From ce556c72b4109d4bd882dff089ddb377f2cb2129 Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Sun, 8 Apr 2007 19:06:59 -0400 Subject: [PATCH] mass renaming of classes Privilege -> Action PrivilegeFile -> PolicyFile PrivilegeFileEntry -> PolicyFileEntry PrivilegeCache -> PolicyCache Hopefully it makes a bit more sense now. --- Makefile.am | 2 +- configure.in | 2 +- doc/api/libpolkit/libpolkit-docs.xml | 10 +- doc/man/Makefile.am | 2 +- doc/man/polkit-check-caller.1.in | 4 +- doc/man/polkit-check-session.1.in | 4 +- doc/man/polkit-module-allow-all.8.in | 10 +- doc/man/polkit-module-builtins.8.in | 10 +- doc/man/polkit-module-default.8.in | 6 +- doc/man/polkit-module-deny-all.8.in | 10 +- doc/man/polkit-module-run-program.8.in | 18 +- ...idate.1.in => polkit-policy-file-validate.1.in} | 16 +- libpolkit/Makefile.am | 42 ++-- libpolkit/libpolkit-action.c | 159 +++++++++++++ ...bpolkit-privilege-file.h => libpolkit-action.h} | 23 +- libpolkit/libpolkit-context.c | 142 ++++++------ libpolkit/libpolkit-context.h | 10 +- libpolkit/libpolkit-error.h | 4 +- libpolkit/libpolkit-module.c | 48 ++-- libpolkit/libpolkit-module.h | 14 +- libpolkit/libpolkit-policy-cache.c | 246 ++++++++++++++++++++ ...-privilege-cache.h => libpolkit-policy-cache.h} | 28 +-- ...vilege-default.c => libpolkit-policy-default.c} | 134 ++++++----- ...vilege-default.h => libpolkit-policy-default.h} | 30 +-- libpolkit/libpolkit-policy-file-entry.c | 178 +++++++++++++++ ...-file-entry.h => libpolkit-policy-file-entry.h} | 26 +-- ...it-privilege-file.c => libpolkit-policy-file.c} | 102 ++++----- ...bpolkit-privilege.h => libpolkit-policy-file.h} | 23 +- libpolkit/libpolkit-privilege-cache.c | 247 --------------------- libpolkit/libpolkit-privilege-file-entry.c | 178 --------------- libpolkit/libpolkit-privilege.c | 160 ------------- libpolkit/libpolkit-result.c | 2 +- libpolkit/libpolkit-result.h | 4 +- modules/allow-all/polkit-module-allow-all.c | 4 +- modules/default/polkit-module-default.c | 32 +-- modules/deny-all/polkit-module-deny-all.c | 4 +- modules/run-program/polkit-module-run-program.c | 16 +- {privileges => policy}/Makefile.am | 4 +- .../polkit-example-action.policy | 4 +- tools/Makefile.am | 6 +- tools/polkit-check-caller.c | 22 +- tools/polkit-check-session.c | 22 +- ...le-validate.c => polkit-policy-file-validate.c} | 16 +- 43 files changed, 1010 insertions(+), 1014 deletions(-) rename doc/man/{polkit-privilege-file-validate.1.in => polkit-policy-file-validate.1.in} (72%) create mode 100644 libpolkit/libpolkit-action.c rename libpolkit/{libpolkit-privilege-file.h => libpolkit-action.h} (62%) create mode 100644 libpolkit/libpolkit-policy-cache.c rename libpolkit/{libpolkit-privilege-cache.h => libpolkit-policy-cache.h} (54%) rename libpolkit/{libpolkit-privilege-default.c => libpolkit-policy-default.c} (65%) rename libpolkit/{libpolkit-privilege-default.h => libpolkit-policy-default.h} (64%) create mode 100644 libpolkit/libpolkit-policy-file-entry.c rename libpolkit/{libpolkit-privilege-file-entry.h => libpolkit-policy-file-entry.h} (53%) rename libpolkit/{libpolkit-privilege-file.c => libpolkit-policy-file.c} (58%) rename libpolkit/{libpolkit-privilege.h => libpolkit-policy-file.h} (60%) delete mode 100644 libpolkit/libpolkit-privilege-cache.c delete mode 100644 libpolkit/libpolkit-privilege-file-entry.c delete mode 100644 libpolkit/libpolkit-privilege.c rename {privileges => policy}/Makefile.am (65%) rename privileges/polkit-example-privilege.priv => policy/polkit-example-action.policy (80%) rename tools/{polkit-privilege-file-validate.c => polkit-policy-file-validate.c} (82%) diff --git a/Makefile.am b/Makefile.am index bcc13d2..3270435 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ ## Process this file with automake to produce Makefile.in -SUBDIRS = libpolkit modules doc tools privileges +SUBDIRS = libpolkit modules doc tools policy pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libpolkit.pc diff --git a/configure.in b/configure.in index 97d0aa0..6f839e8 100644 --- a/configure.in +++ b/configure.in @@ -173,7 +173,7 @@ doc/api/libpolkit/version.xml doc/spec/Makefile doc/spec/polkit-spec.xml.in doc/man/Makefile -privileges/Makefile +policy/Makefile modules/Makefile modules/default/Makefile modules/allow-all/Makefile diff --git a/doc/api/libpolkit/libpolkit-docs.xml b/doc/api/libpolkit/libpolkit-docs.xml index 7909e91..c802ef0 100644 --- a/doc/api/libpolkit/libpolkit-docs.xml +++ b/doc/api/libpolkit/libpolkit-docs.xml @@ -67,11 +67,11 @@ - - - - - + + + + + diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am index 7e9464c..f56c6b3 100644 --- a/doc/man/Makefile.am +++ b/doc/man/Makefile.am @@ -1,7 +1,7 @@ if MAN_PAGES_ENABLED -MAN_IN_FILES = polkit-check-caller.1.in polkit-check-session.1.in polkit-privilege-file-validate.1.in PolicyKit.8.in polkit-module-default.8.in polkit-module-allow-all.8.in polkit-module-deny-all.8.in polkit-module-run-program.8.in polkit-module-builtins.8.in +MAN_IN_FILES = polkit-check-caller.1.in polkit-check-session.1.in polkit-policy-file-validate.1.in PolicyKit.8.in polkit-module-default.8.in polkit-module-allow-all.8.in polkit-module-deny-all.8.in polkit-module-run-program.8.in polkit-module-builtins.8.in man_MANS = $(MAN_IN_FILES:.in=) diff --git a/doc/man/polkit-check-caller.1.in b/doc/man/polkit-check-caller.1.in index fe67d4d..f7f5a2e 100644 --- a/doc/man/polkit-check-caller.1.in +++ b/doc/man/polkit-check-caller.1.in @@ -28,8 +28,8 @@ Type of resource. .I "--resource" Identifier of resource. .TP -.I "--privilege" -The privilege to check. +.I "--action" +The action to check. .TP .I "--caller" The caller to check for. Must be the callers unique name on the D-Bus diff --git a/doc/man/polkit-check-session.1.in b/doc/man/polkit-check-session.1.in index cab454c..dbf549b 100644 --- a/doc/man/polkit-check-session.1.in +++ b/doc/man/polkit-check-session.1.in @@ -28,8 +28,8 @@ Type of resource. .I "--resource" Identifier of resource. .TP -.I "--privilege" -The privilege to check. +.I "--action" +The action to check. .TP .I "--session" The session to check for. Must be a ConsoleKit object path. If diff --git a/doc/man/polkit-module-allow-all.8.in b/doc/man/polkit-module-allow-all.8.in index 17de422..8b03b8e 100644 --- a/doc/man/polkit-module-allow-all.8.in +++ b/doc/man/polkit-module-allow-all.8.in @@ -4,15 +4,15 @@ .\" .TH POLKIT-MODULE-ALLOW-ALL 8 .SH NAME -polkit-module-allow-all \- grant access to all privileges +polkit-module-allow-all \- permit any action .SH SYNOPSIS .PP .B polkit-module-allow-all.so .SH DESCRIPTION .PP -This PolicyKit module will allow access to any privilege regardless of -the entity requesting it, what the requested privilege is and what -resource is involved. +This PolicyKit module will permit any action regardless of the entity +requesting it, what the requested action is and what resource is +involved. For more information about the big picture refer to the \fIPolicyKit spec\fP which can be found in @@ -43,7 +43,7 @@ on how to subscribe. \&\fIpolkit-module-default\fR\|(8), \&\fIpolkit-module-deny-all\fR\|(8), \&\fIpolkit-module-run-program\fR\|(8), -\&\fI@sysconfdir@/PolicyKit/privileges\fR\|, +\&\fI@sysconfdir@/PolicyKit/policy\fR\|, \&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\| .SH AUTHOR diff --git a/doc/man/polkit-module-builtins.8.in b/doc/man/polkit-module-builtins.8.in index 333076b..c34a44b 100644 --- a/doc/man/polkit-module-builtins.8.in +++ b/doc/man/polkit-module-builtins.8.in @@ -7,7 +7,7 @@ polkit-module-builtins \- options that apply to any PolicyKit module .SH SYNOPSIS .PP -.B any-module.so [privilege=] [user= ...] +.B any-module.so [action=] [user= ...] .SH DESCRIPTION .PP This manual page describes options that can be used for any PolicyKit @@ -21,10 +21,10 @@ depending on the distribution. .SH OPTIONS .TP 3n -.B privilege= -Only consider requests where the privilege name matches the given +.B action= +Only consider requests where the action name matches the given regular expression. Example: -.B privilege=hal-storage-mount* +.B action=hal-storage-mount* .TP 3n .B user= @@ -47,7 +47,7 @@ on how to subscribe. \&\fIPolicyKit\fR\|(8), \&\fIpolkit-module-default\fR\|(8), \&\fIpolkit-module-deny-all\fR\|(8), -\&\fI@sysconfdir@/PolicyKit/privileges\fR\|, +\&\fI@sysconfdir@/PolicyKit/policy\fR\|, \&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\| .SH AUTHOR diff --git a/doc/man/polkit-module-default.8.in b/doc/man/polkit-module-default.8.in index 379d332..c0aaba3 100644 --- a/doc/man/polkit-module-default.8.in +++ b/doc/man/polkit-module-default.8.in @@ -4,14 +4,14 @@ .\" .TH POLKIT-MODULE-DEFAULT 8 .SH NAME -polkit-module-default \- use default policy for privileges +polkit-module-default \- use default policy for actions .SH SYNOPSIS .PP .B standard polkit-module-default.so .SH DESCRIPTION .PP This PolicyKit module uses the default policy as specified (and -required) for by the privilege definition file for a given privilege. +required) for by the policy definition file for a given action. For more information about the big picture refer to the \fIPolicyKit spec\fP which can be found in @@ -30,7 +30,7 @@ on how to subscribe. \&\fIPolicyKit\fR\|(8), \&\fIpolkit-module-allow-all\fR\|(8), \&\fIpolkit-module-deny-all\fR\|(8), -\&\fI@sysconfdir@/PolicyKit/privileges\fR\|, +\&\fI@sysconfdir@/PolicyKit/policy\fR\|, \&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\| .SH AUTHOR diff --git a/doc/man/polkit-module-deny-all.8.in b/doc/man/polkit-module-deny-all.8.in index f2648c5..3015f25 100644 --- a/doc/man/polkit-module-deny-all.8.in +++ b/doc/man/polkit-module-deny-all.8.in @@ -4,15 +4,15 @@ .\" .TH POLKIT-MODULE-DENY-ALL 8 .SH NAME -polkit-module-deny-all \- grant access to all privileges +polkit-module-deny-all \- deny any action .SH SYNOPSIS .PP .B polkit-module-deny-all.so .SH DESCRIPTION .PP -This PolicyKit module will deny access to any privilege regardless of -the entity requesting it, what the requested privilege is and what -resource is involved. +This PolicyKit module will deny any action regardless of the entity +requesting it, what the requested action is and what resource is +involved. For more information about the big picture refer to the \fIPolicyKit spec\fP which can be found in @@ -42,7 +42,7 @@ on how to subscribe. \&\fIpolkit-module-default\fR\|(8), \&\fIpolkit-module-allow-all\fR\|(8), \&\fIpolkit-module-run-program\fR\|(8), -\&\fI@sysconfdir@/PolicyKit/privileges\fR\|, +\&\fI@sysconfdir@/PolicyKit/policy\fR\|, \&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\| .SH AUTHOR diff --git a/doc/man/polkit-module-run-program.8.in b/doc/man/polkit-module-run-program.8.in index 96f0868..06b2fd6 100644 --- a/doc/man/polkit-module-run-program.8.in +++ b/doc/man/polkit-module-run-program.8.in @@ -11,7 +11,7 @@ polkit-module-run-program \- determine policy by running a program \fBpolkit-module-run-program.so\fR program=\fI\fR .SH DESCRIPTION .PP -This PolicyKit module will run a program every time a privilege is +This PolicyKit module will run a program every time an action is requested. For more information about the big picture refer to the \fIPolicyKit spec\fP which can be found in .I "@docdir@/spec/polkit-spec.html" @@ -22,9 +22,9 @@ depending on the distribution. .TP 3n .B program= Absolute path to program to run; this is a mandatory option. Examples: -.B privilege=/usr/bin/my-program +.B program=/usr/bin/my-program or -.B privilege="/path/to/program --foo --bar" +.B program="/path/to/program --foo --bar" .SH DESCRIPTION This module will invoke the given program and will export a minimal @@ -51,7 +51,7 @@ enumeration): .I .TP .B unknown -The passed privilege is unknown. +The passed action is unknown. .TP .B not_authorized The mechanism / caller (e.g. the program using @@ -98,8 +98,8 @@ bus daemon, the environment will contain: To identify the request to be concerning a decision about a caller on the system message bus. .TP -.B POLKIT_PRIVILEGE_ID -Privilege identifier +.B POLKIT_ACTION_ID +An identifier for the action .TP .B POLKIT_RESOURCE_ID Resource identifier @@ -142,8 +142,8 @@ contain: .B POLKIT_REQUEST_SESSION=1 To identify the request to be session-wide. .TP -.B POLKIT_PRIVILEGE_ID -Privilege identifier +.B POLKIT_ACTION_ID +An identifier for the action .TP .B POLKIT_RESOURCE_ID Resource identifier @@ -190,7 +190,7 @@ on how to subscribe. \&\fIpolkit-module-default\fR\|(8), \&\fIpolkit-module-allow-all\fR\|(8), \&\fIpolkit-module-deny-all\fR\|(8), -\&\fI@sysconfdir@/PolicyKit/privileges\fR\|, +\&\fI@sysconfdir@/PolicyKit/policy\fR\|, \&\fI@sysconfdir@/PolicyKit/PolicyKit.conf\fR\| .SH AUTHOR diff --git a/doc/man/polkit-privilege-file-validate.1.in b/doc/man/polkit-policy-file-validate.1.in similarity index 72% rename from doc/man/polkit-privilege-file-validate.1.in rename to doc/man/polkit-policy-file-validate.1.in index 8a02f66..87f9bb0 100644 --- a/doc/man/polkit-privilege-file-validate.1.in +++ b/doc/man/polkit-policy-file-validate.1.in @@ -1,20 +1,20 @@ .\" -.\" polkit-privilege-file-validate manual page. +.\" polkit-policy-file-validate manual page. .\" Copyright (C) 2007 David Zeuthen .