Commit 96f6daa6 authored by David Zeuthen's avatar David Zeuthen

Add a bunch of code; basically a full rewrite moving all queries to the

    daemon.
parent 4f567cd7
The PolicyKit daemon and associated command-line tools polkit-* is
licensed to you under the GNU General Public License version 2.
libpolkit is licensed to you under your choice of the Academic Free
License version 2.1, or the GNU General Public License version 2.
Both licenses are included here. Some individual source code files
and/or binaries may be under the GPL only or under the LGPG.
......
2006-03-14 David Zeuthen <davidz@redhat.com>
Add a bunch of code; basically a full rewrite moving all queries
to the daemon.
* COPYING:
* Makefile.am:
* configure.in:
* libpolkit/Makefile.am:
* libpolkit/libpolkit-test.c:
* libpolkit/libpolkit.c: (libpolkit_new_context),
(libpolkit_free_context),
(libpolkit_get_allowed_resources_for_privilege_for_uid),
(libpolkit_is_uid_allowed_for_privilege),
(libpolkit_get_privilege_list):
* libpolkit/libpolkit.h:
* policy-kit.in:
* polkit-interface-manager.xml:
* polkit-interface-session.xml:
* polkit.pc.in:
* polkitd/Makefile.am:
* polkitd/debug-polkitd.sh:
* polkitd/main.c: (usage), (delete_pid), (main):
* polkitd/policy.c: (policy_util_set_policy_directory),
(policy_element_new), (policy_element_free),
(policy_element_free_list), (policy_element_dump),
(txt_backend_read_policy), (policy_get_whitelist),
(policy_get_blacklist), (policy_get_policies), (afp_process_elem),
(policy_get_allowed_resources_for_policy_for_uid_gid),
(policy_is_uid_gid_allowed_for_policy), (policy_util_uid_to_name),
(policy_util_gid_to_name), (policy_util_name_to_uid),
(policy_util_name_to_gid),
(policy_get_allowed_resources_for_policy_for_uid),
(policy_is_uid_allowed_for_policy), (getgrouplist):
* polkitd/policy.h:
* polkitd/polkit-manager.c: (caller_info_delete),
(polkit_manager_init), (polkit_manager_finalize),
(polkit_manager_class_init), (polkit_manager_error_quark),
(polkit_manager_error_get_type), (bus_name_owner_changed),
(session_remover), (session_finalized), (polkit_manager_new),
(uid_from_username), (safe_strcmp),
(polkit_manager_get_caller_info),
(polkit_manager_initiate_privilege_grant),
(polkit_manager_is_user_privileged),
(polkit_manager_get_allowed_resources_for_privilege),
(polkit_manager_list_privileges),
(polkit_manager_add_temporary_privilege),
(polkit_manager_remove_temporary_privilege):
* polkitd/polkit-manager.h:
* polkitd/polkit-marshal.list:
* polkitd/polkit-session.c: (polkit_session_init),
(polkit_session_finalize), (polkit_session_class_init),
(polkit_session_error_quark), (polkit_session_error_get_type),
(polkit_session_check_caller), (polkit_session_is_authenticated),
(polkit_session_get_auth_denied_reason), (safe_memset),
(my_conversation), (write_back_to_parent), (do_pam_auth),
(data_from_pam), (polkit_session_get_auth_details),
(polkit_session_initiate_auth), (polkit_session_get_questions),
(polkit_session_provide_answers), (polkit_session_close),
(polkit_session_grant_privilege_temporarily), (polkit_session_new),
(polkit_session_initiator_disconnected):
* polkitd/polkit-session.h:
* polkitd/polkitd-test.c: (my_exit), (do_check),
(write_test_policy), (do_read_tests), (main):
* polkitd/run-polkitd.sh:
* polkitd/valgrind-polkitd.sh:
* privileges/Makefile.am:
* privileges/desktop-console.privilege:
* tools/Makefile.am:
* tools/Makefile.in:
* tools/polkit-grant-privilege.c: (have_questions_handler),
(auth_done_handler), (do_grant_privilege), (usage), (main):
* tools/polkit-is-privileged.c: (usage), (main):
* tools/polkit-list-privileges.c: (usage), (main):
2006-03-09 David Zeuthen <davidz@redhat.com>
* polkit.pc.in (exec_prefix): Use right Cflags
......
