PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Wed Jun 6 11:34:47 PDT 2012
configure.ac | 1
src/polkitbackend/polkitbackendinteractiveauthority.c | 23 ++++++++++
src/polkitbackend/polkitbackendinteractiveauthority.h | 4 +
src/polkitbackend/polkitbackendjsauthority.c | 38 +++++++++++++-----
test/polkitbackend/test-polkitbackendjsauthority.c | 2
5 files changed, 59 insertions(+), 9 deletions(-)
New commits:
commit 3d007cbc5d4a1560cdcca08b5ca0401371fc7b77
Author: David Zeuthen <zeuthen at gmail.com>
Date: Wed Jun 6 14:32:26 2012 -0400
Make it work when using ConsoleKit instead of libsystemd-login
... although it would be nicer to just rip out the CK bits and simply
hard-require libsystemd-login instead - it should work just fine on
non-systemd systems, same way systemd-udev works fine there.
Signed-off-by: David Zeuthen <zeuthen at gmail.com>
diff --git a/configure.ac b/configure.ac
index 4cb7329..326646c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -169,6 +169,7 @@ if test "$enable_libsystemd_login" != "no"; then
have_libsystemd_login=no)
if test "$have_libsystemd_login" = "yes"; then
SESSION_TRACKING=libsystemd-login
+ AC_DEFINE([HAVE_LIBSYSTEMD_LOGIN], 1, [Define to 1 if libsystemd-login is available])
else
if test "$enable_libsystemd_login" = "yes"; then
AC_MSG_ERROR([libsystemd-login support requested but libsystemd-login library not found])
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 86e7134..1d4a555 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -1270,6 +1270,8 @@ check_authorization_sync (PolkitBackendAuthority *authority,
* @caller: The subject that is inquiring whether @subject is authorized.
* @subject: The subject we are about to authenticate for.
* @user_for_subject: The user of the subject we are about to authenticate for.
+ * @subject_is_local: %TRUE if the session for @subject is local.
+ * @subject_is_active: %TRUE if the session for @subject is active.
* @action_id: The action we are about to authenticate for.
* @details: Details about the action.
*
@@ -1285,6 +1287,8 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
PolkitSubject *caller,
PolkitSubject *subject,
PolkitIdentity *user_for_subject,
+ gboolean subject_is_local,
+ gboolean subject_is_active,
const gchar *action_id,
PolkitDetails *details)
{
@@ -1303,6 +1307,8 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
caller,
subject,
user_for_subject,
+ subject_is_local,
+ subject_is_active,
action_id,
details);
}
@@ -2168,6 +2174,7 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
AuthenticationAgentCallback callback,
gpointer user_data)
{
+ PolkitBackendInteractiveAuthorityPrivate *priv = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority);
AuthenticationSession *session;
gchar *cookie;
GList *l;
@@ -2199,12 +2206,28 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
if (implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED ||
implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED)
{
+ gboolean is_local = FALSE;
+ gboolean is_active = FALSE;
+ PolkitSubject *session_for_subject = NULL;
+
+ session_for_subject = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
+ subject,
+ NULL);
+ if (session_for_subject != NULL)
+ {
+ is_local = polkit_backend_session_monitor_is_session_local (priv->session_monitor, session_for_subject);
+ is_active = polkit_backend_session_monitor_is_session_active (priv->session_monitor, session_for_subject);
+ }
+
identities = polkit_backend_interactive_authority_get_admin_identities (authority,
caller,
subject,
user_of_subject,
+ is_local,
+ is_active,
action_id,
details);
+ g_clear_object (&session_for_subject);
}
else
{
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.h b/src/polkitbackend/polkitbackendinteractiveauthority.h
index 9820dac..80c4cf1 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.h
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.h
@@ -72,6 +72,8 @@ struct _PolkitBackendInteractiveAuthorityClass
PolkitSubject *caller,
PolkitSubject *subject,
PolkitIdentity *user_for_subject,
+ gboolean subject_is_local,