\" -.TH POLKIT-PRIVILEGE-FILE-VALIDATE 1 +.TH POLKIT-POLICY-FILE-VALIDATE 1 .SH NAME -polkit-privilege-file-validate \- check access +polkit-policy-file-validate \- check access .SH SYNOPSIS .PP -.B polkit-privilege-file-validate - +.B polkit-policy-file-validate + .SH DESCRIPTION -\fIpolkit-privilege-file-validate\fP is used to validate PolicyKit -privilege definition files. These are normally stored in the -.I "@sysconfdir@/PolicyKit/privileges" +\fIpolkit-policy-file-validate\fP is used to validate PolicyKit +policy definition files. These are normally stored in the +.I "@sysconfdir@/PolicyKit/policy" directory. For more information about the big picture refer to the \fIPolicyKit spec\fP which can be found in .I "@docdir@/spec/polkit-spec.html" diff --git a/libpolkit/Makefile.am b/libpolkit/Makefile.am index 5961d9b..f0bb035 100644 --- a/libpolkit/Makefile.am +++ b/libpolkit/Makefile.am @@ -21,33 +21,33 @@ libpolkitinclude_HEADERS = \ libpolkit-error.h \ libpolkit-result.h \ libpolkit-context.h \ - libpolkit-privilege.h \ + libpolkit-action.h \ libpolkit-resource.h \ libpolkit-seat.h \ libpolkit-session.h \ libpolkit-caller.h \ - libpolkit-privilege-file-entry.h \ - libpolkit-privilege-file.h \ - libpolkit-privilege-cache.h \ - libpolkit-privilege-default.h \ + libpolkit-policy-file-entry.h \ + libpolkit-policy-file.h \ + libpolkit-policy-cache.h \ + libpolkit-policy-default.h \ libpolkit-module.h -libpolkit_la_SOURCES = \ - libpolkit.h \ - libpolkit-error.h libpolkit-error.c \ - libpolkit-result.h libpolkit-result.c \ - libpolkit-context.h libpolkit-context.c \ - libpolkit-privilege.h libpolkit-privilege.c \ - libpolkit-resource.h libpolkit-resource.c \ - libpolkit-seat.h libpolkit-seat.c \ - libpolkit-session.h libpolkit-session.c \ - libpolkit-caller.h libpolkit-caller.c \ - libpolkit-privilege-file-entry.h libpolkit-privilege-file-entry.c \ - libpolkit-privilege-file.h libpolkit-privilege-file.c \ - libpolkit-privilege-cache.h libpolkit-privilege-cache.c \ - libpolkit-privilege-default.h libpolkit-privilege-default.c \ - libpolkit-debug.h libpolkit-debug.c \ - libpolkit-module.h libpolkit-module.c +libpolkit_la_SOURCES = \ + libpolkit.h \ + libpolkit-error.h libpolkit-error.c \ + libpolkit-result.h libpolkit-result.c \ + libpolkit-context.h libpolkit-context.c \ + libpolkit-action.h libpolkit-action.c \ + libpolkit-resource.h libpolkit-resource.c \ + libpolkit-seat.h libpolkit-seat.c \ + libpolkit-session.h libpolkit-session.c \ + libpolkit-caller.h libpolkit-caller.c \ + libpolkit-policy-file-entry.h libpolkit-policy-file-entry.c \ + libpolkit-policy-file.h libpolkit-policy-file.c \ + libpolkit-policy-cache.h libpolkit-policy-cache.c \ + libpolkit-policy-default.h libpolkit-policy-default.c \ + libpolkit-debug.h libpolkit-debug.c \ + libpolkit-module.h libpolkit-module.c libpolkit_la_LIBADD = @GLIB_LIBS@ @DBUS_LIBS@ -ldl diff --git a/libpolkit/libpolkit-action.c b/libpolkit/libpolkit-action.c new file mode 100644 index 0000000..6a82bdc --- /dev/null +++ b/libpolkit/libpolkit-action.c @@ -0,0 +1,159 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ +/*************************************************************************** + * + * libpolkit-action.c : action + * + * Copyright (C) 2007 David Zeuthen, + * + * Licensed under the Academic Free License version 2.1 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + **************************************************************************/ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include "libpolkit-debug.h" +#include "libpolkit-action.h" + +/** + * SECTION:libpolkit-action + * @short_description: Actions. + * + * This class is used to represent an action. TODO: describe what a action really is. + **/ + +/** + * PolKitAction: + * + * Objects of this class are used to record information about an action. + **/ +struct PolKitAction +{ + int refcount; + char *id; +}; + +/** + * libpolkit_action_new: + * + * Create a new #PolKitAction object. + * + * Returns: the new object + **/ +PolKitAction * +libpolkit_action_new (void) +{ + PolKitAction *action; + action = g_new0 (PolKitAction, 1); + action->refcount = 1; + return action; +} + +/** + * libpolkit_action_ref: + * @action: the action object + * + * Increase reference count. + * + * Returns: the object + **/ +PolKitAction * +libpolkit_action_ref (PolKitAction *action) +{ + g_return_val_if_fail (action != NULL, action); + action->refcount++; + return action; +} + +/** + * libpolkit_action_unref: + * @action: the action object + * + * Decreases the reference count of the object. If it becomes zero, + * the object is freed. Before freeing, reference counts on embedded + * objects are decresed by one. + **/ +void +libpolkit_action_unref (PolKitAction *action) +{ + g_return_if_fail (action != NULL); + action->refcount--; + if (action->refcount > 0) + return; + g_free (action->id); + g_free (action); +} + +/** + * libpolkit_action_set_action_id: + * @action: the action object + * @action_id: action identifier + * + * Set the action identifier + **/ +void +libpolkit_action_set_action_id (PolKitAction *action, const char *action_id) +{ + g_return_if_fail (action != NULL); + if (action->id != NULL) + g_free (action->id); + action->id = g_strdup (action_id); +} + +/** + * libpolkit_action_get_action_id: + * @action: the action object + * @out_action_id: Returns the action identifier. The caller shall not free this string. + * + * Get the action identifier. + * + * Returns: TRUE iff the value was returned. + **/ +gboolean +libpolkit_action_get_action_id (PolKitAction *action, char **out_action_id) +{ + g_return_val_if_fail (action != NULL, FALSE); + g_return_val_if_fail (out_action_id != NULL, FALSE); + if (action->id == NULL) + return FALSE; + *out_action_id = action->id; + return TRUE; +} + +/** + * libpolkit_action_debug: + * @action: the object + * + * Print debug details + **/ +void +libpolkit_action_debug (PolKitAction *action) +{ + g_return_if_fail (action != NULL); + _pk_debug ("PolKitAction: refcount=%d id=%s", action->refcount, action->id); +} diff --git a/libpolkit/libpolkit-privilege-file.h b/libpolkit/libpolkit-action.h similarity index 62% rename from libpolkit/libpolkit-privilege-file.h rename to libpolkit/libpolkit-action.h index 8b4b3fa..8c2ae14 100644 --- a/libpolkit/libpolkit-privilege-file.h +++ b/libpolkit/libpolkit-action.h @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege-file.h : privilege files + * libpolkit-action.h : actions * * Copyright (C) 2007 David Zeuthen, * @@ -23,24 +23,25 @@ * **************************************************************************/ -#ifndef LIBPOLKIT_PRIVILEGE_FILE_H -#define LIBPOLKIT_PRIVILEGE_FILE_H +#ifndef LIBPOLKIT_ACTION_H +#define LIBPOLKIT_ACTION_H #include #include #include #include -#include +struct PolKitAction; +typedef struct PolKitAction PolKitAction; -struct PolKitPrivilegeFile; -typedef struct PolKitPrivilegeFile PolKitPrivilegeFile; +PolKitAction *libpolkit_action_new (void); +PolKitAction *libpolkit_action_ref (PolKitAction *action); +void libpolkit_action_unref (PolKitAction *action); +void libpolkit_action_set_action_id (PolKitAction *action, const char *action_id); +gboolean libpolkit_action_get_action_id (PolKitAction *action, char **out_action_id); -PolKitPrivilegeFile *libpolkit_privilege_file_new (const char *path, GError **error); -PolKitPrivilegeFile *libpolkit_privilege_file_ref (PolKitPrivilegeFile *privilege_file); -GSList *libpolkit_privilege_file_get_entries (PolKitPrivilegeFile *privilege_file); -void libpolkit_privilege_file_unref (PolKitPrivilegeFile *privilege_file); +void libpolkit_action_debug (PolKitAction *action); -#endif /* LIBPOLKIT_PRIVILEGE_FILE_H */ +#endif /* LIBPOLKIT_ACTION_H */ diff --git a/libpolkit/libpolkit-context.c b/libpolkit/libpolkit-context.c index 0f71293..3ea7fd3 100644 --- a/libpolkit/libpolkit-context.c +++ b/libpolkit/libpolkit-context.c @@ -39,7 +39,7 @@ #include #include "libpolkit-debug.h" #include "libpolkit-context.h" -#include "libpolkit-privilege-cache.h" +#include "libpolkit-policy-cache.h" #include "libpolkit-module.h" /** @@ -71,9 +71,9 @@ struct PolKitContext PolKitContextFileMonitorAddWatch file_monitor_add_watch_func; PolKitContextFileMonitorRemoveWatch file_monitor_remove_watch_func; - char *priv_dir; + char *policy_dir; - PolKitPrivilegeCache *priv_cache; + PolKitPolicyCache *priv_cache; GSList *modules; }; @@ -83,7 +83,7 @@ struct PolKitContext * * Create a new context * - * Returns: the #PolKitPrivilegeCache object + * Returns: the object **/ PolKitContext * libpolkit_context_new (void) @@ -236,15 +236,15 @@ _config_file_events (PolKitContext *pk_context, } static void -_privilege_dir_events (PolKitContext *pk_context, +_policy_dir_events (PolKitContext *pk_context, PolKitContextFileMonitorEvent event_mask, const char *path, gpointer user_data) { - /* mark cache of privilege files as stale.. (will be populated on-demand, see _get_cache()) */ + /* mark cache of policy files as stale.. (will be populated on-demand, see _get_cache()) */ if (pk_context->priv_cache != NULL) { - _pk_debug ("Something happened in %s - invalidating cache", pk_context->priv_dir); - libpolkit_privilege_cache_unref (pk_context->priv_cache); + _pk_debug ("Something happened in %s - invalidating cache", pk_context->policy_dir); + libpolkit_policy_cache_unref (pk_context->priv_cache); pk_context->priv_cache = NULL; } @@ -260,8 +260,8 @@ _privilege_dir_events (PolKitContext *pk_context, * @error: return location for error * * Initializes a new context; loads PolicyKit files from - * /etc/PolicyKit/privileges unless the environment variable - * $POLKIT_PRIVILEGE_DIR points to a location. + * /etc/PolicyKit/policy unless the environment variable + * $POLKIT_POLICY_DIR points to a location. * * Returns: #FALSE if @error was set, otherwise #TRUE **/ @@ -270,13 +270,13 @@ libpolkit_context_init (PolKitContext *pk_context, GError **error) { const char *dirname; - dirname = getenv ("POLKIT_PRIVILEGE_DIR"); + dirname = getenv ("POLKIT_POLICY_DIR"); if (dirname != NULL) { - pk_context->priv_dir = g_strdup (dirname); + pk_context->policy_dir = g_strdup (dirname); } else { - pk_context->priv_dir = g_strdup (PACKAGE_SYSCONF_DIR "/PolicyKit/privileges"); + pk_context->policy_dir = g_strdup (PACKAGE_SYSCONF_DIR "/PolicyKit/policy"); } - _pk_debug ("Using privilege files from directory %s", pk_context->priv_dir); + _pk_debug ("Using policy files from directory %s", pk_context->policy_dir); /* Load modules */ if (!load_modules (pk_context, error)) @@ -287,13 +287,13 @@ libpolkit_context_init (PolKitContext *pk_context, GError **error) if (pk_context->file_monitor_add_watch_func == NULL) { _pk_debug ("No file monitor; cannot monitor '%s' for .priv file changes", dirname); } else { - /* Watch when privilege definitions file change */ + /* Watch when policy definitions file change */ pk_context->file_monitor_add_watch_func (pk_context, - pk_context->priv_dir, + pk_context->policy_dir, POLKIT_CONTEXT_FILE_MONITOR_EVENT_CREATE| POLKIT_CONTEXT_FILE_MONITOR_EVENT_DELETE| POLKIT_CONTEXT_FILE_MONITOR_EVENT_CHANGE, - _privilege_dir_events, + _policy_dir_events, NULL); /* Config file changes */ @@ -401,31 +401,31 @@ libpolkit_context_set_file_monitor (PolKitContext *pk_con /** - * libpolkit_context_get_privilege_cache: + * libpolkit_context_get_policy_cache: * @pk_context: the context * - * Get the #PolKitPrivilegeCache object that holds all the defined privileges as well as their defaults. + * Get the #PolKitPolicyCache object that holds all the defined policies as well as their defaults. * - * Returns: the #PolKitPrivilegeCache object. Caller shall not unref it. + * Returns: the #PolKitPolicyCache object. Caller shall not unref it. **/ -PolKitPrivilegeCache * -libpolkit_context_get_privilege_cache (PolKitContext *pk_context) +PolKitPolicyCache * +libpolkit_context_get_policy_cache (PolKitContext *pk_context) { g_return_val_if_fail (pk_context != NULL, NULL); if (pk_context->priv_cache == NULL) { GError *error; - _pk_debug ("Populating cache from directory %s", pk_context->priv_dir); + _pk_debug ("Populating cache from directory %s", pk_context->policy_dir); error = NULL; - pk_context->priv_cache = libpolkit_privilege_cache_new (pk_context->priv_dir, &error); + pk_context->priv_cache = libpolkit_policy_cache_new (pk_context->policy_dir, &error); if (pk_context->priv_cache == NULL) { - g_warning ("Error loading privilege files from %s: %s", - pk_context->priv_dir, error->message); + g_warning ("Error loading policy files from %s: %s", + pk_context->policy_dir, error->message); g_error_free (error); } else { - /*libpolkit_privilege_cache_debug (pk_context->priv_cache)*/; + /*libpolkit_policy_cache_debug (pk_context->priv_cache)*/; } } @@ -489,7 +489,7 @@ libpolkit_context_is_resource_associated_with_seat (PolKitContext *pk_context, /** * libpolkit_context_can_session_access_resource: * @pk_context: the PolicyKit context - * @privilege: the type of access to check for + * @action: the type of access to check for * @resource: the resource in question * @session: the session in question * @@ -501,42 +501,42 @@ libpolkit_context_is_resource_associated_with_seat (PolKitContext *pk_context, */ PolKitResult libpolkit_context_can_session_access_resource (PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { - PolKitPrivilegeCache *cache; - PolKitPrivilegeFileEntry *pfe; + PolKitPolicyCache *cache; + PolKitPolicyFileEntry *pfe; PolKitResult current_result; PolKitModuleControl current_control; GSList *i; current_result = LIBPOLKIT_RESULT_NO; - cache = libpolkit_context_get_privilege_cache (pk_context); + cache = libpolkit_context_get_policy_cache (pk_context); if (cache == NULL) goto out; _pk_debug ("entering libpolkit_can_session_access_resource()"); - libpolkit_privilege_debug (privilege); + libpolkit_action_debug (action); libpolkit_resource_debug (resource); libpolkit_session_debug (session); - pfe = libpolkit_privilege_cache_get_entry (cache, privilege); + pfe = libpolkit_policy_cache_get_entry (cache, action); if (pfe == NULL) { - char *privilege_name; - if (!libpolkit_privilege_get_privilege_id (privilege, &privilege_name)) { - g_warning ("given privilege has no name"); + char *action_name; + if (!libpolkit_action_get_action_id (action, &action_name)) { + g_warning ("given action has no name"); } else { - g_warning ("no privilege with name '%s'", privilege_name); + g_warning ("no action with name '%s'", action_name); } - current_result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + current_result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; goto out; } - libpolkit_privilege_file_entry_debug (pfe); + libpolkit_policy_file_entry_debug (pfe); - current_result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + current_result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; current_control = LIBPOLKIT_MODULE_CONTROL_ADVISE; /* start with advise */ /* visit modules */ @@ -556,27 +556,27 @@ libpolkit_context_can_session_access_resource (PolKitContext *pk_context, if (libpolkit_module_interface_check_builtin_confinement_for_session ( module_interface, pk_context, - privilege, + action, resource, session)) { /* module is confined by built-in options */ - module_result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + module_result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; _pk_debug ("Module '%s' confined by built-in's", libpolkit_module_get_name (module_interface)); } else { module_result = func (module_interface, pk_context, - privilege, + action, resource, session); } - /* if a module returns _UNKNOWN_PRIVILEGE, it means that it doesn't + /* if a module returns _UNKNOWN_ACTION, it means that it doesn't * have an opinion about the query; e.g. polkit-module-allow-all(8) - * will return this if it's confined to only consider certain privileges + * will return this if it's confined to only consider certain actions * or certain users. */ - if (module_result != LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE) { + if (module_result != LIBPOLKIT_RESULT_UNKNOWN_ACTION) { if (current_control == LIBPOLKIT_MODULE_CONTROL_ADVISE && module_control == LIBPOLKIT_MODULE_CONTROL_ADVISE) { @@ -599,8 +599,8 @@ libpolkit_context_can_session_access_resource (PolKitContext *pk_context, } } - /* Never return UNKNOWN_PRIVILEGE to user */ - if (current_result == LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE) + /* Never return UNKNOWN_ACTION to user */ + if (current_result == LIBPOLKIT_RESULT_UNKNOWN_ACTION) current_result = LIBPOLKIT_RESULT_NO; out: @@ -611,7 +611,7 @@ out: /** * libpolkit_context_can_caller_access_resource: * @pk_context: the PolicyKit context - * @privilege: the type of access to check for + * @action: the type of access to check for * @resource: the resource in question * @caller: the resource in question * @@ -622,42 +622,42 @@ out: */ PolKitResult libpolkit_context_can_caller_access_resource (PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { - PolKitPrivilegeCache *cache; - PolKitPrivilegeFileEntry *pfe; + PolKitPolicyCache *cache; + PolKitPolicyFileEntry *pfe; PolKitResult current_result; PolKitModuleControl current_control; GSList *i; current_result = LIBPOLKIT_RESULT_NO; - cache = libpolkit_context_get_privilege_cache (pk_context); + cache = libpolkit_context_get_policy_cache (pk_context); if (cache == NULL) goto out; _pk_debug ("entering libpolkit_can_caller_access_resource()"); - libpolkit_privilege_debug (privilege); + libpolkit_action_debug (action); libpolkit_resource_debug (resource); libpolkit_caller_debug (caller); - pfe = libpolkit_privilege_cache_get_entry (cache, privilege); + pfe = libpolkit_policy_cache_get_entry (cache, action); if (pfe == NULL) { - char *privilege_name; - if (!libpolkit_privilege_get_privilege_id (privilege, &privilege_name)) { - g_warning ("given privilege has no name"); + char *action_name; + if (!libpolkit_action_get_action_id (action, &action_name)) { + g_warning ("given action has no name"); } else { - g_warning ("no privilege with name '%s'", privilege_name); + g_warning ("no action with name '%s'", action_name); } - current_result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + current_result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; goto out; } - libpolkit_privilege_file_entry_debug (pfe); + libpolkit_policy_file_entry_debug (pfe); - current_result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + current_result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; current_control = LIBPOLKIT_MODULE_CONTROL_ADVISE; /* start with advise */ /* visit modules */ @@ -677,27 +677,27 @@ libpolkit_context_can_caller_access_resource (PolKitContext *pk_context, if (libpolkit_module_interface_check_builtin_confinement_for_caller ( module_interface, pk_context, - privilege, + action, resource, caller)) { /* module is confined by built-in options */ - module_result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + module_result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; _pk_debug ("Module '%s' confined by built-in's", libpolkit_module_get_name (module_interface)); } else { module_result = func (module_interface, pk_context, - privilege, + action, resource, caller); } - /* if a module returns _UNKNOWN_PRIVILEGE, it means that it doesn't + /* if a module returns _UNKNOWN_ACTION, it means that it doesn't * have an opinion about the query; e.g. polkit-module-allow-all(8) - * will return this if it's confined to only consider certain privileges + * will return this if it's confined to only consider certain actions * or certain users. */ - if (module_result != LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE) { + if (module_result != LIBPOLKIT_RESULT_UNKNOWN_ACTION) { if (current_control == LIBPOLKIT_MODULE_CONTROL_ADVISE && module_control == LIBPOLKIT_MODULE_CONTROL_ADVISE) { @@ -720,8 +720,8 @@ libpolkit_context_can_caller_access_resource (PolKitContext *pk_context, } } - /* Never return UNKNOWN_PRIVILEGE to user */ - if (current_result == LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE) + /* Never return UNKNOWN_ACTION to user */ + if (current_result == LIBPOLKIT_RESULT_UNKNOWN_ACTION) current_result = LIBPOLKIT_RESULT_NO; out: _pk_debug ("... result was %s", libpolkit_result_to_string_representation (current_result)); diff --git a/libpolkit/libpolkit-context.h b/libpolkit/libpolkit-context.h index 31fd1da..088ec35 100644 --- a/libpolkit/libpolkit-context.h +++ b/libpolkit/libpolkit-context.h @@ -34,12 +34,12 @@ #include #include #include -#include +#include #include #include #include #include -#include +#include struct PolKitContext; typedef struct PolKitContext PolKitContext; @@ -145,7 +145,7 @@ gboolean libpolkit_context_init (PolKitContext PolKitContext *libpolkit_context_ref (PolKitContext *pk_context); void libpolkit_context_unref (PolKitContext *pk_context); -PolKitPrivilegeCache *libpolkit_context_get_privilege_cache (PolKitContext *pk_context); +PolKitPolicyCache *libpolkit_context_get_policy_cache (PolKitContext *pk_context); /** * PolKitSeatVisitorCB: @@ -171,13 +171,13 @@ libpolkit_context_is_resource_associated_with_seat (PolKitContext *pk_context, PolKitResult libpolkit_context_can_session_access_resource (PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session); PolKitResult libpolkit_context_can_caller_access_resource (PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller); diff --git a/libpolkit/libpolkit-error.h b/libpolkit/libpolkit-error.h index b587ee0..d89eade 100644 --- a/libpolkit/libpolkit-error.h +++ b/libpolkit/libpolkit-error.h @@ -30,13 +30,13 @@ /** * PolKitError: - * @POLKIT_ERROR_PRIVILEGE_FILE_INVALID: There was an error parsing the given privilege file + * @POLKIT_ERROR_POLICY_FILE_INVALID: There was an error parsing the given policy file * * Error codes returned by PolicyKit */ typedef enum { - POLKIT_ERROR_PRIVILEGE_FILE_INVALID + POLKIT_ERROR_POLICY_FILE_INVALID } PolKitError; /** diff --git a/libpolkit/libpolkit-module.c b/libpolkit/libpolkit-module.c index 414d2c8..9885caa 100644 --- a/libpolkit/libpolkit-module.c +++ b/libpolkit/libpolkit-module.c @@ -62,8 +62,8 @@ struct PolKitModuleInterface PolKitModuleCanSessionAccessResource func_can_session_access_resource; PolKitModuleCanCallerAccessResource func_can_caller_access_resource; - gboolean builtin_have_privilege_regex; - regex_t builtin_privilege_regex_compiled; + gboolean builtin_have_action_regex; + regex_t builtin_action_regex_compiled; GSList *builtin_users; }; @@ -116,22 +116,22 @@ _parse_builtin (PolKitModuleInterface *mi, int *argc, char *argv[]) ret = FALSE; for (n = 1; n < *argc; ) { - if (g_str_has_prefix (argv[n], "privilege=")) { + if (g_str_has_prefix (argv[n], "action=")) { const char *regex; - if (mi->builtin_have_privilege_regex) { - _pk_debug ("Already have option 'privilege='"); + if (mi->builtin_have_action_regex) { + _pk_debug ("Already have option 'action='"); goto error; } regex = argv[n] + 10; - if (regcomp (&(mi->builtin_privilege_regex_compiled), regex, REG_EXTENDED) != 0) { + if (regcomp (&(mi->builtin_action_regex_compiled), regex, REG_EXTENDED) != 0) { _pk_debug ("Regex '%s' didn't compile", regex); goto error; } - mi->builtin_have_privilege_regex = TRUE; + mi->builtin_have_action_regex = TRUE; - _pk_debug ("Compiled regex '%s' for option 'privilege=' OK", regex); + _pk_debug ("Compiled regex '%s' for option 'action=' OK", regex); _parse_builtin_remove_option (argc, argv, n); } else if (g_str_has_prefix (argv[n], "user=")) { @@ -308,8 +308,8 @@ libpolkit_module_interface_unref (PolKitModuleInterface *module_interface) return; /* builtins */ - if (module_interface->builtin_have_privilege_regex) - regfree (&module_interface->builtin_privilege_regex_compiled); + if (module_interface->builtin_have_action_regex) + regfree (&module_interface->builtin_action_regex_compiled); g_slist_free (module_interface->builtin_users); /* shutdown the module and unload it */ @@ -608,17 +608,17 @@ libpolkit_module_get_user_data (PolKitModuleInterface *module_interface) } static gboolean -_check_privilege (PolKitModuleInterface *module_interface, PolKitPrivilege *privilege) +_check_action (PolKitModuleInterface *module_interface, PolKitAction *action) { gboolean ret; ret = FALSE; - if (module_interface->builtin_have_privilege_regex) { - char *privilege_name; - if (libpolkit_privilege_get_privilege_id (privilege, &privilege_name)) { - if (regexec (&module_interface->builtin_privilege_regex_compiled, - privilege_name, 0, NULL, 0) == 0) { + if (module_interface->builtin_have_action_regex) { + char *action_name; + if (libpolkit_action_get_action_id (action, &action_name)) { + if (regexec (&module_interface->builtin_action_regex_compiled, + action_name, 0, NULL, 0) == 0) { ret = TRUE; } } @@ -677,11 +677,11 @@ _check_users_for_caller (PolKitModuleInterface *module_interface, PolKitCaller * * libpolkit_module_interface_check_builtin_confinement_for_session: * @module_interface: the given module * @pk_context: the PolicyKit context - * @privilege: the type of access to check for + * @action: the type of access to check for * @resource: the resource in question * @session: the session in question * - * Check whether some of the built-in module options (e.g. privilege="hal-storage-*", + * Check whether some of the built-in module options (e.g. action="hal-storage-*", * user=davidz) confines the given module, e.g. whether it should be skipped. * * Returns: TRUE if, and only if, the module is confined from handling the request @@ -689,7 +689,7 @@ _check_users_for_caller (PolKitModuleInterface *module_interface, PolKitCaller * gboolean libpolkit_module_interface_check_builtin_confinement_for_session (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { @@ -698,7 +698,7 @@ libpolkit_module_interface_check_builtin_confinement_for_session (PolKitModuleIn g_return_val_if_fail (module_interface != NULL, ret); - if (!_check_privilege (module_interface, privilege)) + if (!_check_action (module_interface, action)) goto out; if (!_check_users_for_session (module_interface, session)) goto out; @@ -713,11 +713,11 @@ out: * libpolkit_module_interface_check_builtin_confinement_for_caller: * @module_interface: the given module * @pk_context: the PolicyKit context - * @privilege: the type of access to check for + * @action: the type of access to check for * @resource: the resource in question * @caller: the resource in question * - * Check whether some of the built-in module options (e.g. privilege="hal-storage-*", + * Check whether some of the built-in module options (e.g. action="hal-storage-*", * user=davidz) confines the given module, e.g. whether it should be skipped. * * Returns: TRUE if, and only if, the module is confined from handling the request @@ -725,7 +725,7 @@ out: gboolean libpolkit_module_interface_check_builtin_confinement_for_caller (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { @@ -734,7 +734,7 @@ libpolkit_module_interface_check_builtin_confinement_for_caller (PolKitModuleInt g_return_val_if_fail (module_interface != NULL, ret); - if (!_check_privilege (module_interface, privilege)) + if (!_check_action (module_interface, action)) goto out; if (!