Commit 674357c2 authored by Nikki VonHollen's avatar Nikki VonHollen Committed by David Zeuthen

Bug 43610 - Add netgroup support

https://bugs.freedesktop.org/show_bug.cgi?id=43610

Added netgroup support and additional unit tests with MockLibc support.
Signed-off-by: 's avatarDavid Zeuthen <davidz@redhat.com>
parent 15d2e90a
...@@ -57,6 +57,16 @@ test -n "$NO_AUTOMAKE" || (aclocal --version) < /dev/null > /dev/null 2>&1 || { ...@@ -57,6 +57,16 @@ test -n "$NO_AUTOMAKE" || (aclocal --version) < /dev/null > /dev/null 2>&1 || {
DIE=1 DIE=1
} }
# if no automake, don't bother testing for autoreconf
test -n "$NO_AUTOMAKE" || (autoreconf --version) < /dev/null > /dev/null 2>&1 || {
echo
echo "**Error**: You must have autoreconf installed."
echo "You can get autoreconf from ..."
DIE=1
}
if test "$DIE" -eq 1; then if test "$DIE" -eq 1; then
exit 1 exit 1
fi fi
...@@ -75,6 +85,9 @@ esac ...@@ -75,6 +85,9 @@ esac
aclocalinclude="$ACLOCAL_FLAGS" aclocalinclude="$ACLOCAL_FLAGS"
echo "Running autoreconf on test/mocklibc ..."
(cd "test/mocklibc"; autoreconf --install)
if grep "^AM_PROG_LIBTOOL" configure.ac >/dev/null; then if grep "^AM_PROG_LIBTOOL" configure.ac >/dev/null; then
if test -z "$NO_LIBTOOLIZE" ; then if test -z "$NO_LIBTOOLIZE" ; then
echo "Running libtoolize..." echo "Running libtoolize..."
......
...@@ -8,6 +8,9 @@ AM_MAINTAINER_MODE ...@@ -8,6 +8,9 @@ AM_MAINTAINER_MODE
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
# Include external mocklibc tool for unit testing
AC_CONFIG_SUBDIRS([test/mocklibc])
# libtool versioning - this applies to all libraries in this package # libtool versioning - this applies to all libraries in this package
# #
# See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details # See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details
......
...@@ -80,8 +80,9 @@ ...@@ -80,8 +80,9 @@
this key is a semi-colon separated list of identities that can this key is a semi-colon separated list of identities that can
be used when administrator authentication is required. Users are be used when administrator authentication is required. Users are
specified by prefixing the user name with specified by prefixing the user name with
<literal>unix-user:</literal> and groups of users are specified <literal>unix-user:</literal>, groups of users are specified by
by prefixing with <literal>unix-group:</literal>. See prefixing with <literal>unix-group:</literal>, and netgroups of
users are specified with <literal>unix-netgroup:</literal>. See
<xref linkend="pklocalauthority-examples"/> for an example of a <xref linkend="pklocalauthority-examples"/> for an example of a
configuration file. configuration file.
</para> </para>
...@@ -208,7 +209,9 @@ ...@@ -208,7 +209,9 @@
A semi-colon separated list of globs to match identities. Each glob A semi-colon separated list of globs to match identities. Each glob
should start with <literal>unix-user:</literal> or should start with <literal>unix-user:</literal> or
<literal>unix-group:</literal> to specify whether to match on a <literal>unix-group:</literal> to specify whether to match on a
UNIX user name or a UNIX group name. UNIX user name or a UNIX group name. Netgroups are supported with
the <literal>unix-netgroup:</literal> prefix, but cannot support
glob syntax.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
......
...@@ -86,6 +86,7 @@ ...@@ -86,6 +86,7 @@
<xi:include href="xml/polkitidentity.xml"/> <xi:include href="xml/polkitidentity.xml"/>
<xi:include href="xml/polkitunixuser.xml"/> <xi:include href="xml/polkitunixuser.xml"/>
<xi:include href="xml/polkitunixgroup.xml"/> <xi:include href="xml/polkitunixgroup.xml"/>
<xi:include href="xml/polkitunixnetgroup.xml"/>
</chapter> </chapter>
</part> </part>
......
