| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
New org.freedesktop.SystemToolsBackends.Authenticate interface, which can be called on all modules. This method takes no arguments, and returns a boolean, or error for cancelled or failed. It's implemented via dispatcher_filter_func(), calling dispatch_auth_message().
New check_polkit_auth() function to centralize PolicyKit authorizations handling, returning error when needed. We now require PolicyKit instead of it being an optional dependency, and need version 0.94 so that we can remove the PID checking workaround.
PolicyKit action for SelfConfig is now really used, so set it to "yes" since settings that can be changed that way are minor (just like the old behavior).
|
|
Never allow an UID of 0 to pass, in case of strange failure. Use gulong for UID since it's what D-Bus uses.
|
|
SelfConfig is now a real object, and a dispatcher redirects messages with the UID of the caller. Rename a few calls that were naming it user_config, to avoid any confusion with the general UserConfig.
Add SelfConfig.pm, only accepting GECOS fields, locale and location, since other parameters can't be changed without admin authentication. Old and new passwords are required, since we'll use PAM to change it. Add Users.pm::[sg]et_self() to handle the DBus methods. Update DBus config file as needed.
|
|
Going through UsersConfig to commit changes to users is not the best solution since this can affect users that were not edited in case of a bug on the client's side. Thus, remove UsersConfig::set() in favor of new UserConfig::add(), del() and set(), which take a generic user structure. Allow these functions in dispatcher.c, but always check for "set" PolicyKit authorization (making distinction between "add", "set", "del" makes no sense at this point).
Add some fields to the user struct to be used later: encrypted home, locale and location, plus password and home directory flags. GID is now an unsigned 32 bits integer, with its max value meaning no group.
Rename D-Bus interfaces to UserConfig2 and UsersConfig2, since we break compatibility. Update DBus config file to reflect that.
|
|
D-Bus activation can return an error if we daemonize, so we should not do this be default, and let D-Bus daemonize the dispatcher. Thus, add a -D option to force this behavior if needed, and make -n a no-op. In the process, the commit removes the handling of the old STB_NO_DAEMON envvar, which has become useless. This fixes https://bugs.launchpad.net/bugs/411533. See also an explanation at https://bugzilla.gnome.org/show_bug.cgi?id=583356.
|
|
s-t-b is system service and unprivileged users cannot run it. So it must be
moved to sbindir.
|
|
Patch used downstream by Ubuntu.
|
|
Errors from polkit_authority_check_authorization_sync() are not related to getting the PID of the caller, and they should be self-explanative.
|
|
On the client side, GUIs should use PolkitLockButton from libpolkit-gtk-1, which uses PID to identify process. For now, PolicyKit requires us to use PIDs on both sides to work correctly. This commit is separate to allow reverting it or making it simpler if PolicyKit's API improves.
|
|
We can remove many parts of the code thanks to the new version. This is fully incompatible with previous API of PolicyKit, so clients need to be updated too. This patch uses D-Bus connexion to identify the client, which does not work for now with PolkitLockButton in the GUI. Next patch fixes that, but could possibly be reverted or simplified later.
|
|
|
|
This fixes authorization DB not being updated after the cache has been populated, which did lead to s-t-b not getting to know about new authorized processes.
|
|
|
|
if something went wrong.
|
|
|
|
|
|
initscript anymore.
* configure.in: bumped DBus requirement to 1.1.2, install service files in system-services directory.
* services/*.in:
* org.freedesktop.SystemToolsBackends.service.in: Tell them to run with User=root.
* system-tools-backends.conf.in: Removed, autofoo doesn't need to modify anything here anymore, new file is
* system-tools-backends.conf: Added, contains new DBus rules. Basically, users can only access the dispatcher, only the user running the dispatcher (root) will be able to communicate with the backend modules. This is done so the dispatcher can check user permissions, etc...
* Makefile.am: install new configuration file
* dispatcher/dispatcher.c: do not spawn any private DBus, from now on, all communications will happen in the system bus, being the services spawned when they're required.
* Utils/DBus.pm (get_bus): Make backend modules use the system bus.
|
|
|
|
any configuration file has changed.
Now, configuration modules have to implement the getFiles method, so the dispatcher can query it and monitor the relevant files.
* dispatcher/file-monitor.[ch]: new object
* dispatcher/dispatcher.c: query files and at them to the monitor
* configure.in: look optionally for Gio. This feature will not be compiled if Gio is not found.
* dispatcher/Makefile.am: make necessary changes.
|
|
* dispatcher/dispatcher.[ch] (stb_dispatcher_[gs]et_debug): Added. Added some debug messages to the message dispatching flux.
* dispatcher/main.c: turn debugging on when -d is passed.
|
|
requester uid.
* system-tools-backends.policy: add org.freedesktop.systemtoolsbackends.self.set action.
* dispatcher.c (can_caller_do_action): add additional argument to set individual names for actions.
(dispatch_stb_message): add parameter to pass a serial id around to forge the response.
(dispatch_platform_message), (dispatcher_filter_func): update callers.
(dispatch_user_config): new, creates and dispatch a UserConfig message for a SelfConfig request.
|
|
Separate dispatch_platform_message() from dispatch_stb_message(), also just dispatch messages to the introspectable interface
|
|
If PolicyKit is found, s-t-b will ask it whether the user is allowed for the policy "org.freedesktop.systemtoolsbackends.set" before applying any change. The policy is configured to ask for admin password by default.
|
|
StbDispatcher lives in dispatcher.[ch] and the main routine lives in main.c
|
|
* dispatcher/dispatcher.c (get_destination): be more paranoid checking
the destination path before creating the forwarded copy.
(dispatch_stb_message): do not leak the copy if there was something
wrong with the destination.
|
|
* dispatcher/dispatcher.c: do not read trash from private DBus stdout,
problem spotted by seb128
|
|
* dispatcher/dispatcher.c: catch DBus errors, kill the private bus if
there was any fatal error.
|
|
* configure.in, dispatcher/dispatcher.c: use localstatedir for the
pidfile location based on the autogen/configure arguments.
|
|
* dispatcher/dispatcher.c (daemonize): Oops, create the pid file if it
doesn't exist, also close unneeded file descriptors.
|
|
Merge c-dispatcher branch, adds a lightweight dispatcher which raises
configuration modules on demand, reducing memory use during inactivity
and allowing the development of modules in other languages than Perl.
2006-10-24 Carlos Garnacho <carlosg@gnome.org>
* dispatcher/dispatcher.c: exit() on SIGTERM.
2006-10-24 Carlos Garnacho <carlosg@gnome.org>
Continued work on the dispatcher, I think it's now feature complete
enough to work.
* StbObject.pm: base object for s-t-b services, does all
initialization and common stuff.
* GroupsConfig.pm, HostsConfig.pm, IfacesConfig.pm, NFSConfig.pm,
NTPConfig.pm, SMBConfig.pm, ServicesConfig.pm, TimeConfig.pm,
UsersConfig.pm: inherit from StbObject, keep message format in a
variable to avoid duplicates.
* Utils/Platform.pm: move DBus code to Platform.pm.
* Platform.pm: added, new DBus object.
* Utils/Backend.pm: ensure system and platform.
* Init/Services.pm: code improvements for archlinux
* dispatcher/dispatcher.c: Add license, make it raise it's own private
session bus to spawn configuration modules, cache platform and return
it when asked, create a copy of the message to pass around (seems to
be necessary by design)
* services/*: added, used to raise configuration modules.
* configure.in, Makefile.am: added services directory stuff.
2006-10-13 Carlos Garnacho <carlosg@gnome.org>
* dispatcher/dispatcher.c (daemonize): added, function to make the
dispatcher become a daemon.
2006-10-12 Carlos Garnacho <carlosg@gnome.org>
beginnings of a really lightweight dispatcher written in C, this way
the modules will only be loaded when necessary, reducing memory usage
and allowing to develop modules in other languages than Perl.
* dispatcher/dispatcher.c, Makefile.am: added, first draft of the
dispatcher, it already forwards messages and sends replies back and
tries to raise modules in the session bus
* Makefile.am: add the dispatcher directory.
* configure.in: require GLib to build the dispatcher, maybe this dep
could be dropped at some point in the future, if I don't feel too
lazy...
* Utils/Backend.pm: remove --no-daemon and --session-bus parameters,
should be no longer needed. Add --disable-shutdown for testing
purposes, as modules are supposed to shutdown automatically after some
inactivity. Add --module parameter to raise a configuration module.
* GroupsConfig.pm, HostsConfig.pm, IfacesConfig.pm, NFSConfig.pm,
NTPConfig.pm, SMBConfig.pm, ServicesConfig.pm, TimeConfig.pm,
UsersConfig.pm: create the DBus object by themselves.
* SystemToolsBackends.pl.in: do not create all the DBus objects, just
the one we want to raise, this way the script becomes a loader for
services instead of a service itself.
|