_check_users_for_caller (module_interface, caller)) goto out; diff --git a/libpolkit/libpolkit-module.h b/libpolkit/libpolkit-module.h index bb99383..7f79e4f 100644 --- a/libpolkit/libpolkit-module.h +++ b/libpolkit/libpolkit-module.h @@ -94,7 +94,7 @@ typedef PolKitResult (*PolKitModuleIsResourceAssociatedWithSeat) (PolKitModuleIn * PolKitModuleCanSessionAccessResource: * @module_interface: the module interface * @pk_context: the PolicyKit context - * @privilege: the type of access to check for + * @action: the type of access to check for * @resource: the resource in question * @session: the session in question * @@ -104,7 +104,7 @@ typedef PolKitResult (*PolKitModuleIsResourceAssociatedWithSeat) (PolKitModuleIn **/ typedef PolKitResult (*PolKitModuleCanSessionAccessResource) (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session); @@ -112,7 +112,7 @@ typedef PolKitResult (*PolKitModuleCanSessionAccessResource) (PolKitModuleInterf * PolKitModuleCanCallerAccessResource: * @module_interface: the module interface * @pk_context: the PolicyKit context - * @privilege: the type of access to check for + * @action: the type of access to check for * @resource: the resource in question * @caller: the resource in question * @@ -122,7 +122,7 @@ typedef PolKitResult (*PolKitModuleCanSessionAccessResource) (PolKitModuleInterf **/ typedef PolKitResult (*PolKitModuleCanCallerAccessResource) (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller); @@ -160,7 +160,7 @@ PolKitModuleCanCallerAccessResource libpolkit_module_get_func_can_caller_access_ * stack to override results from this module. Modules down the stack that are also marked with * the #LIBPOLKIT_MODULE_CONTROL_ADVISE control will only take effect it they change the result to be "less strict". * @LIBPOLKIT_MODULE_CONTROL_MANDATORY: Always use results (unless it returns - * #LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE for a given request) from this module, even if it changes whether the + * #LIBPOLKIT_RESULT_UNKNOWN_ACTION for a given request) from this module, even if it changes whether the * result to be "more strict". . If a later module also uses this control, results from that module will override it. * @LIBPOLKIT_MODULE_CONTROL_N_CONTROLS: Number of control stanzas * @@ -193,14 +193,14 @@ PolKitModuleControl libpolkit_module_interface_get_control (PolKitModuleInterfac gboolean libpolkit_module_interface_check_builtin_confinement_for_session (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session); gboolean libpolkit_module_interface_check_builtin_confinement_for_caller (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller); diff --git a/libpolkit/libpolkit-policy-cache.c b/libpolkit/libpolkit-policy-cache.c new file mode 100644 index 0000000..d9eb31b --- /dev/null +++ b/libpolkit/libpolkit-policy-cache.c @@ -0,0 +1,246 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ +/*************************************************************************** + * + * libpolkit-policy-cache.c : policy cache + * + * Copyright (C) 2007 David Zeuthen, + * + * Licensed under the Academic Free License version 2.1 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + **************************************************************************/ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include "libpolkit-debug.h" +#include "libpolkit-policy-file.h" +#include "libpolkit-policy-cache.h" + +/** + * SECTION:libpolkit-policy-cache + * @short_description: Class for holding all policy objects. + * + * This class is used to hold all policy objects (stemming from policy + * files) and provide look-up functions. + **/ + +/** + * PolKitPolicyCache: + * + * Instances of this class are used to hold all policy objects + * (stemming from policy files) and provide look-up functions. + **/ +struct PolKitPolicyCache +{ + int refcount; + + GSList *priv_entries; +}; + + +static void +add_entries_from_file (PolKitPolicyCache *policy_cache, + PolKitPolicyFile *policy_file) +{ + GSList *i; + + g_return_if_fail (policy_cache != NULL); + g_return_if_fail (policy_file != NULL); + + for (i = libpolkit_policy_file_get_entries (policy_file); i != NULL; i = g_slist_next (i)) { + PolKitPolicyFileEntry *policy_file_entry = i->data; + libpolkit_policy_file_entry_ref (policy_file_entry); + policy_cache->priv_entries = g_slist_append (policy_cache->priv_entries, + policy_file_entry); + } +} + +/** + * libpolkit_policy_cache_new: + * @dirname: directory containing policy files + * @error: location to return error + * + * Create a new #PolKitPolicyCache object and load information from policy files. + * + * Returns: #NULL if @error was set, otherwise the #PolKitPolicyCache object + **/ +PolKitPolicyCache * +libpolkit_policy_cache_new (const char *dirname, GError **error) +{ + const char *file; + GDir *dir; + PolKitPolicyCache *pc; + + pc = g_new0 (PolKitPolicyCache, 1); + pc->refcount = 1; + + dir = g_dir_open (dirname, 0, error); + if (dir == NULL) { + goto out; + } + while ((file = g_dir_read_name (dir)) != NULL) { + char *path; + PolKitPolicyFile *pf; + + if (!g_str_has_suffix (file, ".priv")) + continue; + + if (g_str_has_prefix (file, ".")) + continue; + + path = g_strdup_printf ("%s/%s", dirname, file); + + _pk_debug ("Loading %s", path); + pf = libpolkit_policy_file_new (path, error); + g_free (path); + + if (pf == NULL) { + goto out; + } + + add_entries_from_file (pc, pf); + libpolkit_policy_file_unref (pf); + } + g_dir_close (dir); + + return pc; +out: + if (pc != NULL) + libpolkit_policy_cache_ref (pc); + return NULL; +} + +/** + * libpolkit_policy_cache_ref: + * @policy_cache: the policy cache object + * + * Increase reference count. + * + * Returns: the object + **/ +PolKitPolicyCache * +libpolkit_policy_cache_ref (PolKitPolicyCache *policy_cache) +{ + g_return_val_if_fail (policy_cache != NULL, policy_cache); + policy_cache->refcount++; + return policy_cache; +} + +/** + * libpolkit_policy_cache_unref: + * @policy_cache: the policy cache object + * + * Decreases the reference count of the object. If it becomes zero, + * the object is freed. Before freeing, reference counts on embedded + * objects are decresed by one. + **/ +void +libpolkit_policy_cache_unref (PolKitPolicyCache *policy_cache) +{ + GSList *i; + + g_return_if_fail (policy_cache != NULL); + policy_cache->refcount--; + if (policy_cache->refcount > 0) + return; + + for (i = policy_cache->priv_entries; i != NULL; i = g_slist_next (i)) { + PolKitPolicyFileEntry *pfe = i->data; + libpolkit_policy_file_entry_unref (pfe); + } + if (policy_cache->priv_entries != NULL) + g_slist_free (policy_cache->priv_entries); + + g_free (policy_cache); +} + +/** + * libpolkit_policy_cache_debug: + * @policy_cache: the cache + * + * Print debug information about object + **/ +void +libpolkit_policy_cache_debug (PolKitPolicyCache *policy_cache) +{ + GSList *i; + g_return_if_fail (policy_cache != NULL); + + _pk_debug ("PolKitPolicyCache: refcount=%d num_entries=%d ...", + policy_cache->refcount, + policy_cache->priv_entries == NULL ? 0 : g_slist_length (policy_cache->priv_entries)); + + for (i = policy_cache->priv_entries; i != NULL; i = g_slist_next (i)) { + PolKitPolicyFileEntry *pfe = i->data; + libpolkit_policy_file_entry_debug (pfe); + } +} + +/** + * libpolkit_policy_cache_get_entry: + * @policy_cache: the cache + * @action: the action + * + * Given a action, find the object describing the definition of the + * policy; e.g. data stemming from files in + * /etc/PolicyKit/policy. + * + * Returns: A #PolKitPolicyFileEntry entry on sucess; otherwise + * #NULL if the action wasn't identified. Caller shall not unref + * this object. + **/ +PolKitPolicyFileEntry* +libpolkit_policy_cache_get_entry (PolKitPolicyCache *policy_cache, + PolKitAction *action) +{ + char *priv_id; + GSList *i; + PolKitPolicyFileEntry *pfe; + + pfe = NULL; + + /* I'm sure it would be easy to make this O(1)... */ + + g_return_val_if_fail (policy_cache != NULL, NULL); + g_return_val_if_fail (action != NULL, NULL); + + if (!libpolkit_action_get_action_id (action, &priv_id)) + goto out; + + for (i = policy_cache->priv_entries; i != NULL; i = g_slist_next (i)) { + pfe = i->data; + if (strcmp (libpolkit_policy_file_entry_get_id (pfe), priv_id) == 0) { + goto out; + } + } + + pfe = NULL; + +out: + return pfe; +} diff --git a/libpolkit/libpolkit-privilege-cache.h b/libpolkit/libpolkit-policy-cache.h similarity index 54% rename from libpolkit/libpolkit-privilege-cache.h rename to libpolkit/libpolkit-policy-cache.h index 0b3932b..72b626c 100644 --- a/libpolkit/libpolkit-privilege-cache.h +++ b/libpolkit/libpolkit-policy-cache.h @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege-cache.h : privilege cache + * libpolkit-policy-cache.h : policy cache * * Copyright (C) 2007 David Zeuthen, * @@ -23,28 +23,28 @@ * **************************************************************************/ -#ifndef LIBPOLKIT_PRIVILEGE_CACHE_H -#define LIBPOLKIT_PRIVILEGE_CACHE_H +#ifndef LIBPOLKIT_POLICY_CACHE_H +#define LIBPOLKIT_POLICY_CACHE_H #include #include #include #include -#include -#include +#include +#include -struct PolKitPrivilegeCache; -typedef struct PolKitPrivilegeCache PolKitPrivilegeCache; +struct PolKitPolicyCache; +typedef struct PolKitPolicyCache PolKitPolicyCache; -PolKitPrivilegeCache *libpolkit_privilege_cache_new (const char *dirname, GError **error); -PolKitPrivilegeCache *libpolkit_privilege_cache_ref (PolKitPrivilegeCache *privilege_cache); -void libpolkit_privilege_cache_unref (PolKitPrivilegeCache *privilege_cache); -void libpolkit_privilege_cache_debug (PolKitPrivilegeCache *privilege_cache); +PolKitPolicyCache *libpolkit_policy_cache_new (const char *dirname, GError **error); +PolKitPolicyCache *libpolkit_policy_cache_ref (PolKitPolicyCache *policy_cache); +void libpolkit_policy_cache_unref (PolKitPolicyCache *policy_cache); +void libpolkit_policy_cache_debug (PolKitPolicyCache *policy_cache); -PolKitPrivilegeFileEntry* libpolkit_privilege_cache_get_entry (PolKitPrivilegeCache *privilege_cache, - PolKitPrivilege *privilege); +PolKitPolicyFileEntry* libpolkit_policy_cache_get_entry (PolKitPolicyCache *policy_cache, + PolKitAction *action); -#endif /* LIBPOLKIT_PRIVILEGE_CACHE_H */ +#endif /* LIBPOLKIT_POLICY_CACHE_H */ diff --git a/libpolkit/libpolkit-privilege-default.c b/libpolkit/libpolkit-policy-default.c similarity index 65% rename from libpolkit/libpolkit-privilege-default.c rename to libpolkit/libpolkit-policy-default.c index 018786c..3edde5f 100644 --- a/libpolkit/libpolkit-privilege-default.c +++ b/libpolkit/libpolkit-policy-default.c @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege-default.c : privilege definition for the defaults + * libpolkit-policy-default.c : policy definition for the defaults * * Copyright (C) 2007 David Zeuthen, * @@ -39,24 +39,22 @@ #include #include "libpolkit-debug.h" #include "libpolkit-error.h" -#include "libpolkit-privilege-default.h" +#include "libpolkit-policy-default.h" /** - * SECTION:libpolkit-privilege-default - * @short_description: Defaults for privileges. + * SECTION:libpolkit-policy-default + * @short_description: Defaults policy. * - * This class records the default policy of a privilege as defined by - * the, privilege files installed in /etc/PolicyKit/privileges. - * + * This class records the default policy of an action. **/ /** - * PolKitPrivilegeDefault: + * PolKitPolicyDefault: * * Objects of this class are used to record information about a - * default policy for privilege. + * default policy for an action. **/ -struct PolKitPrivilegeDefault +struct PolKitPolicyDefault { int refcount; PolKitResult default_remote_inactive; @@ -90,7 +88,7 @@ parse_default (const char *key, char *s, const char *group, PolKitResult* target g_set_error (error, POLKIT_ERROR, - POLKIT_ERROR_PRIVILEGE_FILE_INVALID, + POLKIT_ERROR_POLICY_FILE_INVALID, "Value '%s' is not allowed for key '%s' in group '%s' - supported values are: %s", s, key, @@ -104,28 +102,28 @@ parse_default (const char *key, char *s, const char *group, PolKitResult* target } /** - * libpolkit_privilege_default_new: + * libpolkit_policy_default_new: * @key_file: a #GKeyFile object - * @privilege: privilege to look up defaults for in key_file + * @action: action to look up defaults for in key_file * @error: return location for error * - * Create a new #PolKitPrivilegeDefault object. + * Create a new #PolKitPolicyDefault object. * * Returns: the new object or #NULL if error is set **/ -PolKitPrivilegeDefault * -libpolkit_privilege_default_new (GKeyFile *key_file, const char *privilege, GError **error) +PolKitPolicyDefault * +libpolkit_policy_default_new (GKeyFile *key_file, const char *action, GError **error) { const char *key; const char *group; char *s; char buf[256]; - PolKitPrivilegeDefault *pd; + PolKitPolicyDefault *pd; - pd = g_new0 (PolKitPrivilegeDefault, 1); + pd = g_new0 (PolKitPolicyDefault, 1); pd->refcount = 1; - g_snprintf (buf, sizeof (buf), "Privilege %s", privilege); + g_snprintf (buf, sizeof (buf), "Action %s", action); group = buf; key = "AllowRemoteInactive"; @@ -152,75 +150,75 @@ libpolkit_privilege_default_new (GKeyFile *key_file, const char *privilege, GErr return pd; error: if (pd != NULL) - libpolkit_privilege_default_ref (pd); + libpolkit_policy_default_ref (pd); return NULL; } /** - * libpolkit_privilege_default_ref: - * @privilege_default: the privilege object + * libpolkit_policy_default_ref: + * @policy_default: the policy object * * Increase reference count. * * Returns: the object **/ -PolKitPrivilegeDefault * -libpolkit_privilege_default_ref (PolKitPrivilegeDefault *privilege_default) +PolKitPolicyDefault * +libpolkit_policy_default_ref (PolKitPolicyDefault *policy_default) { - g_return_val_if_fail (privilege_default != NULL, privilege_default); - privilege_default->refcount++; - return privilege_default; + g_return_val_if_fail (policy_default != NULL, policy_default); + policy_default->refcount++; + return