PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Mon Feb 21 14:13:52 PST 2011
docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml | 4
src/polkitbackend/polkitbackendinteractiveauthority.c | 57 ++++++++++
2 files changed, 60 insertions(+), 1 deletion(-)
New commits:
commit 719585f1aecdc79598a6cecff936bd50e0f6a2f8
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Feb 21 17:12:17 2011 -0500
Pass caller and subject pid to authentication agent
The authentication agent can use information this to inform the user
about the UI application that triggered the authentication request (if
any).
Signed-off-by: David Zeuthen <davidz at redhat.com>
diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml
index 85bbcf0..663169e 100644
--- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml
+++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml
@@ -71,7 +71,9 @@ The themed icon describing the action or the empty string if no icon is set.
<term><literal>IN Dict<String,String> <parameter>details</parameter></literal>:</term>
<listitem>
<para>
-Details about the authentication request. This is a dictionary of key/value pairs where both key and value are strings. These strings are translated into the locale passed when registering the authentication agent using <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent">RegisterAuthenticationAgent()</link>.
+Details about the authentication request. This is a dictionary of key/value pairs where both key and value are strings. These strings are translated into the locale passed when registering the authentication agent using <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent">RegisterAuthenticationAgent().</link>.
+Keys starting with <literal>polkit.</literal> are reserved for internal use and should never be displayed in the UI.
+Known key/value-pairs include <literal>polkit.caller-pid</literal> (the process id of the mechanism making the authorization check) and <literal>polkit.subject-pid</literal> (the process id of the subject the check is for).
</para>
</listitem>
</varlistentry>
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 386a4c9..ae1a1bf 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -1796,6 +1796,60 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority,
}
static void
+add_pid (PolkitDetails *details,
+ PolkitSubject *subject,
+ const gchar *key)
+{
+ gchar buf[32];
+ gint pid;
+
+ if (POLKIT_IS_UNIX_PROCESS (subject))
+ {
+ pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject));
+ }
+ else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
+ {
+ PolkitSubject *process;
+ GError *error;
+
+ error = NULL;
+ process = polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME (subject),
+ NULL,
+ &error);
+ if (process == NULL)
+ {
+ g_printerr ("Error getting process for system bus name `%s': %s\n",
+ polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject)),
+ error->message);
+ g_error_free (error);
+ goto out;
+ }
+ pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (process));
+ g_object_unref (process);
+ }
+ else if (POLKIT_IS_UNIX_SESSION (subject))
+ {
+ goto out;
+ }
+ else
+ {
+ gchar *s;
+ s = polkit_subject_to_string (subject);
+ g_printerr ("Don't know how to get pid from subject of type %s: %s\n",
+ g_type_name (G_TYPE_FROM_INSTANCE (subject)),
+ s);
+ g_free (s);
+ goto out;
+ }
+
+ g_snprintf (buf, sizeof (buf), "%d", pid);
+ polkit_details_insert (details, key, buf);
+
+ out:
+ ;
+}
+
+static void
authentication_agent_initiate_challenge (AuthenticationAgent *agent,
PolkitSubject *subject,
PolkitIdentity *user_of_subject,
@@ -1866,6 +1920,9 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
agent->active_sessions = g_list_prepend (agent->active_sessions, session);
+ add_pid (localized_details, caller, "polkit.caller-pid");
+ add_pid (localized_details, subject, "polkit.subject-pid");
+
details_gvariant = polkit_details_to_gvariant (localized_details);
g_variant_ref_sink (details_gvariant);
More information about the hal-commit
mailing list