Commit 608e8745 authored by David Zeuthen's avatar David Zeuthen

remove the notion of modules

parent 6696140d
## Process this file with automake to produce Makefile.in
SUBDIRS = data polkit polkit-dbus polkit-grant modules doc tools policy
SUBDIRS = data polkit polkit-dbus polkit-grant doc tools policy
# Creating ChangeLog from git log (taken from cairo/Makefile.am):
ChangeLog: $(srcdir)/ChangeLog
......
......@@ -361,12 +361,6 @@ doc/spec/Makefile
doc/spec/polkit-spec.xml.in
doc/man/Makefile
policy/Makefile
modules/Makefile
modules/default/Makefile
modules/allow-all/Makefile
modules/deny-all/Makefile
modules/run-program/Makefile
modules/grant/Makefile
])
dnl ==========================================================================
......
if MAN_PAGES_ENABLED
MAN_IN_FILES = polkit-check-caller.1.in polkit-check-session.1.in polkit-policy-file-validate.1.in PolicyKit.8.in polkit-module-default.8.in polkit-module-allow-all.8.in polkit-module-deny-all.8.in polkit-module-run-program.8.in polkit-module-builtins.8.in
MAN_IN_FILES = polkit-check-caller.1.in polkit-check-session.1.in polkit-policy-file-validate.1.in PolicyKit.8.in
man_MANS = $(MAN_IN_FILES:.in=)
......@@ -18,4 +18,5 @@ clean-local:
edit = sed \
-e 's|@docdir[@]|$(docdir)|g' \
-e 's|@sbindir[@]|$(sbindir)|g' \
-e 's|@sysconfdir[@]|$(sysconfdir)|g'
-e 's|@sysconfdir[@]|$(sysconfdir)|g' \
-e 's|@datadir[@]|$(datadir)|g'
.\"
.\" polkit-module-allow-all manual page.
.\" Copyright (C) 2007 David Zeuthen <david@fubar.dk>
.\"
.TH POLKIT-MODULE-ALLOW-ALL 8
.SH NAME
polkit-module-allow-all \- permit any action
.SH SYNOPSIS
.PP
.B polkit-module-allow-all.so
.SH DESCRIPTION
.PP
This PolicyKit module will permit any action regardless of the entity
requesting it, what the requested action is and what resource is
involved.
For more information about the big picture refer to the \fIPolicyKit
spec\fP which can be found in
.I "@docdir@/spec/polkit-spec.html"
depending on the distribution.
.SH OPTIONS
This module does not require nor recognize any options.
.SH NOTES
.PP
Never use this module unless you
.B COMPLETELY
trust anyone with either remote or local access to the system, or you
have confined the module using built-in options.
.SH BUGS
.PP
Please send bug reports to either the distribution or the HAL
mailing list, see
.I "http://lists.freedesktop.org/mailman/listinfo/hal"
on how to subscribe.
.SH SEE ALSO
.PP
\&\fIPolicyKit\fR\|(8),
\&\fIpolkit-module-builtins\fR\|(8),
\&\fIpolkit-module-default\fR\|(8),
\&\fIpolkit-module-deny-all\fR\|(8),
\&\fIpolkit-module-run-program\fR\|(8),
\&\fI@sysconfdir@/PolicyKit/policy\fR\|,
\&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\|
.SH AUTHOR
Written by David Zeuthen <david@fubar.dk> with a lot of help from many
others.
.\"
.\" polkit-module-builtins manual page.
.\" Copyright (C) 2007 David Zeuthen <david@fubar.dk>
.\"
.TH POLKIT-MODULE-BUILTINS 8
.SH NAME
polkit-module-builtins \- options that apply to any PolicyKit module
.SH SYNOPSIS
.PP
.B any-module.so [action=<regexp>] [user=<username> ...]
.SH DESCRIPTION
.PP
This manual page describes options that can be used for any PolicyKit
module to confine what requests it should deal with.
For more information about the big picture refer to the \fIPolicyKit
spec\fP which can be found in
.I "@docdir@/spec/polkit-spec.html"
depending on the distribution.