...@@ -5,6 +5,7 @@ polkit_unix_user_new ...@@ -5,6 +5,7 @@ polkit_unix_user_new
polkit_unix_user_new_for_name polkit_unix_user_new_for_name
polkit_unix_user_get_uid polkit_unix_user_get_uid
polkit_unix_user_set_uid polkit_unix_user_set_uid
polkit_unix_user_get_name
<SUBSECTION Standard> <SUBSECTION Standard>
PolkitUnixUserClass PolkitUnixUserClass
POLKIT_UNIX_USER POLKIT_UNIX_USER
...@@ -120,6 +121,23 @@ POLKIT_IS_UNIX_GROUP_CLASS ...@@ -120,6 +121,23 @@ POLKIT_IS_UNIX_GROUP_CLASS
POLKIT_UNIX_GROUP_GET_CLASS POLKIT_UNIX_GROUP_GET_CLASS
</SECTION> </SECTION>
<SECTION>
<FILE>polkitunixnetgroup</FILE>
PolkitUnixNetgroup
polkit_unix_netgroup_new
polkit_unix_netgroup_get_name
polkit_unix_netgroup_set_name
<SUBSECTION Standard>
PolkitUnixNetgroupClass
POLKIT_UNIX_NETGROUP
POLKIT_IS_UNIX_NETGROUP
POLKIT_TYPE_UNIX_NETGROUP
polkit_unix_netgroup_get_type
POLKIT_UNIX_NETGROUP_CLASS
POLKIT_IS_UNIX_NETGROUP_CLASS
POLKIT_UNIX_NETGROUP_GET_CLASS
</SECTION>
<SECTION> <SECTION>
<FILE>polkitunixsession</FILE> <FILE>polkitunixsession</FILE>
PolkitUnixSession PolkitUnixSession
......
...@@ -6,6 +6,7 @@ polkit_implicit_authorization_get_type ...@@ -6,6 +6,7 @@ polkit_implicit_authorization_get_type
polkit_identity_get_type polkit_identity_get_type
polkit_unix_user_get_type polkit_unix_user_get_type
polkit_unix_group_get_type polkit_unix_group_get_type
polkit_unix_netgroup_get_type
polkit_subject_get_type polkit_subject_get_type
polkit_unix_process_get_type polkit_unix_process_get_type
polkit_unix_session_get_type polkit_unix_session_get_type
......
...@@ -51,6 +51,7 @@ libpolkit_gobject_1include_HEADERS = \ ...@@ -51,6 +51,7 @@ libpolkit_gobject_1include_HEADERS = \
polkitidentity.h \ polkitidentity.h \
polkitunixuser.h \ polkitunixuser.h \
polkitunixgroup.h \ polkitunixgroup.h \
polkitunixnetgroup.h \
polkitauthorizationresult.h \ polkitauthorizationresult.h \
polkitcheckauthorizationflags.h \ polkitcheckauthorizationflags.h \
polkitimplicitauthorization.h \ polkitimplicitauthorization.h \
...@@ -73,6 +74,7 @@ libpolkit_gobject_1_la_SOURCES = \ ...@@ -73,6 +74,7 @@ libpolkit_gobject_1_la_SOURCES = \
polkitidentity.c polkitidentity.h \ polkitidentity.c polkitidentity.h \
polkitunixuser.c polkitunixuser.h \ polkitunixuser.c polkitunixuser.h \
polkitunixgroup.c polkitunixgroup.h \ polkitunixgroup.c polkitunixgroup.h \
polkitunixnetgroup.c polkitunixnetgroup.h \
polkitauthorizationresult.c polkitauthorizationresult.h \ polkitauthorizationresult.c polkitauthorizationresult.h \
polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \ polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
polkitimplicitauthorization.c polkitimplicitauthorization.h \ polkitimplicitauthorization.c polkitimplicitauthorization.h \
......
...@@ -33,6 +33,7 @@ ...@@ -33,6 +33,7 @@
#include <polkit/polkitidentity.h> #include <polkit/polkitidentity.h>
#include <polkit/polkitunixuser.h> #include <polkit/polkitunixuser.h>
#include <polkit/polkitunixgroup.h> #include <polkit/polkitunixgroup.h>
#include <polkit/polkitunixnetgroup.h>
#include <polkit/polkitsubject.h> #include <polkit/polkitsubject.h>
#include <polkit/polkitunixprocess.h> #include <polkit/polkitunixprocess.h>
#include <polkit/polkitunixsession.h> #include <polkit/polkitunixsession.h>
......
