diff options
| author | David Zeuthen <davidz@redhat.com> | 2007-09-27 12:08:19 -0400 |
|---|---|---|
| committer | David Zeuthen <davidz@redhat.com> | 2007-09-27 12:08:19 -0400 |
| commit | 4714fe721988d533a912ac62df5088f24f5bc699 (patch) | |
| tree | 0dcecaed6cfa6465e7b2cb885740f94b49dcf207 | |
| parent | 60d85b947457940978a9c153a59a80c87d46ab4e (diff) | |
implement <allow_any> to specify default answer for any user
This is useful in instances where the OS vendor wants to allow any
user, even remote users logging in via ssh etc., but recognize that
some sites may want to lock this down to a limited set of users.
Suggested by Daniel P. Berrange <berrange@redhat.com>:
<danpb> my specific use case is that in libvirt we don't mind any user
querying for VM status info by default
<danpb> but some admins may wish to lock that ability down
<danpb> so only designated users can query VM status
<davidz> right
<davidz> it makes sense
<davidz> without having giving it too much thought; adding another stanza to
the .policy file might make sense
<davidz> <allow_non_session>yes</allow_non_session>
<davidz> danpb: would that work?
<danpb> yeah, that'd do the trick
<davidz> cool
<davidz> I'll add it then
| -rw-r--r-- | doc/spec/polkit-spec-configuration.xml | 15 | ||||
| -rw-r--r-- | polkit/polkit-policy-default.c | 29 | ||||
| -rw-r--r-- | polkit/polkit-policy-default.h | 1 | ||||
| -rw-r--r-- | polkit/polkit-policy-file-entry.c | 8 | ||||
| -rw-r--r-- | polkit/polkit-policy-file.c | 20 |
5 files changed, 62 insertions, 11 deletions
diff --git a/doc/spec/polkit-spec-configuration.xml b/doc/spec/polkit-spec-configuration.xml index a1cfd1a..eab3d0e 100644 --- a/doc/spec/polkit-spec-configuration.xml +++ b/doc/spec/polkit-spec-configuration.xml @@ -28,6 +28,7 @@ <message xml:lang="da">System indstillinger forhindrer PolicyKit-gnome eksempel hjælper i at Frobnikere!</message> <message xml:lang="en_CA">System policy prevents the PolicyKit-gnome example helper from Frobnicating, Aye!</message> <defaults> + <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> <allow_active>auth_self</allow_active> </defaults> @@ -41,6 +42,7 @@ <message xml:lang="da">System indstillinger forhindrer PolicyKit-gnome eksempel hjælper i at Tvække!</message> <message xml:lang="en_CA">System policy prevents the PolicyKit-gnome example helper from Tweaking, Aye!</message> <defaults> + <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> <allow_active>auth_admin</allow_active> </defaults> @@ -76,11 +78,14 @@ <listitem> <para> <emphasis>Defaults:</emphasis> - The <literal>allow_inactive</literal> - and <literal>allow_active</literal> specify the default - answer that <literal>libpolkit</literal> will return for - respectively inactive and active sessions. See below for - valid values and their meaning. + The <literal>allow_any</literal>, <literal>allow_inactive</literal> + and <literal>allow_active</literal> tags specify the + default answer that <literal>libpolkit</literal> will + return for respectively any, inactive and active + sessions. See below for valid values and their + meaning. Any of these elements, including the + enclosing <literal>defaults</literal> elements may be + omitted. </para> </listitem> <listitem> diff --git a/polkit/polkit-policy-default.c b/polkit/polkit-policy-default.c index b99c84d..566b82d 100644 --- a/polkit/polkit-policy-default.c +++ b/polkit/polkit-policy-default.c @@ -58,21 +58,25 @@ struct _PolKitPolicyDefault { int refcount; + PolKitResult default_any; PolKitResult default_inactive; PolKitResult default_active; }; -extern