← Back to branch summary

~ubuntu-branches/debian/sid/hal/sid

« back to all changes in this revision

Viewing changes to tools/hal-storage-mount.c

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt
  • Date: 2007-10-23 12:33:58 UTC
  • Revision ID: james.westby@ubuntu.com-20071023123358-xaf8mjc5n84d5gtz
Tags: upstream-0.5.10
ImportĀ upstreamĀ versionĀ 0.5.10

Show diffs side-by-side

added added

removed removed

Lines of Context:
tools/hal-storage-mount.c
51
51
 
52
52
#include <libhal.h>
53
53
#include <libhal-storage.h>
54
 
#ifdef HAVE_POLKIT
55
 
#include <libpolkit.h>
56
 
#endif
57
54
 
58
55
#include "hal-storage-shared.h"
59
56
 
145
142
 
146
143
#ifdef HAVE_POLKIT
147
144
static void
148
 
permission_denied_privilege (const char *privilege, const char *uid)
 
145
permission_denied_action (const char *action, const char *result)
149
146
{
150
147
        fprintf (stderr, "org.freedesktop.Hal.Device.PermissionDeniedByPolicy\n");
151
 
        fprintf (stderr, "%s refused uid %s\n", privilege, uid);
 
148
        fprintf (stderr, "%s %s <-- (action, result)\n", action, result);
152
149
        exit (1);
153
150
}
154
151
#endif
443
440
 
444
441
static void
445
442
handle_mount (LibHalContext *hal_ctx, 
446
 
#ifdef HAVE_POLKIT
447
 
              LibPolKitContext *pol_ctx, 
448
 
#endif
449
443
              const char *udi,
450
444
              LibHalVolume *volume, LibHalDrive *drive, const char *device, 
451
445
              const char *invoked_by_uid, const char *invoked_by_syscon_name)
468
462
        GString *mount_option_str;
469
463
        gboolean pol_is_fixed;
470
464
        gboolean pol_change_uid;
471
 
        char *privilege;
 
465
        char *action;
472
466
        gboolean is_remount;
473
 
#ifdef HAVE_POLKIT
474
 
        gboolean allowed_by_privilege;
475
 
        gboolean is_temporary_privilege;
476
 
#endif
477
467
        gboolean explicit_mount_point_given;
478
468
        const char *end;
479
469
#ifdef __FreeBSD__
728
718
         * (since these drives normally use vfat)
729
719
         */
730
720
        if (volume != NULL) {
731
 
                /* don't consider uid= on vfat, iso9660, udf change-uid for the purpose of policy
 
721
                /* don't consider uid= on vfat, iso9660, hfs and udf change-uid for the purpose of policy
732
722
                 * (since these doesn't contain uid/gid bits) 
733
723
                 */
734
724
                if (strcmp (libhal_volume_get_fstype (volume), "vfat") != 0 &&
735
725
                    strcmp (libhal_volume_get_fstype (volume), "iso9660") != 0 &&
 
726
                    strcmp (libhal_volume_get_fstype (volume), "hfs") != 0 &&
736
727
                    strcmp (libhal_volume_get_fstype (volume), "udf") != 0) {
737
728
                        pol_change_uid = wants_to_change_uid;
738
729
                }
739
730
        }
740
731
 
741
 
        if (pol_is_fixed) {
742
 
                if (pol_change_uid) {
743
 
                        privilege = "hal-storage-fixed-mount-all-options";
744
 
                } else {
745
 
                        privilege = "hal-storage-fixed-mount";
746
 
                }
747
 
        } else {
748
 
                if (pol_change_uid) {
749
 
                        privilege = "hal-storage-removable-mount-all-options";
750
 
                } else {
751
 
                        privilege = "hal-storage-removable-mount";
752
 
                }
753
 
        }
754
 
 
755
 
#ifdef DEBUG
756
 
        printf ("using privilege %s for uid %s, system_bus_connection %s\n", privilege, invoked_by_uid, 
757
 