policy_default; } /** - * libpolkit_privilege_default_unref: - * @privilege_default: the object + * libpolkit_policy_default_unref: + * @policy_default: the object * * Decreases the reference count of the object. If it becomes zero, * the object is freed. Before freeing, reference counts on embedded * objects are decresed by one. **/ void -libpolkit_privilege_default_unref (PolKitPrivilegeDefault *privilege_default) +libpolkit_policy_default_unref (PolKitPolicyDefault *policy_default) { - g_return_if_fail (privilege_default != NULL); - privilege_default->refcount--; - if (privilege_default->refcount > 0) + g_return_if_fail (policy_default != NULL); + policy_default->refcount--; + if (policy_default->refcount > 0) return; - g_free (privilege_default); + g_free (policy_default); } /** - * libpolkit_privilege_default_debug: - * @privilege_default: the object + * libpolkit_policy_default_debug: + * @policy_default: the object * * Print debug details **/ void -libpolkit_privilege_default_debug (PolKitPrivilegeDefault *privilege_default) +libpolkit_policy_default_debug (PolKitPolicyDefault *policy_default) { - g_return_if_fail (privilege_default != NULL); - _pk_debug ("PolKitPrivilegeDefault: refcount=%d\n" + g_return_if_fail (policy_default != NULL); + _pk_debug ("PolKitPolicyDefault: refcount=%d\n" " default_remote_inactive=%s\n" " default_remote_active=%s\n" " default_local_inactive=%s\n" " default_local_active=%s", - privilege_default->refcount, - libpolkit_result_to_string_representation (privilege_default->default_remote_inactive), - libpolkit_result_to_string_representation (privilege_default->default_remote_active), - libpolkit_result_to_string_representation (privilege_default->default_local_inactive), - libpolkit_result_to_string_representation (privilege_default->default_local_active)); + policy_default->refcount, + libpolkit_result_to_string_representation (policy_default->default_remote_inactive), + libpolkit_result_to_string_representation (policy_default->default_remote_active), + libpolkit_result_to_string_representation (policy_default->default_local_inactive), + libpolkit_result_to_string_representation (policy_default->default_local_active)); } /** - * libpolkit_privilege_default_can_session_access_resource: - * @privilege_default: the object - * @privilege: the type of access to check for + * libpolkit_policy_default_can_session_access_resource: + * @policy_default: the object + * @action: the type of access to check for * @resource: the resource in question * @session: the session in question * - * Using the default policy for a privilege, determine if a given + * Using the default policy for an action, determine if a given * session can access a given resource in a given way. * * Returns: A #PolKitResult - can only be one of @@ -228,8 +226,8 @@ libpolkit_privilege_default_debug (PolKitPrivilegeDefault *privilege_default) * #LIBPOLKIT_RESULT_YES, #LIBPOLKIT_RESULT_NO. **/ PolKitResult -libpolkit_privilege_default_can_session_access_resource (PolKitPrivilegeDefault *privilege_default, - PolKitPrivilege *privilege, +libpolkit_policy_default_can_session_access_resource (PolKitPolicyDefault *policy_default, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { @@ -239,8 +237,8 @@ libpolkit_privilege_default_can_session_access_resource (PolKitPrivilegeDefault ret = LIBPOLKIT_RESULT_NO; - g_return_val_if_fail (privilege_default != NULL, ret); - g_return_val_if_fail (privilege != NULL, ret); + g_return_val_if_fail (policy_default != NULL, ret); + g_return_val_if_fail (action != NULL, ret); g_return_val_if_fail (resource != NULL, ret); g_return_val_if_fail (session != NULL, ret); @@ -251,15 +249,15 @@ libpolkit_privilege_default_can_session_access_resource (PolKitPrivilegeDefault if (is_local) { if (is_active) { - ret = privilege_default->default_local_active; + ret = policy_default->default_local_active; } else { - ret = privilege_default->default_local_inactive; + ret = policy_default->default_local_inactive; } } else { if (is_active) { - ret = privilege_default->default_remote_active; + ret = policy_default->default_remote_active; } else { - ret = privilege_default->default_remote_inactive; + ret = policy_default->default_remote_inactive; } } out: @@ -267,21 +265,21 @@ out: } /** - * libpolkit_privilege_default_can_caller_access_resource: - * @privilege_default: the object - * @privilege: the type of access to check for + * libpolkit_policy_default_can_caller_access_resource: + * @policy_default: the object + * @action: the type of access to check for * @resource: the resource in question * @caller: the resource in question * - * Using the default policy for a privilege, determine if a given + * Using the default policy for an action, determine if a given * caller can access a given resource in a given way. * * Returns: A #PolKitResult specifying if, and how, the caller can * access the resource in the given way **/ PolKitResult -libpolkit_privilege_default_can_caller_access_resource (PolKitPrivilegeDefault *privilege_default, - PolKitPrivilege *privilege, +libpolkit_policy_default_can_caller_access_resource (PolKitPolicyDefault *policy_default, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { @@ -292,8 +290,8 @@ libpolkit_privilege_default_can_caller_access_resource (PolKitPrivilegeDefault * ret = LIBPOLKIT_RESULT_NO; - g_return_val_if_fail (privilege_default != NULL, ret); - g_return_val_if_fail (privilege != NULL, ret); + g_return_val_if_fail (policy_default != NULL, ret); + g_return_val_if_fail (action != NULL, ret); g_return_val_if_fail (resource != NULL, ret); g_return_val_if_fail (caller != NULL, ret); @@ -309,15 +307,15 @@ libpolkit_privilege_default_can_caller_access_resource (PolKitPrivilegeDefault * if (is_local) { if (is_active) { - ret = privilege_default->default_local_active; + ret = policy_default->default_local_active; } else { - ret = privilege_default->default_local_inactive; + ret = policy_default->default_local_inactive; } } else { if (is_active) { - ret = privilege_default->default_remote_active; + ret = policy_default->default_remote_active; } else { - ret = privilege_default->default_remote_inactive; + ret = policy_default->default_remote_inactive; } } out: diff --git a/libpolkit/libpolkit-privilege-default.h b/libpolkit/libpolkit-policy-default.h similarity index 64% rename from libpolkit/libpolkit-privilege-default.h rename to libpolkit/libpolkit-policy-default.h index ac84a8a..6db6c62 100644 --- a/libpolkit/libpolkit-privilege-default.h +++ b/libpolkit/libpolkit-policy-default.h @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege-default.h : privilege definition for the defaults + * libpolkit-policy-default.h : policy definition for the defaults * * Copyright (C) 2007 David Zeuthen, * @@ -23,8 +23,8 @@ * **************************************************************************/ -#ifndef LIBPOLKIT_PRIVILEGE_DEFAULT_H -#define LIBPOLKIT_PRIVILEGE_DEFAULT_H +#ifndef LIBPOLKIT_POLICY_DEFAULT_H +#define LIBPOLKIT_POLICY_DEFAULT_H #include #include @@ -32,30 +32,30 @@ #include #include -#include +#include #include #include #include -struct PolKitPrivilegeDefault; -typedef struct PolKitPrivilegeDefault PolKitPrivilegeDefault; +struct PolKitPolicyDefault; +typedef struct PolKitPolicyDefault PolKitPolicyDefault; -PolKitPrivilegeDefault *libpolkit_privilege_default_new (GKeyFile *key_file, const char *privilege, GError **error); -PolKitPrivilegeDefault *libpolkit_privilege_default_ref (PolKitPrivilegeDefault *privilege_default); -void libpolkit_privilege_default_unref (PolKitPrivilegeDefault *privilege_default); -void libpolkit_privilege_default_debug (PolKitPrivilegeDefault *privilege_default); +PolKitPolicyDefault *libpolkit_policy_default_new (GKeyFile *key_file, const char *action, GError **error); +PolKitPolicyDefault *libpolkit_policy_default_ref (PolKitPolicyDefault *policy_default); +void libpolkit_policy_default_unref (PolKitPolicyDefault *policy_default); +void libpolkit_policy_default_debug (PolKitPolicyDefault *policy_default); -PolKitResult libpolkit_privilege_default_can_session_access_resource (PolKitPrivilegeDefault *privilege_default, - PolKitPrivilege *privilege, +PolKitResult libpolkit_policy_default_can_session_access_resource (PolKitPolicyDefault *policy_default, + PolKitAction *action, PolKitResource *resource, PolKitSession *session); -PolKitResult libpolkit_privilege_default_can_caller_access_resource (PolKitPrivilegeDefault *privilege_default, - PolKitPrivilege *privilege, +PolKitResult libpolkit_policy_default_can_caller_access_resource (PolKitPolicyDefault *policy_default, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller); /* TODO: export knobs for "default policy" */ -#endif /* LIBPOLKIT_PRIVILEGE_DEFAULT_H */ +#endif /* LIBPOLKIT_POLICY_DEFAULT_H */ diff --git a/libpolkit/libpolkit-policy-file-entry.c b/libpolkit/libpolkit-policy-file-entry.c new file mode 100644 index 0000000..5a042cb --- /dev/null +++ b/libpolkit/libpolkit-policy-file-entry.c @@ -0,0 +1,178 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ +/*************************************************************************** + * + * libpolkit-policy-file-entry.c : entries in policy files + * + * Copyright (C) 2007 David Zeuthen, + * + * Licensed under the Academic Free License version 2.1 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + **************************************************************************/ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include "libpolkit-debug.h" +#include "libpolkit-error.h" +#include "libpolkit-result.h" +#include "libpolkit-policy-file-entry.h" + +/** + * SECTION:libpolkit-policy-file-entry + * @short_description: Policy files entries. + * + * This class is used to represent a entries in policy files. + **/ + +/** + * PolKitPolicyFileEntry: + * + * Objects of this class are used to record information about a + * policy. + **/ +struct PolKitPolicyFileEntry +{ + int refcount; + char *action; + PolKitPolicyDefault *defaults; +}; + +/** + * libpolkit_policy_file_entry_new: + * @key_file: a #GKeyFile object + * @action: action to look for in key_file + * @error: return location for error + * + * Create a new #PolKitPolicyFileEntry object. If the given + * @key_file object does not contain the requisite sections, a human + * readable explanation of why will be set in @error. + * + * Returns: the new object or #NULL if error is set + **/ +PolKitPolicyFileEntry * +libpolkit_policy_file_entry_new (GKeyFile *key_file, const char *action, GError **error) +{ + PolKitPolicyFileEntry *pfe; + + pfe = g_new0 (PolKitPolicyFileEntry, 1); + pfe->refcount = 1; + pfe->action = g_strdup (action); + + pfe->defaults = libpolkit_policy_default_new (key_file, action, error); + if (pfe->defaults == NULL) + goto error; + + return pfe; +error: + if (pfe != NULL) + libpolkit_policy_file_entry_unref (pfe); + return NULL; +} + +/** + * libpolkit_policy_file_entry_ref: + * @policy_file_entry: the policy file object + * + * Increase reference count. + * + * Returns: the object + **/ +PolKitPolicyFileEntry * +libpolkit_policy_file_entry_ref (PolKitPolicyFileEntry *policy_file_entry) +{ + g_return_val_if_fail (policy_file_entry != NULL, policy_file_entry); + policy_file_entry->refcount++; + return policy_file_entry; +} + +/** + * libpolkit_policy_file_entry_unref: + * @policy_file_entry: the policy file object + * + * Decreases the reference count of the object. If it becomes zero, + * the object is freed. Before freeing, reference counts on embedded + * objects are decresed by one. + **/ +void +libpolkit_policy_file_entry_unref (PolKitPolicyFileEntry *policy_file_entry) +{ + g_return_if_fail (policy_file_entry != NULL); + policy_file_entry->refcount--; + if (policy_file_entry->refcount > 0) + return; + g_free (policy_file_entry->action); + if (policy_file_entry->defaults != NULL) + libpolkit_policy_default_unref (policy_file_entry->defaults); + g_free (policy_file_entry); +} + +/** + * libpolkit_policy_file_entry_debug: + * @policy_file_entry: the entry + * + * Print debug information about object + **/ +void +libpolkit_policy_file_entry_debug (PolKitPolicyFileEntry *policy_file_entry) +{ + g_return_if_fail (policy_file_entry != NULL); + _pk_debug ("PolKitPolicyFileEntry: refcount=%d action=%s", + policy_file_entry->refcount, + policy_file_entry->action); + libpolkit_policy_default_debug (policy_file_entry->defaults); +} + +/** + * libpolkit_policy_file_entry_get_id: + * @policy_file_entry: the file entry + * + * Get the action identifier. + * + * Returns: A string - caller shall not free this string. + **/ +const char * +libpolkit_policy_file_entry_get_id (PolKitPolicyFileEntry *policy_file_entry) +{ + g_return_val_if_fail (policy_file_entry != NULL, NULL); + return policy_file_entry->action; +} + +/** + * libpolkit_policy_file_entry_get_default: + * @policy_file_entry: the file entry + * + * Get the the default policy for this policy. + * + * Returns: A #PolKitPolicyDefault object - caller shall not unref this object. + **/ +PolKitPolicyDefault * +libpolkit_policy_file_entry_get_default (PolKitPolicyFileEntry *policy_file_entry) +{ + g_return_val_if_fail (policy_file_entry != NULL, NULL); + return policy_file_entry->defaults; +} diff --git a/libpolkit/libpolkit-privilege-file-entry.h b/libpolkit/libpolkit-policy-file-entry.h similarity index 53% rename from libpolkit/libpolkit-privilege-file-entry.h rename to libpolkit/libpolkit-policy-file-entry.h index 0d2b32c..f183c06 100644 --- a/libpolkit/libpolkit-privilege-file-entry.h +++ b/libpolkit/libpolkit-policy-file-entry.h @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege-file-entry.h : entries in privilege files + * libpolkit-policy-file-entry.h : entries in policy files * * Copyright (C) 2007 David Zeuthen, * @@ -23,8 +23,8 @@ * **************************************************************************/ -#ifndef LIBPOLKIT_PRIVILEGE_FILE_ENTRY_H -#define LIBPOLKIT_PRIVILEGE_FILE_ENTRY_H +#ifndef LIBPOLKIT_POLICY_FILE_ENTRY_H +#define LIBPOLKIT_POLICY_FILE_ENTRY_H #include #include @@ -32,20 +32,20 @@ #include #include -#include +#include -struct PolKitPrivilegeFileEntry; -typedef struct PolKitPrivilegeFileEntry PolKitPrivilegeFileEntry; +struct PolKitPolicyFileEntry; +typedef struct PolKitPolicyFileEntry PolKitPolicyFileEntry; -PolKitPrivilegeFileEntry *libpolkit_privilege_file_entry_new (GKeyFile *key_file, const char *privilege, GError **error); -PolKitPrivilegeFileEntry *libpolkit_privilege_file_entry_ref (PolKitPrivilegeFileEntry *privilege_file_entry); -void libpolkit_privilege_file_entry_unref (PolKitPrivilegeFileEntry *privilege_file_entry); -void libpolkit_privilege_file_entry_debug (PolKitPrivilegeFileEntry *privilege_file_entry); +PolKitPolicyFileEntry *libpolkit_policy_file_entry_new (GKeyFile *key_file, const char *action, GError **error); +PolKitPolicyFileEntry *libpolkit_policy_file_entry_ref (PolKitPolicyFileEntry *policy_file_entry); +void libpolkit_policy_file_entry_unref (PolKitPolicyFileEntry *policy_file_entry); +void libpolkit_policy_file_entry_debug (PolKitPolicyFileEntry *policy_file_entry); -const char *libpolkit_privilege_file_entry_get_id (PolKitPrivilegeFileEntry *privilege_file_entry); -PolKitPrivilegeDefault *libpolkit_privilege_file_entry_get_default (PolKitPrivilegeFileEntry *privilege_file_entry); +const char *libpolkit_policy_file_entry_get_id (PolKitPolicyFileEntry *policy_file_entry); +PolKitPolicyDefault *libpolkit_policy_file_entry_get_default (PolKitPolicyFileEntry *policy_file_entry); -#endif /* LIBPOLKIT_PRIVILEGE_FILE_ENTRY_H */ +#endif /* LIBPOLKIT_POLICY_FILE_ENTRY_H */ diff --git a/libpolkit/libpolkit-privilege-file.c b/libpolkit/libpolkit-policy-file.c similarity index 58% rename from libpolkit/libpolkit-privilege-file.c rename to libpolkit/libpolkit-policy-file.c index ae119b8..b739166 100644 --- a/libpolkit/libpolkit-privilege-file.c +++ b/libpolkit/libpolkit-policy-file.c @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege-file.c : privilege files + * libpolkit-policy-file.c : policy files * * Copyright (C) 2007 David Zeuthen, * @@ -39,43 +39,43 @@ #include #include "libpolkit-error.h" #include "libpolkit-result.h" -#include "libpolkit-privilege-file.h" +#include "libpolkit-policy-file.h" /** - * SECTION:libpolkit-privilege-file - * @short_description: Privileges files. + * SECTION:libpolkit-policy-file + * @short_description: Policys files. * - * This class is used to represent a privilege files. + * This class is used to represent a policy files. **/ /** - * PolKitPrivilegeFile: + * PolKitPolicyFile: * * Objects of this class are used to record information about a - * privilege. + * policy file. **/ -struct PolKitPrivilegeFile +struct PolKitPolicyFile { int refcount; GSList *entries; }; /** - * libpolkit_privilege_file_new: - * @path: path to privilege file + * libpolkit_policy_file_new: + * @path: path to policy file * @error: return location for error * - * Create a new #PolKitPrivilegeFile object. If the file does not + * Create a new #PolKitPolicyFile object. If the file does not * validate, a human readable explanation of why will be set in * @error. * * Returns: the new object or #NULL if error is set **/ -PolKitPrivilegeFile * -libpolkit_privilege_file_new (const char *path, GError **error) +PolKitPolicyFile * +libpolkit_policy_file_new (const char *path, GError **error) { GKeyFile *key_file; - PolKitPrivilegeFile *pf; + PolKitPolicyFile *pf; char **groups; gsize groups_len; int n; @@ -84,11 +84,11 @@ libpolkit_privilege_file_new (const char *path, GError **error) key_file = NULL; groups = NULL; - if (!g_str_has_suffix (path, ".priv")) { + if (!g_str_has_suffix (path, ".policy")) { g_set_error (error, POLKIT_ERROR, - POLKIT_ERROR_PRIVILEGE_FILE_INVALID, - "Privilege files must have extension .priv"); + POLKIT_ERROR_POLICY_FILE_INVALID, + "Policy files must have extension .policy"); goto error; } @@ -96,7 +96,7 @@ libpolkit_privilege_file_new (const char *path, GError **error) if (!g_key_file_load_from_file (key_file, path, G_KEY_FILE_NONE, error)) goto error; - pf = g_new0 (PolKitPrivilegeFile, 1); + pf = g_new0 (PolKitPolicyFile, 1); pf->refcount = 1; groups = g_key_file_get_groups(key_file, &groups_len); @@ -104,27 +104,27 @@ libpolkit_privilege_file_new (const char *path, GError **error) goto error; for (n = 0; groups[n] != NULL; n++) { - const char *privilege; - PolKitPrivilegeFileEntry *pfe; + const char *action; + PolKitPolicyFileEntry *pfe; - if (!g_str_has_prefix (groups[n], "Privilege ")) { + if (!g_str_has_prefix (groups[n], "Action ")) { g_set_error (error, POLKIT_ERROR, - POLKIT_ERROR_PRIVILEGE_FILE_INVALID, + POLKIT_ERROR_POLICY_FILE_INVALID, "Unknown group of name '%s'", groups[n]); goto error; } - privilege = groups[n] + 10; /* strlen ("Privilege ") */ - if (strlen (privilege) == 0) { + action = groups[n] + 7; /* "Action " */ + if (strlen (action) == 0) { g_set_error (error, POLKIT_ERROR, - POLKIT_ERROR_PRIVILEGE_FILE_INVALID, - "Zero-length privilege name"); + POLKIT_ERROR_POLICY_FILE_INVALID, + "Zero-length action name"); goto error; } - pfe = libpolkit_privilege_file_entry_new (key_file, privilege, error); + pfe = libpolkit_policy_file_entry_new (key_file, action, error); if (pfe == NULL) goto error; pf->entries = g_slist_prepend (pf->entries, pfe); @@ -139,62 +139,62 @@ error: if (key_file != NULL) g_key_file_free (key_file); if (pf != NULL) - libpolkit_privilege_file_unref (pf); + libpolkit_policy_file_unref (pf); return NULL; } /** - * libpolkit_privilege_file_ref: - * @privilege_file: the privilege file object + * libpolkit_policy_file_ref: + * @policy_file: the policy file object * * Increase reference count. * * Returns: the object **/ -PolKitPrivilegeFile * -libpolkit_privilege_file_ref (PolKitPrivilegeFile *privilege_file) +PolKitPolicyFile * +libpolkit_policy_file_ref (PolKitPolicyFile *policy_file) { - g_return_val_if_fail (privilege_file != NULL, privilege_file); - privilege_file->refcount++; - return privilege_file; + g_return_val_if_fail (policy_file != NULL, policy_file); + policy_file->refcount++; + return policy_file; } /** - * libpolkit_privilege_file_unref: - * @privilege_file: the privilege file object + * libpolkit_policy_file_unref: + * @policy_file: the policy file object * * Decreases the reference count of the object. If it becomes zero, * the object is freed. Before freeing, reference counts on embedded * objects are decresed by one. **/ void -libpolkit_privilege_file_unref (PolKitPrivilegeFile *privilege_file) +libpolkit_policy_file_unref (PolKitPolicyFile *policy_file) { GSList *i; - g_return_if_fail (privilege_file != NULL); - privilege_file->refcount--; - if (privilege_file->refcount > 0) + g_return_if_fail (policy_file != NULL); + policy_file->refcount--; + if (policy_file->refcount > 0) return; - for (i = privilege_file->entries; i != NULL; i = g_slist_next (i)) { - libpolkit_privilege_file_entry_unref (i->data); + for (i = policy_file->entries; i != NULL; i = g_slist_next (i)) { + libpolkit_policy_file_entry_unref (i->data); } - if (privilege_file->entries != NULL) - g_slist_free (privilege_file->entries); - g_free (privilege_file); + if (policy_file->entries != NULL) + g_slist_free (policy_file->entries); + g_free (policy_file); } /** - * libpolkit_privilege_file_get_entries: - * @privilege_file: the privilege file object + * libpolkit_policy_file_get_entries: + * @policy_file: the policy file object * * Get the entries stemming from the given file. * * Returns: A #GSList of the entries. **/ GSList * -libpolkit_privilege_file_get_entries (PolKitPrivilegeFile *privilege_file) +libpolkit_policy_file_get_entries (PolKitPolicyFile *policy_file) { - g_return_val_if_fail (privilege_file != NULL, NULL); - return privilege_file->entries; + g_return_val_if_fail (policy_file != NULL, NULL); + return policy_file->entries; } diff --git a/libpolkit/libpolkit-privilege.h b/libpolkit/libpolkit-policy-file.h similarity index 60% rename from libpolkit/libpolkit-privilege.h rename to libpolkit/libpolkit-policy-file.h index bfc4d14..b77db76 100644 --- a/libpolkit/libpolkit-privilege.h +++ b/libpolkit/libpolkit-policy-file.h @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * libpolkit-privilege.h : privileges + * libpolkit-policy-file.h : policy files * * Copyright (C) 2007 David Zeuthen, * @@ -23,25 +23,24 @@ * **************************************************************************/ -#ifndef LIBPOLKIT_PRIVILEGE_H -#define LIBPOLKIT_PRIVILEGE_H +#ifndef LIBPOLKIT_POLICY_FILE_H +#define LIBPOLKIT_POLICY_FILE_H #include #include #include #include -struct PolKitPrivilege; -typedef struct PolKitPrivilege PolKitPrivilege; +#include -PolKitPrivilege *libpolkit_privilege_new (void); -PolKitPrivilege *libpolkit_privilege_ref (PolKitPrivilege *privilege); -void libpolkit_privilege_unref (PolKitPrivilege *privilege); -void libpolkit_privilege_set_privilege_id (PolKitPrivilege *privilege, const char *privilege_id); -gboolean libpolkit_privilege_get_privilege_id (PolKitPrivilege *privilege, char **out_privilege_id); +struct PolKitPolicyFile; +typedef struct PolKitPolicyFile PolKitPolicyFile; -void libpolkit_privilege_debug (PolKitPrivilege *privilege); +PolKitPolicyFile *libpolkit_policy_file_new (const char *path, GError **error); +PolKitPolicyFile *libpolkit_policy_file_ref (PolKitPolicyFile *policy_file); +GSList *libpolkit_policy_file_get_entries (PolKitPolicyFile *policy_file); +void libpolkit_policy_file_unref (PolKitPolicyFile *policy_file); -#endif /* LIBPOLKIT_PRIVILEGE_H */ +#endif /* LIBPOLKIT_POLICY_FILE_H */ diff --git a/libpolkit/libpolkit-privilege-cache.c b/libpolkit/libpolkit-privilege-cache.c deleted file mode 100644 index d9ae81d..0000000 --- a/libpolkit/libpolkit-privilege-cache.c +++ /dev/null @@ -1,247 +0,0 @@ -/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ -/*************************************************************************** - * - * libpolkit-privilege-cache.c : privilege cache - * - * Copyright (C) 2007 David Zeuthen, - * - * Licensed under the Academic Free License version 2.1 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - **************************************************************************/ - -#ifdef HAVE_CONFIG_H -# include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include "libpolkit-debug.h" -#include "libpolkit-privilege-file.h" -#include "libpolkit-privilege-cache.h" - -/** - * SECTION:libpolkit-privilege-cache - * @short_description: System privilege queries. - * - * This class is used to query all system-defined privileges, - * e.g. privilege files installed in /etc/PolicyKit/privileges. - **/ - -/** - * PolKitPrivilegeCache: - * - * Instances of this class is used to query all system-defined - * privileges, e.g. privilege files installed in - * /etc/PolicyKit/privileges. - **/ -struct PolKitPrivilegeCache -{ - int refcount; - - GSList *priv_entries; -}; - - -static void -add_entries_from_file (PolKitPrivilegeCache *privilege_cache, - PolKitPrivilegeFile *privilege_file) -{ - GSList *i; - - g_return_if_fail (privilege_cache != NULL); - g_return_if_fail (privilege_file != NULL); - - for (i = libpolkit_privilege_file_get_entries (privilege_file); i != NULL; i = g_slist_next (i)) { - PolKitPrivilegeFileEntry *privilege_file_entry = i->data; - libpolkit_privilege_file_entry_ref (privilege_file_entry); - privilege_cache->priv_entries = g_slist_append (privilege_cache->priv_entries, - privilege_file_entry); - } -} - -/** - * libpolkit_privilege_cache_new: - * @dirname: directory containing privilege files - * @error: location to return error - * - * Create a new #PolKitPrivilegeCache object and load information from privilege files. - * - * Returns: #NULL if @error was set, otherwise the #PolKitPrivilegeCache object - **/ -PolKitPrivilegeCache * -libpolkit_privilege_cache_new (const char *dirname, GError **error) -{ - const char *file; - GDir *dir; - PolKitPrivilegeCache *pc; - - pc = g_new0 (PolKitPrivilegeCache, 1); - pc->refcount = 1; - - dir = g_dir_open (dirname, 0, error); - if (dir == NULL) { - goto out; - } - while ((file = g_dir_read_name (dir)) != NULL) { - char *path; - PolKitPrivilegeFile *pf; - - if (!g_str_has_suffix (file, ".priv")) - continue; - - if (g_str_has_prefix (file, ".")) - continue; - - path = g_strdup_printf ("%s/%s", dirname, file); - - _pk_debug ("Loading %s", path); - pf = libpolkit_privilege_file_new (path, error); - g_free (path); - - if (pf == NULL) { - goto out; - } - - add_entries_from_file (pc, pf); - libpolkit_privilege_file_unref (pf); - } - g_dir_close (dir); - - return pc; -out: - if (pc != NULL) - libpolkit_privilege_cache_ref (pc); - return NULL; -} - -/** - * libpolkit_privilege_cache_ref: - * @privilege_cache: the privilege cache object - * - * Increase reference count. - * - * Returns: the object - **/ -PolKitPrivilegeCache * -libpolkit_privilege_cache_ref (PolKitPrivilegeCache *privilege_cache) -{ - g_return_val_if_fail (privilege_cache != NULL, privilege_cache); - privilege_cache->refcount++; - return privilege_cache; -} - -/** - * libpolkit_privilege_cache_unref: - * @privilege_cache: the privilege cache object - * - * Decreases the reference count of the object. If it becomes zero, - * the object is freed. Before freeing, reference counts on embedded - * objects are decresed by one. - **/ -void -libpolkit_privilege_cache_unref (PolKitPrivilegeCache *privilege_cache) -{ - GSList *i; - - g_return_if_fail (privilege_cache != NULL); - privilege_cache->refcount--; - if (privilege_cache->refcount > 0) - return; - - for (i = privilege_cache->priv_entries; i != NULL; i = g_slist_next (i)) { - PolKitPrivilegeFileEntry *pfe = i->data; - libpolkit_privilege_file_entry_unref (pfe); - } - if (privilege_cache->priv_entries != NULL) - g_slist_free (privilege_cache->priv_entries); - - g_free (privilege_cache); -} - -/** - * libpolkit_privilege_cache_debug: - * @privilege_cache: the cache - * - * Print debug information about object - **/ -void -libpolkit_privilege_cache_debug (PolKitPrivilegeCache *privilege_cache) -{ - GSList *i; - g_return_if_fail (privilege_cache != NULL); - - _pk_debug ("PolKitPrivilegeCache: refcount=%d num_entries=%d ...", - privilege_cache->refcount, - privilege_cache->priv_entries == NULL ? 