source-git / abrt

Clone
Source Code
GIT

Blame src/dbus/abrt-polkit.c

c8 c8s master
  1.   8ea1699fc1a73798b0a5d6788be0cf81ab9a0f73
  2.   src
  3.   dbus
  4.   abrt-polkit.c
Blob History Raw
Packit 8ea169 
/*
Packit 8ea169 
  Copyright (C) 2012  ABRT team
Packit 8ea169
Packit 8ea169 
  This program is free software; you can redistribute it and/or modify
Packit 8ea169 
  it under the terms of the GNU General Public License as published by
Packit 8ea169 
  the Free Software Foundation; either version 2 of the License, or
Packit 8ea169 
  (at your option) any later version.
Packit 8ea169
Packit 8ea169 
  This program is distributed in the hope that it will be useful,
Packit 8ea169 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit 8ea169 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
Packit 8ea169 
  GNU General Public License for more details.
Packit 8ea169
Packit 8ea169 
  You should have received a copy of the GNU General Public License along
Packit 8ea169 
  with this program; if not, write to the Free Software Foundation, Inc.,
Packit 8ea169 
  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Packit 8ea169 
*/
Packit 8ea169
Packit 8ea169 
#include <glib-object.h>
Packit 8ea169 
#include <sys/types.h>
Packit 8ea169 
#include <unistd.h>
Packit 8ea169
Packit 8ea169 
#include "libabrt.h"
Packit 8ea169 
#include "abrt-polkit.h"
Packit 8ea169
Packit 8ea169 
#ifdef HAVE_POLKIT
Packit 8ea169 
#include <polkit/polkit.h>
Packit 8ea169 
#endif
Packit 8ea169
Packit 8ea169 
/*number of seconds: timeout for the authorization*/
Packit 8ea169 
#define POLKIT_TIMEOUT 20
Packit 8ea169
Packit 8ea169 
#ifdef HAVE_POLKIT
Packit 8ea169 
static gboolean do_cancel(GCancellable* cancellable)
Packit 8ea169 
{
Packit 8ea169 
    log_warning("Timer has expired; cancelling authorization check\n");
Packit 8ea169 
    g_cancellable_cancel(cancellable);
Packit 8ea169 
    return FALSE;
Packit 8ea169 
}
Packit 8ea169 
#endif
Packit 8ea169
Packit 8ea169 
#ifdef HAVE_POLKIT
Packit 8ea169 
static PolkitResult do_check(PolkitSubject *subject, const char *action_id)
Packit 8ea169 
{
Packit 8ea169 
    PolkitAuthority *authority;
Packit 8ea169 
    PolkitAuthorizationResult *auth_result;
Packit 8ea169 
    PolkitResult result = PolkitNo;
Packit 8ea169 
    GError *error = NULL;
Packit 8ea169 
    GCancellable * cancellable;
Packit 8ea169
Packit 8ea169 
    cancellable = g_cancellable_new();
Packit 8ea169
Packit 8ea169 
    /* we ignore the error for now .. */
Packit 8ea169 
    authority = polkit_authority_get_sync(cancellable, NULL);
Packit 8ea169
Packit 8ea169 
    guint cancel_timeout = g_timeout_add(POLKIT_TIMEOUT * 1000,
Packit 8ea169 
                   (GSourceFunc) do_cancel,
Packit 8ea169 
                   cancellable);
Packit 8ea169
Packit 8ea169 
    auth_result = polkit_authority_check_authorization_sync(authority,
Packit 8ea169 
                subject,
Packit 8ea169 
                action_id,
Packit 8ea169 
                NULL,
Packit 8ea169 
                POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
Packit 8ea169 
                cancellable,
Packit 8ea169 
                &error);
Packit 8ea169 
    g_object_unref(cancellable);
Packit 8ea169 
    g_object_unref(authority);
Packit 8ea169 
    g_source_remove(cancel_timeout);
Packit 8ea169 
    g_object_unref(subject);
Packit 8ea169 
    if (error)
Packit 8ea169 
    {
Packit 8ea169 
        g_error_free(error);
Packit 8ea169 
        return PolkitUnknown;
Packit 8ea169 
    }
Packit 8ea169
Packit 8ea169 
    if (!auth_result)
Packit 8ea169 
        return PolkitUnknown;
Packit 8ea169
Packit 8ea169 
    if (polkit_authorization_result_get_is_challenge(auth_result))
Packit 8ea169 
    {
Packit 8ea169 
        /* Can't happen (happens only with
Packit 8ea169 
         * POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE flag) */
Packit 8ea169 
        result = PolkitChallenge;
Packit 8ea169 
        goto out;
Packit 8ea169 
    }
Packit 8ea169
Packit 8ea169 
    if (polkit_authorization_result_get_is_authorized(auth_result))
Packit 8ea169 
    {
Packit 8ea169 
        result = PolkitYes;
Packit 8ea169 
        goto out;
Packit 8ea169 
    }
Packit 8ea169
Packit 8ea169 
out:
Packit 8ea169 
    g_object_unref(auth_result);
Packit 8ea169 
    return result;
Packit 8ea169 
}
Packit 8ea169 
#endif
Packit 8ea169
Packit 8ea169 
PolkitResult polkit_check_authorization_dname(const char *dbus_name, const char *action_id)
Packit 8ea169 
{
Packit 8ea169 
#ifdef HAVE_POLKIT
Packit 8ea169 
    glib_init();
Packit 8ea169
Packit 8ea169 
    PolkitSubject *subject = polkit_system_bus_name_new(dbus_name);
Packit 8ea169 
    return do_check(subject, action_id);
Packit 8ea169 
#else
Packit 8ea169 
    log_warning("Polkit disabled. Everyone has access to private data");
Packit 8ea169 
    return PolkitYes;
Packit 8ea169 
#endif
Packit 8ea169 
}
Packit 8ea169
Packit 8ea169 
PolkitResult polkit_check_authorization_pid(pid_t pid, const char *action_id)
Packit 8ea169 
{
Packit 8ea169 
#ifdef HAVE_POLKIT
Packit 8ea169 
    glib_init();
Packit 8ea169
Packit 8ea169 
    PolkitSubject *subject = polkit_unix_process_new_for_owner(pid,
Packit 8ea169 
            /*use start_time from /proc*/0,
Packit 8ea169 
            /*use uid from /proc*/ -1);
Packit 8ea169
Packit 8ea169 
    return do_check(subject, action_id);
Packit 8ea169 
#else
Packit 8ea169 
    log_warning("Polkit disabled. Everyone has access to private data");
Packit 8ea169 
    return PolkitYes;
Packit 8ea169 
#endif
Packit 8ea169 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation