X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=extras%2Fudev-acl%2Fudev-acl.c;h=41e2536e037da002490cc15eaf331dbdbaa5a65d;hp=c070fccd17a6b45efd750cf720950497d809af19;hb=ac5c41ab70b1975d880ba86ece6f49bbc6bac44a;hpb=5c3ebbf35a2c101e0212c7066f0d65e457fcf40c

diff --git a/extras/udev-acl/udev-acl.c b/extras/udev-acl/udev-acl.c
index c070fccd1..41e2536e0 100644
--- a/extras/udev-acl/udev-acl.c
+++ b/extras/udev-acl/udev-acl.c
@@ -12,20 +12,18 @@
  * General Public License for more details:
  */
 
-#include <stdio.h>
-#include <errno.h>
-#include <string.h>
-#include <inttypes.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
+#include <acl/libacl.h>
+#include <sys/stat.h>
 #include <errno.h>
 #include <getopt.h>
-#include <sys/stat.h>
 #include <glib.h>
-#include <acl/libacl.h>
+#include <inttypes.h>
 #include <libudev.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 
 static int debug;
 
@@ -45,6 +43,10 @@ static int set_facl(const char* filename, uid_t uid, int add)
 	acl_permset_t permset;
 	int ret;
 
+	/* don't touch ACLs for root */
+	if (uid == 0)
+		return 0;
+
 	/* read current record */
 	acl = acl_get_file(filename, ACL_TYPE_ACCESS);
 	if (!acl)
@@ -190,8 +192,6 @@ static int consolekit_called(const char *ck_action, uid_t *uid, uid_t *uid2, con
 		if (s == NULL)
 			return -1;
 		u = strtoul(s, NULL, 10);
-		if (u == 0)
-			return 0;
 
 		s = getenv("CK_SEAT_SESSION_IS_LOCAL");
 		if (s == NULL)
@@ -205,8 +205,6 @@ static int consolekit_called(const char *ck_action, uid_t *uid, uid_t *uid2, con
 		if (s == NULL)
 			return -1;
 		u = strtoul(s, NULL, 10);
-		if (u == 0)
-			return 0;
 
 		s = getenv("CK_SEAT_OLD_SESSION_IS_LOCAL");
 		if (s == NULL)
@@ -224,14 +222,10 @@ static int consolekit_called(const char *ck_action, uid_t *uid, uid_t *uid2, con
 		if (s == NULL)
 			return -1;
 		u = strtoul(s, NULL, 10);
-		if (u == 0)
-			return 0;
 		s = getenv("CK_SEAT_SESSION_USER_UID");
 		if (s == NULL)
 			return -1;
 		u2 = strtoul(s, NULL, 10);
-		if (u2 == 0)
-			return 0;
 
 		s = getenv("CK_SEAT_OLD_SESSION_IS_LOCAL");
 		s2 = getenv("CK_SEAT_SESSION_IS_LOCAL");
@@ -263,12 +257,6 @@ static int consolekit_called(const char *ck_action, uid_t *uid, uid_t *uid2, con
 			a = ACTION_ADD;
 			u = u2;
 		}
-
-		break;
-	case ACTION_NONE:
-		break;
-	default:
-		g_assert_not_reached ();
 		break;
 	}
 
@@ -289,7 +277,7 @@ static void apply_acl_to_devices(uid_t uid, int add)
 	/* iterate over all devices tagged with ACL_SET */
 	udev = udev_new();
 	enumerate = udev_enumerate_new(udev);
-	udev_enumerate_add_match_property(enumerate, "ACL_MANAGE", "1");
+	udev_enumerate_add_match_tag(enumerate, "udev-acl");
 	udev_enumerate_scan_devices(enumerate);
 	udev_list_entry_foreach(list_entry, udev_enumerate_get_list_entry(enumerate)) {
 		struct udev_device *device;
@@ -300,8 +288,10 @@ static void apply_acl_to_devices(uid_t uid, int add)
 		if (device == NULL)
 			continue;
 		node = udev_device_get_devnode(device);
-		if (node == NULL)
+		if (node == NULL) {
+			udev_device_unref(device);
 			continue;
+		}
 		set_facl(node, uid, add);
 		udev_device_unref(device);
 	}
@@ -336,6 +326,7 @@ int main (int argc, char* argv[])
 	};
 	int action = -1;
 	const char *device = NULL;
+	bool uid_given = false;
 	uid_t uid = 0;
 	uid_t uid2 = 0;
 	const char* remove_session_id = NULL;
@@ -353,17 +344,16 @@ int main (int argc, char* argv[])
 
 		switch (option) {
 		case 'a':
-			if (strcmp(optarg, "add") == 0 || strcmp(optarg, "change") == 0)
-				action = ACTION_ADD;
-			else if (strcmp(optarg, "remove") == 0)
+			if (strcmp(optarg, "remove") == 0)
 				action = ACTION_REMOVE;
 			else
-				goto out;
+				action = ACTION_ADD;
 			break;
 		case 'D':
 			device = optarg;
 			break;
 		case 'u':
+			uid_given = true;
 			uid = strtoul(optarg, NULL, 10);
 			break;
 		case 'd':
@@ -371,13 +361,13 @@ int main (int argc, char* argv[])
 			break;
 		case 'h':
 			printf("Usage: udev-acl --action=ACTION [--device=DEVICEFILE] [--user=UID]\n\n");
-		default:
 			goto out;
 		}
 	}
 
-	if (action < 0 && device == NULL && uid == 0)
-		consolekit_called(argv[optind], &uid, &uid2, &remove_session_id, &action);
+	if (action < 0 && device == NULL && !uid_given)
+		if (!consolekit_called(argv[optind], &uid, &uid2, &remove_session_id, &action))
+			uid_given = true;
 
 	if (action < 0) {
 		fprintf(stderr, "missing action\n\n");
@@ -385,13 +375,13 @@ int main (int argc, char* argv[])
 		goto out;
 	}
 
-	if (device != NULL && uid != 0) {
+	if (device != NULL && uid_given) {
 		fprintf(stderr, "only one option, --device=DEVICEFILE or --user=UID expected\n\n");
 		rc = 3;
 		goto out;
 	}
 
-	if (uid != 0) {
+	if (uid_given) {
 		switch (action) {
 		case ACTION_ADD:
 			/* Add ACL for given uid to all matching devices. */