summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--liblazy/Makefile.am2
-rw-r--r--liblazy/liblazy.h35
-rw-r--r--liblazy/liblazy_hal.c53
-rw-r--r--liblazy/liblazy_polkit.c105
4 files changed, 57 insertions, 138 deletions
diff --git a/liblazy/Makefile.am b/liblazy/Makefile.am
index 829b797..a7a4f06 100644
--- a/liblazy/Makefile.am
+++ b/liblazy/Makefile.am
@@ -6,7 +6,7 @@ INCLUDES =
include_HEADERS = liblazy.h
-liblazy_la_SOURCES = liblazy_hal.c liblazy_dbus.c liblazy_polkit.c liblazy.c liblazy_local.h
+liblazy_la_SOURCES = liblazy_hal.c liblazy_dbus.c liblazy.c liblazy_local.h
liblazy_la_CFLAGS = $(DBUS_CFLAGS) -Wall
liblazy_la_LDFLAGS = -version-info 1:0:0 $(DBUS_LIBS)
diff --git a/liblazy/liblazy.h b/liblazy/liblazy.h
index 1db8fa3..d85e4c4 100644
--- a/liblazy/liblazy.h
+++ b/liblazy/liblazy.h
@@ -255,41 +255,14 @@ int liblazy_hal_find_device_by_string_match(char *key, char *value, char ***strl
/** @brief check if a user possesses a privilege
*
- * Functions asks the PolicyKit daemon if a user possesses a given
- * privilege on a optional given ressource
+ * Check if the caller possesses the given privilege on the default device
+ * '/org/freedesktop/Hal/devices/computer'
*
- * @param user the username to check for
* @param privilege the privilege to check for
- * @param ressource the ressource to check for or NULL
*
- * @return 0 on success, LIBLAZY_ERROR_* on failure
- */
-int liblazy_polkit_is_user_allowed_by_name(char *user, char *privilege);
-
-/** @brief check if a user possesses a privilege
- *
- * Functions asks the PolicyKit daemon if the user with the given uid
- * possesses a given privilege on a optional given ressource
- *
- * @param uid the uid to check against
- * @param privilege the privilege to check for
- * @param ressource the ressource to check for or NULL
- *
- * @return 0 on success, LIBLAZY_ERROR_* on failure
- */
-int liblazy_polkit_is_user_allowed_by_uid(int uid, char *privilege);
-
-/** @brief check if a user possesses a privilege
- *
- * Functions asks the PolicyKit daemon if the current user possesses a
- * given privilege on a optional given ressource
- *
- * @param privilege the privilege to check for
- * @param ressource the ressource to check for or NULL
- *
- * @return 0 on success, LIBLAZY_ERROR_* on failure
+ * @return 1 if the caller is privileged, 0 if not, and LIBLAZY_ERROR_* on failure
*/
-int liblazy_polkit_is_user_allowed(char *privilege);
+int liblazy_hal_is_caller_privileged(char *privilege);
#ifdef __cplusplus
}
diff --git a/liblazy/liblazy_hal.c b/liblazy/liblazy_hal.c
index a80d7e4..b9a2694 100644
--- a/liblazy/liblazy_hal.c
+++ b/liblazy/liblazy_hal.c
@@ -2,7 +2,7 @@
* *
* liblazy *
* *
- * Copyright (C) 2006 Holger Macht <holger@homac.de> *
+ * Copyright (C) 2006,2007 Holger Macht <holger@homac.de> *
* *
* Author(s): Holger Macht <holger@homac.de> *
* *
@@ -34,6 +34,7 @@
#define DBUS_HAL_DEVICE_INTERFACE "org.freedesktop.Hal.Device"
#define DBUS_HAL_MANAGER_PATH "/org/freedesktop/Hal/Manager"
#define DBUS_HAL_MANAGER_INTERFACE "org.freedesktop.Hal.Manager"
+#define DBUS_HAL_COMPUTER_PATH "/org/freedesktop/Hal/devices/computer"
static int liblazy_hal_property_exists(char *udi, char *property)
{
@@ -275,3 +276,53 @@ int liblazy_hal_find_device_by_string_match(char *key, char *value, char ***strl
}
return error;
}
+
+int liblazy_hal_is_caller_privileged(char *privilege)
+{
+ DBusMessage *reply;
+ DBusError dbus_error;
+ DBusConnection *dbus_connection;
+ const char *unique_name;
+ char *allowed;
+ int error = 0;
+
+ if (privilege == NULL )
+ return LIBLAZY_ERROR_INVALID_ARGUMENT;
+
+ dbus_error_init(&dbus_error);
+
+ dbus_connection = dbus_bus_get(DBUS_BUS_SYSTEM, &dbus_error);
+ if (dbus_error_is_set(&dbus_error)) {
+ ERROR("Connection to dbus not ready, skipping privilege "
+ "lookup for privilege %s: %s\n",
+ privilege, dbus_error.message);
+ dbus_error_free(&dbus_error);
