diff options
| author | David Zeuthen <davidz@redhat.com> | 2009-06-17 19:02:46 -0400 |
|---|---|---|
| committer | David Zeuthen <davidz@redhat.com> | 2009-06-17 19:02:46 -0400 |
| commit | 433ee3fe61471604e7997183737f6e57474e31aa (patch) | |
| tree | 7cc2fdf4a0ffef37f3e41f3d666e3156a513907b | |
| parent | 517ad0fe9caf02f83edd2f95806ccecd019f085c (diff) | |
Port to polkit-1
| -rw-r--r-- | configure.ac | 6 | ||||
| -rw-r--r-- | data/org.freedesktop.Hostname1.service.in | 2 | ||||
| -rw-r--r-- | policy/Makefile.am | 5 | ||||
| -rw-r--r-- | policy/org.freedesktop.hostname1.policy.in | 2 | ||||
| -rw-r--r-- | src/daemon/Makefile.am | 4 | ||||
| -rw-r--r-- | src/daemon/xdg-hostname-daemon.c | 207 | ||||
| -rw-r--r-- | src/programs/xdg-hostname.c | 79 | ||||
| -rw-r--r-- | src/xdg-hostname/xdg-hostname-error.c | 9 | ||||
| -rw-r--r-- | src/xdg-hostname/xdg-hostname-error.h | 2 |
9 files changed, 107 insertions, 209 deletions
diff --git a/configure.ac b/configure.ac index 0175b93..7ff9fe9 100644 --- a/configure.ac +++ b/configure.ac @@ -134,9 +134,9 @@ PKG_CHECK_MODULES(DBUS_GLIB, [dbus-glib-1 >= 0.73]) AC_SUBST(DBUS_GLIB_CFLAGS) AC_SUBST(DBUS_GLIB_LIBS) -PKG_CHECK_MODULES(POLKIT, [polkit-dbus >= 0.9]) -AC_SUBST(POLKIT_CFLAGS) -AC_SUBST(POLKIT_LIBS) +PKG_CHECK_MODULES(POLKIT_GOBJECT_1, [polkit-gobject-1 >= 0.92]) +AC_SUBST(POLKIT_GOBJECT_1_CFLAGS) +AC_SUBST(POLKIT_GOBJECT_1_LIBS) EXPAT_LIB="" AC_ARG_WITH(expat, [ --with-expat=<dir> Use expat from here], diff --git a/data/org.freedesktop.Hostname1.service.in b/data/org.freedesktop.Hostname1.service.in index 48c8b59..b6d36be 100644 --- a/data/org.freedesktop.Hostname1.service.in +++ b/data/org.freedesktop.Hostname1.service.in @@ -1,4 +1,4 @@ [D-BUS Service] -Name=org.freedesktop.Hostname +Name=org.freedesktop.Hostname1 Exec=@libexecdir@/xdg-hostname-daemon-1 User=root diff --git a/policy/Makefile.am b/policy/Makefile.am index e3447e3..2c7a063 100644 --- a/policy/Makefile.am +++ b/policy/Makefile.am @@ -1,14 +1,11 @@ -hostname1_policydir = $(datadir)/PolicyKit/policy +hostname1_policydir = $(datadir)/polkit-1/actions dist_hostname1_policy_DATA = \ org.freedesktop.hostname1.policy @INTLTOOL_POLICY_RULE@ -check: - polkit-policy-file-validate $(top_srcdir)/policy/$(dist_hostname1_policy_DATA) - clean-local : rm -f *~ *.policy diff --git a/policy/org.freedesktop.hostname1.policy.in b/policy/org.freedesktop.hostname1.policy.in index 5832831..68428d4 100644 --- a/policy/org.freedesktop.hostname1.policy.in +++ b/policy/org.freedesktop.hostname1.policy.in @@ -20,7 +20,7 @@ Copyright (c) 2008 David Zeuthen <davidz@redhat.com>. Licensed under LGPLv2+. <defaults> <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> - <allow_active>auth_self</allow_active> + <allow_active>auth_admin_keep</allow_active> </defaults> </action> diff --git a/src/daemon/Makefile.am b/src/daemon/Makefile.am index 40f958a..d4b900f 100644 --- a/src/daemon/Makefile.am +++ b/src/daemon/Makefile.am @@ -34,14 +34,14 @@ xdg_hostname_daemon_1_CFLAGS = \ $(DBUS_GLIB_CFLAGS) \ $(GLIB_CFLAGS) \ $(GIO_CFLAGS) \ - $(POLKIT_CFLAGS) \ + $(POLKIT_GOBJECT_1_CFLAGS) \ $(NULL) xdg_hostname_daemon_1_LDADD = \ $(DBUS_GLIB_LIBS) \ $(GLIB_LIBS) \ $(GIO_LIBS) \ - $(POLKIT_LIBS) \ + $(POLKIT_GOBJECT_1_LIBS) \ $(top_builddir)/src/xdg-hostname/libxdg-hostname-gobject-1.la \ $(NULL) diff --git a/src/daemon/xdg-hostname-daemon.c b/src/daemon/xdg-hostname-daemon.c index 25f36ad..f10ef2d 100644 --- a/src/daemon/xdg-hostname-daemon.c +++ b/src/daemon/xdg-hostname-daemon.c @@ -33,7 +33,7 @@ #include <dbus/dbus-glib.h> #include <dbus/dbus-glib-lowlevel.h> -#include <polkit-dbus/polkit-dbus.h> +#include <polkit/polkit.h> #include <xdg-hostname/xdg-hostname.h> @@ -66,7 +66,8 @@ struct _XdgHostnameDaemon gboolean inhibit_reading; DBusConnection *system_bus_connection; - PolKitContext *pk_context; + + PolkitAuthority *authority; }; struct _XdgHostnameDaemonClass @@ -195,11 +196,7 @@ xdg_hostname_daemon_constructed (GObject *object) static void xdg_hostname_daemon_finalize (GObject *object) { - XdgHostnameDaemon *daemon; - - g_return_if_fail (XDG_IS_HOSTNAME_DAEMON (object)); - - daemon = XDG_HOSTNAME_DAEMON (object); + XdgHostnameDaemon *daemon = XDG_HOSTNAME_DAEMON (object); g_free (daemon->display_hostname); g_free (daemon->hostname); @@ -213,6 +210,8 @@ xdg_hostname_daemon_finalize (GObject *object) g_free (daemon->transient_hostname); g_free (daemon->transient_icon_name); + g_object_unref (daemon->authority); + G_OBJECT_CLASS (xdg_hostname_daemon_parent_class)->finalize (object); } @@ -467,40 +466,6 @@ xdg_hostname_daemon_class_init (XdgHostnameDaemonClass *klass) dbus_g_object_type_install_info (XDG_TYPE_HOSTNAME_DAEMON, &dbus_glib__xdg_hostname_daemon_object_info); } -static gboolean -pk_io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data) -{ - int fd; - PolKitContext *pk_context = user_data; - fd = g_io_channel_unix_get_fd (channel); - polkit_context_io_func (pk_context, fd); - return TRUE; -} - -static int -pk_io_add_watch (PolKitContext *pk_context, int fd) -{ - guint id = 0; - GIOChannel *channel; - channel = g_io_channel_unix_new (fd); - if (channel == NULL) - goto out; - id = g_io_add_watch (channel, G_IO_IN, pk_io_watch_have_data, pk_context); - if (id == 0) { - g_io_channel_unref (channel); - goto out; - } - g_io_channel_unref (channel); -out: - return id; -} - -static void -pk_io_remove_watch (PolKitContext *pk_context, int watch_id) -{ - g_source_remove (watch_id); -} - XdgHostnameDaemon * xdg_hostname_daemon_new (DBusGConnection *connection, const char *object_path) @@ -515,18 +480,9 @@ xdg_hostname_daemon_new (DBusGConnection *connection, daemon->system_bus_connection = dbus_g_connection_get_connection (connection); - daemon->pk_context = polkit_context_new (); - polkit_context_set_io_watch_functions (daemon->pk_context, pk_io_add_watch, pk_io_remove_watch); - if (!polkit_context_init (daemon->pk_context, NULL)) { - g_warning ("cannot initialize libpolkit"); - goto error; - } + daemon->authority = polkit_authority_get (); return daemon; - - error: - g_object_unref (daemon); - return NULL; } /*--------------------------------------------------------------------------------------------------------------*/ @@ -946,64 +902,83 @@ _xdg_hostname_priv_set_data (SetDataFlags