.SH OPTIONS
.TP 3n
.B action=<regexp>
Only consider requests where the action name matches the given
regular expression. Example:
.B action=hal-storage-mount*
.TP 3n
.B user=<username>
Only consider requests matching the given username. May be both a
numerical
.B uid
value or a username. This option can be used multiple times to specify
multiple users. Example:
.B user=davidz user=bateman
.SH BUGS
.PP
Please send bug reports to either the distribution or the HAL
mailing list, see
.I "http://lists.freedesktop.org/mailman/listinfo/hal"
on how to subscribe.
.SH SEE ALSO
.PP
\&\fIPolicyKit\fR\|(8),
\&\fIpolkit-module-default\fR\|(8),
\&\fIpolkit-module-deny-all\fR\|(8),
\&\fI@sysconfdir@/PolicyKit/policy\fR\|,
\&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\|
.SH AUTHOR
Written by David Zeuthen <david@fubar.dk> with a lot of help from many
others.
.\"
.\" polkit-module-default manual page.
.\" Copyright (C) 2007 David Zeuthen <david@fubar.dk>
.\"
.TH POLKIT-MODULE-DEFAULT 8
.SH NAME
polkit-module-default \- use default policy for actions
.SH SYNOPSIS
.PP
.B standard polkit-module-default.so
.SH DESCRIPTION
.PP
This PolicyKit module uses the default policy as specified (and
required) for by the policy definition file for a given action.
For more information about the big picture refer to the \fIPolicyKit
spec\fP which can be found in
.I "@docdir@/spec/polkit-spec.html"
depending on the distribution.
.SH BUGS
.PP
Please send bug reports to either the distribution or the HAL
mailing list, see
.I "http://lists.freedesktop.org/mailman/listinfo/hal"
on how to subscribe.
.SH SEE ALSO
.PP
\&\fIPolicyKit\fR\|(8),
\&\fIpolkit-module-allow-all\fR\|(8),
\&\fIpolkit-module-deny-all\fR\|(8),
\&\fI@sysconfdir@/PolicyKit/policy\fR\|,
\&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\|
.SH AUTHOR
Written by David Zeuthen <david@fubar.dk> with a lot of help from many
others.
.\"
.\" polkit-module-deny-all manual page.
.\" Copyright (C) 2007 David Zeuthen <david@fubar.dk>
.\"
.TH POLKIT-MODULE-DENY-ALL 8
.SH NAME
polkit-module-deny-all \- deny any action
.SH SYNOPSIS
.PP
.B polkit-module-deny-all.so
.SH DESCRIPTION
.PP
This PolicyKit module will deny any action regardless of the entity
requesting it, what the requested action is and what resource is
involved.
For more information about the big picture refer to the \fIPolicyKit
spec\fP which can be found in
.I "@docdir@/spec/polkit-spec.html"
depending on the distribution.
.SH OPTIONS
This module does not require nor recognize any options.
.SH NOTES
.PP
Unless confined using built-in options, this module is only useful
in situations where it's desirable to lock down the system so it's
unusable by normal unprivileged users.
.SH BUGS
.PP
Please send bug reports to either the distribution or the HAL
mailing list, see
.I "http://lists.freedesktop.org/mailman/listinfo/hal"
on how to subscribe.
.SH SEE ALSO
.PP
\&\fIPolicyKit\fR\|(8),
\&\fIpolkit-module-builtins\fR\|(8),
\&\fIpolkit-module-default\fR\|(8),
\&\fIpolkit-module-allow-all\fR\|(8),
\&\fIpolkit-module-run-program\fR\|(8),
\&\fI@sysconfdir@/PolicyKit/policy\fR\|,
\&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\|
.SH AUTHOR
Written by David Zeuthen <david@fubar.dk> with a lot of help from many
others.
.\"
.\" polkit-module-run-program manual page.
.\" Copyright (C) 2007 David Zeuthen <david@fubar.dk>
.\"
.TH POLKIT-MODULE-RUN-PROGRAM 8
.SH NAME
polkit-module-run-program \- determine policy by running a program
.SH SYNOPSIS
.PP
.HP 31
\fBpolkit-module-run-program.so\fR program=\fI<program>\fR
.SH DESCRIPTION
.PP
This PolicyKit module will run a program every time an action is
requested. For more information about the big picture refer to the
\fIPolicyKit spec\fP which can be found in
.I "@docdir@/spec/polkit-spec.html"
depending on the distribution.