+ gboolean subject_is_active,
const gchar *action_id,
PolkitDetails *details);
@@ -126,6 +128,8 @@ GList *polkit_backend_interactive_authority_get_admin_identities (PolkitBackend
PolkitSubject *caller,
PolkitSubject *subject,
PolkitIdentity *user_for_subject,
+ gboolean subject_is_local,
+ gboolean subject_is_active,
const gchar *action_id,
PolkitDetails *details);
diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
index d71f85f..bdfaa73 100644
--- a/src/polkitbackend/polkitbackendjsauthority.c
+++ b/src/polkitbackend/polkitbackendjsauthority.c
@@ -34,7 +34,9 @@
#include <polkit/polkitprivate.h>
+#ifdef HAVE_LIBSYSTEMD_LOGIN
#include <systemd/sd-login.h>
+#endif /* HAVE_LIBSYSTEMD_LOGIN */
#include <jsapi.h>
@@ -113,6 +115,8 @@ static GList *polkit_backend_js_authority_get_admin_auth_identities (PolkitBacke
PolkitSubject *caller,
PolkitSubject *subject,
PolkitIdentity *user_for_subject,
+ gboolean subject_is_local,
+ gboolean subject_is_active,
const gchar *action_id,
PolkitDetails *details);
@@ -677,6 +681,8 @@ static gboolean
subject_to_jsval (PolkitBackendJsAuthority *authority,
PolkitSubject *subject,
PolkitIdentity *user_for_subject,
+ gboolean subject_is_local,
+ gboolean subject_is_active,
jsval *out_jsval,
GError **error)
{
@@ -691,8 +697,6 @@ subject_to_jsval (PolkitBackendJsAuthority *authority,
struct passwd *passwd;
char *seat_str = NULL;
char *session_str = NULL;
- gboolean is_local = FALSE;
- gboolean is_active = FALSE;
src = "new Subject();";
@@ -726,13 +730,15 @@ subject_to_jsval (PolkitBackendJsAuthority *authority,
g_assert_not_reached ();
}
+#ifdef HAVE_LIBSYSTEMD_LOGIN
if (sd_pid_get_session (pid, &session_str) == 0)
{
if (sd_session_get_seat (session_str, &seat_str) == 0)
- is_local = TRUE;
- if (sd_session_is_active (session_str))
- is_active = TRUE;
+ {
+ /* do nothing */
+ }
}
+#endif /* HAVE_LIBSYSTEMD_LOGIN */
g_assert (POLKIT_IS_UNIX_USER (user_for_subject));
uid = polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_for_subject));
@@ -785,8 +791,8 @@ subject_to_jsval (PolkitBackendJsAuthority *authority,
set_property_strv (authority, obj, "groups", (const gchar* const *) groups->pdata, groups->len);
set_property_str (authority, obj, "seat", seat_str);
set_property_str (authority, obj, "session", session_str);
- set_property_bool (authority, obj, "local", is_local);
- set_property_bool (authority, obj, "active", is_active);
+ set_property_bool (authority, obj, "local", subject_is_local);
+ set_property_bool (authority, obj, "active", subject_is_active);
ret = TRUE;
@@ -985,6 +991,8 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
PolkitSubject *caller,
PolkitSubject *subject,
PolkitIdentity *user_for_subject,
+ gboolean subject_is_local,
+ gboolean subject_is_active,
const gchar *action_id,
PolkitDetails *details)
{
@@ -1007,7 +1015,13 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA
goto out;
}
- if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error))
+ if (!subject_to_jsval (authority,
+ subject,
+ user_for_subject,
+ subject_is_local,
+ subject_is_active,
+ &argv[1],
+ &error))
{
polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
"Error converting subject to JS object: %s",
@@ -1106,7 +1120,13 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu
goto out;
}
- if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error))
+ if (!subject_to_jsval (authority,
+ subject,
+ user_for_subject,
+ subject_is_local,
+ subject_is_active,
+ &argv[1],
+ &error))
{
polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
"Error converting subject to JS object: %s",
diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
index 0a5d0e8..c7160f3 100644
--- a/test/polkitbackend/test-polkitbackendjsauthority.c
+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
@@ -85,6 +85,8 @@ test_get_admin_identities_for_action_id (const gchar *action_id,
caller,
subject,
user_for_subject,
+ TRUE, /* is_local */
+ TRUE, /* is_active */
action_id,
details);
for (l = admin_identities, n = 0; l != NULL; l = l->next, n++)
More information about the hal-commit
mailing list