender=:1.4481 -> dest=:1.4484 reply_serial=2
array [
struct {
string "org.freedesktop.policykit.modify-defaults"
string "Modify defaults for implicit authorizations"
string "Authentication is required to modify the defaults for implicit authorizations"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.read"
string "Read authorizations of other users"
string "Authentication is required to read authorizations of other users"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
dict entry(
string "org.freedesktop.PolicyKit.run-as-superuser.path"
string "/usr/bin/BlahBlaster"
)
]
}
struct {
string "org.freedesktop.policykit.grant"
string "Grant authorizations to other users"
string "Authentication is required to grant authorizations to other users"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.revoke"
string "Revoke authorizations from other users"
string "Authentication is required to revoke authorizations other users"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
]
diff --git a/configure.ac b/configure.ac
index cbd4a30..f10a8eb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -149,7 +149,7 @@ fi
# ********************
IT_PROG_INTLTOOL([0.40.0])
-GETTEXT_PACKAGE=polkit
+GETTEXT_PACKAGE=polkit-1
AC_SUBST([GETTEXT_PACKAGE])
AM_GLIB_GNU_GETTEXT
AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE],["$GETTEXT_PACKAGE"],[gettext domain])
diff --git a/po/LINGUAS b/po/LINGUAS
index b72d517..b6d2833 100644
--- a/po/LINGUAS
+++ b/po/LINGUAS
@@ -1,4 +1,3 @@
# please keep this list sorted alphabetically
#
-
-
+da
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 53c4283..61bc0ac 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -1,3 +1,4 @@
# List of source files containing translatable strings.
# Please keep this file sorted alphabetically.
[encoding: UTF-8]
+actions/org.freedesktop.policykit.policy.in
diff --git a/po/da.po b/po/da.po
new file mode 100644
index 0000000..0ff6eb5
--- /dev/null
+++ b/po/da.po
@@ -0,0 +1,51 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL at ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2008-12-07 16:14-0500\n"
+"PO-Revision-Date: 2008-12-07 16:17-0500\n"
+"Last-Translator: David Zeuthen <davidz at redhat.com>\n"
+"Language-Team: LANGUAGE <LL at li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:1
+msgid "Authentication is required to grant authorizations to other users"
+msgstr "Autentificering er påkrævet for at autorisere andre brugere"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:2
+msgid ""
+"Authentication is required to modify the defaults for implicit authorizations"
+msgstr "Autentificering er påkrævet for ændre implicit autorisering"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:3
+msgid "Authentication is required to read authorizations of other users"
+msgstr "Autentificering er påkrævet for at læse andre brugers autoriseringer"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:4
+msgid "Authentication is required to revoke authorizations other users"
+msgstr "Autentificering er påkrævet for at fjerne en autosering fra en anden bruger"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:5
+msgid "Grant authorizations to other users"
+msgstr "Autoriser en anden bruger"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:6
+msgid "Modify defaults for implicit authorizations"
+msgstr "Konfigurer implicit autorisering"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:7
+msgid "Read authorizations of other users"
+msgstr "Læs andre brugers autoriseringer"
+
+#: ../actions/org.freedesktop.policykit.policy.in.h:8
+msgid "Revoke authorizations from other users"
+msgstr "Fjern autorisering fra en anden bruger"
+
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 23f8ab5..2d31cb5 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -40,6 +40,7 @@ libpolkit_backend_1_la_LIBADD = \
$(GLIB_LIBS) \
$(EGG_DBUS_LIBS) \
$(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(EXPAT_LIBS) \
$(NULL)
CLEANFILES = $(BUILT_SOURCES)
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
index 17380fd..32285a1 100644
--- a/src/polkitbackend/polkitbackendactionpool.c
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -19,19 +19,77 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
+/* TODO: watch for directory / file changes */
+
#include "config.h"
#include <errno.h>
#include <pwd.h>
#include <string.h>
+#include <expat.h>
#include <polkit/polkit.h>
#include "polkitbackendactionpool.h"
-/* TODO: locking */
+typedef struct
+{
+ gchar *action_id;
+ gchar *vendor_name;
+ gchar *vendor_url;
+ gchar *icon_name;
+ gchar *description;
+ gchar *message;
+
+ /* each of these map from the locale identifer (e.g. da_DK) to the localized value */
+ GHashTable *localized_description;
+ GHashTable *localized_message;
+
+ /* this maps from annotation key (string) to annotation value (also a string) */
+ GHashTable *annotations;
+} ParsedAction;
+
+static void
+parsed_action_free (ParsedAction *action)
+{
+ g_free (action->action_id);
+ g_free (action->vendor_name);
+ g_free (action->vendor_url);
+ g_free (action->icon_name);
+ g_free (action->description);
+ g_free (action->message);
+
+ g_hash_table_unref (action->localized_description);
+ g_hash_table_unref (action->localized_message);
+
+ g_hash_table_unref (action->annotations);
+ g_free (action);
+}
+
+static gboolean process_policy_file (PolkitBackendActionPool *pool,
+ const gchar *xml,
+ GError **error);
+
+static void ensure_file (PolkitBackendActionPool *pool,
+ GFile *file);
+
+static void ensure_all_files (PolkitBackendActionPool *pool);
+
+static const gchar *_localize (GHashTable *translations,
+ const gchar *untranslated,
+ const gchar *lang);
typedef struct
{
+ /* directory with .policy files, e.g. /usr/share/polkit-1/actions */
GFile *directory;
+ /* maps from action_id to a ParsedAction struct */
+ GHashTable *parsed_actions;
+
+ /* maps from URI of parsed file to nothing */
+ GHashTable *parsed_files;
+
+ /* is TRUE only when we've read all files */
+ gboolean has_loaded_all_files;
+
} PolkitBackendActionPoolPrivate;
enum
@@ -50,6 +108,16 @@ polkit_backend_action_pool_init (PolkitBackendActionPool *pool)
PolkitBackendActionPoolPrivate *priv;
priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ priv->parsed_actions = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ NULL,
+ (GDestroyNotify) parsed_action_free);
+
+ priv->parsed_files = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ NULL);
}
static void
@@ -64,6 +132,12 @@ polkit_backend_action_pool_finalize (GObject *object)
if (priv->directory != NULL)
g_object_unref (priv->directory);
+ if (priv->parsed_actions != NULL)
+ g_hash_table_unref (priv->parsed_actions);
+
+ if (priv->parsed_files != NULL)
+ g_hash_table_unref (priv->parsed_files);
+
G_OBJECT_CLASS (polkit_backend_action_pool_parent_class)->finalize (object);
}
@@ -164,10 +238,76 @@ polkit_backend_action_pool_new (GFile *directory)
return pool;
}
-/* ---------------------------------------------------------------------------------------------------- */
+/**
+ * polkit_backend_action_pool_get_action:
+ * @pool: A #PolkitBackendActionPool.
+ * @action_id: A PolicyKit action identifier.
+ * @locale: The locale to get descriptions for or %NULL for system locale.
+ *
+ * Gets a #PolkitActionDescription object describing the action with identifier @action_id.
+ *
+ * Returns: A #PolkitActionDescription (free with g_object_unref()) or %NULL
+ * if @action_id isn't registered or valid.
+ **/
+PolkitActionDescription *
+polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool,
+ const gchar *action_id,
+ const gchar *locale)
+{
+ PolkitBackendActionPoolPrivate *priv;
+ PolkitActionDescription *ret;
+ ParsedAction *parsed_action;
+ gchar *description;
+ gchar *message;
+ GValue *values;
+
+ g_return_val_if_fail (POLKIT_BACKEND_IS_ACTION_POOL (pool), NULL);
+
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ /* TODO: just compute the name of the expected file and ensure it's parsed */
+ ensure_all_files (pool);
+
+ ret = NULL;
+
+ parsed_action = g_hash_table_lookup (priv->parsed_actions, action_id);
+ if (parsed_action == NULL)
+ {
+ g_warning ("Unknown action_id '%s'", action_id);
+ goto out;
+ }
+
+ description = g_strdup (_localize (parsed_action->localized_description,
+ parsed_action->description,
+ locale));
+ message = g_strdup (_localize (parsed_action->localized_message,
+ parsed_action->message,
+ locale));
+
+ values = g_new0 (GValue, 7);
+ g_value_init (&(values[0]), G_TYPE_STRING);
+ g_value_set_string (&(values[0]), parsed_action->action_id);
+ g_value_init (&(values[1]), G_TYPE_STRING);
+ g_value_set_string (&(values[1]), description != NULL ? description : g_strdup (""));
+ g_value_init (&(values[2]), G_TYPE_STRING);
+ g_value_set_string (&(values[2]), message != NULL ? message : g_strdup (""));
+ g_value_init (&(values[3]), G_TYPE_STRING);
+ g_value_set_string (&(values[3]), parsed_action->vendor_name != NULL ? parsed_action->vendor_name : g_strdup (""));
+ g_value_init (&(values[4]), G_TYPE_STRING);
+ g_value_set_string (&(values[4]), parsed_action->vendor_url != NULL ? parsed_action->vendor_url : g_strdup (""));
+ g_value_init (&(values[5]), G_TYPE_STRING);
+ g_value_set_string (&(values[5]), parsed_action->icon_name != NULL ? parsed_action->icon_name : g_strdup (""));
+ g_value_init (&(values[6]), G_TYPE_HASH_TABLE);
+ g_value_set_boxed (&(values[6]), parsed_action->annotations);
+
+ ret = POLKIT_ACTION_DESCRIPTION (egg_dbus_structure_new ("(ssssssa{ss})", 7, values));
+
+ out:
+ return ret;
+}
/**
- * polkit_backend_action_pool_get_localized_actions:
+ * polkit_backend_action_pool_get_all_actions:
* @pool: A #PolkitBackendActionPool.
* @locale: The locale to get descriptions for or %NULL for system locale.
*
@@ -178,19 +318,727 @@ polkit_backend_action_pool_new (GFile *directory)
* been unreffed with g_object_unref().
**/
GList *
-polkit_backend_action_pool_get_localized_actions (PolkitBackendActionPool *pool,
- const gchar *locale)
+polkit_backend_action_pool_get_all_actions (PolkitBackendActionPool *pool,
+ const gchar *locale)
{
GList *ret;
PolkitBackendActionPoolPrivate *priv;
+ GHashTableIter hash_iter;
+ const gchar *action_id;
g_return_val_if_fail (POLKIT_BACKEND_IS_ACTION_POOL (pool), NULL);
priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+ ensure_all_files (pool);
+
ret = NULL;
+ g_hash_table_iter_init (&hash_iter, priv->parsed_actions);
+ while (g_hash_table_iter_next (&hash_iter, (gpointer) &action_id, NULL))
+ {
+ PolkitActionDescription *action_desc;
+
+ action_desc = polkit_backend_action_pool_get_action (pool,
+ action_id,
+ locale);
+
+ if (action_desc != NULL)
+ ret = g_list_prepend (ret, action_desc);
+ }
+
+ ret = g_list_reverse (ret);
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+ensure_file (PolkitBackendActionPool *pool,
+ GFile *file)
+{
+ PolkitBackendActionPoolPrivate *priv;
+ gchar *contents;
+ GError *error;
+ gchar *uri;
+
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ uri = g_file_get_uri (file);
+
+ if (g_hash_table_lookup (priv->parsed_files, uri) != NULL)
+ goto out;
+
+ error = NULL;
+ if (!g_file_load_contents (file,
+ NULL,
+ &contents,
+ NULL,
+ NULL,
+ &error))
+ {
+ g_warning ("Error loading file with URI '%s': %s", uri, error->message);
+ goto out;
+ }
+
+ if (!process_policy_file (pool,
+ contents,
+ &error))
+ {
+ g_warning ("Error parsing file with URI '%s': %s", uri, error->message);
+ g_free (contents);
+ goto out;
+ }
+
+ g_free (contents);
+
+ /* steal uri */
+ g_hash_table_insert (priv->parsed_files, uri, NULL);
+ uri = NULL;
+
+ out:
+ g_free (uri);
+}
+
+static void
+ensure_all_files (PolkitBackendActionPool *pool)
+{
+ PolkitBackendActionPoolPrivate *priv;
+ GFileEnumerator *e;
+ GFileInfo *file_info;
+ GError *error;
+
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ e = NULL;
+
+ if (priv->has_loaded_all_files)
+ goto out;
+
+ error = NULL;
+ e = g_file_enumerate_children (priv->directory,
+ "standard::*",
+ G_FILE_QUERY_INFO_NONE,
+ NULL,
+ &error);
+ if (error != NULL)
+ {
+ g_warning ("Error enumerating files: %s", error->message);
+ goto out;
+ }
+
+ while ((file_info = g_file_enumerator_next_file (e, NULL, &error)) != NULL)
+ {
+ const gchar *name;
+
+ name = g_file_info_get_name (file_info);
+ /* only consider files with the right suffix */
+ if (g_str_has_suffix (name, ".policy"))
+ {
+ GFile *file;
+
+ file = g_file_get_child (priv->directory, name);
+
+ ensure_file (pool, file);
+
+ g_object_unref (file);
+ }
+
+ g_object_unref (file_info);
+
+ } /* for all files */
+
+ priv->has_loaded_all_files = TRUE;
+
+ out:
+
+ if (e != NULL)
+ g_object_unref (e);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+enum {
+ STATE_NONE,
+ STATE_UNKNOWN_TAG,
+ STATE_IN_POLICY_CONFIG,
+ STATE_IN_POLICY_VENDOR,
+ STATE_IN_POLICY_VENDOR_URL,
+ STATE_IN_POLICY_ICON_NAME,
+ STATE_IN_ACTION,
+ STATE_IN_ACTION_DESCRIPTION,
+ STATE_IN_ACTION_MESSAGE,
+ STATE_IN_ACTION_VENDOR,
+ STATE_IN_ACTION_VENDOR_URL,
+ STATE_IN_ACTION_ICON_NAME,
+ STATE_IN_DEFAULTS,
+ STATE_IN_DEFAULTS_ALLOW_ANY,
+ STATE_IN_DEFAULTS_ALLOW_INACTIVE,
+ STATE_IN_DEFAULTS_ALLOW_ACTIVE,
+ STATE_IN_ANNOTATE
+};
+
+#define PARSER_MAX_DEPTH 32
+
+typedef struct {
+ XML_Parser parser;
+ int state;
+ int state_stack[PARSER_MAX_DEPTH];
+ int stack_depth;
+
+ char *global_vendor;
+ char *global_vendor_url;
+ char *global_icon_name;
+
+ char *action_id;
+ char *vendor;
+ char *vendor_url;
+ char *icon_name;
+
+ //PolKitResult defaults_allow_any;
+ //PolKitResult defaults_allow_inactive;
+ //PolKitResult defaults_allow_active;
+
+ GHashTable *policy_descriptions;
+ GHashTable *policy_messages;
+
+ char *policy_description_nolang;
+ char *policy_message_nolang;
+
+ /* the value of xml:lang for the thing we're reading in _cdata() */
+ char *elem_lang;
+
+ char *annotate_key;
+ GHashTable *annotations;
+
+ PolkitBackendActionPool *pool;
+} ParserData;
+
+static void
+pd_unref_action_data (ParserData *pd)
+{
+ g_free (pd->action_id);
+ pd->action_id = NULL;
+
+ g_free (pd->vendor);
+ pd->vendor = NULL;
+ g_free (pd->vendor_url);
+ pd->vendor_url = NULL;
+ g_free (pd->icon_name);
+ pd->icon_name = NULL;
+
+ g_free (pd->policy_description_nolang);
+ pd->policy_description_nolang = NULL;
+ g_free (pd->policy_message_nolang);
+ pd->policy_message_nolang = NULL;
+ if (pd->policy_descriptions != NULL) {
+ g_hash_table_unref (pd->policy_descriptions);
+ pd->policy_descriptions = NULL;
+ }
+ if (pd->policy_messages != NULL) {
+ g_hash_table_unref (pd->policy_messages);
+ pd->policy_messages = NULL;
+ }
+ g_free (pd->annotate_key);
+ pd->annotate_key = NULL;
+ if (pd->annotations != NULL) {
+ g_hash_table_unref (pd->annotations);
+ pd->annotations = NULL;
+ }
+ g_free (pd->elem_lang);
+ pd->elem_lang = NULL;
+}
+
+static void
+pd_unref_data (ParserData *pd)
+{
+ pd_unref_action_data (pd);
+
+ g_free (pd->global_vendor);
+ pd->global_vendor = NULL;
+ g_free (pd->global_vendor_url);
+ pd->global_vendor_url = NULL;
+ g_free (pd->global_icon_name);
+ pd->global_icon_name = NULL;
+}
+
+static void
+_start (void *data, const char *el, const char **attr)
+{
+ guint state;
+ guint num_attr;
+ ParserData *pd = data;
+
+ for (num_attr = 0; attr[num_attr] != NULL; num_attr++)
+ ;
+
+ state = STATE_NONE;
+
+ switch (pd->state)
+ {
+ case STATE_NONE:
+ if (strcmp (el, "policyconfig") == 0)
+ {
+ state = STATE_IN_POLICY_CONFIG;
+ }
+ break;
+
+ case STATE_IN_POLICY_CONFIG:
+ if (strcmp (el, "action") == 0)
+ {
+ if (num_attr != 2 || strcmp (attr[0], "id") != 0)
+ goto error;
+ state = STATE_IN_ACTION;
+
+ //if (!polkit_action_validate_id (attr[1]))
+ // goto error;
+
+ pd_unref_action_data (pd);
+ pd->action_id = g_strdup (attr[1]);
+ pd->policy_descriptions = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+ pd->policy_messages = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+ pd->annotations = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+ /* initialize defaults */
+ //pd->defaults_allow_any = POLKIT_RESULT_NO;
+ //pd->defaults_allow_inactive = POLKIT_RESULT_NO;
+ //pd->defaults_allow_active = POLKIT_RESULT_NO;
+ }
+ else if (strcmp (el, "vendor") == 0 && num_attr == 0)
+ {
+ state = STATE_IN_POLICY_VENDOR;
+ }
+ else if (strcmp (el, "vendor_url") == 0 && num_attr == 0)
+ {
+ state = STATE_IN_POLICY_VENDOR_URL;
+ }
+ else if (strcmp (el, "icon_name") == 0 && num_attr == 0)
+ {
+ state = STATE_IN_POLICY_ICON_NAME;
+ }
+ break;
+
+ case STATE_IN_ACTION:
+ if (strcmp (el, "defaults") == 0)
+ {
+ state = STATE_IN_DEFAULTS;
+ }
+ else if (strcmp (el, "description") == 0)
+ {
+ if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0)
+ {
+ pd->elem_lang = g_strdup (attr[1]);
+ }
+ state = STATE_IN_ACTION_DESCRIPTION;
+ }
+ else if (strcmp (el, "message") == 0)
+ {
+ if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0)
+ {
+ pd->elem_lang = g_strdup (attr[1]);
+ }
+ state = STATE_IN_ACTION_MESSAGE;
+ }
+ else if (strcmp (el, "vendor") == 0 && num_attr == 0)
+ {
+ state = STATE_IN_ACTION_VENDOR;
+ }
+ else if (strcmp (el, "vendor_url") == 0 && num_attr == 0)
+ {
+ state = STATE_IN_ACTION_VENDOR_URL;
+ }
+ else if (strcmp (el, "icon_name") == 0 && num_attr == 0)
+ {
+ state = STATE_IN_ACTION_ICON_NAME;
+ }
+ else if (strcmp (el, "annotate") == 0)
+ {
+ if (num_attr != 2 || strcmp (attr[0], "key") != 0)
+ goto error;
+
+ state = STATE_IN_ANNOTATE;
+
+ g_free (pd->annotate_key);
+ pd->annotate_key = g_strdup (attr[1]);
+ }
+ break;
+
+ case STATE_IN_DEFAULTS:
+ if (strcmp (el, "allow_any") == 0)
+ state = STATE_IN_DEFAULTS_ALLOW_ANY;
+ else if (strcmp (el, "allow_inactive") == 0)
+ state = STATE_IN_DEFAULTS_ALLOW_INACTIVE;
+ else if (strcmp (el, "allow_active") == 0)
+ state = STATE_IN_DEFAULTS_ALLOW_ACTIVE;
+ break;
+
+ default:
+ break;
+ }
+
+ if (state == STATE_NONE)
+ {
+ g_warning ("skipping unknown tag <%s> at line %d",
+ el, (int) XML_GetCurrentLineNumber (pd->parser));
+ state = STATE_UNKNOWN_TAG;
+ }
+
+ pd->state = state;
+ pd->state_stack[pd->stack_depth] = pd->state;
+ pd->stack_depth++;
+ return;
+
+error:
+ XML_StopParser (pd->parser, FALSE);
+}
+
+static gboolean
+_validate_icon_name (const gchar *icon_name)
+{
+ guint n;
+ gboolean ret;
+ gsize len;
+
+ ret = FALSE;
+
+ len = strlen (icon_name);
+
+ /* check for common suffixes */
+ if (g_str_has_suffix (icon_name, ".png"))
+ goto out;
+ if (g_str_has_suffix (icon_name, ".jpg"))
+ goto out;
+
+ /* icon name cannot be a path */
+ for (n = 0; n < len; n++)
+ {
+ if (icon_name [n] == '/')
+ {
+ goto out;
+ }
+ }
+
+ ret = TRUE;
+
+out:
return ret;
}
+static void
+_cdata (void *data, const char *s, int len)
+{
+ gchar *str;
+ ParserData *pd = data;
+
+ str = g_strndup (s, len);
+
+ switch (pd->state)
+ {
+ case STATE_IN_ACTION_DESCRIPTION:
+ if (pd->elem_lang == NULL)
+ {
+ g_free (pd->policy_description_nolang);
+ pd->policy_description_nolang = str;
+ str = NULL;
+ }
+ else
+ {
+ g_hash_table_insert (pd->policy_descriptions,
+ g_strdup (pd->elem_lang),
+ str);
+ str = NULL;
+ }
+ break;
+
+ case STATE_IN_ACTION_MESSAGE:
+ if (pd->elem_lang == NULL)
+ {
+ g_free (pd->policy_message_nolang);
+ pd->policy_message_nolang = str;
+ str = NULL;
+ }
+ else
+ {
+ g_hash_table_insert (pd->policy_messages,
+ g_strdup (pd->elem_lang),
+ str);
+ str = NULL;
+ }
+ break;
+
+ case STATE_IN_POLICY_VENDOR:
+ g_free (pd->global_vendor);
+ pd->global_vendor = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_POLICY_VENDOR_URL:
+ g_free (pd->global_vendor_url);
+ pd->global_vendor_url = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_POLICY_ICON_NAME:
+ if (! _validate_icon_name (str))
+ {
+ g_warning ("Icon name '%s' is invalid", str);
+ goto error;
+ }
+ g_free (pd->global_icon_name);
+ pd->global_icon_name = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_ACTION_VENDOR:
+ g_free (pd->vendor);
+ pd->vendor = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_ACTION_VENDOR_URL:
+ g_free (pd->vendor_url);
+ pd->vendor_url = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_ACTION_ICON_NAME:
+ if (! _validate_icon_name (str))
+ {
+ g_warning ("Icon name '%s' is invalid", str);
+ goto error;
+ }
+
+ g_free (pd->icon_name);
+ pd->icon_name = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_DEFAULTS_ALLOW_ANY:
+ //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any))
+ // goto error;
+ break;
+
+ case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
+ //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive))
+ // goto error;
+ break;
+
+ case STATE_IN_DEFAULTS_ALLOW_ACTIVE:
+ //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active))
+ // goto error;
+ break;
+
+ case STATE_IN_ANNOTATE:
+ g_hash_table_insert (pd->annotations,
+ g_strdup (pd->annotate_key),
+ str);
+ str = NULL;
+ break;
+
+ default:
+ break;
+ }
+
+ g_free (str);
+ return;
+
+error:
+ g_free (str);
+ XML_StopParser (pd->parser, FALSE);
+}
+
+static void
+_end (void *data, const char *el)
+{
+ ParserData *pd = data;
+
+ g_free (pd->elem_lang);
+ pd->elem_lang = NULL;
+
+ switch (pd->state)
+ {
+ case STATE_IN_ACTION:
+ {
+ gchar *vendor;
+ gchar *vendor_url;
+ gchar *icon_name;
+ ParsedAction *action;
+ PolkitBackendActionPoolPrivate *priv;
+
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pd->pool);
+
+ vendor = pd->vendor;
+ if (vendor == NULL)
+ vendor = pd->global_vendor;
+
+ vendor_url = pd->vendor_url;
+ if (vendor_url == NULL)
+ vendor_url = pd->global_vendor_url;
+
+ icon_name = pd->icon_name;
+ if (icon_name == NULL)
+ icon_name = pd->global_icon_name;
+
+ action = g_new0 (ParsedAction, 1);
+ action->action_id = g_strdup (pd->action_id);
+ action->vendor_name = g_strdup (vendor);
+ action->vendor_url = g_strdup (vendor_url);
+ action->icon_name = g_strdup (icon_name);
+ action->description = g_strdup (pd->policy_description_nolang);
+ action->message = g_strdup (pd->policy_message_nolang);
+
+ action->localized_description = pd->policy_descriptions;
+ action->localized_message = pd->policy_messages;
+ action->annotations = pd->annotations;
+
+ g_hash_table_insert (priv->parsed_actions, action->action_id, action);
+
+ /* we steal these hash tables */
+ pd->annotations = NULL;
+ pd->policy_descriptions = NULL;
+ pd->policy_messages = NULL;
+
+ break;
+ }
+
+ default:
+ break;
+ }
+
+ --pd->stack_depth;
+ if (pd->stack_depth < 0 || pd->stack_depth >= PARSER_MAX_DEPTH)
+ {
+ g_warning ("reached max depth?");
+ goto error;
+ }
+
+ if (pd->stack_depth > 0)
+ pd->state = pd->state_stack[pd->stack_depth - 1];
+ else
+ pd->state = STATE_NONE;
+
+ return;
+
+error:
+ XML_StopParser (pd->parser, FALSE);
+}
+
+
/* ---------------------------------------------------------------------------------------------------- */
+
+static gboolean
+process_policy_file (PolkitBackendActionPool *pool,
+ const gchar *xml,
+ GError **error)
+{
+ gboolean ret;
+ ParserData pd;
+ int xml_res;
+
+ ret = FALSE;
+
+ /* clear parser data */
+ memset (&pd, 0, sizeof (ParserData));
+
+ pd.pool = pool;
+
+ pd.parser = XML_ParserCreate_MM (NULL, NULL, NULL);
+ pd.parser = XML_ParserCreate (NULL);
+ pd.stack_depth = 0;
+ XML_SetUserData (pd.parser, &pd);
+ XML_SetElementHandler (pd.parser, _start, _end);
+ XML_SetCharacterDataHandler (pd.parser, _cdata);
+
+ /* init parser data */
+ pd.state = STATE_NONE;
+
+ xml_res = XML_Parse (pd.parser, xml, strlen (xml), 1);
+
+ if (xml_res == 0)
+ {
+ if (XML_GetErrorCode (pd.parser) == XML_ERROR_NO_MEMORY)
+ {
+ abort ();
+ }
+ else
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "%d: parse error: %s",
+ (int) XML_GetCurrentLineNumber (pd.parser),
+ XML_ErrorString (XML_GetErrorCode (pd.parser)));
+ }
+ XML_ParserFree (pd.parser);
+ goto error;
+ }
+
+ XML_ParserFree (pd.parser);
+
+ return TRUE;
+
+error:
+ pd_unref_data (&pd);
+ return FALSE;
+}
+
+/**
+ * _localize:
+ * @translations: a mapping from xml:lang to the value, e.g. 'da' -> 'Smadre', 'en_CA' -> 'Punch, Aye!'
+ * @untranslated: the untranslated value, e.g. 'Punch'
+ * @lang: the locale we're interested in, e.g. 'da_DK', 'da', 'en_CA', 'en_US'; basically just $LANG
+ * with the encoding cut off. Maybe be NULL.
+ *
+ * Pick the correct translation to use.
+ *
+ * Returns: the localized string to use
+ */
+static const gchar *
+_localize (GHashTable *translations,
+ const gchar *untranslated,
+ const gchar *lang)
+{
+ const gchar *result;
+ gchar lang2[256];
+ guint n;
+
+ if (lang == NULL)
+ {
+ result = untranslated;
+ goto out;
+ }
+
+ /* first see if we have the translation */
+ result = (const char *) g_hash_table_lookup (translations, (void *) lang);
+ if (result != NULL)
+ goto out;
+
+ /* we could have a translation for 'da' but lang=='da_DK'; cut off the last part and try again */
+ strncpy (lang2, lang, sizeof (lang2));
+ for (n = 0; lang2[n] != '\0'; n++)
+ {
+ if (lang2[n] == '_')
+ {
+ lang2[n] = '\0';
+ break;
+ }
+ }
+ result = (const char *) g_hash_table_lookup (translations, (void *) lang2);
+ if (result != NULL)
+ goto out;
+
+ /* fall back to untranslated */
+ result = untranslated;
+
+out:
+ return result;
+}
diff --git a/src/polkitbackend/polkitbackendactionpool.h b/src/polkitbackend/polkitbackendactionpool.h
index 147a1f0..49e9570 100644
--- a/src/polkitbackend/polkitbackendactionpool.h
+++ b/src/polkitbackend/polkitbackendactionpool.h
@@ -63,10 +63,14 @@ struct _PolkitBackendActionPoolClass
void (*_polkit_reserved8) (void);
};
-GType polkit_backend_action_pool_get_type (void) G_GNUC_CONST;
-PolkitBackendActionPool *polkit_backend_action_pool_new (GFile *directory);
-GList *polkit_backend_action_pool_get_localized_actions (PolkitBackendActionPool *pool,
- const gchar *locale);
+GType polkit_backend_action_pool_get_type (void) G_GNUC_CONST;
+PolkitBackendActionPool *polkit_backend_action_pool_new (GFile *directory);
+GList *polkit_backend_action_pool_get_all_actions (PolkitBackendActionPool *pool,
+ const gchar *locale);
+
+PolkitActionDescription *polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool,
+ const gchar *action_id,
+ const gchar *locale);
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index b736d8d..9ca675f 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -167,8 +167,8 @@ authority_iface_handle_enumerate_actions (PolkitAuthority *authority,
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
- list = polkit_backend_action_pool_get_localized_actions (priv->action_pool,
- locale);
+ list = polkit_backend_action_pool_get_all_actions (priv->action_pool,
+ locale);
polkit_authority_handle_enumerate_actions_finish (method_invocation,
list);
commit 71e3b425054e60c7f4592ba56b082cd2a5f46265
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 14:14:19 2008 -0500
add core polkit actions
diff --git a/Makefile.am b/Makefile.am
index 66b86d7..fef10e3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,6 +1,6 @@
## Process this file with automake to produce Makefile.in
-SUBDIRS = data src docs po
+SUBDIRS = actions data src docs po
NULL =
diff --git a/actions/Makefile.am b/actions/Makefile.am
new file mode 100644
index 0000000..f111078
--- /dev/null
+++ b/actions/Makefile.am
@@ -0,0 +1,16 @@
+
+polkit_actiondir = $(datadir)/polkit-1/actions
+
+dist_polkit_action_DATA = org.freedesktop.policykit.policy
+
+ at INTLTOOL_POLICY_RULE@
+
+#check:
+# $(top_builddir)/tools/polkit-policy-file-validate-1 $(top_srcdir)/policy/$(dist_polkit_action_DATA)
+
+clean-local :
+ rm -f *~
+
+DISTCLEANFILES = org.freedesktop.policykit.policy
+
+EXTRA_DIST = org.freedesktop.policykit.policy.in
diff --git a/actions/org.freedesktop.policykit.policy.in b/actions/org.freedesktop.policykit.policy.in
new file mode 100644
index 0000000..9613355
--- /dev/null
+++ b/actions/org.freedesktop.policykit.policy.in
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+
+<!-- Policy definitions for core PolicyKit actions. Copyright (c) 2008 Red Hat, Inc. -->
+
+<policyconfig>
+ <vendor>The PolicyKit Project</vendor>
+ <vendor_url>http://hal.freedesktop.org/docs/PolicyKit/</vendor_url>
+
+ <action id="org.freedesktop.policykit.read">
+ <_description>Read authorizations of other users</_description>
+ <_message>Authentication is required to read authorizations of other users</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep_always</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.freedesktop.policykit.revoke">
+ <_description>Revoke authorizations from other users</_description>
+ <_message>Authentication is required to revoke authorizations other users</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep_always</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.freedesktop.policykit.grant">
+ <_description>Grant authorizations to other users</_description>
+ <_message>Authentication is required to grant authorizations to other users</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep_always</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.freedesktop.policykit.modify-defaults">
+ <_description>Modify defaults for implicit authorizations</_description>
+ <_message>Authentication is required to modify the defaults for implicit authorizations</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep_always</allow_active>
+ </defaults>
+ </action>
+</policyconfig>
diff --git a/configure.ac b/configure.ac
index 1aaf600..cbd4a30 100644
--- a/configure.ac
+++ b/configure.ac
@@ -156,6 +156,7 @@ AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE],["$GETTEXT_PACKAGE"],[gettext domain])
AC_OUTPUT([
Makefile
+actions/Makefile
data/Makefile
src/Makefile
src/polkit/Makefile
commit 7ef7e0a3a7a7718fe7148edd9693b201053907ef
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 14:01:50 2008 -0500
add a ActionPool class and rename BackendLocal to BackendLocalAuthority
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index 557ebfa..4f2c389 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -72,6 +72,7 @@
<chapter id="extending">
<title>Extending PolicyKit</title>
<xi:include href="../polkitbackend/xml/polkitbackendlocal.xml"/>
+ <xi:include href="../polkitbackend/xml/polkitbackendactionpool.xml"/>
</chapter>
</reference>
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index a08352a..23f8ab5 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -20,12 +20,14 @@ libpolkit_backend_1includedir=$(includedir)/polkit-1/polkitbackend
libpolkit_backend_1include_HEADERS = \
polkitbackend.h \
- polkitbackendlocal.h \
+ polkitbackendlocalauthority.h \
+ polkitbackendactionpool.h \
$(NULL)
libpolkit_backend_1_la_SOURCES = \
polkitbackend.h \
- polkitbackendlocal.h polkitbackendlocal.c \
+ polkitbackendlocalauthority.h polkitbackendlocalauthority.c \
+ polkitbackendactionpool.h polkitbackendactionpool.c \
$(NULL)
libpolkit_backend_1_la_CFLAGS = \
diff --git a/src/polkitbackend/polkitbackend.h b/src/polkitbackend/polkitbackend.h
index 6d8f963..1dc847c 100644
--- a/src/polkitbackend/polkitbackend.h
+++ b/src/polkitbackend/polkitbackend.h
@@ -23,7 +23,8 @@
#define __POLKIT_BACKEND_H
#define _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H 1
-#include <polkitbackend/polkitbackendlocal.h>
+#include <polkitbackend/polkitbackendlocalauthority.h>
+#include <polkitbackend/polkitbackendactionpool.h>
#undef _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H
#endif /* __POLKIT_BACKEND_H */
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
new file mode 100644
index 0000000..17380fd
--- /dev/null
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -0,0 +1,196 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <errno.h>
+#include <pwd.h>
+#include <string.h>
+#include <polkit/polkit.h>
+#include "polkitbackendactionpool.h"
+
+/* TODO: locking */
+
+typedef struct
+{
+ GFile *directory;
+
+} PolkitBackendActionPoolPrivate;
+
+enum
+{
+ PROP_0,
+ PROP_DIRECTORY,
+};
+
+#define POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_ACTION_POOL, PolkitBackendActionPoolPrivate))
+
+G_DEFINE_TYPE (PolkitBackendActionPool, polkit_backend_action_pool, G_TYPE_OBJECT);
+
+static void
+polkit_backend_action_pool_init (PolkitBackendActionPool *pool)
+{
+ PolkitBackendActionPoolPrivate *priv;
+
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+}
+
+static void
+polkit_backend_action_pool_finalize (GObject *object)
+{
+ PolkitBackendActionPool *pool;
+ PolkitBackendActionPoolPrivate *priv;
+
+ pool = POLKIT_BACKEND_ACTION_POOL (object);
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ if (priv->directory != NULL)
+ g_object_unref (priv->directory);
+
+ G_OBJECT_CLASS (polkit_backend_action_pool_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_action_pool_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitBackendActionPool *pool;
+ PolkitBackendActionPoolPrivate *priv;
+
+ pool = POLKIT_BACKEND_ACTION_POOL (object);
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ switch (prop_id)
+ {
+ case PROP_DIRECTORY:
+ g_value_set_object (value, priv->directory);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_backend_action_pool_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitBackendActionPool *pool;
+ PolkitBackendActionPoolPrivate *priv;
+
+ pool = POLKIT_BACKEND_ACTION_POOL (object);
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ switch (prop_id)
+ {
+ case PROP_DIRECTORY:
+ priv->directory = g_value_dup_object (value);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_backend_action_pool_class_init (PolkitBackendActionPoolClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->get_property = polkit_backend_action_pool_get_property;
+ gobject_class->set_property = polkit_backend_action_pool_set_property;
+ gobject_class->finalize = polkit_backend_action_pool_finalize;
+
+ g_type_class_add_private (klass, sizeof (PolkitBackendActionPoolPrivate));
+
+ /**
+ * PolkitBackendActionPool:directory:
+ *
+ * The directory to load action description files from.
+ */
+ g_object_class_install_property (gobject_class,
+ PROP_DIRECTORY,
+ g_param_spec_object ("directory",
+ "Directory",
+ "Directory to load action description files from",
+ G_TYPE_FILE,
+ G_PARAM_READWRITE |
+ G_PARAM_CONSTRUCT_ONLY |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+}
+
+/**
+ * polkit_backend_action_pool_new:
+ * @directory: A #GFile for the directory holding PolicyKit action description files.
+ *
+ * Creates a new #PolkitBackendPool that can be used for looking up #PolkitActionDescription objects.
+ *
+ * Returns: A #PolkitBackendActionPool. Free with g_object_unref().
+ **/
+PolkitBackendActionPool *
+polkit_backend_action_pool_new (GFile *directory)
+{
+ PolkitBackendActionPool *pool;
+
+ pool = POLKIT_BACKEND_ACTION_POOL (g_object_new (POLKIT_TYPE_BACKEND_ACTION_POOL,
+ "directory", directory,
+ NULL));
+
+ return pool;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+/**
+ * polkit_backend_action_pool_get_localized_actions:
+ * @pool: A #PolkitBackendActionPool.
+ * @locale: The locale to get descriptions for or %NULL for system locale.
+ *
+ * Gets all registered PolicyKit action descriptions from @pool with strings for @locale.
+ *
+ * Returns: A #GList of #PolkitActionDescription objects. This list
+ * should be freed with g_list_free() after each element have
+ * been unreffed with g_object_unref().
+ **/
+GList *
+polkit_backend_action_pool_get_localized_actions (PolkitBackendActionPool *pool,
+ const gchar *locale)
+{
+ GList *ret;
+ PolkitBackendActionPoolPrivate *priv;
+
+ g_return_val_if_fail (POLKIT_BACKEND_IS_ACTION_POOL (pool), NULL);
+
+ priv = POLKIT_BACKEND_ACTION_POOL_GET_PRIVATE (pool);
+
+ ret = NULL;
+
+ return ret;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkitbackend/polkitbackendactionpool.h b/src/polkitbackend/polkitbackendactionpool.h
new file mode 100644
index 0000000..147a1f0
--- /dev/null
+++ b/src/polkitbackend/polkitbackendactionpool.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#include <glib-object.h>
+
+#ifndef __POLKIT_BACKEND_ACTION_POOL_H
+#define __POLKIT_BACKEND_ACTION_POOL_H
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_BACKEND_ACTION_POOL (polkit_backend_action_pool_get_type ())
+#define POLKIT_BACKEND_ACTION_POOL(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_ACTION_POOL, PolkitBackendActionPool))
+#define POLKIT_BACKEND_ACTION_POOL_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND_ACTION_POOL, PolkitBackendActionPoolClass))
+#define POLKIT_BACKEND_ACTION_POOL_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_ACTION_POOL,PolkitBackendActionPoolClass))
+#define POLKIT_BACKEND_IS_ACTION_POOL(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_ACTION_POOL))
+#define POLKIT_BACKEND_IS_ACTION_POOL_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_ACTION_POOL))
+
+typedef struct _PolkitBackendActionPool PolkitBackendActionPool;
+typedef struct _PolkitBackendActionPoolClass PolkitBackendActionPoolClass;
+
+struct _PolkitBackendActionPool
+{
+ GObject parent_instance;
+};
+
+struct _PolkitBackendActionPoolClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /*< private >*/
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_backend_action_pool_get_type (void) G_GNUC_CONST;
+PolkitBackendActionPool *polkit_backend_action_pool_new (GFile *directory);
+GList *polkit_backend_action_pool_get_localized_actions (PolkitBackendActionPool *pool,
+ const gchar *locale);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_ACTION_POOL_H */
+
diff --git a/src/polkitbackend/polkitbackendlocal.c b/src/polkitbackend/polkitbackendlocal.c
deleted file mode 100644
index 39d120b..0000000
--- a/src/polkitbackend/polkitbackendlocal.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <errno.h>
-#include <pwd.h>
-#include <string.h>
-#include <polkit/polkit.h>
-#include "polkitbackendlocal.h"
-
-/* TODO: locking */
-
-typedef struct
-{
- guint foo;
-} PolkitBackendLocalPrivate;
-
-static void authority_iface_init (PolkitAuthorityIface *authority_iface,
- gpointer iface_data);
-
-G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocal, polkit_backend_local, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_AUTHORITY,
- authority_iface_init)
- );
-
-#define POLKIT_BACKEND_LOCAL_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_LOCAL, PolkitBackendLocalPrivate))
-
-static void
-polkit_backend_local_finalize (GObject *object)
-{
- PolkitBackendLocal *backend;
- PolkitBackendLocalPrivate *priv;
-
- backend = POLKIT_BACKEND_LOCAL (object);
- priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
-
- G_OBJECT_CLASS (polkit_backend_local_parent_class)->finalize (object);
-}
-
-static void
-polkit_backend_local_class_init (PolkitBackendLocalClass *klass)
-{
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
-
- gobject_class->finalize = polkit_backend_local_finalize;
-
- g_type_class_add_private (klass, sizeof (PolkitBackendLocalPrivate));
-}
-
-
-static void
-polkit_backend_local_init (PolkitBackendLocal *backend)
-{
- PolkitBackendLocalPrivate *priv;
-
- priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
-}
-
-PolkitBackendLocal *
-polkit_backend_local_new (void)
-{
- PolkitBackendLocal *backend;
-
- backend = POLKIT_BACKEND_LOCAL (g_object_new (POLKIT_TYPE_BACKEND_LOCAL,
- NULL));
-
- return backend;
-}
-
-static void
-authority_iface_handle_say_hello (PolkitAuthority *instance,
- const gchar *message,
- EggDBusMethodInvocation *method_invocation)
-{
- gchar *result;
-
- result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
-
- polkit_authority_handle_say_hello_finish (method_invocation,
- result);
-
- g_free (result);
-}
-
-static void
-authority_iface_handle_enumerate_users (PolkitAuthority *instance,
- EggDBusMethodInvocation *method_invocation)
-{
- struct passwd *passwd;
- GList *list;
-
- list = NULL;
-
- passwd = getpwent ();
- if (passwd == NULL)
- {
- egg_dbus_method_invocation_return_error (method_invocation,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "getpwent failed: %s",
- strerror (errno));
- goto out;
- }
-
- do
- {
- PolkitSubject *subject;
-
- subject = polkit_subject_new_for_unix_user (passwd->pw_uid);
-
- list = g_list_prepend (list, subject);
- }
- while ((passwd = getpwent ()) != NULL);
- endpwent ();
-
- list = g_list_reverse (list);
-
- polkit_authority_handle_enumerate_users_finish (method_invocation,
- list);
-
- out:
- g_list_foreach (list, (GFunc) g_object_unref, NULL);
- g_list_free (list);
-}
-
-static void
-authority_iface_init (PolkitAuthorityIface *authority_iface,
- gpointer iface_data)
-{
- authority_iface->handle_say_hello = authority_iface_handle_say_hello;
- authority_iface->handle_enumerate_users = authority_iface_handle_enumerate_users;
-}
diff --git a/src/polkitbackend/polkitbackendlocal.h b/src/polkitbackend/polkitbackendlocal.h
deleted file mode 100644
index 114cceb..0000000
--- a/src/polkitbackend/polkitbackendlocal.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
-#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#include <glib-object.h>
-
-#ifndef __POLKIT_BACKEND_LOCAL_H
-#define __POLKIT_BACKEND_LOCAL_H
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_BACKEND_LOCAL (polkit_backend_local_get_type ())
-#define POLKIT_BACKEND_LOCAL(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_LOCAL, PolkitBackendLocal))
-#define POLKIT_BACKEND_LOCAL_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND_LOCAL, PolkitBackendLocalClass))
-#define POLKIT_BACKEND_LOCAL_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_LOCAL,PolkitBackendLocalClass))
-#define POLKIT_IS_BACKEND_LOCAL(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_LOCAL))
-#define POLKIT_IS_BACKEND_LOCAL_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_LOCAL))
-
-typedef struct _PolkitBackendLocal PolkitBackendLocal;
-typedef struct _PolkitBackendLocalClass PolkitBackendLocalClass;
-
-struct _PolkitBackendLocal
-{
- GObject parent_instance;
-};
-
-struct _PolkitBackendLocalClass
-{
- GObjectClass parent_class;
-
- /*< public >*/
-
- /*< private >*/
- /* Padding for future expansion */
- void (*_polkit_reserved1) (void);
- void (*_polkit_reserved2) (void);
- void (*_polkit_reserved3) (void);
- void (*_polkit_reserved4) (void);
- void (*_polkit_reserved5) (void);
- void (*_polkit_reserved6) (void);
- void (*_polkit_reserved7) (void);
- void (*_polkit_reserved8) (void);
-};
-
-GType polkit_backend_local_get_type (void) G_GNUC_CONST;
-
-PolkitBackendLocal *polkit_backend_local_new (void);
-
-G_END_DECLS
-
-#endif /* __POLKIT_BACKEND_LOCAL_H */
-
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
new file mode 100644
index 0000000..b736d8d
--- /dev/null
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -0,0 +1,191 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <errno.h>
+#include <pwd.h>
+#include <string.h>
+#include <polkit/polkit.h>
+#include "polkitbackendlocalauthority.h"
+#include "polkitbackendactionpool.h"
+
+typedef struct
+{
+ PolkitBackendActionPool *action_pool;
+
+} PolkitBackendLocalAuthorityPrivate;
+
+static void authority_iface_init (PolkitAuthorityIface *authority_iface,
+ gpointer iface_data);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocalAuthority, polkit_backend_local_authority, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_AUTHORITY,
+ authority_iface_init)
+ );
+
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
+
+
+static void
+polkit_backend_local_authority_init (PolkitBackendLocalAuthority *local_authority)
+{
+ PolkitBackendLocalAuthorityPrivate *priv;
+ GFile *action_desc_directory;
+
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ action_desc_directory = g_file_new_for_path (PACKAGE_DATA_DIR "/polkit-1/actions");
+ priv->action_pool = polkit_backend_action_pool_new (action_desc_directory);
+ g_object_unref (action_desc_directory);
+}
+
+static void
+polkit_backend_local_authority_finalize (GObject *object)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (object);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ if (priv->action_pool != NULL)
+ g_object_unref (priv->action_pool);
+
+ G_OBJECT_CLASS (polkit_backend_local_authority_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_backend_local_authority_finalize;
+
+ g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
+}
+
+PolkitBackendLocalAuthority *
+polkit_backend_local_authority_new (void)
+{
+ PolkitBackendLocalAuthority *local_authority;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (g_object_new (POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY,
+ NULL));
+
+ return local_authority;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_iface_handle_say_hello (PolkitAuthority *authority,
+ const gchar *message,
+ EggDBusMethodInvocation *method_invocation)
+{
+ gchar *result;
+
+ result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
+
+ polkit_authority_handle_say_hello_finish (method_invocation,
+ result);
+
+ g_free (result);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_iface_handle_enumerate_users (PolkitAuthority *authority,
+ EggDBusMethodInvocation *method_invocation)
+{
+ struct passwd *passwd;
+ GList *list;
+
+ list = NULL;
+
+ passwd = getpwent ();
+ if (passwd == NULL)
+ {
+ egg_dbus_method_invocation_return_error (method_invocation,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getpwent failed: %s",
+ strerror (errno));
+ goto out;
+ }
+
+ do
+ {
+ PolkitSubject *subject;
+
+ subject = polkit_subject_new_for_unix_user (passwd->pw_uid);
+
+ list = g_list_prepend (list, subject);
+ }
+ while ((passwd = getpwent ()) != NULL);
+ endpwent ();
+
+ list = g_list_reverse (list);
+
+ polkit_authority_handle_enumerate_users_finish (method_invocation,
+ list);
+
+ out:
+ g_list_foreach (list, (GFunc) g_object_unref, NULL);
+ g_list_free (list);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_iface_handle_enumerate_actions (PolkitAuthority *authority,
+ const gchar *locale,
+ EggDBusMethodInvocation *method_invocation)
+{
+ PolkitBackendLocalAuthority *local_authority;
+ PolkitBackendLocalAuthorityPrivate *priv;
+ GList *list;
+
+ local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
+ priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+
+ list = polkit_backend_action_pool_get_localized_actions (priv->action_pool,
+ locale);
+
+ polkit_authority_handle_enumerate_actions_finish (method_invocation,
+ list);
+
+ g_list_foreach (list, (GFunc) g_object_unref, NULL);
+ g_list_free (list);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+authority_iface_init (PolkitAuthorityIface *authority_iface,
+ gpointer iface_data)
+{
+ authority_iface->handle_say_hello = authority_iface_handle_say_hello;
+ authority_iface->handle_enumerate_users = authority_iface_handle_enumerate_users;
+ authority_iface->handle_enumerate_actions = authority_iface_handle_enumerate_actions;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkitbackend/polkitbackendlocalauthority.h b/src/polkitbackend/polkitbackendlocalauthority.h
new file mode 100644
index 0000000..0dd4f35
--- /dev/null
+++ b/src/polkitbackend/polkitbackendlocalauthority.h
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#include <glib-object.h>
+
+#ifndef __POLKIT_BACKEND_LOCAL_AUTHORITY_H
+#define __POLKIT_BACKEND_LOCAL_AUTHORITY_H
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY (polkit_backend_local_authority_get_type ())
+#define POLKIT_BACKEND_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY, PolkitBackendLocalAuthority))
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityClass))
+#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY,PolkitBackendLocalAuthorityClass))
+#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY))
+#define POLKIT_BACKEND_IS_LOCAL_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_LOCAL_AUTHORITY))
+
+typedef struct _PolkitBackendLocalAuthority PolkitBackendLocalAuthority;
+typedef struct _PolkitBackendLocalAuthorityClass PolkitBackendLocalAuthorityClass;
+
+struct _PolkitBackendLocalAuthority
+{
+ GObject parent_instance;
+};
+
+struct _PolkitBackendLocalAuthorityClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /*< private >*/
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_backend_local_authority_get_type (void) G_GNUC_CONST;
+
+PolkitBackendLocalAuthority *polkit_backend_local_authority_new (void);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_LOCAL_AUTHORITY_H */
+
diff --git a/src/polkitd/main.c b/src/polkitd/main.c
index 2dd4b8c..05e9bae 100644
--- a/src/polkitd/main.c
+++ b/src/polkitd/main.c
@@ -30,7 +30,7 @@ static PolkitAuthority *
get_authority_backend (void)
{
/* TODO: use extension points etc. */
- return POLKIT_AUTHORITY (polkit_backend_local_new ());
+ return POLKIT_AUTHORITY (polkit_backend_local_authority_new ());
}
int
commit d5a8a9bd2e9ee995995b911af68d0b7614ad64cb
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 13:14:08 2008 -0500
turn PolkitActionDescription into an user defined struct
Now to port the XML parser and land it in polkitbackend so backends
can easily implement EnumerateActions().
