PolicyKit: Branch 'master'

David Zeuthen david at kemper.freedesktop.org
Wed Jun 6 11:34:47 PDT 2012


 configure.ac                                          |    1 
 src/polkitbackend/polkitbackendinteractiveauthority.c |   23 ++++++++++
 src/polkitbackend/polkitbackendinteractiveauthority.h |    4 +
 src/polkitbackend/polkitbackendjsauthority.c          |   38 +++++++++++++-----
 test/polkitbackend/test-polkitbackendjsauthority.c    |    2 
 5 files changed, 59 insertions(+), 9 deletions(-)

New commits:
commit 3d007cbc5d4a1560cdcca08b5ca0401371fc7b77
Author: David Zeuthen <zeuthen at gmail.com>
Date:   Wed Jun 6 14:32:26 2012 -0400

    Make it work when using ConsoleKit instead of libsystemd-login
    
    ... although it would be nicer to just rip out the CK bits and simply
    hard-require libsystemd-login instead - it should work just fine on
    non-systemd systems, same way systemd-udev works fine there.
    
    Signed-off-by: David Zeuthen <zeuthen at gmail.com>

diff --git a/configure.ac b/configure.ac
index 4cb7329..326646c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -169,6 +169,7 @@ if test "$enable_libsystemd_login" != "no"; then
                     have_libsystemd_login=no)
   if test "$have_libsystemd_login" = "yes"; then
     SESSION_TRACKING=libsystemd-login
+    AC_DEFINE([HAVE_LIBSYSTEMD_LOGIN], 1, [Define to 1 if libsystemd-login is available])
   else
     if test "$enable_libsystemd_login" = "yes"; then
       AC_MSG_ERROR([libsystemd-login support requested but libsystemd-login library not found])
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 86e7134..1d4a555 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -1270,6 +1270,8 @@ check_authorization_sync (PolkitBackendAuthority         *authority,
  * @caller: The subject that is inquiring whether @subject is authorized.
  * @subject: The subject we are about to authenticate for.
  * @user_for_subject: The user of the subject we are about to authenticate for.
+ * @subject_is_local: %TRUE if the session for @subject is local.
+ * @subject_is_active: %TRUE if the session for @subject is active.
  * @action_id: The action we are about to authenticate for.
  * @details: Details about the action.
  *
@@ -1285,6 +1287,8 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
                                                            PolkitSubject                     *caller,
                                                            PolkitSubject                     *subject,
                                                            PolkitIdentity                    *user_for_subject,
+                                                           gboolean                           subject_is_local,
+                                                           gboolean                           subject_is_active,
                                                            const gchar                       *action_id,
                                                            PolkitDetails                     *details)
 {
@@ -1303,6 +1307,8 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
                                          caller,
                                          subject,
                                          user_for_subject,
+                                         subject_is_local,
+                                         subject_is_active,
                                          action_id,
                                          details);
     }
@@ -2168,6 +2174,7 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
                                          AuthenticationAgentCallback  callback,
                                          gpointer                     user_data)
 {
+  PolkitBackendInteractiveAuthorityPrivate *priv = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority);
   AuthenticationSession *session;
   gchar *cookie;
   GList *l;
@@ -2199,12 +2206,28 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
   if (implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED ||
       implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED)
     {
+      gboolean is_local = FALSE;
+      gboolean is_active = FALSE;
+      PolkitSubject *session_for_subject = NULL;
+
+      session_for_subject = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
+                                                                                    subject,
+                                                                                    NULL);
+      if (session_for_subject != NULL)
+        {
+          is_local = polkit_backend_session_monitor_is_session_local (priv->session_monitor, session_for_subject);
+          is_active = polkit_backend_session_monitor_is_session_active (priv->session_monitor, session_for_subject);
+        }
+
       identities = polkit_backend_interactive_authority_get_admin_identities (authority,
                                                                               caller,
                                                                               subject,
                                                                               user_of_subject,
+                                                                              is_local,
+                                                                              is_active,
                                                                               action_id,
                                                                               details);
+      g_clear_object (&session_for_subject);
     }
   else
     {
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.h b/src/polkitbackend/polkitbackendinteractiveauthority.h
index 9820dac..80c4cf1 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.h
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.h
@@ -72,6 +72,8 @@ struct _PolkitBackendInteractiveAuthorityClass
                                                                 PolkitSubject                     *caller,
                                                                 PolkitSubject                     *subject,
                                                                 PolkitIdentity                    *user_for_subject,
+                                                                gboolean                           subject_is_local,
+                                                                gboolean                           subject_is_active,
                                                                 const gchar                       *action_id,
                                                                 PolkitDetails                     *details);
 