                invoked_by_syscon_name);
758
 
#endif
759
 
 
760
 
#ifdef HAVE_POLKIT
761
 
        if (invoked_by_syscon_name != NULL) {
762
 
                if (libpolkit_is_uid_allowed_for_privilege (pol_ctx, 
763
 
                                                            invoked_by_syscon_name,
764
 
                                                            invoked_by_uid,
765
 
                                                            privilege,
766
 
                                                            udi,
767
 
                                                            &allowed_by_privilege,
768
 
                                                            &is_temporary_privilege,
769
 
                                                            NULL) != LIBPOLKIT_RESULT_OK) {
770
 
                        printf ("cannot lookup privilege\n");
771
 
                        unknown_error ("Cannot lookup privilege from PolicyKit");
772
 
                }
773
 
 
774
 
                if (!allowed_by_privilege) {
775
 
                        printf ("caller don't possess privilege\n");
776
 
                        permission_denied_privilege (privilege, invoked_by_uid);
777
 
                }
778
 
        }
779
 
#endif
780
 
 
781
 
#ifdef DEBUG
782
 
        printf ("passed privilege\n");
783
 
#endif
784
 
 
785
 
        if (!is_remount) {
786
 
                /* create directory */
787
 
                if (g_mkdir (mount_dir, 0700) != 0) {
788
 
                        printf ("Cannot create '%s'\n", mount_dir);
789
 
                        unknown_error ("Cannot create mount directory");
790
 
                }
791
 
                
792
 
#ifdef __FreeBSD__
793
 
                calling_uid = (uid_t) strtol (invoked_by_uid, (char **) NULL, 10);
794
 
                pw = getpwuid (calling_uid);
795
 
                if (pw != NULL) {
796
 
                        calling_gid = pw->pw_gid;
797
 
                } else {
798
 
                        calling_gid = 0;
799
 
                }
800
 
                if (chown (mount_dir, calling_uid, calling_gid) != 0) {
801
 
                        printf ("Cannot chown '%s' to uid: %d, gid: %d\n", mount_dir,
802
 
                                calling_uid, calling_gid);
803
 
                        g_rmdir (mount_dir);
804
 
                        unknown_error ("Failed to chown mount directory");
805
 
                }
806
 
#endif
807
 
        }
808
732
 
809
733
        char *mount_option_commasep = NULL;
810
734
        char *mount_do_fstype = "auto";
839
763
        args[na++] = mount_dir;
840
764
        args[na++] = NULL;
841
765
 
 
766
        if (pol_is_fixed) {
 
767
                if (pol_change_uid) {
 
768
                        action = NULL; /* "hal-storage-mount-fixed-extra-options"; TODO: rethink */
 
769
                } else {
 
770
                        action = "org.freedesktop.hal.storage.mount-fixed";
 
771
                }
 
772
        } else {
 
773
                if (pol_change_uid) {
 
774
                        action = NULL; /* "hal-storage-mount-removable-extra-options"; TODO: rethink "extra-options" */
 
775
                } else {
 
776
                        action = "org.freedesktop.hal.storage.mount-removable";
 
777
                }
 
778
        }
 
779
        if (action == NULL) {
 
780
                unknown_error ("TODO: have to rethink extra options");
 
781
        }
 
782
 
 
783
#ifdef DEBUG
 
784
        printf ("using action %s for uid %s, system_bus_connection %s\n", action, invoked_by_uid, 
 
785
                invoked_by_syscon_name);
 
786
#endif
 
787
 
 
788
#ifdef HAVE_POLKIT
 
789
        if (invoked_by_syscon_name != NULL) {
 
790
                char *polkit_result;
 
791
                char *action_params[] = {
 
792
                        "fstype", "",
 
793
                        "mount-point", "",
 
794
                        "mount-options", "",
 
795
                        NULL};
 
796
 
 
797
                action_params[1] = mount_do_fstype;
 
798
                action_params[3] = mount_dir;
 
