Skip to content
Projeler
Gruplar
Parçacıklar
Yardım
Yükleniyor...
Oturum aç / Kaydol
Gezinmeyi değiştir
S
scom
Proje
Proje
Ayrıntılar
Etkinlik
Cycle Analytics
Depo (repository)
Depo (repository)
Dosyalar
Kayıtlar (commit)
Dallar (branch)
Etiketler
Katkıda bulunanlar
Grafik
Karşılaştır
Grafikler
Konular (issue)
0
Konular (issue)
0
Liste
Pano
Etiketler
Kilometre Taşları
Birleştirme (merge) Talepleri
0
Birleştirme (merge) Talepleri
0
CI / CD
CI / CD
İş akışları (pipeline)
İşler
Zamanlamalar
Grafikler
Paketler
Paketler
Wiki
Wiki
Parçacıklar
Parçacıklar
Üyeler
Üyeler
Collapse sidebar
Close sidebar
Etkinlik
Grafik
Grafikler
Yeni bir konu (issue) oluştur
İşler
Kayıtlar (commit)
Konu (issue) Panoları
Kenar çubuğunu aç
SulinOS
scom
Commits
264fdbb7
Kaydet (Commit)
264fdbb7
authored
Kas 02, 2008
tarafından
Bahadır Kandemir
Dosyalara gözat
Seçenekler
Dosyalara Gözat
İndir
Eposta Yamaları
Sade Fark
PolicyKit exceptions now return related action id
üst
fa80bc23
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
53 additions
and
39 deletions
+53
-39
CMakeLists.txt
comar/CMakeLists.txt
+1
-1
ChangeLog
comar/ChangeLog
+3
-0
policy.h
comar/include/policy.h
+2
-1
dbus.c
comar/src/dbus.c
+7
-3
policy.c
comar/src/policy.c
+40
-34
No files found.
comar/CMakeLists.txt
Dosyayı görüntüle @
264fdbb7
...
...
@@ -7,7 +7,7 @@ SET (APP_SUFFIX "")
# Version string
SET
(
VERSION_MAJOR
"2"
)
SET
(
VERSION_MINOR
"0"
)
SET
(
VERSION_PATCH
"
2
"
)
SET
(
VERSION_PATCH
"
3
"
)
# Uncomment this for production releases.
#SET (VERSION_SUFFIX "beta2")
...
...
comar/ChangeLog
0 → 100644
Dosyayı görüntüle @
264fdbb7
2008-11-02 Bahadır Kandemir <bahadir@pardus.org.tr>
* comar: PolicyKit exceptions now return related action id.
comar/include/policy.h
Dosyayı görüntüle @
264fdbb7
...
...
@@ -9,4 +9,5 @@
#include <polkit-dbus/polkit-dbus.h>
int
policy_check
(
const
char
*
sender
,
const
char
*
interface
,
const
char
*
method
,
PolKitResult
*
result
);
int
policy_check
(
const
char
*
sender
,
char
*
action
,
PolKitResult
*
result
);
char
*
policy_action
(
const
char
*
interface
,
const
char
*
method
);
comar/src/dbus.c
Dosyayı görüntüle @
264fdbb7
...
...
@@ -589,7 +589,10 @@ dbus_policy_check(const char *sender, const char *interface, const char *method)
PolKitResult
polkit_result
;
if
(
policy_check
(
sender
,
interface
,
method
,
&
polkit_result
))
{
char
*
action
=
policy_action
(
interface
,
method
);
printf
(
"action: %s
\n
"
,
action
);
if
(
policy_check
(
sender
,
action
,
&
polkit_result
))
{
log_debug
(
LOG_PLCY
,
"PolicyKit: %s.%s = %s
\n
"
,
interface
,
method
,
polkit_result_to_string_representation
(
polkit_result
));
switch
(
polkit_result
)
{
case
POLKIT_RESULT_YES
:
...
...
@@ -606,17 +609,18 @@ dbus_policy_check(const char *sender, const char *interface, const char *method)
case
POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_KEEP_ALWAYS
:
case
POLKIT_RESULT_ONLY_VIA_ADMIN_AUTH_ONE_SHOT
:
dbus_signal
(
"/"
,
interface
,
"PolicyKit"
,
PyString_FromString
(
"policy_auth_admin"
));
dbus_reply_error
(
"policy"
,
"auth_admin"
,
"Access denied, but can be granted via admin auth."
);
dbus_reply_error
(
"policy"
,
"auth_admin"
,
action
);
return
0
;
case
POLKIT_RESULT_ONLY_VIA_SELF_AUTH
:
case
POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_SESSION
:
case
POLKIT_RESULT_ONLY_VIA_SELF_AUTH_KEEP_ALWAYS
:
case
POLKIT_RESULT_ONLY_VIA_SELF_AUTH_ONE_SHOT
:
dbus_signal
(
"/"
,
interface
,
"PolicyKit"
,
PyString_FromString
(
"policy_auth_self"
));
dbus_reply_error
(
"policy"
,
"auth_self"
,
"Access denied, but can be granted via self auth."
