1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
/***************************************************************************
* *
* liblazy *
* *
* Copyright (C) 2006 Holger Macht <holger@homac.de> *
* *
* Author(s): Holger Macht <holger@homac.de> *
* *
* This library is free software; you can redistribute it and/or modify it *
* under the terms of the GNU Lesser General Public License as published *
* by the Free Software Foundation; either version 2.1 of the License, or *
* (at your option) any later version. *
* *
* This library is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
* Lesser General Public License for more details. *
* *
* You should have received a copy of the GNU Lesser General Public *
* License along with this library; if not, write to the Free Software *
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA *
* 02110-1301 USA *
* *
***************************************************************************/
#include "liblazy.h"
#include "liblazy_local.h"
#include <stdio.h>
#include <stdlib.h>
#include <pwd.h>
#include <string.h>
#include <errno.h>
#define DBUS_POLKIT_SERVICE "org.freedesktop.PolicyKit"
#define DBUS_POLKIT_PATH "/org/freedesktop/PolicyKit/Manager"
#define DBUS_POLKIT_INTERFACE "org.freedesktop.PolicyKit.Manager"
int liblazy_polkit_is_user_allowed_by_name(char *user,
char *privilege,
char *ressource)
{
DBusMessage *reply;
DBusError dbus_error;
DBusConnection *dbus_connection;
const char *unique_name;
int is_allowed;
int error = 0;
if (user == NULL || privilege == NULL )
return LIBLAZY_ERROR_INVALID_ARGUMENT;
dbus_error_init(&dbus_error);
dbus_connection = dbus_bus_get(DBUS_BUS_SYSTEM, &dbus_error);
if (dbus_error_is_set(&dbus_error)) {
ERROR("Connection to dbus not ready, skipping privilege "
"lookup for privilege %s for user %s: %s\n",
privilege, user, dbus_error.message);
dbus_error_free(&dbus_error);
return LIBLAZY_ERROR_DBUS_NOT_READY;
}
unique_name = dbus_bus_get_unique_name(dbus_connection);
if (ressource == NULL)
ressource = "";
error = liblazy_dbus_system_send_method_call(DBUS_POLKIT_SERVICE,
DBUS_POLKIT_PATH,
DBUS_POLKIT_INTERFACE,
"IsUserPrivileged",
&reply,
DBUS_TYPE_STRING, &unique_name,
DBUS_TYPE_STRING, &user,
DBUS_TYPE_STRING, &privilege,
DBUS_TYPE_STRING, &ressource,
DBUS_TYPE_INVALID);
if (error)
return error;
error = liblazy_dbus_message_get_basic_arg(reply, DBUS_TYPE_BOOLEAN,
&is_allowed, 0);
if (reply != NULL)
dbus_message_unref(reply);
if (error)
return error;
return is_allowed;
}
int liblazy_polkit_is_user_allowed_by_uid(int uid, char *privilege,
char *ressource)
{
struct passwd *pw = getpwuid(uid);
if (pw == NULL) {
ERROR("Could not get current username: %s", strerror(errno));
return LIBLAZY_ERROR_GENERAL;
}
return liblazy_polkit_is_user_allowed_by_name(pw->pw_name, privilege,
ressource);
}
int liblazy_polkit_is_user_allowed(char *privilege, char *ressource)
{
char *user = getenv("USER");
return liblazy_polkit_is_user_allowed_by_name(user, privilege,
ressource);
}
|