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index dcad356..d3e2fd5 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -5,9 +5,32 @@
<!-- User defined struct for Subjects -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="Subject">
<annotation name="org.gtk.EggDBus.Struct.Signature" value="(sa{sv})"/>
+
+ <!-- element 0: string: the subject type; known values: "unix-user", "unix-group", "unix-process" -->
+
+ <!-- element 1: map<string,any>: key/value pairs depending on the subject type -->
+
+ <!-- TODO: document values in hash table for each subject type-->
+
</annotation>
- <!-- The error domain used for reporting erros -->
+ <!-- User defined struct for ActionDescription -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="ActionDescription">
+ <annotation name="org.gtk.EggDBus.Struct.Signature" value="(ssssssa{ss})"/>
+
+ <!-- element 0: string: action-id -->
+ <!-- element 1: string: description -->
+ <!-- element 2: string: message -->
+ <!-- element 3: string: vendor name -->
+ <!-- element 4: string: vendor url -->
+ <!-- element 5: string: icon name -->
+ <!-- element 6: map<string,string>: annotations -->
+
+ <!-- TODO: also include defaults -->
+
+ </annotation>
+
+ <!-- The error domain used for reporting errors -->
<annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.Failed">
<annotation name="org.gtk.EggDBus.DocString" value="The operation failed"/>
@@ -17,7 +40,7 @@
</annotation>
</annotation>
- <!-- An enumeration for -->
+ <!-- An enumeration for results of CheckClaim() (TODO: implement this method) -->
<annotation name="org.gtk.EggDBus.DeclareEnum" value="AuthorizationResult">
<annotation name="org.gtk.EggDBus.Enum.Member" value="NotAuthorized">
<annotation name="org.gtk.EggDBus.DocString" value="The subject is not authorized for the specified action"/>
@@ -42,5 +65,10 @@
<arg name="users" direction="out" type="a(sa{sv})"/>
</method>
+ <method name="EnumerateActions">
+ <arg name="locale" direction="in" type="s"/>
+ <arg name="action_descriptions" direction="out" type="a(ssssssa{ss})"/>
+ </method>
+
</interface>
</node>
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index cf93feb..de6ea57 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -19,1089 +19,235 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
-#include "config.h"
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
#include <string.h>
+#include "polkitbindings.h"
#include "polkitactiondescription.h"
/**
* SECTION:polkitactiondescription
- * @short_description: Description of an action
- * @include: polkit/polkit.h
+ * @title: PolkitActionDescription
+ * @short_description: Descriptions of actions
*
- * Describes an action.
+ * The #PolkitActionDescription type is used to described registered PolicyKit actions.
*/
-/*--------------------------------------------------------------------------------------------------------------*/
-
-struct _PolkitActionDescriptionPrivate
-{
- char *action_id;
- GIcon *icon;
- char *description;
- char *message;
- char *vendor_name;
- char *vendor_url;
- GHashTable *annotations;
-};
-
-enum {
- PROP_0,
- PROP_ACTION_ID,
- PROP_ICON,
- PROP_DESCRIPTION,
- PROP_MESSAGE,
- PROP_VENDOR_NAME,
- PROP_VENDOR_URL,
- PROP_ANNOTATIONS,
-};
-
-G_DEFINE_TYPE (PolkitActionDescription, polkit_action_description, G_TYPE_OBJECT)
-
-#define POLKIT_ACTION_DESCRIPTION_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionPrivate))
-
static void
-polkit_action_description_get_property (GObject *object,
- guint prop_id,
- GValue *value,
- GParamSpec *pspec)
+base_init (gpointer g_iface)
{
- PolkitActionDescription *action_description = POLKIT_ACTION_DESCRIPTION (object);
-
- switch (prop_id)
- {
- case PROP_ACTION_ID:
- g_value_set_string (value, action_description->priv->action_id);
- break;
-
- case PROP_ICON:
- g_value_set_object (value, action_description->priv->icon);
- break;
-
- case PROP_DESCRIPTION:
- g_value_set_string (value, action_description->priv->description);
- break;
-
- case PROP_MESSAGE:
- g_value_set_string (value, action_description->priv->message);
- break;
-
- case PROP_VENDOR_NAME:
- g_value_set_string (value, action_description->priv->vendor_name);
- break;
-
- case PROP_VENDOR_URL:
- g_value_set_string (value, action_description->priv->vendor_url);
- break;
-
- case PROP_ANNOTATIONS:
- g_value_set_boxed (value, action_description->priv->annotations);
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-polkit_action_description_init (PolkitActionDescription *action_description)
-{
- action_description->priv = POLKIT_ACTION_DESCRIPTION_GET_PRIVATE (action_description);
- action_description->priv->annotations = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
}
-static void
-polkit_action_description_finalize (GObject *object)
+GType
+polkit_action_description_get_type (void)
{
- PolkitActionDescription *action_description;
-
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_ACTION_DESCRIPTION (object));
+ static GType iface_type = 0;
- action_description = POLKIT_ACTION_DESCRIPTION (object);
-
- if (action_description->priv->icon != NULL)
- g_object_unref (action_description->priv->icon);
- g_free (action_description->priv->action_id);
- g_free (action_description->priv->description);
- g_free (action_description->priv->message);
- g_free (action_description->priv->vendor_name);
- g_free (action_description->priv->vendor_url);
- g_hash_table_unref (action_description->priv->annotations);
+ if (iface_type == 0)
+ {
+ static const GTypeInfo info =
+ {
+ sizeof (PolkitActionDescriptionIface),
+ base_init, /* base_init */
+ NULL, /* base_finalize */
+ NULL, /* class_init */
+ NULL, /* class_finalize */
+ NULL, /* class_data */
+ 0, /* instance_size */
+ 0, /* n_preallocs */
+ NULL, /* instance_init */
+ NULL /* value_table */
+ };
+
+ iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitActionDescription", &info, 0);
+
+ g_type_interface_add_prerequisite (iface_type, EGG_DBUS_TYPE_STRUCTURE);
+ }
- G_OBJECT_CLASS (polkit_action_description_parent_class)->finalize (object);
+ return iface_type;
}
-static void
-polkit_action_description_class_init (PolkitActionDescriptionClass *klass)
-{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->get_property = polkit_action_description_get_property;
- object_class->finalize = polkit_action_description_finalize;
-
- /**
- * PolkitActionDescription:action-id:
- *
- * The action id for the action being described.
- */
- g_object_class_install_property (object_class,
- PROP_ACTION_ID,
- g_param_spec_string ("action-id",
- "action-id",
- "The action identifier for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:icon:
- *
- * The icon for the action being described.
- */
- g_object_class_install_property (object_class,
- PROP_ICON,
- g_param_spec_object ("icon",
- "icon",
- "The icon for the action",
- G_TYPE_ICON,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:description:
- *
- * A localized human readable description of the action.
- */
- g_object_class_install_property (object_class,
- PROP_DESCRIPTION,
- g_param_spec_string ("description",
- "description",
- "Description of action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:message:
- *
- * A localized human readable message to display to the user
- * when he lacks an authorization for the action.
- */
- g_object_class_install_property (object_class,
- PROP_MESSAGE,
- g_param_spec_string ("message",
- "message",
- "Message for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:vendor-name:
- *
- * The name of the organization supplying the action.
- */
- g_object_class_install_property (object_class,
- PROP_VENDOR_NAME,
- g_param_spec_string ("vendor-name",
- "vendor-name",
- "Vendor for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:vendor-url:
- *
- * An URL (Uniform Resource Locator) describing the action.
- */
- g_object_class_install_property (object_class,
- PROP_VENDOR_URL,
- g_param_spec_string ("vendor-url",
- "vendor-url",
- "Vendor URL for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:annotations:
- *
- * A set of key/value pairs giving more information about the action.
- */
- g_object_class_install_property (object_class,
- PROP_ANNOTATIONS,
- g_param_spec_boxed ("annotations",
- "annotations",
- "Annotations for the action",
- G_TYPE_HASH_TABLE,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- g_type_class_add_private (klass, sizeof (PolkitActionDescriptionPrivate));
-}
+#define ACTION_DESCRIPTION_SIGNATURE "(ssssssa{ss})"
+/**
+ * polkit_action_description_get_action_id:
+ * @action_description: A #PolkitActionDescription.
+ *
+ * Gets the action identifer for @action_description.
+ *
+ * Returns: The action identifier for @action_description.
+ */
const gchar *
polkit_action_description_get_action_id (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->action_id;
-}
+ const gchar *s;
-GIcon *
-polkit_action_description_get_icon (PolkitActionDescription *action_description)
-{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- if (action_description->priv->icon != NULL)
- return g_object_ref (action_description->priv->icon);
- return NULL;
-}
-
-const gchar *
-polkit_action_description_get_description (PolkitActionDescription *action_description)
-{
g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->description;
-}
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
-const gchar *
-polkit_action_description_get_message (PolkitActionDescription *action_description)
-{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->message;
-}
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 0, &s,
+ -1);
-const gchar *
-polkit_action_description_get_vendor_name (PolkitActionDescription *action_description)
-{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->vendor_name;
+ return s;
}
+/**
+ * polkit_action_description_get_description:
+ * @action_description: A #PolkitActionDescription.
+ *
+ * Gets a human readable description of @action_description.
+ *
+ * Returns: The human readable description for @action_description or %NULL if not set.
+ */
const gchar *
-polkit_action_description_get_vendor_url (PolkitActionDescription *action_description)
+polkit_action_description_get_description (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->vendor_url;
-}
+ const gchar *s;
-GHashTable *
-polkit_action_description_get_annotations (PolkitActionDescription *action_description)
-{
g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->annotations;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-#if 0
-#include <expat.h> /* TODO: move to separate file */
-
-enum {
- STATE_NONE,
- STATE_UNKNOWN_TAG,
- STATE_IN_POLICY_CONFIG,
- STATE_IN_POLICY_VENDOR,
- STATE_IN_POLICY_VENDOR_URL,
- STATE_IN_POLICY_ICON_NAME,
- STATE_IN_ACTION,
- STATE_IN_ACTION_DESCRIPTION,
- STATE_IN_ACTION_MESSAGE,
- STATE_IN_ACTION_VENDOR,
- STATE_IN_ACTION_VENDOR_URL,
- STATE_IN_ACTION_ICON_NAME,
- STATE_IN_DEFAULTS,
- STATE_IN_DEFAULTS_ALLOW_ANY,
- STATE_IN_DEFAULTS_ALLOW_INACTIVE,
- STATE_IN_DEFAULTS_ALLOW_ACTIVE,
- STATE_IN_ANNOTATE
-};
-
-#define PARSER_MAX_DEPTH 32
-
-typedef struct {
- XML_Parser parser;
- int state;
- int state_stack[PARSER_MAX_DEPTH];
- int stack_depth;
-
- const char *path;
-
- char *global_vendor;
- char *global_vendor_url;
- char *global_icon_name;
-
- char *action_id;
- char *vendor;
- char *vendor_url;
- char *icon_name;
-
- //PolKitResult defaults_allow_any;
- //PolKitResult defaults_allow_inactive;
- //PolKitResult defaults_allow_active;
-
- GHashTable *policy_descriptions;
- GHashTable *policy_messages;
-
- char *policy_description_nolang;
- char *policy_message_nolang;
-
- /* the language according to $LANG (e.g. en_US, da_DK, fr, en_CA minus the encoding) */
- char *lang;
-
- /* the value of xml:lang for the thing we're reading in _cdata() */
- char *elem_lang;
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
- char *annotate_key;
- GHashTable *annotations;
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 1, &s,
+ -1);
- PolKitActionDescriptionForeachFunc cb;
- void *user_data;
-} ParserData;
-
-static void
-pd_unref_action_data (ParserData *pd)
-{
- g_free (pd->action_id);
- pd->action_id = NULL;
-
- g_free (pd->vendor);
- pd->vendor = NULL;
- g_free (pd->vendor_url);
- pd->vendor_url = NULL;
- g_free (pd->icon_name);
- pd->icon_name = NULL;
-
- g_free (pd->policy_description_nolang);
- pd->policy_description_nolang = NULL;
- g_free (pd->policy_message_nolang);
- pd->policy_message_nolang = NULL;
- if (pd->policy_descriptions != NULL) {
- g_hash_table_unref (pd->policy_descriptions);
- pd->policy_descriptions = NULL;
- }
- if (pd->policy_messages != NULL) {
- g_hash_table_unref (pd->policy_messages);
- pd->policy_messages = NULL;
- }
- g_free (pd->annotate_key);
- pd->annotate_key = NULL;
- if (pd->annotations != NULL) {
- g_hash_table_unref (pd->annotations);
- pd->annotations = NULL;
- }
- g_free (pd->elem_lang);
- pd->elem_lang = NULL;
+ return strlen (s) > 0 ? s : NULL;
}
-static void
-pd_unref_data (ParserData *pd)
-{
- pd_unref_action_data (pd);
- g_free (pd->lang);
- pd->lang = NULL;
-
- g_free (pd->global_vendor);
- pd->global_vendor = NULL;
- g_free (pd->global_vendor_url);
- pd->global_vendor_url = NULL;
- g_free (pd->global_icon_name);
- pd->global_icon_name = NULL;
-}
-
-static void
-_start (void *data, const char *el, const char **attr)
+/**
+ * polkit_action_description_get_message:
+ * @action_description: A #PolkitActionDescription.
+ *
+ * Gets the message shown for @action_description.
+ *
+ * Returns: The message for @action_description or %NULL if not set.
+ */
+const gchar *
+polkit_action_description_get_message (PolkitActionDescription *action_description)
{
- int state;
- int num_attr;
- ParserData *pd = data;
-
- for (num_attr = 0; attr[num_attr] != NULL; num_attr++)
- ;
-
- state = STATE_NONE;
+ const gchar *s;
- switch (pd->state) {
- case STATE_NONE:
- if (strcmp (el, "policyconfig") == 0) {
- state = STATE_IN_POLICY_CONFIG;
- }
- break;
- case STATE_IN_POLICY_CONFIG:
- if (strcmp (el, "action") == 0) {
- if (num_attr != 2 || strcmp (attr[0], "id") != 0)
- goto error;
- state = STATE_IN_ACTION;
-
- //if (!polkit_action_validate_id (attr[1]))
- // goto error;
-
- pd_unref_action_data (pd);
- pd->action_id = g_strdup (attr[1]);
- pd->policy_descriptions = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
- pd->policy_messages = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
- /* initialize defaults */
- //pd->defaults_allow_any = POLKIT_RESULT_NO;
- //pd->defaults_allow_inactive = POLKIT_RESULT_NO;
- //pd->defaults_allow_active = POLKIT_RESULT_NO;
- } else if (strcmp (el, "vendor") == 0 && num_attr == 0) {
- state = STATE_IN_POLICY_VENDOR;
- } else if (strcmp (el, "vendor_url") == 0 && num_attr == 0) {
- state = STATE_IN_POLICY_VENDOR_URL;
- } else if (strcmp (el, "icon_name") == 0 && num_attr == 0) {
- state = STATE_IN_POLICY_ICON_NAME;
- }
- break;
- case STATE_IN_ACTION:
- if (strcmp (el, "defaults") == 0) {
- state = STATE_IN_DEFAULTS;
- } else if (strcmp (el, "description") == 0) {
- if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
- pd->elem_lang = g_strdup (attr[1]);
- }
- state = STATE_IN_ACTION_DESCRIPTION;
- } else if (strcmp (el, "message") == 0) {
- if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
- pd->elem_lang = g_strdup (attr[1]);
- }
- state = STATE_IN_ACTION_MESSAGE;
- } else if (strcmp (el, "vendor") == 0 && num_attr == 0) {
- state = STATE_IN_ACTION_VENDOR;
- } else if (strcmp (el, "vendor_url") == 0 && num_attr == 0) {
- state = STATE_IN_ACTION_VENDOR_URL;
- } else if (strcmp (el, "icon_name") == 0 && num_attr == 0) {
- state = STATE_IN_ACTION_ICON_NAME;
- } else if (strcmp (el, "annotate") == 0) {
- if (num_attr != 2 || strcmp (attr[0], "key") != 0)
- goto error;
- state = STATE_IN_ANNOTATE;
-
- g_free (pd->annotate_key);
- pd->annotate_key = g_strdup (attr[1]);
- }
- break;
- case STATE_IN_DEFAULTS:
- if (strcmp (el, "allow_any") == 0)
- state = STATE_IN_DEFAULTS_ALLOW_ANY;
- else if (strcmp (el, "allow_inactive") == 0)
- state = STATE_IN_DEFAULTS_ALLOW_INACTIVE;
- else if (strcmp (el, "allow_active") == 0)
- state = STATE_IN_DEFAULTS_ALLOW_ACTIVE;
- break;
- default:
- break;
- }
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
- if (state == STATE_NONE) {
- g_warning ("skipping unknown tag <%s> at line %d of %s",
- el, (int) XML_GetCurrentLineNumber (pd->parser), pd->path);
- state = STATE_UNKNOWN_TAG;
- }
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 2, &s,
+ -1);
- pd->state = state;
- pd->state_stack[pd->stack_depth] = pd->state;
- pd->stack_depth++;
- return;
-error:
- XML_StopParser (pd->parser, FALSE);
+ return strlen (s) > 0 ? s : NULL;
}
-static polkit_bool_t
-_validate_icon_name (const char *icon_name)
+/**
+ * polkit_action_description_get_vendor_name:
+ * @action_description: A #PolkitActionDescription.
+ *
+ * Gets the name of the vendor for @action_description.
+ *
+ * Returns: The vendor of @action_description or %NULL if not set.
+ */
+const gchar *
+polkit_action_description_get_vendor_name (PolkitActionDescription *action_description)
{
- unsigned int n;
- polkit_bool_t ret;
- size_t len;
-
- ret = FALSE;
-
- len = strlen (icon_name);
-
- /* check for common suffixes */
- if (g_str_has_suffix (icon_name, ".png"))
- goto out;
- if (g_str_has_suffix (icon_name, ".jpg"))
- goto out;
+ const gchar *s;
- /* icon name cannot be a path */
- for (n = 0; n < len; n++) {
- if (icon_name [n] == '/') {
- goto out;
- }
- }
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
- ret = TRUE;
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 3, &s,
+ -1);
-out:
- return ret;
+ return strlen (s) > 0 ? s : NULL;
}
-static void
-_cdata (void *data, const char *s, int len)
+/**
+ * polkit_action_description_get_vendor_url:
+ * @action_description: A #PolkitActionDescription.
+ *
+ * Gets the vendor URL for @action_description.
+ *
+ * Returns: The vendor URL for @action_description or %NULL if not set.
+ */
+const gchar *
+polkit_action_description_get_vendor_url (PolkitActionDescription *action_description)
{
- char *str;
- ParserData *pd = data;
-
- str = g_strndup (s, len);
-
- switch (pd->state) {
-
- case STATE_IN_ACTION_DESCRIPTION:
- if (pd->elem_lang == NULL) {
- g_free (pd->policy_description_nolang);
- pd->policy_description_nolang = str;
- str = NULL;
- } else {
- g_hash_table_insert (pd->policy_descriptions,
- g_strdup (pd->elem_lang),
- str);
- str = NULL;
- }
- break;
-
- case STATE_IN_ACTION_MESSAGE:
- if (pd->elem_lang == NULL) {
- g_free (pd->policy_message_nolang);
- pd->policy_message_nolang = str;
- str = NULL;
- } else {
- g_hash_table_insert (pd->policy_messages,
- g_strdup (pd->elem_lang),
- str);
- str = NULL;
- }
- break;
-
- case STATE_IN_POLICY_VENDOR:
- g_free (pd->global_vendor);
- pd->global_vendor = str;
- str = NULL;
- break;
-
- case STATE_IN_POLICY_VENDOR_URL:
- g_free (pd->global_vendor_url);
- pd->global_vendor_url = str;
- str = NULL;
- break;
-
- case STATE_IN_POLICY_ICON_NAME:
- if (! _validate_icon_name (str)) {
- g_warning ("Icon name '%s' is invalid", str);
- goto error;
- }
-
- g_free (pd->global_icon_name);
- pd->global_icon_name = str;
- str = NULL;
- break;
-
- case STATE_IN_ACTION_VENDOR:
- g_free (pd->vendor);
- pd->vendor = str;
- str = NULL;
- break;
-
- case STATE_IN_ACTION_VENDOR_URL:
- g_free (pd->vendor_url);
- pd->vendor_url = str;
- str = NULL;
- break;
-
- case STATE_IN_ACTION_ICON_NAME:
- if (! _validate_icon_name (str)) {
- kit_warning ("Icon name '%s' is invalid", str);
- goto error;
- }
-
- g_free (pd->icon_name);
- pd->icon_name = str;
- str = NULL;
- break;
+ const gchar *s;
- case STATE_IN_DEFAULTS_ALLOW_ANY:
- //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any))
- // goto error;
- break;
- case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
- //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive))
- // goto error;
- break;
- case STATE_IN_DEFAULTS_ALLOW_ACTIVE:
- //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active))
- // goto error;
- break;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
- case STATE_IN_ANNOTATE:
- if (pd->annotations == NULL) {
- pd->annotations = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
- }
- g_hash_table_insert (pd->annotations,
- g_strdup (pd->annotate_key),
- str);
- str = NULL;
- break;
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 4, &s,
+ -1);
- default:
- break;
- }
- g_free (str);
- return;
-error:
- g_free (str);
- XML_StopParser (pd->parser, FALSE);
+ return strlen (s) > 0 ? s : NULL;
}
/**
- * _localize:
- * @translations: a mapping from xml:lang to the value, e.g. 'da' -> 'Smadre', 'en_CA' -> 'Punch, Aye!'
- * @untranslated: the untranslated value, e.g. 'Punch'
- * @lang: the locale we're interested in, e.g. 'da_DK', 'da', 'en_CA', 'en_US'; basically just $LANG
- * with the encoding cut off. Maybe be NULL.
+ * polkit_action_description_get_icon:
+ * @action_description: A #PolkitActionDescription.
*
- * Pick the correct translation to use.
+ * Gets the #GIcon for @action_description.
*
- * Returns: the localized string to use
+ * Returns: A #GIcon (free with g_object_unref() when done with it) or %NULL if not set.
*/
-static const char *
-_localize (GHashTable *translations,
- const char *untranslated,
- const char *lang)
+GIcon *
+polkit_action_description_get_icon (PolkitActionDescription *action_description)
{
- const char *result;
- char lang2[256];
- int n;
-
- if (lang == NULL) {
- result = untranslated;
- goto out;
- }
-
- /* first see if we have the translation */
- result = (const char *) g_hash_table_lookup (translations, (void *) lang);
- if (result != NULL)
- goto out;
-
- /* we could have a translation for 'da' but lang=='da_DK'; cut off the last part and try again */
- strncpy (lang2, lang, sizeof (lang2));
- for (n = 0; lang2[n] != '\0'; n++) {
- if (lang2[n] == '_') {
- lang2[n] = '\0';
- break;
- }
- }
- result = (const char *) kit_hash_lookup (translations, (void *) lang2);
- if (result != NULL)
- goto out;
+ const gchar *s;
+ GIcon *icon;
- /* fall back to untranslated */
- result = untranslated;
-out:
- return result;
-}
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
-static void
-_end (void *data, const char *el)
-{
- ParserData *pd = data;
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 5, &s,
+ -1);
- g_free (pd->elem_lang);
- pd->elem_lang = NULL;
+ if (strlen (s) > 0)
+ {
+ icon = NULL;
+ }
+ else
+ {
+ GError *error;
- switch (pd->state) {
- case STATE_IN_ACTION:
+ error = NULL;
+ icon = g_icon_new_for_string (s, &error);
+ if (icon == NULL)
{
- const char *policy_description;
- const char *policy_message;
- //PolKitActionDescription *pfe;
- char *vendor;
- char *vendor_url;
- char *icon_name;
-
- vendor = pd->vendor;
- if (vendor == NULL)
- vendor = pd->global_vendor;
-
- vendor_url = pd->vendor_url;
- if (vendor_url == NULL)
- vendor_url = pd->global_vendor_url;
-
- icon_name = pd->icon_name;
- if (icon_name == NULL)
- icon_name = pd->global_icon_name;
-
-#if 0
- /* NOTE: caller takes ownership of the annotations object */
- pfe = _polkit_action_description_new (pd->action_id,
- vendor,
- vendor_url,
- icon_name,
- pd->defaults_allow_any,
- pd->defaults_allow_inactive,
- pd->defaults_allow_active,
- pd->annotations);
- if (pfe == NULL)
- goto oom;
-#else
- g_hash_table_unref (pd->annotations);
-#endif
-
- pd->annotations = NULL;
-
- policy_description = _localize (pd->policy_descriptions, pd->policy_description_nolang, pd->lang);
- policy_message = _localize (pd->policy_messages, pd->policy_message_nolang, pd->lang);
-
-#if 0
- if (!_polkit_action_description_set_descriptions (pfe,
- policy_description,
- policy_message)) {
- polkit_action_description_unref (pfe);
- goto oom;
- }
-#endif
-
-#if 0
- if (pd->cb (pfe, pd->user_data)) {
- /* TODO: short-circuit */
- }
-#endif
-
- /* and now throw it all away! (eh, don't worry, the user have probably reffed it!) */
- //polkit_action_description_unref (pfe);
- break;
- }
- default:
- break;
+ g_warning ("Error getting icon for action description: %s", error->message);
+ g_error_free (error);
}
+ }
- --pd->stack_depth;
- if (pd->stack_depth < 0 || pd->stack_depth >= PARSER_MAX_DEPTH) {
- polkit_debug ("reached max depth?");
- goto error;
- }
- if (pd->stack_depth > 0)
- pd->state = pd->state_stack[pd->stack_depth - 1];
- else
- pd->state = STATE_NONE;
-
- return;
-oom:
- pd->is_oom = 1;
-error:
- XML_StopParser (pd->parser, FALSE);
+ return icon;
}
/**
- * polkit_action_description_get_from_file:
- * @path: path to file, e.g. <literal>/usr/share/polkit-1/actions/org.freedesktop.policykit.policy</literal>
- * @cb: callback function
- * @user_data: user data
- * @error: return location for error
+ * polkit_action_description_get_annotations:
+ * @action_description: A #PolkitActionDescription.
*
- * Load a .policy file and iterate over all entries.
+ * Gets the annotations for @action_description.
*
- * Returns: #TRUE if @cb short-circuited the iteration. If there was
- * an error parsing @file, then @error will be set.
- **/
-polkit_bool_t
-polkit_action_description_get_from_file (const char *path,
- PolKitActionDescriptionForeachFunc cb,
- void *user_data,
- PolKitError **error)
-{
- ParserData pd;
- int xml_res;
- char *lang;
- char *buf;
- size_t buflen;
-
- buf = NULL;
-
- /* clear parser data */
- memset (&pd, 0, sizeof (ParserData));
-
- if (!kit_str_has_suffix (path, ".policy")) {
- polkit_error_set_error (error,
- POLKIT_ERROR_POLICY_FILE_INVALID,
- "Policy files must have extension .policy; file '%s' doesn't", path);
- goto error;
- }
-
- if (!kit_file_get_contents (path, &buf, &buflen)) {
- if (errno == ENOMEM) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': %s",
- path,
- "No memory for parser");
- } else {
- polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
- "Cannot load PolicyKit policy file at '%s': %m",
- path);
- }
- goto error;
- }
-
- pd.path = path;
- pd.cb = cb;
- pd.user_data = user_data;
-
-/* #ifdef POLKIT_BUILD_TESTS
- TODO: expat appears to leak on certain OOM paths
-*/
- XML_Memory_Handling_Suite memsuite = {p_malloc, p_realloc, kit_free};
- pd.parser = XML_ParserCreate_MM (NULL, &memsuite, NULL);
- pd.parser = XML_ParserCreate (NULL);
- pd.stack_depth = 0;
- if (pd.parser == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': %s",
- path,
- "No memory for parser");
- goto error;
- }
- XML_SetUserData (pd.parser, &pd);
- XML_SetElementHandler (pd.parser, _start, _end);
- XML_SetCharacterDataHandler (pd.parser, _cdata);
-
- /* init parser data */
- pd.state = STATE_NONE;
- lang = getenv ("LANG");
- if (lang != NULL) {
- int n;
- pd.lang = kit_strdup (lang);
- if (pd.lang == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': No memory for lang",
- path);
- goto error;
- }
- for (n = 0; pd.lang[n] != '\0'; n++) {
- if (pd.lang[n] == '.') {
- pd.lang[n] = '\0';
- break;
- }
- }
- }
-
- xml_res = XML_Parse (pd.parser, buf, buflen, 1);
-
- if (xml_res == 0) {
- if (XML_GetErrorCode (pd.parser) == XML_ERROR_NO_MEMORY) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory parsing %s",
- path);
- } else if (pd.is_oom) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory parsing %s",
- path);
- } else {
- polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
- "%s:%d: parse error: %s",
- path,
- (int) XML_GetCurrentLineNumber (pd.parser),
- XML_ErrorString (XML_GetErrorCode (pd.parser)));
- }
- XML_ParserFree (pd.parser);
- goto error;
- }
-
- XML_ParserFree (pd.parser);
- kit_free (buf);
- pd_unref_data (&pd);
-
- return FALSE; /* TODO */
-error:
- pd_unref_data (&pd);
- kit_free (buf);
- return FALSE; /* TODO */
-}
-
-
-GList *
-polkit_action_description_new_from_file (GFile *file,
- GCancellable *cancellable,
- GError **error)
+ * Returns: A #GHashTable from strings to strings with the annotations
+ * for @action_description. Do not destroy or unref this hash table;
+ * it is owned by @action_description.
+ */
+GHashTable *
+polkit_action_description_get_annotations (PolkitActionDescription *action_description)
{
- ParserData pd;
- char *contents;
- gsize contents_len;
- GList *ret;
-
- g_return_val_if_fail (G_IS_FILE (file), NULL);
-
- ret = NULL;
- contents = NULL;
- parse_context = NULL;
-
- parser.error = parse_error;
-
- parser_data = parser_data_new (&ret);
-
- if (!g_file_load_contents (file,
- cancellable,
- &contents,
- &contents_len,
- NULL,
- error)) {
- goto out;
- }
-
- g_warning ("need to parse '%s' %d", contents, contents_len);
-
-
- /* clear parser data */
- memset (&pd, 0, sizeof (ParserData));
-
- pd.parser = XML_ParserCreate (NULL);
-
- XML_SetUserData (pd.parser, &pd);
- XML_SetElementHandler (pd.parser, _start, _end);
- XML_SetCharacterDataHandler (pd.parser, _cdata);
-
- /* init parser data */
- pd.state = STATE_NONE;
- lang = getenv ("LANG");
- if (lang != NULL) {
- int n;
- pd.lang = kit_strdup (lang);
- if (pd.lang == NULL) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Cannot load PolicyKit policy file at '%s': No memory for lang",
- path);
- goto error;
- }
- for (n = 0; pd.lang[n] != '\0'; n++) {
- if (pd.lang[n] == '.') {
- pd.lang[n] = '\0';
- break;
- }
- }
- }
+ GHashTable *hash;
- xml_res = XML_Parse (pd.parser, buf, buflen, 1);
-
- if (xml_res == 0) {
- if (XML_GetErrorCode (pd.parser) == XML_ERROR_NO_MEMORY) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory parsing %s",
- path);
- } else if (pd.is_oom) {
- polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
- "Out of memory parsing %s",
- path);
- } else {
- polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
- "%s:%d: parse error: %s",
- path,
- (int) XML_GetCurrentLineNumber (pd.parser),
- XML_ErrorString (XML_GetErrorCode (pd.parser)));
- }
- XML_ParserFree (pd.parser);
- goto error;
- }
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (action_description)), ACTION_DESCRIPTION_SIGNATURE) == 0, NULL);
- XML_ParserFree (pd.parser);
- kit_free (buf);
- pd_unref_data (&pd);
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (action_description),
+ 6, &hash,
+ -1);
- out:
- g_free (contents);
- return ret;
+ return hash;
}
-GList *
-polkit_action_description_new_from_directory (GFile *directory,
- GCancellable *cancellable,
- GError **error)
-{
- GFileEnumerator *e;
- GError *local_error;
- GFileInfo *file_info;
- GList *ret;
-
- g_return_val_if_fail (G_IS_FILE (directory), NULL);
-
- ret = NULL;
-
- local_error = NULL;
- e = g_file_enumerate_children (directory,
- "standard::*",
- G_FILE_QUERY_INFO_NONE,
- NULL,
- &local_error);
- if (local_error != NULL) {
- g_propagate_error (error, local_error);
- goto out;
- }
-
- while ((file_info = g_file_enumerator_next_file (e, NULL, &local_error)) != NULL) {
- const char *name;
- GFile *file;
-
- name = g_file_info_get_name (file_info);
- /* only consider files with the right suffix */
- if (g_str_has_suffix (name, ".policy")) {
- GList *descs_from_file;
-
- file = g_file_get_child (directory, name);
-
- descs_from_file = polkit_action_description_new_from_file (file,
- cancellable,
- &local_error);
- if (local_error != NULL) {
- g_list_foreach (ret, (GFunc) g_object_unref, NULL);
- g_list_free (ret);
- ret = NULL;
-
- g_propagate_error (error, local_error);
- goto out;
- }
-
- ret = g_list_concat (ret, descs_from_file);
-
- g_object_unref (file);
- }
- g_object_unref (file_info);
- }
-
- if (local_error != NULL) {
- g_list_foreach (ret, (GFunc) g_object_unref, NULL);
- g_list_free (ret);
- ret = NULL;
-
- g_propagate_error (error, local_error);
- goto out;
- }
-
- out:
- if (e != NULL)
- g_object_unref (e);
- return ret;
-}
-#endif
diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h
index fd36554..22a3799 100644
--- a/src/polkit/polkitactiondescription.h
+++ b/src/polkit/polkitactiondescription.h
@@ -19,55 +19,40 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_ACTION_DESCRIPTION_H__
-#define __POLKIT_ACTION_DESCRIPTION_H__
+#ifndef __POLKIT_ACTION_DESCRIPTION_H
+#define __POLKIT_ACTION_DESCRIPTION_H
+#include <sys/types.h>
+#include <unistd.h>
#include <glib-object.h>
-#include <gio/gio.h>
+#include <polkit/polkitbindings.h>
G_BEGIN_DECLS
-#define POLKIT_TYPE_ACTION_DESCRIPTION (polkit_action_description_get_type ())
+#define POLKIT_TYPE_ACTION_DESCRIPTION (polkit_action_description_get_type())
#define POLKIT_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescription))
-#define POLKIT_ACTION_DESCRIPTION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionClass))
#define POLKIT_IS_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_ACTION_DESCRIPTION))
-#define POLKIT_IS_ACTION_DESCRIPTION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_ACTION_DESCRIPTION))
-#define POLKIT_ACTION_DESCRIPTION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionClass))
-
-typedef struct _PolkitActionDescription PolkitActionDescription;
-typedef struct _PolkitActionDescriptionClass PolkitActionDescriptionClass;
-typedef struct _PolkitActionDescriptionPrivate PolkitActionDescriptionPrivate;
+#define POLKIT_ACTION_DESCRIPTION_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionIface))
-struct _PolkitActionDescription
-{
- GObject parent_instance;
- PolkitActionDescriptionPrivate *priv;
-};
+#if 0
+typedef struct _PolkitActionDescription PolkitActionDescription; /* Dummy typedef */
+#endif
+typedef struct _PolkitActionDescriptionIface PolkitActionDescriptionIface;
-struct _PolkitActionDescriptionClass
+struct _PolkitActionDescriptionIface
{
- GObjectClass parent_class;
+ GTypeInterface g_iface;
};
-GType polkit_action_description_get_type (void) G_GNUC_CONST;
-GList * polkit_action_description_new_from_file (GFile *file,
- GCancellable *cancellable,
- GError **error);
-GList * polkit_action_description_new_from_directory (GFile *directory,
- GCancellable *cancellable,
- GError **error);
-const gchar * polkit_action_description_get_action_id (PolkitActionDescription *action_description);
-GIcon * polkit_action_description_get_icon (PolkitActionDescription *action_description);
-const gchar * polkit_action_description_get_description (PolkitActionDescription *action_description);
-const gchar * polkit_action_description_get_message (PolkitActionDescription *action_description);
-const gchar * polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
-const gchar * polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
-GHashTable * polkit_action_description_get_annotations (PolkitActionDescription *action_description);
+GType polkit_action_description_get_type (void) G_GNUC_CONST;
+const gchar *polkit_action_description_get_action_id (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_description (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_message (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
+const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
+GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description);
+GHashTable *polkit_action_description_get_annotations (PolkitActionDescription *action_description);
G_END_DECLS
-#endif /* __POLKIT_ACTION_DESCRIPTION_H__ */
+#endif /* __POLKIT_ACTION_DESCRIPTION_H */
commit c63cccdff7d0347c3dc2b777bdfe4e39e6a5e042
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 12:38:40 2008 -0500
use eggdbus to generate the AuthorizationResult enumeration
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 19b2351..dcad356 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -7,7 +7,7 @@
<annotation name="org.gtk.EggDBus.Struct.Signature" value="(sa{sv})"/>
</annotation>
- <!-- The error domain used -->
+ <!-- The error domain used for reporting erros -->
<annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.Failed">
<annotation name="org.gtk.EggDBus.DocString" value="The operation failed"/>
@@ -17,6 +17,20 @@
</annotation>
</annotation>
+ <!-- An enumeration for -->
+ <annotation name="org.gtk.EggDBus.DeclareEnum" value="AuthorizationResult">
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="NotAuthorized">
+ <annotation name="org.gtk.EggDBus.DocString" value="The subject is not authorized for the specified action"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="Authorized">
+ <annotation name="org.gtk.EggDBus.DocString" value="The subject is authorized for the specified action"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.Enum.Member" value="Challenge">
+ <annotation name="org.gtk.EggDBus.DocString" value="The subject is authorized if more information is provided"/>
+ </annotation>
+ </annotation>
+
+
<interface name="org.freedesktop.PolicyKit1.Authority">
<method name="SayHello">
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 22291ff..39d4a6e 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -20,6 +20,7 @@ BUILT_SOURCES = \
polkitauthority.h polkitauthority.c \
polkiterror.h polkiterror.c \
polkitbindingsmarshal.h polkitbindingsmarshal.c \
+ polkitauthorizationresult.h polkitauthorizationresult.c \
polkitbindingsmarshal.list \
$(NULL)
@@ -53,7 +54,6 @@ libpolkit_gobject_1_la_SOURCES = \
polkitauthoritystub.h polkitauthoritystub.c \
polkitactiondescription.h polkitactiondescription.c \
polkitauthorizationclaim.h polkitauthorizationclaim.c \
- polkitauthorizationresult.h polkitauthorizationresult.c \
polkitsubject.h polkitsubject.c \
$(BUILT_SOURCES) \
$(NULL)
diff --git a/src/polkit/polkitauthorizationresult.c b/src/polkit/polkitauthorizationresult.c
deleted file mode 100644
index 1123691..0000000
--- a/src/polkit/polkitauthorizationresult.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <polkit/polkitauthorizationresult.h>
-
-/**
- * SECTION:polkitauthorizationresult
- * @title: PolkitAuthorizationResult
- * @short_description: Result of checking a claim
- * @include: polkit/polkit.h
- *
- * The #PolkitAuthorizationResult enumeration is for possible results
- * when checking whether a claim is authorized.
- **/
-
-#define ENUM_ENTRY(NAME, DESC) { NAME, "" #NAME "", DESC }
-
-GType
-polkit_authorization_result_get_type (void)
-{
- static GType etype = 0;
-
- if (etype == 0)
- {
- static const GEnumValue values[] = {
- ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED, "NotAuthorized"),
- ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_AUTHORIZED, "Authorized"),
- ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_CHALLENGE, "Challenge"),
- { 0, 0, 0 }
- };
- etype = g_enum_register_static ("PolkitAuthorizationResult", values);
- }
- return etype;
-}
diff --git a/src/polkit/polkitauthorizationresult.h b/src/polkit/polkitauthorizationresult.h
deleted file mode 100644
index 041ae35..0000000
--- a/src/polkit/polkitauthorizationresult.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_AUTHORIZATION_RESULT_H
-#define __POLKIT_AUTHORIZATION_RESULT_H
-
-#include <glib-object.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_AUTHORIZATION_RESULT (polkit_authorization_result_get_type ())
-
-/**
- * PolkitAuthorizationResult:
- * @POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED: Not authorized.
- * @POLKIT_AUTHORIZATION_RESULT_AUTHORIZED: Authorized.
- * @POLKIT_AUTHORIZATION_RESULT_CHALLENGE: Can be authorized if further information is given.
- *
- * The possible results when checking whether a claim is authorized.
- */
-typedef enum {
- POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED,
- POLKIT_AUTHORIZATION_RESULT_AUTHORIZED,
- POLKIT_AUTHORIZATION_RESULT_CHALLENGE
-} PolkitAuthorizationResult;
-
-GType polkit_authorization_result_get_type (void) G_GNUC_CONST;
-
-
-G_END_DECLS
-
-#endif /* __POLKIT_AUTHORIZATION_RESULT_H */
-
commit 40cca6955840389d0f0d2b16468d45286100b631
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 12:32:35 2008 -0500
fix up gtkdoc cleaning
diff --git a/docs/polkit/Makefile.am b/docs/polkit/Makefile.am
index 44f7c8c..e74fb5c 100644
--- a/docs/polkit/Makefile.am
+++ b/docs/polkit/Makefile.am
@@ -58,17 +58,23 @@ HTML_IMAGES = \
# Extra options to supply to gtkdoc-fixref
FIXXREF_OPTIONS=
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in \
- polkit.types \
- polkit-*.txt \
- $(NULL)
-
if ENABLE_GTK_DOC
include $(top_srcdir)/gtk-doc.make
else
-EXTRA_DIST =
+CLEANFILES =
endif
-EXTRA_DIST += version.xml.in
+CLEANFILES += *~ \
+ polkit-scan.* \
+ polkit.* \
+ *.bak \
+ polkit-decl-list.txt \
+ polkit-decl.txt \
+ polkit-overrides.txt \
+ polkit-undeclared.txt \
+ polkit-undocumented.txt \
+ polkit-sections.txt \
+ *.stamp \
+ -rf html xml \
+ $(NULL)
+
diff --git a/docs/polkitbackend/Makefile.am b/docs/polkitbackend/Makefile.am
index 6ec2bce..98c8cc0 100644
--- a/docs/polkitbackend/Makefile.am
+++ b/docs/polkitbackend/Makefile.am
@@ -69,5 +69,20 @@ MAINTAINERCLEANFILES = \
if ENABLE_GTK_DOC
include $(top_srcdir)/gtk-doc.make
else
-EXTRA_DIST =
+CLEANFILES =
endif
+
+CLEANFILES += *~ \
+ polkitbackend-scan.* \
+ polkitbackend.* \
+ *.bak \
+ polkitbackend-decl-list.txt \
+ polkitbackend-decl.txt \
+ polkitbackend-overrides.txt \
+ polkitbackend-undeclared.txt \
+ polkitbackend-undocumented.txt \
+ polkitbackend-sections.txt \
+ *.stamp \
+ -rf html xml \
+ $(NULL)
+
commit 8cb60d1fb1deb0b63d8900b886f8a3c0e4e2a49b
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Dec 7 12:26:19 2008 -0500
change code style to be like GLib and generate error domain
Also port to use non-reffing structs in EggDBus HEAD.
