diff options
Diffstat (limited to 'plugins/polkit.c')
-rw-r--r-- | plugins/polkit.c | 146 |
1 files changed, 11 insertions, 135 deletions
diff --git a/plugins/polkit.c b/plugins/polkit.c index 8590dde4..be72eb07 100644 --- a/plugins/polkit.c +++ b/plugins/polkit.c @@ -23,156 +23,32 @@ #include <config.h> #endif -#include <errno.h> - -#include <glib.h> -#include <polkit-dbus/polkit-dbus.h> +#include <gdbus.h> #define CONNMAN_API_SUBJECT_TO_CHANGE #include <connman/plugin.h> #include <connman/security.h> -#include <connman/dbus.h> -#include <connman/log.h> - -#define ACTION_MODIFY "org.moblin.connman.modify" -#define ACTION_SECRET "org.moblin.connman.secret" - -static DBusConnection *connection; -static PolKitContext *polkit_context; - -static int polkit_authorize(const char *sender, - enum connman_security_privilege privilege) -{ - DBusError error; - PolKitCaller *caller; - PolKitAction *action; - PolKitResult result; - const char *id = NULL; - - DBG("sender %s", sender); - - switch (privilege) { - case CONNMAN_SECURITY_PRIVILEGE_PUBLIC: - return 0; - case CONNMAN_SECURITY_PRIVILEGE_MODIFY: - id = ACTION_MODIFY; - break; - case CONNMAN_SECURITY_PRIVILEGE_SECRET: - id = ACTION_SECRET; - break; - } - - dbus_error_init(&error); - - caller = polkit_caller_new_from_dbus_name(connection, sender, &error); - if (caller == NULL) { - if (dbus_error_is_set(&error) == TRUE) { - connman_error("%s", error.message); - dbus_error_free(&error); - } else - connman_error("Failed to get caller information"); - return -EIO; - } - - action = polkit_action_new(); - polkit_action_set_action_id(action, id); - - result = polkit_context_is_caller_authorized(polkit_context, - action, caller, TRUE, NULL); - polkit_action_unref(action); - polkit_caller_unref(caller); - - DBG("result %s", polkit_result_to_string_representation(result)); - - if (result == POLKIT_RESULT_NO) - return -EPERM; - - return 0; -} - -static struct connman_security polkit_security = { - .name = "polkit", - .authorize_sender = polkit_authorize, +static const GDBusSecurityTable polkit_security[] = { + { CONNMAN_SECURITY_PRIVILEGE_MODIFY, "org.moblin.connman.modify", + G_DBUS_SECURITY_FLAG_BUILTIN | + G_DBUS_SECURITY_FLAG_ALLOW_INTERACTION }, + { CONNMAN_SECURITY_PRIVILEGE_SECRET, "org.moblin.connman.secret", + G_DBUS_SECURITY_FLAG_BUILTIN | + G_DBUS_SECURITY_FLAG_ALLOW_INTERACTION }, + { } }; -static gboolean watch_event(GIOChannel *channel, GIOCondition condition, - gpointer user_data) -{ - PolKitContext *context = user_data; - int fd; - - DBG("context %p", context); - - fd = g_io_channel_unix_get_fd(channel); - - polkit_context_io_func(context, fd); - - return TRUE; -} - -static int add_watch(PolKitContext *context, int fd) -{ - GIOChannel *channel; - guint id = 0; - - DBG("context %p", context); - - channel = g_io_channel_unix_new(fd); - if (channel == NULL) - return 0; - - id = g_io_add_watch(channel, G_IO_IN, watch_event, context); - - g_io_channel_unref(channel); - - return id; -} - -static void remove_watch(PolKitContext *context, int id) -{ - DBG("context %p", context); - - g_source_remove(id); -} - static int polkit_init(void) { - int err; - - connection = connman_dbus_get_connection(); - if (connection == NULL) - return -EIO; - - polkit_context = polkit_context_new(); - - polkit_context_set_io_watch_functions(polkit_context, - add_watch, remove_watch); - - if (polkit_context_init(polkit_context, NULL) == FALSE) { - connman_error("Can't initialize PolicyKit"); - polkit_context_unref(polkit_context); - dbus_connection_unref(connection); - return -EIO; - } - - err = connman_security_register(&polkit_security); - if (err < 0) { - polkit_context_unref(polkit_context); - dbus_connection_unref(connection); - return err; - } + g_dbus_register_security(polkit_security); return 0; } static void polkit_exit(void) { - connman_security_unregister(&polkit_security); - - polkit_context_unref(polkit_context); - - dbus_connection_unref(connection); + g_dbus_unregister_security(polkit_security); } CONNMAN_PLUGIN_DEFINE(polkit, "PolicyKit authorization plugin", VERSION, |