.SH OPTIONS
.TP 3n
.B program=<program>
Absolute path to program to run; this is a mandatory option. Examples:
.B program=/usr/bin/my-program
or
.B program="/path/to/program --foo --bar"
.SH DESCRIPTION
This module will invoke the given program and will export a minimal
environment with values identifying the request. The program
.B SHOULD NOT
have any side effects; it is only invoked to make a decision - not to
alter state on the system. Further, the program is not guaranteed to
run as
.B uid 0
(e.g. root); it is effectively invoked by a mechanism (such as
\fBhald\fR(7)) that may run as an unprivileged system user.
.PP
If the program fails to run or exits with a non-zero exit code, it
means that the request is denied (same as returning
.B no
- see below). If the program exits with exit code 0,
.I stdout
of the program is examined to determine the result of the decision
(these values map directly to the possible values in the
.I PolKitResult
enumeration):
.I
.TP
.B unknown
The passed action is unknown.
.TP
.B not_authorized
The mechanism / caller (e.g. the program using
.I libpolkit
that loads this module) is not sufficiently privileged to know the
answer.
.TP
.B no
Access denied.
.TP
.B auth_root
Access denied, but authentication of the caller as root will grant
access to only that caller.
.TP
.B auth_root_keep_session
Access denied, but authentication of the caller as root will grant
access for the remainder of the session the caller stems from.
.TP
.B auth_root_keep_always
Access denied, but authentication of the caller as root will grant
access to the user of the caller in the future.
.TP
.B auth_self
Access denied, but authentication of the caller as himself will grant
access to only that caller.
.TP
.B auth_self_keep_session
Access denied, but authentication of the caller as himself will grant
access for the remainder of the session the caller stems from.
.TP
.B auth_self_keep_always
Access denied, but authentication of the caller as himself will grant
access to the user of the caller in the future.
.TP
.B yes
Access granted.
.PP
For a request concerning decisions for calls via the system message
bus daemon, the environment will contain:
.TP
.B POLKIT_REQUEST_CALLER=1
To identify the request to be concerning a decision about a caller on
the system message bus.
.TP
.B POLKIT_ACTION_ID
An identifier for the action
.TP
.B POLKIT_RESOURCE_ID
Resource identifier
.TP
.B POLKIT_RESOURCE_TYPE
Resource type
.TP
.B POLKIT_CALLER_UID
UNIX user id of the caller
.TP
.B POLKIT_CALLER_DBUS_NAME
Unique name of the caller on the system message bus
.TP
.B POLKIT_CALLER_PID
UNIX process id of the caller
.TP
.B POLKIT_CALLER_SELINUX_CONTEXT
SELinux security context of the caller (only set if SELinux is enabled)
.TP
.B POLKIT_SESSION_CK_IS_ACTIVE
Whether ConsoleKit regards the session as active (only set if the caller belong to a session)
.TP
.B POLKIT_SESSION_CK_IS_LOCAL
Whether ConsoleKit regards the session as local (only set if the caller belong to a session)
.TP
.B POLKIT_SESSION_CK_OBJREF
ConsoleKit session D-Bus object reference (only set if the caller belong to a session)
.TP
.B POLKIT_SESSION_UID
UNIX user ID of the user owning the session (only set if the caller belong to a session)
.TP
.B POLKIT_SEAT_CK_OBJREF
ConsoleKit seat D-Bus object reference of the seat that the session belongs to (only set if the caller belong to a session)
.PP
For a request concerning session-wide decisions the environment will
contain:
.TP
.B POLKIT_REQUEST_SESSION=1
To identify the request to be session-wide.