799
                action_params[5] = mount_option_commasep;
 
800
 
 
801
                dbus_error_init (&error);
 
802
                polkit_result = libhal_device_is_caller_privileged (hal_ctx,
 
803
                                                                    udi,
 
804
                                                                    action,
 
805
                                                                    invoked_by_syscon_name,
 
806
                                                                    &error);
 
807
                if (polkit_result == NULL){
 
808
                        unknown_error ("IsCallerPrivileged() failed");
 
809
                }
 
810
                if (strcmp (polkit_result, "yes") != 0) {
 
811
                        permission_denied_action (action, polkit_result);
 
812
                }
 
813
                libhal_free_string (polkit_result);
 
814
        }
 
815
#endif
 
816
 
 
817
#ifdef DEBUG
 
818
        printf ("passed privilege\n");
 
819
#endif
 
820
 
 
821
        if (!is_remount) {
 
822
                /* create directory */
 
823
                if (g_mkdir (mount_dir, 0700) != 0) {
 
824
                        printf ("Cannot create '%s'\n", mount_dir);
 
825
                        unknown_error ("Cannot create mount directory");
 
826
                }
 
827
                
 
828
#ifdef __FreeBSD__
 
829
                calling_uid = (uid_t) strtol (invoked_by_uid, (char **) NULL, 10);
 
830
                pw = getpwuid (calling_uid);
 
831
                if (pw != NULL) {
 
832
                        calling_gid = pw->pw_gid;
 
833
                } else {
 
834
                        calling_gid = 0;
 
835
                }
 
836
                if (chown (mount_dir, calling_uid, calling_gid) != 0) {
 
837
                        printf ("Cannot chown '%s' to uid: %d, gid: %d\n", mount_dir,
 
838
                                calling_uid, calling_gid);
 
839
                        g_rmdir (mount_dir);
 
840
                        unknown_error ("Failed to chown mount directory");
 
841
                }
 
842
#endif
 
843
        }
 
844
 
 
845
 
842
846
        /* TODO FIXME XXX HACK: OK, so we should rewrite the options in /media/.hal-mtab .. 
843
847
         *                      but it doesn't really matter much at this point */
844
848
        if (!is_remount) {
994
998
        DBusError error;
995
999
        LibHalContext *hal_ctx = NULL;
996
1000
        DBusConnection *system_bus = NULL;
997
 
#ifdef HAVE_POLKIT
998
 
        LibPolKitContext *pol_ctx = NULL;
999
 
#endif
1000
1001
        char *invoked_by_uid;
1001
1002
        char *invoked_by_syscon_name;
1002
1003
 
1034
1035
                }
1035
1036
                usage ();
1036
1037
        }
1037
 
#ifdef HAVE_POLKIT
1038
 
        pol_ctx = libpolkit_new_context (system_bus);
1039
 
        if (pol_ctx == NULL) {
1040
 
                printf ("Cannot get libpolkit context\n");
1041
 
                unknown_error ("Cannot get libpolkit context");
1042
 
        }
1043
 
#endif
1044
1038
 
1045
1039
        volume = libhal_volume_from_udi (hal_ctx, udi);
1046
1040
        if (volume == NULL) {
1051
1045
                        usage ();
1052
1046
                } else {
1053
1047
                        handle_mount (hal_ctx, 
1054
 
#ifdef HAVE_POLKIT
1055
 
                                      pol_ctx, 
1056
 
#endif
1057
1048
                                      udi, NULL, drive, device, invoked_by_uid, 
1058
1049
                                      invoked_by_syscon_name);
1059
1050
                }
1071
1062
                        unknown_error ("Cannot get drive from hal");
1072
1063
                
1073
1064
                handle_mount (hal_ctx, 
1074
 
#ifdef HAVE_POLKIT
1075
 
                              pol_ctx, 
1076
 
#endif
1077
1065
                              udi, volume, drive, device, invoked_by_uid, 
1078
1066
                              invoked_by_syscon_name);
1079
1067