...@@ -28,6 +28,7 @@ ...@@ -28,6 +28,7 @@
#include "polkitidentity.h" #include "polkitidentity.h"
#include "polkitunixuser.h" #include "polkitunixuser.h"
#include "polkitunixgroup.h" #include "polkitunixgroup.h"
#include "polkitunixnetgroup.h"
#include "polkiterror.h" #include "polkiterror.h"
#include "polkitprivate.h" #include "polkitprivate.h"
...@@ -177,6 +178,10 @@ polkit_identity_from_string (const gchar *str, ...@@ -177,6 +178,10 @@ polkit_identity_from_string (const gchar *str,
identity = polkit_unix_group_new_for_name (str + sizeof "unix-group:" - 1, identity = polkit_unix_group_new_for_name (str + sizeof "unix-group:" - 1,
error); error);
} }
else if (g_str_has_prefix (str, "unix-netgroup:"))
{
identity = polkit_unix_netgroup_new (str + sizeof "unix-netgroup:" - 1);
}
if (identity == NULL && (error != NULL && *error == NULL)) if (identity == NULL && (error != NULL && *error == NULL))
{ {
...@@ -214,6 +219,12 @@ polkit_identity_to_gvariant (PolkitIdentity *identity) ...@@ -214,6 +219,12 @@ polkit_identity_to_gvariant (PolkitIdentity *identity)
g_variant_builder_add (&builder, "{sv}", "gid", g_variant_builder_add (&builder, "{sv}", "gid",
g_variant_new_uint32 (polkit_unix_group_get_gid (POLKIT_UNIX_GROUP (identity)))); g_variant_new_uint32 (polkit_unix_group_get_gid (POLKIT_UNIX_GROUP (identity))));
} }
else if (POLKIT_IS_UNIX_NETGROUP (identity))
{
kind = "unix-netgroup";
g_variant_builder_add (&builder, "{sv}", "name",
g_variant_new_string (polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (identity))));
}
else else
{ {
g_warning ("Unknown class %s implementing PolkitIdentity", g_type_name (G_TYPE_FROM_INSTANCE (identity))); g_warning ("Unknown class %s implementing PolkitIdentity", g_type_name (G_TYPE_FROM_INSTANCE (identity)));
...@@ -326,6 +337,21 @@ polkit_identity_new_for_gvariant (GVariant *variant, ...@@ -326,6 +337,21 @@ polkit_identity_new_for_gvariant (GVariant *variant,
ret = polkit_unix_group_new (gid); ret = polkit_unix_group_new (gid);
} }
else if (g_strcmp0 (kind, "unix-netgroup") == 0)
{
GVariant *v;
const char *name;
v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error);
if (v == NULL)
{
g_prefix_error (error, "Error parsing net identity: ");
goto out;
}
name = g_variant_get_string (v, NULL);
ret = polkit_unix_netgroup_new (name);
g_variant_unref (v);
}
else else
{ {
g_set_error (error, g_set_error (error,
......
...@@ -49,6 +49,9 @@ typedef struct _PolkitUnixUser PolkitUnixUser; ...@@ -49,6 +49,9 @@ typedef struct _PolkitUnixUser PolkitUnixUser;
struct _PolkitUnixGroup; struct _PolkitUnixGroup;
typedef struct _PolkitUnixGroup PolkitUnixGroup; typedef struct _PolkitUnixGroup PolkitUnixGroup;
struct _PolkitUnixNetgroup;
typedef struct _PolkitUnixNetgroup PolkitUnixNetgroup;
struct _PolkitAuthorizationResult; struct _PolkitAuthorizationResult;
typedef struct _PolkitAuthorizationResult PolkitAuthorizationResult; typedef struct _PolkitAuthorizationResult PolkitAuthorizationResult;
......