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index c31c173..19b2351 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -2,9 +2,19 @@
"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
<node>
- <!-- User defined struct -->
- <annotation name="org.gtk.EggDBus.DeclareStruct" value="Subject">
- <annotation name="org.gtk.EggDBus.Struct.Signature" value="(sa{sv})"/>
+ <!-- User defined struct for Subjects -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="Subject">
+ <annotation name="org.gtk.EggDBus.Struct.Signature" value="(sa{sv})"/>
+ </annotation>
+
+ <!-- The error domain used -->
+ <annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.Failed">
+ <annotation name="org.gtk.EggDBus.DocString" value="The operation failed"/>
+ </annotation>
+ <annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.PolicyKit1.Error.NotSupported">
+ <annotation name="org.gtk.EggDBus.DocString" value="Operation is not supported"/>
+ </annotation>
</annotation>
<interface name="org.freedesktop.PolicyKit1.Authority">
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 4f64341..22291ff 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -18,6 +18,7 @@ BUILT_SOURCES = \
polkitbindings.h polkitbindings.c \
polkitbindingstypes.h \
polkitauthority.h polkitauthority.c \
+ polkiterror.h polkiterror.c \
polkitbindingsmarshal.h polkitbindingsmarshal.c \
polkitbindingsmarshal.list \
$(NULL)
@@ -53,7 +54,6 @@ libpolkit_gobject_1_la_SOURCES = \
polkitactiondescription.h polkitactiondescription.c \
polkitauthorizationclaim.h polkitauthorizationclaim.c \
polkitauthorizationresult.h polkitauthorizationresult.c \
- polkiterror.h polkiterror.c \
polkitsubject.h polkitsubject.c \
$(BUILT_SOURCES) \
$(NULL)
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 1f701f8..b813cf3 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index 8bebb06..cf93feb 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -37,27 +35,26 @@
struct _PolkitActionDescriptionPrivate
{
- char *action_id;
- GIcon *icon;
- char *description;
- char *message;
- char *vendor_name;
- char *vendor_url;
- GHashTable *annotations;
+ char *action_id;
+ GIcon *icon;
+ char *description;
+ char *message;
+ char *vendor_name;
+ char *vendor_url;
+ GHashTable *annotations;
};
enum {
- PROP_0,
- PROP_ACTION_ID,
- PROP_ICON,
- PROP_DESCRIPTION,
- PROP_MESSAGE,
- PROP_VENDOR_NAME,
- PROP_VENDOR_URL,
- PROP_ANNOTATIONS,
+ PROP_0,
+ PROP_ACTION_ID,
+ PROP_ICON,
+ PROP_DESCRIPTION,
+ PROP_MESSAGE,
+ PROP_VENDOR_NAME,
+ PROP_VENDOR_URL,
+ PROP_ANNOTATIONS,
};
-
G_DEFINE_TYPE (PolkitActionDescription, polkit_action_description, G_TYPE_OBJECT)
#define POLKIT_ACTION_DESCRIPTION_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionPrivate))
@@ -68,248 +65,249 @@ polkit_action_description_get_property (GObject *object,
GValue *value,
GParamSpec *pspec)
{
- PolkitActionDescription *action_description = POLKIT_ACTION_DESCRIPTION (object);
-
- switch (prop_id) {
- case PROP_ACTION_ID:
- g_value_set_string (value, action_description->priv->action_id);
- break;
-
- case PROP_ICON:
- g_value_set_object (value, action_description->priv->icon);
- break;
-
- case PROP_DESCRIPTION:
- g_value_set_string (value, action_description->priv->description);
- break;
-
- case PROP_MESSAGE:
- g_value_set_string (value, action_description->priv->message);
- break;
-
- case PROP_VENDOR_NAME:
- g_value_set_string (value, action_description->priv->vendor_name);
- break;
-
- case PROP_VENDOR_URL:
- g_value_set_string (value, action_description->priv->vendor_url);
- break;
-
- case PROP_ANNOTATIONS:
- g_value_set_boxed (value, action_description->priv->annotations);
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
+ PolkitActionDescription *action_description = POLKIT_ACTION_DESCRIPTION (object);
+
+ switch (prop_id)
+ {
+ case PROP_ACTION_ID:
+ g_value_set_string (value, action_description->priv->action_id);
+ break;
+
+ case PROP_ICON:
+ g_value_set_object (value, action_description->priv->icon);
+ break;
+
+ case PROP_DESCRIPTION:
+ g_value_set_string (value, action_description->priv->description);
+ break;
+
+ case PROP_MESSAGE:
+ g_value_set_string (value, action_description->priv->message);
+ break;
+
+ case PROP_VENDOR_NAME:
+ g_value_set_string (value, action_description->priv->vendor_name);
+ break;
+
+ case PROP_VENDOR_URL:
+ g_value_set_string (value, action_description->priv->vendor_url);
+ break;
+
+ case PROP_ANNOTATIONS:
+ g_value_set_boxed (value, action_description->priv->annotations);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
}
static void
polkit_action_description_init (PolkitActionDescription *action_description)
{
- action_description->priv = POLKIT_ACTION_DESCRIPTION_GET_PRIVATE (action_description);
- action_description->priv->annotations = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
+ action_description->priv = POLKIT_ACTION_DESCRIPTION_GET_PRIVATE (action_description);
+ action_description->priv->annotations = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
}
static void
polkit_action_description_finalize (GObject *object)
{
- PolkitActionDescription *action_description;
+ PolkitActionDescription *action_description;
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_ACTION_DESCRIPTION (object));
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_ACTION_DESCRIPTION (object));
- action_description = POLKIT_ACTION_DESCRIPTION (object);
+ action_description = POLKIT_ACTION_DESCRIPTION (object);
- if (action_description->priv->icon != NULL)
- g_object_unref (action_description->priv->icon);
- g_free (action_description->priv->action_id);
- g_free (action_description->priv->description);
- g_free (action_description->priv->message);
- g_free (action_description->priv->vendor_name);
- g_free (action_description->priv->vendor_url);
- g_hash_table_unref (action_description->priv->annotations);
+ if (action_description->priv->icon != NULL)
+ g_object_unref (action_description->priv->icon);
+ g_free (action_description->priv->action_id);
+ g_free (action_description->priv->description);
+ g_free (action_description->priv->message);
+ g_free (action_description->priv->vendor_name);
+ g_free (action_description->priv->vendor_url);
+ g_hash_table_unref (action_description->priv->annotations);
- G_OBJECT_CLASS (polkit_action_description_parent_class)->finalize (object);
+ G_OBJECT_CLASS (polkit_action_description_parent_class)->finalize (object);
}
static void
polkit_action_description_class_init (PolkitActionDescriptionClass *klass)
{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->get_property = polkit_action_description_get_property;
- object_class->finalize = polkit_action_description_finalize;
-
- /**
- * PolkitActionDescription:action-id:
- *
- * The action id for the action being described.
- */
- g_object_class_install_property (object_class,
- PROP_ACTION_ID,
- g_param_spec_string ("action-id",
- "action-id",
- "The action identifier for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:icon:
- *
- * The icon for the action being described.
- */
- g_object_class_install_property (object_class,
- PROP_ICON,
- g_param_spec_object ("icon",
- "icon",
- "The icon for the action",
- G_TYPE_ICON,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:description:
- *
- * A localized human readable description of the action.
- */
- g_object_class_install_property (object_class,
- PROP_DESCRIPTION,
- g_param_spec_string ("description",
- "description",
- "Description of action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:message:
- *
- * A localized human readable message to display to the user
- * when he lacks an authorization for the action.
- */
- g_object_class_install_property (object_class,
- PROP_MESSAGE,
- g_param_spec_string ("message",
- "message",
- "Message for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:vendor-name:
- *
- * The name of the organization supplying the action.
- */
- g_object_class_install_property (object_class,
- PROP_VENDOR_NAME,
- g_param_spec_string ("vendor-name",
- "vendor-name",
- "Vendor for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:vendor-url:
- *
- * An URL (Uniform Resource Locator) describing the action.
- */
- g_object_class_install_property (object_class,
- PROP_VENDOR_URL,
- g_param_spec_string ("vendor-url",
- "vendor-url",
- "Vendor URL for the action",
- NULL,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitActionDescription:annotations:
- *
- * A set of key/value pairs giving more information about the action.
- */
- g_object_class_install_property (object_class,
- PROP_ANNOTATIONS,
- g_param_spec_boxed ("annotations",
- "annotations",
- "Annotations for the action",
- G_TYPE_HASH_TABLE,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- g_type_class_add_private (klass, sizeof (PolkitActionDescriptionPrivate));
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->get_property = polkit_action_description_get_property;
+ object_class->finalize = polkit_action_description_finalize;
+
+ /**
+ * PolkitActionDescription:action-id:
+ *
+ * The action id for the action being described.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ACTION_ID,
+ g_param_spec_string ("action-id",
+ "action-id",
+ "The action identifier for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:icon:
+ *
+ * The icon for the action being described.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ICON,
+ g_param_spec_object ("icon",
+ "icon",
+ "The icon for the action",
+ G_TYPE_ICON,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:description:
+ *
+ * A localized human readable description of the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_DESCRIPTION,
+ g_param_spec_string ("description",
+ "description",
+ "Description of action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:message:
+ *
+ * A localized human readable message to display to the user
+ * when he lacks an authorization for the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_MESSAGE,
+ g_param_spec_string ("message",
+ "message",
+ "Message for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:vendor-name:
+ *
+ * The name of the organization supplying the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_VENDOR_NAME,
+ g_param_spec_string ("vendor-name",
+ "vendor-name",
+ "Vendor for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:vendor-url:
+ *
+ * An URL (Uniform Resource Locator) describing the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_VENDOR_URL,
+ g_param_spec_string ("vendor-url",
+ "vendor-url",
+ "Vendor URL for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:annotations:
+ *
+ * A set of key/value pairs giving more information about the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ANNOTATIONS,
+ g_param_spec_boxed ("annotations",
+ "annotations",
+ "Annotations for the action",
+ G_TYPE_HASH_TABLE,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ g_type_class_add_private (klass, sizeof (PolkitActionDescriptionPrivate));
}
const gchar *
polkit_action_description_get_action_id (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->action_id;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->action_id;
}
GIcon *
polkit_action_description_get_icon (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- if (action_description->priv->icon != NULL)
- return g_object_ref (action_description->priv->icon);
- return NULL;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ if (action_description->priv->icon != NULL)
+ return g_object_ref (action_description->priv->icon);
+ return NULL;
}
const gchar *
polkit_action_description_get_description (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->description;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->description;
}
const gchar *
polkit_action_description_get_message (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->message;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->message;
}
const gchar *
polkit_action_description_get_vendor_name (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->vendor_name;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->vendor_name;
}
const gchar *
polkit_action_description_get_vendor_url (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->vendor_url;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->vendor_url;
}
GHashTable *
polkit_action_description_get_annotations (PolkitActionDescription *action_description)
{
- g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
- return action_description->priv->annotations;
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->annotations;
}
/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h
index f60fb99..fd36554 100644
--- a/src/polkit/polkitactiondescription.h
+++ b/src/polkit/polkitactiondescription.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -46,13 +44,13 @@ typedef struct _PolkitActionDescriptionPrivate PolkitActionDescriptionPrivate;
struct _PolkitActionDescription
{
- GObject parent_instance;
- PolkitActionDescriptionPrivate *priv;
+ GObject parent_instance;
+ PolkitActionDescriptionPrivate *priv;
};
struct _PolkitActionDescriptionClass
{
- GObjectClass parent_class;
+ GObjectClass parent_class;
};
GType polkit_action_description_get_type (void) G_GNUC_CONST;
diff --git a/src/polkit/polkitauthoritystub.c b/src/polkit/polkitauthoritystub.c
index 812997e..9928f08 100644
--- a/src/polkit/polkitauthoritystub.c
+++ b/src/polkit/polkitauthoritystub.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -38,24 +36,27 @@ static PolkitAuthority *the_authority = NULL;
PolkitAuthority *
polkit_authority_get (void)
{
- PolkitAuthority *authority;
+ PolkitAuthority *authority;
- polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
+ polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
- if (the_authority != NULL) {
- authority = g_object_ref (the_authority);
- } else {
- EggDBusConnection *connection;
+ if (the_authority != NULL)
+ {
+ authority = g_object_ref (the_authority);
+ }
+ else
+ {
+ EggDBusConnection *connection;
- connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
- authority = POLKIT_AUTHORITY (egg_dbus_connection_get_proxy (connection,
- "org.freedesktop.PolicyKit1",
- "/org/freedesktop/PolicyKit1/Authority"));
+ connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+ authority = POLKIT_AUTHORITY (egg_dbus_connection_get_proxy (connection,
+ "org.freedesktop.PolicyKit1",
+ "/org/freedesktop/PolicyKit1/Authority"));
- /* TODO: take a weak reference and set the_authority to NULL on destruction */
+ /* TODO: take a weak reference and set the_authority to NULL on destruction */
- /* TODO: unref connection since authority holds a reference? */
- }
+ /* TODO: unref connection since authority holds a reference? */
+ }
- return authority;
+ return authority;
}
diff --git a/src/polkit/polkitauthoritystub.h b/src/polkit/polkitauthoritystub.h
index cf8296f..d7fe57b 100644
--- a/src/polkit/polkitauthoritystub.h
+++ b/src/polkit/polkitauthoritystub.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
diff --git a/src/polkit/polkitauthorizationclaim.c b/src/polkit/polkitauthorizationclaim.c
index 1d3d501..33b852c 100644
--- a/src/polkit/polkitauthorizationclaim.c
+++ b/src/polkit/polkitauthorizationclaim.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -37,19 +35,18 @@
struct _PolkitAuthorizationClaimPrivate
{
- PolkitSubject *subject;
- char *action_id;
- GHashTable *attributes;
+ PolkitSubject *subject;
+ char *action_id;
+ GHashTable *attributes;
};
enum {
- PROP_0,
- PROP_SUBJECT,
- PROP_ACTION_ID,
- PROP_ATTRIBUTES,
+ PROP_0,
+ PROP_SUBJECT,
+ PROP_ACTION_ID,
+ PROP_ATTRIBUTES,
};
-
G_DEFINE_TYPE (PolkitAuthorizationClaim, polkit_authorization_claim, G_TYPE_OBJECT)
#define POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimPrivate))
@@ -60,25 +57,26 @@ polkit_authorization_claim_get_property (GObject *object,
GValue *value,
GParamSpec *pspec)
{
- PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
-
- switch (prop_id) {
- case PROP_SUBJECT:
- g_value_set_object (value, authorization_claim->priv->subject);
- break;
-
- case PROP_ACTION_ID:
- g_value_set_string (value, authorization_claim->priv->action_id);
- break;
-
- case PROP_ATTRIBUTES:
- g_value_set_boxed (value, authorization_claim->priv->attributes);
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
+ PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+
+ switch (prop_id)
+ {
+ case PROP_SUBJECT:
+ g_value_set_object (value, authorization_claim->priv->subject);
+ break;
+
+ case PROP_ACTION_ID:
+ g_value_set_string (value, authorization_claim->priv->action_id);
+ break;
+
+ case PROP_ATTRIBUTES:
+ g_value_set_boxed (value, authorization_claim->priv->attributes);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
}
static void
@@ -87,156 +85,157 @@ polkit_authorization_claim_set_property (GObject *object,
const GValue *value,
GParamSpec *pspec)
{
- PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
-
- switch (prop_id) {
- case PROP_SUBJECT:
- polkit_authorization_claim_set_subject (authorization_claim, POLKIT_SUBJECT (g_value_get_object (value)));
- break;
-
- case PROP_ACTION_ID:
- polkit_authorization_claim_set_action_id (authorization_claim, g_value_get_string (value));
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
+ PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+
+ switch (prop_id)
+ {
+ case PROP_SUBJECT:
+ polkit_authorization_claim_set_subject (authorization_claim, POLKIT_SUBJECT (g_value_get_object (value)));
+ break;
+
+ case PROP_ACTION_ID:
+ polkit_authorization_claim_set_action_id (authorization_claim, g_value_get_string (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
}
static void
polkit_authorization_claim_init (PolkitAuthorizationClaim *authorization_claim)
{
- authorization_claim->priv = POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE (authorization_claim);
+ authorization_claim->priv = POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE (authorization_claim);
- authorization_claim->priv->attributes = g_hash_table_new_full (g_str_hash,
- g_str_equal,
- g_free,
- g_free);
+ authorization_claim->priv->attributes = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
}
static void
polkit_authorization_claim_finalize (GObject *object)
{
- PolkitAuthorizationClaim *authorization_claim;
+ PolkitAuthorizationClaim *authorization_claim;
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (object));
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (object));
- authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+ authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
- if (authorization_claim->priv->subject != NULL)
- g_object_unref (authorization_claim->priv->subject);
- g_free (authorization_claim->priv->action_id);
- g_hash_table_unref (authorization_claim->priv->attributes);
+ if (authorization_claim->priv->subject != NULL)
+ g_object_unref (authorization_claim->priv->subject);
+ g_free (authorization_claim->priv->action_id);
+ g_hash_table_unref (authorization_claim->priv->attributes);
- G_OBJECT_CLASS (polkit_authorization_claim_parent_class)->finalize (object);
+ G_OBJECT_CLASS (polkit_authorization_claim_parent_class)->finalize (object);
}
static void
polkit_authorization_claim_class_init (PolkitAuthorizationClaimClass *klass)
{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->get_property = polkit_authorization_claim_get_property;
- object_class->set_property = polkit_authorization_claim_set_property;
- object_class->finalize = polkit_authorization_claim_finalize;
-
- /**
- * PolkitAuthorizationClaim:subject:
- *
- * The subject making the authorization claim.
- */
- g_object_class_install_property (object_class,
- PROP_SUBJECT,
- g_param_spec_object ("subject",
- "subject",
- "The subject making the authorization claim",
- POLKIT_TYPE_SUBJECT,
- G_PARAM_CONSTRUCT |
- G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitAuthorizationClaim:action-id:
- *
- * The action id for the authorization claim.
- */
- g_object_class_install_property (object_class,
- PROP_ACTION_ID,
- g_param_spec_string ("action-id",
- "action-id",
- "The action for the authorization claim",
- NULL,
- G_PARAM_CONSTRUCT |
- G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- /**
- * PolkitAuthorizationClaim:attributes:
- *
- * A #GHashTable from strings into the strings containing
- * attributes for the claim.
- */
- g_object_class_install_property (object_class,
- PROP_ATTRIBUTES,
- g_param_spec_boxed ("attributes",
- "attributes",
- "The attributes for the authorization claim",
- G_TYPE_HASH_TABLE,
- G_PARAM_READABLE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- g_type_class_add_private (klass, sizeof (PolkitAuthorizationClaimPrivate));
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->get_property = polkit_authorization_claim_get_property;
+ object_class->set_property = polkit_authorization_claim_set_property;
+ object_class->finalize = polkit_authorization_claim_finalize;
+
+ /**
+ * PolkitAuthorizationClaim:subject:
+ *
+ * The subject making the authorization claim.
+ */
+ g_object_class_install_property (object_class,
+ PROP_SUBJECT,
+ g_param_spec_object ("subject",
+ "subject",
+ "The subject making the authorization claim",
+ POLKIT_TYPE_SUBJECT,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitAuthorizationClaim:action-id:
+ *
+ * The action id for the authorization claim.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ACTION_ID,
+ g_param_spec_string ("action-id",
+ "action-id",
+ "The action for the authorization claim",
+ NULL,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitAuthorizationClaim:attributes:
+ *
+ * A #GHashTable from strings into the strings containing
+ * attributes for the claim.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ATTRIBUTES,
+ g_param_spec_boxed ("attributes",
+ "attributes",
+ "The attributes for the authorization claim",
+ G_TYPE_HASH_TABLE,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ g_type_class_add_private (klass, sizeof (PolkitAuthorizationClaimPrivate));
}
PolkitSubject *
polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim)
{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- return g_object_ref (authorization_claim->priv->subject);
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ return g_object_ref (authorization_claim->priv->subject);
}
void
polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
PolkitSubject *subject)
{
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (POLKIT_IS_SUBJECT (subject));
-
- if (!polkit_subject_equal (authorization_claim->priv->subject, subject)) {
- if (authorization_claim->priv->subject != NULL)
- g_object_unref (authorization_claim->priv->subject);
- authorization_claim->priv->subject = g_object_ref (subject);
- }
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (POLKIT_IS_SUBJECT (subject));
+
+ if (!polkit_subject_equal (authorization_claim->priv->subject, subject)) {
+ if (authorization_claim->priv->subject != NULL)
+ g_object_unref (authorization_claim->priv->subject);
+ authorization_claim->priv->subject = g_object_ref (subject);
+ }
}
gchar *
polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim)
{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- return g_strdup (authorization_claim->priv->action_id);
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ return g_strdup (authorization_claim->priv->action_id);
}
void
polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
const gchar *action_id)
{
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (action_id != NULL);
-
- if (authorization_claim->priv->action_id == NULL ||
- strcmp (authorization_claim->priv->action_id, action_id) != 0) {
- g_free (authorization_claim->priv->action_id);
- authorization_claim->priv->action_id = g_strdup (action_id);
- g_object_notify (G_OBJECT (authorization_claim), "action-id");
- }
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (action_id != NULL);
+
+ if (authorization_claim->priv->action_id == NULL ||
+ strcmp (authorization_claim->priv->action_id, action_id) != 0) {
+ g_free (authorization_claim->priv->action_id);
+ authorization_claim->priv->action_id = g_strdup (action_id);
+ g_object_notify (G_OBJECT (authorization_claim), "action-id");
+ }
}
/**
@@ -252,18 +251,18 @@ polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorizatio
GHashTable *
polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim)
{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- return authorization_claim->priv->attributes;
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ return authorization_claim->priv->attributes;
}
char *
polkit_authorization_claim_get_attribute (PolkitAuthorizationClaim *authorization_claim,
const gchar *key)
{
- g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
- g_return_val_if_fail (key != NULL, NULL);
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ g_return_val_if_fail (key != NULL, NULL);
- return g_strdup (g_hash_table_lookup (authorization_claim->priv->attributes, key));
+ return g_strdup (g_hash_table_lookup (authorization_claim->priv->attributes, key));
}
void
@@ -271,16 +270,19 @@ polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authoriz
const gchar *key,
const gchar *value)
{
- g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
- g_return_if_fail (key != NULL);
-
- if (value == NULL) {
- g_hash_table_remove (authorization_claim->priv->attributes, key);
- } else {
- g_hash_table_replace (authorization_claim->priv->attributes,
- g_strdup (key),
- g_strdup (value));
- }
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (key != NULL);
+
+ if (value == NULL)
+ {
+ g_hash_table_remove (authorization_claim->priv->attributes, key);
+ }
+ else
+ {
+ g_hash_table_replace (authorization_claim->priv->attributes,
+ g_strdup (key),
+ g_strdup (value));
+ }
}
@@ -288,12 +290,12 @@ PolkitAuthorizationClaim *
polkit_authorization_claim_new (PolkitSubject *subject,
const gchar *action_id)
{
- PolkitAuthorizationClaim *authorization_claim;
+ PolkitAuthorizationClaim *authorization_claim;
- authorization_claim = POLKIT_AUTHORIZATION_CLAIM (g_object_new (POLKIT_TYPE_AUTHORIZATION_CLAIM,
- "subject", subject,
- "action-id", action_id,
- NULL));
+ authorization_claim = POLKIT_AUTHORIZATION_CLAIM (g_object_new (POLKIT_TYPE_AUTHORIZATION_CLAIM,
+ "subject", subject,
+ "action-id", action_id,
+ NULL));
- return authorization_claim;
+ return authorization_claim;
}
diff --git a/src/polkit/polkitauthorizationclaim.h b/src/polkit/polkitauthorizationclaim.h
index 7689897..ab481ca 100644
--- a/src/polkit/polkitauthorizationclaim.h
+++ b/src/polkit/polkitauthorizationclaim.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -46,13 +44,13 @@ typedef struct _PolkitAuthorizationClaimPrivate PolkitAuthorizationClaimPrivate;
struct _PolkitAuthorizationClaim
{
- GObject parent_instance;
- PolkitAuthorizationClaimPrivate *priv;
+ GObject parent_instance;
+ PolkitAuthorizationClaimPrivate *priv;
};
struct _PolkitAuthorizationClaimClass
{
- GObjectClass parent_class;
+ GObjectClass parent_class;
};
GType polkit_authorization_claim_get_type (void) G_GNUC_CONST;
diff --git a/src/polkit/polkitauthorizationresult.c b/src/polkit/polkitauthorizationresult.c
index f2d019a..1123691 100644
--- a/src/polkit/polkitauthorizationresult.c
+++ b/src/polkit/polkitauthorizationresult.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -39,17 +37,17 @@
GType
polkit_authorization_result_get_type (void)
{
- static GType etype = 0;
+ static GType etype = 0;
- if (etype == 0)
- {
- static const GEnumValue values[] = {
- ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED, "NotAuthorized"),
- ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_AUTHORIZED, "Authorized"),
- ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_CHALLENGE, "Challenge"),
- { 0, 0, 0 }
- };
- etype = g_enum_register_static ("PolkitAuthorizationResult", values);
- }
- return etype;
+ if (etype == 0)
+ {
+ static const GEnumValue values[] = {
+ ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED, "NotAuthorized"),
+ ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_AUTHORIZED, "Authorized"),
+ ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_CHALLENGE, "Challenge"),
+ { 0, 0, 0 }
+ };
+ etype = g_enum_register_static ("PolkitAuthorizationResult", values);
+ }
+ return etype;
}
diff --git a/src/polkit/polkitauthorizationresult.h b/src/polkit/polkitauthorizationresult.h
index 4c3fda3..041ae35 100644
--- a/src/polkit/polkitauthorizationresult.h
+++ b/src/polkit/polkitauthorizationresult.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -43,9 +41,9 @@ G_BEGIN_DECLS
* The possible results when checking whether a claim is authorized.
*/
typedef enum {
- POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED,
- POLKIT_AUTHORIZATION_RESULT_AUTHORIZED,
- POLKIT_AUTHORIZATION_RESULT_CHALLENGE
+ POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED,
+ POLKIT_AUTHORIZATION_RESULT_AUTHORIZED,
+ POLKIT_AUTHORIZATION_RESULT_CHALLENGE
} PolkitAuthorizationResult;
GType polkit_authorization_result_get_type (void) G_GNUC_CONST;
diff --git a/src/polkit/polkiterror.c b/src/polkit/polkiterror.c
deleted file mode 100644
index 3ec9cf0..0000000
--- a/src/polkit/polkiterror.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <polkit/polkiterror.h>
-
-/**
- * SECTION:polkiterror
- * @title: PolkitError
- * @short_description: Error helper functions
- * @include: polkit/polkit.h
- *
- * Contains helper functions for reporting errors to the user.
- **/
-
-/**
- * polkit_error_quark:
- *
- * Gets the #PolkitError Quark.
- *
- * Return value: a #GQuark.
- **/
-GQuark
-polkit_error_quark (void)
-{
- return g_quark_from_static_string ("g-polkit-error-quark");
-}
-
-#define ENUM_ENTRY(NAME, DESC) { NAME, "" #NAME "", DESC }
-
-GType
-polkit_error_get_type (void)
-{
- static GType etype = 0;
-
- if (etype == 0)
- {
- static const GEnumValue values[] = {
- ENUM_ENTRY (POLKIT_ERROR_FAILED, "Failed"),
- ENUM_ENTRY (POLKIT_ERROR_NOT_SUPPORTED, "NotSupported"),
- { 0, 0, 0 }
- };
- g_assert (POLKIT_ERROR_NUM_ERRORS == G_N_ELEMENTS (values) - 1);
- etype = g_enum_register_static ("PolkitErrorEnum", values);
- }
- return etype;
-}
diff --git a/src/polkit/polkiterror.h b/src/polkit/polkiterror.h
deleted file mode 100644
index 73da465..0000000
--- a/src/polkit/polkiterror.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_ERROR_H
-#define __POLKIT_ERROR_H
-
-#include <glib-object.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_ERROR (polkit_error_get_type ())
-
-/**
- * POLKIT_ERROR:
- *
- * Error domain for PolicyKit. Errors in this domain will be from the
- * #PolkitErrorEnum enumeration. See #GError for more information on
- * error domains.
- **/
-#define POLKIT_ERROR polkit_error_quark()
-
-GQuark polkit_error_quark (void);
-GType polkit_error_get_type (void) G_GNUC_CONST;
-
-/**
- * PolkitErrorEnum:
- * @POLKIT_ERROR_FAILED: The operation failed.
- * @POLKIT_ERROR_NOT_SUPPORTED: Operation not supported by backend.
- *
- * Error codes returned by PolicyKit functions.
- */
-typedef enum {
- POLKIT_ERROR_FAILED,
- POLKIT_ERROR_NOT_SUPPORTED,
- POLKIT_ERROR_NUM_ERRORS
-} PolkitErrorEnum;
-
-G_END_DECLS
-
-#endif /* __POLKIT_ERROR_H */
-
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index 7db6c80..ffa46e7 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -179,7 +179,7 @@ polkit_subject_new_for_unix_group (gid_t unix_group_id)
PolkitSubjectKind
polkit_subject_get_kind (PolkitSubject *subject)
{
- gchar *kind_str;
+ const gchar *kind_str;
PolkitSubjectKind kind;
g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), -1);
@@ -201,8 +201,6 @@ polkit_subject_get_kind (PolkitSubject *subject)
kind = -1;
}
- g_free (kind_str);
-
return kind;
}
@@ -288,8 +286,6 @@ polkit_subject_unix_process_get_id (PolkitSubject *subject)
variant = g_hash_table_lookup (value, "unix-process-id");
pid = (pid_t) egg_dbus_variant_get_uint32 (variant);
- egg_dbus_hash_table_unref (value);
-
return pid;
}
@@ -319,8 +315,6 @@ polkit_subject_unix_user_get_id (PolkitSubject *subject)
variant = g_hash_table_lookup (value, "unix-user-id");
uid = (uid_t) egg_dbus_variant_get_uint32 (variant);
- egg_dbus_hash_table_unref (value);
-
return uid;
}
@@ -350,8 +344,6 @@ polkit_subject_unix_group_get_id (PolkitSubject *subject)
variant = g_hash_table_lookup (value, "unix-group-id");
gid = (gid_t) egg_dbus_variant_get_uint32 (variant);
- egg_dbus_hash_table_unref (value);
-
return gid;
}
diff --git a/src/polkitbackend/polkitbackend.h b/src/polkitbackend/polkitbackend.h
index c1c3839..6d8f963 100644
--- a/src/polkitbackend/polkitbackend.h
+++ b/src/polkitbackend/polkitbackend.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
diff --git a/src/polkitbackend/polkitbackendlocal.c b/src/polkitbackend/polkitbackendlocal.c
index dfe353e..39d120b 100644
--- a/src/polkitbackend/polkitbackendlocal.c
+++ b/src/polkitbackend/polkitbackendlocal.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -32,7 +30,7 @@
typedef struct
{
- guint foo;
+ guint foo;
} PolkitBackendLocalPrivate;
static void authority_iface_init (PolkitAuthorityIface *authority_iface,
@@ -48,43 +46,43 @@ G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocal, polkit_backend_local, G_TYPE_OBJECT
static void
polkit_backend_local_finalize (GObject *object)
{
- PolkitBackendLocal *backend;
- PolkitBackendLocalPrivate *priv;
+ PolkitBackendLocal *backend;
+ PolkitBackendLocalPrivate *priv;
- backend = POLKIT_BACKEND_LOCAL (object);
- priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
+ backend = POLKIT_BACKEND_LOCAL (object);
+ priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
- G_OBJECT_CLASS (polkit_backend_local_parent_class)->finalize (object);
+ G_OBJECT_CLASS (polkit_backend_local_parent_class)->finalize (object);
}
static void
polkit_backend_local_class_init (PolkitBackendLocalClass *klass)
{
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
- gobject_class->finalize = polkit_backend_local_finalize;
+ gobject_class->finalize = polkit_backend_local_finalize;
- g_type_class_add_private (klass, sizeof (PolkitBackendLocalPrivate));
+ g_type_class_add_private (klass, sizeof (PolkitBackendLocalPrivate));
}
static void
polkit_backend_local_init (PolkitBackendLocal *backend)
{
- PolkitBackendLocalPrivate *priv;
+ PolkitBackendLocalPrivate *priv;
- priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
+ priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
}
PolkitBackendLocal *
polkit_backend_local_new (void)
{
- PolkitBackendLocal *backend;
+ PolkitBackendLocal *backend;
- backend = POLKIT_BACKEND_LOCAL (g_object_new (POLKIT_TYPE_BACKEND_LOCAL,
- NULL));
+ backend = POLKIT_BACKEND_LOCAL (g_object_new (POLKIT_TYPE_BACKEND_LOCAL,
+ NULL));
- return backend;
+ return backend;
}
static void
@@ -92,58 +90,61 @@ authority_iface_handle_say_hello (PolkitAuthority *instance,
const gchar *message,
EggDBusMethodInvocation *method_invocation)
{
- gchar *result;
+ gchar *result;
- result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
+ result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
- polkit_authority_handle_say_hello_finish (method_invocation,
- result);
+ polkit_authority_handle_say_hello_finish (method_invocation,
+ result);
- g_free (result);
+ g_free (result);
}
static void
authority_iface_handle_enumerate_users (PolkitAuthority *instance,
EggDBusMethodInvocation *method_invocation)
{
- struct passwd *passwd;
- GList *list;
+ struct passwd *passwd;
+ GList *list;
- list = NULL;
+ list = NULL;
- passwd = getpwent ();
- if (passwd == NULL) {
- egg_dbus_method_invocation_return_error (method_invocation,
- POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "getpwent failed: %s",
- strerror (errno));
- goto out;
- }
+ passwd = getpwent ();
+ if (passwd == NULL)
+ {
+ egg_dbus_method_invocation_return_error (method_invocation,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getpwent failed: %s",
+ strerror (errno));
+ goto out;
+ }
- do {
- PolkitSubject *subject;
+ do
+ {
+ PolkitSubject *subject;
- subject = polkit_subject_new_for_unix_user (passwd->pw_uid);
+ subject = polkit_subject_new_for_unix_user (passwd->pw_uid);
- list = g_list_prepend (list, subject);
- } while ((passwd = getpwent ()) != NULL);
- endpwent ();
+ list = g_list_prepend (list, subject);
+ }
+ while ((passwd = getpwent ()) != NULL);
+ endpwent ();
- list = g_list_reverse (list);
+ list = g_list_reverse (list);
- polkit_authority_handle_enumerate_users_finish (method_invocation,
- list);
+ polkit_authority_handle_enumerate_users_finish (method_invocation,
+ list);
out:
- g_list_foreach (list, (GFunc) g_object_unref, NULL);
- g_list_free (list);
+ g_list_foreach (list, (GFunc) g_object_unref, NULL);
+ g_list_free (list);
}
static void
authority_iface_init (PolkitAuthorityIface *authority_iface,
gpointer iface_data)
{
- authority_iface->handle_say_hello = authority_iface_handle_say_hello;
- authority_iface->handle_enumerate_users = authority_iface_handle_enumerate_users;
+ authority_iface->handle_say_hello = authority_iface_handle_say_hello;
+ authority_iface->handle_enumerate_users = authority_iface_handle_enumerate_users;
}
diff --git a/src/polkitbackend/polkitbackendlocal.h b/src/polkitbackend/polkitbackendlocal.h
index 50332e1..114cceb 100644
--- a/src/polkitbackend/polkitbackendlocal.h
+++ b/src/polkitbackend/polkitbackendlocal.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -44,25 +42,25 @@ typedef struct _PolkitBackendLocalClass PolkitBackendLocalClass;
struct _PolkitBackendLocal
{
- GObject parent_instance;
+ GObject parent_instance;
};
struct _PolkitBackendLocalClass
{
- GObjectClass parent_class;
-
- /*< public >*/
-
- /*< private >*/
- /* Padding for future expansion */
- void (*_polkit_reserved1) (void);
- void (*_polkit_reserved2) (void);
- void (*_polkit_reserved3) (void);
- void (*_polkit_reserved4) (void);
- void (*_polkit_reserved5) (void);
- void (*_polkit_reserved6) (void);
- void (*_polkit_reserved7) (void);
- void (*_polkit_reserved8) (void);
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /*< private >*/
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
};
GType polkit_backend_local_get_type (void) G_GNUC_CONST;
diff --git a/src/polkitd/main.c b/src/polkitd/main.c
index 878bb45..2dd4b8c 100644
--- a/src/polkitd/main.c
+++ b/src/polkitd/main.c
@@ -1,27 +1,22 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
*
- * Copyright (C) 2007 David Zeuthen <david at fubar.dk>
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
*
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use, copy,
- * modify, merge, publish, distribute, sublicense, and/or sell copies
- * of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
*
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
*
+ * Author: David Zeuthen <davidz at redhat.com>
*/
#ifdef HAVE_CONFIG_H
@@ -34,58 +29,60 @@
static PolkitAuthority *
get_authority_backend (void)
{
- /* TODO: use extension points etc. */
- return POLKIT_AUTHORITY (polkit_backend_local_new ());
+ /* TODO: use extension points etc. */
+ return POLKIT_AUTHORITY (polkit_backend_local_new ());
}
int
main (int argc, char **argv)
{
- int ret;
- guint rn_ret;
- GError *error;
- GMainLoop *loop;
- EggDBusConnection *connection;
- PolkitAuthority *authority;
+ int ret;
+ guint rn_ret;
+ GError *error;
+ GMainLoop *loop;
+ EggDBusConnection *connection;
+ PolkitAuthority *authority;
- ret = 1;
+ ret = 1;
- g_type_init ();
- polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
+ g_type_init ();
+ polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
- loop = g_main_loop_new (NULL, FALSE);
- connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+ loop = g_main_loop_new (NULL, FALSE);
+ connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
- error = NULL;
- if (!egg_dbus_bus_invoke_request_name (egg_dbus_connection_get_bus_proxy (connection),
- 0, /* call flags */
- "org.freedesktop.PolicyKit1",
- 0, /* flags */
- &rn_ret,
- NULL,
- &error)) {
- g_warning ("error: %s", error->message);
- g_error_free (error);
- goto out;
- }
+ error = NULL;
+ if (!egg_dbus_bus_invoke_request_name (egg_dbus_connection_get_bus_proxy (connection),
+ 0, /* call flags */
+ "org.freedesktop.PolicyKit1",
+ 0, /* flags */
+ &rn_ret,
+ NULL,
+ &error))
+ {
+ g_warning ("error: %s", error->message);
+ g_error_free (error);
+ goto out;
+ }
- if (rn_ret != 1) {
- g_warning ("could not become primary name owner");
- goto out;
- }
+ if (rn_ret != 1)
+ {
+ g_warning ("could not become primary name owner");
+ goto out;
+ }
- authority = get_authority_backend ();
+ authority = get_authority_backend ();
- egg_dbus_connection_export_object (connection,
- G_OBJECT (authority),
- "/org/freedesktop/PolicyKit1/Authority");
+ egg_dbus_connection_export_object (connection,
+ G_OBJECT (authority),
+ "/org/freedesktop/PolicyKit1/Authority");
- g_main_loop_run (loop);
- g_object_unref (authority);
- g_object_unref (connection);
+ g_main_loop_run (loop);
+ g_object_unref (authority);
+ g_object_unref (connection);
- ret = 0;
+ ret = 0;
out:
- return ret;
+ return ret;
}
diff --git a/src/programs/polkit-verify-claim.c b/src/programs/polkit-verify-claim.c
index 2c07fb3..87f1a5c 100644
--- a/src/programs/polkit-verify-claim.c
+++ b/src/programs/polkit-verify-claim.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -26,27 +24,27 @@
int
main (int argc, char *argv[])
{
- GError *error;
- PolkitAuthority *authority;
- gchar *result;
+ GError *error;
+ PolkitAuthority *authority;
+ gchar *result;
- g_type_init ();
+ g_type_init ();
- authority = polkit_authority_get ();
+ authority = polkit_authority_get ();
- error = NULL;
- polkit_authority_invoke_say_hello (authority,
- 0, /* call_flags */
- "Hi there!",
- &result,
- NULL,
- &error);
- g_print ("Authority replied: %s\n", result);
- g_free (result);
+ error = NULL;
+ polkit_authority_invoke_say_hello (authority,
+ 0, /* call_flags */
+ "Hi there!",
+ &result,
+ NULL,
+ &error);
+ g_print ("Authority replied: %s\n", result);
+ g_free (result);
- g_object_unref (authority);
+ g_object_unref (authority);
- return 0;
+ return 0;
}
commit 516935ec77c5b6ebbec37ddb5abbbb00133ecd32
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Dec 3 20:46:17 2008 -0500
update for arg shuffling in EggDBus HEAD
diff --git a/src/polkitbackend/polkitbackendlocal.c b/src/polkitbackend/polkitbackendlocal.c
index 8de4cdf..dfe353e 100644
--- a/src/polkitbackend/polkitbackendlocal.c
+++ b/src/polkitbackend/polkitbackendlocal.c
@@ -96,9 +96,8 @@ authority_iface_handle_say_hello (PolkitAuthority *instance,
result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
- polkit_authority_handle_say_hello_finish (instance,
- result,
- method_invocation);
+ polkit_authority_handle_say_hello_finish (method_invocation,
+ result);
g_free (result);
}
@@ -133,9 +132,8 @@ authority_iface_handle_enumerate_users (PolkitAuthority *instance,
list = g_list_reverse (list);
- polkit_authority_handle_enumerate_users_finish (instance,
- list,
- method_invocation);
+ polkit_authority_handle_enumerate_users_finish (method_invocation,
+ list);
out:
g_list_foreach (list, (GFunc) g_object_unref, NULL);
commit 0cde8d85bedd07241326a69ca746f71d1490e35c
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Dec 3 19:01:07 2008 -0500
implement EnumerateUsers()
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index dbd5b4c..c31c173 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -1,18 +1,21 @@
-<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
-<node name="/">
+<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
+"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
+<node>
+
+ <!-- User defined struct -->
+ <annotation name="org.gtk.EggDBus.DeclareStruct" value="Subject">
+ <annotation name="org.gtk.EggDBus.Struct.Signature" value="(sa{sv})"/>
+ </annotation>
<interface name="org.freedesktop.PolicyKit1.Authority">
<method name="SayHello">
- <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
<arg name="message" direction="in" type="s"/>
<arg name="result" direction="out" type="s"/>
</method>
- <method name="CheckClaims">
- <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
- <arg name="claims" direction="in" type="a(ssa{ss})"/>
- <arg name="result" direction="out" type="s"/>
+ <method name="EnumerateUsers">
+ <arg name="users" direction="out" type="a(sa{sv})"/>
</method>
</interface>
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
index 26b5cf2..557ebfa 100644
--- a/docs/polkit/polkit-docs.xml
+++ b/docs/polkit/polkit-docs.xml
@@ -69,8 +69,6 @@
<xi:include href="xml/polkitactiondescription.xml"/>
<xi:include href="xml/polkiterror.xml"/>
<xi:include href="xml/polkitsubject.xml"/>
- <xi:include href="xml/polkituser.xml"/>
- <xi:include href="xml/polkitprocess.xml"/>
<chapter id="extending">
<title>Extending PolicyKit</title>
<xi:include href="../polkitbackend/xml/polkitbackendlocal.xml"/>
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index d3d34d9..4f64341 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -42,8 +42,6 @@ libpolkit_gobject_1include_HEADERS = \
polkitauthorizationresult.h \
polkiterror.h \
polkitsubject.h \
- polkituser.h \
- polkitprocess.h \
polkitbindings.h \
polkitbindingstypes.h \
polkitauthority.h \
@@ -57,8 +55,6 @@ libpolkit_gobject_1_la_SOURCES = \
polkitauthorizationresult.h polkitauthorizationresult.c \
polkiterror.h polkiterror.c \
polkitsubject.h polkitsubject.c \
- polkituser.h polkituser.c \
- polkitprocess.h polkitprocess.c \
$(BUILT_SOURCES) \
$(NULL)
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index 57bc2f5..1f701f8 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -32,8 +32,6 @@
#include <polkit/polkitsubject.h>
#include <polkit/polkitauthorizationclaim.h>
#include <polkit/polkitauthorizationresult.h>
-#include <polkit/polkituser.h>
-#include <polkit/polkitprocess.h>
#include <polkit/polkitactiondescription.h>
#undef _POLKIT_INSIDE_POLKIT_H
diff --git a/src/polkit/polkitauthorizationclaim.h b/src/polkit/polkitauthorizationclaim.h
index b04304b..7689897 100644
--- a/src/polkit/polkitauthorizationclaim.h
+++ b/src/polkit/polkitauthorizationclaim.h
@@ -25,12 +25,12 @@
#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
#endif
-#ifndef __POLKIT_AUTHORIZATION_CLAIM_H__
-#define __POLKIT_AUTHORIZATION_CLAIM_H__
-
#include <glib-object.h>
#include <polkit/polkitsubject.h>
+#ifndef __POLKIT_AUTHORIZATION_CLAIM_H__
+#define __POLKIT_AUTHORIZATION_CLAIM_H__
+
G_BEGIN_DECLS
#define POLKIT_TYPE_AUTHORIZATION_CLAIM (polkit_authorization_claim_get_type ())
diff --git a/src/polkit/polkitprocess.c b/src/polkit/polkitprocess.c
deleted file mode 100644
index a522682..0000000
--- a/src/polkit/polkitprocess.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <string.h>
-
-#include "polkitprocess.h"
-
-/**
- * SECTION:polkitprocess
- * @short_description: Process
- * @include: polkit/polkit.h
- *
- * Represents a process.
- */
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-struct _PolkitProcessPrivate
-{
- GPid pid;
-};
-
-enum {
- PROP_0,
- PROP_PID,
-};
-
-static void polkit_process_subject_iface_init (PolkitSubjectIface *iface);
-
-G_DEFINE_TYPE_WITH_CODE (PolkitProcess, polkit_process, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT,
- polkit_process_subject_iface_init))
-
-#define POLKIT_PROCESS_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_PROCESS, PolkitProcessPrivate))
-
-static void
-polkit_process_get_property (GObject *object,
- guint prop_id,
- GValue *value,
- GParamSpec *pspec)
-{
- PolkitProcess *process = POLKIT_PROCESS (object);
-
- switch (prop_id) {
- case PROP_PID:
- g_value_set_int (value, process->priv->pid);
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-polkit_process_set_property (GObject *object,
- guint prop_id,
- const GValue *value,
- GParamSpec *pspec)
-{
- PolkitProcess *process = POLKIT_PROCESS (object);
-
- switch (prop_id) {
- case PROP_PID:
- polkit_process_set_pid (process, g_value_get_int (value));
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-polkit_process_init (PolkitProcess *process)
-{
- process->priv = POLKIT_PROCESS_GET_PRIVATE (process);
-}
-
-static void
-polkit_process_finalize (GObject *object)
-{
- PolkitProcess *process;
-
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_PROCESS (object));
-
- process = POLKIT_PROCESS (object);
-
- G_OBJECT_CLASS (polkit_process_parent_class)->finalize (object);
-}
-
-static void
-polkit_process_class_init (PolkitProcessClass *klass)
-{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->get_property = polkit_process_get_property;
- object_class->set_property = polkit_process_set_property;
- object_class->finalize = polkit_process_finalize;
-
- /**
- * PolkitProcess:pid:
- *
- * The process id.
