session-info: check if session belongs to user

session-info back-ends such as console-kit and systemd-login have the concept of session's class which informs if session belongs to user or not [0]. We can disable features based on the session class. [0] Display-Managers are 'Greeter' and Display lock screens are 'lock-screen' This patch introduces session_info_is_user() and disable file-xfer in case agent's session does not belong to the 'user' class. As the session-info data is hold by vdagentd, this patch also introduces VDAGENTD_FILE_XFER_DISABLE message to disable file-xfer that is done in vdagent. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1328761 Acked-by: Jonathon Jongsma <jjongsma@redhat.com>
author: Victor Toso <victortoso@redhat.com> 2016-04-21 10:32:50 +0200
committer: Victor Toso <victortoso@redhat.com> 2016-05-04 09:23:32 +0200
commit: 4c0e9c965e059ba2b884e66f0402e061a9d886a6 (patch)
tree: 1ba6c74defaf2910761b1958974bbe9e07cfac3f
parent: 1700c0244f37dc67a48519765543ddd7c3f4c17b (diff)
8 files changed, 58 insertions, 0 deletions
diff --git a/src/console-kit.c b/src/console-kit.c
index 3dd40d9..489dd61 100644
--- a/src/console-kit.c
+++ b/src/console-kit.c
@@ -504,3 +504,9 @@ gboolean session_info_session_is_locked(struct session_info *info)
     }
     return locked;
 }
+
+gboolean session_info_is_user(struct session_info *info)
+{
+    /* TODO */
+    return TRUE;
+}
diff --git a/src/dummy-session-info.c b/src/dummy-session-info.c
index e7a716f..8ffe5e4 100644
--- a/src/dummy-session-info.c
+++ b/src/dummy-session-info.c
@@ -49,3 +49,8 @@ gboolean session_is_locked(struct session_info *ck)
 {
     return FALSE;
 }
+
+gboolean session_info_is_user(struct session_info *si)
+{
+    return TRUE;
+}
diff --git a/src/session-info.h b/src/session-info.h
index f395dbf..c8edb86 100644
--- a/src/session-info.h
+++ b/src/session-info.h
@@ -38,5 +38,6 @@ const char *session_info_get_active_session(struct session_info *ck);
 char *session_info_session_for_pid(struct session_info *ck, uint32_t pid);
 
 gboolean session_info_session_is_locked(struct session_info *si);
+gboolean session_info_is_user(struct session_info *si);
 
 #endif
diff --git a/src/systemd-login.c b/src/systemd-login.c
index e86b7f2..fa59348 100644
--- a/src/systemd-login.c
+++ b/src/systemd-login.c
@@ -231,3 +231,29 @@ gboolean session_info_session_is_locked(struct session_info *si)
     si_dbus_read_signals(si);
     return si->session_is_locked;
 }
+
+/* This function should only be called after session_info_get_active_session
+ * in order to verify if active session belongs to user (non greeter) */
+gboolean session_info_is_user(struct session_info *si)
+{
+    gchar *class = NULL;
+    gboolean ret;
+
+    g_return_val_if_fail (si != NULL, TRUE);
+    g_return_val_if_fail (si->session != NULL, TRUE);
+
+    if (sd_session_get_class(si->session, &class) != 0) {
+        syslog(LOG_WARNING, "Unable to get class from session: %s",
+               si->session);
+        return TRUE;
+    }
+
+    if (si->verbose)
+        syslog(LOG_DEBUG, "(systemd-login) class for %s is %s",
+               si->session, class);
+
+    ret = (g_strcmp0(class, "user") == 0);
+    g_free(class);
+
+    return ret;
+}
diff --git a/src/vdagent.c b/src/vdagent.c
index 9c619ef..a3cdd9b 100644
--- a/src/vdagent.c
+++ b/src/vdagent.c
@@ -110,6 +110,15 @@ static void daemon_read_complete(struct udscs_connection **connp,
         }
         free(data);
         break;
+    case VDAGENTD_FILE_XFER_DISABLE:
+        if (debug)
+            syslog(LOG_DEBUG, "Disabling file-xfers");
+
+        if (vdagent_file_xfers != NULL) {
+            vdagent_file_xfers_destroy(vdagent_file_xfers);
+            vdagent_file_xfers = NULL;
+        }
+        break;
     case VDAGENTD_AUDIO_VOLUME_SYNC: {
         VDAgentAudioVolumeSync *avs = (VDAgentAudioVolumeSync *)data;
         if (avs->is_playback) {
diff --git a/src/vdagentd-proto-strings.h b/src/vdagentd-proto-strings.h
index 86332f9..6e7bcee 100644
--- a/src/vdagentd-proto-strings.h
+++ b/src/vdagentd-proto-strings.h
@@ -34,6 +34,7 @@ static const char * const vdagentd_messages[] = {
         "file xfer start",
         "file xfer status",
         "file xfer data",
+        "file xfer disable",
         "client disconnected",
 };
 
diff --git a/src/vdagentd-proto.h b/src/vdagentd-proto.h
index b181105..9815488 100644
--- a/src/vdagentd-proto.h
+++ b/src/vdagentd-proto.h
@@ -40,6 +40,7 @@ enum {
     VDAGENTD_FILE_XFER_START,
     VDAGENTD_FILE_XFER_STATUS,
     VDAGENTD_FILE_XFER_DATA,
+    VDAGENTD_FILE_XFER_DISABLE,
     VDAGENTD_CLIENT_DISCONNECTED,  /* daemon -> client */
     VDAGENTD_NO_MESSAGES /* Must always be last */
 };
diff --git a/src/vdagentd.c b/src/vdagentd.c
index c9a085c..a699681 100644
--- a/src/vdagentd.c
+++ b/src/vdagentd.c
@@ -644,6 +644,15 @@ static void update_active_session_connection(struct udscs_connection *new_conn)
     active_session_conn = new_conn;
     if (debug)
         syslog(LOG_DEBUG, "%p is now the active session", new_conn);
+
+    if (active_session_conn && !session_info_is_user(session_info)) {
+        if (debug)
+            syslog(LOG_DEBUG, "New session agent does not belong to user: "
+                   "disabling file-xfer");
+        udscs_write(active_session_conn, VDAGENTD_FILE_XFER_DISABLE, 0, 0,
+                    NULL, 0);
+    }
+
     if (active_session_conn && mon_config)
         udscs_write(active_session_conn, VDAGENTD_MONITORS_CONFIG, 0, 0,
                     (uint8_t *)mon_config, sizeof(VDAgentMonitorsConfig) +
author	Victor Toso <victortoso@redhat.com>	2016-04-21 10:32:50 +0200
committer	Victor Toso <victortoso@redhat.com>	2016-05-04 09:23:32 +0200
commit	4c0e9c965e059ba2b884e66f0402e061a9d886a6 (patch)
tree	1ba6c74defaf2910761b1958974bbe9e07cfac3f
parent	1700c0244f37dc67a48519765543ddd7c3f4c17b (diff)