diff options
| author | Kay Sievers <kay.sievers@vrfy.org> | 2005-12-13 23:51:28 +0000 |
|---|---|---|
| committer | Kay Sievers <kay.sievers@vrfy.org> | 2005-12-13 23:51:28 +0000 |
| commit | 08b5bfdace6d437e72b63b337fa2ac4bb131e8ae (patch) | |
| tree | 7dbfaec6942d119475a999666560e9085ad6b280 | |
| parent | b0f0656e86f7020c44f448192a486c9bfd6c8d92 (diff) | |
Add HAL_METHOD_INVOKED_BY_UID to the method-call environment and use it to
mount FAT, NTFS and hfs volumes to make them available to the user who
invoked the method.
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | hald/hald_dbus.c | 30 | ||||
| -rwxr-xr-x | tools/hal-system-storage-mount | 26 |
3 files changed, 53 insertions, 11 deletions
@@ -1,3 +1,11 @@ +2005-12-14 Kay Sievers <kay.sievers@vrfy.org> + + Add HAL_METHOD_INVOKED_BY_UID to the method call environment + and use it to mount FAT, NTFS and hfs volumes to make them available + to the user who invoked the method. + * hald/hald_dbus.c: (hald_exec_method): + * tools/hal-system-storage-mount: + 2005-12-13 Danny Kukawka <danny.kukawka@web.de> * tools/hal-system-power-reboot, diff --git a/hald/hald_dbus.c b/hald/hald_dbus.c index 21ec9cd0..93cdf2d9 100644 --- a/hald/hald_dbus.c +++ b/hald/hald_dbus.c @@ -2577,18 +2577,30 @@ hald_exec_method (HalDevice *d, DBusConnection *connection, DBusMessage *message DBusMessageIter iter; int stdin_fd; int *stderr_fd; + const char *sender; + char *extra_env[2]; - /* TODO: check that sender is e.g. at console */ -/* - if (!sender_has_privileges (connection, message)) { - raise_permission_denied (connection, message, "not privileged"); - return DBUS_HANDLER_RESULT_HANDLED; + /* add calling uid */ + extra_env[0] = NULL; + sender = dbus_message_get_sender (message); + if (sender != NULL) { + DBusError error; + unsigned long uid; + + dbus_error_init (&error); + uid = dbus_bus_get_unix_user (connection, sender, &error); + if (!dbus_error_is_set (&error)) { + char uid_export[128]; + + sprintf (uid_export, "HAL_METHOD_INVOKED_BY_UID=%lu", uid); + extra_env[0] = uid_export; + extra_env[1] = NULL; + HAL_INFO(("%s", uid_export)); + } } -*/ - - stdin_str = g_string_sized_new (256); /* reasonable default size for passing params; can grow */ /* prepare stdin with parameters */ + stdin_str = g_string_sized_new (256); /* default size for passing params; can grow */ dbus_message_iter_init (message, &iter); while ((type = dbus_message_iter_get_arg_type (&iter)) != DBUS_TYPE_INVALID) { switch (type) { @@ -2693,7 +2705,7 @@ hald_exec_method (HalDevice *d, DBusConnection *connection, DBusMessage *message stderr_fd = (int *) g_new0 (int, 1); /* no timeout */ - if (hal_util_helper_invoke_with_pipes (execpath, NULL, d, + if (hal_util_helper_invoke_with_pipes (execpath, extra_env, d, (gpointer) message, (gpointer) stderr_fd, hald_exec_method_cb, 0, &stdin_fd, NULL, stderr_fd) != NULL) { write (stdin_fd, stdin, strlen (stdin)); diff --git a/tools/hal-system-storage-mount b/tools/hal-system-storage-mount index a2dccbd0..5e4cda6c 100755 --- a/tools/hal-system-storage-mount +++ b/tools/hal-system-storage-mount @@ -8,12 +8,18 @@ MOUNT_ROOT="/media" # Check for environment variables -if [ "$HAL_PROP_BLOCK_DEVICE" == "" ] || [ "$HAL_PROP_INFO_UDI" == "" ] ; then +if [ "$HAL_PROP_BLOCK_DEVICE" == "" ] || [ "$HAL_PROP_INFO_UDI" == "" ]; then echo "Missing or empty environment variable(s)." >&2 echo "This script should be started by hald." >&2 exit 1 fi +if [ "$HAL_METHOD_INVOKED_BY_UID" == "" ]; then + echo "org.freedesktop.Hal.Device.Volume.PermissionDenied" >&2 + echo "" >&2 + exit 1 +fi + # check if device is already mounted if [ "$HAL_PROP_VOLUME_IS_MOUNTED" = "true" ]; then echo "org.freedesktop.Hal.Device.Volume.AlreadyMounted" >&2 @@ -106,6 +112,22 @@ if [ "$GIVEN_MOUNTOPTIONS" != "" ]; then done fi +# special handling for certain filesystems +case "$MOUNTTYPE" in + vfat) + MOUNTOPTIONS="$MOUNTOPTIONS,quiet,shortname=winnt,uid=$HAL_METHOD_INVOKED_BY_UID" + ;; + ntfs) + MOUNTOPTIONS="$MOUNTOPTIONS,uid=$HAL_METHOD_INVOKED_BY_UID" + ;; + hfs|hfsplus) + MOUNTOPTIONS="$MOUNTOPTIONS,uid=$HAL_METHOD_INVOKED_BY_UID" + ;; + iso9660|udf) + MOUNTOPTIONS="$MOUNTOPTIONS,uid=$HAL_METHOD_INVOKED_BY_UID" + ;; +esac + # append number to mountpoint if it already exists if [ -e "$MOUNT_ROOT/$MOUNTPOINT" ]; then NUM=1; @@ -129,7 +151,7 @@ if [ ! -e "$MOUNT_ROOT/$MOUNTPOINT" ]; then fi # mount and return status -mount -o "nosuid,nodev$MOUNTOPTIONS" -t "$MOUNTTYPE" "$HAL_PROP_BLOCK_DEVICE" "$MOUNT_ROOT/$MOUNTPOINT" > /dev/null 2>&1 +mount -o "noexec,nosuid,nodev$MOUNTOPTIONS" -t "$MOUNTTYPE" "$HAL_PROP_BLOCK_DEVICE" "$MOUNT_ROOT/$MOUNTPOINT" > /dev/null 2>&1 if [ $? -ne 0 ]; then if [ -n "$MOUNTPOINT_CREATED" ]; then rmdir "$MOUNT_ROOT/$MOUNTPOINT" |