Some help with PolicyKit basics

Robert Ancell robert.ancell at gmail.com
Mon Jul 27 01:34:07 PDT 2009 

Attaching updated example (works well for me).  Please feedback if it
is not doing the right calls.  I haven't updated it to use the new
polkit-gtk button but that will be the next step.

2009/7/27 David Zeuthen <david at fubar.dk>:
> On Fri, 2009-07-24 at 17:40 +1000, Robert Ancell wrote:
>> Hi,
>>
>> I'm trying to learn how to use PolicyKit for configuration of a
>> server.  Find attached a demo program (which I plan to post as a a
>> tutorial) which does the following:
>> - Has a server providing a method "Reflect" which reverses a string
>> - Has a client with a text entry that uses that uses the server to
>> reflect entered text
>> - The client has an "unlock" button that should authorize with the PolKit once
>>
>> Note I've tried to make the simplest example not the most efficient.
>
> The code doesn't really compile without mirror.h...
>
>> I've been stumbling along for a while and am in need of some help:
>> - I've used POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION in
>> polkit_authority_check_authorization_sync to prompt the user for
>> authentication but sometimes it just blocks for ages instead of
>> popping up the dialog.  When should I use this flag and when let the
>> client do the authorization?
>> - I haven't been able to get the client to manually authorize or have
>> persistent authorization, how do I do this?
>> - Any pointers?
>>
>> The documentation I have been working from:
>> http://dbus.freedesktop.org/doc/dbus-specification.html
>> http://hal.freedesktop.org/docs/PolicyKit/
>> http://people.freedesktop.org/~david/polkit-0.92-newdocs/
>> http://cgit.freedesktop.org/PolicyKit/tree/docs/PORTING-GUIDE
>
> First you appear to be mixing the new PolicyKit version with the old one
> (the server links against polkit-gobject-1, the client against
> polkit-dbus). In the new PolicyKit, with version > 0.90) the client is
> not supposed to know anything about PolicyKit at all - it simply invokes
> methods on the server and the server simply does authorization checks
> using polkit. If the server passes ALLOW_USER_INTERACTION to polkit it
> means that Authentication Dialogs may appear - but the client would
> never need to know anything about this. In fact, the client itself
> _cannot_ even speak to PolicyKit - it is not allowed.
>
> It is not clear to me what exactly you are trying to achieve - are you
> trying to do stuff that works like the OS X lock? For example
>
> http://lh4.ggpht.com/dr.k.anil/SE5J8JltXOI/AAAAAAAACe4/b9a-eq03RV8/accounts.jpg
>
> If so, you need to add support for this in the Server itself, e.g.
> something like
>
>  interface com.example.Mirror {
>   /// Returns %TRUE if the configuration interface is locked for the
>   /// caller - e.g. Conf*() methods will require authentication
>   GetIsLocked (OUT boolean is_locked);
>
>   /// Returns %TRUE iff the configuration can be unlocked
>   GetCanUnlock (OUT boolean can_be_unlocked);
>
>   /// Returns %TRUE iff the configuration can be locked
>   GetCanLock (OUT boolean can_be_locked);
>
>   /// Unlock the interface for the caller so the caller can call
>   /// Conf*() methods without authenticating
>   Unlock();
>
>   /// Lock the configuration interface - caller can no longer call
>   /// Conf*() methods without authenticating.
>   Lock();
>
>   /// Emitted when the lock status changes - all callers should
>   /// check with GetIsLocked()
>   signal LockChanged();
>
>   /// --- Actual methods
>
>   ConfMethod1(...);
>   ConfMethod2(...);
>   ...
>  };
>
> Note that GetIsLocked() depends on the actual caller (the configuration
> interface may be locked for one caller and unlocked for another one) -
> so it cannot be a property. For the same reasons the LockChanged()
> signal doesn't include the state.
>
> So, anyway, with a design like this, then on the server side
>
>  - You would use CheckAuthorization() without ALLOW_USER_INTERACTION for
>   when implementing GetIsLocked() and GetCanUnlock()
>
>  - For Unlock() you would use ALLOW_USER_INTERACTION
>
>  - For Lock() you will need some API not yet added (CheckAuthorization()
>   needs to return the tmp authz identifier - and we need a way to
>   revoke a tmp authz by id).
>
> On the client side
>
>  - Use GetCanUnlock(), GetCanLock() and GetIsLocked() to render the lock
>   icon and decide if it is sensitive or not. You'd use Unlock() and
>   Lock() when the user clicks the lock.
>
> Hmm, it might be nice to have library API for doing all this since it is
> rather complicated. Like, we'd have some code in polkit-gobject-1 to do
> the server side bits and maybe a polkit-gtk-1 library for the client
> side bits. Unfortunately we don't have a nice D-Bus library for GLib
> just yet so it is not yet feasible to do the server side bits just
> yet...
>
> Hope this helps.
>
>    David
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Makefile
Type: application/octet-stream
Size: 602 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0003.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mirror.conf
Type: application/octet-stream
Size: 419 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0004.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mirror.policy
Type: application/octet-stream
Size: 640 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0005.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mirror.xml
Type: text/xml
Size: 478 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0001.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mirror-client.c
Type: text/x-csrc
Size: 2742 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0002.c 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mirror-server.c
Type: text/x-csrc
Size: 4454 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0003.c 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mirror-server.h
Type: text/x-chdr
Size: 998 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/polkit-devel/attachments/20090727/2598bb70/attachment-0001.h

More information about the polkit-devel mailing list