262
permission_denied_privilege (const char *privilege, const char *uid)
262
permission_denied_privilege (const char *privilege, const char *result)
264
264
fprintf (stderr, "org.freedesktop.Hal.Device.PermissionDeniedByPolicy\n");
265
fprintf (stderr, "%s refused uid %s\n", privilege, uid);
265
fprintf (stderr, "%s %s <-- (privilege, result)\n", privilege, result);
278
278
handle_unmount (LibHalContext *hal_ctx,
280
LibPolKitContext *pol_ctx,
283
280
LibHalVolume *volume, LibHalDrive *drive, const char *device,
284
281
const char *invoked_by_uid, const char *invoked_by_syscon_name,
410
407
not_mounted_by_hal ("Device to unmount is not in /media/.hal-mtab so it is not mounted by HAL");
413
/* bail out, unless if we got the "hal-storage-can-unmount-volumes-mounted-by-others" privilege only
414
* if mounted_by_other_uid==TRUE
410
/* NOTE: it doesn't make sense to require a privilege a'la
411
* "hal-storage-unmount" because we only allow user to unmount
412
* volumes mounted by himself in the first place... and it
413
* would be odd to allow Mount() but disallow Unmount()...
416
/* if mounted_by_other_uid==TRUE: bail out, unless if we got the
417
* "hal-storage-unmount-volumes-mounted-by-others"
416
419
* We allow uid 0 to actually ensure that Unmount(options=["lazy"], "/dev/blah") works from addon-storage.
418
421
if ((strcmp (invoked_by_uid, "0") != 0) && mounted_by_other_uid) {
419
/* TODO: actually check for privilege "hal-storage-can-unmount-volumes-mounted-by-others" */
420
permission_denied_privilege ("hal-storage-can-unmount-volumes-mounted-by-others", invoked_by_uid);
422
const char *action = "org.freedesktop.hal.storage.unmount-others";
424
if (invoked_by_syscon_name != NULL) {
426
dbus_error_init (&error);
427
polkit_result = libhal_device_is_caller_privileged (hal_ctx,
430
invoked_by_syscon_name,
432
if (polkit_result == NULL){
433
unknown_error ("IsCallerPrivileged() failed");
435
if (strcmp (polkit_result, "yes") != 0) {
436
permission_denied_privilege (action, polkit_result);
438
libhal_free_string (polkit_result);
441
permission_denied_privilege (action, "no");
423
445
/* create new .hal-mtab~ file without the entry we're going to unmount */
514
536
handle_eject (LibHalContext *hal_ctx,
516
LibPolKitContext *pol_ctx,
519
538
LibHalDrive *drive, const char *device,
520
539
const char *invoked_by_uid, const char *invoked_by_syscon_name,
574
/* TODO: should we require privileges here? */
597
if (invoked_by_syscon_name != NULL) {
599
const char *action = "org.freedesktop.hal.storage.eject";
600
dbus_error_init (&error);
601
polkit_result = libhal_device_is_caller_privileged (hal_ctx,
604
invoked_by_syscon_name,
606
if (polkit_result == NULL){
607
unknown_error ("IsCallerPrivileged() failed");
609
if (strcmp (polkit_result, "yes") != 0) {
610
permission_denied_privilege (action, polkit_result);
612
libhal_free_string (polkit_result);
577
617
printf ("device = %s\n", device);