- */
- g_object_class_install_property (object_class,
- PROP_PID,
- g_param_spec_int ("pid",
- "pid",
- "The process id",
- -1,
- G_MAXINT, /* TODO: maybe there's a MAX_PID? */
- -1,
- G_PARAM_CONSTRUCT |
- G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- g_type_class_add_private (klass, sizeof (PolkitProcessPrivate));
-}
-
-pid_t
-polkit_process_get_pid (PolkitProcess *process)
-{
- g_return_val_if_fail (POLKIT_IS_PROCESS (process), -1);
- return process->priv->pid;
-}
-
-void
-polkit_process_set_pid (PolkitProcess *process,
- pid_t pid)
-{
- g_return_if_fail (POLKIT_IS_PROCESS (process));
- if (pid != process->priv->pid) {
- process->priv->pid = pid;
- g_object_notify (G_OBJECT (process), "pid");
- }
-}
-
-PolkitSubject *
-polkit_process_new (pid_t pid)
-{
- return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_PROCESS,
- "pid", pid,
- NULL));
-}
-
-static gboolean
-polkit_process_equal (PolkitSubject *subject1,
- PolkitSubject *subject2)
-{
- PolkitProcess *process1 = POLKIT_PROCESS (subject1);
- PolkitProcess *process2 = POLKIT_PROCESS (subject2);
-
- return process1->priv->pid == process2->priv->pid;
-}
-
-static void
-polkit_process_subject_iface_init (PolkitSubjectIface *iface)
-{
- iface->equal = polkit_process_equal;
-}
diff --git a/src/polkit/polkitprocess.h b/src/polkit/polkitprocess.h
deleted file mode 100644
index c992801..0000000
--- a/src/polkit/polkitprocess.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_PROCESS_H__
-#define __POLKIT_PROCESS_H__
-
-#include <sys/types.h>
-#include <glib-object.h>
-#include <polkit/polkitsubject.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_PROCESS (polkit_process_get_type ())
-#define POLKIT_PROCESS(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_PROCESS, PolkitProcess))
-#define POLKIT_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_PROCESS, PolkitProcessClass))
-#define POLKIT_IS_PROCESS(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_PROCESS))
-#define POLKIT_IS_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_PROCESS))
-#define POLKIT_PROCESS_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_PROCESS, PolkitProcessClass))
-
-typedef struct _PolkitProcess PolkitProcess;
-typedef struct _PolkitProcessClass PolkitProcessClass;
-typedef struct _PolkitProcessPrivate PolkitProcessPrivate;
-
-struct _PolkitProcess
-{
- GObject parent_instance;
- PolkitProcessPrivate *priv;
-};
-
-struct _PolkitProcessClass
-{
- GObjectClass parent_class;
-};
-
-GType polkit_process_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_process_new (pid_t pid);
-pid_t polkit_process_get_pid (PolkitProcess *process);
-void polkit_process_set_pid (PolkitProcess *process,
- pid_t pid);
-
-G_END_DECLS
-
-#endif /* __POLKIT_PROCESS_H__ */
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
index 062a7de..7db6c80 100644
--- a/src/polkit/polkitsubject.c
+++ b/src/polkit/polkitsubject.c
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -21,95 +19,339 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
-#include "config.h"
-
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+#include <string.h>
+#include "polkitbindings.h"
#include "polkitsubject.h"
/**
* SECTION:polkitsubject
* @title: PolkitSubject
- * @short_description: Interface for subjects
- * @include: polkit/polkit.h
- *
- * #PolkitSubject is a very minimal interface for subjects. It provides functions
- * for checking the equality of two subjects
+ * @short_description: Subjects
*
- * To check if two #PolkitSubjects are equal, see polkit_subject_equal().
- **/
+ * The #PolkitSubject type is used for representing subject such as
+ * users, groups and processes.
+ */
-static void polkit_subject_base_init (gpointer g_class);
-static void polkit_subject_class_init (gpointer g_class,
- gpointer class_data);
+static void
+base_init (gpointer g_iface)
+{
+}
GType
polkit_subject_get_type (void)
{
- static volatile gsize g_define_type_id__volatile = 0;
-
- if (g_once_init_enter (&g_define_type_id__volatile)) {
- const GTypeInfo subject_info = {
- sizeof (PolkitSubjectIface), /* class_size */
- polkit_subject_base_init, /* base_init */
- NULL, /* base_finalize */
- polkit_subject_class_init, /* class_init */
- NULL, /* class_finalize */
- NULL, /* class_data */
- 0,
- 0, /* n_preallocs */
- NULL
- };
-
- GType g_define_type_id =
- g_type_register_static (G_TYPE_INTERFACE,
- "PolkitSubject",
- &subject_info,
- 0);
-
- g_type_interface_add_prerequisite (g_define_type_id, G_TYPE_OBJECT);
-
- g_once_init_leave (&g_define_type_id__volatile, g_define_type_id);
- }
-
- return g_define_type_id__volatile;
+ static GType iface_type = 0;
+
+ if (iface_type == 0)
+ {
+ static const GTypeInfo info =
+ {
+ sizeof (PolkitSubjectIface),
+ base_init, /* base_init */
+ NULL, /* base_finalize */
+ NULL, /* class_init */
+ NULL, /* class_finalize */
+ NULL, /* class_data */
+ 0, /* instance_size */
+ 0, /* n_preallocs */
+ NULL, /* instance_init */
+ NULL /* value_table */
+ };
+
+ iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitSubject", &info, 0);
+
+ g_type_interface_add_prerequisite (iface_type, EGG_DBUS_TYPE_STRUCTURE);
+ }
+
+ return iface_type;
}
-static void
-polkit_subject_class_init (gpointer g_class,
- gpointer class_data)
+/**
+ * polkit_subject_new_for_unix_process:
+ * @unix_process_id: The Process ID.
+ *
+ * Constructs a new #PolkitSubject for a the UNIX process with PID @process_id.
+ *
+ * Returns: A #PolkitSubject.
+ */
+PolkitSubject *
+polkit_subject_new_for_unix_process (pid_t unix_process_id)
{
+ GValue *values;
+ EggDBusHashTable *properties;
+
+ properties = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ (GDestroyNotify) g_free,
+ (GDestroyNotify) g_object_unref);
+ egg_dbus_hash_table_set_signature (properties, "s", "v");
+
+ g_hash_table_insert (properties,
+ g_strdup ("unix-process-id"),
+ egg_dbus_variant_new_for_uint32 (unix_process_id));
+
+ values = g_new0 (GValue, 2);
+ g_value_init (&(values[0]), G_TYPE_STRING);
+ g_value_set_string (&(values[0]), "unix-process");
+ g_value_init (&(values[1]), EGG_DBUS_TYPE_HASH_TABLE);
+ g_value_set_boxed (&(values[1]), properties);
+
+ return POLKIT_SUBJECT (egg_dbus_structure_new ("(sa{sv})", 2, values));
}
-static void
-polkit_subject_base_init (gpointer g_class)
+/**
+ * polkit_subject_new_for_unix_user:
+ * @unix_user_id: The User ID.
+ *
+ * Constructs a new #PolkitSubject for a the UNIX user with UID @user_id.
+ *
+ * Returns: A #PolkitSubject.
+ */
+PolkitSubject *
+polkit_subject_new_for_unix_user (uid_t unix_user_id)
{
+ GValue *values;
+ EggDBusHashTable *properties;
+
+ properties = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ (GDestroyNotify) g_free,
+ (GDestroyNotify) g_object_unref);
+ egg_dbus_hash_table_set_signature (properties, "s", "v");
+
+ g_hash_table_insert (properties,
+ g_strdup ("unix-user-id"),
+ egg_dbus_variant_new_for_uint32 (unix_user_id));
+
+ values = g_new0 (GValue, 2);
+ g_value_init (&(values[0]), G_TYPE_STRING);
+ g_value_set_string (&(values[0]), "unix-user");
+ g_value_init (&(values[1]), EGG_DBUS_TYPE_HASH_TABLE);
+ g_value_set_boxed (&(values[1]), properties);
+
+ return POLKIT_SUBJECT (egg_dbus_structure_new ("(sa{sv})", 2, values));
}
+/**
+ * polkit_subject_new_for_unix_group:
+ * @unix_group_id: The Group ID.
+ *
+ * Constructs a new #PolkitSubject for a the UNIX group with GID @group_id.
+ *
+ * Returns: A #PolkitSubject.
+ */
+PolkitSubject *
+polkit_subject_new_for_unix_group (gid_t unix_group_id)
+{
+ GValue *values;
+ EggDBusHashTable *properties;
+
+ properties = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ (GDestroyNotify) g_free,
+ (GDestroyNotify) g_object_unref);
+ egg_dbus_hash_table_set_signature (properties, "s", "v");
+
+ g_hash_table_insert (properties,
+ g_strdup ("unix-group-id"),
+ egg_dbus_variant_new_for_uint32 (unix_group_id));
+
+ values = g_new0 (GValue, 2);
+ g_value_init (&(values[0]), G_TYPE_STRING);
+ g_value_set_string (&(values[0]), "unix-group");
+ g_value_init (&(values[1]), EGG_DBUS_TYPE_HASH_TABLE);
+ g_value_set_boxed (&(values[1]), properties);
+
+ return POLKIT_SUBJECT (egg_dbus_structure_new ("(sa{sv})", 2, values));
+}
+
+/**
+ * polkit_subject_get_kind:
+ * @subject: A #PolkitSubject.
+ *
+ * Gets the kind of @subject.
+ *
+ * Returns: A #PolkitSubjectKind.
+ */
+PolkitSubjectKind
+polkit_subject_get_kind (PolkitSubject *subject)
+{
+ gchar *kind_str;
+ PolkitSubjectKind kind;
+
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), -1);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, -1);
+
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
+ 0, &kind_str,
+ -1);
+
+ if (strcmp (kind_str, "unix-process") == 0)
+ kind = POLKIT_SUBJECT_KIND_UNIX_PROCESS;
+ else if (strcmp (kind_str, "unix-user") == 0)
+ kind = POLKIT_SUBJECT_KIND_UNIX_USER;
+ else if (strcmp (kind_str, "unix-group") == 0)
+ kind = POLKIT_SUBJECT_KIND_UNIX_GROUP;
+ else
+ {
+ g_warning ("unknown kind str '%s'", kind_str);
+ kind = -1;
+ }
+
+ g_free (kind_str);
+
+ return kind;
+}
/**
* polkit_subject_equal:
- * @subject1: pointer to the first #PolkitSubject.
- * @subject2: pointer to the second #PolkitSubject.
+ * @a: A #PolkitSubject.
+ * @b: A #PolkitSubject.
*
- * Checks if two subjects are equal.
+ * Checks if the two subjects @a and @b are equal.
*
- * Returns: %TRUE if @subject1 is equal to @subject2. %FALSE otherwise.
+ * Returns: %TRUE if @a and @b are equal, %FALSE otherwise.
**/
gboolean
-polkit_subject_equal (PolkitSubject *subject1,
- PolkitSubject *subject2)
+polkit_subject_equal (PolkitSubject *a,
+ PolkitSubject *b)
+{
+ gboolean ret;
+ PolkitSubjectKind kind_a;
+ PolkitSubjectKind kind_b;
+
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (a), FALSE);
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (b), FALSE);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (a)), "(sa{sv})") == 0, FALSE);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (b)), "(sa{sv})") == 0, FALSE);
+
+ ret = FALSE;
+
+ kind_a = polkit_subject_get_kind (a);
+ kind_b = polkit_subject_get_kind (b);
+
+ if (kind_a != kind_b)
+ goto out;
+
+ switch (kind_a)
+ {
+ case POLKIT_SUBJECT_KIND_UNIX_PROCESS:
+ if (polkit_subject_unix_process_get_id (a) == polkit_subject_unix_process_get_id (b))
+ ret = TRUE;
+ break;
+
+ case POLKIT_SUBJECT_KIND_UNIX_USER:
+ if (polkit_subject_unix_user_get_id (a) == polkit_subject_unix_user_get_id (b))
+ ret = TRUE;
+ break;
+
+ case POLKIT_SUBJECT_KIND_UNIX_GROUP:
+ if (polkit_subject_unix_group_get_id (a) == polkit_subject_unix_group_get_id (b))
+ ret = TRUE;
+ break;
+
+ default:
+ /* get_kind() will already have warned */
+ goto out;
+ }
+
+ out:
+ return ret;
+}
+
+/**
+ * polkit_subject_unix_process_get_id:
+ * @subject: A #PolkitSubject of the @POLKIT_SUBJECT_KIND_UNIX_PROCESS kind.
+ *
+ * Gets the UNIX process id for @subject.
+ *
+ * Returns: UNIX process id.
+ **/
+pid_t
+polkit_subject_unix_process_get_id (PolkitSubject *subject)
+{
+ EggDBusHashTable *value;
+ EggDBusVariant *variant;
+ pid_t pid;
+
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), 0);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, 0);
+ g_return_val_if_fail (polkit_subject_get_kind (subject) != POLKIT_SUBJECT_KIND_UNIX_PROCESS, 0);
+
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
+ 1, &value,
+ -1);
+
+ variant = g_hash_table_lookup (value, "unix-process-id");
+ pid = (pid_t) egg_dbus_variant_get_uint32 (variant);
+
+ egg_dbus_hash_table_unref (value);
+
+ return pid;
+}
+
+/**
+ * polkit_subject_unix_user_get_id:
+ * @subject: A #PolkitSubject of the @POLKIT_SUBJECT_KIND_UNIX_USER kind.
+ *
+ * Gets the UNIX user id for @subject.
+ *
+ * Returns: UNIX user id.
+ **/
+uid_t
+polkit_subject_unix_user_get_id (PolkitSubject *subject)
{
- PolkitSubjectIface *iface;
+ EggDBusHashTable *value;
+ EggDBusVariant *variant;
+ uid_t uid;
- if (subject1 == NULL && subject2 == NULL)
- return TRUE;
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), 0);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, 0);
+ g_return_val_if_fail (polkit_subject_get_kind (subject) != POLKIT_SUBJECT_KIND_UNIX_USER, 0);
- if (subject1 == NULL || subject2 == NULL)
- return FALSE;
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
+ 1, &value,
+ -1);
- if (G_TYPE_FROM_INSTANCE (subject1) != G_TYPE_FROM_INSTANCE (subject2))
- return FALSE;
+ variant = g_hash_table_lookup (value, "unix-user-id");
+ uid = (uid_t) egg_dbus_variant_get_uint32 (variant);
- iface = POLKIT_SUBJECT_GET_IFACE (subject1);
+ egg_dbus_hash_table_unref (value);
- return (* iface->equal) (subject1, subject2);
+ return uid;
}
+
+/**
+ * polkit_subject_unix_group_get_id:
+ * @subject: A #PolkitSubject of the @POLKIT_SUBJECT_KIND_UNIX_GROUP kind.
+ *
+ * Gets the UNIX group id for @subject.
+ *
+ * Returns: UNIX group id.
+ **/
+gid_t
+polkit_subject_unix_group_get_id (PolkitSubject *subject)
+{
+ EggDBusHashTable *value;
+ EggDBusVariant *variant;
+ gid_t gid;
+
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), 0);
+ g_return_val_if_fail (strcmp (egg_dbus_structure_get_signature (EGG_DBUS_STRUCTURE (subject)), "(sa{sv})") == 0, 0);
+ g_return_val_if_fail (polkit_subject_get_kind (subject) != POLKIT_SUBJECT_KIND_UNIX_GROUP, 0);
+
+ egg_dbus_structure_get_element (EGG_DBUS_STRUCTURE (subject),
+ 1, &value,
+ -1);
+
+ variant = g_hash_table_lookup (value, "unix-group-id");
+ gid = (gid_t) egg_dbus_variant_get_uint32 (variant);
+
+ egg_dbus_hash_table_unref (value);
+
+ return gid;
+}
+
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
index df29922..8b47786 100644
--- a/src/polkit/polkitsubject.h
+++ b/src/polkit/polkitsubject.h
@@ -1,5 +1,3 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
/*
* Copyright (C) 2008 Red Hat, Inc.
*
@@ -21,52 +19,49 @@
* Author: David Zeuthen <davidz at redhat.com>
*/
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_SUBJECT_H__
-#define __POLKIT_SUBJECT_H__
+#ifndef __POLKIT_SUBJECT_H
+#define __POLKIT_SUBJECT_H
+#include <sys/types.h>
+#include <unistd.h>
#include <glib-object.h>
+#include <polkit/polkitbindings.h>
G_BEGIN_DECLS
-#define POLKIT_TYPE_SUBJECT (polkit_subject_get_type ())
-#define POLKIT_SUBJECT(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), POLKIT_TYPE_SUBJECT, PolkitSubject))
-#define POLKIT_IS_SUBJECT(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), POLKIT_TYPE_SUBJECT))
-#define POLKIT_SUBJECT_GET_IFACE(obj) (G_TYPE_INSTANCE_GET_INTERFACE ((obj), POLKIT_TYPE_SUBJECT, PolkitSubjectIface))
+#define POLKIT_TYPE_SUBJECT (polkit_subject_get_type())
+#define POLKIT_SUBJECT(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_SUBJECT, PolkitSubject))
+#define POLKIT_IS_SUBJECT(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_SUBJECT))
+#define POLKIT_SUBJECT_GET_IFACE(o) (G_TYPE_INSTANCE_GET_INTERFACE((o), POLKIT_TYPE_SUBJECT, PolkitSubjectIface))
-/**
- * PolkitSubject:
- *
- * An abstract type that specifies a subject.
- **/
-typedef struct _PolkitSubject PolkitSubject;
+#if 0
+typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */
+#endif
typedef struct _PolkitSubjectIface PolkitSubjectIface;
-/**
- * PolkitSubjectIface:
- * @g_iface: The parent interface.
- * @equal: Checks if two #PolkitSubject<!-- -->s are equal.
- *
- * #PolkitSubjectIface is used to implement #PolkitSubject types for various
- * different subjects
- */
-struct _PolkitSubjectIface
+typedef enum
{
- GTypeInterface g_iface;
-
- /* Virtual Table */
+ POLKIT_SUBJECT_KIND_UNIX_PROCESS,
+ POLKIT_SUBJECT_KIND_UNIX_USER,
+ POLKIT_SUBJECT_KIND_UNIX_GROUP,
+} PolkitSubjectKind;
- gboolean (* equal) (PolkitSubject *subject1,
- PolkitSubject *subject2);
+struct _PolkitSubjectIface
+{
+ GTypeInterface g_iface;
};
-GType polkit_subject_get_type (void) G_GNUC_CONST;
-gboolean polkit_subject_equal (PolkitSubject *subject1,
- PolkitSubject *subject2);
+GType polkit_subject_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_subject_new_for_unix_process (pid_t unix_process_id);
+PolkitSubject *polkit_subject_new_for_unix_user (uid_t unix_user_id);
+PolkitSubject *polkit_subject_new_for_unix_group (gid_t unix_group_id);
+PolkitSubjectKind polkit_subject_get_kind (PolkitSubject *subject);
+pid_t polkit_subject_unix_process_get_id (PolkitSubject *subject);
+uid_t polkit_subject_unix_user_get_id (PolkitSubject *subject);
+gid_t polkit_subject_unix_group_get_id (PolkitSubject *subject);
+gboolean polkit_subject_equal (PolkitSubject *a,
+ PolkitSubject *b);
G_END_DECLS
-#endif /* __POLKIT_SUBJECT_H__ */
+#endif /* __POLKIT_SUBJECT_H */
diff --git a/src/polkit/polkituser.c b/src/polkit/polkituser.c
deleted file mode 100644
index 32d691f..0000000
--- a/src/polkit/polkituser.c
+++ /dev/null
@@ -1,188 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <string.h>
-
-#include "polkituser.h"
-
-/**
- * SECTION:polkituser
- * @short_description: User
- * @include: polkit/polkit.h
- *
- * Represents a user.
- */
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-struct _PolkitUserPrivate
-{
- char *user_name;
-};
-
-enum {
- PROP_0,
- PROP_USER_NAME,
-};
-
-static void polkit_user_subject_iface_init (PolkitSubjectIface *iface);
-
-G_DEFINE_TYPE_WITH_CODE (PolkitUser, polkit_user, G_TYPE_OBJECT,
- G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT,
- polkit_user_subject_iface_init))
-
-#define POLKIT_USER_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_USER, PolkitUserPrivate))
-
-static void
-polkit_user_get_property (GObject *object,
- guint prop_id,
- GValue *value,
- GParamSpec *pspec)
-{
- PolkitUser *user = POLKIT_USER (object);
-
- switch (prop_id) {
- case PROP_USER_NAME:
- g_value_set_string (value, user->priv->user_name);
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-polkit_user_set_property (GObject *object,
- guint prop_id,
- const GValue *value,
- GParamSpec *pspec)
-{
- PolkitUser *user = POLKIT_USER (object);
-
- switch (prop_id) {
- case PROP_USER_NAME:
- polkit_user_set_user_name (user, g_value_get_string (value));
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-polkit_user_init (PolkitUser *user)
-{
- user->priv = POLKIT_USER_GET_PRIVATE (user);
-}
-
-static void
-polkit_user_finalize (GObject *object)
-{
- PolkitUser *user;
-
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_USER (object));
-
- user = POLKIT_USER (object);
-
- g_free (user->priv->user_name);
-
- G_OBJECT_CLASS (polkit_user_parent_class)->finalize (object);
-}
-
-static void
-polkit_user_class_init (PolkitUserClass *klass)
-{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->get_property = polkit_user_get_property;
- object_class->set_property = polkit_user_set_property;
- object_class->finalize = polkit_user_finalize;
-
- /**
- * PolkitUser:user-name:
- *
- * The user name.
- */
- g_object_class_install_property (object_class,
- PROP_USER_NAME,
- g_param_spec_string ("user-name",
- "user-name",
- "The user name",
- NULL,
- G_PARAM_CONSTRUCT |
- G_PARAM_READWRITE |
- G_PARAM_STATIC_NAME |
- G_PARAM_STATIC_NICK |
- G_PARAM_STATIC_BLURB));
-
- g_type_class_add_private (klass, sizeof (PolkitUserPrivate));
-}
-
-gchar *
-polkit_user_get_user_name (PolkitUser *user)
-{
- g_return_val_if_fail (POLKIT_IS_USER (user), NULL);
- return g_strdup (user->priv->user_name);
-}
-
-void
-polkit_user_set_user_name (PolkitUser *user,
- const char *user_name)
-{
- g_return_if_fail (POLKIT_IS_USER (user));
- g_return_if_fail (user_name != NULL);
-
- if (user->priv->user_name == NULL || strcmp (user_name, user->priv->user_name) != 0) {
- g_free (user->priv->user_name);
- user->priv->user_name = g_strdup (user_name);
- g_object_notify (G_OBJECT (user), "user-name");
- }
-}
-
-PolkitSubject *
-polkit_user_new (const gchar *user_name)
-{
- return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_USER,
- "user-name", user_name,
- NULL));
-}
-
-static gboolean
-polkit_user_equal (PolkitSubject *subject1,
- PolkitSubject *subject2)
-{
- PolkitUser *user1 = POLKIT_USER (subject1);
- PolkitUser *user2 = POLKIT_USER (subject2);
-
- return strcmp (user1->priv->user_name, user2->priv->user_name) == 0;
-}
-
-static void
-polkit_user_subject_iface_init (PolkitSubjectIface *iface)
-{
- iface->equal = polkit_user_equal;
-}
diff --git a/src/polkit/polkituser.h b/src/polkit/polkituser.h
deleted file mode 100644
index 44e4a56..0000000
--- a/src/polkit/polkituser.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_USER_H__
-#define __POLKIT_USER_H__
-
-#include <glib-object.h>
-#include <polkit/polkitsubject.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_USER (polkit_user_get_type ())
-#define POLKIT_USER(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_USER, PolkitUser))
-#define POLKIT_USER_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_USER, PolkitUserClass))
-#define POLKIT_IS_USER(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_USER))
-#define POLKIT_IS_USER_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_USER))
-#define POLKIT_USER_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_USER, PolkitUserClass))
-
-typedef struct _PolkitUser PolkitUser;
-typedef struct _PolkitUserClass PolkitUserClass;
-typedef struct _PolkitUserPrivate PolkitUserPrivate;
-
-struct _PolkitUser
-{
- GObject parent_instance;
- PolkitUserPrivate *priv;
-};
-
-struct _PolkitUserClass
-{
- GObjectClass parent_class;
-};
-
-GType polkit_user_get_type (void) G_GNUC_CONST;
-PolkitSubject *polkit_user_new (const char *user_name);
-gchar *polkit_user_get_user_name (PolkitUser *user);
-void polkit_user_set_user_name (PolkitUser *user,
- const gchar *user_name);
-
-G_END_DECLS
-
-#endif /* __POLKIT_USER_H__ */
diff --git a/src/polkitbackend/polkitbackendlocal.c b/src/polkitbackend/polkitbackendlocal.c
index 044cc15..8de4cdf 100644
--- a/src/polkitbackend/polkitbackendlocal.c
+++ b/src/polkitbackend/polkitbackendlocal.c
@@ -22,6 +22,9 @@
*/
#include "config.h"
+#include <errno.h>
+#include <pwd.h>
+#include <string.h>
#include <polkit/polkit.h>
#include "polkitbackendlocal.h"
@@ -100,10 +103,49 @@ authority_iface_handle_say_hello (PolkitAuthority *instance,
g_free (result);
}
+static void
+authority_iface_handle_enumerate_users (PolkitAuthority *instance,
+ EggDBusMethodInvocation *method_invocation)
+{
+ struct passwd *passwd;
+ GList *list;
+
+ list = NULL;
+
+ passwd = getpwent ();
+ if (passwd == NULL) {
+ egg_dbus_method_invocation_return_error (method_invocation,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "getpwent failed: %s",
+ strerror (errno));
+ goto out;
+ }
+
+ do {
+ PolkitSubject *subject;
+
+ subject = polkit_subject_new_for_unix_user (passwd->pw_uid);
+
+ list = g_list_prepend (list, subject);
+ } while ((passwd = getpwent ()) != NULL);
+ endpwent ();
+
+ list = g_list_reverse (list);
+
+ polkit_authority_handle_enumerate_users_finish (instance,
+ list,
+ method_invocation);
+
+ out:
+ g_list_foreach (list, (GFunc) g_object_unref, NULL);
+ g_list_free (list);
+}
static void
authority_iface_init (PolkitAuthorityIface *authority_iface,
gpointer iface_data)
{
- authority_iface->handle_say_hello = authority_iface_handle_say_hello;
+ authority_iface->handle_say_hello = authority_iface_handle_say_hello;
+ authority_iface->handle_enumerate_users = authority_iface_handle_enumerate_users;
}
commit f1026325a38b47625d8d0375dd6739a1e41e2df9
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Dec 3 14:01:12 2008 -0500
forgot to add local backend impl
diff --git a/src/polkitbackend/polkitbackendlocal.c b/src/polkitbackend/polkitbackendlocal.c
new file mode 100644
index 0000000..044cc15
--- /dev/null
+++ b/src/polkitbackend/polkitbackendlocal.c
@@ -0,0 +1,109 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <polkit/polkit.h>
+#include "polkitbackendlocal.h"
+
+/* TODO: locking */
+
+typedef struct
+{
+ guint foo;
+} PolkitBackendLocalPrivate;
+
+static void authority_iface_init (PolkitAuthorityIface *authority_iface,
+ gpointer iface_data);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocal, polkit_backend_local, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_AUTHORITY,
+ authority_iface_init)
+ );
+
+#define POLKIT_BACKEND_LOCAL_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_LOCAL, PolkitBackendLocalPrivate))
+
+static void
+polkit_backend_local_finalize (GObject *object)
+{
+ PolkitBackendLocal *backend;
+ PolkitBackendLocalPrivate *priv;
+
+ backend = POLKIT_BACKEND_LOCAL (object);
+ priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
+
+ G_OBJECT_CLASS (polkit_backend_local_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_local_class_init (PolkitBackendLocalClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_backend_local_finalize;
+
+ g_type_class_add_private (klass, sizeof (PolkitBackendLocalPrivate));
+}
+
+
+static void
+polkit_backend_local_init (PolkitBackendLocal *backend)
+{
+ PolkitBackendLocalPrivate *priv;
+
+ priv = POLKIT_BACKEND_LOCAL_GET_PRIVATE (backend);
+}
+
+PolkitBackendLocal *
+polkit_backend_local_new (void)
+{
+ PolkitBackendLocal *backend;
+
+ backend = POLKIT_BACKEND_LOCAL (g_object_new (POLKIT_TYPE_BACKEND_LOCAL,
+ NULL));
+
+ return backend;
+}
+
+static void
+authority_iface_handle_say_hello (PolkitAuthority *instance,
+ const gchar *message,
+ EggDBusMethodInvocation *method_invocation)
+{
+ gchar *result;
+
+ result = g_strdup_printf ("You said '%s' to the AUTHORITY!", message);
+
+ polkit_authority_handle_say_hello_finish (instance,
+ result,
+ method_invocation);
+
+ g_free (result);
+}
+
+
+static void
+authority_iface_init (PolkitAuthorityIface *authority_iface,
+ gpointer iface_data)
+{
+ authority_iface->handle_say_hello = authority_iface_handle_say_hello;
+}
diff --git a/src/polkitbackend/polkitbackendlocal.h b/src/polkitbackend/polkitbackendlocal.h
new file mode 100644
index 0000000..50332e1
--- /dev/null
+++ b/src/polkitbackend/polkitbackendlocal.h
@@ -0,0 +1,75 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_BACKEND_COMPILATION) && !defined(_POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H)
+#error "Only <polkitbackend/polkitbackend.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#include <glib-object.h>
+
+#ifndef __POLKIT_BACKEND_LOCAL_H
+#define __POLKIT_BACKEND_LOCAL_H
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_BACKEND_LOCAL (polkit_backend_local_get_type ())
+#define POLKIT_BACKEND_LOCAL(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_LOCAL, PolkitBackendLocal))
+#define POLKIT_BACKEND_LOCAL_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND_LOCAL, PolkitBackendLocalClass))
+#define POLKIT_BACKEND_LOCAL_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_LOCAL,PolkitBackendLocalClass))
+#define POLKIT_IS_BACKEND_LOCAL(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_LOCAL))
+#define POLKIT_IS_BACKEND_LOCAL_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_LOCAL))
+
+typedef struct _PolkitBackendLocal PolkitBackendLocal;
+typedef struct _PolkitBackendLocalClass PolkitBackendLocalClass;
+
+struct _PolkitBackendLocal
+{
+ GObject parent_instance;
+};
+
+struct _PolkitBackendLocalClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /*< private >*/
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_backend_local_get_type (void) G_GNUC_CONST;
+
+PolkitBackendLocal *polkit_backend_local_new (void);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_LOCAL_H */
+
commit 071c3d76a20f9a96c88f287f4cc39a5171cc6219
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Dec 3 13:59:12 2008 -0500
start using EggDBus
diff --git a/configure.ac b/configure.ac
index 4882377..1aaf600 100644
--- a/configure.ac
+++ b/configure.ac
@@ -118,21 +118,13 @@ if test "x$GCC" = "xyes"; then
changequote([,])dnl
fi
-PKG_CHECK_MODULES(GLIB, [gio-2.0 >= 2.14.0])
-AC_SUBST(GIO_CFLAGS)
-AC_SUBST(GIO_LIBS)
-
PKG_CHECK_MODULES(GLIB, [glib-2.0 >= 2.14.0 gio-2.0 >= 2.14.0])
AC_SUBST(GLIB_CFLAGS)
AC_SUBST(GLIB_LIBS)
-PKG_CHECK_MODULES(DBUS, [dbus-1 >= 1.0])
-AC_SUBST(DBUS_CFLAGS)
-AC_SUBST(DBUS_LIBS)
-
-PKG_CHECK_MODULES(DBUS_GLIB, [dbus-glib-1 >= 0.73])
-AC_SUBST(DBUS_GLIB_CFLAGS)
-AC_SUBST(DBUS_GLIB_LIBS)
+PKG_CHECK_MODULES(EGG_DBUS, [eggdbus-1 >= 0.1])
+AC_SUBST(EGG_DBUS_CFLAGS)
+AC_SUBST(EGG_DBUS_LIBS)
EXPAT_LIB=""
AC_ARG_WITH(expat, [ --with-expat=<dir> Use expat from here],
@@ -167,10 +159,13 @@ Makefile
data/Makefile
src/Makefile
src/polkit/Makefile
+src/polkitbackend/Makefile
src/polkitd/Makefile
src/programs/Makefile
docs/version.xml
docs/Makefile
+docs/polkit/Makefile
+docs/polkitbackend/Makefile
docs/man/Makefile
po/Makefile.in
])
diff --git a/docs/Makefile.am b/docs/Makefile.am
index b647ac9..a349fad 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -1,76 +1,4 @@
-SUBDIRS = man
+SUBDIRS = man polkitbackend polkit
-NULL =
-
-AUTOMAKE_OPTIONS = 1.7
-
-# The name of the module.
-DOC_MODULE=polkit
-
-# The top-level SGML file.
-DOC_MAIN_SGML_FILE=polkit-docs.xml
-
-# Extra options to supply to gtkdoc-scan
-SCAN_OPTIONS=--ignore-headers=config.h
-
-# The directory containing the source code. Relative to $(srcdir)
-DOC_SOURCE_DIR=../src/polkit
-
-# Used for dependencies
-HFILE_GLOB=$(top_srcdir)/src/polkit/*.h
-CFILE_GLOB=$(top_srcdir)/src/polkit/*.c
-
-# Headers to ignore
-IGNORE_HFILES= \
- $(NULL)
-
-# CFLAGS and LDFLAGS for compiling scan program. Only needed
-# if $(DOC_MODULE).types is non-empty.
-INCLUDES = \
- $(DBUS_GLIB_CFLAGS) \
- $(GLIB_CFLAGS) \
- $(GIO_CFLAGS) \
- -I$(top_srcdir)/src/polkit \
- -I$(top_builddir)/src/polkit \
- $(NULL)
-
-GTKDOC_LIBS = \
- $(DBUS_GLIB_LIBS) \
- $(GLIB_LIBS) \
- $(GIO_LIBS) \
- $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
- $(NULL)
-
-# Extra options to supply to gtkdoc-mkdb
-MKDB_OPTIONS=--sgml-mode --output-format=xml
-
-# Extra options to supply to gtkdoc-mktmpl
-MKTMPL_OPTIONS=
-
-# Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
-content_files = \
- version.xml \
- $(NULL)
-
-# Images to copy into HTML directory
-HTML_IMAGES = \
- $(NULL)
-
-# Extra options to supply to gtkdoc-fixref
-FIXXREF_OPTIONS=
-
-MAINTAINERCLEANFILES = \
- *~ \
- Makefile.in \
- polkit.types \
- polkit-*.txt \
- $(NULL)
-
-if ENABLE_GTK_DOC
-include $(top_srcdir)/gtk-doc.make
-else
-EXTRA_DIST =
-endif
-
-EXTRA_DIST += version.xml.in
+EXTRA_DIST = version.xml.in
diff --git a/docs/polkit-docs.xml b/docs/polkit-docs.xml
deleted file mode 100644
index 565bfe0..0000000
--- a/docs/polkit-docs.xml
+++ /dev/null
@@ -1,99 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
- "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-<!ENTITY version SYSTEM "version.xml">
-]>
-<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
- <bookinfo>
- <title>PolicyKit Reference Manual</title>
- <releaseinfo>Version &version;</releaseinfo>
- <authorgroup>
- <author>
- <firstname>David</firstname>
- <surname>Zeuthen</surname>
- <affiliation>
- <address>
- <email>davidz at redhat.com</email>
- </address>
- </affiliation>
- </author>
- </authorgroup>
-
- <copyright>
- <year>2008</year>
- <holder>The PolicyKit Authors</holder>
- </copyright>
-
- <legalnotice>
- <para>
- Permission is granted to copy, distribute and/or modify this
- document under the terms of the <citetitle>GNU Free
- Documentation License</citetitle>, Version 1.1 or any later
- version published by the Free Software Foundation with no
- Invariant Sections, no Front-Cover Texts, and no Back-Cover
- Texts. You may obtain a copy of the <citetitle>GNU Free
- Documentation License</citetitle> from the Free Software
- Foundation by visiting <ulink type="http"
- url="http://www.fsf.org">their Web site</ulink> or by writing
- to:
-
- <address>
- The Free Software Foundation, Inc.,
- <street>59 Temple Place</street> - Suite 330,
- <city>Boston</city>, <state>MA</state> <postcode>02111-1307</postcode>,
- <country>USA</country>
- </address>
- </para>
-
- <para>
- Many of the names used by companies to distinguish their
- products and services are claimed as trademarks. Where those
- names appear in any GNOME documentation, and those trademarks
- are made aware to the members of the GNOME Documentation
- Project, the names have been printed in caps or initial caps.
- </para>
- </legalnotice>
- </bookinfo>
-
- <reference id="ref-api">
- <title>API Reference</title>
- <partintro>
- <para>
- This part presents the class and function reference for the
- <literal>libpolkit-gobject-1</literal> library.
- </para>
- </partintro>
- <xi:include href="xml/polkitauthority.xml"/>
- <xi:include href="xml/polkitauthorizationclaim.xml"/>
- <xi:include href="xml/polkitauthorizationresult.xml"/>
- <xi:include href="xml/polkitactiondescription.xml"/>
- <xi:include href="xml/polkiterror.xml"/>
- <xi:include href="xml/polkitsubject.xml"/>
- <xi:include href="xml/polkituser.xml"/>
- <xi:include href="xml/polkitprocess.xml"/>
- <chapter id="extending">
- <title>Extending PolicyKit</title>
- <xi:include href="xml/polkitbackend.xml"/>
- <xi:include href="xml/polkitlocalbackend.xml"/>
- <xi:include href="xml/polkitbackendstub.xml"/>
- </chapter>
- </reference>
-
- <chapter id="polkit-hierarchy">
- <title>Object Hierarchy</title>
- <xi:include href="xml/tree_index.sgml"/>
- </chapter>
-
- <index>
- <title>Index</title>
- </index>
-
- <!-- License -->
-
- <appendix id="license">
- <title>License</title>
- <para>
-<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../COPYING" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
- </para>
- </appendix>
-</book>
diff --git a/docs/polkit/Makefile.am b/docs/polkit/Makefile.am
new file mode 100644
index 0000000..44f7c8c
--- /dev/null
+++ b/docs/polkit/Makefile.am
@@ -0,0 +1,74 @@
+
+NULL =
+
+AUTOMAKE_OPTIONS = 1.7
+
+# The name of the module.
+DOC_MODULE=polkit
+
+# The top-level SGML file.
+DOC_MAIN_SGML_FILE=polkit-docs.xml
+
+# Extra options to supply to gtkdoc-scan
+SCAN_OPTIONS=--ignore-headers=config.h
+
+# The directory containing the source code. Relative to $(srcdir)
+DOC_SOURCE_DIR=../../src/polkit
+
+# Used for dependencies
+HFILE_GLOB=$(top_srcdir)/src/polkit/*.h
+CFILE_GLOB=$(top_srcdir)/src/polkit/*.c
+
+# Headers to ignore
+IGNORE_HFILES= \
+ $(NULL)
+
+# CFLAGS and LDFLAGS for compiling scan program. Only needed
+# if $(DOC_MODULE).types is non-empty.
+INCLUDES = \
+ $(DBUS_GLIB_CFLAGS) \
+ $(GLIB_CFLAGS) \
+ $(GIO_CFLAGS) \
+ -I$(top_srcdir)/src/polkit \
+ -I$(top_builddir)/src/polkit \
+ $(NULL)
+
+GTKDOC_LIBS = \
+ $(DBUS_GLIB_LIBS) \
+ $(GLIB_LIBS) \
+ $(GIO_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-mkdb
+MKDB_OPTIONS=--sgml-mode --output-format=xml
+
+# Extra options to supply to gtkdoc-mktmpl
+MKTMPL_OPTIONS=
+
+# Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
+content_files = \
+ ../version.xml \
+ $(NULL)
+
+# Images to copy into HTML directory
+HTML_IMAGES = \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-fixref
+FIXXREF_OPTIONS=
+
+MAINTAINERCLEANFILES = \
+ *~ \
+ Makefile.in \
+ polkit.types \
+ polkit-*.txt \
+ $(NULL)
+
+if ENABLE_GTK_DOC
+include $(top_srcdir)/gtk-doc.make
+else
+EXTRA_DIST =
+endif
+
+EXTRA_DIST += version.xml.in
diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml
new file mode 100644
index 0000000..26b5cf2
--- /dev/null
+++ b/docs/polkit/polkit-docs.xml
@@ -0,0 +1,97 @@
+<?xml version="1.0"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
+<!ENTITY version SYSTEM "../version.xml">
+]>
+<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
+ <bookinfo>
+ <title>PolicyKit Reference Manual</title>
+ <releaseinfo>Version &version;</releaseinfo>
+ <authorgroup>
+ <author>
+ <firstname>David</firstname>
+ <surname>Zeuthen</surname>
+ <affiliation>
+ <address>
+ <email>davidz at redhat.com</email>
+ </address>
+ </affiliation>
+ </author>
+ </authorgroup>
+
+ <copyright>
+ <year>2008</year>
+ <holder>The PolicyKit Authors</holder>
+ </copyright>
+
+ <legalnotice>
+ <para>
+ Permission is granted to copy, distribute and/or modify this
+ document under the terms of the <citetitle>GNU Free
+ Documentation License</citetitle>, Version 1.1 or any later
+ version published by the Free Software Foundation with no
+ Invariant Sections, no Front-Cover Texts, and no Back-Cover
+ Texts. You may obtain a copy of the <citetitle>GNU Free
+ Documentation License</citetitle> from the Free Software
+ Foundation by visiting <ulink type="http"
+ url="http://www.fsf.org">their Web site</ulink> or by writing
+ to:
+
+ <address>
+ The Free Software Foundation, Inc.,
+ <street>59 Temple Place</street> - Suite 330,
+ <city>Boston</city>, <state>MA</state> <postcode>02111-1307</postcode>,
+ <country>USA</country>
+ </address>
+ </para>
+
+ <para>
+ Many of the names used by companies to distinguish their
+ products and services are claimed as trademarks. Where those
+ names appear in any GNOME documentation, and those trademarks
+ are made aware to the members of the GNOME Documentation
+ Project, the names have been printed in caps or initial caps.
+ </para>
+ </legalnotice>
+ </bookinfo>
+
+ <reference id="ref-api">
+ <title>API Reference</title>
+ <partintro>
+ <para>
+ This part presents the class and function reference for the
+ <literal>libpolkit-gobject-1</literal> library.
+ </para>
+ </partintro>
+ <xi:include href="xml/polkitauthority.xml"/>
+ <xi:include href="xml/polkitauthorizationclaim.xml"/>
+ <xi:include href="xml/polkitauthorizationresult.xml"/>
+ <xi:include href="xml/polkitactiondescription.xml"/>
+ <xi:include href="xml/polkiterror.xml"/>
+ <xi:include href="xml/polkitsubject.xml"/>
+ <xi:include href="xml/polkituser.xml"/>
+ <xi:include href="xml/polkitprocess.xml"/>
+ <chapter id="extending">
+ <title>Extending PolicyKit</title>
+ <xi:include href="../polkitbackend/xml/polkitbackendlocal.xml"/>
+ </chapter>
+ </reference>
+
+ <chapter id="polkit-hierarchy">
+ <title>Object Hierarchy</title>
+ <xi:include href="xml/tree_index.sgml"/>
+ </chapter>
+
+ <index>
+ <title>Index</title>
+ </index>
+
+ <!-- License -->
+
+ <appendix id="license">
+ <title>License</title>
+ <para>
+<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../COPYING" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
+ </para>
+ </appendix>
+</book>
diff --git a/docs/polkitbackend/Makefile.am b/docs/polkitbackend/Makefile.am
new file mode 100644
index 0000000..6ec2bce
--- /dev/null
+++ b/docs/polkitbackend/Makefile.am
@@ -0,0 +1,73 @@
+
+NULL =
+
+AUTOMAKE_OPTIONS = 1.7
+
+# The name of the module.
+DOC_MODULE=polkitbackend
+
+# The top-level SGML file.
+DOC_MAIN_SGML_FILE=polkitbackend-docs.xml
+
+# Extra options to supply to gtkdoc-scan
+SCAN_OPTIONS=--ignore-headers=config.h
+
+# The directory containing the source code. Relative to $(srcdir)
+DOC_SOURCE_DIR=../../src/polkitbackend
+
+# Used for dependencies
+HFILE_GLOB=$(top_srcdir)/src/polkitbackend/*.h
+CFILE_GLOB=$(top_srcdir)/src/polkitbackend/*.c
+
+# Headers to ignore
+IGNORE_HFILES= \
+ $(NULL)
+
+# CFLAGS and LDFLAGS for compiling scan program. Only needed
+# if $(DOC_MODULE).types is non-empty.