## Process this file with automake to produce Makefile.in
SUBDIRS = libpolkit doc tools
SUBDIRS = libpolkit polkitd doc tools privileges
pamdir = $(sysconfdir)/pam.d
pam_DATA = policy-kit
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = polkit.pc
DISTCLEANFILES = polkit.pc
EXTRA_DIST = HACKING polkit.pc.in mkinstalldirs
EXTRA_DIST = HACKING polkit-interface-manager.xml polkit-interface-session.xml polkit.pc.in policy-kit.in mkinstalldirs
clean-local :
rm -f *~
......@@ -26,16 +26,16 @@ AC_PROG_MAKE_SET
AC_PROG_LN_S
AC_SYS_LARGEFILE
AC_ARG_WITH(polkit_user,[ --with-polkit-user=<user> User for PolicyKit])
AC_ARG_WITH(polkit_user,[ --with-polkit-user=<user> user for PolicyKit])
if test -z "$with_polkit_user" ; then
POLKIT_USER=polkit
else
POLKIT_USER=$with_polkit_user
fi
AC_SUBST(POLKIT_USER)
AC_DEFINE_UNQUOTED(POLKIT_USER,"POLKIT_USER", [User for PolicyKit])
AC_DEFINE_UNQUOTED(POLKIT_USER, "$POLKIT_USER", [User for PolicyKit])
AC_ARG_WITH(polkit_group,[ --with-hal-group=<grp> Group for PolicyKit])
AC_ARG_WITH(polkit_group,[ --with-polkit-group=<grp> group for PolicyKit])
if test -z "$with_polkit_group" ; then
POLKIT_GROUP=polkit
else
......@@ -137,6 +137,14 @@ PKG_CHECK_MODULES(GLIB, [glib-2.0 >= 2.6.0])
AC_SUBST(GLIB_CFLAGS)
AC_SUBST(GLIB_LIBS)
PKG_CHECK_MODULES(DBUS, [dbus-1 >= 0.60])
AC_SUBST(DBUS_CFLAGS)
AC_SUBST(DBUS_LIBS)
PKG_CHECK_MODULES(DBUS_GLIB, [dbus-glib-1 >= 0.60])
AC_SUBST(DBUS_GLIB_CFLAGS)
AC_SUBST(DBUS_GLIB_LIBS)
AC_CHECK_FUNCS(getgrouplist)
AS_AC_EXPAND(LOCALSTATEDIR, $localstatedir)
......@@ -148,7 +156,7 @@ AS_AC_EXPAND(LIBDIR, $libdir)
AS_AC_EXPAND(LIBEXECDIR, $libexecdir)
# documentation target
AC_ARG_WITH(doc-dir, [ --with-doc-dir=[dirname] directory to install documentation])
AC_ARG_WITH(doc-dir, [ --with-doc-dir=[dirname] directory to install documentation])
if ! test -z "$with_doc_dir"; then
DOCDIR=$with_doc_dir
else
......@@ -157,13 +165,137 @@ fi
AC_SUBST(DOCDIR)
# PAM stuff borrowed from gnome-screensaver
# Determine PAM prefix
withval=""
AC_ARG_WITH(pam-prefix,
[ --with-pam-prefix=<prefix> specify where pam files go],[
if test x$withval != x; then
AC_MSG_RESULT("PAM files will be installed in prefix ${withval}.")
fi])
if test x$withval != x; then
PAM_PREFIX_UNEXPANDED="$withval"
else
PAM_PREFIX_UNEXPANDED="$sysconfdir"
fi
PAM_PREFIX=`eval echo $PAM_PREFIX_UNEXPANDED`
AC_SUBST(PAM_PREFIX)
dnl ---------------------------------------------------------------------------
dnl - Check for PAM
dnl ---------------------------------------------------------------------------
have_pam=no
AC_CHECK_LIB(pam, pam_start, have_pam=yes)
if test "x$have_pam" = "xyes"; then
AUTH_LIBS="${AUTH_LIBS} -lpam"
AC_DEFINE(HAVE_PAM, 1, [Define if PAM support is included])
# On Linux, sigtimedwait() is in libc; on Solaris, it's in librt.
have_timedwait=no
AC_CHECK_LIB(c, sigtimedwait, [have_timedwait=yes])
if test "$have_timedwait" = no ; then
AC_CHECK_LIB(rt, sigtimedwait, [AUTH_LIBS="${AUTH_LIBS} -lrt"])
fi
AC_MSG_CHECKING(how to call pam_strerror)
AC_CACHE_VAL(ac_cv_pam_strerror_args,
[AC_TRY_COMPILE([#include <stdio.h>
#include <stdlib.h>
#include <security/pam_appl.h>],
[pam_handle_t *pamh = 0;
char *s = pam_strerror(pamh, PAM_SUCCESS);],
[ac_pam_strerror_args=2],
[AC_TRY_COMPILE([#include <stdio.h>
#include <stdlib.h>
#include <security/pam_appl.h>],
[char *s =
pam_strerror(PAM_SUCCESS);],
[ac_pam_strerror_args=1],
[ac_pam_strerror_args=0])])
ac_cv_pam_strerror_args=$ac_pam_strerror_args])
ac_pam_strerror_args=$ac_cv_pam_strerror_args
if test "$ac_pam_strerror_args" = 1 ; then
AC_MSG_RESULT(one argument)
elif test "$ac_pam_strerror_args" = 2 ; then
AC_DEFINE(PAM_STRERROR_TWO_ARGS, 1, [Define if pam_strerror takes two arguments])
AC_MSG_RESULT(two arguments)
else
AC_MSG_RESULT(unknown)
fi
fi
AM_CONDITIONAL(HAVE_PAM, test x$have_pam = xyes)
AC_SUBST(HAVE_PAM)
AC_SUBST(AUTH_LIBS)
AC_ARG_WITH(os-type, [ --with-os-type=<os> distribution or OS (redhat)])
#### Check our operating system (distro-tweaks required)
operating_system=unknown
if test -f /etc/redhat-release || test -f SYSCONFDIR/redhat-release ; then
operating_system=redhat
fi
#### Sort out OS (distro-tweaks required)
if test x$with_os_type = x; then
if test x$operating_system = xredhat ; then
with_os_type=redhat
else
with_os_type=unknown
fi
fi
# (distro-tweaks required)
AM_CONDITIONAL(OS_TYPE_UNKNOWN, test x$with_os_type = xunknown, [Running on unknown OS])
AM_CONDITIONAL(OS_TYPE_RED_HAT, test x$with_os_type = xredhat, [Running on Red Hat OS'es])
AC_ARG_WITH(pid-file, [ --with-pid-file=<file> pid file for polkitd])
#### Set up the pid file (distro-tweaks required)
if ! test -z "$with_pid_file"; then
POLKITD_PID_FILE=$with_pid_file
elif test x$with_os_type = xredhat ; then
POLKITD_PID_FILE=${LOCALSTATEDIR}/run/polkitd.pid
else
POLKITD_PID_FILE=${LOCALSTATEDIR}/run/polkitd/pid
fi
AC_SUBST(POLKITD_PID_FILE)
AC_DEFINE_UNQUOTED(POLKITD_PID_FILE, "$POLKITD_PID_FILE", [pid file])
AC_ARG_WITH(pam-include, [ --with-pam-include=<file> pam file to include])
#### Set up pam file to include (distro-tweaks required)
if ! test -z "$with_pam_include"; then
PAM_FILE_INCLUDE=$with_pam_include
elif test x$with_os_type = xredhat ; then
PAM_FILE_INCLUDE=system-auth
else
PAM_FILE_INCLUDE=system-auth
fi
AC_SUBST(PAM_FILE_INCLUDE)
AC_DEFINE_UNQUOTED(PAM_FILE_INCLUDE, "$PAM_FILE_INCLUDE", [pam file to include])
AC_OUTPUT([
policy-kit
polkit.pc
Makefile
polkitd/Makefile
polkitd/PolicyKit
polkitd/PolicyKit.conf
libpolkit/Makefile
tools/Makefile
doc/Makefile
doc/api/Makefile
privileges/Makefile
])
dnl ==========================================================================
......@@ -180,18 +312,30 @@ echo "
sysconfdir: ${SYSCONFDIR}
localstatedir: ${LOCALSTATEDIR}
docdir: ${DOCDIR}
PAM prefix: ${PAM_PREFIX}
compiler: ${CC}
cflags: ${CFLAGS}
cppflags: ${CPPFLAGS}
User for PolicyKit: ${POLKIT_USER}
Group for PolicyKit: ${POLKIT_GROUP}
user for PolicyKit: ${POLKIT_USER}
group for PolicyKit: ${POLKIT_GROUP}
pidfile for polkitd: ${POLKITD_PID_FILE}
PAM support: ${have_pam}
PAM file to include: ${PAM_FILE_INCLUDE}
Maintainer mode: ${USE_MAINTAINER_MODE}
Building verbose mode: ${enable_verbose_mode}
Building api docs: ${enable_gtk_doc}
"
# (distro-tweaks required)
if test x$with_os_type = xredhat; then
echo "NOTE: Red Hat style init scripts and pam file will be installed"
else
echo "NOTE: You have to install init scripts yourself and tweak your own pam file"
fi
echo
echo "NOTE: Remember to create user ${POLKIT_USER} and group ${POLKIT_GROUP} before make install"
echo
......