flags, return ret; } -static gboolean -check_polkit_auth (XdgHostnameDaemon *daemon, - DBusGMethodInvocation *context) +/* ---------------------------------------------------------------------------------------------------- */ + +typedef struct { + XdgHostnameDaemon *daemon; + SetDataFlags flags; + gchar *display_hostname; + gchar *hostname; + gchar *icon_name; + gboolean use_transient_data; + DBusGMethodInvocation *context; +} CheckAuthData; + +static void +check_authorization_cb (PolkitAuthority *authority, + GAsyncResult *res, + gpointer user_data) { - gboolean ret; + CheckAuthData *data = user_data; + PolkitAuthorizationResult *result; GError *error; - DBusError d_error; - PolKitAction *pk_action; - PolKitCaller *pk_caller; - PolKitResult pk_result; - const char *sender; - ret = FALSE; - pk_caller = NULL; - pk_action = NULL; - - sender = dbus_g_method_get_sender (context); - - dbus_error_init (&d_error); - pk_caller = polkit_caller_new_from_dbus_name (daemon->system_bus_connection, - sender, - &d_error); - if (pk_caller == NULL) { - error = NULL; - dbus_set_g_error (&error, &d_error); - dbus_g_method_return_error (context, error); + error = NULL; + result = polkit_authority_check_authorization_finish (authority, + res, + &error); + if (error != NULL) { + GError *error2; + error2 = g_error_new (XDG_HOSTNAME_ERROR, + XDG_HOSTNAME_ERROR_PERMISSION_DENIED, + "Authorization check failed: %s", + error->message); + dbus_g_method_return_error (data->context, error2); + g_error_free (error2); g_error_free (error); - dbus_error_free (&d_error); goto out; } - pk_action = polkit_action_new (); - polkit_action_set_action_id (pk_action, "org.freedesktop.hostname1.change"); - pk_result = polkit_context_is_caller_authorized (daemon->pk_context, - pk_action, - pk_caller, - TRUE, - NULL); - if (pk_result == POLKIT_RESULT_YES) { - ret = TRUE; + if (polkit_authorization_result_get_is_authorized (result)) { + /* explicitly left blank */ + } else if (polkit_authorization_result_get_is_challenge (result)) { + error = g_error_new_literal (XDG_HOSTNAME_ERROR, + XDG_HOSTNAME_ERROR_PERMISSION_DENIED, + "Authentication is required to perform operation"); + dbus_g_method_return_error (data->context, error); + goto out; } else { - dbus_error_init (&d_error); - polkit_dbus_error_generate (pk_action, pk_result, &d_error); - error = NULL; - dbus_set_g_error (&error, &d_error); - dbus_g_method_return_error (context, error); + error = g_error_new_literal (XDG_HOSTNAME_ERROR, + XDG_HOSTNAME_ERROR_PERMISSION_DENIED, + "Not authorized to perform operation"); + dbus_g_method_return_error (data->context, error); + goto out; + } + g_object_unref (result); + + error = NULL; + if (!