0 : g_slist_length (privilege_cache->priv_entries)); - - for (i = privilege_cache->priv_entries; i != NULL; i = g_slist_next (i)) { - PolKitPrivilegeFileEntry *pfe = i->data; - libpolkit_privilege_file_entry_debug (pfe); - } -} - -/** - * libpolkit_privilege_cache_get_entry: - * @privilege_cache: the cache - * @privilege: the privilege - * - * Given a privilege, find the object describing the definition of the - * privilege; e.g. data stemming from files in - * /etc/PolicyKit/privileges. - * - * Returns: A #PolKitPrivilegeFileEntry entry on sucess; otherwise - * #NULL if the privilege wasn't identified. Caller shall not unref - * this object. - **/ -PolKitPrivilegeFileEntry* -libpolkit_privilege_cache_get_entry (PolKitPrivilegeCache *privilege_cache, - PolKitPrivilege *privilege) -{ - char *priv_id; - GSList *i; - PolKitPrivilegeFileEntry *pfe; - - pfe = NULL; - - /* I'm sure it would be easy to make this O(1)... */ - - g_return_val_if_fail (privilege_cache != NULL, NULL); - g_return_val_if_fail (privilege != NULL, NULL); - - if (!libpolkit_privilege_get_privilege_id (privilege, &priv_id)) - goto out; - - for (i = privilege_cache->priv_entries; i != NULL; i = g_slist_next (i)) { - pfe = i->data; - if (strcmp (libpolkit_privilege_file_entry_get_id (pfe), priv_id) == 0) { - goto out; - } - } - - pfe = NULL; - -out: - return pfe; -} diff --git a/libpolkit/libpolkit-privilege-file-entry.c b/libpolkit/libpolkit-privilege-file-entry.c deleted file mode 100644 index 22052a8..0000000 --- a/libpolkit/libpolkit-privilege-file-entry.c +++ /dev/null @@ -1,178 +0,0 @@ -/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ -/*************************************************************************** - * - * libpolkit-privilege-file-entry.c : entries in privilege files - * - * Copyright (C) 2007 David Zeuthen, - * - * Licensed under the Academic Free License version 2.1 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - **************************************************************************/ - -#ifdef HAVE_CONFIG_H -# include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include "libpolkit-debug.h" -#include "libpolkit-error.h" -#include "libpolkit-result.h" -#include "libpolkit-privilege-file-entry.h" - -/** - * SECTION:libpolkit-privilege-file-entry - * @short_description: Privileges files. - * - * This class is used to represent a entries in privilege files. - **/ - -/** - * PolKitPrivilegeFileEntry: - * - * Objects of this class are used to record information about a - * privilege. - **/ -struct PolKitPrivilegeFileEntry -{ - int refcount; - char *privilege; - PolKitPrivilegeDefault *defaults; -}; - -/** - * libpolkit_privilege_file_entry_new: - * @key_file: a #GKeyFile object - * @privilege: privilege to look for in key_file - * @error: return location for error - * - * Create a new #PolKitPrivilegeFileEntry object. If the given - * @key_file object does not contain the requisite sections, a human - * readable explanation of why will be set in @error. - * - * Returns: the new object or #NULL if error is set - **/ -PolKitPrivilegeFileEntry * -libpolkit_privilege_file_entry_new (GKeyFile *key_file, const char *privilege, GError **error) -{ - PolKitPrivilegeFileEntry *pfe; - - pfe = g_new0 (PolKitPrivilegeFileEntry, 1); - pfe->refcount = 1; - pfe->privilege = g_strdup (privilege); - - pfe->defaults = libpolkit_privilege_default_new (key_file, privilege, error); - if (pfe->defaults == NULL) - goto error; - - return pfe; -error: - if (pfe != NULL) - libpolkit_privilege_file_entry_unref (pfe); - return NULL; -} - -/** - * libpolkit_privilege_file_entry_ref: - * @privilege_file_entry: the privilege file object - * - * Increase reference count. - * - * Returns: the object - **/ -PolKitPrivilegeFileEntry * -libpolkit_privilege_file_entry_ref (PolKitPrivilegeFileEntry *privilege_file_entry) -{ - g_return_val_if_fail (privilege_file_entry != NULL, privilege_file_entry); - privilege_file_entry->refcount++; - return privilege_file_entry; -} - -/** - * libpolkit_privilege_file_entry_unref: - * @privilege_file_entry: the privilege file object - * - * Decreases the reference count of the object. If it becomes zero, - * the object is freed. Before freeing, reference counts on embedded - * objects are decresed by one. - **/ -void -libpolkit_privilege_file_entry_unref (PolKitPrivilegeFileEntry *privilege_file_entry) -{ - g_return_if_fail (privilege_file_entry != NULL); - privilege_file_entry->refcount--; - if (privilege_file_entry->refcount > 0) - return; - g_free (privilege_file_entry->privilege); - if (privilege_file_entry->defaults != NULL) - libpolkit_privilege_default_unref (privilege_file_entry->defaults); - g_free (privilege_file_entry); -} - -/** - * libpolkit_privilege_file_entry_debug: - * @privilege_file_entry: the entry - * - * Print debug information about object - **/ -void -libpolkit_privilege_file_entry_debug (PolKitPrivilegeFileEntry *privilege_file_entry) -{ - g_return_if_fail (privilege_file_entry != NULL); - _pk_debug ("PolKitPrivilegeFileEntry: refcount=%d privilege=%s", - privilege_file_entry->refcount, - privilege_file_entry->privilege); - libpolkit_privilege_default_debug (privilege_file_entry->defaults); -} - -/** - * libpolkit_privilege_file_entry_get_id: - * @privilege_file_entry: the file entry - * - * Get the privilege identifier. - * - * Returns: A string - caller shall not free this string. - **/ -const char * -libpolkit_privilege_file_entry_get_id (PolKitPrivilegeFileEntry *privilege_file_entry) -{ - g_return_val_if_fail (privilege_file_entry != NULL, NULL); - return privilege_file_entry->privilege; -} - -/** - * libpolkit_privilege_file_entry_get_default: - * @privilege_file_entry: the file entry - * - * Get the the default policy for this privilege. - * - * Returns: A #PolKitPrivilegeDefault object - caller shall not unref this object. - **/ -PolKitPrivilegeDefault * -libpolkit_privilege_file_entry_get_default (PolKitPrivilegeFileEntry *privilege_file_entry) -{ - g_return_val_if_fail (privilege_file_entry != NULL, NULL); - return privilege_file_entry->defaults; -} diff --git a/libpolkit/libpolkit-privilege.c b/libpolkit/libpolkit-privilege.c deleted file mode 100644 index 56c257e..0000000 --- a/libpolkit/libpolkit-privilege.c +++ /dev/null @@ -1,160 +0,0 @@ -/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ -/*************************************************************************** - * - * libpolkit-privilege.c : privilege - * - * Copyright (C) 2007 David Zeuthen, - * - * Licensed under the Academic Free License version 2.1 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - **************************************************************************/ - -#ifdef HAVE_CONFIG_H -# include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include "libpolkit-debug.h" -#include "libpolkit-privilege.h" - -/** - * SECTION:libpolkit-privilege - * @short_description: Privileges. - * - * This class is used to represent a privilege. TODO: describe what a privilege really is. - **/ - -/** - * PolKitPrivilege: - * - * Objects of this class are used to record information about a - * privilege. - **/ -struct PolKitPrivilege -{ - int refcount; - char *id; -}; - -/** - * libpolkit_privilege_new: - * - * Create a new #PolKitPrivilege object. - * - * Returns: the new object - **/ -PolKitPrivilege * -libpolkit_privilege_new (void) -{ - PolKitPrivilege *privilege; - privilege = g_new0 (PolKitPrivilege, 1); - privilege->refcount = 1; - return privilege; -} - -/** - * libpolkit_privilege_ref: - * @privilege: the privilege object - * - * Increase reference count. - * - * Returns: the object - **/ -PolKitPrivilege * -libpolkit_privilege_ref (PolKitPrivilege *privilege) -{ - g_return_val_if_fail (privilege != NULL, privilege); - privilege->refcount++; - return privilege; -} - -/** - * libpolkit_privilege_unref: - * @privilege: the privilege object - * - * Decreases the reference count of the object. If it becomes zero, - * the object is freed. Before freeing, reference counts on embedded - * objects are decresed by one. - **/ -void -libpolkit_privilege_unref (PolKitPrivilege *privilege) -{ - g_return_if_fail (privilege != NULL); - privilege->refcount--; - if (privilege->refcount > 0) - return; - g_free (privilege->id); - g_free (privilege); -} - -/** - * libpolkit_privilege_set_privilege_id: - * @privilege: the privilege object - * @privilege_id: privilege identifier - * - * Set the privilege identifier - **/ -void -libpolkit_privilege_set_privilege_id (PolKitPrivilege *privilege, const char *privilege_id) -{ - g_return_if_fail (privilege != NULL); - if (privilege->id != NULL) - g_free (privilege->id); - privilege->id = g_strdup (privilege_id); -} - -/** - * libpolkit_privilege_get_privilege_id: - * @privilege: the privilege object - * @out_privilege_id: Returns the privilege identifier. The caller shall not free this string. - * - * Get the privilege identifier. - * - * Returns: TRUE iff the value was returned. - **/ -gboolean -libpolkit_privilege_get_privilege_id (PolKitPrivilege *privilege, char **out_privilege_id) -{ - g_return_val_if_fail (privilege != NULL, FALSE); - g_return_val_if_fail (out_privilege_id != NULL, FALSE); - if (privilege->id == NULL) - return FALSE; - *out_privilege_id = privilege->id; - return TRUE; -} - -/** - * libpolkit_privilege_debug: - * @privilege: the object - * - * Print debug details - **/ -void -libpolkit_privilege_debug (PolKitPrivilege *privilege) -{ - g_return_if_fail (privilege != NULL); - _pk_debug ("PolKitPrivilege: refcount=%d id=%s", privilege->refcount, privilege->id); -} diff --git a/libpolkit/libpolkit-result.c b/libpolkit/libpolkit-result.c index f19b710..2c81113 100644 --- a/libpolkit/libpolkit-result.c +++ b/libpolkit/libpolkit-result.c @@ -52,7 +52,7 @@ static const struct { const char *str; } mapping[] = { - {LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE, "unknown"}, + {LIBPOLKIT_RESULT_UNKNOWN_ACTION, "unknown"}, {LIBPOLKIT_RESULT_NOT_AUTHORIZED_TO_KNOW, "not_authorized"}, {LIBPOLKIT_RESULT_NO, "no"}, {LIBPOLKIT_RESULT_ONLY_VIA_ROOT_AUTH, "auth_root"}, diff --git a/libpolkit/libpolkit-result.h b/libpolkit/libpolkit-result.h index 6573f59..d4c5e3c 100644 --- a/libpolkit/libpolkit-result.h +++ b/libpolkit/libpolkit-result.h @@ -30,7 +30,7 @@ /** * PolKitResult: - * @LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE: The passed privilege is unknown. + * @LIBPOLKIT_RESULT_UNKNOWN_ACTION: The passed action is unknown. * @LIBPOLKIT_RESULT_NOT_AUTHORIZED_TO_KNOW: The caller of libpolkit is not sufficiently privilege to know the answer. * @LIBPOLKIT_RESULT_NO: Access denied. * @LIBPOLKIT_RESULT_ONLY_VIA_ROOT_AUTH: Access denied, but authentication of the caller as @@ -55,7 +55,7 @@ */ typedef enum { - LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE, + LIBPOLKIT_RESULT_UNKNOWN_ACTION, LIBPOLKIT_RESULT_NOT_AUTHORIZED_TO_KNOW, LIBPOLKIT_RESULT_NO, LIBPOLKIT_RESULT_ONLY_VIA_ROOT_AUTH, diff --git a/modules/allow-all/polkit-module-allow-all.c b/modules/allow-all/polkit-module-allow-all.c index 507868c..e2b25f3 100644 --- a/modules/allow-all/polkit-module-allow-all.c +++ b/modules/allow-all/polkit-module-allow-all.c @@ -55,7 +55,7 @@ _module_shutdown (PolKitModuleInterface *module_interface) static PolKitResult _module_can_session_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { @@ -65,7 +65,7 @@ _module_can_session_access_resource (PolKitModuleInterface *module_interface, static PolKitResult _module_can_caller_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { diff --git a/modules/default/polkit-module-default.c b/modules/default/polkit-module-default.c index 83f1e31..418c1d2 100644 --- a/modules/default/polkit-module-default.c +++ b/modules/default/polkit-module-default.c @@ -57,20 +57,20 @@ _module_shutdown (PolKitModuleInterface *module_interface) static PolKitResult _module_can_session_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { PolKitResult result; - PolKitPrivilegeCache *cache; - PolKitPrivilegeFileEntry *pfe; + PolKitPolicyCache *cache; + PolKitPolicyFileEntry *pfe; result = LIBPOLKIT_RESULT_NO; - cache = libpolkit_context_get_privilege_cache (pk_context); - pfe = libpolkit_privilege_cache_get_entry (cache, privilege); - return libpolkit_privilege_default_can_session_access_resource ( - libpolkit_privilege_file_entry_get_default (pfe), - privilege, + cache = libpolkit_context_get_policy_cache (pk_context); + pfe = libpolkit_policy_cache_get_entry (cache, action); + return