.TP
.B POLKIT_ACTION_ID
An identifier for the action
.TP
.B POLKIT_RESOURCE_ID
Resource identifier
.TP
.B POLKIT_RESOURCE_TYPE
Resource type
.TP
.B POLKIT_SESSION_CK_IS_ACTIVE
Whether ConsoleKit regards the session as active
.TP
.B POLKIT_SESSION_CK_IS_LOCAL
Whether ConsoleKit regards the session as local
.TP
.B POLKIT_SESSION_CK_OBJREF
ConsoleKit session D-Bus object reference
.TP
.B POLKIT_SESSION_UID
UNIX user ID of the user owning the session
.TP
.B POLKIT_SEAT_CK_OBJREF
ConsoleKit seat D-Bus object reference of the seat that the session belongs to
.SH NOTES
.PP
As PolicyKit modules are heavily used to enforce policy, running a
program on every request may put unneccessary load on the system
unless judicious use of built-in options to confine the module are
employed.
.SH BUGS
.PP
Please send bug reports to either the distribution or the HAL
mailing list, see
.I "http://lists.freedesktop.org/mailman/listinfo/hal"
on how to subscribe.
.SH SEE ALSO
.PP
\&\fIPolicyKit\fR\|(8),
\&\fIhald\fR\|(8),
\&\fIdbus-daemon\fR\|(1),
\&\fIpolkit-module-builtins\fR\|(8),
\&\fIpolkit-module-default\fR\|(8),
\&\fIpolkit-module-allow-all\fR\|(8),
\&\fIpolkit-module-deny-all\fR\|(8),
\&\fI@sysconfdir@/PolicyKit/policy\fR\|,
\&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\|
.SH AUTHOR
Written by David Zeuthen <david@fubar.dk> with a lot of help from many
others.
......@@ -14,7 +14,7 @@ polkit-policy-file-validate \- check access
\fIpolkit-policy-file-validate\fP is used to validate PolicyKit
policy definition files. These are normally stored in the
.I "@sysconfdir@/PolicyKit/policy"
.I "@datadir@/PolicyKit/policy"
directory. For more information about the big picture
refer to the \fIPolicyKit spec\fP which can be found in
.I "@docdir@/spec/polkit-spec.html"
......
SUBDIRS = default allow-all deny-all run-program grant
polkitconfdir = $(sysconfdir)/PolicyKit
dist_polkitconf_DATA = PolicyKit.conf
# PolicyKit modules - see PolicyKit(8)
#
# NOTE: Changes made to this file may be applied instantly
advise polkit-module-default.so
advise polkit-module-grant.so
## Process this file with automake to produce Makefile.in
INCLUDES = \
-I$(top_builddir) -I$(top_srcdir) \
-DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
-DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
-DPACKAGE_DATA_DIR=\""$(datadir)"\" \
-DPACKAGE_BIN_DIR=\""$(bindir)"\" \
-DPACKAGE_LOCALSTATEDIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
@DBUS_CFLAGS@
polkitmoduledir = $(libdir)/PolicyKit/modules
polkitmodule_LTLIBRARIES = \
polkit-module-allow-all.la \
$(NULL)
polkit_module_allow_all_la_SOURCES = polkit-module-allow-all.c
polkit_module_allow_all_la_LDFLAGS = -no-undefined -module -avoid-version
polkit_module_allow_all_la_LIBADD = $(top_builddir)/polkit/libpolkit.la
clean-local :
rm -f *~
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
/***************************************************************************
*
* polkit-module-allow-all.c : PolicyKit module that says YES to everything
*
* Copyright (C) 2007 David Zeuthen, <david@fubar.dk>
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
**************************************************************************/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stddef.h>
#include <polkit/polkit.h>
/* The symbol that polkit looks up when loading this module */
polkit_bool_t polkit_module_set_functions (PolKitModuleInterface *module_interface);
static polkit_bool_t
_module_init (PolKitModuleInterface *module_interface, int argc, char *argv[])
{
return TRUE;
}
static void
_module_shutdown (PolKitModuleInterface *module_interface)
{
}
static PolKitResult
_module_can_session_do_action (PolKitModuleInterface *module_interface,
PolKitContext *pk_context,
PolKitAction *action,
PolKitSession *session)
{