/*
* Copyright (C) 2008 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place, Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: David Zeuthen <davidz@redhat.com>
* Author: Nikki VonHollen <vonhollen@google.com>
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <string.h>
#include <errno.h>
#include "polkitunixnetgroup.h"
#include "polkitidentity.h"
#include "polkiterror.h"
#include "polkitprivate.h"
/**
* SECTION:polkitunixnetgroup
* @title: PolkitUnixNetgroup
* @short_description: Unix netgroups
*
* An object representing a netgroup identity on a UNIX system.
*/
/**
* PolkitUnixNetgroup:
*
* The #PolkitUnixNetgroup struct should not be accessed directly.
*/
struct _PolkitUnixNetgroup
{
GObject parent_instance;
gchar *name;
};
struct _PolkitUnixNetgroupClass
{
GObjectClass parent_class;
};
enum
{
PROP_0,
PROP_NAME,
};
static void identity_iface_init (PolkitIdentityIface *identity_iface);
G_DEFINE_TYPE_WITH_CODE (PolkitUnixNetgroup, polkit_unix_netgroup, G_TYPE_OBJECT,
G_IMPLEMENT_INTERFACE (POLKIT_TYPE_IDENTITY, identity_iface_init)
);
static void
polkit_unix_netgroup_init (PolkitUnixNetgroup *net_group)
{
net_group->name = NULL;
}
static void
polkit_unix_netgroup_finalize (GObject *object)
{
PolkitUnixNetgroup *net_group = POLKIT_UNIX_NETGROUP (object);
g_free(net_group->name);
G_OBJECT_CLASS (polkit_unix_netgroup_parent_class)->finalize (object);
}
static void
polkit_unix_netgroup_get_property (GObject *object,
guint prop_id,
GValue *value,
GParamSpec *pspec)
{
PolkitUnixNetgroup *net_group = POLKIT_UNIX_NETGROUP (object);
switch (prop_id)
{
case PROP_NAME:
g_value_set_string (value, polkit_unix_netgroup_get_name (net_group));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
}
}
static void
polkit_unix_netgroup_set_property (GObject *object,
guint prop_id,
const GValue *value,
GParamSpec *pspec)
{
PolkitUnixNetgroup *net_group = POLKIT_UNIX_NETGROUP (object);
switch (prop_id)
{
case PROP_NAME:
polkit_unix_netgroup_set_name (net_group, g_value_get_string (value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
}
}
static void
polkit_unix_netgroup_class_init (PolkitUnixNetgroupClass *klass)
{
GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
gobject_class->finalize = polkit_unix_netgroup_finalize;
gobject_class->get_property = polkit_unix_netgroup_get_property;
gobject_class->set_property = polkit_unix_netgroup_set_property;
/**
* PolkitUnixNetgroup:name:
*
* The NIS netgroup name.
*/
g_object_class_install_property (gobject_class,
PROP_NAME,
g_param_spec_string ("name",
"Group Name",
"The NIS netgroup name",
NULL,
G_PARAM_CONSTRUCT |
G_PARAM_READWRITE |
G_PARAM_STATIC_NAME |
G_PARAM_STATIC_BLURB |
G_PARAM_STATIC_NICK));
}
/**
* polkit_unix_netgroup_get_name:
* @group: A #PolkitUnixNetgroup.
*
* Gets the netgroup name for @group.
*
* Returns: A netgroup name string.
*/
const gchar *
polkit_unix_netgroup_get_name (PolkitUnixNetgroup *group)
{
g_return_val_if_fail (POLKIT_IS_UNIX_NETGROUP (group), NULL);
return group->name;
}
/**
* polkit_unix_netgroup_set_gid:
* @group: A #PolkitUnixNetgroup.
* @name: A netgroup name.
*
* Sets @name for @group.
*/
void
polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group,
const gchar * name)
{
g_return_if_fail (POLKIT_IS_UNIX_NETGROUP (group));
g_free(group->name);
group->name = g_strdup(name);
}
/**
* polkit_unix_netgroup_new:
* @name: A netgroup name.
*
* Creates a new #PolkitUnixNetgroup object for @name.
*
* Returns: (transfer full): A #PolkitUnixNetgroup object. Free with g_object_unref().
