1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include "dbus-common.h"
38 DBusMessage *m = NULL, *reply = NULL;
39 const char *unix_process = "unix-process", *pid = "pid", *starttime = "start-time", *cancel_id = "";
41 uint32_t flags = interactive ? 1 : 0;
44 unsigned long long starttime_raw;
45 uint64_t starttime_u64;
46 DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
48 dbus_bool_t authorized = FALSE, challenge = FALSE;
54 sender = dbus_message_get_sender(request);
58 ul = dbus_bus_get_unix_user(c, sender, error);
59 if (ul == (unsigned long) -1)
62 /* Shortcut things for root, to avoid the PK roundtrip and dependency */
66 pid_raw = bus_get_unix_process_id(c, sender, error);
70 r = get_starttime_of_pid(pid_raw, &starttime_raw);
74 m = dbus_message_new_method_call(
75 "org.freedesktop.PolicyKit1",
76 "/org/freedesktop/PolicyKit1/Authority",
77 "org.freedesktop.PolicyKit1.Authority",
78 "CheckAuthorization");
82 dbus_message_iter_init_append(m, &iter_msg);
84 pid_u32 = (uint32_t) pid_raw;
85 starttime_u64 = (uint64_t) starttime_raw;
87 if (!dbus_message_iter_open_container(&iter_msg, DBUS_TYPE_STRUCT, NULL, &iter_struct) ||
88 !dbus_message_iter_append_basic(&iter_struct, DBUS_TYPE_STRING, &unix_process) ||
89 !dbus_message_iter_open_container(&iter_struct, DBUS_TYPE_ARRAY, "{sv}", &iter_array) ||
90 !dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict) ||
91 !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &pid) ||
92 !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant) ||
93 !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &pid_u32) ||
94 !dbus_message_iter_close_container(&iter_dict, &iter_variant) ||
95 !dbus_message_iter_close_container(&iter_array, &iter_dict) ||
96 !dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict) ||
97 !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &starttime) ||
98 !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "t", &iter_variant) ||
99 !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT64, &starttime_u64) ||
100 !dbus_message_iter_close_container(&iter_dict, &iter_variant) ||
101 !dbus_message_iter_close_container(&iter_array, &iter_dict) ||
102 !dbus_message_iter_close_container(&iter_struct, &iter_array) ||
103 !dbus_message_iter_close_container(&iter_msg, &iter_struct) ||
104 !dbus_message_iter_append_basic(&iter_msg, DBUS_TYPE_STRING, &action) ||
105 !dbus_message_iter_open_container(&iter_msg, DBUS_TYPE_ARRAY, "{ss}", &iter_array) ||
106 !dbus_message_iter_close_container(&iter_msg, &iter_array) ||
107 !dbus_message_iter_append_basic(&iter_msg, DBUS_TYPE_UINT32, &flags) ||
108 !dbus_message_iter_append_basic(&iter_msg, DBUS_TYPE_STRING, &cancel_id)) {
113 reply = dbus_connection_send_with_reply_and_block(c, m, -1, error);
116 /* Treat no PK available as access denied */
117 if (dbus_error_has_name(error, DBUS_ERROR_SERVICE_UNKNOWN)) {
119 dbus_error_free(error);
127 if (!dbus_message_iter_init(reply, &iter_msg) ||
128 dbus_message_iter_get_arg_type(&iter_msg) != DBUS_TYPE_STRUCT) {
133 dbus_message_iter_recurse(&iter_msg, &iter_struct);
135 if (dbus_message_iter_get_arg_type(&iter_struct) != DBUS_TYPE_BOOLEAN) {
140 dbus_message_iter_get_basic(&iter_struct, &authorized);
142 if (!dbus_message_iter_next(&iter_struct) ||
143 dbus_message_iter_get_arg_type(&iter_struct) != DBUS_TYPE_BOOLEAN) {
148 dbus_message_iter_get_basic(&iter_struct, &challenge);
152 else if (_challenge) {
153 *_challenge = !!challenge;
160 dbus_message_unref(m);
163 dbus_message_unref(reply);