);
dbus_reply_error
(
"policy"
,
"auth_self"
,
action
);
return
0
;
}
}
printf
(
"hebele: %s
\n
"
,
polkit_result_to_string_representation
(
polkit_result
));
dbus_reply_error
(
"core"
,
"internal"
,
"Unable to query PolicyKit"
);
return
0
;
}
...
...
comar/src/policy.c
Dosyayı görüntüle @
264fdbb7
...
...
@@ -22,15 +22,50 @@
#include "model.h"
#include "utility.h"
//! Finds action_id of a method
char
*
policy_action
(
const
char
*
interface
,
const
char
*
method
)
{
char
*
model
,
*
action
,
*
t
,
*
access_label
=
NULL
;
int
size
,
node_no
;
model
=
(
char
*
)
strsub
(
interface
,
strlen
(
cfg_bus_interface
)
+
1
,
0
);
node_no
=
model_lookup_method
(
model
,
method
);
free
(
model
);
if
(
node_no
>
-
1
)
{
access_label
=
model_get_method_access_label
(
node_no
);
}
if
(
access_label
)
{
// action = interface.access_label
size
=
strlen
(
interface
)
+
1
+
strlen
(
access_label
)
+
1
;
action
=
malloc
(
size
);
snprintf
(
action
,
size
,
"%s.%s"
,
interface
,
access_label
);
action
[
size
-
1
]
=
'\0'
;
}
else
{
// action = interface.method
size
=
strlen
(
interface
)
+
1
+
strlen
(
method
)
+
1
;
action
=
malloc
(
size
);
snprintf
(
action
,
size
,
"%s.%s"
,
interface
,
method
);
action
[
size
-
1
]
=
'\0'
;
}
for
(
t
=
action
;
*
t
!=
'\0'
;
t
++
)
{
*
t
=
tolower
(
*
t
);
}
return
action
;
}
//! Check if sender is allowed to call method
int
policy_check
(
const
char
*
sender
,
c
onst
char
*
interface
,
const
char
*
method
,
PolKitResult
*
result
)
policy_check
(
const
char
*
sender
,
c
har
*
action
,
PolKitResult
*
result
)
{
/*!
*
* @sender Bus name of the sender
* @interface Interface
* @method Method
* @result PK result
* @return 0 on success, 1 on error
*/
...
...
@@ -41,8 +76,7 @@ policy_check(const char *sender, const char *interface, const char *method, PolK
PolKitCaller
*
polkit_clr
;
PolKitAction
*
polkit_act
;
PolKitError
*
perr
;
int
size
,
node_no
,
uid
=
-
1
;
char
*
action
,
*
access_label
=
NULL
,
*
model
,
*
t
;
int
uid
=
-
1
;
*
result
=
(
PolKitResult
)
POLKIT_RESULT_NO
;
...
...
@@ -81,41 +115,13 @@ policy_check(const char *sender, const char *interface, const char *method, PolK
return
0
;
}
model
=
(
char
*
)
strsub
(
interface
,
strlen
(
cfg_bus_interface
)
+
1
,
0
);
node_no
=
model_lookup_method
(
model
,
method
);
free
(
model
);
if
(
node_no
>
-
1
)
{
access_label
=
model_get_method_access_label
(
node_no
);
}
if
(
access_label
)
{
// action = interface.access_label
size
=
strlen
(
interface
)
+
1
+
strlen
(
access_label
)
+
1
;
action
=
malloc
(
size
);
snprintf
(
action
,
size
,
"%s.%s"
,
interface
,
access_label
);
action
[
size
-
1
]
=
'\0'
;
}
else
{
// action = interface.method
size
=
strlen
(
interface
)
+
1
+
strlen
(
method
)
+
1
;
action
=
malloc
(
size
);
snprintf
(
action
,
size
,
"%s.%s"
,
interface
,
method
);
action
[
size
-
1
]
=
'\0'
;
}
for
(
t
=
action
;
*
t
!=
'\0'
;
t
++
)
{
*
t
=
tolower
(
*
t
);
}
if
(
!
polkit_action_validate_id
(
action
))
{
// log_error("Unable to query CK, action is not valid: %s\n", action);
free
(
action
);
return
0
;
}
polkit_act
=
polkit_action_new
();
polkit_action_set_action_id
(
polkit_act
,
action
);
free
(
action
);
*
result
=
polkit_context_is_caller_authorized
(
polkit_ctx
,
polkit_act
,
polkit_clr
,
FALSE
,
&
perr
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment