← Back to branch summary

~ubuntu-branches/debian/sid/hal/sid

« back to all changes in this revision

Viewing changes to tools/hal-storage-shared.c

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt
  • Date: 2007-10-23 12:33:58 UTC
  • Revision ID: james.westby@ubuntu.com-20071023123358-xaf8mjc5n84d5gtz
Tags: upstream-0.5.10
ImportĀ upstreamĀ versionĀ 0.5.10

Show diffs side-by-side

added added

removed removed

Lines of Context:
tools/hal-storage-shared.c
259
259
}
260
260
 
261
261
static void
262
 
permission_denied_privilege (const char *privilege, const char *uid)
 
262
permission_denied_privilege (const char *privilege, const char *result)
263
263
{
264
264
        fprintf (stderr, "org.freedesktop.Hal.Device.PermissionDeniedByPolicy\n");
265
 
        fprintf (stderr, "%s refused uid %s\n", privilege, uid);
 
265
        fprintf (stderr, "%s %s <-- (privilege, result)\n", privilege, result);
266
266
        exit (1);
267
267
}
268
268
 
276
276
 
277
277
void
278
278
handle_unmount (LibHalContext *hal_ctx, 
279
 
#ifdef HAVE_POLKIT
280
 
                LibPolKitContext *pol_ctx, 
281
 
#endif
282
279
                const char *udi,
283
280
                LibHalVolume *volume, LibHalDrive *drive, const char *device, 
284
281
                const char *invoked_by_uid, const char *invoked_by_syscon_name,
410
407
                not_mounted_by_hal ("Device to unmount is not in /media/.hal-mtab so it is not mounted by HAL");
411
408
        }
412
409
 
413
 
        /* bail out, unless if we got the "hal-storage-can-unmount-volumes-mounted-by-others" privilege only
414
 
         * if mounted_by_other_uid==TRUE 
 
410
        /* NOTE: it doesn't make sense to require a privilege a'la
 
411
         * "hal-storage-unmount" because we only allow user to unmount
 
412
         * volumes mounted by himself in the first place... and it
 
413
         * would be odd to allow Mount() but disallow Unmount()...
 
414
         */
 
415
 
 
416
        /* if mounted_by_other_uid==TRUE: bail out, unless if we got the 
 
417
         *                                "hal-storage-unmount-volumes-mounted-by-others"
415
418
         *
416
419
         * We allow uid 0 to actually ensure that Unmount(options=["lazy"], "/dev/blah") works from addon-storage.
417
420
         */
418
421
        if ((strcmp (invoked_by_uid, "0") != 0) && mounted_by_other_uid) {
419
 
                /* TODO: actually check for privilege "hal-storage-can-unmount-volumes-mounted-by-others" */
420
 
                permission_denied_privilege ("hal-storage-can-unmount-volumes-mounted-by-others", invoked_by_uid);
 
422
                const char *action = "org.freedesktop.hal.storage.unmount-others";
 
423
#ifdef HAVE_POLKIT
 
424
                if (invoked_by_syscon_name != NULL) {
 
425
                        char *polkit_result;
 
426
                        dbus_error_init (&error);
 
427
                        polkit_result = libhal_device_is_caller_privileged (hal_ctx,
 
428
                                                                            udi,
 
429
                                                                            action,
 
430
                                                                            invoked_by_syscon_name,
 
431
                                                                            &error);
 
432
                        if (polkit_result == NULL){
 
433
                                unknown_error ("IsCallerPrivileged() failed");
 
434
                        }
 
435
                        if (strcmp (polkit_result, "yes") != 0) {
 
436
                                permission_denied_privilege (action, polkit_result);
 
437
                        }
 
438
                        libhal_free_string (polkit_result);
 
439
                }
 
440
#else
 
441
                permission_denied_privilege (action, "no");
 
442
#endif
421
443
        }
422
444
 
423
445
        /* create new .hal-mtab~ file without the entry we're going to unmount */
512
534
 
513
535
void
514
536
handle_eject (LibHalContext *hal_ctx, 
515
 
#ifdef HAVE_POLKIT
516
 
              LibPolKitContext *pol_ctx, 
517
 
#endif
518
537
              const char *udi,
519
538
              LibHalDrive *drive, const char *device, 
520
539
              const char *invoked_by_uid, const char *invoked_by_syscon_name,
528
547
        int na;
529
548
        int fd;
530
549
        int num_excl_tries;
 
550
#ifdef HAVE_POLKIT
 
551
        DBusError error;
 
552
#endif
531
553
 
532
554
        /* When called here all the file systems from this device is
533
555
         * already unmounted. That's actually guaranteed; see
571
593
        }
572
594
        close (fd);
573
595
 
574
 
        /* TODO: should we require privileges here? */
 
596
#ifdef HAVE_POLKIT
 
597
        if (invoked_by_syscon_name != NULL) {
 
598
                char *polkit_result;
 
599
                const char *action = "org.freedesktop.hal.storage.eject";
 
600
                dbus_error_init (&error);
 
601
                polkit_result = libhal_device_is_caller_privileged (hal_ctx,
 
602
                                                                    udi,
 
603
                                                                    action,
 
604
                                                                    invoked_by_syscon_name,
 
605
                                                                    &error);
 
606
                if (polkit_result == NULL){
 
607
                        unknown_error ("IsCallerPrivileged() failed");
 
608
                }
 
609
                if (strcmp (polkit_result, "yes") != 0) {
 
610
                        permission_denied_privilege (action, polkit_result);
 
611
                }
 
612
                libhal_free_string (polkit_result);
 
613
        }
 
614
#endif
575
615
 
576
616
#ifdef DEBUG
577
617
        printf ("device                           = %s\n", device);