]> git.pld-linux.org Git - packages/gdm.git/blob - gdm-polkit.patch
projects / packages / gdm.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
systemd unit
[packages/gdm.git] / gdm-polkit.patch
1 From 09153c6825e5b5157fba7600cefabb762d887891 Mon Sep 17 00:00:00 2001
2 From: Robert Ancell <robert.ancell@ubuntu.com>
3 Date: Thu, 6 Aug 2009 15:57:15 +0100
4 Subject: [PATCH 1/2] Add PolicyKit support to GDM settings D-Bus interface
5 Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/395299
6 Upstream: http://bugzilla.gnome.org/show_bug.cgi?id=587750
7
8 --- gdm-3.1.90/data/Makefile.am.wiget   2011-08-31 02:04:37.000000000 +0200
9 +++ gdm-3.1.90/data/Makefile.am 2011-09-05 21:46:13.070224232 +0200
10 @@ -45,6 +45,8 @@ schemasdir = $(pkgdatadir)
11  schemas_in_files = gdm.schemas.in
12  schemas_DATA = $(schemas_in_files:.schemas.in=.schemas)
13  
14 +@INTLTOOL_POLICY_RULE@
15 +
16  gdm.schemas.in: $(srcdir)/gdm.schemas.in.in
17         sed     -e 's,[@]GDMPREFETCHCMD[@],$(GDMPREFETCHCMD),g' \
18                 -e 's,[@]GDM_CUSTOM_CONF[@],$(GDM_CUSTOM_CONF),g' \
19 @@ -84,11 +86,18 @@ localealias_DATA = locale.alias
20  sessiondir = $(datadir)/gnome-session/sessions
21  session_DATA = gdm-fallback.session gdm-shell.session
22  
23 +polkitdir = $(datadir)/polkit-1/actions
24 +polkit_in_files = gdm.policy.in
25 +polkit_DATA = $(polkit_in_files:.policy.in=.policy)
26 +check:
27 +       $(POLKIT_POLICY_FILE_VALIDATE) $(polkit_DATA)
28 +
29  EXTRA_DIST =                   \
30         $(schemas_in_files)     \
31         $(schemas_DATA)         \
32         $(dbusconf_in_files)    \
33         $(localealias_DATA)     \
34 +       $(polkit_in_files)      \
35         gdm.schemas.in.in       \
36         gdm.conf-custom.in      \
37         Xsession.in             \
38 @@ -118,6 +127,7 @@ CLEANFILES =                                \
39  
40  DISTCLEANFILES =                       \
41         $(dbusconf_DATA)                \
42 +       $(polkit_DATA)                  \
43         gdm-shell.session               \
44         gdm.schemas                     \
45         dconf-override-db               \
46 --- gdm-3.1.90/data/gdm.conf.in.wiget   2011-08-09 22:08:42.000000000 +0200
47 +++ gdm-3.1.90/data/gdm.conf.in 2011-09-05 21:44:39.831640332 +0200
48 @@ -34,8 +34,6 @@
49      <deny send_destination="org.gnome.DisplayManager"
50            send_interface="org.gnome.DisplayManager.LocalDisplayFactory"/>
51      <deny send_destination="org.gnome.DisplayManager"
52 -          send_interface="org.gnome.DisplayManager.Settings"/>
53 -    <deny send_destination="org.gnome.DisplayManager"
54            send_interface="org.gnome.DisplayManager.Slave"/>
55      <deny send_destination="org.gnome.DisplayManager"
56            send_interface="org.gnome.DisplayManager.Session"/>
57 @@ -44,6 +42,10 @@
58      <allow send_destination="org.gnome.DisplayManager"
59             send_interface="org.freedesktop.DBus.Introspectable"/>
60  
61 +    <!-- Controlled by PolicyKit -->
62 +    <allow send_destination="org.gnome.DisplayManager"
63 +           send_interface="org.gnome.DisplayManager.Settings"/>
64 +
65      <allow send_destination="org.gnome.DisplayManager"
66             send_interface="org.gnome.DisplayManager.Display"
67             send_member="GetId"/>
68 --- gdm-3.1.90/data/gdm.policy.in.wiget 2011-09-05 21:44:39.831640332 +0200
69 +++ gdm-3.1.90/data/gdm.policy.in       2011-09-05 21:44:39.831640332 +0200
70 @@ -0,0 +1,18 @@
71 +<?xml version="1.0" encoding="UTF-8"?>
72 +<!DOCTYPE policyconfig PUBLIC
73 + "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
74 + "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
75 +<policyconfig>
76 +  <vendor>The GNOME Project</vendor>
77 +  <vendor_url>http://www.gnome.org/</vendor_url>
78 +  <icon_name>gdm</icon_name>
79 +
80 +  <action id="org.gnome.displaymanager.settings.write">
81 +    <description>Change login screen configuration</description>
82 +    <message>Privileges are required to change the login screen configuration.</message>
83 +    <defaults>
84 +      <allow_inactive>no</allow_inactive>
85 +      <allow_active>auth_admin_keep</allow_active>
86 +    </defaults>
87 +  </action>
88 +</policyconfig>
89 --- gdm-3.1.90/common/Makefile.am.wiget 2011-08-09 22:08:42.000000000 +0200
90 +++ gdm-3.1.90/common/Makefile.am       2011-09-05 21:44:39.831640332 +0200
91 @@ -99,6 +99,7 @@ libgdmcommon_la_CFLAGS =              \
92         $(NULL)
93  
94  libgdmcommon_la_LIBADD =               \
95 +       $(COMMON_LIBS)                  \
96         $(NULL)
97  
98  libgdmcommon_la_LDFLAGS =      \
99 --- gdm-3.1.90/common/gdm-settings.c.wiget      2011-08-09 22:08:42.000000000 +0200