PolKitPolicyDefault *_polkit_policy_default_new (PolKitResult defaults_allow_inactive, +extern PolKitPolicyDefault *_polkit_policy_default_new (PolKitResult defaults_allow_any, + PolKitResult defaults_allow_inactive, PolKitResult defaults_allow_active); PolKitPolicyDefault * -_polkit_policy_default_new (PolKitResult defaults_allow_inactive, +_polkit_policy_default_new (PolKitResult defaults_allow_any, + PolKitResult defaults_allow_inactive, PolKitResult defaults_allow_active) { PolKitPolicyDefault *pd; pd = g_new0 (PolKitPolicyDefault, 1); pd->refcount = 1; + pd->default_any = defaults_allow_any; pd->default_inactive = defaults_allow_inactive; pd->default_active = defaults_allow_active; return pd; @@ -123,9 +127,11 @@ polkit_policy_default_debug (PolKitPolicyDefault *policy_default) { g_return_if_fail (policy_default != NULL); _pk_debug ("PolKitPolicyDefault: refcount=%d\n" + " default_any=%s\n" " default_inactive=%s\n" " default_active=%s", policy_default->refcount, + polkit_result_to_string_representation (policy_default->default_any), polkit_result_to_string_representation (policy_default->default_inactive), polkit_result_to_string_representation (policy_default->default_active)); } @@ -158,6 +164,8 @@ polkit_policy_default_can_session_do_action (PolKitPolicyDefault *policy_default g_return_val_if_fail (action != NULL, ret); g_return_val_if_fail (session != NULL, ret); + ret = policy_default->default_any; + if (!polkit_session_get_ck_is_local (session, &is_local)) goto out; if (!polkit_session_get_ck_is_active (session, &is_active)) @@ -203,6 +211,8 @@ polkit_policy_default_can_caller_do_action (PolKitPolicyDefault *policy_default, g_return_val_if_fail (action != NULL, ret); g_return_val_if_fail (caller != NULL, ret); + ret = policy_default->default_any; + if (!polkit_caller_get_ck_session (caller, &session)) goto out; if (session == NULL) @@ -227,6 +237,21 @@ out: } /** + * polkit_policy_default_get_allow_any: + * @policy_default: the object + * + * Get default policy. + * + * Returns: default policy + **/ +PolKitResult +polkit_policy_default_get_allow_any (PolKitPolicyDefault *policy_default) +{ + g_return_val_if_fail (policy_default != NULL, POLKIT_RESULT_NO); + return policy_default->default_any; +} + +/** * polkit_policy_default_get_allow_inactive: * @policy_default: the object * diff --git a/polkit/polkit-policy-default.h b/polkit/polkit-policy-default.h index a34122b..b2dced8 100644 --- a/polkit/polkit-policy-default.h +++ b/polkit/polkit-policy-default.h @@ -51,6 +51,7 @@ PolKitResult polkit_policy_default_can_caller_do_action (PolKitPolicyDefault *po PolKitAction *action, PolKitCaller *caller); +PolKitResult polkit_policy_default_get_allow_any (PolKitPolicyDefault *policy_default); PolKitResult polkit_policy_default_get_allow_inactive (PolKitPolicyDefault *policy_default); PolKitResult polkit_policy_default_get_allow_active (PolKitPolicyDefault *policy_default); diff --git a/polkit/polkit-policy-file-entry.c b/polkit/polkit-policy-file-entry.c index 50d5dad..7b48419 100644 --- a/polkit/polkit-policy-file-entry.c +++ b/polkit/polkit-policy-file-entry.c @@ -72,10 +72,12 @@ extern void _polkit_policy_file_entry_set_descriptions (PolKitPolicyFileEntry *p const char *policy_message); -extern PolKitPolicyDefault *_polkit_policy_default_new (PolKitResult defaults_allow_inactive, +extern PolKitPolicyDefault *_polkit_policy_default_new (PolKitResult defaults_allow_any, + PolKitResult defaults_allow_inactive, PolKitResult defaults_allow_active); extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *action_id, + PolKitResult defaults_allow_any, PolKitResult defaults_allow_inactive, PolKitResult defaults_allow_active, GHashTable *annotations); @@ -83,6 +85,7 @@ extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *actio /* NOTE: we take ownership of the annotations object */ extern PolKitPolicyFileEntry * _polkit_policy_file_entry_new (const char *action_id, + PolKitResult defaults_allow_any, PolKitResult defaults_allow_inactive, PolKitResult defaults_allow_active, GHashTable *annotations) @@ -93,7 +96,8 @@ _polkit_policy_file_entry_new (const char *action_id, pfe->refcount = 1; pfe->action = g_strdup (action_id); - pfe->defaults = _polkit_policy_default_new (defaults_allow_inactive, + pfe->defaults = _polkit_policy_default_new (defaults_allow_any, + defaults_allow_inactive, defaults_allow_active); if (pfe->defaults == NULL) goto error; diff --git a/polkit/polkit-policy-file.c b/polkit/polkit-policy-file.c index 9c496c6..5f7bcd1 100644 --- a/polkit/polkit-policy-file.c +++ b/polkit/polkit-policy-file.c @@ -50,7 +50,7 @@ * @title: Policy Definition Files * @short_description: Represents a set of declared actions. * - * This class is used to represent a policy files. + * This class is used to represent a policy file. **/ /** @@ -66,6 +66,7 @@ struct _PolKitPolicyFile }; extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *action_id, + PolKitResult defaults_allow_any, PolKitResult defaults_allow_inactive, PolKitResult defaults_allow_active, GHashTable *annotations); @@ -77,6 +78,7 @@ enum { STATE_IN_ACTION_DESCRIPTION, STATE_IN_ACTION_MESSAGE, STATE_IN_DEFAULTS, + STATE_IN_DEFAULTS_ALLOW_ANY, STATE_IN_DEFAULTS_ALLOW_INACTIVE, STATE_IN_DEFAULTS_ALLOW_ACTIVE, STATE_IN_ANNOTATE @@ -88,6 +90,7 @@ typedef struct { char *action_id; + PolKitResult defaults_allow_any; PolKitResult defaults_allow_inactive; PolKitResult defaults_allow_active; @@ -169,6 +172,7 @@ _start (void *data, const char *el, const char **attr) pd->policy_messages = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); /* initialize defaults */ + pd->defaults_allow_any = POLKIT_RESULT_NO; pd->defaults_allow_inactive = POLKIT_RESULT_NO; pd->defaults_allow_active = POLKIT_RESULT_NO; } @@ -200,11 +204,15 @@ _start (void *data, const char *el, const char **attr) case STATE_IN_ACTION_MESSAGE: break; case STATE_IN_DEFAULTS: - if (strcmp (el, "allow_inactive") == 0) + if (strcmp (el, "allow_any") == 0) + state = STATE_IN_DEFAULTS_ALLOW_ANY; + else if (strcmp (el, "allow_inactive") == 0) state = STATE_IN_DEFAULTS_ALLOW_INACTIVE; else if (strcmp (el, "allow_active") == 0) state = STATE_IN_DEFAULTS_ALLOW_ACTIVE; break; + case STATE_IN_DEFAULTS_ALLOW_ANY: + break; case STATE_IN_DEFAULTS_ALLOW_INACTIVE: break; case STATE_IN_DEFAULTS_ALLOW_ACTIVE: @@ -256,6 +264,10 @@ _cdata (void *data, const char *s, int len) } break; + case STATE_IN_DEFAULTS_ALLOW_ANY: + if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any)) + goto error; + break; case STATE_IN_DEFAULTS_ALLOW_INACTIVE: if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive)) goto error; @@ -359,6 +371,7 @@ _end (void *data, const char *el) /* NOTE: caller takes ownership of the annotations object */ pfe = _polkit_policy_file_entry_new (pd->action_id, + pd->defaults_allow_any, pd->defaults_allow_inactive, pd->defaults_allow_active, pd->annotations); @@ -394,6 +407,9 @@ _end (void *data, const char *el) case STATE_IN_DEFAULTS: state = STATE_IN_ACTION; break; + case STATE_IN_DEFAULTS_ALLOW_ANY: + state = STATE_IN_DEFAULTS; + break; case STATE_IN_DEFAULTS_ALLOW_INACTIVE: state = STATE_IN_DEFAULTS; break; |