libpolkit_policy_default_can_session_access_resource ( + libpolkit_policy_file_entry_get_default (pfe), + action, resource, session); } @@ -78,20 +78,20 @@ _module_can_session_access_resource (PolKitModuleInterface *module_interface, static PolKitResult _module_can_caller_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { PolKitResult result; - PolKitPrivilegeCache *cache; - PolKitPrivilegeFileEntry *pfe; + PolKitPolicyCache *cache; + PolKitPolicyFileEntry *pfe; result = LIBPOLKIT_RESULT_NO; - cache = libpolkit_context_get_privilege_cache (pk_context); - pfe = libpolkit_privilege_cache_get_entry (cache, privilege); - return libpolkit_privilege_default_can_caller_access_resource ( - libpolkit_privilege_file_entry_get_default (pfe), - privilege, + cache = libpolkit_context_get_policy_cache (pk_context); + pfe = libpolkit_policy_cache_get_entry (cache, action); + return libpolkit_policy_default_can_caller_access_resource ( + libpolkit_policy_file_entry_get_default (pfe), + action, resource, caller); } diff --git a/modules/deny-all/polkit-module-deny-all.c b/modules/deny-all/polkit-module-deny-all.c index feece30..e6206fc 100644 --- a/modules/deny-all/polkit-module-deny-all.c +++ b/modules/deny-all/polkit-module-deny-all.c @@ -55,7 +55,7 @@ _module_shutdown (PolKitModuleInterface *module_interface) static PolKitResult _module_can_session_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { @@ -65,7 +65,7 @@ _module_can_session_access_resource (PolKitModuleInterface *module_interface, static PolKitResult _module_can_caller_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { diff --git a/modules/run-program/polkit-module-run-program.c b/modules/run-program/polkit-module-run-program.c index af641c6..ae05e35 100644 --- a/modules/run-program/polkit-module-run-program.c +++ b/modules/run-program/polkit-module-run-program.c @@ -106,12 +106,12 @@ _module_shutdown (PolKitModuleInterface *module_interface) } static gboolean -_add_privilege_to_env (PolKitPrivilege *privilege, GPtrArray *envp) +_add_action_to_env (PolKitAction *action, GPtrArray *envp) { char *p_id; - if (!libpolkit_privilege_get_privilege_id (privilege, &p_id)) + if (!libpolkit_action_get_action_id (action, &p_id)) goto error; - g_ptr_array_add (envp, g_strdup_printf ("POLKIT_PRIVILEGE_ID=%s", p_id)); + g_ptr_array_add (envp, g_strdup_printf ("POLKIT_ACTION_ID=%s", p_id)); return TRUE; error: return FALSE; @@ -267,7 +267,7 @@ error: static PolKitResult _module_can_session_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitSession *session) { @@ -276,13 +276,13 @@ _module_can_session_access_resource (PolKitModuleInterface *module_interface, GPtrArray *envp; envp = NULL; - result = LIBPOLKIT_RESULT_UNKNOWN_PRIVILEGE; + result = LIBPOLKIT_RESULT_UNKNOWN_ACTION; user_data = libpolkit_module_get_user_data (module_interface); envp = g_ptr_array_new (); - if (!_add_privilege_to_env (privilege, envp)) + if (!_add_action_to_env (action, envp)) goto error; if (!_add_resource_to_env (resource, envp)) goto error; @@ -306,7 +306,7 @@ error: static PolKitResult _module_can_caller_access_resource (PolKitModuleInterface *module_interface, PolKitContext *pk_context, - PolKitPrivilege *privilege, + PolKitAction *action, PolKitResource *resource, PolKitCaller *caller) { @@ -319,7 +319,7 @@ _module_can_caller_access_resource (PolKitModuleInterface *module_interface, user_data = libpolkit_module_get_user_data (module_interface); envp = g_ptr_array_new (); - if (!_add_privilege_to_env (privilege, envp)) + if (!_add_action_to_env (action, envp)) goto error; if (!_add_resource_to_env (resource, envp)) goto error; diff --git a/privileges/Makefile.am b/policy/Makefile.am similarity index 65% rename from privileges/Makefile.am rename to policy/Makefile.am index 356ed5f..6cb4a86 100644 --- a/privileges/Makefile.am +++ b/policy/Makefile.am @@ -1,12 +1,12 @@ -polkit_privilegedir = $(sysconfdir)/PolicyKit/privileges +polkit_privilegedir = $(sysconfdir)/PolicyKit/policy dist_polkit_privilege_DATA = check: for f in $(dist_polkit_privilege_DATA); do \ echo "Validating privilege file: $$f"; \ - $(top_builddir)/tools/polkit-privilege-file-validate --file $(srcdir)/$$f; \ + $(top_builddir)/tools/polkit-policy-file-validate --file $(srcdir)/$$f; \ if [ "$$?" != "0" ]; then \ echo "failed"; \ exit 1; \ diff --git a/privileges/polkit-example-privilege.priv b/policy/polkit-example-action.policy similarity index 80% rename from privileges/polkit-example-privilege.priv rename to policy/polkit-example-action.policy index fb4032c..5204398 100644 --- a/privileges/polkit-example-privilege.priv +++ b/policy/polkit-example-action.policy @@ -2,13 +2,13 @@ # # Example privilege definitions... -[Privilege polkit-example-privilege] +[Action polkit-example-privilege] AllowRemoteInactive=no AllowRemoteActive=auth_root_keep_session AllowLocalInactive=auth_self_keep_always AllowLocalActive=yes -[Privilege polkit-example-privilege2] +[Action polkit-example-privilege2] AllowRemoteInactive=no AllowRemoteActive=auth_root_keep_session AllowLocalInactive=auth_self_keep_always diff --git a/tools/Makefile.am b/tools/Makefile.am index 0f7b6c6..cef6336 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -11,7 +11,7 @@ INCLUDES = \ @GLIB_CFLAGS@ \ @DBUS_CFLAGS@ -bin_PROGRAMS = polkit-check-caller polkit-check-session polkit-privilege-file-validate +bin_PROGRAMS = polkit-check-caller polkit-check-session polkit-policy-file-validate polkit_check_caller_SOURCES = polkit-check-caller.c polkit_check_caller_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ $(top_builddir)/libpolkit/libpolkit.la @@ -19,8 +19,8 @@ polkit_check_caller_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ $(top_builddir)/libpolkit/li polkit_check_session_SOURCES = polkit-check-session.c polkit_check_session_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ $(top_builddir)/libpolkit/libpolkit.la -polkit_privilege_file_validate_SOURCES = polkit-privilege-file-validate.c -polkit_privilege_file_validate_LDADD = @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la +polkit_policy_file_validate_SOURCES = polkit-policy-file-validate.c +polkit_policy_file_validate_LDADD = @GLIB_LIBS@ $(top_builddir)/libpolkit/libpolkit.la clean-local : rm -f *~ diff --git a/tools/polkit-check-caller.c b/tools/polkit-check-caller.c index 1c3b2ca..066ef73 100644 --- a/tools/polkit-check-caller.c +++ b/tools/polkit-check-caller.c @@ -44,13 +44,13 @@ usage (int argc, char *argv[]) "\n" "usage : polkit-check-caller\n" " --resource-type --resource-id \n" - " --privilege --caller \n" + " --action --caller \n" " [--version] [--help]\n"); fprintf (stderr, "\n" " --resource-type Type of resource\n" " --resource-id Identifier of resource\n" - " --privilege Requested privilege\n" + " --action Requested action\n" " --caller Unique name of caller on the system bus\n" " --version Show version and exit\n" " --help Show this information and exit\n" @@ -66,7 +66,7 @@ main (int argc, char *argv[]) { char *resource_type = NULL; char *resource_id = NULL; - char *privilege_id = NULL; + char *action_id = NULL; char *dbus_name = NULL; gboolean is_version = FALSE; DBusConnection *bus; @@ -74,7 +74,7 @@ main (int argc, char *argv[]) PolKitContext *pol_ctx; PolKitCaller *caller; PolKitResource *resource; - PolKitPrivilege *privilege; + PolKitAction *action; gboolean allowed; GError *g_error; @@ -90,7 +90,7 @@ main (int argc, char *argv[]) static struct option long_options[] = { {"resource-type", 1, NULL, 0}, {"resource-id", 1, NULL, 0}, - {"privilege", 1, NULL, 0}, + {"action", 1, NULL, 0}, {"caller", 1, NULL, 0}, {"version", 0, NULL, 0}, {"help", 0, NULL, 0}, @@ -115,8 +115,8 @@ main (int argc, char *argv[]) resource_type = strdup (optarg); } else if (strcmp (opt, "resource-id") == 0) { resource_id = strdup (optarg); - } else if (strcmp (opt, "privilege") == 0) { - privilege_id = strdup (optarg); + } else if (strcmp (opt, "action") == 0) { + action_id = strdup (optarg); } else if (strcmp (opt, "caller") == 0) { dbus_name = strdup (optarg); } @@ -134,7 +134,7 @@ main (int argc, char *argv[]) return 0; } - if (resource_type == NULL || resource_id == NULL || privilege_id == NULL || dbus_name == NULL) { + if (resource_type == NULL || resource_id == NULL || action_id == NULL || dbus_name == NULL) { usage (argc, argv); return 1; } @@ -154,8 +154,8 @@ main (int argc, char *argv[]) return 1; } - privilege = libpolkit_privilege_new (); - libpolkit_privilege_set_privilege_id (privilege, privilege_id); + action = libpolkit_action_new (); + libpolkit_action_set_action_id (action, action_id); resource = libpolkit_resource_new (); libpolkit_resource_set_resource_type (resource, resource_type); @@ -170,7 +170,7 @@ main (int argc, char *argv[]) } } - allowed = libpolkit_context_can_caller_access_resource (pol_ctx, privilege, resource, caller); + allowed = libpolkit_context_can_caller_access_resource (pol_ctx, action, resource, caller); if (allowed) return 0; diff --git a/tools/polkit-check-session.c b/tools/polkit-check-session.c index 7ed3a2f..2c6fe91 100644 --- a/tools/polkit-check-session.c +++ b/tools/polkit-check-session.c @@ -44,13 +44,13 @@ usage (int argc, char *argv[]) "\n" "usage : polkit-check-session\n" " --resource-type --resource-id \n" - " --privilege [--session ]\n" + " --action [--session ]\n" " [--version] [--help]\n"); fprintf (stderr, "\n" " --resource-type Type of resource\n" " --resource-id Identifier of resource\n" - " --privilege Requested privilege\n" + " --action Requested action\n" " --session ConsoleKit object path of session\n" " --version Show version and exit\n" " --help Show this information and exit\n" @@ -66,7 +66,7 @@ main (int argc, char *argv[]) { char *resource_type = NULL; char *resource_id = NULL; - char *privilege_id = NULL; + char *action_id = NULL; char *session_id = NULL; char *cookie = NULL; gboolean is_version = FALSE; @@ -75,7 +75,7 @@ main (int argc, char *argv[]) PolKitContext *pol_ctx; PolKitSession *session; PolKitResource *resource; - PolKitPrivilege *privilege; + PolKitAction *action; gboolean allowed; GError *g_error; @@ -93,7 +93,7 @@ main (int argc, char *argv[]) static struct option long_options[] = { {"resource-type", 1, NULL, 0}, {"resource-id", 1, NULL, 0}, - {"privilege", 1, NULL, 0}, + {"action", 1, NULL, 0}, {"session", 1, NULL, 0}, {"version", 0, NULL, 0}, {"help", 0, NULL, 0}, @@ -118,8 +118,8 @@ main (int argc, char *argv[]) resource_type = strdup (optarg); } else if (strcmp (opt, "resource-id") == 0) { resource_id = strdup (optarg); - } else if (strcmp (opt, "privilege") == 0) { - privilege_id = strdup (optarg); + } else if (strcmp (opt, "action") == 0) { + action_id = strdup (optarg); } else if (strcmp (opt, "session") == 0) { session_id = strdup (optarg); } @@ -137,7 +137,7 @@ main (int argc, char *argv[]) return 0; } - if (resource_type == NULL || resource_id == NULL || privilege_id == NULL) { + if (resource_type == NULL || resource_id == NULL || action_id == NULL) { usage (argc, argv); return 1; } @@ -171,14 +171,14 @@ main (int argc, char *argv[]) return 1; } - privilege = libpolkit_privilege_new (); - libpolkit_privilege_set_privilege_id (privilege, privilege_id); + action = libpolkit_action_new (); + libpolkit_action_set_action_id (action, action_id); resource = libpolkit_resource_new (); libpolkit_resource_set_resource_type (resource, resource_type); libpolkit_resource_set_resource_id (resource, resource_id); - allowed = libpolkit_context_can_session_access_resource (pol_ctx, privilege, resource, session); + allowed = libpolkit_context_can_session_access_resource (pol_ctx, action, resource, session); if (allowed) return 0; diff --git a/tools/polkit-privilege-file-validate.c b/tools/polkit-policy-file-validate.c similarity index 82% rename from tools/polkit-privilege-file-validate.c rename to tools/polkit-policy-file-validate.c index cf3b1f5..07c59d0 100644 --- a/tools/polkit-privilege-file-validate.c +++ b/tools/polkit-policy-file-validate.c @@ -1,7 +1,7 @@ /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- */ /*************************************************************************** * - * polkit-privilege-file-validate.c : validate privilege file + * polkit-policy-file-validate.c : validate policy file * * Copyright (C) 2007 David Zeuthen, * @@ -35,37 +35,37 @@ #include #include -#include +#include static void usage (int argc, char *argv[]) { fprintf (stderr, "\n" - "usage : polkit-privilege-file-validate \n" + "usage : polkit-policy-file-validate \n" " [--version] [--help]\n"); fprintf (stderr, "\n" " --version Show version and exit\n" " --help Show this information and exit\n" "\n" - "Validates one or more PolicyKit privilege file. Returns 0 if it validates.\n" + "Validates one or more PolicyKit policy file. Returns 0 if it validates.\n" "If not, the program exits with a non-zero exit code.\n"); } static gboolean validate_file (const char *file) { - PolKitPrivilegeFile *priv_file; + PolKitPolicyFile *priv_file; GError *error = NULL; - priv_file = libpolkit_privilege_file_new (file, &error); + priv_file = libpolkit_policy_file_new (file, &error); if (priv_file == NULL) { printf ("%s did not validate: %s\n", file, error->message); g_error_free (error); return FALSE; } - libpolkit_privilege_file_unref (priv_file); + libpolkit_policy_file_unref (priv_file); return TRUE; } @@ -85,7 +85,7 @@ main (int argc, char *argv[]) return 0; } if (strcmp (argv[n], "--version") == 0) { - printf ("polkit-privilege-file-validate " PACKAGE_VERSION "\n"); + printf ("polkit-policy-file-validate " PACKAGE_VERSION "\n"); return 0; } -- 2.7.4