_xdg_hostname_priv_set_data (data->flags, + data->display_hostname, + data->hostname, + data->icon_name, + data->use_transient_data, + &error)) { + dbus_g_method_return_error (data->context, error); g_error_free (error); - dbus_error_free (&d_error); + } else { + dbus_g_method_return (data->context); } + update_data (data->daemon, TRUE, &error); + out: - if (pk_caller != NULL) - polkit_caller_unref (pk_caller); - if (pk_action != NULL) - polkit_action_unref (pk_action); - return ret; + g_free (data->display_hostname); + g_free (data->hostname); + g_free (data->icon_name); + g_free (data); } + static gboolean set_data (XdgHostnameDaemon *daemon, SetDataFlags flags, @@ -1013,27 +988,29 @@ set_data (XdgHostnameDaemon *daemon, gboolean use_transient_data, DBusGMethodInvocation *context) { - GError *error; - - if (!check_polkit_auth (daemon, context)) - goto out; + CheckAuthData *data; + PolkitSubject *subject; + + data = g_new0 (CheckAuthData, 1); + data->flags = flags; + data->daemon = daemon; + data->display_hostname = g_strdup (display_hostname); + data->hostname = g_strdup (hostname); + data->icon_name = g_strdup (icon_name); + data->use_transient_data = use_transient_data; + data->context = context; + + subject = polkit_system_bus_name_new (dbus_g_method_get_sender (context)); + polkit_authority_check_authorization (daemon->authority, + subject, + "org.freedesktop.hostname1.change", + NULL, + POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, + NULL, + (GAsyncReadyCallback) check_authorization_cb, + data); + g_object_unref (subject); - error = NULL; - if (!_xdg_hostname_priv_set_data (flags, - display_hostname, - hostname, - icon_name, - use_transient_data, - &error)) { - dbus_g_method_return_error (context, error); - g_error_free (error); - } else { - dbus_g_method_return (context); - } - - update_data (daemon, TRUE, &error); - - out: return TRUE; } diff --git a/src/programs/xdg-hostname.c b/src/programs/xdg-hostname.c index c02e2d0..4412522 100644 --- a/src/programs/xdg-hostname.c +++ b/src/programs/xdg-hostname.c @@ -26,7 +26,6 @@ #include <unistd.h> #include <dbus/dbus-glib.h> #include <dbus/dbus-glib-lowlevel.h> -#include <polkit-dbus/polkit-dbus.h> #include <xdg-hostname/xdg-hostname.h> @@ -134,63 +133,6 @@ monitor_hostname_data (XdgHostnameMonitor *h) return TRUE; } -static gboolean -polkit_dbus_gerror_parse (GError *error, - PolKitAction **action, - PolKitResult *result) -{ - gboolean ret; - const char *name; - - ret = FALSE; - if (error->domain != DBUS_GERROR || error->code != DBUS_GERROR_REMOTE_EXCEPTION) - goto out; - - name = dbus_g_error_get_name (error); - - ret = polkit_dbus_error_parse_from_strings (name, - error->message, - action, - result); -out: - return ret; -} - -static gboolean -attempt_polkit (GError *error) -{ - gboolean ret; - PolKitAction *pk_action; - PolKitResult pk_result; - - ret = FALSE; - - if (polkit_dbus_gerror_parse (error, - &pk_action, - &pk_result)) { - char *action_id; - - if (polkit_action_get_action_id (pk_action, &action_id)) { - DBusError d_error; - - dbus_error_init (&d_error); - if (polkit_auth_obtain (action_id, - 0, - getpid (), - &d_error)) { - ret = TRUE; - } - if (dbus_error_is_set (&d_error)) { - dbus_error_free (&d_error); - } - } - - polkit_action_unref (pk_action); - } - - return ret; -} - int main (int argc, char *argv[]) { @@ -222,16 +164,10 @@ main (int argc, char *argv[]) } if (opt_set_display_hostname != NULL) { - - retry_display_hostname: if (!xdg_hostname_monitor_set_display_hostname_sync (hostname_monitor, opt_set_display_hostname, NULL, &error)) { - if (attempt_polkit (error)) { - g_error_free (error); - goto retry_display_hostname; - } g_printerr ("Error setting display-hostname: %s\n", error->message); g_error_free (error); goto out; @@ -239,15 +175,10 @@ main (int argc, char *argv[]) } if (opt_set_hostname != NULL) { - retry_hostname: if (!xdg_hostname_monitor_set_hostname_sync (hostname_monitor, opt_set_hostname, NULL, &error)) { - if (attempt_polkit (error)) { - g_error_free (error); - goto retry_hostname; - } g_printerr ("Error setting hostname: %s\n", error->message); g_error_free (error); goto out; @@ -255,15 +186,10 @@ main (int argc, char *argv[]) } if (opt_set_icon_name != NULL) { - retry_icon_name: if (!xdg_hostname_monitor_set_icon_name_sync (hostname_monitor, opt_set_icon_name, NULL, &error)) { - if (attempt_polkit (error)) { - g_error_free (error); - goto retry_icon_name; - } g_printerr ("Error setting icon-name: %s\n", error->message); g_error_free (error); goto out; @@ -279,15 +205,10 @@ main (int argc, char *argv[]) g_ascii_strcasecmp (opt_set_use_transient_data, "yes") == 0) val = TRUE; - retry_use_transient_data: if (!xdg_hostname_monitor_set_use_transient_data_sync (hostname_monitor, val, NULL, &error)) { - if (attempt_polkit (error)) { - g_error_free (error); - goto retry_use_transient_data; - } g_printerr ("Error setting use-transient-data: %s\n", error->message); g_error_free (error); goto out; diff --git a/src/xdg-hostname/xdg-hostname-error.c b/src/xdg-hostname/xdg-hostname-error.c index d6a0313..07de2cb 100644 --- a/src/xdg-hostname/xdg-hostname-error.c +++ b/src/xdg-hostname/xdg-hostname-error.c @@ -34,7 +34,7 @@ * @short_description: Error domain for xdg-hostname * @include: xdghostname/xdghostname.h * - * Error domain for xdg-hostname + * Error domain for xdg-hostname. */ /** @@ -43,7 +43,7 @@ * Gets the #XdgHostnameError Quark. * * Return value: a #GQuark. - **/ + */ GQuark xdg_hostname_error_quark (void) { @@ -59,8 +59,9 @@ xdg_hostname_error_get_type (void) if (etype == 0) { static const GEnumValue values[] = { - ENUM_ENTRY (XDG_HOSTNAME_ERROR_FAILED, "Failed"), - ENUM_ENTRY (XDG_HOSTNAME_ERROR_NOT_SUPPORTED, "NotSupported"), + ENUM_ENTRY (XDG_HOSTNAME_ERROR_FAILED, "Failed"), + ENUM_ENTRY (XDG_HOSTNAME_ERROR_NOT_SUPPORTED , "NotSupported"), + ENUM_ENTRY (XDG_HOSTNAME_ERROR_PERMISSION_DENIED, "PermissionDenied"), { 0, 0, 0 } }; g_assert (XDG_HOSTNAME_ERROR_NUM_ERRORS == G_N_ELEMENTS (values) - 1); diff --git a/src/xdg-hostname/xdg-hostname-error.h b/src/xdg-hostname/xdg-hostname-error.h index 723bb5d..7372928 100644 --- a/src/xdg-hostname/xdg-hostname-error.h +++ b/src/xdg-hostname/xdg-hostname-error.h @@ -50,12 +50,14 @@ GType xdg_hostname_error_get_type (void) G_GNUC_CONST; * XdgHostnameErrorEnum: * @XDG_HOSTNAME_ERROR_FAILED: The operation failed. * @XDG_HOSTNAME_ERROR_NOT_SUPPORTED: Operation not supported. + * @XDG_HOSTNAME_ERROR_PERMISSION_DENIED: Permission denied. * * Error codes returned by xdg-hostname functions. */ typedef enum { XDG_HOSTNAME_ERROR_FAILED, XDG_HOSTNAME_ERROR_NOT_SUPPORTED, + XDG_HOSTNAME_ERROR_PERMISSION_DENIED, XDG_HOSTNAME_ERROR_NUM_ERRORS } XdgHostnameErrorEnum; |