*/
PolkitIdentity *
polkit_unix_netgroup_new (const gchar *name)
{
g_return_val_if_fail (name != NULL, NULL);
return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_NETGROUP,
"name", name,
NULL));
}
static guint
polkit_unix_netgroup_hash (PolkitIdentity *identity)
{
PolkitUnixNetgroup *group;
group = POLKIT_UNIX_NETGROUP (identity);
return g_str_hash(group->name);
}
static gboolean
polkit_unix_netgroup_equal (PolkitIdentity *a,
PolkitIdentity *b)
{
PolkitUnixNetgroup *group_a;
PolkitUnixNetgroup *group_b;
group_a = POLKIT_UNIX_NETGROUP (a);
group_b = POLKIT_UNIX_NETGROUP (b);
if (g_strcmp0(group_a->name, group_b->name) == 0)
return TRUE;
else
return FALSE;
}
static gchar *
polkit_unix_netgroup_to_string (PolkitIdentity *identity)
{
PolkitUnixNetgroup *group = POLKIT_UNIX_NETGROUP (identity);
return g_strconcat("unix-netgroup:", group->name, NULL);
}
static void
identity_iface_init (PolkitIdentityIface *identity_iface)
{
identity_iface->hash = polkit_unix_netgroup_hash;
identity_iface->equal = polkit_unix_netgroup_equal;
identity_iface->to_string = polkit_unix_netgroup_to_string;
}
/*
* Copyright (C) 2008 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place, Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: David Zeuthen <davidz@redhat.com>
* Author: Nikki VonHollen <vonhollen@google.com>
*/
#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H)
#error "Only <polkit/polkit.h> can be included directly, this file may disappear or change contents."
#endif
#ifndef __POLKIT_UNIX_NETGROUP_H
#define __POLKIT_UNIX_NETGROUP_H
#include <unistd.h>
#include <sys/types.h>
#include <glib-object.h>
#include <gio/gio.h>
#include <polkit/polkittypes.h>
G_BEGIN_DECLS
#define POLKIT_TYPE_UNIX_NETGROUP (polkit_unix_netgroup_get_type())
#define POLKIT_UNIX_NETGROUP(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_UNIX_NETGROUP, PolkitUnixNetgroup))
#define POLKIT_UNIX_NETGROUP_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_UNIX_NETGROUP, PolkitUnixNetgroupClass))
#define POLKIT_UNIX_NETGROUP_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_UNIX_NETGROUP, PolkitUnixNetgroupClass))
#define POLKIT_IS_UNIX_NETGROUP(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_UNIX_NETGROUP))
#define POLKIT_IS_UNIX_NETGROUP_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_UNIX_NETGROUP))
#if 0
typedef struct _PolkitUnixNetgroup PolkitUnixNetgroup;
#endif
typedef struct _PolkitUnixNetgroupClass PolkitUnixNetgroupClass;
GType polkit_unix_netgroup_get_type (void) G_GNUC_CONST;
PolkitIdentity *polkit_unix_netgroup_new (const gchar *name);
const gchar *polkit_unix_netgroup_get_name (PolkitUnixNetgroup *group);
void polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group,
const gchar *name);
G_END_DECLS
#endif /* __POLKIT_UNIX_NETGROUP_H */
...@@ -49,6 +49,7 @@ struct _PolkitUnixUser ...@@ -49,6 +49,7 @@ struct _PolkitUnixUser
GObject parent_instance; GObject parent_instance;
gint uid; gint uid;
gchar *name;
}; };
struct _PolkitUnixUserClass struct _PolkitUnixUserClass
...@@ -71,6 +72,17 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT, ...@@ -71,6 +72,17 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT,
static void static void
polkit_unix_user_init (PolkitUnixUser *unix_user) polkit_unix_user_init (PolkitUnixUser *unix_user)
{ {
unix_user->name = NULL;
}
static void
polkit_unix_user_finalize (GObject *object)
{
PolkitUnixUser *unix_user = POLKIT_UNIX_USER (object);
g_free(unix_user->name);
G_OBJECT_CLASS (polkit_unix_user_parent_class)->finalize (object);
} }
static void static void
...@@ -118,6 +130,7 @@ polkit_unix_user_class_init (PolkitUnixUserClass *klass) ...@@ -118,6 +130,7 @@ polkit_unix_user_class_init (PolkitUnixUserClass *klass)
{ {
GObjectClass *gobject_class = G_OBJECT_CLASS (klass); GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
gobject_class->finalize = polkit_unix_user_finalize;
gobject_class->get_property = polkit_unix_user_get_property; gobject_class->get_property = polkit_unix_user_get_property;
gobject_class->set_property = polkit_unix_user_set_property; gobject_class->set_property = polkit_unix_user_set_property;
...@@ -228,6 +241,29 @@ polkit_unix_user_new_for_name (const gchar *name, ...@@ -228,6 +241,29 @@ polkit_unix_user_new_for_name (const gchar *name,
return identity; return identity;
} }
/**
* polkit_unix_user_get_name:
* @user: A #PolkitUnixUser.