return POLKIT_RESULT_YES;
}
static PolKitResult
_module_can_caller_do_action (PolKitModuleInterface *module_interface,
PolKitContext *pk_context,
PolKitAction *action,
PolKitCaller *caller)
{
return POLKIT_RESULT_YES;
}
polkit_bool_t
polkit_module_set_functions (PolKitModuleInterface *module_interface)
{
polkit_bool_t ret;
ret = FALSE;
if (module_interface == NULL)
goto out;
polkit_module_set_func_initialize (module_interface, _module_init);
polkit_module_set_func_shutdown (module_interface, _module_shutdown);
polkit_module_set_func_can_session_do_action (module_interface, _module_can_session_do_action);
polkit_module_set_func_can_caller_do_action (module_interface, _module_can_caller_do_action);
ret = TRUE;
out:
return ret;
}
## Process this file with automake to produce Makefile.in
INCLUDES = \
-I$(top_builddir) -I$(top_srcdir) \
-DPACKAGE_LIBEXEC_DIR=\""$(libexecdir)"\" \
-DPACKAGE_SYSCONF_DIR=\""$(sysconfdir)"\" \
-DPACKAGE_DATA_DIR=\""$(datadir)"\" \
-DPACKAGE_BIN_DIR=\""$(bindir)"\" \
-DPACKAGE_LOCALSTATEDIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
@DBUS_CFLAGS@
polkitmoduledir = $(libdir)/PolicyKit/modules
polkitmodule_LTLIBRARIES = \
polkit-module-default.la \
$(NULL)
polkit_module_default_la_SOURCES = polkit-module-default.c
polkit_module_default_la_LDFLAGS = -no-undefined -module -avoid-version
polkit_module_default_la_LIBADD = $(top_builddir)/polkit/libpolkit.la
clean-local :
rm -f *~
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */
/***************************************************************************
*
* polkit-module-default.c : PolicyKit module for default policy
*
* Copyright (C) 2007 David Zeuthen, <david@fubar.dk>
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
**************************************************************************/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#include <stddef.h>
#include <polkit/polkit.h>
/* The symbol that polkit looks up when loading this module */
polkit_bool_t polkit_module_set_functions (PolKitModuleInterface *module_interface);
static polkit_bool_t
_module_init (PolKitModuleInterface *module_interface,
int argc,
char *argv[])
{
return TRUE;
}
static void
_module_shutdown (PolKitModuleInterface *module_interface)
{
}
static PolKitResult
_module_can_session_do_action (PolKitModuleInterface *module_interface,
PolKitContext *pk_context,
PolKitAction *action,
PolKitSession *session)
{
PolKitResult result;
PolKitPolicyCache *cache;
PolKitPolicyFileEntry *pfe;
result = POLKIT_RESULT_NO;
cache = polkit_context_get_policy_cache (pk_context);
pfe = polkit_policy_cache_get_entry (cache, action);
return polkit_policy_default_can_session_do_action (polkit_policy_file_entry_get_default (pfe),
action,
session);
}
static PolKitResult
_module_can_caller_do_action (PolKitModuleInterface *module_interface,
PolKitContext *pk_context,
PolKitAction *action,
PolKitCaller *caller)
{
PolKitResult result;
PolKitPolicyCache *cache;
PolKitPolicyFileEntry *pfe;
result = POLKIT_RESULT_NO;
cache = polkit_context_get_policy_cache (pk_context);
pfe = polkit_policy_cache_get_entry (cache, action);
return polkit_policy_default_can_caller_do_action (polkit_policy_file_entry_get_default (pfe),
action,
caller);
}
polkit_bool_t
polkit_module_set_functions (PolKitModuleInterface *module_interface)
{
polkit_bool_t ret;
ret = FALSE;
if (module_interface == NULL)
goto out;
polkit_module_set_func_initialize (module_interface, _module_init);
polkit_module_set_func_shutdown (module_interface, _module_shutdown);
polkit_module_set_func_can_session_do_action (module_interface, _module_can_session_do_action);
polkit_module_set_func_can_caller_do_action (module_interface, _module_can_caller_do_action);
ret = TRUE;
out:
return ret;
}
## Process this file with automake to produce Makefile.in