+INCLUDES = \
+ $(DBUS_GLIB_CFLAGS) \
+ $(GLIB_CFLAGS) \
+ $(GIO_CFLAGS) \
+ -I$(top_srcdir)/src/polkitbackend \
+ -I$(top_builddir)/src/polkitbackend \
+ $(NULL)
+
+GTKDOC_LIBS = \
+ $(DBUS_GLIB_LIBS) \
+ $(GLIB_LIBS) \
+ $(GIO_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(top_builddir)/src/polkitbackend/libpolkit-backend-1.la \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-mkdb
+MKDB_OPTIONS=--sgml-mode --output-format=xml
+
+# Extra options to supply to gtkdoc-mktmpl
+MKTMPL_OPTIONS=
+
+# Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
+content_files = \
+ ../version.xml \
+ $(NULL)
+
+# Images to copy into HTML directory
+HTML_IMAGES = \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-fixref
+FIXXREF_OPTIONS=
+
+MAINTAINERCLEANFILES = \
+ *~ \
+ Makefile.in \
+ polkitbackend.types \
+ polkit-*.txt \
+ $(NULL)
+
+if ENABLE_GTK_DOC
+include $(top_srcdir)/gtk-doc.make
+else
+EXTRA_DIST =
+endif
diff --git a/docs/polkitbackend/polkitbackend-docs.xml b/docs/polkitbackend/polkitbackend-docs.xml
new file mode 100644
index 0000000..7a56075
--- /dev/null
+++ b/docs/polkitbackend/polkitbackend-docs.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
+<!ENTITY version SYSTEM "../version.xml">
+]>
+<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
+</book>
diff --git a/src/Makefile.am b/src/Makefile.am
index 562a3e2..7538232 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,5 +1,5 @@
-SUBDIRS = polkit polkitd programs
+SUBDIRS = polkit polkitbackend polkitd programs
clean-local :
rm -f *~
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 1ab8817..d3d34d9 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -14,16 +14,20 @@ INCLUDES = \
-D_REENTRANT \
$(NULL)
-BUILT_SOURCES = \
- polkitbackendstubglue.h \
- polkitauthorityglue.h \
+BUILT_SOURCES = \
+ polkitbindings.h polkitbindings.c \
+ polkitbindingstypes.h \
+ polkitauthority.h polkitauthority.c \
+ polkitbindingsmarshal.h polkitbindingsmarshal.c \
+ polkitbindingsmarshal.list \
$(NULL)
-polkitbackendstubglue.h: $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml Makefile.am
- dbus-binding-tool --prefix=_polkit_backend_stub --mode=glib-server --output=polkitbackendstubglue.h $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
-
-polkitauthorityglue.h: $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml Makefile.am
- dbus-binding-tool --mode=glib-client --output=polkitauthorityglue.h $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
+$(BUILT_SOURCES) : Makefile.am $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
+ dbus2gobject \
+ --namespace "Polkit" \
+ --dbus-namespace "org.freedesktop.PolicyKit1" \
+ --introspection-xml $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml \
+ $(NULL)
lib_LTLIBRARIES=libpolkit-gobject-1.la
@@ -31,45 +35,42 @@ libpolkit_gobject_1includedir=$(includedir)/polkit-1/polkit
libpolkit_gobject_1include_HEADERS = \
polkit.h \
+ polkitauthoritystub.h \
polkitactiondescription.h \
polkitauthority.h \
polkitauthorizationclaim.h \
polkitauthorizationresult.h \
- polkitbackend.h \
polkiterror.h \
polkitsubject.h \
polkituser.h \
polkitprocess.h \
+ polkitbindings.h \
+ polkitbindingstypes.h \
+ polkitauthority.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
polkit.h \
- polkitauthority.h polkitauthority.c \
+ polkitauthoritystub.h polkitauthoritystub.c \
polkitactiondescription.h polkitactiondescription.c \
polkitauthorizationclaim.h polkitauthorizationclaim.c \
polkitauthorizationresult.h polkitauthorizationresult.c \
- polkitbackend.h polkitbackend.c \
- polkitbackendstub.h polkitbackendstub.c \
polkiterror.h polkiterror.c \
polkitsubject.h polkitsubject.c \
- polkitlocalbackend.h polkitlocalbackend.c \
polkituser.h polkituser.c \
polkitprocess.h polkitprocess.c \
- polkitserialization.h polkitserialization.c \
$(BUILT_SOURCES) \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
-D_POLKIT_COMPILATION \
$(GLIB_CFLAGS) \
- $(GIO_CFLAGS) \
- $(DBUS_GLIB_CFLAGS) \
+ $(EGG_DBUS_CFLAGS) \
$(NULL)
libpolkit_gobject_1_la_LIBADD = \
$(GLIB_LIBS) \
- $(GIO_LIBS) \
- $(DBUS_GLIB_LIBS) \
+ $(EGG_DBUS_LIBS) \
$(NULL)
CLEANFILES = $(BUILT_SOURCES)
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
index afdad46..57bc2f5 100644
--- a/src/polkit/polkit.h
+++ b/src/polkit/polkit.h
@@ -25,17 +25,17 @@
#define __POLKIT_H
#define _POLKIT_INSIDE_POLKIT_H 1
+#include <polkit/polkitbindings.h>
+
+#include <polkit/polkitauthoritystub.h>
#include <polkit/polkiterror.h>
#include <polkit/polkitsubject.h>
-#include <polkit/polkitauthority.h>
-#include <polkit/polkitbackendstub.h>
-#include <polkit/polkitbackend.h>
-#include <polkit/polkitlocalbackend.h>
#include <polkit/polkitauthorizationclaim.h>
#include <polkit/polkitauthorizationresult.h>
#include <polkit/polkituser.h>
#include <polkit/polkitprocess.h>
#include <polkit/polkitactiondescription.h>
+
#undef _POLKIT_INSIDE_POLKIT_H
#endif /* __POLKIT_H */
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
index 2a8d5b7..8bebb06 100644
--- a/src/polkit/polkitactiondescription.c
+++ b/src/polkit/polkitactiondescription.c
@@ -314,6 +314,7 @@ polkit_action_description_get_annotations (PolkitActionDescription *action_desc
/* ---------------------------------------------------------------------------------------------------- */
+#if 0
#include <expat.h> /* TODO: move to separate file */
enum {
@@ -818,7 +819,6 @@ error:
XML_StopParser (pd->parser, FALSE);
}
-
/**
* polkit_action_description_get_from_file:
* @path: path to file, e.g. <literal>/usr/share/polkit-1/actions/org.freedesktop.policykit.policy</literal>
@@ -876,12 +876,9 @@ polkit_action_description_get_from_file (const char *pat
/* #ifdef POLKIT_BUILD_TESTS
TODO: expat appears to leak on certain OOM paths
*/
-#if 0
XML_Memory_Handling_Suite memsuite = {p_malloc, p_realloc, kit_free};
pd.parser = XML_ParserCreate_MM (NULL, &memsuite, NULL);
-#else
pd.parser = XML_ParserCreate (NULL);
-#endif
pd.stack_depth = 0;
if (pd.parser == NULL) {
polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
@@ -1109,4 +1106,4 @@ polkit_action_description_new_from_directory (GFile *directory,
g_object_unref (e);
return ret;
}
-
+#endif
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
deleted file mode 100644
index f7c5045..0000000
--- a/src/polkit/polkitauthority.c
+++ /dev/null
@@ -1,262 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <dbus/dbus-glib.h>
-#include <dbus/dbus-glib-lowlevel.h>
-#include "polkitauthority.h"
-#include "polkitauthorityglue.h"
-#include "polkitserialization.h"
-
-/**
- * SECTION:polkitauthority
- * @short_description: Authorization checking and management
- * @include: polkit/polkit.h
- *
- * The #PolkitAuthority class represents an authority that can check
- * claims made by third parties. Some implementations allow managing
- * authorizations.
- */
-
-struct _PolkitAuthorityPrivate
-{
- DBusGProxy *dbus_proxy;
-};
-
-G_DEFINE_TYPE (PolkitAuthority, polkit_authority, G_TYPE_OBJECT);
-
-#define POLKIT_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_AUTHORITY, PolkitAuthorityPrivate))
-
-enum {
- CHANGED_SIGNAL,
- LAST_SIGNAL,
-};
-
-static guint signals[LAST_SIGNAL] = { 0 };
-
-static void
-polkit_authority_finalize (GObject *object)
-{
- PolkitAuthority *authority;
-
- authority = POLKIT_AUTHORITY (object);
-
- if (authority->priv->dbus_proxy != NULL)
- g_object_unref (authority->priv->dbus_proxy);
-
- G_OBJECT_CLASS (polkit_authority_parent_class)->finalize (object);
-}
-
-static void
-polkit_authority_class_init (PolkitAuthorityClass *klass)
-{
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
-
- gobject_class->finalize = polkit_authority_finalize;
-
- /**
- * PolkitAuthority::changed:
- * @authority: a #PolkitAuthority.
- *
- * Emitted when something on @authority changes.
- */
- signals[CHANGED_SIGNAL] = g_signal_new ("changed",
- POLKIT_TYPE_AUTHORITY,
- G_SIGNAL_RUN_LAST,
- G_STRUCT_OFFSET (PolkitAuthorityClass, changed),
- NULL,
- NULL,
- g_cclosure_marshal_VOID__VOID,
- G_TYPE_NONE,
- 0);
-
- g_type_class_add_private (klass, sizeof (PolkitAuthorityPrivate));
-}
-
-
-static void
-polkit_authority_init (PolkitAuthority *authority)
-{
- authority->priv = POLKIT_AUTHORITY_GET_PRIVATE (authority);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-say_hello_cb (DBusGProxy *dbus_proxy,
- char *result,
- GError *error,
- gpointer user_data)
-{
- GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
- if (error != NULL)
- g_simple_async_result_set_from_error (simple, error);
- else
- g_simple_async_result_set_op_res_gpointer (simple, result, NULL);
- g_simple_async_result_complete (simple);
-}
-
-void
-polkit_authority_say_hello (PolkitAuthority *authority,
- const gchar *name,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data)
-{
- GSimpleAsyncResult *simple;
-
- simple = g_simple_async_result_new (G_OBJECT (authority),
- callback,
- user_data,
- polkit_authority_say_hello);
-
- org_freedesktop_PolicyKit1_Authority_say_hello_async (authority->priv->dbus_proxy,
- name,
- say_hello_cb,
- simple);
-}
-
-gchar *
-polkit_authority_say_hello_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error)
-{
- GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (res);
- g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_say_hello);
- g_simple_async_result_propagate_error (simple, error);
- return g_simple_async_result_get_op_res_gpointer (simple);
-}
-
-/**
- * polkit_authority_say_hello_sync:
- * @authority: A #PolkitAuthority.
- * @name: A name to say hello to.
- * @cancellable: A #GCancellable or %NULL.
- * @error: Return location for error.
- *
- * Says hello to @name.
- *
- * Returns: %NULL if @error is set, otherwise a newly allocated string
- * containing the greeting, free with g_free().
- **/
-gchar *
-polkit_authority_say_hello_sync (PolkitAuthority *authority,
- const gchar *name,
- GCancellable *cancellable,
- GError **error)
-{
- gchar *result;
-
- if (org_freedesktop_PolicyKit1_Authority_say_hello (authority->priv->dbus_proxy,
- name,
- &result,
- error)) {
- return result;
- } else {
- return NULL;
- }
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-PolkitAuthorizationResult
-polkit_authority_check_claims_sync (PolkitAuthority *authority,
- GList *claims,
- GCancellable *cancellable,
- GError **error)
-{
- PolkitAuthorizationResult result;
- char *result_str;
- GPtrArray *p;
-
- result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
-
- p = _serialize_ptr_array_from_obj_list
- (claims,
- (PolkitSerializeFromObjectFunc) _authorization_claim_to_value);
-
- if (org_freedesktop_PolicyKit1_Authority_check_claims (authority->priv->dbus_proxy,
- p,
- &result_str,
- error)) {
- result = _authorization_result_from_string (result_str);
- }
-
- _free_serialized_obj_ptr_array (p);
-
- return result;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static PolkitAuthority *
-_polkit_authority_new (DBusGConnection *connection,
- const gchar *service_name,
- const gchar *object_path)
-{
- PolkitAuthority *authority;
-
- authority = POLKIT_AUTHORITY (g_object_new (POLKIT_TYPE_AUTHORITY, NULL));
- authority->priv->dbus_proxy = dbus_g_proxy_new_for_name (connection,
- service_name,
- object_path,
- "org.freedesktop.PolicyKit1.Authority");
-
- return authority;
-}
-
-/**
- * polkit_authority_get:
- *
- * Gets the default authority for checking claims.
- *
- * Returns: A reference to a #PolkitAuthority instance. Call
- * g_object_unref() to free it.
- **/
-PolkitAuthority *
-polkit_authority_get (void)
-{
- PolkitAuthority *authority;
- DBusGConnection *bus;
- GError *error;
-
- bus = NULL;
- authority = NULL;
-
- error = NULL;
- bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
- if (bus == NULL) {
- g_warning ("Couldn't connect to system bus: %s", error->message);
- g_error_free (error);
- goto out;
- }
-
- authority = _polkit_authority_new (bus,
- "org.freedesktop.PolicyKit1",
- "/authority");
-
- out:
- if (bus != NULL)
- dbus_g_connection_unref (bus);
- return authority;
-}
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
deleted file mode 100644
index cd2914b..0000000
--- a/src/polkit/polkitauthority.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_AUTHORITY_H
-#define __POLKIT_AUTHORITY_H
-
-#include <glib-object.h>
-#include <gio/gio.h>
-#include <polkit/polkitauthorizationclaim.h>
-#include <polkit/polkitauthorizationresult.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_AUTHORITY (polkit_authority_get_type ())
-#define POLKIT_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORITY, PolkitAuthority))
-#define POLKIT_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_AUTHORITY, PolkitAuthorityClass))
-#define POLKIT_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORITY,PolkitAuthorityClass))
-#define POLKIT_IS_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORITY))
-#define POLKIT_IS_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORITY))
-
-typedef struct _PolkitAuthority PolkitAuthority;
-typedef struct _PolkitAuthorityPrivate PolkitAuthorityPrivate;
-typedef struct _PolkitAuthorityClass PolkitAuthorityClass;
-
-struct _PolkitAuthority
-{
- GObject parent_instance;
-
- /*< private >*/
- PolkitAuthorityPrivate *priv;
-};
-
-struct _PolkitAuthorityClass
-{
- GObjectClass parent_class;
-
- /*< public >*/
-
- /* signals */
- void (* changed) (PolkitAuthority *authority);
-
- /*< private >*/
-
- /* Padding for future expansion */
- void (*_polkit_reserved1) (void);
- void (*_polkit_reserved2) (void);
- void (*_polkit_reserved3) (void);
- void (*_polkit_reserved4) (void);
- void (*_polkit_reserved5) (void);
- void (*_polkit_reserved6) (void);
- void (*_polkit_reserved7) (void);
- void (*_polkit_reserved8) (void);
-};
-
-GType polkit_authority_get_type (void) G_GNUC_CONST;
-
-void polkit_authority_say_hello (PolkitAuthority *authority,
- const gchar *name,
- GCancellable *cancellable,
- GAsyncReadyCallback callback,
- gpointer user_data);
-
-gchar *polkit_authority_say_hello_finish (PolkitAuthority *authority,
- GAsyncResult *res,
- GError **error);
-
-gchar *polkit_authority_say_hello_sync (PolkitAuthority *authority,
- const gchar *name,
- GCancellable *cancellable,
- GError **error);
-
-PolkitAuthorizationResult polkit_authority_check_claims_sync (PolkitAuthority *authority,
- GList *claims,
- GCancellable *cancellable,
- GError **error);
-
-PolkitAuthority *polkit_authority_get (void);
-
-G_END_DECLS
-
-#endif /* __POLKIT_AUTHORITY_H */
-
diff --git a/src/polkit/polkitauthoritystub.c b/src/polkit/polkitauthoritystub.c
new file mode 100644
index 0000000..812997e
--- /dev/null
+++ b/src/polkit/polkitauthoritystub.c
@@ -0,0 +1,61 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include "polkitauthoritystub.h"
+
+/* TODO: locking */
+
+static PolkitAuthority *the_authority = NULL;
+
+/**
+ * polkit_authority_get:
+ *
+ * Gets the default authority for checking claims.
+ *
+ * Returns: A reference to a #PolkitAuthority instance. Call g_object_unref() when done with it
+ **/
+PolkitAuthority *
+polkit_authority_get (void)
+{
+ PolkitAuthority *authority;
+
+ polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
+
+ if (the_authority != NULL) {
+ authority = g_object_ref (the_authority);
+ } else {
+ EggDBusConnection *connection;
+
+ connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
+ authority = POLKIT_AUTHORITY (egg_dbus_connection_get_proxy (connection,
+ "org.freedesktop.PolicyKit1",
+ "/org/freedesktop/PolicyKit1/Authority"));
+
+ /* TODO: take a weak reference and set the_authority to NULL on destruction */
+
+ /* TODO: unref connection since authority holds a reference? */
+ }
+
+ return authority;
+}
diff --git a/src/polkit/polkitauthoritystub.h b/src/polkit/polkitauthoritystub.h
new file mode 100644
index 0000000..cf8296f
--- /dev/null
+++ b/src/polkit/polkitauthoritystub.h
@@ -0,0 +1,35 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include <polkit/polkitbindings.h>
+
+#ifndef __POLKIT_AUTHORITY_STUB_H
+#define __POLKIT_AUTHORITY_STUB_H
+
+G_BEGIN_DECLS
+
+PolkitAuthority *polkit_authority_get (void);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORITY_STUB_H */
diff --git a/src/polkit/polkitbackend.c b/src/polkit/polkitbackend.c
deleted file mode 100644
index ce34456..0000000
--- a/src/polkit/polkitbackend.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include "polkitbackend.h"
-
-/**
- * SECTION:polkitbackend
- * @short_description: Abstract base class for backends
- * @include: polkit/polkit.h
- *
- * The #PolkitBackend class represents a backend responding to
- * requests from instances of the #PolkitAuthority class.
- */
-
-G_DEFINE_ABSTRACT_TYPE (PolkitBackend, polkit_backend, G_TYPE_OBJECT);
-
-enum {
- CHANGED_SIGNAL,
- LAST_SIGNAL,
-};
-
-static guint signals[LAST_SIGNAL] = { 0 };
-
-static void
-polkit_backend_finalize (GObject *object)
-{
- PolkitBackend *backend;
-
- backend = POLKIT_BACKEND (object);
-
- G_OBJECT_CLASS (polkit_backend_parent_class)->finalize (object);
-}
-
-static void
-polkit_backend_class_init (PolkitBackendClass *klass)
-{
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
-
- gobject_class->finalize = polkit_backend_finalize;
-
- /**
- * PolkitBackend::changed:
- * @backend: a #PolkitBackend.
- *
- * Emitted when something on @backend changes.
- */
- signals[CHANGED_SIGNAL] = g_signal_new ("changed",
- POLKIT_TYPE_BACKEND,
- G_SIGNAL_RUN_LAST,
- G_STRUCT_OFFSET (PolkitBackendClass, changed),
- NULL,
- NULL,
- g_cclosure_marshal_VOID__VOID,
- G_TYPE_NONE,
- 0);
-}
-
-static void
-polkit_backend_init (PolkitBackend *backend)
-{
-}
-
-gchar *
-polkit_backend_say_hello (PolkitBackend *backend,
- PolkitSubject *inquirer,
- const gchar *name,
- GError **error)
-{
- PolkitBackendClass *klass;
-
- g_return_val_if_fail (POLKIT_IS_BACKEND (backend), NULL);
- klass = POLKIT_BACKEND_GET_CLASS (backend);
-
- return (* klass->say_hello) (backend,
- inquirer,
- name,
- error);
-}
-
-PolkitAuthorizationResult
-polkit_backend_check_claims (PolkitBackend *backend,
- PolkitSubject *inquirer,
- GList *claims,
- GError **error)
-{
- PolkitBackendClass *klass;
-
- g_return_val_if_fail (POLKIT_IS_BACKEND (backend), POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED);
- klass = POLKIT_BACKEND_GET_CLASS (backend);
-
- return (* klass->check_claims) (backend,
- inquirer,
- claims,
- error);
-}
-
diff --git a/src/polkit/polkitbackend.h b/src/polkit/polkitbackend.h
deleted file mode 100644
index 4cfd3e3..0000000
--- a/src/polkit/polkitbackend.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_BACKEND_H
-#define __POLKIT_BACKEND_H
-
-#include <glib-object.h>
-#include <gio/gio.h>
-#include <polkit/polkitauthorizationclaim.h>
-#include <polkit/polkitauthorizationresult.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_BACKEND (polkit_backend_get_type ())
-#define POLKIT_BACKEND(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND, PolkitBackend))
-#define POLKIT_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND, PolkitBackendClass))
-#define POLKIT_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND,PolkitBackendClass))
-#define POLKIT_IS_BACKEND(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND))
-#define POLKIT_IS_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND))
-
-typedef struct _PolkitBackend PolkitBackend;
-typedef struct _PolkitBackendClass PolkitBackendClass;
-
-struct _PolkitBackend
-{
- GObject parent_instance;
-};
-
-/* TODO: maybe we also want async versions that are tried before the sync ones */
-
-struct _PolkitBackendClass
-{
- GObjectClass parent_class;
-
- /*< public >*/
-
- /* signals */
- void (* changed) (PolkitBackend *backend);
-
- /* vtable */
- gchar * (* say_hello) (PolkitBackend *backend,
- PolkitSubject *inquirer,
- const gchar *name,
- GError **error);
-
- PolkitAuthorizationResult (* check_claims) (PolkitBackend *backend,
- PolkitSubject *inquirer,
- GList *claims,
- GError **error);
-
- /*< private >*/
-
- /* Padding for future expansion */
- void (*_polkit_reserved1) (void);
- void (*_polkit_reserved2) (void);
- void (*_polkit_reserved3) (void);
- void (*_polkit_reserved4) (void);
- void (*_polkit_reserved5) (void);
- void (*_polkit_reserved6) (void);
- void (*_polkit_reserved7) (void);
- void (*_polkit_reserved8) (void);
-};
-
-GType polkit_backend_get_type (void) G_GNUC_CONST;
-
-gchar *polkit_backend_say_hello (PolkitBackend *backend,
- PolkitSubject *inquirer,
- const gchar *name,
- GError **error);
-
-PolkitAuthorizationResult polkit_backend_check_claims (PolkitBackend *backend,
- PolkitSubject *inquirer,
- GList *claims,
- GError **error);
-
-G_END_DECLS
-
-#endif /* __POLKIT_BACKEND_H */
-
diff --git a/src/polkit/polkitbackendstub.c b/src/polkit/polkitbackendstub.c
deleted file mode 100644
index 04e80ef..0000000
--- a/src/polkit/polkitbackendstub.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <glib.h>
-#include <glib/gi18n-lib.h>
-#include <glib-object.h>
-#include <dbus/dbus-glib.h>
-#include <dbus/dbus-glib-lowlevel.h>
-
-#include "polkiterror.h"
-#include "polkitbackendstub.h"
-#include "polkituser.h"
-#include "polkitserialization.h"
-
-/**
- * SECTION:polkitbackendstub
- * @short_description: Stub for proxying backends
- * @include: polkit/polkit.h
- *
- * Used on the server side for proxying a #PolkitBackend over
- * D-Bus. On the client side, #PolkitAuthority is used.
- */
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-/* exported methods */
-
-gboolean _polkit_backend_stub_say_hello (PolkitBackendStub *backend_stub,
- const char *name,
- DBusGMethodInvocation *context);
-
-gboolean _polkit_backend_stub_check_claims (PolkitBackendStub *backend_stub,
- GPtrArray *_claims,
- DBusGMethodInvocation *context);
-
-#include "polkitbackendstubglue.h"
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-struct _PolkitBackendStubPrivate
-{
- PolkitBackend *backend;
-};
-
-G_DEFINE_TYPE (PolkitBackendStub, polkit_backend_stub, G_TYPE_OBJECT)
-
-#define POLKIT_BACKEND_STUB_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStubPrivate))
-
-static void
-polkit_backend_stub_init (PolkitBackendStub *backend_stub)
-{
- backend_stub->priv = POLKIT_BACKEND_STUB_GET_PRIVATE (backend_stub);
-
-}
-
-static void
-polkit_backend_stub_finalize (GObject *object)
-{
- PolkitBackendStub *backend_stub;
-
- g_return_if_fail (object != NULL);
- g_return_if_fail (POLKIT_IS_BACKEND_STUB (object));
-
- backend_stub = POLKIT_BACKEND_STUB (object);
-
- if (backend_stub->priv->backend != NULL)
- g_object_unref (backend_stub->priv->backend);
-
- G_OBJECT_CLASS (polkit_backend_stub_parent_class)->finalize (object);
-}
-
-static void
-polkit_backend_stub_class_init (PolkitBackendStubClass *klass)
-{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->finalize = polkit_backend_stub_finalize;
-
- g_type_class_add_private (klass, sizeof (PolkitBackendStubPrivate));
-
- dbus_g_error_domain_register (POLKIT_ERROR,
- "org.freedesktop.PolicyKit.Error",
- POLKIT_TYPE_ERROR);
-
- dbus_g_object_type_install_info (POLKIT_TYPE_BACKEND_STUB, &dbus_glib__polkit_backend_stub_object_info);
-}
-
-PolkitBackendStub *
-polkit_backend_stub_new (DBusGConnection *connection,
- const char *object_path,
- PolkitBackend *backend)
-{
- PolkitBackendStub *backend_stub;
-
- backend_stub = POLKIT_BACKEND_STUB (g_object_new (POLKIT_TYPE_BACKEND_STUB, NULL));
-
- dbus_g_connection_register_g_object (connection,
- object_path,
- G_OBJECT (backend_stub));
-
- backend_stub->priv->backend = g_object_ref (backend);
-
- return backend_stub;
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-static PolkitSubject *
-get_inquirer (DBusGMethodInvocation *context)
-{
- PolkitSubject *subject;
-
- /* TODO; get from context */
- subject = polkit_user_new ("root");
-
- return subject;
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-/* exported methods */
-
-gboolean
-_polkit_backend_stub_say_hello (PolkitBackendStub *backend_stub,
- const char *name,
- DBusGMethodInvocation *context)
-{
- PolkitSubject *inquirer;
- GError *error;
- char *result;
-
- error = NULL;
- inquirer = get_inquirer (context);
-
- result = polkit_backend_say_hello (backend_stub->priv->backend,
- inquirer,
- name,
- &error);
-
- if (error != NULL) {
- dbus_g_method_return_error (context, error);
- g_error_free (error);
- } else {
- dbus_g_method_return (context, result);
- g_free (result);
- }
-
- g_object_unref (inquirer);
-
- return TRUE;
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
-
-gboolean
-_polkit_backend_stub_check_claims (PolkitBackendStub *backend_stub,
- GPtrArray *_claims,
- DBusGMethodInvocation *context)
-{
- PolkitSubject *inquirer;
- GError *error;
- GList *claims;
- PolkitAuthorizationResult result;
-
- error = NULL;
- inquirer = get_inquirer (context);
-
- claims = _serialize_ptr_array_to_obj_list
- (_claims,
- (PolkitSerializeToObjectFunc) _authorization_claim_from_data);
-
- if (claims == NULL) {
- dbus_g_method_return_error (context,
- g_error_new (POLKIT_ERROR,
- POLKIT_ERROR_FAILED,
- "Data is malformed"));
- goto out;
- }
-
- result = polkit_backend_check_claims (backend_stub->priv->backend,
- inquirer,
- claims,
- &error);
-
- if (error != NULL) {
- dbus_g_method_return_error (context, error);
- g_error_free (error);
- } else {
- char *result_str;
- result_str = _authorization_result_to_string (result);
- dbus_g_method_return (context, result_str);
- g_free (result_str);
- }
-
- g_object_unref (inquirer);
-
- g_list_foreach (claims, (GFunc) g_object_unref, NULL);
- g_list_free (claims);
-
- out:
- return TRUE;
-}
-
-/*--------------------------------------------------------------------------------------------------------------*/
diff --git a/src/polkit/polkitbackendstub.h b/src/polkit/polkitbackendstub.h
deleted file mode 100644
index a594909..0000000
--- a/src/polkit/polkitbackendstub.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_BACKEND_STUB_H__
-#define __POLKIT_BACKEND_STUB_H__
-
-#include <glib-object.h>
-#include <dbus/dbus-glib.h>
-#include <dbus/dbus-glib-lowlevel.h>
-#include <polkit/polkitbackend.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_BACKEND_STUB (polkit_backend_stub_get_type ())
-#define POLKIT_BACKEND_STUB(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStub))
-#define POLKIT_BACKEND_STUB_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStubClass))
-#define POLKIT_IS_BACKEND_STUB(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_STUB))
-#define POLKIT_IS_BACKEND_STUB_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_STUB))
-#define POLKIT_BACKEND_STUB_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStubClass))
-
-typedef struct _PolkitBackendStub PolkitBackendStub;
-typedef struct _PolkitBackendStubClass PolkitBackendStubClass;
-typedef struct _PolkitBackendStubPrivate PolkitBackendStubPrivate;
-
-struct _PolkitBackendStub
-{
- GObject parent_instance;
- PolkitBackendStubPrivate *priv;
-};
-
-struct _PolkitBackendStubClass
-{
- GObjectClass parent_class;
-};
-
-GType polkit_backend_stub_get_type (void) G_GNUC_CONST;
-PolkitBackendStub *polkit_backend_stub_new (DBusGConnection *connection,
- const char *object_path,
- PolkitBackend *backend);
-
-G_END_DECLS
-
-#endif /* __POLKIT_BACKEND_STUB_H__ */
diff --git a/src/polkit/polkitlocalbackend.c b/src/polkit/polkitlocalbackend.c
deleted file mode 100644
index 9947a8c..0000000
--- a/src/polkit/polkitlocalbackend.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <string.h>
-#include "polkiterror.h"
-#include "polkitlocalbackend.h"
-#include "polkitserialization.h" /* TODO: remove */
-
-/**
- * SECTION:polkitlocalbackend
- * @short_description: Backend using local files
- * @include: polkit/polkit.h
- *
- * The #PolkitLocalBackend class is an implementation of
- * #PolkitBackend that stores authorizations on the local file
- * system.
- */
-
-struct _PolkitLocalBackendPrivate
-{
- int stuff;
-};
-
-static gchar *say_hello (PolkitBackend *_backend,
- PolkitSubject *inquirer,
- const gchar *name,
- GError **error);
-
-static PolkitAuthorizationResult check_claims (PolkitBackend *_backend,
- PolkitSubject *inquirer,
- GList *claims,
- GError **error);
-
-G_DEFINE_TYPE (PolkitLocalBackend, polkit_local_backend, POLKIT_TYPE_BACKEND);
-
-#define POLKIT_LOCAL_BACKEND_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_LOCAL_BACKEND, PolkitLocalBackendPrivate))
-
-static void
-polkit_local_backend_finalize (GObject *object)
-{
- PolkitLocalBackend *local_backend;
-
- local_backend = POLKIT_LOCAL_BACKEND (object);
-
- G_OBJECT_CLASS (polkit_local_backend_parent_class)->finalize (object);
-}
-
-static void
-polkit_local_backend_class_init (PolkitLocalBackendClass *klass)
-{
- GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
- PolkitBackendClass *backend_class = POLKIT_BACKEND_CLASS (klass);
-
- backend_class->say_hello = say_hello;
- backend_class->check_claims = check_claims;
-
- gobject_class->finalize = polkit_local_backend_finalize;
-
- g_type_class_add_private (klass, sizeof (PolkitLocalBackendPrivate));
-}
-
-static void
-polkit_local_backend_init (PolkitLocalBackend *local_backend)
-{
- local_backend->priv = POLKIT_LOCAL_BACKEND_GET_PRIVATE (local_backend);
-}
-
-PolkitBackend *
-polkit_local_backend_new (void)
-{
- PolkitBackend *backend;
-
- backend = POLKIT_BACKEND (g_object_new (POLKIT_TYPE_LOCAL_BACKEND, NULL));
-
- return backend;
-}
-
-static gchar *
-say_hello (PolkitBackend *_backend,
- PolkitSubject *inquirer,
- const gchar *name,
- GError **error)
-{
- char *ret;
-
- ret = NULL;
-
- if (strcmp (name, "davidz") == 0) {
- g_set_error_literal (error,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "We don't want to async greet davidz!");
- } else {
- ret = g_strdup_printf ("Local async greets 'Hi %s!'", name);
- }
-
- return ret;
-}
-
-PolkitAuthorizationResult
-check_claims (PolkitBackend *_backend,
- PolkitSubject *inquirer,
- GList *claims,
- GError **error)
-{
- PolkitLocalBackend *backend;
- PolkitAuthorizationResult result;
- GList *l;
-
- backend = POLKIT_LOCAL_BACKEND (_backend);
-
- for (l = claims; l != NULL; l = l->next) {
- PolkitAuthorizationClaim *claim = POLKIT_AUTHORIZATION_CLAIM (l->data);
- char *action_id;
- PolkitSubject *subject;
- GHashTable *attributes;
- GHashTableIter iter;
- const char *key;
- const char *value;
-
- g_object_get (claim,
- "subject", &subject,
- "action-id", &action_id,
- "attributes", &attributes,
- NULL);
-
- g_print ("action-id: %s\n", action_id);
- g_print ("subject: %s\n", _subject_to_string (subject));
-
- g_hash_table_iter_init (&iter, attributes);
- while (g_hash_table_iter_next (&iter, (gpointer) &key, (gpointer) &value)) {
- g_print (" '%s' -> '%s'\n", key, value);
- }
-
- g_print ("\n");
-
- g_object_unref (subject);
- g_free (action_id);
- g_hash_table_unref (attributes);
- }
-
- /* TODO */
- result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
-
- return result;
-}
diff --git a/src/polkit/polkitlocalbackend.h b/src/polkit/polkitlocalbackend.h
deleted file mode 100644
index ccfd815..0000000
--- a/src/polkit/polkitlocalbackend.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
-#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
-#endif
-
-#ifndef __POLKIT_LOCAL_BACKEND_H
-#define __POLKIT_LOCAL_BACKEND_H
-
-#include <polkit/polkitbackend.h>
-
-G_BEGIN_DECLS
-
-#define POLKIT_TYPE_LOCAL_BACKEND (polkit_local_backend_get_type ())
-#define POLKIT_LOCAL_BACKEND(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_LOCAL_BACKEND, PolkitLocalBackend))
-#define POLKIT_LOCAL_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_LOCAL_BACKEND, PolkitLocalBackendClass))
-#define POLKIT_LOCAL_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_LOCAL_BACKEND,PolkitLocalBackendClass))
-#define POLKIT_IS_LOCAL_BACKEND(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_LOCAL_BACKEND))
-#define POLKIT_IS_LOCAL_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_LOCAL_BACKEND))
-
-typedef struct _PolkitLocalBackend PolkitLocalBackend;
-typedef struct _PolkitLocalBackendClass PolkitLocalBackendClass;
-typedef struct _PolkitLocalBackendPrivate PolkitLocalBackendPrivate;
-
-struct _PolkitLocalBackend
-{
- PolkitBackend parent_instance;
-
- /*< private >*/
- PolkitLocalBackendPrivate *priv;
-};
-
-struct _PolkitLocalBackendClass
-{
- PolkitBackendClass parent_class;
-};
-
-GType polkit_local_backend_get_type (void) G_GNUC_CONST;
-PolkitBackend *polkit_local_backend_new (void);
-
-G_END_DECLS
-
-#endif /* __POLKIT_LOCAL_BACKEND_H */
-
diff --git a/src/polkit/polkitserialization.c b/src/polkit/polkitserialization.c
deleted file mode 100644
index 1ab3043..0000000
--- a/src/polkit/polkitserialization.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-#include <stdlib.h>
-#include <string.h>
-#include <dbus/dbus-glib.h>
-
-#include <polkit/polkitserialization.h>
-#include <polkit/polkituser.h>
-#include <polkit/polkitprocess.h>
-
-PolkitAuthorizationResult
-_authorization_result_from_string (const char *str)
-{
- PolkitAuthorizationResult ret;
-
- g_return_val_if_fail (str != NULL, POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED);
-
- ret = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
-
- if (strcmp (str, "authorized") == 0) {
- ret = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
- } else if (strcmp (str, "challenge") == 0) {
- ret = POLKIT_AUTHORIZATION_RESULT_CHALLENGE;
- } else if (strcmp (str, "notauthorized") == 0) {
- ret = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
- } else {
- g_warning ("unknown authorization result string '%s'", str);
- }
-
- return ret;
-}
-
-char *
-_authorization_result_to_string (PolkitAuthorizationResult result)
-{
- char *ret;
-
- switch (result) {
- case POLKIT_AUTHORIZATION_RESULT_AUTHORIZED:
- ret = g_strdup ("authorized");
- break;
- case POLKIT_AUTHORIZATION_RESULT_CHALLENGE:
- ret = g_strdup ("challenge");
- break;
- default:
- g_warning ("unknown authorization result with code %d", result);
- /* explicit fallthrough */
- case POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED:
- ret = g_strdup ("notauthorized");
- break;
- }
-
- return ret;
-}
-
-PolkitSubject *
-_subject_from_string (const char *str)
-{
- PolkitSubject *subject;
-
- g_return_val_if_fail (str != NULL, NULL);
-
- subject = NULL;
-
- if (g_str_has_prefix (str, "user:")) {
- subject = polkit_user_new (str + sizeof ("user:") - 1);
- } else if (g_str_has_prefix (str, "process:")) {
- pid_t pid;
- pid = (pid_t) (atoi (str + sizeof ("process:") - 1));
- subject = polkit_process_new ((pid));
- } else {
- g_warning ("Please add support for deserializing strings of form '%s'", str);
- }
-
- return subject;
-}
-
-char *
-_subject_to_string (PolkitSubject *subject)
-{
- char *ret;
-
- g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), NULL);
-
- ret = NULL;
-
- if (POLKIT_IS_USER (subject)) {
- char *s;
- s = polkit_user_get_user_name (POLKIT_USER (subject));
- ret = g_strdup_printf ("user:%s", s);
- g_free (s);
- } else if (POLKIT_IS_PROCESS (subject)) {
- pid_t pid;
- pid = polkit_process_get_pid (POLKIT_PROCESS (subject));
- ret = g_strdup_printf ("process:%d", pid);
- } else {
- g_warning ("Please add support for serializing type %s",
- g_type_name (G_TYPE_FROM_INSTANCE (subject)));
- }
-
- return ret;
-}
-
-
-#define CLAIM_STRUCT_TYPE (dbus_g_type_get_struct ("GValueArray", \
- G_TYPE_STRING, \
- G_TYPE_STRING, \
- dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_STRING), \
- G_TYPE_INVALID))
-
-void
-_authorization_claim_to_value (PolkitAuthorizationClaim *claim, GValue *value)
-{
- char *action_id;
- char *subject_str;
- PolkitSubject *subject;
- GHashTable *attributes;
-
- subject = polkit_authorization_claim_get_subject (claim);
- action_id = polkit_authorization_claim_get_action_id (claim);
- subject_str = _subject_to_string (subject);
-
- attributes = polkit_authorization_claim_get_attributes (claim);
-
- g_value_init (value, CLAIM_STRUCT_TYPE);
- g_value_take_boxed (value, dbus_g_type_specialized_construct (CLAIM_STRUCT_TYPE));
- dbus_g_type_struct_set (value,
- 0, subject_str,
- 1, action_id,
- 2, attributes,
- G_MAXUINT);
-
- g_free (action_id);
- g_free (subject_str);
- g_object_unref (subject);
-}
-
-PolkitAuthorizationClaim *
-_authorization_claim_from_data (gpointer data)
-{
- GValue elem0 = {0};
- PolkitAuthorizationClaim *claim;
- PolkitSubject *subject;
- char *subject_str;
- char *action_id;
- GHashTable *attributes;
- GHashTableIter iter;
- const char *key;
- const char *value;
-
- claim = NULL;
-
- g_value_init (&elem0, CLAIM_STRUCT_TYPE);
- g_value_set_static_boxed (&elem0, data);
- dbus_g_type_struct_get (&elem0,
- 0, &subject_str,
- 1, &action_id,
- 2, &attributes,
- G_MAXUINT);
-
- subject = _subject_from_string (subject_str);
- if (subject == NULL)
- goto out;
-
- claim = polkit_authorization_claim_new (subject, action_id);
- g_hash_table_iter_init (&iter, attributes);
- while (g_hash_table_iter_next (&iter, (gpointer) &key, (gpointer) &value)) {
- polkit_authorization_claim_set_attribute (claim, key, value);
- }
-
- out:
- g_free (subject_str);
- g_free (action_id);
- if (subject != NULL)
- g_object_unref (subject);
- if (attributes != NULL)
- g_hash_table_unref (attributes);
- return claim;
-}
-
-GList *
-_serialize_ptr_array_to_obj_list (GPtrArray *ptr_array,
- PolkitSerializeToObjectFunc func)
-{
- GList *ret;
- int n;
-
- ret = NULL;
- for (n = 0; n < (int) ptr_array->len; n++) {
- GObject *object;
- object = func (ptr_array->pdata[n]);
- if (object == NULL)
- goto fail;
- ret = g_list_prepend (ret, object);
- }
- ret = g_list_reverse (ret);
- return ret;
- fail:
- g_list_foreach (ret, (GFunc) g_object_unref, NULL);
- g_list_free (ret);
- return NULL;
-}
-
-GPtrArray *
-_serialize_ptr_array_from_obj_list (GList *list,
- PolkitSerializeFromObjectFunc func)
-{
- GPtrArray *ptr_array;
- GList *l;
-
- ptr_array = g_ptr_array_new ();
- for (l = list; l != NULL; l = l->next) {
- GObject *object = G_OBJECT (l->data);
- GValue elem = {0};
-
- func (object, &elem);
-
- g_ptr_array_add (ptr_array, g_value_get_boxed (&elem));
- }
-
- return ptr_array;
-}
-
-void
-_free_serialized_obj_ptr_array (GPtrArray *ptr_array)
-{
- g_ptr_array_foreach (ptr_array, (GFunc) g_value_array_free, NULL);
- g_ptr_array_free (ptr_array, TRUE);
-}
diff --git a/src/polkit/polkitserialization.h b/src/polkit/polkitserialization.h
deleted file mode 100644
index 1ab94ed..0000000
--- a/src/polkit/polkitserialization.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
-
-/*
- * Copyright (C) 2008 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#ifndef __POLKIT_SERIALIZATION_H
-#define __POLKIT_SERIALIZATION_H
-
-#include <polkit/polkitauthorizationclaim.h>
-#include <polkit/polkitauthorizationresult.h>
-
-typedef GObject * (*PolkitSerializeToObjectFunc) (gpointer data);
-typedef void (*PolkitSerializeFromObjectFunc) (GObject *object,
- GValue *value);
-
-
-PolkitAuthorizationResult _authorization_result_from_string (const char *str);
-char * _authorization_result_to_string (PolkitAuthorizationResult result);
-PolkitSubject * _subject_from_string (const char *str);
-char * _subject_to_string (PolkitSubject *subject);
-void _authorization_claim_to_value (PolkitAuthorizationClaim *claim,
- GValue *value);
-PolkitAuthorizationClaim *_authorization_claim_from_data (gpointer data);
-GList * _serialize_ptr_array_to_obj_list (GPtrArray *ptr_array,
- PolkitSerializeToObjectFunc func);
-GPtrArray * _serialize_ptr_array_from_obj_list (GList *list,
- PolkitSerializeFromObjectFunc func);
-void _free_serialized_obj_ptr_array (GPtrArray *ptr_array);
-
-
-#endif /* __POLKIT_SERIALIZATION_H */
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
new file mode 100644
index 0000000..a08352a
--- /dev/null
+++ b/src/polkitbackend/Makefile.am
@@ -0,0 +1,46 @@
+NULL =
+
+INCLUDES = \
+ -I$(top_builddir)/src \
+ -I$(top_srcdir)/src \
+ -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
+ -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
+ -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
+ -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
+ -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
+ -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
+ -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -D_POSIX_PTHREAD_SEMANTICS \
+ -D_REENTRANT \
+ $(NULL)
+
+lib_LTLIBRARIES=libpolkit-backend-1.la
+
+libpolkit_backend_1includedir=$(includedir)/polkit-1/polkitbackend
+
+libpolkit_backend_1include_HEADERS = \
+ polkitbackend.h \
+ polkitbackendlocal.h \
+ $(NULL)
+
+libpolkit_backend_1_la_SOURCES = \
+ polkitbackend.h \
+ polkitbackendlocal.h polkitbackendlocal.c \
+ $(NULL)
+
+libpolkit_backend_1_la_CFLAGS = \
+ -D_POLKIT_BACKEND_COMPILATION \
+ $(GLIB_CFLAGS) \
+ $(EGG_DBUS_CFLAGS) \
+ $(NULL)
+
+libpolkit_backend_1_la_LIBADD = \
+ $(GLIB_LIBS) \
+ $(EGG_DBUS_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(NULL)
+
+CLEANFILES = $(BUILT_SOURCES)
+
+clean-local :
+ rm -f *~
diff --git a/src/polkitbackend/polkitbackend.h b/src/polkitbackend/polkitbackend.h
new file mode 100644
index 0000000..c1c3839
--- /dev/null
+++ b/src/polkitbackend/polkitbackend.h
@@ -0,0 +1,33 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_BACKEND_H
+#define __POLKIT_BACKEND_H
+
+#define _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H 1
+#include <polkitbackend/polkitbackendlocal.h>
+#undef _POLKIT_BACKEND_INSIDE_POLKIT_BACKEND_H
+
+#endif /* __POLKIT_BACKEND_H */
+
+
diff --git a/src/polkitd/Makefile.am b/src/polkitd/Makefile.am
index 7fe92ca..f1b54dd 100644
--- a/src/polkitd/Makefile.am
+++ b/src/polkitd/Makefile.am
@@ -1,36 +1,38 @@
NULL =
-INCLUDES = \
- -I$(top_builddir)/src \
- -I$(top_srcdir)/src \
- -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
- -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
- -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
- -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
- -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
- -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
- -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
- -D_POSIX_PTHREAD_SEMANTICS \
- -D_REENTRANT \
+INCLUDES = \
+ -I$(top_builddir)/src \
+ -I$(top_srcdir)/src \
+ -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
+ -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
+ -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
+ -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
+ -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
+ -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
+ -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -D_POSIX_PTHREAD_SEMANTICS \
+ -D_REENTRANT \
$(NULL)
libexec_PROGRAMS = polkitd-1
-polkitd_1_SOURCES = \
- main.c \
+polkitd_1_SOURCES = \
+ main.c \
$(NULL)
-polkitd_1_CFLAGS = \
- -I$(top_srcdir)/src \
- -DG_LOG_DOMAIN=\"polkitd-1\" \
- $(DBUS_GLIB_CFLAGS) \
+polkitd_1_CFLAGS = \
+ -I$(top_srcdir)/src \
+ -DG_LOG_DOMAIN=\"polkitd-1\" \
+ $(GLIB_CFLAGS) \
+ $(EGG_DBUS_CFLAGS) \
$(NULL)
-polkitd_1_LDADD = \
- $(DBUS_GLIB_LIBS) \
- $(GLIB_LIBS) \
- $(GIO_LIBS) \
- $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+polkitd_1_LDADD = \
+ $(DBUS_GLIB_LIBS) \
+ $(GLIB_LIBS) \
+ $(EGG_DBUS_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(top_builddir)/src/polkitbackend/libpolkit-backend-1.la \
$(NULL)
CLEANFILES = $(BUILT_SOURCES)
diff --git a/src/polkitd/main.c b/src/polkitd/main.c
index ab3e24f..878bb45 100644
--- a/src/polkitd/main.c
+++ b/src/polkitd/main.c
@@ -28,167 +28,64 @@
# include "config.h"
#endif
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <signal.h>
-#include <errno.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <pwd.h>
-#include <grp.h>
-
-#include <glib.h>
-#include <glib/gi18n-lib.h>
-#include <glib-object.h>
-#include <dbus/dbus-glib.h>
-#include <dbus/dbus-glib-lowlevel.h>
-
#include <polkit/polkit.h>
+#include <polkitbackend/polkitbackend.h>
-#define NAME_TO_CLAIM "org.freedesktop.PolicyKit1"
-
-static PolkitBackend *
-get_backend (void)
+static PolkitAuthority *
+get_authority_backend (void)
{
- return polkit_local_backend_new ();
-}
-
-static gboolean
-acquire_name_on_proxy (DBusGProxy *bus_proxy)
-{
- GError *error;
- guint result;
- gboolean res;
- gboolean ret;
-
- ret = FALSE;
-
- if (bus_proxy == NULL) {
- goto out;
- }
-
- error = NULL;
- res = dbus_g_proxy_call (bus_proxy,
- "RequestName",
- &error,
- G_TYPE_STRING, NAME_TO_CLAIM,
- G_TYPE_UINT, 0,
- G_TYPE_INVALID,
- G_TYPE_UINT, &result,
- G_TYPE_INVALID);
- if (! res) {
- if (error != NULL) {
- g_warning ("Failed to acquire %s: %s", NAME_TO_CLAIM, error->message);
- g_error_free (error);
- } else {
- g_warning ("Failed to acquire %s", NAME_TO_CLAIM);
- }
- goto out;
- }
-
- if (result != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER) {
- if (error != NULL) {
- g_warning ("Failed to acquire %s: %s", NAME_TO_CLAIM, error->message);
- g_error_free (error);
- } else {
- g_warning ("Failed to acquire %s", NAME_TO_CLAIM);
- }
- goto out;
- }
-
- ret = TRUE;
-
- out:
- return ret;
+ /* TODO: use extension points etc. */
+ return POLKIT_AUTHORITY (polkit_backend_local_new ());
}
int
main (int argc, char **argv)
{
- GError *error;
- GMainLoop *loop;
- GOptionContext *context;
- DBusGProxy *bus_proxy;
- DBusGConnection *bus;
- int ret;
- PolkitBackend *backend;
- PolkitBackendStub *stub;
- static GOptionEntry entries[] = {
- { NULL }
- };
+ int ret;
+ guint rn_ret;
+ GError *error;
+ GMainLoop *loop;
+ EggDBusConnection *connection;
+ PolkitAuthority *authority;
ret = 1;
- backend = NULL;
- stub = NULL;
- loop = NULL;
- bus = NULL;
g_type_init ();
+ polkit_bindings_register_types (); /* TODO: use __attribute ((constructor)) */
- context = g_option_context_new ("PolicyKit daemon");
- g_option_context_add_main_entries (context, entries, NULL);
- g_option_context_parse (context, &argc, &argv, NULL);
- g_option_context_free (context);
+ loop = g_main_loop_new (NULL, FALSE);
+ connection = egg_dbus_connection_get_for_bus (EGG_DBUS_BUS_TYPE_SYSTEM);
error = NULL;
- bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
- if (bus == NULL) {
- g_warning ("Couldn't connect to system bus: %s", error->message);
+ if (!egg_dbus_bus_invoke_request_name (egg_dbus_connection_get_bus_proxy (connection),
+ 0, /* call flags */
+ "org.freedesktop.PolicyKit1",
+ 0, /* flags */
+ &rn_ret,
+ NULL,
+ &error)) {
+ g_warning ("error: %s", error->message);
g_error_free (error);
goto out;
}
- bus_proxy = dbus_g_proxy_new_for_name (bus,
- DBUS_SERVICE_DBUS,
- DBUS_PATH_DBUS,
- DBUS_INTERFACE_DBUS);
- if (bus_proxy == NULL) {
- g_warning ("Could not construct bus_proxy object; bailing out");
- goto out;
- }
-
- if (!acquire_name_on_proxy (bus_proxy) ) {
- g_warning ("Could not acquire name; bailing out");
- goto out;
- }
-
- g_debug ("Starting polkitd-1 version %s", VERSION);
-
- backend = get_backend ();
- if (backend == NULL) {
- g_warning ("Couldn't find suitable backend to use");
+ if (rn_ret != 1) {
+ g_warning ("could not become primary name owner");
goto out;
}
- stub = polkit_backend_stub_new (bus,
- "/authority",
- backend);
+ authority = get_authority_backend ();
- if (stub == NULL) {
- goto out;
- }
-
- loop = g_main_loop_new (NULL, FALSE);
+ egg_dbus_connection_export_object (connection,
+ G_OBJECT (authority),
+ "/org/freedesktop/PolicyKit1/Authority");
g_main_loop_run (loop);
+ g_object_unref (authority);
+ g_object_unref (connection);
ret = 0;
-out:
- if (backend != NULL)
- g_object_unref (backend);
-
- if (stub != NULL)
- g_object_unref (stub);
-
- if (loop != NULL)
- g_main_loop_unref (loop);
-
- if (bus != NULL)
- dbus_g_connection_unref (bus);
-
+ out:
return ret;
}
diff --git a/src/programs/Makefile.am b/src/programs/Makefile.am
index 8ba3fe5..b6a83cb 100644
--- a/src/programs/Makefile.am
+++ b/src/programs/Makefile.am
@@ -21,14 +21,12 @@ polkit_verify_claim_1_SOURCES = polkit-verify-claim.c
polkit_verify_claim_1_CFLAGS = \
$(GLIB_CFLAGS) \
- $(GIO_CFLAGS) \
- $(DBUS_GLIB_CFLAGS) \
+ $(EGG_DBUS_CFLAGS) \
$(NULL)
polkit_verify_claim_1_LDADD = \
$(GLIB_LDADD) \
- $(GIO_LDADD) \
- $(DBUS_GLIB_LDADD) \
+ $(EGG_DBUS_LDADD) \
$(top_builddir)/src/polkit/libpolkit-gobject-1.la \
$(NULL)
diff --git a/src/programs/polkit-verify-claim.c b/src/programs/polkit-verify-claim.c
index 36ad439..2c07fb3 100644
--- a/src/programs/polkit-verify-claim.c
+++ b/src/programs/polkit-verify-claim.c
@@ -26,41 +26,31 @@
int
main (int argc, char *argv[])
{
- GList *ret;
GError *error;
- GFile *dir;
+ PolkitAuthority *authority;
+ gchar *result;
g_type_init ();
- dir = g_file_new_for_commandline_arg (argv[1]);
+ authority = polkit_authority_get ();
error = NULL;
- ret = polkit_action_description_new_from_directory (dir,
- NULL,
- &error);
- if (error != NULL) {
- g_print ("Got error: %s\n", error->message);
- g_error_free (error);
- goto out;
- }
-
- g_debug ("rock'n'roll!");
+ polkit_authority_invoke_say_hello (authority,
+ 0, /* call_flags */
+ "Hi there!",
+ &result,
+ NULL,
+ &error);
+ g_print ("Authority replied: %s\n", result);
+ g_free (result);
- g_list_foreach (ret, (GFunc) g_object_unref, NULL);
- g_list_free (ret);
+ g_object_unref (authority);
- out:
return 0;
+}
-#if 0
- PolkitAuthorizationResult result;
- GError *error;
- PolkitAuthority *authority;
-
- g_type_init ();
-
- authority = polkit_authority_get ();
+#if 0
PolkitSubject *subject1;
PolkitSubject *subject2;
PolkitSubject *subject3;
@@ -94,8 +84,4 @@ main (int argc, char *argv[])
g_print ("Got result: %d\n", result);
}
- g_object_unref (authority);
-
- return 0;
#endif
-}
commit 7c565ab16c9bcbb8d6ea058d46af20a3fc919452
Author: David Zeuthen <davidz at redhat.com>
Date: Thu Nov 6 10:45:31 2008 -0500
fix up autogen.sh
diff --git a/autogen.sh b/autogen.sh
index 362cc32..4d25597 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -1,6 +1,8 @@
#!/bin/sh
# Run this to generate all the initial makefiles, etc.
+touch ChangeLog
+
srcdir=`dirname $0`
test -z "$srcdir" && srcdir=.