*
* Get the user's name.
*
* Returns: (allow-none) (transfer none): User name string or %NULL if user uid not found.
*/
const gchar *
polkit_unix_user_get_name (PolkitUnixUser *user)
{
if (user->name == NULL)
{
struct passwd *passwd;
passwd = getpwuid (user->uid);
if (passwd != NULL)
user->name = g_strdup(passwd->pw_name);
}
return user->name;
}
static gboolean static gboolean
polkit_unix_user_equal (PolkitIdentity *a, polkit_unix_user_equal (PolkitIdentity *a,
PolkitIdentity *b) PolkitIdentity *b)
...@@ -255,14 +291,12 @@ static gchar * ...@@ -255,14 +291,12 @@ static gchar *
polkit_unix_user_to_string (PolkitIdentity *identity) polkit_unix_user_to_string (PolkitIdentity *identity)
{ {
PolkitUnixUser *user = POLKIT_UNIX_USER (identity); PolkitUnixUser *user = POLKIT_UNIX_USER (identity);
struct passwd *passwd; const gchar *user_name = polkit_unix_user_get_name(user);
passwd = getpwuid (user->uid);
if (passwd == NULL) if (user_name != NULL)
return g_strdup_printf ("unix-user:%d", user->uid); return g_strdup_printf ("unix-user:%s", user_name);
else else
return g_strdup_printf ("unix-user:%s", passwd->pw_name); return g_strdup_printf ("unix-user:%d", user->uid);
} }
static void static void
......
...@@ -53,6 +53,7 @@ PolkitIdentity *polkit_unix_user_new_for_name (const gchar *name, ...@@ -53,6 +53,7 @@ PolkitIdentity *polkit_unix_user_new_for_name (const gchar *name,
gint polkit_unix_user_get_uid (PolkitUnixUser *user); gint polkit_unix_user_get_uid (PolkitUnixUser *user);
void polkit_unix_user_set_uid (PolkitUnixUser *user, void polkit_unix_user_set_uid (PolkitUnixUser *user,
gint uid); gint uid);
const gchar *polkit_unix_user_get_name (PolkitUnixUser *user);
G_END_DECLS G_END_DECLS
......
...@@ -23,6 +23,7 @@ ...@@ -23,6 +23,7 @@
#include <errno.h> #include <errno.h>
#include <pwd.h> #include <pwd.h>
#include <grp.h> #include <grp.h>
#include <netdb.h>
#include <string.h> #include <string.h>
#include <glib/gstdio.h> #include <glib/gstdio.h>
#include <locale.h> #include <locale.h>
...@@ -52,6 +53,9 @@ ...@@ -52,6 +53,9 @@
static GList *get_users_in_group (PolkitIdentity *group, static GList *get_users_in_group (PolkitIdentity *group,
gboolean include_root); gboolean include_root);
static GList *get_users_in_net_group (PolkitIdentity *group,
gboolean include_root);
static GList *get_groups_for_user (PolkitIdentity *user); static GList *get_groups_for_user (PolkitIdentity *user);
/* ---------------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------------- */
...@@ -507,6 +511,10 @@ polkit_backend_local_authority_get_admin_auth_identities (PolkitBackendInteracti ...@@ -507,6 +511,10 @@ polkit_backend_local_authority_get_admin_auth_identities (PolkitBackendInteracti
{ {
ret = g_list_concat (ret, get_users_in_group (identity, FALSE)); ret = g_list_concat (ret, get_users_in_group (identity, FALSE));
} }
else if (POLKIT_IS_UNIX_NETGROUP (identity))
{
ret = g_list_concat (ret, get_users_in_net_group (identity, FALSE));
}
else