diff options
author | David Zeuthen <davidz@redhat.com> | 2011-02-21 17:12:17 -0500 |
---|---|---|
committer | David Zeuthen <davidz@redhat.com> | 2011-02-21 17:12:17 -0500 |
commit | 719585f1aecdc79598a6cecff936bd50e0f6a2f8 (patch) | |
tree | f583b66f018cbae817f2a8d73551530606d87585 | |
parent | 8f3e92e81753059b858c9c7ea5c7f198e39bb54f (diff) |
Pass caller and subject pid to authentication agent
The authentication agent can use information this to inform the user
about the UI application that triggered the authentication request (if
any).
Signed-off-by: David Zeuthen <davidz@redhat.com>
-rw-r--r-- | docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml | 4 | ||||
-rw-r--r-- | src/polkitbackend/polkitbackendinteractiveauthority.c | 57 |
2 files changed, 60 insertions, 1 deletions
diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml index 85bbcf0..663169e 100644 --- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml +++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml @@ -71,7 +71,9 @@ The themed icon describing the action or the empty string if no icon is set. <term><literal>IN Dict<String,String> <parameter>details</parameter></literal>:</term> <listitem> <para> -Details about the authentication request. This is a dictionary of key/value pairs where both key and value are strings. These strings are translated into the locale passed when registering the authentication agent using <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent">RegisterAuthenticationAgent()</link>. +Details about the authentication request. This is a dictionary of key/value pairs where both key and value are strings. These strings are translated into the locale passed when registering the authentication agent using <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent">RegisterAuthenticationAgent().</link>. +Keys starting with <literal>polkit.</literal> are reserved for internal use and should never be displayed in the UI. +Known key/value-pairs include <literal>polkit.caller-pid</literal> (the process id of the mechanism making the authorization check) and <literal>polkit.subject-pid</literal> (the process id of the subject the check is for). </para> </listitem> </varlistentry> diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c index 386a4c9..ae1a1bf 100644 --- a/src/polkitbackend/polkitbackendinteractiveauthority.c +++ b/src/polkitbackend/polkitbackendinteractiveauthority.c @@ -1796,6 +1796,60 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority, } static void +add_pid (PolkitDetails *details, + PolkitSubject *subject, + const gchar *key) +{ + gchar buf[32]; + gint pid; + + if (POLKIT_IS_UNIX_PROCESS (subject)) + { + pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)); + } + else if (POLKIT_IS_SYSTEM_BUS_NAME (subject)) + { + PolkitSubject *process; + GError *error; + + error = NULL; + process = polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME (subject), + NULL, + &error); + if (process == NULL) + { + g_printerr ("Error getting process for system bus name `%s': %s\n", + polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject)), + error->message); + g_error_free (error); + goto out; + } + pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (process)); + g_object_unref (process); + } + else if (POLKIT_IS_UNIX_SESSION (subject)) + { + goto out; + } + else + { + gchar *s; + s = polkit_subject_to_string (subject); + g_printerr ("Don't know how to get pid from subject of type %s: %s\n", + g_type_name (G_TYPE_FROM_INSTANCE (subject)), + s); + g_free (s); + goto out; + } + + g_snprintf (buf, sizeof (buf), "%d", pid); + polkit_details_insert (details, key, buf); + + out: + ; +} + +static void authentication_agent_initiate_challenge (AuthenticationAgent *agent, PolkitSubject *subject, PolkitIdentity *user_of_subject, @@ -1866,6 +1920,9 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent, agent->active_sessions = g_list_prepend (agent->active_sessions, session); + add_pid (localized_details, caller, "polkit.caller-pid"); + add_pid (localized_details, subject, "polkit.subject-pid"); + details_gvariant = polkit_details_to_gvariant (localized_details); g_variant_ref_sink (details_gvariant); |