From: Michael Leibowitz Date: Thu, 27 Feb 2014 04:52:28 +0000 (-0800) Subject: Add PolkitSmackProcess: a subclass of PolkitUnixProcess X-Git-Tag: submit/tizen/20140227.051925~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F26%2F16926%2F1;p=platform%2Fupstream%2Fpolkit.git Add PolkitSmackProcess: a subclass of PolkitUnixProcess This adds smack label based subjects and re-arranges the way unix process is done to make it possible to inherit. The docs are still a little broken. Change-Id: I118683bce8829a6dc00c84305a5372a88aefb49a --- diff --git a/docs/polkit/polkit-1-docs.xml b/docs/polkit/polkit-1-docs.xml index 69a7b88..9350db6 100644 --- a/docs/polkit/polkit-1-docs.xml +++ b/docs/polkit/polkit-1-docs.xml @@ -35,6 +35,7 @@ Subjects + diff --git a/docs/polkit/polkit-1-sections.txt b/docs/polkit/polkit-1-sections.txt index e7db6e3..8edc662 100644 --- a/docs/polkit/polkit-1-sections.txt +++ b/docs/polkit/polkit-1-sections.txt @@ -187,6 +187,25 @@ POLKIT_IS_UNIX_PROCESS_CLASS POLKIT_UNIX_PROCESS_GET_CLASS +
+polkitsmackprocess +PolkitSmackProcess +polkit_smack_process_get_label +polkit_smack_process_set_label + +PolkitSmackProcessClass +POLKIT_IS_SMACK_PROCESS +POLKIT_IS_SMACK_PROCESS_CLASS +POLKIT_SMACK_PROCESS +POLKIT_SMACK_PROCESS_CLASS +POLKIT_SMACK_PROCESS_GET_CLASS +POLKIT_TYPE_AGENT_REGISTER_FLAGS +POLKIT_TYPE_AUTHORITY_FEATURES +POLKIT_TYPE_CHECK_AUTHORIZATION_FLAGS +POLKIT_TYPE_IMPLICIT_AUTHORIZATION +POLKIT_TYPE_SMACK_PROCESS +
+
polkitidentity PolkitIdentity diff --git a/docs/polkit/polkit-1.types b/docs/polkit/polkit-1.types index 6354d12..295c3cc 100644 --- a/docs/polkit/polkit-1.types +++ b/docs/polkit/polkit-1.types @@ -9,6 +9,7 @@ polkit_unix_group_get_type polkit_unix_netgroup_get_type polkit_subject_get_type polkit_unix_process_get_type +polkit_smack_process_get_type polkit_unix_session_get_type polkit_system_bus_name_get_type polkit_error_get_type diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am index d648d29..40a2573 100644 --- a/src/polkit/Makefile.am +++ b/src/polkit/Makefile.am @@ -46,6 +46,7 @@ libpolkit_gobject_1include_HEADERS = \ polkiterror.h \ polkitsubject.h \ polkitunixprocess.h \ + polkitunixprocessprivate.h \ polkitunixsession.h \ polkitsystembusname.h \ polkitidentity.h \ @@ -69,6 +70,7 @@ libpolkit_gobject_1_la_SOURCES = \ polkiterror.c polkiterror.h \ polkitsubject.c polkitsubject.h \ polkitunixprocess.c polkitunixprocess.h \ + polkitsmackprocess.c polkitsmackprocess.h \ polkitsystembusname.c polkitsystembusname.h \ polkitidentity.c polkitidentity.h \ polkitunixuser.c polkitunixuser.h \ diff --git a/src/polkit/polkitsmackprocess.c b/src/polkit/polkitsmackprocess.c new file mode 100644 index 0000000..ce3055c --- /dev/null +++ b/src/polkit/polkitsmackprocess.c @@ -0,0 +1,170 @@ +/* + * Copyright (C) 2014 Intel, inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: Michael Leibowitz + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include "polkitsmackprocess.h" +#include "polkitunixprocess.h" +#include "polkitunixprocessprivate.h" +#include "polkitsubject.h" + + +struct _PolkitSmackProcess +{ + PolkitUnixProcess parent_instance; + + gchar* label; +}; + +struct _PolkitSmackProcessClass +{ + PolkitUnixProcessClass parent_class; +}; + +enum +{ + PROP_0, + PROP_LABEL +}; + +G_DEFINE_TYPE(PolkitSmackProcess, polkit_smack_process, POLKIT_TYPE_UNIX_PROCESS); + +static void +polkit_smack_process_init (PolkitSmackProcess *smack_process) +{ + smack_process->label = NULL; +} + +static void +polkit_smack_process_get_property (GObject *object, + guint prop_id, + GValue *value, + GParamSpec *pspec) +{ + PolkitSmackProcess *smack_process = POLKIT_SMACK_PROCESS (object); + + switch (prop_id) + { + case PROP_LABEL: + g_value_set_string(value, smack_process->label); + break; + + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; + } +} + +static void +polkit_smack_process_set_property (GObject *object, + guint prop_id, + const GValue *value, + GParamSpec *pspec) +{ + PolkitSmackProcess *smack_process = POLKIT_SMACK_PROCESS (object); + + switch (prop_id) + { + case PROP_LABEL: + polkit_smack_process_set_label (smack_process, g_value_get_string (value)); + break; + + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; + } +} + +static void +polkit_smack_process_class_init (PolkitSmackProcessClass *klass) +{ + GObjectClass *gobject_class = G_OBJECT_CLASS (klass); + + gobject_class->get_property = polkit_smack_process_get_property; + gobject_class->set_property = polkit_smack_process_set_property; + + /** + * PolkitSmackProcess:label: + * + * The label of the process + */ + g_object_class_install_property (gobject_class, + PROP_LABEL, + g_param_spec_string ("label", + "Process label", + "The SMACK process label", + NULL, + G_PARAM_CONSTRUCT | + G_PARAM_READWRITE | + G_PARAM_STATIC_NAME | + G_PARAM_STATIC_BLURB | + G_PARAM_STATIC_NICK)); +} + +PolkitSubject * +polkit_smack_process_new_full (gint pid, + guint64 start_time, + gint uid, + const gchar *label) +{ + return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_SMACK_PROCESS, + "pid", pid, + "start_time", start_time, + "uid", uid, + "label", label, + NULL)); +} + + +/** + * polkit_smack_process_get_label: + * @process: A #PolkitSmackProcess. + * + * Gets the label for @process. + * + * Returns: The label for @process or NULL if unknown. The returned + * string is the caller's responsibility to free. + */ +char* +polkit_smack_process_get_label (PolkitSmackProcess *process) +{ + g_return_val_if_fail (POLKIT_IS_SMACK_PROCESS (process), NULL); + return g_strdup(process->label); +} + + +/** + * polkit_smack_process_set_label: + * @process: A #PolkitSmackProcess + * @label: The label to set for the @process or NULL to unset it. + * + * Sets the label for @process + */ +void +polkit_smack_process_set_label (PolkitSmackProcess *process, + const gchar *label) +{ + g_return_if_fail (POLKIT_IS_SMACK_PROCESS (process)); + g_return_if_fail (label == NULL); + process->label = g_strdup(label); +} diff --git a/src/polkit/polkitsmackprocess.h b/src/polkit/polkitsmackprocess.h new file mode 100644 index 0000000..71a213e --- /dev/null +++ b/src/polkit/polkitsmackprocess.h @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2014 Intel, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: Michael Leibowitz + */ + +#if !defined (_POLKIT_COMPILATION) && !defined(_POLKIT_INSIDE_POLKIT_H) +#error "Only can be included directly, this file may disappear or change contents." +#endif + +#ifndef __POLKIT_SMACK_PROCESS_H +#define __POLKIT_SMACK_PROCESS_H + +#include +#include +#include + +G_BEGIN_DECLS + +#define POLKIT_TYPE_SMACK_PROCESS (polkit_smack_process_get_type()) +#define POLKIT_SMACK_PROCESS(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_SMACK_PROCESS, PolkitSmackProcess)) +#define POLKIT_SMACK_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_SMACK_PROCESS, PolkitSmackProcessClass)) +#define POLKIT_SMACK_PROCESS_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_SMACK_PROCESS, PolkitSmackProcessClass)) +#define POLKIT_IS_SMACK_PROCESS(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_SMACK_PROCESS)) +#define POLKIT_IS_SMACK_PROCESS_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_SMACK_PROCESS)) + +#if 0 +typedef struct _PolkitSmackProcess PolkitSmackProcess; +#endif +typedef struct _PolkitSmackProcessClass PolkitSmackProcessClass; + +GType polkit_smack_process_get_type (void) G_GNUC_CONST; +PolkitSubject *polkit_smack_process_new_full (gint pid, + guint64 start_time, + gint uid, + const gchar *label); +char* polkit_smack_process_get_label (PolkitSmackProcess *process); +void polkit_smack_process_set_label (PolkitSmackProcess *process, + const gchar *label); + + +G_END_DECLS + +#endif /* __POLKIT_SMACK_PROCESS_H */ diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c index aed5795..d289a07 100644 --- a/src/polkit/polkitsubject.c +++ b/src/polkit/polkitsubject.c @@ -25,9 +25,11 @@ #include #include +#include #include "polkitsubject.h" #include "polkitunixprocess.h" +#include "polkitsmackprocess.h" #include "polkitunixsession.h" #include "polkitsystembusname.h" #include "polkiterror.h" @@ -264,6 +266,18 @@ polkit_subject_from_string (const gchar *str, } } } + else if (g_str_has_prefix (str, "smack-process:")) + { + gint scanned_pid; + guint64 scanned_starttime; + gint scanned_uid; + const char *scanned_label = NULL; + if (sscanf (str, "smack-process:%d:%" G_GUINT64_FORMAT ":%d:%as", &scanned_pid, &scanned_starttime, &scanned_uid, &scanned_label) == 4) + { + subject = polkit_smack_process_new_full (scanned_pid, scanned_starttime, scanned_uid, scanned_label); + free ((void*)scanned_label); + } + } else if (g_str_has_prefix (str, "unix-session:")) { subject = polkit_unix_session_new (str + sizeof "unix-session:" - 1); @@ -307,6 +321,22 @@ polkit_subject_to_gvariant (PolkitSubject *subject) g_variant_builder_add (&builder, "{sv}", "uid", g_variant_new_int32 (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)))); } + else if (POLKIT_IS_SMACK_PROCESS (subject)) + { + /** + * @FIXME: this could be dryer + */ + kind = "smack-process"; + g_variant_builder_add (&builder, "{sv}", "pid", + g_variant_new_uint32 (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)))); + g_variant_builder_add (&builder, "{sv}", "start-time", + g_variant_new_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)))); + g_variant_builder_add (&builder, "{sv}", "uid", + g_variant_new_int32 (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)))); + g_variant_builder_add (&builder, "{sv}", "label", + g_variant_new_string (polkit_smack_process_get_label (POLKIT_SMACK_PROCESS (subject)))); + + } else if (POLKIT_IS_UNIX_SESSION (subject)) { kind = "unix-session"; @@ -399,7 +429,7 @@ polkit_subject_new_for_gvariant (GVariant *variant, &kind, &details_gvariant); - if (g_strcmp0 (kind, "unix-process") == 0) + if (g_strcmp0 (kind, "unix-process") == 0 || g_strcmp0 (kind, "smack-process") == 0) { GVariant *v; guint32 pid; @@ -435,7 +465,26 @@ polkit_subject_new_for_gvariant (GVariant *variant, uid = -1; } - ret = polkit_unix_process_new_for_owner (pid, start_time, uid); + if (g_strcmp0 (kind, "smack-process") == 0) + { + const gchar *label; + + v = lookup_asv(details_gvariant, "label", G_VARIANT_TYPE_STRING, error); + + if (v == NULL) + { + g_prefix_error (error, "Error parsing unix-process subject: "); + goto out; + } + label = g_variant_get_string(v, NULL); + g_variant_unref(v); + + ret = polkit_smack_process_new_full (pid, start_time, uid, label); + } + else + { + ret = polkit_unix_process_new_for_owner (pid, start_time, uid); + } } else if (g_strcmp0 (kind, "unix-session") == 0) { diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h index 3de1778..8e22453 100644 --- a/src/polkit/polkittypes.h +++ b/src/polkit/polkittypes.h @@ -35,6 +35,9 @@ typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */ struct _PolkitUnixProcess; typedef struct _PolkitUnixProcess PolkitUnixProcess; +struct _PolkitSmackProcess; +typedef struct _PolkitSmackProcess PolkitSmackProcess; + struct _PolkitUnixSession; typedef struct _PolkitUnixSession PolkitUnixSession; diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c index 9d30cd2..b1586d4 100644 --- a/src/polkit/polkitunixprocess.c +++ b/src/polkit/polkitunixprocess.c @@ -35,6 +35,7 @@ #include #include "polkitunixprocess.h" +#include "polkitunixprocessprivate.h" #include "polkitsubject.h" #include "polkitprivate.h" #include "polkiterror.h" @@ -51,25 +52,6 @@ * time since the kernel was started) is used. */ -/** - * PolkitUnixProcess: - * - * The #PolkitUnixProcess struct should not be accessed directly. - */ -struct _PolkitUnixProcess -{ - GObject parent_instance; - - gint pid; - guint64 start_time; - gint uid; -}; - -struct _PolkitUnixProcessClass -{ - GObjectClass parent_class; -}; - enum { PROP_0, diff --git a/src/polkit/polkitunixprocessprivate.h b/src/polkit/polkitunixprocessprivate.h new file mode 100644 index 0000000..bbcc629 --- /dev/null +++ b/src/polkit/polkitunixprocessprivate.h @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2014 Intel, inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: Michael Leibowitz + */ + +#ifndef __POLKIT_UNIX_PROCESS_PRIVATE_H +#define __POLKIT_UNIX_PROCESS_PRIVATE_H + +/** + * PolkitUnixProcess: + * + * The #PolkitUnixProcess struct should not be accessed directly. + */ +struct _PolkitUnixProcess +{ + GObject parent_instance; + + gint pid; + guint64 start_time; + gint uid; +}; + +struct _PolkitUnixProcessClass +{ + GObjectClass parent_class; +}; + +#endif /* __POLKIT_UNIX_PROCESS_PRIVATE_H */