@@ -126,6 +128,8 @@ GList  *polkit_backend_interactive_authority_get_admin_identities (PolkitBackend
                                                                    PolkitSubject                     *caller,
                                                                    PolkitSubject                     *subject,
                                                                    PolkitIdentity                    *user_for_subject,
+                                                                   gboolean                           subject_is_local,
+                                                                   gboolean                           subject_is_active,
                                                                    const gchar                       *action_id,
                                                                    PolkitDetails                     *details);
 
diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index d71f85f..bdfaa73 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -34,7 +34,9 @@
 
 #include <polkit/polkitprivate.h>
 
+#ifdef HAVE_LIBSYSTEMD_LOGIN
 #include <systemd/sd-login.h>
+#endif /* HAVE_LIBSYSTEMD_LOGIN */
 
 #include <jsapi.h>
 
@@ -113,6 +115,8 @@ static GList *polkit_backend_js_authority_get_admin_auth_identities (PolkitBacke
                                                                      PolkitSubject                     *caller,
                                                                      PolkitSubject                     *subject,
                                                                      PolkitIdentity                    *user_for_subject,
+                                                                     gboolean                           subject_is_local,
+                                                                     gboolean                           subject_is_active,
                                                                      const gchar                       *action_id,
                                                                      PolkitDetails                     *details);
 
@@ -677,6 +681,8 @@ static gboolean
 subject_to_jsval (PolkitBackendJsAuthority  *authority,
                   PolkitSubject             *subject,
                   PolkitIdentity            *user_for_subject,
+                  gboolean                   subject_is_local,
+                  gboolean                   subject_is_active,
                   jsval                     *out_jsval,
                   GError                   **error)
 {
@@ -691,8 +697,6 @@ subject_to_jsval (PolkitBackendJsAuthority  *authority,
   struct passwd *passwd;
   char *seat_str = NULL;
   char *session_str = NULL;
-  gboolean is_local = FALSE;
-  gboolean is_active = FALSE;
 
   src = "new Subject();";
 
@@ -726,13 +730,15 @@ subject_to_jsval (PolkitBackendJsAuthority  *authority,
       g_assert_not_reached ();
     }
 
+#ifdef HAVE_LIBSYSTEMD_LOGIN
   if (sd_pid_get_session (pid, &session_str) == 0)
     {
       if (sd_session_get_seat (session_str, &seat_str) == 0)
-        is_local = TRUE;
-      if (sd_session_is_active (session_str))
-        is_active = TRUE;
+        {
+          /* do nothing */
+        }
     }
+#endif /* HAVE_LIBSYSTEMD_LOGIN */
 
   g_assert (POLKIT_IS_UNIX_USER (user_for_subject));
   uid = polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_for_subject));
@@ -785,8 +791,8 @@ subject_to_jsval (PolkitBackendJsAuthority  *authority,
   set_property_strv (authority, obj, "groups", (const gchar* const *) groups->pdata, groups->len);
   set_property_str (authority, obj, "seat", seat_str);
   set_property_str (authority, obj, "session", session_str);
-  set_property_bool (authority, obj, "local", is_local);
-  set_property_bool (authority, obj, "active", is_active);
+  set_property_bool (authority, obj, "local", subject_is_local);
+  set_property_bool (authority, obj, "active", subject_is_active);
 
   ret = TRUE;
 
@@ -985,6 +991,8 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
                                                        PolkitSubject                     *caller,
                                                        PolkitSubject                     *subject,
                                                        PolkitIdentity                    *user_for_subject,
+                                                       gboolean                           subject_is_local,
+                                                       gboolean                           subject_is_active,
                                                        const gchar                       *action_id,
                                                        PolkitDetails                     *details)
 {
@@ -1007,7 +1015,13 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
       goto out;
     }
 
-  if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error))
+  if (!subject_to_jsval (authority,
+                         subject,
+                         user_for_subject,
+                         subject_is_local,
+                         subject_is_active,
+                         &argv[1],
+                         &error))
     {
       polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
                                     "Error converting subject to JS object: %s",
@@ -1106,7 +1120,13 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu
       goto out;
     }
 
-  if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error))
+  if (!subject_to_jsval (authority,
+                         subject,
+                         user_for_subject,
+                         subject_is_local,
+                         subject_is_active,
+                         &argv[1],
+                         &error))
     {
       polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
                                     "Error converting subject to JS object: %s",
diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
index 0a5d0e8..c7160f3 100644
--- a/test/polkitbackend/test-polkitbackendjsauthority.c
+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
@@ -85,6 +85,8 @@ test_get_admin_identities_for_action_id (const gchar         *action_id,
                                                                                 caller,
                                                                                 subject,
                                                                                 user_for_subject,
+                                                                                TRUE, /* is_local */
+                                                                                TRUE, /* is_active */
                                                                                 action_id,
                                                                                 details);
   for (l = admin_identities, n = 0; l != NULL; l = l->next, n++)


More information about the hal-commit mailing list