diff options
-rw-r--r-- | liblazy/Makefile.am | 2 | ||||
-rw-r--r-- | liblazy/liblazy.h | 35 | ||||
-rw-r--r-- | liblazy/liblazy_hal.c | 53 | ||||
-rw-r--r-- | liblazy/liblazy_polkit.c | 105 |
4 files changed, 57 insertions, 138 deletions
diff --git a/liblazy/Makefile.am b/liblazy/Makefile.am index 829b797..a7a4f06 100644 --- a/liblazy/Makefile.am +++ b/liblazy/Makefile.am @@ -6,7 +6,7 @@ INCLUDES = include_HEADERS = liblazy.h -liblazy_la_SOURCES = liblazy_hal.c liblazy_dbus.c liblazy_polkit.c liblazy.c liblazy_local.h +liblazy_la_SOURCES = liblazy_hal.c liblazy_dbus.c liblazy.c liblazy_local.h liblazy_la_CFLAGS = $(DBUS_CFLAGS) -Wall liblazy_la_LDFLAGS = -version-info 1:0:0 $(DBUS_LIBS) diff --git a/liblazy/liblazy.h b/liblazy/liblazy.h index 1db8fa3..d85e4c4 100644 --- a/liblazy/liblazy.h +++ b/liblazy/liblazy.h @@ -255,41 +255,14 @@ int liblazy_hal_find_device_by_string_match(char *key, char *value, char ***strl /** @brief check if a user possesses a privilege * - * Functions asks the PolicyKit daemon if a user possesses a given - * privilege on a optional given ressource + * Check if the caller possesses the given privilege on the default device + * '/org/freedesktop/Hal/devices/computer' * - * @param user the username to check for * @param privilege the privilege to check for - * @param ressource the ressource to check for or NULL * - * @return 0 on success, LIBLAZY_ERROR_* on failure - */ -int liblazy_polkit_is_user_allowed_by_name(char *user, char *privilege); - -/** @brief check if a user possesses a privilege - * - * Functions asks the PolicyKit daemon if the user with the given uid - * possesses a given privilege on a optional given ressource - * - * @param uid the uid to check against - * @param privilege the privilege to check for - * @param ressource the ressource to check for or NULL - * - * @return 0 on success, LIBLAZY_ERROR_* on failure - */ -int liblazy_polkit_is_user_allowed_by_uid(int uid, char *privilege); - -/** @brief check if a user possesses a privilege - * - * Functions asks the PolicyKit daemon if the current user possesses a - * given privilege on a optional given ressource - * - * @param privilege the privilege to check for - * @param ressource the ressource to check for or NULL - * - * @return 0 on success, LIBLAZY_ERROR_* on failure + * @return 1 if the caller is privileged, 0 if not, and LIBLAZY_ERROR_* on failure */ -int liblazy_polkit_is_user_allowed(char *privilege); +int liblazy_hal_is_caller_privileged(char *privilege); #ifdef __cplusplus } diff --git a/liblazy/liblazy_hal.c b/liblazy/liblazy_hal.c index a80d7e4..b9a2694 100644 --- a/liblazy/liblazy_hal.c +++ b/liblazy/liblazy_hal.c @@ -2,7 +2,7 @@ * * * liblazy * * * - * Copyright (C) 2006 Holger Macht <holger@homac.de> * + * Copyright (C) 2006,2007 Holger Macht <holger@homac.de> * * * * Author(s): Holger Macht <holger@homac.de> * * * @@ -34,6 +34,7 @@ #define DBUS_HAL_DEVICE_INTERFACE "org.freedesktop.Hal.Device" #define DBUS_HAL_MANAGER_PATH "/org/freedesktop/Hal/Manager" #define DBUS_HAL_MANAGER_INTERFACE "org.freedesktop.Hal.Manager" +#define DBUS_HAL_COMPUTER_PATH "/org/freedesktop/Hal/devices/computer" static int liblazy_hal_property_exists(char *udi, char *property) { @@ -275,3 +276,53 @@ int liblazy_hal_find_device_by_string_match(char *key, char *value, char ***strl } return error; } + +int liblazy_hal_is_caller_privileged(char *privilege) +{ + DBusMessage *reply; + DBusError dbus_error; + DBusConnection *dbus_connection; + const char *unique_name; + char *allowed; + int error = 0; + + if (privilege == NULL ) + return LIBLAZY_ERROR_INVALID_ARGUMENT; + + dbus_error_init(&dbus_error); + + dbus_connection = dbus_bus_get(DBUS_BUS_SYSTEM, &dbus_error); + if (dbus_error_is_set(&dbus_error)) { + ERROR("Connection to dbus not ready, skipping privilege " + "lookup for privilege %s: %s\n", + privilege, dbus_error.message); + dbus_error_free(&dbus_error); + return LIBLAZY_ERROR_DBUS_NOT_READY; + } + + unique_name = dbus_bus_get_unique_name(dbus_connection); + + error = liblazy_dbus_system_send_method_call(DBUS_HAL_SERVICE, + DBUS_HAL_COMPUTER_PATH, + DBUS_HAL_DEVICE_INTERFACE, + "IsCallerPrivileged", + &reply, + DBUS_TYPE_STRING, &privilege, + DBUS_TYPE_STRING, &unique_name, + DBUS_TYPE_INVALID); + + if (error) + return error; + + error = liblazy_dbus_message_get_basic_arg(reply, DBUS_TYPE_STRING, + &allowed, 0); + + if (reply != NULL) + dbus_message_unref(reply); + if (error) + return error; + + if (strcmp(allowed, "yes") == 0) + return 1; + return 0; +} diff --git a/liblazy/liblazy_polkit.c b/liblazy/liblazy_polkit.c deleted file mode 100644 index 87dc626..0000000 --- a/liblazy/liblazy_polkit.c +++ /dev/null @@ -1,105 +0,0 @@ -/*************************************************************************** - * * - * liblazy * - * * - * Copyright (C) 2006 Holger Macht <holger@homac.de> * - * * - * Author(s): Holger Macht <holger@homac.de> * - * * - * This library is free software; you can redistribute it and/or modify it * - * under the terms of the GNU Lesser General Public License as published * - * by the Free Software Foundation; either version 2.1 of the License, or * - * (at your option) any later version. * - * * - * This library is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * - * Lesser General Public License for more details. * - * * - * You should have received a copy of the GNU Lesser General Public * - * License along with this library; if not, write to the Free Software * - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA * - * 02110-1301 USA * - * * - ***************************************************************************/ - -#include "liblazy.h" -#include "liblazy_local.h" - -#include <stdio.h> -#include <stdlib.h> -#include <pwd.h> -#include <string.h> -#include <errno.h> - -#define DBUS_HAL_SERVICE "org.freedesktop.Hal" -#define DBUS_HAL_DEVICE_INTERFACE "org.freedesktop.Hal.Device" -#define DBUS_HAL_COMPUTER_PATH "/org/freedesktop/Hal/devices/computer" - -int liblazy_polkit_is_user_allowed_by_name(char *user, char *privilege) -{ - DBusMessage *reply; - DBusError dbus_error; - DBusConnection *dbus_connection; - const char *unique_name; - char *allowed; - int error = 0; - - if (user == NULL || privilege == NULL ) - return LIBLAZY_ERROR_INVALID_ARGUMENT; - - dbus_error_init(&dbus_error); - - dbus_connection = dbus_bus_get(DBUS_BUS_SYSTEM, &dbus_error); - if (dbus_error_is_set(&dbus_error)) { - ERROR("Connection to dbus not ready, skipping privilege " - "lookup for privilege %s for user %s: %s\n", - privilege, user, dbus_error.message); - dbus_error_free(&dbus_error); - return LIBLAZY_ERROR_DBUS_NOT_READY; - } - - unique_name = dbus_bus_get_unique_name(dbus_connection); - - error = liblazy_dbus_system_send_method_call(DBUS_HAL_SERVICE, - DBUS_HAL_COMPUTER_PATH, - DBUS_HAL_DEVICE_INTERFACE, - "IsCallerPrivileged", - &reply, - DBUS_TYPE_STRING, &privilege, - DBUS_TYPE_STRING, &unique_name, - DBUS_TYPE_INVALID); - - if (error) - return error; - - error = liblazy_dbus_message_get_basic_arg(reply, DBUS_TYPE_STRING, - &allowed, 0); - - if (reply != NULL) - dbus_message_unref(reply); - if (error) - return error; - if (strcmp(allowed, "yes") == 0) - return 1; - return 0; -} - -int liblazy_polkit_is_user_allowed_by_uid(int uid, char *privilege) -{ - struct passwd *pw = getpwuid(uid); - - if (pw == NULL) { - ERROR("Could not get current username: %s", strerror(errno)); - return LIBLAZY_ERROR_GENERAL; - } - - return liblazy_polkit_is_user_allowed_by_name(pw->pw_name, privilege); -} - -int liblazy_polkit_is_user_allowed(char *privilege) -{ - char *user = getenv("USER"); - return liblazy_polkit_is_user_allowed_by_name(user, privilege); -} - |