@@ -29,6 +31,14 @@ DIE=0
}
}
+(gtkdocize --flavour no-tmpl) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "You must have gtk-doc installed to compile $PROJECT."
+ echo "Install the appropriate package for your distribution,"
+ echo "or get the source tarball at http://ftp.gnome.org/pub/GNOME/sources/gtk-doc/"
+ DIE=1
+}
+
(automake --version) < /dev/null > /dev/null 2>&1 || {
echo
echo "**Error**: You must have automake installed."
commit aa1660ad22141b4db12f054233f0fae976a948e9
Author: David Zeuthen <davidz at redhat.com>
Date: Thu Nov 6 10:43:38 2008 -0500
initial commit
diff --git a/AUTHORS b/AUTHORS
new file mode 100644
index 0000000..e69de29
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..20c8451
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,482 @@
+ GNU LIBRARY GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1991 Free Software Foundation, Inc.
+ 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the library GPL. It is
+ numbered 2 because it goes with version 2 of the ordinary GPL.]
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+ This license, the Library General Public License, applies to some
+specially designated Free Software Foundation software, and to any
+other libraries whose authors decide to use it. You can use it for
+your libraries, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if
+you distribute copies of the library, or if you modify it.
+
+ For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you. You must make sure that they, too, receive or can get the source
+code. If you link a program with the library, you must provide
+complete object files to the recipients so that they can relink them
+with the library, after making changes to the library and recompiling
+it. And you must show them these terms so they know their rights.
+
+ Our method of protecting your rights has two steps: (1) copyright
+the library, and (2) offer you this license which gives you legal
+permission to copy, distribute and/or modify the library.
+
+ Also, for each distributor's protection, we want to make certain
+that everyone understands that there is no warranty for this free
+library. If the library is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original
+version, so that any problems introduced by others will not reflect on
+the original authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that companies distributing free
+software will individually obtain patent licenses, thus in effect
+transforming the program into proprietary software. To prevent this,
+we have made it clear that any patent must be licensed for everyone's
+free use or not licensed at all.
+
+ Most GNU software, including some libraries, is covered by the ordinary
+GNU General Public License, which was designed for utility programs. This
+license, the GNU Library General Public License, applies to certain
+designated libraries. This license is quite different from the ordinary
+one; be sure to read it in full, and don't assume that anything in it is
+the same as in the ordinary license.
+
+ The reason we have a separate public license for some libraries is that
+they blur the distinction we usually make between modifying or adding to a
+program and simply using it. Linking a program with a library, without
+changing the library, is in some sense simply using the library, and is
+analogous to running a utility program or application program. However, in
+a textual and legal sense, the linked executable is a combined work, a
+derivative of the original library, and the ordinary General Public License
+treats it as such.
+
+ Because of this blurred distinction, using the ordinary General
+Public License for libraries did not effectively promote software
+sharing, because most developers did not use the libraries. We
+concluded that weaker conditions might promote sharing better.
+
+ However, unrestricted linking of non-free programs would deprive the
+users of those programs of all benefit from the free status of the
+libraries themselves. This Library General Public License is intended to
+permit developers of non-free programs to use free libraries, while
+preserving your freedom as a user of such programs to change the free
+libraries that are incorporated in them. (We have not seen how to achieve
+this as regards changes in header files, but we have achieved it as regards
+changes in the actual functions of the Library.) The hope is that this
+will lead to faster development of free libraries.
+
+ The precise terms and conditions for copying, distribution and
+modification follow. Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library". The
+former contains code derived from the library, while the latter only
+works together with the library.
+
+ Note that it is possible for a library to be covered by the ordinary
+General Public License rather than by this special one.
+
+ GNU LIBRARY GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License Agreement applies to any software library which
+contains a notice placed by the copyright holder or other authorized
+party saying it may be distributed under the terms of this Library
+General Public License (also called "this License"). Each licensee is
+addressed as "you".
+
+ A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+ The "Library", below, refers to any such software library or work
+which has been distributed under these terms. A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language. (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+ "Source code" for a work means the preferred form of the work for
+making modifications to it. For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+ Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it). Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+ 1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+ You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+
+ 2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) The modified work must itself be a software library.
+
+ b) You must cause the files modified to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ c) You must cause the whole of the work to be licensed at no
+ charge to all third parties under the terms of this License.
+
+ d) If a facility in the modified Library refers to a function or a
+ table of data to be supplied by an application program that uses
+ the facility, other than as an argument passed when the facility
+ is invoked, then you must make a good faith effort to ensure that,
+ in the event an application does not supply such function or
+ table, the facility still operates, and performs whatever part of
+ its purpose remains meaningful.
+
+ (For example, a function in a library to compute square roots has
+ a purpose that is entirely well-defined independent of the
+ application. Therefore, Subsection 2d requires that any
+ application-supplied function or table used by this function must
+ be optional: if the application does not supply it, the square
+ root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library. To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License. (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.) Do not make any other change in
+these notices.
+
+ Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+ This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+ 4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+ If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library". Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+ However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library". The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+ When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library. The
+threshold for this to be true is not precisely defined by law.
+
+ If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work. (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+ Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+
+ 6. As an exception to the Sections above, you may also compile or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+ You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License. You must supply a copy of this License. If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License. Also, you must do one
+of these things:
+
+ a) Accompany the work with the complete corresponding
+ machine-readable source code for the Library including whatever
+ changes were used in the work (which must be distributed under
+ Sections 1 and 2 above); and, if the work is an executable linked
+ with the Library, with the complete machine-readable "work that
+ uses the Library", as object code and/or source code, so that the
+ user can modify the Library and then relink to produce a modified
+ executable containing the modified Library. (It is understood
+ that the user who changes the contents of definitions files in the
+ Library will not necessarily be able to recompile the application
+ to use the modified definitions.)
+
+ b) Accompany the work with a written offer, valid for at
+ least three years, to give the same user the materials
+ specified in Subsection 6a, above, for a charge no more
+ than the cost of performing this distribution.
+
+ c) If distribution of the work is made by offering access to copy
+ from a designated place, offer equivalent access to copy the above
+ specified materials from the same place.
+
+ d) Verify that the user has already received a copy of these
+ materials or that you have already sent this user a copy.
+
+ For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it. However, as a special exception,
+the source code distributed need not include anything that is normally
+distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+ It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system. Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+
+ 7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+ a) Accompany the combined library with a copy of the same work
+ based on the Library, uncombined with any other library
+ facilities. This must be distributed under the terms of the
+ Sections above.
+
+ b) Give prominent notice with the combined library of the fact
+ that part of it is a work based on the Library, and explaining
+ where to find the accompanying uncombined form of the same work.
+
+ 8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License. Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License. However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+ 9. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Library or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+ 10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all. For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded. In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+ 13. The Free Software Foundation may publish revised and/or new
+versions of the Library General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation. If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+
+ 14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission. For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this. Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+ NO WARRANTY
+
+ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Libraries
+
+ If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change. You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
+
+ To apply these terms, attach the following notices to the library. It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the library's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with this library; if not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
+ library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+ <signature of Ty Coon>, 1 April 1990
+ Ty Coon, President of Vice
+
+That's all there is to it!
diff --git a/HACKING b/HACKING
new file mode 100644
index 0000000..944b41a
--- /dev/null
+++ b/HACKING
@@ -0,0 +1 @@
+Write me
diff --git a/Makefile.am b/Makefile.am
new file mode 100644
index 0000000..66b86d7
--- /dev/null
+++ b/Makefile.am
@@ -0,0 +1,16 @@
+## Process this file with automake to produce Makefile.in
+
+SUBDIRS = data src docs po
+
+NULL =
+
+EXTRA_DIST = \
+ HACKING \
+ mkinstalldirs \
+ $(NULL)
+
+# xsltproc barfs on 'make distcheck'; disable for now
+DISTCHECK_CONFIGURE_FLAGS=--disable-man-pages --disable-gtk-doc
+
+clean-local :
+ rm -f *~
diff --git a/NEWS b/NEWS
new file mode 100644
index 0000000..e69de29
diff --git a/README b/README
new file mode 100644
index 0000000..e69de29
diff --git a/autogen.sh b/autogen.sh
new file mode 100755
index 0000000..362cc32
--- /dev/null
+++ b/autogen.sh
@@ -0,0 +1,95 @@
+#!/bin/sh
+# Run this to generate all the initial makefiles, etc.
+
+srcdir=`dirname $0`
+test -z "$srcdir" && srcdir=.
+
+DIE=0
+
+(test -f $srcdir/configure.ac) || {
+ echo -n "**Error**: Directory $srcdir does not look like the"
+ echo " top-level package directory"
+ exit 1
+}
+
+(autoconf --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have autoconf installed."
+ echo "Download the appropriate package for your distribution,"
+ echo "or get the source tarball at ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+}
+
+(grep "^AM_PROG_LIBTOOL" $srcdir/configure.ac >/dev/null) && {
+ (libtool --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have libtool installed."
+ echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+ }
+}
+
+(automake --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: You must have automake installed."
+ echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+ NO_AUTOMAKE=yes
+}
+
+
+# if no automake, don't bother testing for aclocal
+test -n "$NO_AUTOMAKE" || (aclocal --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "**Error**: Missing aclocal. The version of automake"
+ echo "installed doesn't appear recent enough."
+ echo "You can get automake from ftp://ftp.gnu.org/pub/gnu/"
+ DIE=1
+}
+
+if test "$DIE" -eq 1; then
+ exit 1
+fi
+
+if test -z "$*"; then
+ echo "**Warning**: I am going to run configure with no arguments."
+ echo "If you wish to pass any to it, please specify them on the"
+ echo $0 " command line."
+ echo
+fi
+
+case $CC in
+xlc )
+ am_opt=--include-deps;;
+esac
+
+ aclocalinclude="$ACLOCAL_FLAGS"
+
+ if grep "^AM_PROG_LIBTOOL" configure.ac >/dev/null; then
+ if test -z "$NO_LIBTOOLIZE" ; then
+ echo "Running libtoolize..."
+ libtoolize --force --copy
+ fi
+ fi
+ echo "Running aclocal $aclocalinclude ..."
+ aclocal $aclocalinclude
+ if grep "^AM_CONFIG_HEADER" configure.ac >/dev/null; then
+ echo "Running autoheader..."
+ autoheader
+ fi
+ echo "Running automake --gnu -Wno-portability $am_opt ..."
+ automake --add-missing --gnu -Wno-portability $am_opt
+ echo "Running autoconf ..."
+ autoconf
+
+intltoolize --copy --force --automake || exit 1
+
+conf_flags="--enable-maintainer-mode --enable-gtk-doc"
+
+if test x$NOCONFIGURE = x; then
+ echo "Running $srcdir/configure $conf_flags $@ ..."
+ $srcdir/configure $conf_flags "$@" \
+ && echo "Now type make to compile." || exit 1
+else
+ echo "Skipping configure process."
+fi
diff --git a/configure.ac b/configure.ac
new file mode 100644
index 0000000..4882377
--- /dev/null
+++ b/configure.ac
@@ -0,0 +1,204 @@
+dnl Process this file with autoconf to produce a configure script.
+
+AC_PREREQ(2.59c)
+AC_INIT(polkit, 0.90, http://lists.freedesktop.org/mailman/listinfo/polkit-devel)
+AM_INIT_AUTOMAKE(polkit, 0.90)
+AM_CONFIG_HEADER(config.h)
+AM_MAINTAINER_MODE
+
+# libtool versioning - this applies to all libraries in this package
+#
+# See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details
+#
+LT_CURRENT=0
+LT_REVISION=0
+LT_AGE=0
+AC_SUBST(LT_CURRENT)
+AC_SUBST(LT_REVISION)
+AC_SUBST(LT_AGE)
+
+AC_ISC_POSIX
+AC_PROG_CC
+AM_PROG_CC_STDC
+AC_HEADER_STDC
+AM_PROG_LIBTOOL
+AC_PROG_MAKE_SET
+AC_PROG_LN_S
+AC_SYS_LARGEFILE
+AM_PROG_CC_C_O
+
+# Taken from dbus
+AC_ARG_ENABLE(ansi, [ --enable-ansi enable -ansi -pedantic gcc flags],enable_ansi=$enableval,enable_ansi=no)
+AC_ARG_ENABLE(verbose-mode, [ --enable-verbose-mode support verbose debug mode],enable_verbose_mode=$enableval,enable_verbose_mode=$USE_MAINTAINER_MODE)
+AC_ARG_ENABLE(man-pages, [ --enable-man-pages build manual pages],enable_man_pages=$enableval,enable_man_pages=yes)
+
+if test "${enable_man_page}" != no; then
+dnl
+dnl Check for xsltproc
+dnl
+AC_PATH_PROG([XSLTPROC], [xsltproc])
+ if test -z "$XSLTPROC"; then
+ enable_man_pages=no
+ fi
+fi
+AM_CONDITIONAL(MAN_PAGES_ENABLED, test x$enable_man_pages = xyes)
+
+GTK_DOC_CHECK([1.3])
+
+#### gcc warning flags
+
+if test "x$GCC" = "xyes"; then
+ changequote(,)dnl
+ case " $CFLAGS " in
+ *[\ \ ]-Wall[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wall" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wchar-subscripts[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wchar-subscripts" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wmissing-declarations[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wmissing-declarations" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wnested-externs[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wnested-externs" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wpointer-arith[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wpointer-arith" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wcast-align[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wcast-align" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wsign-compare[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wsign-compare" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wformat[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wformat" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wformat-security[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wformat-security" ;;
+ esac
+
+ if test "x$enable_ansi" = "xyes"; then
+ case " $CFLAGS " in
+ *[\ \ ]-ansi[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -ansi" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-D_POSIX_C_SOURCE*) ;;
+ *) CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=199309L" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-D_BSD_SOURCE[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -D_BSD_SOURCE" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-pedantic[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -pedantic" ;;
+ esac
+ fi
+ changequote([,])dnl
+fi
+
+PKG_CHECK_MODULES(GLIB, [gio-2.0 >= 2.14.0])
+AC_SUBST(GIO_CFLAGS)
+AC_SUBST(GIO_LIBS)
+
+PKG_CHECK_MODULES(GLIB, [glib-2.0 >= 2.14.0 gio-2.0 >= 2.14.0])
+AC_SUBST(GLIB_CFLAGS)
+AC_SUBST(GLIB_LIBS)
+
+PKG_CHECK_MODULES(DBUS, [dbus-1 >= 1.0])
+AC_SUBST(DBUS_CFLAGS)
+AC_SUBST(DBUS_LIBS)
+
+PKG_CHECK_MODULES(DBUS_GLIB, [dbus-glib-1 >= 0.73])
+AC_SUBST(DBUS_GLIB_CFLAGS)
+AC_SUBST(DBUS_GLIB_LIBS)
+
+EXPAT_LIB=""
+AC_ARG_WITH(expat, [ --with-expat=<dir> Use expat from here],
+ [
+ expat=$withval
+ CPPFLAGS="$CPPFLAGS -I$withval/include"
+ LDFLAGS="$LDFLAGS -L$withval/lib"
+ ]
+ )
+AC_CHECK_HEADERS(expat.h, [AC_DEFINE(HAVE_EXPAT_H)],
+ [AC_MSG_ERROR([Can't find expat.h. Please install expat.])])
+AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"],
+ [AC_MSG_ERROR([Can't find expat library. Please install expat.])])
+AC_SUBST(EXPAT_LIBS)
+
+if test "x$GCC" = "xyes"; then
+ LDFLAGS="-Wl,--as-needed $LDFLAGS"
+fi
+
+# ********************
+# Internationalisation
+# ********************
+
+IT_PROG_INTLTOOL([0.40.0])
+GETTEXT_PACKAGE=polkit
+AC_SUBST([GETTEXT_PACKAGE])
+AM_GLIB_GNU_GETTEXT
+AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE],["$GETTEXT_PACKAGE"],[gettext domain])
+
+AC_OUTPUT([
+Makefile
+data/Makefile
+src/Makefile
+src/polkit/Makefile
+src/polkitd/Makefile
+src/programs/Makefile
+docs/version.xml
+docs/Makefile
+docs/man/Makefile
+po/Makefile.in
+])
+
+dnl ==========================================================================
+echo "
+ polkit $VERSION
+ =================
+
+ prefix: ${prefix}
+ libdir: ${libdir}
+ libexecdir: ${libexecdir}
+ bindir: ${bindir}
+ sbindir: ${sbindir}
+ datadir: ${datadir}
+ sysconfdir: ${sysconfdir}
+ localstatedir: ${localstatedir}
+ docdir: ${docdir}
+
+ compiler: ${CC}
+ cflags: ${CFLAGS}
+ cppflags: ${CPPFLAGS}
+ xsltproc: ${XSLTPROC}
+
+ Maintainer mode: ${USE_MAINTAINER_MODE}
+ Building unit tests: ${enable_tests}
+ GCC coverage profiling: ${enable_gcov}
+ Building verbose mode: ${enable_verbose_mode}
+ Building api docs: ${enable_gtk_doc}
+ Building man pages: ${enable_man_pages}
+"
diff --git a/data/Makefile.am b/data/Makefile.am
new file mode 100644
index 0000000..319217b
--- /dev/null
+++ b/data/Makefile.am
@@ -0,0 +1,22 @@
+## Process this file with automake to produce Makefile.in
+
+servicedir = $(datadir)/dbus-1/system-services
+service_in_files = org.freedesktop.PolicyKit1.service.in
+service_DATA = $(service_in_files:.service.in=.service)
+
+$(service_DATA): $(service_in_files) Makefile
+ @sed -e "s|\@libexecdir\@|$(libexecdir)|" $< > $@
+
+dbusconfdir = $(sysconfdir)/dbus-1/system.d
+dbusconf_in_files = org.freedesktop.PolicyKit1.conf.in
+dbusconf_DATA = $(dbusconf_in_files:.conf.in=.conf)
+
+$(dbusconf_DATA): $(dbusconf_in_files) Makefile
+ @sed -e "s|\@polkituser\@|$(POLKIT_USER)|" $< > $@
+
+CLEANFILES = $(BUILT_SOURCES)
+
+EXTRA_DIST = org.freedesktop.PolicyKit1.Authority.xml $(service_in_files) $(dbusconf_in_files)
+
+clean-local :
+ rm -f *~ $(service_DATA) $(dbusconf_DATA)
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
new file mode 100644
index 0000000..dbd5b4c
--- /dev/null
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -0,0 +1,19 @@
+<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
+<node name="/">
+
+ <interface name="org.freedesktop.PolicyKit1.Authority">
+
+ <method name="SayHello">
+ <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
+ <arg name="message" direction="in" type="s"/>
+ <arg name="result" direction="out" type="s"/>
+ </method>
+
+ <method name="CheckClaims">
+ <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
+ <arg name="claims" direction="in" type="a(ssa{ss})"/>
+ <arg name="result" direction="out" type="s"/>
+ </method>
+
+ </interface>
+</node>
diff --git a/data/org.freedesktop.PolicyKit1.conf.in b/data/org.freedesktop.PolicyKit1.conf.in
new file mode 100644
index 0000000..ad602a7
--- /dev/null
+++ b/data/org.freedesktop.PolicyKit1.conf.in
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
+
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <policy user="root">
+ <allow own="org.freedesktop.PolicyKit1"/>
+ </policy>
+</busconfig>
diff --git a/data/org.freedesktop.PolicyKit1.service.in b/data/org.freedesktop.PolicyKit1.service.in
new file mode 100644
index 0000000..09abeed
--- /dev/null
+++ b/data/org.freedesktop.PolicyKit1.service.in
@@ -0,0 +1,4 @@
+[D-BUS Service]
+Name=org.freedesktop.PolicyKit1
+Exec=@libexecdir@/polkitd-1
+User=root
diff --git a/docs/Makefile.am b/docs/Makefile.am
new file mode 100644
index 0000000..b647ac9
--- /dev/null
+++ b/docs/Makefile.am
@@ -0,0 +1,76 @@
+
+SUBDIRS = man
+
+NULL =
+
+AUTOMAKE_OPTIONS = 1.7
+
+# The name of the module.
+DOC_MODULE=polkit
+
+# The top-level SGML file.
+DOC_MAIN_SGML_FILE=polkit-docs.xml
+
+# Extra options to supply to gtkdoc-scan
+SCAN_OPTIONS=--ignore-headers=config.h
+
+# The directory containing the source code. Relative to $(srcdir)
+DOC_SOURCE_DIR=../src/polkit
+
+# Used for dependencies
+HFILE_GLOB=$(top_srcdir)/src/polkit/*.h
+CFILE_GLOB=$(top_srcdir)/src/polkit/*.c
+
+# Headers to ignore
+IGNORE_HFILES= \
+ $(NULL)
+
+# CFLAGS and LDFLAGS for compiling scan program. Only needed
+# if $(DOC_MODULE).types is non-empty.
+INCLUDES = \
+ $(DBUS_GLIB_CFLAGS) \
+ $(GLIB_CFLAGS) \
+ $(GIO_CFLAGS) \
+ -I$(top_srcdir)/src/polkit \
+ -I$(top_builddir)/src/polkit \
+ $(NULL)
+
+GTKDOC_LIBS = \
+ $(DBUS_GLIB_LIBS) \
+ $(GLIB_LIBS) \
+ $(GIO_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-mkdb
+MKDB_OPTIONS=--sgml-mode --output-format=xml
+
+# Extra options to supply to gtkdoc-mktmpl
+MKTMPL_OPTIONS=
+
+# Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
+content_files = \
+ version.xml \
+ $(NULL)
+
+# Images to copy into HTML directory
+HTML_IMAGES = \
+ $(NULL)
+
+# Extra options to supply to gtkdoc-fixref
+FIXXREF_OPTIONS=
+
+MAINTAINERCLEANFILES = \
+ *~ \
+ Makefile.in \
+ polkit.types \
+ polkit-*.txt \
+ $(NULL)
+
+if ENABLE_GTK_DOC
+include $(top_srcdir)/gtk-doc.make
+else
+EXTRA_DIST =
+endif
+
+EXTRA_DIST += version.xml.in
diff --git a/docs/man/Makefile.am b/docs/man/Makefile.am
new file mode 100644
index 0000000..a61a882
--- /dev/null
+++ b/docs/man/Makefile.am
@@ -0,0 +1,18 @@
+
+NULL =
+
+if MAN_PAGES_ENABLED
+
+man_MANS = PolicyKit-1.8 \
+ $(NULL)
+
+%-1.8 : %.xml
+ $(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+
+endif # MAN_PAGES_ENABLED
+
+EXTRA_DIST= PolicyKit.xml \
+ $(NULL)
+
+clean-local:
+ rm -f *~ *.8
diff --git a/docs/man/PolicyKit.xml b/docs/man/PolicyKit.xml
new file mode 100644
index 0000000..6cb9145
--- /dev/null
+++ b/docs/man/PolicyKit.xml
@@ -0,0 +1,60 @@
+<refentry id="PolicyKit-1.8">
+ <refentryinfo>
+ <title>PolicyKit-1</title>
+ <date>August 2007</date>
+ <productname>PolicyKit-1</productname>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>PolicyKit-1</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="version"></refmiscinfo>
+ </refmeta>
+
+ <refnamediv>
+ <refname>PolicyKit-1</refname>
+ <refpurpose>Authorization API</refpurpose>
+ </refnamediv>
+
+ <refsect1><title>DESCRIPTION</title>
+ <para>
+ For more information about the big picture refer to the
+ PolicyKit specification which can be normally be found
+ under <filename>/usr/share/doc</filename>.
+ </para>
+
+ <para>
+ <emphasis>TODO:</emphasis> This manual page should contain a
+ simple introduction to PolicyKit for a system administrator
+ audience. Remains to be written.
+ </para>
+ </refsect1>
+
+
+ <refsect1><title>AUTHOR</title>
+ <para>
+ Written by David Zeuthen <email>david at fubar.dk</email> with
+ a lot of help from many others.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>BUGS</title>
+ <para>
+ Please send bug reports to either the distribution or the
+ polkit-devel mailing list,
+ see <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>.
+ to subscribe.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>polkit-adm-1</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+</refentry>
+
diff --git a/docs/polkit-docs.xml b/docs/polkit-docs.xml
new file mode 100644
index 0000000..565bfe0
--- /dev/null
+++ b/docs/polkit-docs.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
+<!ENTITY version SYSTEM "version.xml">
+]>
+<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
+ <bookinfo>
+ <title>PolicyKit Reference Manual</title>
+ <releaseinfo>Version &version;</releaseinfo>
+ <authorgroup>
+ <author>
+ <firstname>David</firstname>
+ <surname>Zeuthen</surname>
+ <affiliation>
+ <address>
+ <email>davidz at redhat.com</email>
+ </address>
+ </affiliation>
+ </author>
+ </authorgroup>
+
+ <copyright>
+ <year>2008</year>
+ <holder>The PolicyKit Authors</holder>
+ </copyright>
+
+ <legalnotice>
+ <para>
+ Permission is granted to copy, distribute and/or modify this
+ document under the terms of the <citetitle>GNU Free
+ Documentation License</citetitle>, Version 1.1 or any later
+ version published by the Free Software Foundation with no
+ Invariant Sections, no Front-Cover Texts, and no Back-Cover
+ Texts. You may obtain a copy of the <citetitle>GNU Free
+ Documentation License</citetitle> from the Free Software
+ Foundation by visiting <ulink type="http"
+ url="http://www.fsf.org">their Web site</ulink> or by writing
+ to:
+
+ <address>
+ The Free Software Foundation, Inc.,
+ <street>59 Temple Place</street> - Suite 330,
+ <city>Boston</city>, <state>MA</state> <postcode>02111-1307</postcode>,
+ <country>USA</country>
+ </address>
+ </para>
+
+ <para>
+ Many of the names used by companies to distinguish their
+ products and services are claimed as trademarks. Where those
+ names appear in any GNOME documentation, and those trademarks
+ are made aware to the members of the GNOME Documentation
+ Project, the names have been printed in caps or initial caps.
+ </para>
+ </legalnotice>
+ </bookinfo>
+
+ <reference id="ref-api">
+ <title>API Reference</title>
+ <partintro>
+ <para>
+ This part presents the class and function reference for the
+ <literal>libpolkit-gobject-1</literal> library.
+ </para>
+ </partintro>
+ <xi:include href="xml/polkitauthority.xml"/>
+ <xi:include href="xml/polkitauthorizationclaim.xml"/>
+ <xi:include href="xml/polkitauthorizationresult.xml"/>
+ <xi:include href="xml/polkitactiondescription.xml"/>
+ <xi:include href="xml/polkiterror.xml"/>
+ <xi:include href="xml/polkitsubject.xml"/>
+ <xi:include href="xml/polkituser.xml"/>
+ <xi:include href="xml/polkitprocess.xml"/>
+ <chapter id="extending">
+ <title>Extending PolicyKit</title>
+ <xi:include href="xml/polkitbackend.xml"/>
+ <xi:include href="xml/polkitlocalbackend.xml"/>
+ <xi:include href="xml/polkitbackendstub.xml"/>
+ </chapter>
+ </reference>
+
+ <chapter id="polkit-hierarchy">
+ <title>Object Hierarchy</title>
+ <xi:include href="xml/tree_index.sgml"/>
+ </chapter>
+
+ <index>
+ <title>Index</title>
+ </index>
+
+ <!-- License -->
+
+ <appendix id="license">
+ <title>License</title>
+ <para>
+<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../COPYING" parse="text"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
+ </para>
+ </appendix>
+</book>
diff --git a/docs/version.xml.in b/docs/version.xml.in
new file mode 100644
index 0000000..d78bda9
--- /dev/null
+++ b/docs/version.xml.in
@@ -0,0 +1 @@
+ at VERSION@
diff --git a/po/ChangeLog b/po/ChangeLog
new file mode 100644
index 0000000..e69de29
diff --git a/po/LINGUAS b/po/LINGUAS
new file mode 100644
index 0000000..b72d517
--- /dev/null
+++ b/po/LINGUAS
@@ -0,0 +1,4 @@
+# please keep this list sorted alphabetically
+#
+
+
diff --git a/po/POTFILES.in b/po/POTFILES.in
new file mode 100644
index 0000000..53c4283
--- /dev/null
+++ b/po/POTFILES.in
@@ -0,0 +1,3 @@
+# List of source files containing translatable strings.
+# Please keep this file sorted alphabetically.
+[encoding: UTF-8]
diff --git a/src/Makefile.am b/src/Makefile.am
new file mode 100644
index 0000000..562a3e2
--- /dev/null
+++ b/src/Makefile.am
@@ -0,0 +1,5 @@
+
+SUBDIRS = polkit polkitd programs
+
+clean-local :
+ rm -f *~
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
new file mode 100644
index 0000000..1ab8817
--- /dev/null
+++ b/src/polkit/Makefile.am
@@ -0,0 +1,78 @@
+NULL =
+
+INCLUDES = \
+ -I$(top_builddir)/src \
+ -I$(top_srcdir)/src \
+ -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
+ -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
+ -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
+ -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
+ -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
+ -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
+ -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -D_POSIX_PTHREAD_SEMANTICS \
+ -D_REENTRANT \
+ $(NULL)
+
+BUILT_SOURCES = \
+ polkitbackendstubglue.h \
+ polkitauthorityglue.h \
+ $(NULL)
+
+polkitbackendstubglue.h: $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml Makefile.am
+ dbus-binding-tool --prefix=_polkit_backend_stub --mode=glib-server --output=polkitbackendstubglue.h $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
+
+polkitauthorityglue.h: $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml Makefile.am
+ dbus-binding-tool --mode=glib-client --output=polkitauthorityglue.h $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml
+
+lib_LTLIBRARIES=libpolkit-gobject-1.la
+
+libpolkit_gobject_1includedir=$(includedir)/polkit-1/polkit
+
+libpolkit_gobject_1include_HEADERS = \
+ polkit.h \
+ polkitactiondescription.h \
+ polkitauthority.h \
+ polkitauthorizationclaim.h \
+ polkitauthorizationresult.h \
+ polkitbackend.h \
+ polkiterror.h \
+ polkitsubject.h \
+ polkituser.h \
+ polkitprocess.h \
+ $(NULL)
+
+libpolkit_gobject_1_la_SOURCES = \
+ polkit.h \
+ polkitauthority.h polkitauthority.c \
+ polkitactiondescription.h polkitactiondescription.c \
+ polkitauthorizationclaim.h polkitauthorizationclaim.c \
+ polkitauthorizationresult.h polkitauthorizationresult.c \
+ polkitbackend.h polkitbackend.c \
+ polkitbackendstub.h polkitbackendstub.c \
+ polkiterror.h polkiterror.c \
+ polkitsubject.h polkitsubject.c \
+ polkitlocalbackend.h polkitlocalbackend.c \
+ polkituser.h polkituser.c \
+ polkitprocess.h polkitprocess.c \
+ polkitserialization.h polkitserialization.c \
+ $(BUILT_SOURCES) \
+ $(NULL)
+
+libpolkit_gobject_1_la_CFLAGS = \
+ -D_POLKIT_COMPILATION \
+ $(GLIB_CFLAGS) \
+ $(GIO_CFLAGS) \
+ $(DBUS_GLIB_CFLAGS) \
+ $(NULL)
+
+libpolkit_gobject_1_la_LIBADD = \
+ $(GLIB_LIBS) \
+ $(GIO_LIBS) \
+ $(DBUS_GLIB_LIBS) \
+ $(NULL)
+
+CLEANFILES = $(BUILT_SOURCES)
+
+clean-local :
+ rm -f *~
diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h
new file mode 100644
index 0000000..afdad46
--- /dev/null
+++ b/src/polkit/polkit.h
@@ -0,0 +1,43 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_H
+#define __POLKIT_H
+
+#define _POLKIT_INSIDE_POLKIT_H 1
+#include <polkit/polkiterror.h>
+#include <polkit/polkitsubject.h>
+#include <polkit/polkitauthority.h>
+#include <polkit/polkitbackendstub.h>
+#include <polkit/polkitbackend.h>
+#include <polkit/polkitlocalbackend.h>
+#include <polkit/polkitauthorizationclaim.h>
+#include <polkit/polkitauthorizationresult.h>
+#include <polkit/polkituser.h>
+#include <polkit/polkitprocess.h>
+#include <polkit/polkitactiondescription.h>
+#undef _POLKIT_INSIDE_POLKIT_H
+
+#endif /* __POLKIT_H */
+
+
diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c
new file mode 100644
index 0000000..2a8d5b7
--- /dev/null
+++ b/src/polkit/polkitactiondescription.c
@@ -0,0 +1,1112 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <string.h>
+#include "polkitactiondescription.h"
+
+/**
+ * SECTION:polkitactiondescription
+ * @short_description: Description of an action
+ * @include: polkit/polkit.h
+ *
+ * Describes an action.
+ */
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+struct _PolkitActionDescriptionPrivate
+{
+ char *action_id;
+ GIcon *icon;
+ char *description;
+ char *message;
+ char *vendor_name;
+ char *vendor_url;
+ GHashTable *annotations;
+};
+
+enum {
+ PROP_0,
+ PROP_ACTION_ID,
+ PROP_ICON,
+ PROP_DESCRIPTION,
+ PROP_MESSAGE,
+ PROP_VENDOR_NAME,
+ PROP_VENDOR_URL,
+ PROP_ANNOTATIONS,
+};
+
+
+G_DEFINE_TYPE (PolkitActionDescription, polkit_action_description, G_TYPE_OBJECT)
+
+#define POLKIT_ACTION_DESCRIPTION_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionPrivate))
+
+static void
+polkit_action_description_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitActionDescription *action_description = POLKIT_ACTION_DESCRIPTION (object);
+
+ switch (prop_id) {
+ case PROP_ACTION_ID:
+ g_value_set_string (value, action_description->priv->action_id);
+ break;
+
+ case PROP_ICON:
+ g_value_set_object (value, action_description->priv->icon);
+ break;
+
+ case PROP_DESCRIPTION:
+ g_value_set_string (value, action_description->priv->description);
+ break;
+
+ case PROP_MESSAGE:
+ g_value_set_string (value, action_description->priv->message);
+ break;
+
+ case PROP_VENDOR_NAME:
+ g_value_set_string (value, action_description->priv->vendor_name);
+ break;
+
+ case PROP_VENDOR_URL:
+ g_value_set_string (value, action_description->priv->vendor_url);
+ break;
+
+ case PROP_ANNOTATIONS:
+ g_value_set_boxed (value, action_description->priv->annotations);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_action_description_init (PolkitActionDescription *action_description)
+{
+ action_description->priv = POLKIT_ACTION_DESCRIPTION_GET_PRIVATE (action_description);
+ action_description->priv->annotations = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+}
+
+static void
+polkit_action_description_finalize (GObject *object)
+{
+ PolkitActionDescription *action_description;
+
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_ACTION_DESCRIPTION (object));
+
+ action_description = POLKIT_ACTION_DESCRIPTION (object);
+
+ if (action_description->priv->icon != NULL)
+ g_object_unref (action_description->priv->icon);
+ g_free (action_description->priv->action_id);
+ g_free (action_description->priv->description);
+ g_free (action_description->priv->message);
+ g_free (action_description->priv->vendor_name);
+ g_free (action_description->priv->vendor_url);
+ g_hash_table_unref (action_description->priv->annotations);
+
+ G_OBJECT_CLASS (polkit_action_description_parent_class)->finalize (object);
+}
+
+static void
+polkit_action_description_class_init (PolkitActionDescriptionClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->get_property = polkit_action_description_get_property;
+ object_class->finalize = polkit_action_description_finalize;
+
+ /**
+ * PolkitActionDescription:action-id:
+ *
+ * The action id for the action being described.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ACTION_ID,
+ g_param_spec_string ("action-id",
+ "action-id",
+ "The action identifier for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:icon:
+ *
+ * The icon for the action being described.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ICON,
+ g_param_spec_object ("icon",
+ "icon",
+ "The icon for the action",
+ G_TYPE_ICON,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:description:
+ *
+ * A localized human readable description of the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_DESCRIPTION,
+ g_param_spec_string ("description",
+ "description",
+ "Description of action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:message:
+ *
+ * A localized human readable message to display to the user
+ * when he lacks an authorization for the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_MESSAGE,
+ g_param_spec_string ("message",
+ "message",
+ "Message for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:vendor-name:
+ *
+ * The name of the organization supplying the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_VENDOR_NAME,
+ g_param_spec_string ("vendor-name",
+ "vendor-name",
+ "Vendor for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:vendor-url:
+ *
+ * An URL (Uniform Resource Locator) describing the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_VENDOR_URL,
+ g_param_spec_string ("vendor-url",
+ "vendor-url",
+ "Vendor URL for the action",
+ NULL,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitActionDescription:annotations:
+ *
+ * A set of key/value pairs giving more information about the action.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ANNOTATIONS,
+ g_param_spec_boxed ("annotations",
+ "annotations",
+ "Annotations for the action",
+ G_TYPE_HASH_TABLE,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ g_type_class_add_private (klass, sizeof (PolkitActionDescriptionPrivate));
+}
+
+const gchar *
+polkit_action_description_get_action_id (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->action_id;
+}
+
+GIcon *
+polkit_action_description_get_icon (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ if (action_description->priv->icon != NULL)
+ return g_object_ref (action_description->priv->icon);
+ return NULL;
+}
+
+const gchar *
+polkit_action_description_get_description (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->description;
+}
+
+const gchar *
+polkit_action_description_get_message (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->message;
+}
+
+const gchar *
+polkit_action_description_get_vendor_name (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->vendor_name;
+}
+
+const gchar *
+polkit_action_description_get_vendor_url (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->vendor_url;
+}
+
+GHashTable *
+polkit_action_description_get_annotations (PolkitActionDescription *action_description)
+{
+ g_return_val_if_fail (POLKIT_IS_ACTION_DESCRIPTION (action_description), NULL);
+ return action_description->priv->annotations;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+#include <expat.h> /* TODO: move to separate file */
+
+enum {
+ STATE_NONE,
+ STATE_UNKNOWN_TAG,
+ STATE_IN_POLICY_CONFIG,
+ STATE_IN_POLICY_VENDOR,
+ STATE_IN_POLICY_VENDOR_URL,
+ STATE_IN_POLICY_ICON_NAME,
+ STATE_IN_ACTION,
+ STATE_IN_ACTION_DESCRIPTION,
+ STATE_IN_ACTION_MESSAGE,
+ STATE_IN_ACTION_VENDOR,
+ STATE_IN_ACTION_VENDOR_URL,
+ STATE_IN_ACTION_ICON_NAME,
+ STATE_IN_DEFAULTS,
+ STATE_IN_DEFAULTS_ALLOW_ANY,
+ STATE_IN_DEFAULTS_ALLOW_INACTIVE,
+ STATE_IN_DEFAULTS_ALLOW_ACTIVE,
+ STATE_IN_ANNOTATE
+};
+
+#define PARSER_MAX_DEPTH 32
+
+typedef struct {
+ XML_Parser parser;
+ int state;
+ int state_stack[PARSER_MAX_DEPTH];
+ int stack_depth;
+
+ const char *path;
+
+ char *global_vendor;
+ char *global_vendor_url;
+ char *global_icon_name;
+
+ char *action_id;
+ char *vendor;
+ char *vendor_url;
+ char *icon_name;
+
+ //PolKitResult defaults_allow_any;
+ //PolKitResult defaults_allow_inactive;
+ //PolKitResult defaults_allow_active;
+
+ GHashTable *policy_descriptions;
+ GHashTable *policy_messages;
+
+ char *policy_description_nolang;
+ char *policy_message_nolang;
+
+ /* the language according to $LANG (e.g. en_US, da_DK, fr, en_CA minus the encoding) */
+ char *lang;
+
+ /* the value of xml:lang for the thing we're reading in _cdata() */
+ char *elem_lang;
+
+ char *annotate_key;
+ GHashTable *annotations;
+
+ PolKitActionDescriptionForeachFunc cb;
+ void *user_data;
+} ParserData;
+
+static void
+pd_unref_action_data (ParserData *pd)
+{
+ g_free (pd->action_id);
+ pd->action_id = NULL;
+
+ g_free (pd->vendor);
+ pd->vendor = NULL;
+ g_free (pd->vendor_url);
+ pd->vendor_url = NULL;
+ g_free (pd->icon_name);
+ pd->icon_name = NULL;
+
+ g_free (pd->policy_description_nolang);
+ pd->policy_description_nolang = NULL;
+ g_free (pd->policy_message_nolang);
+ pd->policy_message_nolang = NULL;
+ if (pd->policy_descriptions != NULL) {
+ g_hash_table_unref (pd->policy_descriptions);
+ pd->policy_descriptions = NULL;
+ }
+ if (pd->policy_messages != NULL) {
+ g_hash_table_unref (pd->policy_messages);
+ pd->policy_messages = NULL;
+ }
+ g_free (pd->annotate_key);
+ pd->annotate_key = NULL;
+ if (pd->annotations != NULL) {
+ g_hash_table_unref (pd->annotations);
+ pd->annotations = NULL;
+ }
+ g_free (pd->elem_lang);
+ pd->elem_lang = NULL;
+}
+
+static void
+pd_unref_data (ParserData *pd)
+{
+ pd_unref_action_data (pd);
+ g_free (pd->lang);
+ pd->lang = NULL;
+
+ g_free (pd->global_vendor);
+ pd->global_vendor = NULL;
+ g_free (pd->global_vendor_url);
+ pd->global_vendor_url = NULL;
+ g_free (pd->global_icon_name);
+ pd->global_icon_name = NULL;
+}
+
+static void
+_start (void *data, const char *el, const char **attr)
+{
+ int state;
+ int num_attr;
+ ParserData *pd = data;
+
+ for (num_attr = 0; attr[num_attr] != NULL; num_attr++)
+ ;
+
+ state = STATE_NONE;
+
+ switch (pd->state) {
+ case STATE_NONE:
+ if (strcmp (el, "policyconfig") == 0) {
+ state = STATE_IN_POLICY_CONFIG;
+ }
+ break;
+ case STATE_IN_POLICY_CONFIG:
+ if (strcmp (el, "action") == 0) {
+ if (num_attr != 2 || strcmp (attr[0], "id") != 0)
+ goto error;
+ state = STATE_IN_ACTION;
+
+ //if (!polkit_action_validate_id (attr[1]))
+ // goto error;
+
+ pd_unref_action_data (pd);
+ pd->action_id = g_strdup (attr[1]);
+ pd->policy_descriptions = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+ pd->policy_messages = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+ /* initialize defaults */
+ //pd->defaults_allow_any = POLKIT_RESULT_NO;
+ //pd->defaults_allow_inactive = POLKIT_RESULT_NO;
+ //pd->defaults_allow_active = POLKIT_RESULT_NO;
+ } else if (strcmp (el, "vendor") == 0 && num_attr == 0) {
+ state = STATE_IN_POLICY_VENDOR;
+ } else if (strcmp (el, "vendor_url") == 0 && num_attr == 0) {
+ state = STATE_IN_POLICY_VENDOR_URL;
+ } else if (strcmp (el, "icon_name") == 0 && num_attr == 0) {
+ state = STATE_IN_POLICY_ICON_NAME;
+ }
+ break;
+ case STATE_IN_ACTION:
+ if (strcmp (el, "defaults") == 0) {
+ state = STATE_IN_DEFAULTS;
+ } else if (strcmp (el, "description") == 0) {
+ if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
+ pd->elem_lang = g_strdup (attr[1]);
+ }
+ state = STATE_IN_ACTION_DESCRIPTION;
+ } else if (strcmp (el, "message") == 0) {
+ if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
+ pd->elem_lang = g_strdup (attr[1]);
+ }
+ state = STATE_IN_ACTION_MESSAGE;
+ } else if (strcmp (el, "vendor") == 0 && num_attr == 0) {
+ state = STATE_IN_ACTION_VENDOR;
+ } else if (strcmp (el, "vendor_url") == 0 && num_attr == 0) {
+ state = STATE_IN_ACTION_VENDOR_URL;
+ } else if (strcmp (el, "icon_name") == 0 && num_attr == 0) {
+ state = STATE_IN_ACTION_ICON_NAME;
+ } else if (strcmp (el, "annotate") == 0) {
+ if (num_attr != 2 || strcmp (attr[0], "key") != 0)
+ goto error;
+ state = STATE_IN_ANNOTATE;
+
+ g_free (pd->annotate_key);
+ pd->annotate_key = g_strdup (attr[1]);
+ }
+ break;
+ case STATE_IN_DEFAULTS:
+ if (strcmp (el, "allow_any") == 0)
+ state = STATE_IN_DEFAULTS_ALLOW_ANY;
+ else if (strcmp (el, "allow_inactive") == 0)
+ state = STATE_IN_DEFAULTS_ALLOW_INACTIVE;
+ else if (strcmp (el, "allow_active") == 0)
+ state = STATE_IN_DEFAULTS_ALLOW_ACTIVE;
+ break;
+ default:
+ break;
+ }
+
+ if (state == STATE_NONE) {
+ g_warning ("skipping unknown tag <%s> at line %d of %s",
+ el, (int) XML_GetCurrentLineNumber (pd->parser), pd->path);
+ state = STATE_UNKNOWN_TAG;
+ }
+
+ pd->state = state;
+ pd->state_stack[pd->stack_depth] = pd->state;
+ pd->stack_depth++;
+ return;
+error:
+ XML_StopParser (pd->parser, FALSE);
+}
+
+static polkit_bool_t
+_validate_icon_name (const char *icon_name)
+{
+ unsigned int n;
+ polkit_bool_t ret;
+ size_t len;
+
+ ret = FALSE;
+
+ len = strlen (icon_name);
+
+ /* check for common suffixes */
+ if (g_str_has_suffix (icon_name, ".png"))
+ goto out;
+ if (g_str_has_suffix (icon_name, ".jpg"))
+ goto out;
+
+ /* icon name cannot be a path */
+ for (n = 0; n < len; n++) {
+ if (icon_name [n] == '/') {
+ goto out;
+ }
+ }
+
+ ret = TRUE;
+
+out:
+ return ret;
+}
+
+static void
+_cdata (void *data, const char *s, int len)
+{
+ char *str;
+ ParserData *pd = data;
+
+ str = g_strndup (s, len);
+
+ switch (pd->state) {
+
+ case STATE_IN_ACTION_DESCRIPTION:
+ if (pd->elem_lang == NULL) {
+ g_free (pd->policy_description_nolang);
+ pd->policy_description_nolang = str;
+ str = NULL;
+ } else {
+ g_hash_table_insert (pd->policy_descriptions,
+ g_strdup (pd->elem_lang),
+ str);
+ str = NULL;
+ }
+ break;
+
+ case STATE_IN_ACTION_MESSAGE:
+ if (pd->elem_lang == NULL) {
+ g_free (pd->policy_message_nolang);
+ pd->policy_message_nolang = str;
+ str = NULL;
+ } else {
+ g_hash_table_insert (pd->policy_messages,
+ g_strdup (pd->elem_lang),
+ str);
+ str = NULL;
+ }
+ break;
+
+ case STATE_IN_POLICY_VENDOR:
+ g_free (pd->global_vendor);
+ pd->global_vendor = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_POLICY_VENDOR_URL:
+ g_free (pd->global_vendor_url);
+ pd->global_vendor_url = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_POLICY_ICON_NAME:
+ if (! _validate_icon_name (str)) {
+ g_warning ("Icon name '%s' is invalid", str);
+ goto error;
+ }
+
+ g_free (pd->global_icon_name);
+ pd->global_icon_name = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_ACTION_VENDOR:
+ g_free (pd->vendor);
+ pd->vendor = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_ACTION_VENDOR_URL:
+ g_free (pd->vendor_url);
+ pd->vendor_url = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_ACTION_ICON_NAME:
+ if (! _validate_icon_name (str)) {
+ kit_warning ("Icon name '%s' is invalid", str);
+ goto error;
+ }
+
+ g_free (pd->icon_name);
+ pd->icon_name = str;
+ str = NULL;
+ break;
+
+ case STATE_IN_DEFAULTS_ALLOW_ANY:
+ //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any))
+ // goto error;
+ break;
+ case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
+ //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive))
+ // goto error;
+ break;
+ case STATE_IN_DEFAULTS_ALLOW_ACTIVE:
+ //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active))
+ // goto error;
+ break;
+
+ case STATE_IN_ANNOTATE:
+ if (pd->annotations == NULL) {
+ pd->annotations = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+ }
+ g_hash_table_insert (pd->annotations,
+ g_strdup (pd->annotate_key),
+ str);
+ str = NULL;
+ break;
+
+ default:
+ break;
+ }
+ g_free (str);
+ return;
+error:
+ g_free (str);
+ XML_StopParser (pd->parser, FALSE);
+}
+
+/**
+ * _localize:
+ * @translations: a mapping from xml:lang to the value, e.g. 'da' -> 'Smadre', 'en_CA' -> 'Punch, Aye!'