......@@ -9,11 +9,13 @@ libpolkit
</para>
<!-- ##### SECTION See_Also ##### -->
<para>
</para>
<!-- ##### SECTION Stability_Level ##### -->
......@@ -25,8 +27,9 @@ libpolkit
@LIBPOLKIT_RESULT_OK:
@LIBPOLKIT_RESULT_ERROR:
@LIBPOLKIT_RESULT_INVALID_CONTEXT:
@LIBPOLKIT_RESULT_PERMISSON_DENIED:
@LIBPOLKIT_RESULT_NO_SUCH_POLICY:
@LIBPOLKIT_RESULT_NOT_PRIVILEGED:
@LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
@LIBPOLKIT_RESULT_NO_SUCH_USER:
<!-- ##### STRUCT LibPolKitContext_s ##### -->
<para>
......@@ -40,41 +43,12 @@ libpolkit
</para>
<!-- ##### ENUM LibPolKitElementType ##### -->
<para>
</para>
@LIBPOLKIT_ELEMENT_TYPE_UID:
@LIBPOLKIT_ELEMENT_TYPE_GID:
<!-- ##### STRUCT LibPolKitElement_s ##### -->
<para>
</para>
<!-- ##### TYPEDEF LibPolKitElement ##### -->
<para>
</para>
<!-- ##### FUNCTION libpolkit_new_context ##### -->
<para>
</para>
@Returns:
<!-- ##### FUNCTION libpolkit_context_set_txt_source ##### -->
<para>
</para>
@ctx:
@directory:
@connection:
@Returns:
......@@ -87,269 +61,3 @@ libpolkit
@Returns:
<!-- ##### FUNCTION libpolkit_get_policies ##### -->
<para>
</para>
@ctx:
@result:
@Returns:
<!-- ##### FUNCTION libpolkit_is_uid_allowed_for_policy ##### -->
<para>
</para>
@ctx:
@uid:
@policy:
@resource:
@result:
@Returns:
<!-- ##### FUNCTION libpolkit_is_uid_gid_allowed_for_policy ##### -->
<para>
</para>
@ctx:
@uid:
@num_gids:
@gid_list:
@policy:
@resource:
@result:
@Returns:
<!-- ##### FUNCTION libpolkit_get_whitelist ##### -->
<para>
</para>
@ctx:
@policy:
@result:
@Returns:
<!-- ##### FUNCTION libpolkit_get_blacklist ##### -->
<para>
</para>
@ctx:
@policy:
@result:
@Returns:
<!-- ##### FUNCTION libpolkit_set_whitelist ##### -->
<para>
</para>
@ctx:
@policy:
@whitelist:
@Returns:
<!-- ##### FUNCTION libpolkit_set_blacklist ##### -->
<para>
</para>
@ctx:
@policy:
@blacklist:
@Returns:
<!-- ##### FUNCTION libpolkit_element_get_type ##### -->
<para>
</para>
@elem:
@Returns:
<!-- ##### FUNCTION libpolkit_element_get_include_all ##### -->
<para>
</para>
@elem:
@Returns:
<!-- ##### FUNCTION libpolkit_element_get_exclude_all ##### -->
<para>
</para>
@elem:
@Returns:
<!-- ##### FUNCTION libpolkit_element_get_uid ##### -->
<para>
</para>
@elem:
@Returns:
<!-- ##### FUNCTION libpolkit_element_get_gid ##### -->
<para>
</para>
@elem:
@Returns:
<!-- ##### FUNCTION libpolkit_element_get_resource ##### -->
<para>
</para>
@elem:
@Returns:
<!-- ##### FUNCTION libpolkit_element_new ##### -->
<para>
</para>
@ctx:
@Returns:
<!-- ##### FUNCTION libpolkit_element_set_type ##### -->
<para>
</para>
@elem:
@type:
<!-- ##### FUNCTION libpolkit_element_set_include_all ##### -->
<para>
</para>
@elem:
@value:
<!-- ##### FUNCTION libpolkit_element_set_exclude_all ##### -->
<para>
</para>
@elem:
@value:
<!-- ##### FUNCTION libpolkit_element_set_uid ##### -->
<para>
</para>
@elem:
@uid:
<!-- ##### FUNCTION libpolkit_element_set_gid ##### -->
<para>
</para>
@elem:
@gid:
<!-- ##### FUNCTION libpolkit_element_set_resource ##### -->
<para>
</para>
@elem:
@resource:
<!-- ##### FUNCTION libpolkit_free_element ##### -->
<para>
</para>
@elem:
<!-- ##### FUNCTION libpolkit_free_element_list ##### -->
<para>
</para>
@policy_element_list:
<!-- ##### FUNCTION libpolkit_util_uid_to_name ##### -->
<para>
</para>
@ctx:
@uid:
@default_gid:
@Returns:
<!-- ##### FUNCTION libpolkit_util_gid_to_name ##### -->
<para>
</para>
@ctx:
@gid:
@Returns:
<!-- ##### FUNCTION libpolkit_util_name_to_uid ##### -->
<para>
</para>
@ctx:
@username:
@default_gid:
@Returns:
<!-- ##### FUNCTION libpolkit_util_name_to_gid ##### -->
<para>
</para>
@ctx:
@groupname:
@Returns:
<!-- ##### FUNCTION libpolkit_element_dump ##### -->
<para>
</para>
@elem:
@fp:
......@@ -8,7 +8,9 @@ INCLUDES = \
-DPACKAGE_LOCALSTATEDIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(prefix)/$(DATADIRNAME)/locale"\" \
-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
@GLIB_CFLAGS@
-DDBUS_API_SUBJECT_TO_CHANGE \
@GLIB_CFLAGS@ \
@DBUS_GLIB_CFLAGS@
lib_LTLIBRARIES=libpolkit.la
......@@ -20,20 +22,10 @@ libpolkitinclude_HEADERS = \
libpolkit_la_SOURCES = \
libpolkit.c libpolkit.h
libpolkit_la_LIBADD = @GLIB_LIBS@
libpolkit_la_LIBADD = @DBUS_GLIB_LIBS@ @GLIB_LIBS@
libpolkit_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
check_PROGRAMS = libpolkit-test
libpolkit_test_SOURCES = \
libpolkit-test.c
libpolkit_test_LDADD = @GLIB_LIBS@ libpolkit.la
TESTS = libpolkit-test
clean-local :
rm -f *~
This diff is collapsed.
/***************************************************************************
*
* libpolkit.h : Simple library for system software to query policy and
* UI shells to query and modify policy
* libpolkit.h : Wraps a subset of methods on the PolicyKit daemon
*
* Copyright (C) 2006 David Zeuthen, <david@fubar.dk>
*
......@@ -30,121 +29,38 @@
#include <unistd.h>
#include <sys/types.h>
#include <glib.h>
#include <dbus/dbus.h>
typedef enum {
LIBPOLKIT_RESULT_OK,
LIBPOLKIT_RESULT_ERROR,
LIBPOLKIT_RESULT_INVALID_CONTEXT,
LIBPOLKIT_RESULT_PERMISSON_DENIED,
LIBPOLKIT_RESULT_NO_SUCH_POLICY
LIBPOLKIT_RESULT_NOT_PRIVILEGED,
LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE,
LIBPOLKIT_RESULT_NO_SUCH_USER
} LibPolKitResult;
struct LibPolKitContext_s;
typedef struct LibPolKitContext_s LibPolKitContext;
LibPolKitContext *libpolkit_new_context (DBusConnection *connection);
typedef enum {
LIBPOLKIT_ELEMENT_TYPE_UID,
LIBPOLKIT_ELEMENT_TYPE_GID
} LibPolKitElementType;