+ return LIBLAZY_ERROR_DBUS_NOT_READY;
+ }
+
+ unique_name = dbus_bus_get_unique_name(dbus_connection);
+
+ error = liblazy_dbus_system_send_method_call(DBUS_HAL_SERVICE,
+ DBUS_HAL_COMPUTER_PATH,
+ DBUS_HAL_DEVICE_INTERFACE,
+ "IsCallerPrivileged",
+ &reply,
+ DBUS_TYPE_STRING, &privilege,
+ DBUS_TYPE_STRING, &unique_name,
+ DBUS_TYPE_INVALID);
+
+ if (error)
+ return error;
+
+ error = liblazy_dbus_message_get_basic_arg(reply, DBUS_TYPE_STRING,
+ &allowed, 0);
+
+ if (reply != NULL)
+ dbus_message_unref(reply);
+ if (error)
+ return error;
+
+ if (strcmp(allowed, "yes") == 0)
+ return 1;
+ return 0;
+}
diff --git a/liblazy/liblazy_polkit.c b/liblazy/liblazy_polkit.c
deleted file mode 100644
index 87dc626..0000000
--- a/liblazy/liblazy_polkit.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/***************************************************************************
- * *
- * liblazy *
- * *
- * Copyright (C) 2006 Holger Macht <holger@homac.de> *
- * *
- * Author(s): Holger Macht <holger@homac.de> *
- * *
- * This library is free software; you can redistribute it and/or modify it *
- * under the terms of the GNU Lesser General Public License as published *
- * by the Free Software Foundation; either version 2.1 of the License, or *
- * (at your option) any later version. *
- * *
- * This library is distributed in the hope that it will be useful, but *
- * WITHOUT ANY WARRANTY; without even the implied warranty of *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
- * Lesser General Public License for more details. *
- * *
- * You should have received a copy of the GNU Lesser General Public *
- * License along with this library; if not, write to the Free Software *
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA *
- * 02110-1301 USA *
- * *
- ***************************************************************************/
-
-#include "liblazy.h"
-#include "liblazy_local.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <pwd.h>
-#include <string.h>
-#include <errno.h>
-
-#define DBUS_HAL_SERVICE "org.freedesktop.Hal"
-#define DBUS_HAL_DEVICE_INTERFACE "org.freedesktop.Hal.Device"
-#define DBUS_HAL_COMPUTER_PATH "/org/freedesktop/Hal/devices/computer"
-
-int liblazy_polkit_is_user_allowed_by_name(char *user, char *privilege)
-{
- DBusMessage *reply;
- DBusError dbus_error;
- DBusConnection *dbus_connection;
- const char *unique_name;
- char *allowed;
- int error = 0;
-
- if (user == NULL || privilege == NULL )
- return LIBLAZY_ERROR_INVALID_ARGUMENT;
-
- dbus_error_init(&dbus_error);
-
- dbus_connection = dbus_bus_get(DBUS_BUS_SYSTEM, &dbus_error);
- if (dbus_error_is_set(&dbus_error)) {
- ERROR("Connection to dbus not ready, skipping privilege "
- "lookup for privilege %s for user %s: %s\n",
- privilege, user, dbus_error.message);
- dbus_error_free(&dbus_error);
- return LIBLAZY_ERROR_DBUS_NOT_READY;
- }
-
- unique_name = dbus_bus_get_unique_name(dbus_connection);
-
- error = liblazy_dbus_system_send_method_call(DBUS_HAL_SERVICE,
- DBUS_HAL_COMPUTER_PATH,
- DBUS_HAL_DEVICE_INTERFACE,
- "IsCallerPrivileged",
- &reply,
- DBUS_TYPE_STRING, &privilege,
- DBUS_TYPE_STRING, &unique_name,
- DBUS_TYPE_INVALID);
-
- if (error)
- return error;
-
- error = liblazy_dbus_message_get_basic_arg(reply, DBUS_TYPE_STRING,
- &allowed, 0);
-
- if (reply != NULL)
- dbus_message_unref(reply);
- if (error)
- return error;
- if (strcmp(allowed, "yes") == 0)
- return 1;
- return 0;
-}
-
-int liblazy_polkit_is_user_allowed_by_uid(int uid, char *privilege)
-{
- struct passwd *pw = getpwuid(uid);
-
- if (pw == NULL) {
- ERROR("Could not get current username: %s", strerror(errno));
- return LIBLAZY_ERROR_GENERAL;
- }
-
- return liblazy_polkit_is_user_allowed_by_name(pw->pw_name, privilege);
-}
-
-int liblazy_polkit_is_user_allowed(char *privilege)
-{
- char *user = getenv("USER");
- return liblazy_polkit_is_user_allowed_by_name(user, privilege);
-}
-