+ * @untranslated: the untranslated value, e.g. 'Punch'
+ * @lang: the locale we're interested in, e.g. 'da_DK', 'da', 'en_CA', 'en_US'; basically just $LANG
+ * with the encoding cut off. Maybe be NULL.
+ *
+ * Pick the correct translation to use.
+ *
+ * Returns: the localized string to use
+ */
+static const char *
+_localize (GHashTable *translations,
+ const char *untranslated,
+ const char *lang)
+{
+ const char *result;
+ char lang2[256];
+ int n;
+
+ if (lang == NULL) {
+ result = untranslated;
+ goto out;
+ }
+
+ /* first see if we have the translation */
+ result = (const char *) g_hash_table_lookup (translations, (void *) lang);
+ if (result != NULL)
+ goto out;
+
+ /* we could have a translation for 'da' but lang=='da_DK'; cut off the last part and try again */
+ strncpy (lang2, lang, sizeof (lang2));
+ for (n = 0; lang2[n] != '\0'; n++) {
+ if (lang2[n] == '_') {
+ lang2[n] = '\0';
+ break;
+ }
+ }
+ result = (const char *) kit_hash_lookup (translations, (void *) lang2);
+ if (result != NULL)
+ goto out;
+
+ /* fall back to untranslated */
+ result = untranslated;
+out:
+ return result;
+}
+
+static void
+_end (void *data, const char *el)
+{
+ ParserData *pd = data;
+
+ g_free (pd->elem_lang);
+ pd->elem_lang = NULL;
+
+ switch (pd->state) {
+ case STATE_IN_ACTION:
+ {
+ const char *policy_description;
+ const char *policy_message;
+ //PolKitActionDescription *pfe;
+ char *vendor;
+ char *vendor_url;
+ char *icon_name;
+
+ vendor = pd->vendor;
+ if (vendor == NULL)
+ vendor = pd->global_vendor;
+
+ vendor_url = pd->vendor_url;
+ if (vendor_url == NULL)
+ vendor_url = pd->global_vendor_url;
+
+ icon_name = pd->icon_name;
+ if (icon_name == NULL)
+ icon_name = pd->global_icon_name;
+
+#if 0
+ /* NOTE: caller takes ownership of the annotations object */
+ pfe = _polkit_action_description_new (pd->action_id,
+ vendor,
+ vendor_url,
+ icon_name,
+ pd->defaults_allow_any,
+ pd->defaults_allow_inactive,
+ pd->defaults_allow_active,
+ pd->annotations);
+ if (pfe == NULL)
+ goto oom;
+#else
+ g_hash_table_unref (pd->annotations);
+#endif
+
+ pd->annotations = NULL;
+
+ policy_description = _localize (pd->policy_descriptions, pd->policy_description_nolang, pd->lang);
+ policy_message = _localize (pd->policy_messages, pd->policy_message_nolang, pd->lang);
+
+#if 0
+ if (!_polkit_action_description_set_descriptions (pfe,
+ policy_description,
+ policy_message)) {
+ polkit_action_description_unref (pfe);
+ goto oom;
+ }
+#endif
+
+#if 0
+ if (pd->cb (pfe, pd->user_data)) {
+ /* TODO: short-circuit */
+ }
+#endif
+
+ /* and now throw it all away! (eh, don't worry, the user have probably reffed it!) */
+ //polkit_action_description_unref (pfe);
+ break;
+ }
+ default:
+ break;
+ }
+
+ --pd->stack_depth;
+ if (pd->stack_depth < 0 || pd->stack_depth >= PARSER_MAX_DEPTH) {
+ polkit_debug ("reached max depth?");
+ goto error;
+ }
+ if (pd->stack_depth > 0)
+ pd->state = pd->state_stack[pd->stack_depth - 1];
+ else
+ pd->state = STATE_NONE;
+
+ return;
+oom:
+ pd->is_oom = 1;
+error:
+ XML_StopParser (pd->parser, FALSE);
+}
+
+
+/**
+ * polkit_action_description_get_from_file:
+ * @path: path to file, e.g. <literal>/usr/share/polkit-1/actions/org.freedesktop.policykit.policy</literal>
+ * @cb: callback function
+ * @user_data: user data
+ * @error: return location for error
+ *
+ * Load a .policy file and iterate over all entries.
+ *
+ * Returns: #TRUE if @cb short-circuited the iteration. If there was
+ * an error parsing @file, then @error will be set.
+ **/
+polkit_bool_t
+polkit_action_description_get_from_file (const char *path,
+ PolKitActionDescriptionForeachFunc cb,
+ void *user_data,
+ PolKitError **error)
+{
+ ParserData pd;
+ int xml_res;
+ char *lang;
+ char *buf;
+ size_t buflen;
+
+ buf = NULL;
+
+ /* clear parser data */
+ memset (&pd, 0, sizeof (ParserData));
+
+ if (!kit_str_has_suffix (path, ".policy")) {
+ polkit_error_set_error (error,
+ POLKIT_ERROR_POLICY_FILE_INVALID,
+ "Policy files must have extension .policy; file '%s' doesn't", path);
+ goto error;
+ }
+
+ if (!kit_file_get_contents (path, &buf, &buflen)) {
+ if (errno == ENOMEM) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Cannot load PolicyKit policy file at '%s': %s",
+ path,
+ "No memory for parser");
+ } else {
+ polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
+ "Cannot load PolicyKit policy file at '%s': %m",
+ path);
+ }
+ goto error;
+ }
+
+ pd.path = path;
+ pd.cb = cb;
+ pd.user_data = user_data;
+
+/* #ifdef POLKIT_BUILD_TESTS
+ TODO: expat appears to leak on certain OOM paths
+*/
+#if 0
+ XML_Memory_Handling_Suite memsuite = {p_malloc, p_realloc, kit_free};
+ pd.parser = XML_ParserCreate_MM (NULL, &memsuite, NULL);
+#else
+ pd.parser = XML_ParserCreate (NULL);
+#endif
+ pd.stack_depth = 0;
+ if (pd.parser == NULL) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Cannot load PolicyKit policy file at '%s': %s",
+ path,
+ "No memory for parser");
+ goto error;
+ }
+ XML_SetUserData (pd.parser, &pd);
+ XML_SetElementHandler (pd.parser, _start, _end);
+ XML_SetCharacterDataHandler (pd.parser, _cdata);
+
+ /* init parser data */
+ pd.state = STATE_NONE;
+ lang = getenv ("LANG");
+ if (lang != NULL) {
+ int n;
+ pd.lang = kit_strdup (lang);
+ if (pd.lang == NULL) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Cannot load PolicyKit policy file at '%s': No memory for lang",
+ path);
+ goto error;
+ }
+ for (n = 0; pd.lang[n] != '\0'; n++) {
+ if (pd.lang[n] == '.') {
+ pd.lang[n] = '\0';
+ break;
+ }
+ }
+ }
+
+ xml_res = XML_Parse (pd.parser, buf, buflen, 1);
+
+ if (xml_res == 0) {
+ if (XML_GetErrorCode (pd.parser) == XML_ERROR_NO_MEMORY) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Out of memory parsing %s",
+ path);
+ } else if (pd.is_oom) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Out of memory parsing %s",
+ path);
+ } else {
+ polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
+ "%s:%d: parse error: %s",
+ path,
+ (int) XML_GetCurrentLineNumber (pd.parser),
+ XML_ErrorString (XML_GetErrorCode (pd.parser)));
+ }
+ XML_ParserFree (pd.parser);
+ goto error;
+ }
+
+ XML_ParserFree (pd.parser);
+ kit_free (buf);
+ pd_unref_data (&pd);
+
+ return FALSE; /* TODO */
+error:
+ pd_unref_data (&pd);
+ kit_free (buf);
+ return FALSE; /* TODO */
+}
+
+
+GList *
+polkit_action_description_new_from_file (GFile *file,
+ GCancellable *cancellable,
+ GError **error)
+{
+ ParserData pd;
+ char *contents;
+ gsize contents_len;
+ GList *ret;
+
+ g_return_val_if_fail (G_IS_FILE (file), NULL);
+
+ ret = NULL;
+ contents = NULL;
+ parse_context = NULL;
+
+ parser.error = parse_error;
+
+ parser_data = parser_data_new (&ret);
+
+ if (!g_file_load_contents (file,
+ cancellable,
+ &contents,
+ &contents_len,
+ NULL,
+ error)) {
+ goto out;
+ }
+
+ g_warning ("need to parse '%s' %d", contents, contents_len);
+
+
+ /* clear parser data */
+ memset (&pd, 0, sizeof (ParserData));
+
+ pd.parser = XML_ParserCreate (NULL);
+
+ XML_SetUserData (pd.parser, &pd);
+ XML_SetElementHandler (pd.parser, _start, _end);
+ XML_SetCharacterDataHandler (pd.parser, _cdata);
+
+ /* init parser data */
+ pd.state = STATE_NONE;
+ lang = getenv ("LANG");
+ if (lang != NULL) {
+ int n;
+ pd.lang = kit_strdup (lang);
+ if (pd.lang == NULL) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Cannot load PolicyKit policy file at '%s': No memory for lang",
+ path);
+ goto error;
+ }
+ for (n = 0; pd.lang[n] != '\0'; n++) {
+ if (pd.lang[n] == '.') {
+ pd.lang[n] = '\0';
+ break;
+ }
+ }
+ }
+
+ xml_res = XML_Parse (pd.parser, buf, buflen, 1);
+
+ if (xml_res == 0) {
+ if (XML_GetErrorCode (pd.parser) == XML_ERROR_NO_MEMORY) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Out of memory parsing %s",
+ path);
+ } else if (pd.is_oom) {
+ polkit_error_set_error (error, POLKIT_ERROR_OUT_OF_MEMORY,
+ "Out of memory parsing %s",
+ path);
+ } else {
+ polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
+ "%s:%d: parse error: %s",
+ path,
+ (int) XML_GetCurrentLineNumber (pd.parser),
+ XML_ErrorString (XML_GetErrorCode (pd.parser)));
+ }
+ XML_ParserFree (pd.parser);
+ goto error;
+ }
+
+ XML_ParserFree (pd.parser);
+ kit_free (buf);
+ pd_unref_data (&pd);
+
+ out:
+ g_free (contents);
+ return ret;
+}
+
+GList *
+polkit_action_description_new_from_directory (GFile *directory,
+ GCancellable *cancellable,
+ GError **error)
+{
+ GFileEnumerator *e;
+ GError *local_error;
+ GFileInfo *file_info;
+ GList *ret;
+
+ g_return_val_if_fail (G_IS_FILE (directory), NULL);
+
+ ret = NULL;
+
+ local_error = NULL;
+ e = g_file_enumerate_children (directory,
+ "standard::*",
+ G_FILE_QUERY_INFO_NONE,
+ NULL,
+ &local_error);
+ if (local_error != NULL) {
+ g_propagate_error (error, local_error);
+ goto out;
+ }
+
+ while ((file_info = g_file_enumerator_next_file (e, NULL, &local_error)) != NULL) {
+ const char *name;
+ GFile *file;
+
+ name = g_file_info_get_name (file_info);
+ /* only consider files with the right suffix */
+ if (g_str_has_suffix (name, ".policy")) {
+ GList *descs_from_file;
+
+ file = g_file_get_child (directory, name);
+
+ descs_from_file = polkit_action_description_new_from_file (file,
+ cancellable,
+ &local_error);
+ if (local_error != NULL) {
+ g_list_foreach (ret, (GFunc) g_object_unref, NULL);
+ g_list_free (ret);
+ ret = NULL;
+
+ g_propagate_error (error, local_error);
+ goto out;
+ }
+
+ ret = g_list_concat (ret, descs_from_file);
+
+ g_object_unref (file);
+ }
+ g_object_unref (file_info);
+ }
+
+ if (local_error != NULL) {
+ g_list_foreach (ret, (GFunc) g_object_unref, NULL);
+ g_list_free (ret);
+ ret = NULL;
+
+ g_propagate_error (error, local_error);
+ goto out;
+ }
+
+ out:
+ if (e != NULL)
+ g_object_unref (e);
+ return ret;
+}
+
diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h
new file mode 100644
index 0000000..f60fb99
--- /dev/null
+++ b/src/polkit/polkitactiondescription.h
@@ -0,0 +1,75 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_ACTION_DESCRIPTION_H__
+#define __POLKIT_ACTION_DESCRIPTION_H__
+
+#include <glib-object.h>
+#include <gio/gio.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_ACTION_DESCRIPTION (polkit_action_description_get_type ())
+#define POLKIT_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescription))
+#define POLKIT_ACTION_DESCRIPTION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionClass))
+#define POLKIT_IS_ACTION_DESCRIPTION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_ACTION_DESCRIPTION))
+#define POLKIT_IS_ACTION_DESCRIPTION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_ACTION_DESCRIPTION))
+#define POLKIT_ACTION_DESCRIPTION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_ACTION_DESCRIPTION, PolkitActionDescriptionClass))
+
+typedef struct _PolkitActionDescription PolkitActionDescription;
+typedef struct _PolkitActionDescriptionClass PolkitActionDescriptionClass;
+typedef struct _PolkitActionDescriptionPrivate PolkitActionDescriptionPrivate;
+
+struct _PolkitActionDescription
+{
+ GObject parent_instance;
+ PolkitActionDescriptionPrivate *priv;
+};
+
+struct _PolkitActionDescriptionClass
+{
+ GObjectClass parent_class;
+};
+
+GType polkit_action_description_get_type (void) G_GNUC_CONST;
+GList * polkit_action_description_new_from_file (GFile *file,
+ GCancellable *cancellable,
+ GError **error);
+GList * polkit_action_description_new_from_directory (GFile *directory,
+ GCancellable *cancellable,
+ GError **error);
+const gchar * polkit_action_description_get_action_id (PolkitActionDescription *action_description);
+GIcon * polkit_action_description_get_icon (PolkitActionDescription *action_description);
+const gchar * polkit_action_description_get_description (PolkitActionDescription *action_description);
+const gchar * polkit_action_description_get_message (PolkitActionDescription *action_description);
+const gchar * polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
+const gchar * polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
+GHashTable * polkit_action_description_get_annotations (PolkitActionDescription *action_description);
+
+G_END_DECLS
+
+#endif /* __POLKIT_ACTION_DESCRIPTION_H__ */
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
new file mode 100644
index 0000000..f7c5045
--- /dev/null
+++ b/src/polkit/polkitauthority.c
@@ -0,0 +1,262 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <dbus/dbus-glib.h>
+#include <dbus/dbus-glib-lowlevel.h>
+#include "polkitauthority.h"
+#include "polkitauthorityglue.h"
+#include "polkitserialization.h"
+
+/**
+ * SECTION:polkitauthority
+ * @short_description: Authorization checking and management
+ * @include: polkit/polkit.h
+ *
+ * The #PolkitAuthority class represents an authority that can check
+ * claims made by third parties. Some implementations allow managing
+ * authorizations.
+ */
+
+struct _PolkitAuthorityPrivate
+{
+ DBusGProxy *dbus_proxy;
+};
+
+G_DEFINE_TYPE (PolkitAuthority, polkit_authority, G_TYPE_OBJECT);
+
+#define POLKIT_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_AUTHORITY, PolkitAuthorityPrivate))
+
+enum {
+ CHANGED_SIGNAL,
+ LAST_SIGNAL,
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
+static void
+polkit_authority_finalize (GObject *object)
+{
+ PolkitAuthority *authority;
+
+ authority = POLKIT_AUTHORITY (object);
+
+ if (authority->priv->dbus_proxy != NULL)
+ g_object_unref (authority->priv->dbus_proxy);
+
+ G_OBJECT_CLASS (polkit_authority_parent_class)->finalize (object);
+}
+
+static void
+polkit_authority_class_init (PolkitAuthorityClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_authority_finalize;
+
+ /**
+ * PolkitAuthority::changed:
+ * @authority: a #PolkitAuthority.
+ *
+ * Emitted when something on @authority changes.
+ */
+ signals[CHANGED_SIGNAL] = g_signal_new ("changed",
+ POLKIT_TYPE_AUTHORITY,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (PolkitAuthorityClass, changed),
+ NULL,
+ NULL,
+ g_cclosure_marshal_VOID__VOID,
+ G_TYPE_NONE,
+ 0);
+
+ g_type_class_add_private (klass, sizeof (PolkitAuthorityPrivate));
+}
+
+
+static void
+polkit_authority_init (PolkitAuthority *authority)
+{
+ authority->priv = POLKIT_AUTHORITY_GET_PRIVATE (authority);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+say_hello_cb (DBusGProxy *dbus_proxy,
+ char *result,
+ GError *error,
+ gpointer user_data)
+{
+ GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
+ if (error != NULL)
+ g_simple_async_result_set_from_error (simple, error);
+ else
+ g_simple_async_result_set_op_res_gpointer (simple, result, NULL);
+ g_simple_async_result_complete (simple);
+}
+
+void
+polkit_authority_say_hello (PolkitAuthority *authority,
+ const gchar *name,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_say_hello);
+
+ org_freedesktop_PolicyKit1_Authority_say_hello_async (authority->priv->dbus_proxy,
+ name,
+ say_hello_cb,
+ simple);
+}
+
+gchar *
+polkit_authority_say_hello_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (res);
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_say_hello);
+ g_simple_async_result_propagate_error (simple, error);
+ return g_simple_async_result_get_op_res_gpointer (simple);
+}
+
+/**
+ * polkit_authority_say_hello_sync:
+ * @authority: A #PolkitAuthority.
+ * @name: A name to say hello to.
+ * @cancellable: A #GCancellable or %NULL.
+ * @error: Return location for error.
+ *
+ * Says hello to @name.
+ *
+ * Returns: %NULL if @error is set, otherwise a newly allocated string
+ * containing the greeting, free with g_free().
+ **/
+gchar *
+polkit_authority_say_hello_sync (PolkitAuthority *authority,
+ const gchar *name,
+ GCancellable *cancellable,
+ GError **error)
+{
+ gchar *result;
+
+ if (org_freedesktop_PolicyKit1_Authority_say_hello (authority->priv->dbus_proxy,
+ name,
+ &result,
+ error)) {
+ return result;
+ } else {
+ return NULL;
+ }
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+PolkitAuthorizationResult
+polkit_authority_check_claims_sync (PolkitAuthority *authority,
+ GList *claims,
+ GCancellable *cancellable,
+ GError **error)
+{
+ PolkitAuthorizationResult result;
+ char *result_str;
+ GPtrArray *p;
+
+ result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+
+ p = _serialize_ptr_array_from_obj_list
+ (claims,
+ (PolkitSerializeFromObjectFunc) _authorization_claim_to_value);
+
+ if (org_freedesktop_PolicyKit1_Authority_check_claims (authority->priv->dbus_proxy,
+ p,
+ &result_str,
+ error)) {
+ result = _authorization_result_from_string (result_str);
+ }
+
+ _free_serialized_obj_ptr_array (p);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static PolkitAuthority *
+_polkit_authority_new (DBusGConnection *connection,
+ const gchar *service_name,
+ const gchar *object_path)
+{
+ PolkitAuthority *authority;
+
+ authority = POLKIT_AUTHORITY (g_object_new (POLKIT_TYPE_AUTHORITY, NULL));
+ authority->priv->dbus_proxy = dbus_g_proxy_new_for_name (connection,
+ service_name,
+ object_path,
+ "org.freedesktop.PolicyKit1.Authority");
+
+ return authority;
+}
+
+/**
+ * polkit_authority_get:
+ *
+ * Gets the default authority for checking claims.
+ *
+ * Returns: A reference to a #PolkitAuthority instance. Call
+ * g_object_unref() to free it.
+ **/
+PolkitAuthority *
+polkit_authority_get (void)
+{
+ PolkitAuthority *authority;
+ DBusGConnection *bus;
+ GError *error;
+
+ bus = NULL;
+ authority = NULL;
+
+ error = NULL;
+ bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
+ if (bus == NULL) {
+ g_warning ("Couldn't connect to system bus: %s", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ authority = _polkit_authority_new (bus,
+ "org.freedesktop.PolicyKit1",
+ "/authority");
+
+ out:
+ if (bus != NULL)
+ dbus_g_connection_unref (bus);
+ return authority;
+}
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
new file mode 100644
index 0000000..cd2914b
--- /dev/null
+++ b/src/polkit/polkitauthority.h
@@ -0,0 +1,106 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_AUTHORITY_H
+#define __POLKIT_AUTHORITY_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkitauthorizationclaim.h>
+#include <polkit/polkitauthorizationresult.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_AUTHORITY (polkit_authority_get_type ())
+#define POLKIT_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORITY, PolkitAuthority))
+#define POLKIT_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_AUTHORITY, PolkitAuthorityClass))
+#define POLKIT_AUTHORITY_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORITY,PolkitAuthorityClass))
+#define POLKIT_IS_AUTHORITY(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORITY))
+#define POLKIT_IS_AUTHORITY_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORITY))
+
+typedef struct _PolkitAuthority PolkitAuthority;
+typedef struct _PolkitAuthorityPrivate PolkitAuthorityPrivate;
+typedef struct _PolkitAuthorityClass PolkitAuthorityClass;
+
+struct _PolkitAuthority
+{
+ GObject parent_instance;
+
+ /*< private >*/
+ PolkitAuthorityPrivate *priv;
+};
+
+struct _PolkitAuthorityClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /* signals */
+ void (* changed) (PolkitAuthority *authority);
+
+ /*< private >*/
+
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_authority_get_type (void) G_GNUC_CONST;
+
+void polkit_authority_say_hello (PolkitAuthority *authority,
+ const gchar *name,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gchar *polkit_authority_say_hello_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+gchar *polkit_authority_say_hello_sync (PolkitAuthority *authority,
+ const gchar *name,
+ GCancellable *cancellable,
+ GError **error);
+
+PolkitAuthorizationResult polkit_authority_check_claims_sync (PolkitAuthority *authority,
+ GList *claims,
+ GCancellable *cancellable,
+ GError **error);
+
+PolkitAuthority *polkit_authority_get (void);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORITY_H */
+
diff --git a/src/polkit/polkitauthorizationclaim.c b/src/polkit/polkitauthorizationclaim.c
new file mode 100644
index 0000000..1d3d501
--- /dev/null
+++ b/src/polkit/polkitauthorizationclaim.c
@@ -0,0 +1,299 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <string.h>
+#include "polkitauthorizationclaim.h"
+
+/**
+ * SECTION:polkitauthorizationclaim
+ * @short_description: Authorization Claim
+ * @include: polkit/polkit.h
+ *
+ * Represents an authorization claim.
+ */
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+struct _PolkitAuthorizationClaimPrivate
+{
+ PolkitSubject *subject;
+ char *action_id;
+ GHashTable *attributes;
+};
+
+enum {
+ PROP_0,
+ PROP_SUBJECT,
+ PROP_ACTION_ID,
+ PROP_ATTRIBUTES,
+};
+
+
+G_DEFINE_TYPE (PolkitAuthorizationClaim, polkit_authorization_claim, G_TYPE_OBJECT)
+
+#define POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimPrivate))
+
+static void
+polkit_authorization_claim_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+
+ switch (prop_id) {
+ case PROP_SUBJECT:
+ g_value_set_object (value, authorization_claim->priv->subject);
+ break;
+
+ case PROP_ACTION_ID:
+ g_value_set_string (value, authorization_claim->priv->action_id);
+ break;
+
+ case PROP_ATTRIBUTES:
+ g_value_set_boxed (value, authorization_claim->priv->attributes);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_authorization_claim_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitAuthorizationClaim *authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+
+ switch (prop_id) {
+ case PROP_SUBJECT:
+ polkit_authorization_claim_set_subject (authorization_claim, POLKIT_SUBJECT (g_value_get_object (value)));
+ break;
+
+ case PROP_ACTION_ID:
+ polkit_authorization_claim_set_action_id (authorization_claim, g_value_get_string (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_authorization_claim_init (PolkitAuthorizationClaim *authorization_claim)
+{
+ authorization_claim->priv = POLKIT_AUTHORIZATION_CLAIM_GET_PRIVATE (authorization_claim);
+
+ authorization_claim->priv->attributes = g_hash_table_new_full (g_str_hash,
+ g_str_equal,
+ g_free,
+ g_free);
+}
+
+static void
+polkit_authorization_claim_finalize (GObject *object)
+{
+ PolkitAuthorizationClaim *authorization_claim;
+
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (object));
+
+ authorization_claim = POLKIT_AUTHORIZATION_CLAIM (object);
+
+ if (authorization_claim->priv->subject != NULL)
+ g_object_unref (authorization_claim->priv->subject);
+ g_free (authorization_claim->priv->action_id);
+ g_hash_table_unref (authorization_claim->priv->attributes);
+
+ G_OBJECT_CLASS (polkit_authorization_claim_parent_class)->finalize (object);
+}
+
+static void
+polkit_authorization_claim_class_init (PolkitAuthorizationClaimClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->get_property = polkit_authorization_claim_get_property;
+ object_class->set_property = polkit_authorization_claim_set_property;
+ object_class->finalize = polkit_authorization_claim_finalize;
+
+ /**
+ * PolkitAuthorizationClaim:subject:
+ *
+ * The subject making the authorization claim.
+ */
+ g_object_class_install_property (object_class,
+ PROP_SUBJECT,
+ g_param_spec_object ("subject",
+ "subject",
+ "The subject making the authorization claim",
+ POLKIT_TYPE_SUBJECT,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitAuthorizationClaim:action-id:
+ *
+ * The action id for the authorization claim.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ACTION_ID,
+ g_param_spec_string ("action-id",
+ "action-id",
+ "The action for the authorization claim",
+ NULL,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
+ * PolkitAuthorizationClaim:attributes:
+ *
+ * A #GHashTable from strings into the strings containing
+ * attributes for the claim.
+ */
+ g_object_class_install_property (object_class,
+ PROP_ATTRIBUTES,
+ g_param_spec_boxed ("attributes",
+ "attributes",
+ "The attributes for the authorization claim",
+ G_TYPE_HASH_TABLE,
+ G_PARAM_READABLE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ g_type_class_add_private (klass, sizeof (PolkitAuthorizationClaimPrivate));
+}
+
+PolkitSubject *
+polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim)
+{
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ return g_object_ref (authorization_claim->priv->subject);
+}
+
+void
+polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
+ PolkitSubject *subject)
+{
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (POLKIT_IS_SUBJECT (subject));
+
+ if (!polkit_subject_equal (authorization_claim->priv->subject, subject)) {
+ if (authorization_claim->priv->subject != NULL)
+ g_object_unref (authorization_claim->priv->subject);
+ authorization_claim->priv->subject = g_object_ref (subject);
+ }
+}
+
+gchar *
+polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim)
+{
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ return g_strdup (authorization_claim->priv->action_id);
+}
+
+void
+polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *action_id)
+{
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (action_id != NULL);
+
+ if (authorization_claim->priv->action_id == NULL ||
+ strcmp (authorization_claim->priv->action_id, action_id) != 0) {
+ g_free (authorization_claim->priv->action_id);
+ authorization_claim->priv->action_id = g_strdup (action_id);
+ g_object_notify (G_OBJECT (authorization_claim), "action-id");
+ }
+}
+
+/**
+ * polkit_authorization_claim_get_attributes:
+ * @authorization_claim: A #PolkitAuthorizationClaim.
+ *
+ * Gets the attributes (a #GHashTable mapping strings to strings) for
+ * @authorization_claim.
+ *
+ * Returns: A #GHashTable. Caller should not free it, it is owned by
+ * @authorization_claim.
+ **/
+GHashTable *
+polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim)
+{
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ return authorization_claim->priv->attributes;
+}
+
+char *
+polkit_authorization_claim_get_attribute (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *key)
+{
+ g_return_val_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim), NULL);
+ g_return_val_if_fail (key != NULL, NULL);
+
+ return g_strdup (g_hash_table_lookup (authorization_claim->priv->attributes, key));
+}
+
+void
+polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *key,
+ const gchar *value)
+{
+ g_return_if_fail (POLKIT_IS_AUTHORIZATION_CLAIM (authorization_claim));
+ g_return_if_fail (key != NULL);
+
+ if (value == NULL) {
+ g_hash_table_remove (authorization_claim->priv->attributes, key);
+ } else {
+ g_hash_table_replace (authorization_claim->priv->attributes,
+ g_strdup (key),
+ g_strdup (value));
+ }
+}
+
+
+PolkitAuthorizationClaim *
+polkit_authorization_claim_new (PolkitSubject *subject,
+ const gchar *action_id)
+{
+ PolkitAuthorizationClaim *authorization_claim;
+
+ authorization_claim = POLKIT_AUTHORIZATION_CLAIM (g_object_new (POLKIT_TYPE_AUTHORIZATION_CLAIM,
+ "subject", subject,
+ "action-id", action_id,
+ NULL));
+
+ return authorization_claim;
+}
diff --git a/src/polkit/polkitauthorizationclaim.h b/src/polkit/polkitauthorizationclaim.h
new file mode 100644
index 0000000..b04304b
--- /dev/null
+++ b/src/polkit/polkitauthorizationclaim.h
@@ -0,0 +1,76 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_AUTHORIZATION_CLAIM_H__
+#define __POLKIT_AUTHORIZATION_CLAIM_H__
+
+#include <glib-object.h>
+#include <polkit/polkitsubject.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_AUTHORIZATION_CLAIM (polkit_authorization_claim_get_type ())
+#define POLKIT_AUTHORIZATION_CLAIM(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaim))
+#define POLKIT_AUTHORIZATION_CLAIM_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimClass))
+#define POLKIT_IS_AUTHORIZATION_CLAIM(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM))
+#define POLKIT_IS_AUTHORIZATION_CLAIM_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORIZATION_CLAIM))
+#define POLKIT_AUTHORIZATION_CLAIM_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORIZATION_CLAIM, PolkitAuthorizationClaimClass))
+
+typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim;
+typedef struct _PolkitAuthorizationClaimClass PolkitAuthorizationClaimClass;
+typedef struct _PolkitAuthorizationClaimPrivate PolkitAuthorizationClaimPrivate;
+
+struct _PolkitAuthorizationClaim
+{
+ GObject parent_instance;
+ PolkitAuthorizationClaimPrivate *priv;
+};
+
+struct _PolkitAuthorizationClaimClass
+{
+ GObjectClass parent_class;
+};
+
+GType polkit_authorization_claim_get_type (void) G_GNUC_CONST;
+PolkitAuthorizationClaim * polkit_authorization_claim_new (PolkitSubject *subject,
+ const gchar *action_id);
+PolkitSubject * polkit_authorization_claim_get_subject (PolkitAuthorizationClaim *authorization_claim);
+void polkit_authorization_claim_set_subject (PolkitAuthorizationClaim *authorization_claim,
+ PolkitSubject *subject);
+gchar * polkit_authorization_claim_get_action_id (PolkitAuthorizationClaim *authorization_claim);
+void polkit_authorization_claim_set_action_id (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *action_id);
+GHashTable * polkit_authorization_claim_get_attributes (PolkitAuthorizationClaim *authorization_claim);
+char * polkit_authorization_claim_get_attribute (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *key);
+void polkit_authorization_claim_set_attribute (PolkitAuthorizationClaim *authorization_claim,
+ const gchar *key,
+ const gchar *value);
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORIZATION_CLAIM_H__ */
diff --git a/src/polkit/polkitauthorizationresult.c b/src/polkit/polkitauthorizationresult.c
new file mode 100644
index 0000000..f2d019a
--- /dev/null
+++ b/src/polkit/polkitauthorizationresult.c
@@ -0,0 +1,55 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <polkit/polkitauthorizationresult.h>
+
+/**
+ * SECTION:polkitauthorizationresult
+ * @title: PolkitAuthorizationResult
+ * @short_description: Result of checking a claim
+ * @include: polkit/polkit.h
+ *
+ * The #PolkitAuthorizationResult enumeration is for possible results
+ * when checking whether a claim is authorized.
+ **/
+
+#define ENUM_ENTRY(NAME, DESC) { NAME, "" #NAME "", DESC }
+
+GType
+polkit_authorization_result_get_type (void)
+{
+ static GType etype = 0;
+
+ if (etype == 0)
+ {
+ static const GEnumValue values[] = {
+ ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED, "NotAuthorized"),
+ ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_AUTHORIZED, "Authorized"),
+ ENUM_ENTRY (POLKIT_AUTHORIZATION_RESULT_CHALLENGE, "Challenge"),
+ { 0, 0, 0 }
+ };
+ etype = g_enum_register_static ("PolkitAuthorizationResult", values);
+ }
+ return etype;
+}
diff --git a/src/polkit/polkitauthorizationresult.h b/src/polkit/polkitauthorizationresult.h
new file mode 100644
index 0000000..4c3fda3
--- /dev/null
+++ b/src/polkit/polkitauthorizationresult.h
@@ -0,0 +1,57 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_AUTHORIZATION_RESULT_H
+#define __POLKIT_AUTHORIZATION_RESULT_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_AUTHORIZATION_RESULT (polkit_authorization_result_get_type ())
+
+/**
+ * PolkitAuthorizationResult:
+ * @POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED: Not authorized.
+ * @POLKIT_AUTHORIZATION_RESULT_AUTHORIZED: Authorized.
+ * @POLKIT_AUTHORIZATION_RESULT_CHALLENGE: Can be authorized if further information is given.
+ *
+ * The possible results when checking whether a claim is authorized.
+ */
+typedef enum {
+ POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED,
+ POLKIT_AUTHORIZATION_RESULT_AUTHORIZED,
+ POLKIT_AUTHORIZATION_RESULT_CHALLENGE
+} PolkitAuthorizationResult;
+
+GType polkit_authorization_result_get_type (void) G_GNUC_CONST;
+
+
+G_END_DECLS
+
+#endif /* __POLKIT_AUTHORIZATION_RESULT_H */
+
diff --git a/src/polkit/polkitbackend.c b/src/polkit/polkitbackend.c
new file mode 100644
index 0000000..ce34456
--- /dev/null
+++ b/src/polkit/polkitbackend.c
@@ -0,0 +1,117 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include "polkitbackend.h"
+
+/**
+ * SECTION:polkitbackend
+ * @short_description: Abstract base class for backends
+ * @include: polkit/polkit.h
+ *
+ * The #PolkitBackend class represents a backend responding to
+ * requests from instances of the #PolkitAuthority class.
+ */
+
+G_DEFINE_ABSTRACT_TYPE (PolkitBackend, polkit_backend, G_TYPE_OBJECT);
+
+enum {
+ CHANGED_SIGNAL,
+ LAST_SIGNAL,
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
+static void
+polkit_backend_finalize (GObject *object)
+{
+ PolkitBackend *backend;
+
+ backend = POLKIT_BACKEND (object);
+
+ G_OBJECT_CLASS (polkit_backend_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_class_init (PolkitBackendClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+
+ gobject_class->finalize = polkit_backend_finalize;
+
+ /**
+ * PolkitBackend::changed:
+ * @backend: a #PolkitBackend.
+ *
+ * Emitted when something on @backend changes.
+ */
+ signals[CHANGED_SIGNAL] = g_signal_new ("changed",
+ POLKIT_TYPE_BACKEND,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (PolkitBackendClass, changed),
+ NULL,
+ NULL,
+ g_cclosure_marshal_VOID__VOID,
+ G_TYPE_NONE,
+ 0);
+}
+
+static void
+polkit_backend_init (PolkitBackend *backend)
+{
+}
+
+gchar *
+polkit_backend_say_hello (PolkitBackend *backend,
+ PolkitSubject *inquirer,
+ const gchar *name,
+ GError **error)
+{
+ PolkitBackendClass *klass;
+
+ g_return_val_if_fail (POLKIT_IS_BACKEND (backend), NULL);
+ klass = POLKIT_BACKEND_GET_CLASS (backend);
+
+ return (* klass->say_hello) (backend,
+ inquirer,
+ name,
+ error);
+}
+
+PolkitAuthorizationResult
+polkit_backend_check_claims (PolkitBackend *backend,
+ PolkitSubject *inquirer,
+ GList *claims,
+ GError **error)
+{
+ PolkitBackendClass *klass;
+
+ g_return_val_if_fail (POLKIT_IS_BACKEND (backend), POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED);
+ klass = POLKIT_BACKEND_GET_CLASS (backend);
+
+ return (* klass->check_claims) (backend,
+ inquirer,
+ claims,
+ error);
+}
+
diff --git a/src/polkit/polkitbackend.h b/src/polkit/polkitbackend.h
new file mode 100644
index 0000000..4cfd3e3
--- /dev/null
+++ b/src/polkit/polkitbackend.h
@@ -0,0 +1,103 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_BACKEND_H
+#define __POLKIT_BACKEND_H
+
+#include <glib-object.h>
+#include <gio/gio.h>
+#include <polkit/polkitauthorizationclaim.h>
+#include <polkit/polkitauthorizationresult.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_BACKEND (polkit_backend_get_type ())
+#define POLKIT_BACKEND(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND, PolkitBackend))
+#define POLKIT_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_BACKEND, PolkitBackendClass))
+#define POLKIT_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND,PolkitBackendClass))
+#define POLKIT_IS_BACKEND(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND))
+#define POLKIT_IS_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND))
+
+typedef struct _PolkitBackend PolkitBackend;
+typedef struct _PolkitBackendClass PolkitBackendClass;
+
+struct _PolkitBackend
+{
+ GObject parent_instance;
+};
+
+/* TODO: maybe we also want async versions that are tried before the sync ones */
+
+struct _PolkitBackendClass
+{
+ GObjectClass parent_class;
+
+ /*< public >*/
+
+ /* signals */
+ void (* changed) (PolkitBackend *backend);
+
+ /* vtable */
+ gchar * (* say_hello) (PolkitBackend *backend,
+ PolkitSubject *inquirer,
+ const gchar *name,
+ GError **error);
+
+ PolkitAuthorizationResult (* check_claims) (PolkitBackend *backend,
+ PolkitSubject *inquirer,
+ GList *claims,
+ GError **error);
+
+ /*< private >*/
+
+ /* Padding for future expansion */
+ void (*_polkit_reserved1) (void);
+ void (*_polkit_reserved2) (void);
+ void (*_polkit_reserved3) (void);
+ void (*_polkit_reserved4) (void);
+ void (*_polkit_reserved5) (void);
+ void (*_polkit_reserved6) (void);
+ void (*_polkit_reserved7) (void);
+ void (*_polkit_reserved8) (void);
+};
+
+GType polkit_backend_get_type (void) G_GNUC_CONST;
+
+gchar *polkit_backend_say_hello (PolkitBackend *backend,
+ PolkitSubject *inquirer,
+ const gchar *name,
+ GError **error);
+
+PolkitAuthorizationResult polkit_backend_check_claims (PolkitBackend *backend,
+ PolkitSubject *inquirer,
+ GList *claims,
+ GError **error);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_H */
+
diff --git a/src/polkit/polkitbackendstub.c b/src/polkit/polkitbackendstub.c
new file mode 100644
index 0000000..04e80ef
--- /dev/null
+++ b/src/polkit/polkitbackendstub.c
@@ -0,0 +1,224 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <glib.h>
+#include <glib/gi18n-lib.h>
+#include <glib-object.h>
+#include <dbus/dbus-glib.h>
+#include <dbus/dbus-glib-lowlevel.h>
+
+#include "polkiterror.h"
+#include "polkitbackendstub.h"
+#include "polkituser.h"
+#include "polkitserialization.h"
+
+/**
+ * SECTION:polkitbackendstub
+ * @short_description: Stub for proxying backends
+ * @include: polkit/polkit.h
+ *
+ * Used on the server side for proxying a #PolkitBackend over
+ * D-Bus. On the client side, #PolkitAuthority is used.
+ */
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+/* exported methods */
+
+gboolean _polkit_backend_stub_say_hello (PolkitBackendStub *backend_stub,
+ const char *name,
+ DBusGMethodInvocation *context);
+
+gboolean _polkit_backend_stub_check_claims (PolkitBackendStub *backend_stub,
+ GPtrArray *_claims,
+ DBusGMethodInvocation *context);
+
+#include "polkitbackendstubglue.h"
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+struct _PolkitBackendStubPrivate
+{
+ PolkitBackend *backend;
+};
+
+G_DEFINE_TYPE (PolkitBackendStub, polkit_backend_stub, G_TYPE_OBJECT)
+
+#define POLKIT_BACKEND_STUB_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStubPrivate))
+
+static void
+polkit_backend_stub_init (PolkitBackendStub *backend_stub)
+{
+ backend_stub->priv = POLKIT_BACKEND_STUB_GET_PRIVATE (backend_stub);
+
+}
+
+static void
+polkit_backend_stub_finalize (GObject *object)
+{
+ PolkitBackendStub *backend_stub;
+
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_BACKEND_STUB (object));
+
+ backend_stub = POLKIT_BACKEND_STUB (object);
+
+ if (backend_stub->priv->backend != NULL)
+ g_object_unref (backend_stub->priv->backend);
+
+ G_OBJECT_CLASS (polkit_backend_stub_parent_class)->finalize (object);
+}
+
+static void
+polkit_backend_stub_class_init (PolkitBackendStubClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->finalize = polkit_backend_stub_finalize;
+
+ g_type_class_add_private (klass, sizeof (PolkitBackendStubPrivate));
+
+ dbus_g_error_domain_register (POLKIT_ERROR,
+ "org.freedesktop.PolicyKit.Error",
+ POLKIT_TYPE_ERROR);
+
+ dbus_g_object_type_install_info (POLKIT_TYPE_BACKEND_STUB, &dbus_glib__polkit_backend_stub_object_info);
+}
+
+PolkitBackendStub *
+polkit_backend_stub_new (DBusGConnection *connection,
+ const char *object_path,
+ PolkitBackend *backend)
+{
+ PolkitBackendStub *backend_stub;
+
+ backend_stub = POLKIT_BACKEND_STUB (g_object_new (POLKIT_TYPE_BACKEND_STUB, NULL));
+
+ dbus_g_connection_register_g_object (connection,
+ object_path,
+ G_OBJECT (backend_stub));
+
+ backend_stub->priv->backend = g_object_ref (backend);
+
+ return backend_stub;
+}
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+static PolkitSubject *
+get_inquirer (DBusGMethodInvocation *context)
+{
+ PolkitSubject *subject;
+
+ /* TODO; get from context */
+ subject = polkit_user_new ("root");
+
+ return subject;
+}
+
+/*--------------------------------------------------------------------------------------------------------------*/
+/* exported methods */
+
+gboolean
+_polkit_backend_stub_say_hello (PolkitBackendStub *backend_stub,
+ const char *name,
+ DBusGMethodInvocation *context)
+{
+ PolkitSubject *inquirer;
+ GError *error;
+ char *result;
+
+ error = NULL;
+ inquirer = get_inquirer (context);
+
+ result = polkit_backend_say_hello (backend_stub->priv->backend,
+ inquirer,
+ name,
+ &error);
+
+ if (error != NULL) {
+ dbus_g_method_return_error (context, error);
+ g_error_free (error);
+ } else {
+ dbus_g_method_return (context, result);
+ g_free (result);
+ }
+
+ g_object_unref (inquirer);
+
+ return TRUE;
+}
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+gboolean
+_polkit_backend_stub_check_claims (PolkitBackendStub *backend_stub,
+ GPtrArray *_claims,
+ DBusGMethodInvocation *context)
+{
+ PolkitSubject *inquirer;
+ GError *error;
+ GList *claims;
+ PolkitAuthorizationResult result;
+
+ error = NULL;
+ inquirer = get_inquirer (context);
+
+ claims = _serialize_ptr_array_to_obj_list
+ (_claims,
+ (PolkitSerializeToObjectFunc) _authorization_claim_from_data);
+
+ if (claims == NULL) {
+ dbus_g_method_return_error (context,
+ g_error_new (POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "Data is malformed"));
+ goto out;
+ }
+
+ result = polkit_backend_check_claims (backend_stub->priv->backend,
+ inquirer,
+ claims,
+ &error);
+
+ if (error != NULL) {
+ dbus_g_method_return_error (context, error);
+ g_error_free (error);
+ } else {
+ char *result_str;
+ result_str = _authorization_result_to_string (result);
+ dbus_g_method_return (context, result_str);
+ g_free (result_str);
+ }
+
+ g_object_unref (inquirer);
+
+ g_list_foreach (claims, (GFunc) g_object_unref, NULL);
+ g_list_free (claims);
+
+ out:
+ return TRUE;
+}
+
+/*--------------------------------------------------------------------------------------------------------------*/
diff --git a/src/polkit/polkitbackendstub.h b/src/polkit/polkitbackendstub.h
new file mode 100644
index 0000000..a594909
--- /dev/null
+++ b/src/polkit/polkitbackendstub.h
@@ -0,0 +1,67 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_BACKEND_STUB_H__
+#define __POLKIT_BACKEND_STUB_H__
+
+#include <glib-object.h>
+#include <dbus/dbus-glib.h>
+#include <dbus/dbus-glib-lowlevel.h>
+#include <polkit/polkitbackend.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_BACKEND_STUB (polkit_backend_stub_get_type ())
+#define POLKIT_BACKEND_STUB(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStub))
+#define POLKIT_BACKEND_STUB_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStubClass))
+#define POLKIT_IS_BACKEND_STUB(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_BACKEND_STUB))
+#define POLKIT_IS_BACKEND_STUB_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_BACKEND_STUB))
+#define POLKIT_BACKEND_STUB_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_BACKEND_STUB, PolkitBackendStubClass))
+
+typedef struct _PolkitBackendStub PolkitBackendStub;
+typedef struct _PolkitBackendStubClass PolkitBackendStubClass;
+typedef struct _PolkitBackendStubPrivate PolkitBackendStubPrivate;
+
+struct _PolkitBackendStub
+{
+ GObject parent_instance;
+ PolkitBackendStubPrivate *priv;
+};
+
+struct _PolkitBackendStubClass
+{
+ GObjectClass parent_class;
+};
+
+GType polkit_backend_stub_get_type (void) G_GNUC_CONST;
+PolkitBackendStub *polkit_backend_stub_new (DBusGConnection *connection,
+ const char *object_path,
+ PolkitBackend *backend);
+
+G_END_DECLS
+
+#endif /* __POLKIT_BACKEND_STUB_H__ */
diff --git a/src/polkit/polkiterror.c b/src/polkit/polkiterror.c
new file mode 100644
index 0000000..3ec9cf0
--- /dev/null
+++ b/src/polkit/polkiterror.c
@@ -0,0 +1,67 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <polkit/polkiterror.h>
+
+/**
+ * SECTION:polkiterror
+ * @title: PolkitError
+ * @short_description: Error helper functions
+ * @include: polkit/polkit.h
+ *
+ * Contains helper functions for reporting errors to the user.
+ **/
+
+/**
+ * polkit_error_quark:
+ *
+ * Gets the #PolkitError Quark.
+ *
+ * Return value: a #GQuark.
+ **/
+GQuark
+polkit_error_quark (void)
+{
+ return g_quark_from_static_string ("g-polkit-error-quark");
+}
+
+#define ENUM_ENTRY(NAME, DESC) { NAME, "" #NAME "", DESC }
+
+GType
+polkit_error_get_type (void)
+{
+ static GType etype = 0;
+
+ if (etype == 0)
+ {
+ static const GEnumValue values[] = {
+ ENUM_ENTRY (POLKIT_ERROR_FAILED, "Failed"),
+ ENUM_ENTRY (POLKIT_ERROR_NOT_SUPPORTED, "NotSupported"),
+ { 0, 0, 0 }
+ };
+ g_assert (POLKIT_ERROR_NUM_ERRORS == G_N_ELEMENTS (values) - 1);
+ etype = g_enum_register_static ("PolkitErrorEnum", values);
+ }
+ return etype;
+}
diff --git a/src/polkit/polkiterror.h b/src/polkit/polkiterror.h
new file mode 100644
index 0000000..73da465
--- /dev/null
+++ b/src/polkit/polkiterror.h
@@ -0,0 +1,65 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_ERROR_H
+#define __POLKIT_ERROR_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_ERROR (polkit_error_get_type ())
+
+/**
+ * POLKIT_ERROR:
+ *
+ * Error domain for PolicyKit. Errors in this domain will be from the
+ * #PolkitErrorEnum enumeration. See #GError for more information on
+ * error domains.
+ **/
+#define POLKIT_ERROR polkit_error_quark()
+
+GQuark polkit_error_quark (void);
+GType polkit_error_get_type (void) G_GNUC_CONST;
+
+/**
+ * PolkitErrorEnum:
+ * @POLKIT_ERROR_FAILED: The operation failed.
+ * @POLKIT_ERROR_NOT_SUPPORTED: Operation not supported by backend.
+ *
+ * Error codes returned by PolicyKit functions.
+ */
+typedef enum {
+ POLKIT_ERROR_FAILED,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ POLKIT_ERROR_NUM_ERRORS
+} PolkitErrorEnum;
+
+G_END_DECLS
+
+#endif /* __POLKIT_ERROR_H */
+
diff --git a/src/polkit/polkitlocalbackend.c b/src/polkit/polkitlocalbackend.c
new file mode 100644
index 0000000..9947a8c
--- /dev/null
+++ b/src/polkit/polkitlocalbackend.c
@@ -0,0 +1,167 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <string.h>
+#include "polkiterror.h"
+#include "polkitlocalbackend.h"
+#include "polkitserialization.h" /* TODO: remove */
+
+/**
+ * SECTION:polkitlocalbackend
+ * @short_description: Backend using local files
+ * @include: polkit/polkit.h
+ *
+ * The #PolkitLocalBackend class is an implementation of
+ * #PolkitBackend that stores authorizations on the local file
+ * system.
+ */
+
+struct _PolkitLocalBackendPrivate
+{
+ int stuff;
+};
+
+static gchar *say_hello (PolkitBackend *_backend,
+ PolkitSubject *inquirer,
+ const gchar *name,
+ GError **error);
+
+static PolkitAuthorizationResult check_claims (PolkitBackend *_backend,
+ PolkitSubject *inquirer,
+ GList *claims,
+ GError **error);
+
+G_DEFINE_TYPE (PolkitLocalBackend, polkit_local_backend, POLKIT_TYPE_BACKEND);
+
+#define POLKIT_LOCAL_BACKEND_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_LOCAL_BACKEND, PolkitLocalBackendPrivate))
+
+static void
+polkit_local_backend_finalize (GObject *object)
+{
+ PolkitLocalBackend *local_backend;
+
+ local_backend = POLKIT_LOCAL_BACKEND (object);
+
+ G_OBJECT_CLASS (polkit_local_backend_parent_class)->finalize (object);
+}
+
+static void
+polkit_local_backend_class_init (PolkitLocalBackendClass *klass)
+{
+ GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+ PolkitBackendClass *backend_class = POLKIT_BACKEND_CLASS (klass);
+
+ backend_class->say_hello = say_hello;
+ backend_class->check_claims = check_claims;
+
+ gobject_class->finalize = polkit_local_backend_finalize;
+
+ g_type_class_add_private (klass, sizeof (PolkitLocalBackendPrivate));
+}
+
+static void
+polkit_local_backend_init (PolkitLocalBackend *local_backend)
+{
+ local_backend->priv = POLKIT_LOCAL_BACKEND_GET_PRIVATE (local_backend);
+}
+
+PolkitBackend *
+polkit_local_backend_new (void)
+{
+ PolkitBackend *backend;
+
+ backend = POLKIT_BACKEND (g_object_new (POLKIT_TYPE_LOCAL_BACKEND, NULL));
+
+ return backend;
+}
+
+static gchar *
+say_hello (PolkitBackend *_backend,
+ PolkitSubject *inquirer,
+ const gchar *name,
+ GError **error)
+{
+ char *ret;
+
+ ret = NULL;
+
+ if (strcmp (name, "davidz") == 0) {
+ g_set_error_literal (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "We don't want to async greet davidz!");
+ } else {
+ ret = g_strdup_printf ("Local async greets 'Hi %s!'", name);
+ }
+
+ return ret;
+}
+
+PolkitAuthorizationResult
+check_claims (PolkitBackend *_backend,
+ PolkitSubject *inquirer,
+ GList *claims,
+ GError **error)
+{
+ PolkitLocalBackend *backend;
+ PolkitAuthorizationResult result;
+ GList *l;
+
+ backend = POLKIT_LOCAL_BACKEND (_backend);
+
+ for (l = claims; l != NULL; l = l->next) {
+ PolkitAuthorizationClaim *claim = POLKIT_AUTHORIZATION_CLAIM (l->data);
+ char *action_id;
+ PolkitSubject *subject;
+ GHashTable *attributes;
+ GHashTableIter iter;
+ const char *key;
+ const char *value;
+
+ g_object_get (claim,
+ "subject", &subject,
+ "action-id", &action_id,
+ "attributes", &attributes,
+ NULL);
+
+ g_print ("action-id: %s\n", action_id);
+ g_print ("subject: %s\n", _subject_to_string (subject));
+
+ g_hash_table_iter_init (&iter, attributes);
+ while (g_hash_table_iter_next (&iter, (gpointer) &key, (gpointer) &value)) {
+ g_print (" '%s' -> '%s'\n", key, value);
+ }
+
+ g_print ("\n");
+
+ g_object_unref (subject);
+ g_free (action_id);
+ g_hash_table_unref (attributes);
+ }
+
+ /* TODO */
+ result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+
+ return result;
+}
diff --git a/src/polkit/polkitlocalbackend.h b/src/polkit/polkitlocalbackend.h
new file mode 100644
index 0000000..ccfd815
--- /dev/null
+++ b/src/polkit/polkitlocalbackend.h
@@ -0,0 +1,65 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_LOCAL_BACKEND_H
+#define __POLKIT_LOCAL_BACKEND_H
+
+#include <polkit/polkitbackend.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_LOCAL_BACKEND (polkit_local_backend_get_type ())
+#define POLKIT_LOCAL_BACKEND(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_LOCAL_BACKEND, PolkitLocalBackend))
+#define POLKIT_LOCAL_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_CAST ((k), POLKIT_TYPE_LOCAL_BACKEND, PolkitLocalBackendClass))
+#define POLKIT_LOCAL_BACKEND_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_LOCAL_BACKEND,PolkitLocalBackendClass))
+#define POLKIT_IS_LOCAL_BACKEND(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_LOCAL_BACKEND))
+#define POLKIT_IS_LOCAL_BACKEND_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_LOCAL_BACKEND))
+
+typedef struct _PolkitLocalBackend PolkitLocalBackend;
+typedef struct _PolkitLocalBackendClass PolkitLocalBackendClass;
+typedef struct _PolkitLocalBackendPrivate PolkitLocalBackendPrivate;
+
+struct _PolkitLocalBackend
+{
+ PolkitBackend parent_instance;
+
+ /*< private >*/
+ PolkitLocalBackendPrivate *priv;
+};
+
+struct _PolkitLocalBackendClass
+{
+ PolkitBackendClass parent_class;
+};
+
+GType polkit_local_backend_get_type (void) G_GNUC_CONST;
+PolkitBackend *polkit_local_backend_new (void);
+
+G_END_DECLS
+
+#endif /* __POLKIT_LOCAL_BACKEND_H */
+
diff --git a/src/polkit/polkitprocess.c b/src/polkit/polkitprocess.c
new file mode 100644
index 0000000..a522682
--- /dev/null
+++ b/src/polkit/polkitprocess.c
@@ -0,0 +1,185 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <string.h>
+
+#include "polkitprocess.h"
+
+/**
+ * SECTION:polkitprocess
+ * @short_description: Process
+ * @include: polkit/polkit.h
+ *
+ * Represents a process.
+ */
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+struct _PolkitProcessPrivate
+{
+ GPid pid;
+};
+
+enum {
+ PROP_0,
+ PROP_PID,
+};
+
+static void polkit_process_subject_iface_init (PolkitSubjectIface *iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitProcess, polkit_process, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT,
+ polkit_process_subject_iface_init))
+
+#define POLKIT_PROCESS_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_PROCESS, PolkitProcessPrivate))
+
+static void
+polkit_process_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitProcess *process = POLKIT_PROCESS (object);
+
+ switch (prop_id) {
+ case PROP_PID:
+ g_value_set_int (value, process->priv->pid);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_process_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitProcess *process = POLKIT_PROCESS (object);
+
+ switch (prop_id) {
+ case PROP_PID:
+ polkit_process_set_pid (process, g_value_get_int (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_process_init (PolkitProcess *process)
+{
+ process->priv = POLKIT_PROCESS_GET_PRIVATE (process);
+}
+
+static void
+polkit_process_finalize (GObject *object)
+{
+ PolkitProcess *process;
+
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_PROCESS (object));
+
+ process = POLKIT_PROCESS (object);
+
+ G_OBJECT_CLASS (polkit_process_parent_class)->finalize (object);
+}
+
+static void
+polkit_process_class_init (PolkitProcessClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->get_property = polkit_process_get_property;
+ object_class->set_property = polkit_process_set_property;
+ object_class->finalize = polkit_process_finalize;
+
+ /**
+ * PolkitProcess:pid:
+ *
+ * The process id.
+ */
+ g_object_class_install_property (object_class,
+ PROP_PID,
+ g_param_spec_int ("pid",
+ "pid",
+ "The process id",
+ -1,
+ G_MAXINT, /* TODO: maybe there's a MAX_PID? */
+ -1,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ g_type_class_add_private (klass, sizeof (PolkitProcessPrivate));
+}
+
+pid_t
+polkit_process_get_pid (PolkitProcess *process)
+{
+ g_return_val_if_fail (POLKIT_IS_PROCESS (process), -1);
+ return process->priv->pid;
+}
+
+void
+polkit_process_set_pid (PolkitProcess *process,
+ pid_t pid)
+{
+ g_return_if_fail (POLKIT_IS_PROCESS (process));
+ if (pid != process->priv->pid) {
+ process->priv->pid = pid;
+ g_object_notify (G_OBJECT (process), "pid");
+ }
+}
+
+PolkitSubject *
+polkit_process_new (pid_t pid)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_PROCESS,
+ "pid", pid,
+ NULL));
+}
+
+static gboolean
+polkit_process_equal (PolkitSubject *subject1,
+ PolkitSubject *subject2)
+{
+ PolkitProcess *process1 = POLKIT_PROCESS (subject1);
+ PolkitProcess *process2 = POLKIT_PROCESS (subject2);
+
+ return process1->priv->pid == process2->priv->pid;
+}
+
+static void
+polkit_process_subject_iface_init (PolkitSubjectIface *iface)
+{
+ iface->equal = polkit_process_equal;
+}
diff --git a/src/polkit/polkitprocess.h b/src/polkit/polkitprocess.h
new file mode 100644
index 0000000..c992801
--- /dev/null
+++ b/src/polkit/polkitprocess.h
@@ -0,0 +1,67 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_PROCESS_H__
+#define __POLKIT_PROCESS_H__
+
+#include <sys/types.h>
+#include <glib-object.h>
+#include <polkit/polkitsubject.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_PROCESS (polkit_process_get_type ())
+#define POLKIT_PROCESS(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_PROCESS, PolkitProcess))
+#define POLKIT_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_PROCESS, PolkitProcessClass))
+#define POLKIT_IS_PROCESS(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_PROCESS))
+#define POLKIT_IS_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_PROCESS))
+#define POLKIT_PROCESS_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_PROCESS, PolkitProcessClass))
+
+typedef struct _PolkitProcess PolkitProcess;
+typedef struct _PolkitProcessClass PolkitProcessClass;
+typedef struct _PolkitProcessPrivate PolkitProcessPrivate;
+
+struct _PolkitProcess
+{
+ GObject parent_instance;
+ PolkitProcessPrivate *priv;
+};
+
+struct _PolkitProcessClass
+{
+ GObjectClass parent_class;
+};
+
+GType polkit_process_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_process_new (pid_t pid);
+pid_t polkit_process_get_pid (PolkitProcess *process);
+void polkit_process_set_pid (PolkitProcess *process,
+ pid_t pid);
+
+G_END_DECLS
+
+#endif /* __POLKIT_PROCESS_H__ */
diff --git a/src/polkit/polkitserialization.c b/src/polkit/polkitserialization.c
new file mode 100644
index 0000000..1ab3043
--- /dev/null
+++ b/src/polkit/polkitserialization.c
@@ -0,0 +1,251 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <stdlib.h>
+#include <string.h>
+#include <dbus/dbus-glib.h>
+
+#include <polkit/polkitserialization.h>
+#include <polkit/polkituser.h>
+#include <polkit/polkitprocess.h>
+
+PolkitAuthorizationResult
+_authorization_result_from_string (const char *str)
+{
+ PolkitAuthorizationResult ret;
+
+ g_return_val_if_fail (str != NULL, POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED);
+
+ ret = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+
+ if (strcmp (str, "authorized") == 0) {
+ ret = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
+ } else if (strcmp (str, "challenge") == 0) {
+ ret = POLKIT_AUTHORIZATION_RESULT_CHALLENGE;
+ } else if (strcmp (str, "notauthorized") == 0) {
+ ret = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED;
+ } else {
+ g_warning ("unknown authorization result string '%s'", str);
+ }
+
+ return ret;
+}
+
+char *
+_authorization_result_to_string (PolkitAuthorizationResult result)
+{
+ char *ret;
+
+ switch (result) {
+ case POLKIT_AUTHORIZATION_RESULT_AUTHORIZED:
+ ret = g_strdup ("authorized");
+ break;
+ case POLKIT_AUTHORIZATION_RESULT_CHALLENGE:
+ ret = g_strdup ("challenge");
+ break;
+ default:
+ g_warning ("unknown authorization result with code %d", result);
+ /* explicit fallthrough */
+ case POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED:
+ ret = g_strdup ("notauthorized");
+ break;
+ }
+
+ return ret;
+}
+
+PolkitSubject *
+_subject_from_string (const char *str)
+{
+ PolkitSubject *subject;
+
+ g_return_val_if_fail (str != NULL, NULL);
+
+ subject = NULL;
+
+ if (g_str_has_prefix (str, "user:")) {
+ subject = polkit_user_new (str + sizeof ("user:") - 1);
+ } else if (g_str_has_prefix (str, "process:")) {
+ pid_t pid;
+ pid = (pid_t) (atoi (str + sizeof ("process:") - 1));
+ subject = polkit_process_new ((pid));
+ } else {
+ g_warning ("Please add support for deserializing strings of form '%s'", str);
+ }
+
+ return subject;
+}
+
+char *
+_subject_to_string (PolkitSubject *subject)
+{
+ char *ret;
+
+ g_return_val_if_fail (POLKIT_IS_SUBJECT (subject), NULL);
+
+ ret = NULL;
+
+ if (POLKIT_IS_USER (subject)) {
+ char *s;
+ s = polkit_user_get_user_name (POLKIT_USER (subject));
+ ret = g_strdup_printf ("user:%s", s);
+ g_free (s);
+ } else if (POLKIT_IS_PROCESS (subject)) {
+ pid_t pid;
+ pid = polkit_process_get_pid (POLKIT_PROCESS (subject));
+ ret = g_strdup_printf ("process:%d", pid);
+ } else {
+ g_warning ("Please add support for serializing type %s",
+ g_type_name (G_TYPE_FROM_INSTANCE (subject)));
+ }
+
+ return ret;
+}
+
+
+#define CLAIM_STRUCT_TYPE (dbus_g_type_get_struct ("GValueArray", \
+ G_TYPE_STRING, \
+ G_TYPE_STRING, \
+ dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_STRING), \
+ G_TYPE_INVALID))
+
+void
+_authorization_claim_to_value (PolkitAuthorizationClaim *claim, GValue *value)
+{
+ char *action_id;
+ char *subject_str;
+ PolkitSubject *subject;
+ GHashTable *attributes;
+
+ subject = polkit_authorization_claim_get_subject (claim);
+ action_id = polkit_authorization_claim_get_action_id (claim);
+ subject_str = _subject_to_string (subject);
+
+ attributes = polkit_authorization_claim_get_attributes (claim);
+
+ g_value_init (value, CLAIM_STRUCT_TYPE);
+ g_value_take_boxed (value, dbus_g_type_specialized_construct (CLAIM_STRUCT_TYPE));
+ dbus_g_type_struct_set (value,
+ 0, subject_str,
+ 1, action_id,
+ 2, attributes,
+ G_MAXUINT);
+
+ g_free (action_id);
+ g_free (subject_str);
+ g_object_unref (subject);
+}
+
+PolkitAuthorizationClaim *
+_authorization_claim_from_data (gpointer data)
+{
+ GValue elem0 = {0};
+ PolkitAuthorizationClaim *claim;
+ PolkitSubject *subject;
+ char *subject_str;
+ char *action_id;
+ GHashTable *attributes;
+ GHashTableIter iter;
+ const char *key;
+ const char *value;
+
+ claim = NULL;
+
+ g_value_init (&elem0, CLAIM_STRUCT_TYPE);
+ g_value_set_static_boxed (&elem0, data);
+ dbus_g_type_struct_get (&elem0,
+ 0, &subject_str,
+ 1, &action_id,
+ 2, &attributes,
+ G_MAXUINT);
+
+ subject = _subject_from_string (subject_str);
+ if (subject == NULL)
+ goto out;
+
+ claim = polkit_authorization_claim_new (subject, action_id);
+ g_hash_table_iter_init (&iter, attributes);
+ while (g_hash_table_iter_next (&iter, (gpointer) &key, (gpointer) &value)) {
+ polkit_authorization_claim_set_attribute (claim, key, value);
+ }
+
+ out:
+ g_free (subject_str);
+ g_free (action_id);
+ if (subject != NULL)
+ g_object_unref (subject);
+ if (attributes != NULL)
+ g_hash_table_unref (attributes);
+ return claim;
+}
+
+GList *
+_serialize_ptr_array_to_obj_list (GPtrArray *ptr_array,
+ PolkitSerializeToObjectFunc func)
+{
+ GList *ret;
+ int n;
+
+ ret = NULL;
+ for (n = 0; n < (int) ptr_array->len; n++) {
+ GObject *object;
+ object = func (ptr_array->pdata[n]);
+ if (object == NULL)
+ goto fail;
+ ret = g_list_prepend (ret, object);
+ }
+ ret = g_list_reverse (ret);
+ return ret;
+ fail:
+ g_list_foreach (ret, (GFunc) g_object_unref, NULL);
+ g_list_free (ret);
+ return NULL;
+}
+
+GPtrArray *
+_serialize_ptr_array_from_obj_list (GList *list,
+ PolkitSerializeFromObjectFunc func)
+{
+ GPtrArray *ptr_array;
+ GList *l;
+
+ ptr_array = g_ptr_array_new ();
+ for (l = list; l != NULL; l = l->next) {
+ GObject *object = G_OBJECT (l->data);
+ GValue elem = {0};
+
+ func (object, &elem);
+
+ g_ptr_array_add (ptr_array, g_value_get_boxed (&elem));
+ }
+
+ return ptr_array;
+}
+
+void
+_free_serialized_obj_ptr_array (GPtrArray *ptr_array)
+{
+ g_ptr_array_foreach (ptr_array, (GFunc) g_value_array_free, NULL);
+ g_ptr_array_free (ptr_array, TRUE);
+}
diff --git a/src/polkit/polkitserialization.h b/src/polkit/polkitserialization.h
new file mode 100644
index 0000000..1ab94ed
--- /dev/null
+++ b/src/polkit/polkitserialization.h
@@ -0,0 +1,49 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#ifndef __POLKIT_SERIALIZATION_H
+#define __POLKIT_SERIALIZATION_H
+
+#include <polkit/polkitauthorizationclaim.h>
+#include <polkit/polkitauthorizationresult.h>
+
+typedef GObject * (*PolkitSerializeToObjectFunc) (gpointer data);
+typedef void (*PolkitSerializeFromObjectFunc) (GObject *object,
+ GValue *value);
+
+
+PolkitAuthorizationResult _authorization_result_from_string (const char *str);
+char * _authorization_result_to_string (PolkitAuthorizationResult result);
+PolkitSubject * _subject_from_string (const char *str);
+char * _subject_to_string (PolkitSubject *subject);
+void _authorization_claim_to_value (PolkitAuthorizationClaim *claim,
+ GValue *value);
+PolkitAuthorizationClaim *_authorization_claim_from_data (gpointer data);
+GList * _serialize_ptr_array_to_obj_list (GPtrArray *ptr_array,
+ PolkitSerializeToObjectFunc func);
+GPtrArray * _serialize_ptr_array_from_obj_list (GList *list,
+ PolkitSerializeFromObjectFunc func);
+void _free_serialized_obj_ptr_array (GPtrArray *ptr_array);
+
+
+#endif /* __POLKIT_SERIALIZATION_H */
diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c
new file mode 100644
index 0000000..062a7de
--- /dev/null
+++ b/src/polkit/polkitsubject.c
@@ -0,0 +1,115 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+
+#include "polkitsubject.h"
+
+/**
+ * SECTION:polkitsubject
+ * @title: PolkitSubject
+ * @short_description: Interface for subjects
+ * @include: polkit/polkit.h
+ *
+ * #PolkitSubject is a very minimal interface for subjects. It provides functions
+ * for checking the equality of two subjects
+ *
+ * To check if two #PolkitSubjects are equal, see polkit_subject_equal().
+ **/
+
+static void polkit_subject_base_init (gpointer g_class);
+static void polkit_subject_class_init (gpointer g_class,
+ gpointer class_data);
+
+GType
+polkit_subject_get_type (void)
+{
+ static volatile gsize g_define_type_id__volatile = 0;
+
+ if (g_once_init_enter (&g_define_type_id__volatile)) {
+ const GTypeInfo subject_info = {
+ sizeof (PolkitSubjectIface), /* class_size */
+ polkit_subject_base_init, /* base_init */
+ NULL, /* base_finalize */
+ polkit_subject_class_init, /* class_init */
+ NULL, /* class_finalize */
+ NULL, /* class_data */
+ 0,
+ 0, /* n_preallocs */
+ NULL
+ };
+
+ GType g_define_type_id =
+ g_type_register_static (G_TYPE_INTERFACE,
+ "PolkitSubject",
+ &subject_info,
+ 0);
+
+ g_type_interface_add_prerequisite (g_define_type_id, G_TYPE_OBJECT);
+
+ g_once_init_leave (&g_define_type_id__volatile, g_define_type_id);
+ }
+
+ return g_define_type_id__volatile;
+}
+
+static void
+polkit_subject_class_init (gpointer g_class,
+ gpointer class_data)
+{
+}
+
+static void
+polkit_subject_base_init (gpointer g_class)
+{
+}
+
+
+/**
+ * polkit_subject_equal:
+ * @subject1: pointer to the first #PolkitSubject.
+ * @subject2: pointer to the second #PolkitSubject.
+ *
+ * Checks if two subjects are equal.
+ *
+ * Returns: %TRUE if @subject1 is equal to @subject2. %FALSE otherwise.
+ **/
+gboolean
+polkit_subject_equal (PolkitSubject *subject1,
+ PolkitSubject *subject2)
+{
+ PolkitSubjectIface *iface;
+
+ if (subject1 == NULL && subject2 == NULL)
+ return TRUE;
+
+ if (subject1 == NULL || subject2 == NULL)
+ return FALSE;
+
+ if (G_TYPE_FROM_INSTANCE (subject1) != G_TYPE_FROM_INSTANCE (subject2))
+ return FALSE;
+
+ iface = POLKIT_SUBJECT_GET_IFACE (subject1);
+
+ return (* iface->equal) (subject1, subject2);
+}
diff --git a/src/polkit/polkitsubject.h b/src/polkit/polkitsubject.h
new file mode 100644
index 0000000..df29922
--- /dev/null
+++ b/src/polkit/polkitsubject.h
@@ -0,0 +1,72 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_SUBJECT_H__
+#define __POLKIT_SUBJECT_H__
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_SUBJECT (polkit_subject_get_type ())
+#define POLKIT_SUBJECT(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), POLKIT_TYPE_SUBJECT, PolkitSubject))
+#define POLKIT_IS_SUBJECT(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), POLKIT_TYPE_SUBJECT))
+#define POLKIT_SUBJECT_GET_IFACE(obj) (G_TYPE_INSTANCE_GET_INTERFACE ((obj), POLKIT_TYPE_SUBJECT, PolkitSubjectIface))
+
+/**
+ * PolkitSubject:
+ *
+ * An abstract type that specifies a subject.
+ **/
+typedef struct _PolkitSubject PolkitSubject;
+typedef struct _PolkitSubjectIface PolkitSubjectIface;
+
+/**
+ * PolkitSubjectIface:
+ * @g_iface: The parent interface.
+ * @equal: Checks if two #PolkitSubject<!-- -->s are equal.
+ *
+ * #PolkitSubjectIface is used to implement #PolkitSubject types for various
+ * different subjects
+ */
+struct _PolkitSubjectIface
+{
+ GTypeInterface g_iface;
+
+ /* Virtual Table */
+
+ gboolean (* equal) (PolkitSubject *subject1,
+ PolkitSubject *subject2);
+};
+
+GType polkit_subject_get_type (void) G_GNUC_CONST;
+gboolean polkit_subject_equal (PolkitSubject *subject1,
+ PolkitSubject *subject2);
+
+G_END_DECLS
+
+#endif /* __POLKIT_SUBJECT_H__ */
diff --git a/src/polkit/polkituser.c b/src/polkit/polkituser.c
new file mode 100644
index 0000000..32d691f
--- /dev/null
+++ b/src/polkit/polkituser.c
@@ -0,0 +1,188 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include "config.h"
+#include <string.h>
+
+#include "polkituser.h"
+
+/**
+ * SECTION:polkituser
+ * @short_description: User
+ * @include: polkit/polkit.h
+ *
+ * Represents a user.
+ */
+
+/*--------------------------------------------------------------------------------------------------------------*/
+
+struct _PolkitUserPrivate
+{
+ char *user_name;
+};
+
+enum {
+ PROP_0,
+ PROP_USER_NAME,
+};
+
+static void polkit_user_subject_iface_init (PolkitSubjectIface *iface);
+
+G_DEFINE_TYPE_WITH_CODE (PolkitUser, polkit_user, G_TYPE_OBJECT,
+ G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT,
+ polkit_user_subject_iface_init))
+
+#define POLKIT_USER_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_TYPE_USER, PolkitUserPrivate))
+
+static void
+polkit_user_get_property (GObject *object,
+ guint prop_id,
+ GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUser *user = POLKIT_USER (object);
+
+ switch (prop_id) {
+ case PROP_USER_NAME:
+ g_value_set_string (value, user->priv->user_name);
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_user_set_property (GObject *object,
+ guint prop_id,
+ const GValue *value,
+ GParamSpec *pspec)
+{
+ PolkitUser *user = POLKIT_USER (object);
+
+ switch (prop_id) {
+ case PROP_USER_NAME:
+ polkit_user_set_user_name (user, g_value_get_string (value));
+ break;
+
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+ break;
+ }
+}
+
+static void
+polkit_user_init (PolkitUser *user)
+{
+ user->priv = POLKIT_USER_GET_PRIVATE (user);
+}
+
+static void
+polkit_user_finalize (GObject *object)
+{
+ PolkitUser *user;
+
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (POLKIT_IS_USER (object));
+
+ user = POLKIT_USER (object);
+
+ g_free (user->priv->user_name);
+
+ G_OBJECT_CLASS (polkit_user_parent_class)->finalize (object);
+}
+
+static void
+polkit_user_class_init (PolkitUserClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->get_property = polkit_user_get_property;
+ object_class->set_property = polkit_user_set_property;
+ object_class->finalize = polkit_user_finalize;
+
+ /**
+ * PolkitUser:user-name:
+ *
+ * The user name.
+ */
+ g_object_class_install_property (object_class,
+ PROP_USER_NAME,
+ g_param_spec_string ("user-name",
+ "user-name",
+ "The user name",
+ NULL,
+ G_PARAM_CONSTRUCT |
+ G_PARAM_READWRITE |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ g_type_class_add_private (klass, sizeof (PolkitUserPrivate));
+}
+
+gchar *
+polkit_user_get_user_name (PolkitUser *user)
+{
+ g_return_val_if_fail (POLKIT_IS_USER (user), NULL);
+ return g_strdup (user->priv->user_name);
+}
+
+void
+polkit_user_set_user_name (PolkitUser *user,
+ const char *user_name)
+{
+ g_return_if_fail (POLKIT_IS_USER (user));
+ g_return_if_fail (user_name != NULL);
+
+ if (user->priv->user_name == NULL || strcmp (user_name, user->priv->user_name) != 0) {
+ g_free (user->priv->user_name);
+ user->priv->user_name = g_strdup (user_name);
+ g_object_notify (G_OBJECT (user), "user-name");
+ }
+}
+
+PolkitSubject *
+polkit_user_new (const gchar *user_name)
+{
+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_USER,
+ "user-name", user_name,
+ NULL));
+}
+
+static gboolean
+polkit_user_equal (PolkitSubject *subject1,
+ PolkitSubject *subject2)
+{
+ PolkitUser *user1 = POLKIT_USER (subject1);
+ PolkitUser *user2 = POLKIT_USER (subject2);
+
+ return strcmp (user1->priv->user_name, user2->priv->user_name) == 0;
+}
+
+static void
+polkit_user_subject_iface_init (PolkitSubjectIface *iface)
+{
+ iface->equal = polkit_user_equal;
+}
diff --git a/src/polkit/polkituser.h b/src/polkit/polkituser.h
new file mode 100644
index 0000000..44e4a56
--- /dev/null
+++ b/src/polkit/polkituser.h
@@ -0,0 +1,66 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
+#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
+#endif
+
+#ifndef __POLKIT_USER_H__
+#define __POLKIT_USER_H__
+
+#include <glib-object.h>
+#include <polkit/polkitsubject.h>
+
+G_BEGIN_DECLS
+
+#define POLKIT_TYPE_USER (polkit_user_get_type ())
+#define POLKIT_USER(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_USER, PolkitUser))
+#define POLKIT_USER_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_USER, PolkitUserClass))
+#define POLKIT_IS_USER(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_USER))
+#define POLKIT_IS_USER_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_USER))
+#define POLKIT_USER_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_USER, PolkitUserClass))
+
+typedef struct _PolkitUser PolkitUser;
+typedef struct _PolkitUserClass PolkitUserClass;
+typedef struct _PolkitUserPrivate PolkitUserPrivate;
+
+struct _PolkitUser
+{
+ GObject parent_instance;
+ PolkitUserPrivate *priv;
+};
+
+struct _PolkitUserClass
+{
+ GObjectClass parent_class;
+};
+
+GType polkit_user_get_type (void) G_GNUC_CONST;
+PolkitSubject *polkit_user_new (const char *user_name);
+gchar *polkit_user_get_user_name (PolkitUser *user);
+void polkit_user_set_user_name (PolkitUser *user,
+ const gchar *user_name);
+
+G_END_DECLS
+
+#endif /* __POLKIT_USER_H__ */
diff --git a/src/polkitd/Makefile.am b/src/polkitd/Makefile.am
new file mode 100644
index 0000000..7fe92ca
--- /dev/null
+++ b/src/polkitd/Makefile.am
@@ -0,0 +1,39 @@
+NULL =
+
+INCLUDES = \
+ -I$(top_builddir)/src \
+ -I$(top_srcdir)/src \
+ -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
+ -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
+ -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
+ -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
+ -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
+ -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
+ -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -D_POSIX_PTHREAD_SEMANTICS \
+ -D_REENTRANT \
+ $(NULL)
+
+libexec_PROGRAMS = polkitd-1
+
+polkitd_1_SOURCES = \
+ main.c \
+ $(NULL)
+
+polkitd_1_CFLAGS = \
+ -I$(top_srcdir)/src \
+ -DG_LOG_DOMAIN=\"polkitd-1\" \
+ $(DBUS_GLIB_CFLAGS) \
+ $(NULL)
+
+polkitd_1_LDADD = \
+ $(DBUS_GLIB_LIBS) \
+ $(GLIB_LIBS) \
+ $(GIO_LIBS) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(NULL)
+
+CLEANFILES = $(BUILT_SOURCES)
+
+clean-local :
+ rm -f *~
diff --git a/src/polkitd/main.c b/src/polkitd/main.c
new file mode 100644
index 0000000..ab3e24f
--- /dev/null
+++ b/src/polkitd/main.c
@@ -0,0 +1,194 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2007 David Zeuthen <david at fubar.dk>
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <signal.h>
+#include <errno.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include <glib.h>
+#include <glib/gi18n-lib.h>
+#include <glib-object.h>
+#include <dbus/dbus-glib.h>
+#include <dbus/dbus-glib-lowlevel.h>
+
+#include <polkit/polkit.h>
+
+#define NAME_TO_CLAIM "org.freedesktop.PolicyKit1"
+
+static PolkitBackend *
+get_backend (void)
+{
+ return polkit_local_backend_new ();
+}
+
+static gboolean
+acquire_name_on_proxy (DBusGProxy *bus_proxy)
+{
+ GError *error;
+ guint result;
+ gboolean res;
+ gboolean ret;
+
+ ret = FALSE;
+
+ if (bus_proxy == NULL) {
+ goto out;
+ }
+
+ error = NULL;
+ res = dbus_g_proxy_call (bus_proxy,
+ "RequestName",
+ &error,
+ G_TYPE_STRING, NAME_TO_CLAIM,
+ G_TYPE_UINT, 0,
+ G_TYPE_INVALID,
+ G_TYPE_UINT, &result,
+ G_TYPE_INVALID);
+ if (! res) {
+ if (error != NULL) {
+ g_warning ("Failed to acquire %s: %s", NAME_TO_CLAIM, error->message);
+ g_error_free (error);
+ } else {
+ g_warning ("Failed to acquire %s", NAME_TO_CLAIM);
+ }
+ goto out;
+ }
+
+ if (result != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER) {
+ if (error != NULL) {
+ g_warning ("Failed to acquire %s: %s", NAME_TO_CLAIM, error->message);
+ g_error_free (error);
+ } else {
+ g_warning ("Failed to acquire %s", NAME_TO_CLAIM);
+ }
+ goto out;
+ }
+
+ ret = TRUE;
+
+ out:
+ return ret;
+}
+
+int
+main (int argc, char **argv)
+{
+ GError *error;
+ GMainLoop *loop;
+ GOptionContext *context;
+ DBusGProxy *bus_proxy;
+ DBusGConnection *bus;
+ int ret;
+ PolkitBackend *backend;
+ PolkitBackendStub *stub;
+ static GOptionEntry entries[] = {
+ { NULL }
+ };
+
+ ret = 1;
+ backend = NULL;
+ stub = NULL;
+ loop = NULL;
+ bus = NULL;
+
+ g_type_init ();
+
+ context = g_option_context_new ("PolicyKit daemon");
+ g_option_context_add_main_entries (context, entries, NULL);
+ g_option_context_parse (context, &argc, &argv, NULL);
+ g_option_context_free (context);
+
+ error = NULL;
+ bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
+ if (bus == NULL) {
+ g_warning ("Couldn't connect to system bus: %s", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ bus_proxy = dbus_g_proxy_new_for_name (bus,
+ DBUS_SERVICE_DBUS,
+ DBUS_PATH_DBUS,
+ DBUS_INTERFACE_DBUS);
+ if (bus_proxy == NULL) {
+ g_warning ("Could not construct bus_proxy object; bailing out");
+ goto out;
+ }
+
+ if (!acquire_name_on_proxy (bus_proxy) ) {
+ g_warning ("Could not acquire name; bailing out");
+ goto out;
+ }
+
+ g_debug ("Starting polkitd-1 version %s", VERSION);
+
+ backend = get_backend ();
+ if (backend == NULL) {
+ g_warning ("Couldn't find suitable backend to use");
+ goto out;
+ }
+
+ stub = polkit_backend_stub_new (bus,
+ "/authority",
+ backend);
+
+ if (stub == NULL) {
+ goto out;
+ }
+
+ loop = g_main_loop_new (NULL, FALSE);
+
+ g_main_loop_run (loop);
+
+ ret = 0;
+
+out:
+ if (backend != NULL)
+ g_object_unref (backend);
+
+ if (stub != NULL)
+ g_object_unref (stub);
+
+ if (loop != NULL)
+ g_main_loop_unref (loop);
+
+ if (bus != NULL)
+ dbus_g_connection_unref (bus);
+
+ return ret;
+}
diff --git a/src/programs/Makefile.am b/src/programs/Makefile.am
new file mode 100644
index 0000000..8ba3fe5
--- /dev/null
+++ b/src/programs/Makefile.am
@@ -0,0 +1,36 @@
+
+NULL =
+
+INCLUDES = \
+ -I$(top_builddir)/src \
+ -I$(top_srcdir)/src \
+ -DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
+ -DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
+ -DPACKAGE_DATA_DIR=\""$(datadir)"\" \
+ -DPACKAGE_BIN_DIR=\""$(bindir)"\" \
+ -DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
+ -DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
+ -DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -D_POSIX_PTHREAD_SEMANTICS \
+ -D_REENTRANT \
+ $(NULL)
+
+bin_PROGRAMS = polkit-verify-claim-1
+
+polkit_verify_claim_1_SOURCES = polkit-verify-claim.c
+
+polkit_verify_claim_1_CFLAGS = \
+ $(GLIB_CFLAGS) \
+ $(GIO_CFLAGS) \
+ $(DBUS_GLIB_CFLAGS) \
+ $(NULL)
+
+polkit_verify_claim_1_LDADD = \
+ $(GLIB_LDADD) \
+ $(GIO_LDADD) \
+ $(DBUS_GLIB_LDADD) \
+ $(top_builddir)/src/polkit/libpolkit-gobject-1.la \
+ $(NULL)
+
+clean-local :
+ rm -f *~
diff --git a/src/programs/polkit-verify-claim.c b/src/programs/polkit-verify-claim.c
new file mode 100644
index 0000000..36ad439
--- /dev/null
+++ b/src/programs/polkit-verify-claim.c
@@ -0,0 +1,101 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
+
+/*
+ * Copyright (C) 2008 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: David Zeuthen <davidz at redhat.com>
+ */
+
+#include <polkit/polkit.h>
+
+int
+main (int argc, char *argv[])
+{
+ GList *ret;
+ GError *error;
+ GFile *dir;
+
+ g_type_init ();
+
+ dir = g_file_new_for_commandline_arg (argv[1]);
+
+ error = NULL;
+ ret = polkit_action_description_new_from_directory (dir,
+ NULL,
+ &error);
+ if (error != NULL) {
+ g_print ("Got error: %s\n", error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ g_debug ("rock'n'roll!");
+
+ g_list_foreach (ret, (GFunc) g_object_unref, NULL);
+ g_list_free (ret);
+
+ out:
+ return 0;
+
+#if 0
+ PolkitAuthorizationResult result;
+ GError *error;
+ PolkitAuthority *authority;
+
+ g_type_init ();
+
+ authority = polkit_authority_get ();
+
+ PolkitSubject *subject1;
+ PolkitSubject *subject2;
+ PolkitSubject *subject3;
+
+ subject1 = polkit_user_new ("moe");
+ subject2 = polkit_user_new ("bernie");
+ subject3 = polkit_process_new (42);
+
+ GList *claims;
+ claims = NULL;
+ claims = g_list_prepend (claims, polkit_authorization_claim_new (subject1, "org.foo.1"));
+ claims = g_list_prepend (claims, polkit_authorization_claim_new (subject2, "org.foo.2"));
+ claims = g_list_prepend (claims, polkit_authorization_claim_new (subject3, "org.foo.3"));
+
+ PolkitAuthorizationClaim *claim;
+ claim = polkit_authorization_claim_new (subject3, "org.foo.4");
+ polkit_authorization_claim_set_attribute (claim, "foo", "bar");
+ polkit_authorization_claim_set_attribute (claim, "unix-device", "/dev/sda");
+ claims = g_list_prepend (claims, claim);
+
+
+ error = NULL;
+ result = polkit_authority_check_claims_sync (authority,
+ claims,
+ NULL,
+ &error);
+ if (error != NULL) {
+ g_print ("Got error: %s\n", error->message);
+ g_error_free (error);
+ } else {
+ g_print ("Got result: %d\n", result);
+ }
+
+ g_object_unref (authority);
+
+ return 0;
+#endif
+}
More information about the hal-commit
mailing list