100 +++ gdm-3.1.90/common/gdm-settings.c    2011-09-05 21:44:39.831640332 +0200
101 @@ -36,6 +36,7 @@
102  #define DBUS_API_SUBJECT_TO_CHANGE
103  #include <dbus/dbus-glib.h>
104  #include <dbus/dbus-glib-lowlevel.h>
105 +#include <polkit/polkit.h>
106  
107  #include "gdm-settings.h"
108  #include "gdm-settings-glue.h"
109 @@ -108,6 +109,90 @@ gdm_settings_get_value (GdmSettings *set
110          return res;
111  }
112  
113 +static void
114 +unlock_auth_cb (PolkitAuthority *authority,
115 +                GAsyncResult *result,
116 +                DBusGMethodInvocation *context)
117 +{
118 +        PolkitAuthorizationResult *auth_result;
119 +        GError  *error = NULL;
120 +
121 +        auth_result = polkit_authority_check_authorization_finish (authority, result, &error);
122 +
123 +        if (!auth_result)
124 +                dbus_g_method_return_error (context, error);
125 +        else {
126 +                dbus_g_method_return (context,
127 +                                      polkit_authorization_result_get_is_authorized (auth_result));
128 +        }
129 +    
130 +        if (auth_result)
131 +                g_object_unref (auth_result);
132 +        if (error)
133 +                g_error_free (error);
134 +}
135 +
136 +gboolean
137 +gdm_settings_unlock (GdmSettings *settings,
138 +                     DBusGMethodInvocation *context)
139 +{
140 +        polkit_authority_check_authorization (polkit_authority_get (),
141 +                                              polkit_system_bus_name_new (dbus_g_method_get_sender (context)),
142 +                                              "org.gnome.displaymanager.settings.write",
143 +                                              NULL,
144 +                                              POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
145 +                                              NULL,
146 +                                              (GAsyncReadyCallback) unlock_auth_cb,
147 +                                              context);
148 +}
149 +
150 +typedef struct
151 +{
152 +        GdmSettings *settings;
153 +        DBusGMethodInvocation *context;
154 +        gchar *key, *value;
155 +} SetValueData;
156 +
157 +static void
158 +set_value_auth_cb (PolkitAuthority *authority,
159 +                   GAsyncResult *result,
160 +                   SetValueData *data)
161 +{
162 +        PolkitAuthorizationResult *auth_result;
163 +        GError  *error = NULL;
164 +
165 +        auth_result = polkit_authority_check_authorization_finish (authority, result, &error);
166 +
167 +        if (!auth_result)
168 +                dbus_g_method_return_error (data->context, error);
169 +        else {
170 +                if (polkit_authorization_result_get_is_authorized (auth_result)) {
171 +                        gboolean result;
172 +                    
173 +                        result = gdm_settings_backend_set_value (data->settings->priv->backend,
174 +                                                                 data->key,
175 +                                                                 data->value,
176 +                                                                 &error);
177 +                        if (result)
178 +                                dbus_g_method_return (data->context);
179 +                        else
180 +                                dbus_g_method_return_error (data->context, error);
181 +                }
182 +                else {
183 +                        error = g_error_new (DBUS_GERROR_REMOTE_EXCEPTION, 0, "Not authorized");
184 +                        dbus_g_method_return_error (data->context, error);
185 +                }
186 +        }
187 +    
188 +        if (auth_result)
189 +                g_object_unref (auth_result);
190 +        if (error)
191 +                g_error_free (error);
192 +        g_free (data->key);
193 +        g_free (data->value);
194 +        g_free (data);
195 +}
196 +
197  /*
198  dbus-send --system --print-reply --dest=org.gnome.DisplayManager /org/gnome/DisplayManager/Settings org.gnome.DisplayManager.Settings.SetValue string:"xdmcp/Enable" string:"false"
199  */
200 @@ -116,26 +201,30 @@ gboolean
201  gdm_settings_set_value (GdmSettings *settings,
202                          const char  *key,
203                          const char  *value,
204 -                        GError     **error)
205 +                        DBusGMethodInvocation *context)
206  {
207 -        GError  *local_error;
208 -        gboolean res;
209 -
210 +        SetValueData *data;
211 +    
212          g_return_val_if_fail (GDM_IS_SETTINGS (settings), FALSE);
213          g_return_val_if_fail (key != NULL, FALSE);
214  
215          g_debug ("Setting value %s", key);
