chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
job: print the "OK" status messages in normal green
[elogind.git]
/
src
/
shared
/
polkit.c
diff --git
a/src/shared/polkit.c
b/src/shared/polkit.c
index 14e27cdc608ba3f417a4bd67aa64b1db8ae17654..cea7074ad3d4f630f5d349da20a53dfc207738c5 100644
(file)
--- a/
src/shared/polkit.c
+++ b/
src/shared/polkit.c
@@
-35,9
+35,10
@@
int verify_polkit(
bool *_challenge,
DBusError *error) {
bool *_challenge,
DBusError *error) {
+
+#ifdef ENABLE_POLKIT
DBusMessage *m = NULL, *reply = NULL;
const char *unix_process = "unix-process", *pid = "pid", *starttime = "start-time", *cancel_id = "";
DBusMessage *m = NULL, *reply = NULL;
const char *unix_process = "unix-process", *pid = "pid", *starttime = "start-time", *cancel_id = "";
- const char *sender;
uint32_t flags = interactive ? 1 : 0;
pid_t pid_raw;
uint32_t pid_u32;
uint32_t flags = interactive ? 1 : 0;
pid_t pid_raw;
uint32_t pid_u32;
@@
-46,6
+47,9
@@
int verify_polkit(
DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
int r;
dbus_bool_t authorized = FALSE, challenge = FALSE;
DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
int r;
dbus_bool_t authorized = FALSE, challenge = FALSE;
+#endif
+ const char *sender;
+ unsigned long ul;
assert(c);
assert(request);
assert(c);
assert(request);
@@
-54,6
+58,16
@@
int verify_polkit(
if (!sender)
return -EINVAL;
if (!sender)
return -EINVAL;
+ ul = dbus_bus_get_unix_user(c, sender, error);
+ if (ul == (unsigned long) -1)
+ return -EINVAL;
+
+ /* Shortcut things for root, to avoid the PK roundtrip and dependency */
+ if (ul == 0)
+ return 1;
+
+#ifdef ENABLE_POLKIT
+
pid_raw = bus_get_unix_process_id(c, sender, error);
if (pid_raw == 0)
return -EINVAL;
pid_raw = bus_get_unix_process_id(c, sender, error);
if (pid_raw == 0)
return -EINVAL;
@@
-103,11
+117,14
@@
int verify_polkit(
reply = dbus_connection_send_with_reply_and_block(c, m, -1, error);
if (!reply) {
reply = dbus_connection_send_with_reply_and_block(c, m, -1, error);
if (!reply) {
- r = -EIO;
- goto finish;
- }
- if (dbus_set_error_from_message(error, reply)) {
+ /* Treat no PK available as access denied */
+ if (dbus_error_has_name(error, DBUS_ERROR_SERVICE_UNKNOWN)) {
+ r = -EACCES;
+ dbus_error_free(error);
+ goto finish;
+ }
+
r = -EIO;
goto finish;
}
r = -EIO;
goto finish;
}
@@
-144,7
+161,6
@@
int verify_polkit(
r = -EPERM;
finish:
r = -EPERM;
finish:
-
if (m)
dbus_message_unref(m);
if (m)
dbus_message_unref(m);
@@
-152,4
+168,7
@@
finish:
dbus_message_unref(reply);
return r;
dbus_message_unref(reply);
return r;
+#else
+ return -EPERM;
+#endif
}
}