216 -
217 -        local_error = NULL;
218 -        res = gdm_settings_backend_set_value (settings->priv->backend,
219 -                                              key,
220 -                                              value,
221 -                                              &local_error);
222 -        if (! res) {
223 -                g_propagate_error (error, local_error);
224 -        }
225 -
226 -        return res;
227 +    
228 +        /* Authorize with PolicyKit */
229 +        data = g_malloc (sizeof(SetValueData));
230 +        data->settings = settings;
231 +        data->context = context;
232 +        data->key = g_strdup(key);
233 +        data->value = g_strdup(value);    
234 +        polkit_authority_check_authorization (polkit_authority_get (),
235 +                                              polkit_system_bus_name_new (dbus_g_method_get_sender (context)),
236 +                                              "org.gnome.displaymanager.settings.write",
237 +                                              NULL,
238 +                                              POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
239 +                                              NULL,
240 +                                              (GAsyncReadyCallback) set_value_auth_cb,
241 +                                              data);
242 +        return TRUE;
243  }
244  
245  static gboolean
246 --- gdm-3.1.90/common/gdm-settings.xml.wiget    2011-04-25 17:55:04.000000000 +0200
247 +++ gdm-3.1.90/common/gdm-settings.xml  2011-09-05 21:44:39.831640332 +0200
248 @@ -5,7 +5,12 @@
249        <arg name="key" direction="in" type="s"/>
250        <arg name="value" direction="out" type="s"/>
251      </method>
252 +    <method name="Unlock">
253 +      <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
254 +      <arg name="is_unlocked" direction="out" type="b"/>
255 +    </method>
256      <method name="SetValue">
257 +      <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
258        <arg name="key" direction="in" type="s"/>
259        <arg name="value" direction="in" type="s"/>
260      </method>
261 --- gdm-3.1.90/common/gdm-settings.h.wiget      2011-04-25 17:55:04.000000000 +0200
262 +++ gdm-3.1.90/common/gdm-settings.h    2011-09-05 21:44:39.831640332 +0200
263 @@ -23,6 +23,7 @@
264  #define __GDM_SETTINGS_H
265  
266  #include <glib-object.h>
267 +#include <dbus/dbus-glib.h>
268  
269  G_BEGIN_DECLS
270  
271 @@ -70,10 +71,12 @@ gboolean            gdm_settings_get_val
272                                                                   const char  *key,
273                                                                   char       **value,
274                                                                   GError     **error);
275 +gboolean            gdm_settings_unlock                         (GdmSettings *settings,
276 +                                                                 DBusGMethodInvocation *context);
277  gboolean            gdm_settings_set_value                      (GdmSettings *settings,
278                                                                   const char  *key,
279                                                                   const char  *value,
280 -                                                                 GError     **error);
281 +                                                                 DBusGMethodInvocation *context);
282  
283  G_END_DECLS
284  
285 --- gdm-3.1.90/configure.ac.wiget       2011-08-30 20:24:43.000000000 +0200
286 +++ gdm-3.1.90/configure.ac     2011-09-05 21:45:16.999745584 +0200
287 @@ -56,6 +56,7 @@ dnl - Dependencies
288  dnl ---------------------------------------------------------------------------
289  
290  DBUS_GLIB_REQUIRED_VERSION=0.74
291 +POLKIT_GOBJECT_REQUIRED_VERSION=0.92
292  GLIB_REQUIRED_VERSION=2.29.3
293  GTK_REQUIRED_VERSION=2.91.1
294  PANGO_REQUIRED_VERSION=1.3.0
295 @@ -78,6 +79,7 @@ AC_SUBST(GTHREAD_LIBS)
296  
297  PKG_CHECK_MODULES(COMMON,
298          dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
299 +        polkit-gobject-1 >= $POLKIT_GOBJECT_REQUIRED_VERSION
300          gobject-2.0 >= $GLIB_REQUIRED_VERSION
301          gio-2.0 >= $GLIB_REQUIRED_VERSION
302  )
303 @@ -86,6 +88,7 @@ AC_SUBST(COMMON_LIBS)
304  
305  PKG_CHECK_MODULES(DAEMON,
306          dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
307 +        polkit-gobject-1 >= $POLKIT_GOBJECT_REQUIRED_VERSION
308          gobject-2.0 >= $GLIB_REQUIRED_VERSION
309          gio-2.0 >= $GLIB_REQUIRED_VERSION
310          accountsservice >= $ACCOUNTS_SERVICE_REQUIRED_VERSION
GNOME Display Manager
This page took 0.068698 seconds and 3 git commands to generate.