← Back to branch summary

~ubuntu-branches/debian/squeeze/aptdaemon/squeeze

« back to all changes in this revision

Viewing changes to aptdaemon/policykit1.py

  • Committer: Bazaar Package Importer
  • Author(s): Julian Andres Klode
  • Date: 2010-06-06 14:30:27 UTC
  • mfrom: (1.1.18 upstream) (18.1.12 maverick)
  • Revision ID: james.westby@ubuntu.com-20100606143027-tyttr56a1y7lk2h6
Tags: 0.31+bzr413-1
* Merge with Ubuntu, remaining differences:
  - debian/copyright uses DEP-5 format.
  - debian/source/format: Set to "3.0 (quilt)".
  - debian/rules: Use debhelper 7 instead of quilt
  - debian/watch: Added watch file.
  - debian/control: Reindent, Vcs, Maintainer changes.
* debian/patches/03_auth_me_less.patch: Change patch level to 1.

Show diffs side-by-side

added added

removed removed

Lines of Context:
aptdaemon/policykit1.py
19
19
 
20
20
__author__  = "Sebastian Heinlein <devel@glatzor.de>"
21
21
 
 
22
__all__ = ("check_authorization_by_name", "check_authorization_by_pid",
 
23
           "get_pid_from_dbus_name", "get_uid_from_dbus_name",
 
24
           "CHECK_AUTH_ALLOW_USER_INTERACTION", "CHECK_AUTH_NONE",
 
25
           "PK_ACTION_ADD_VENDOR_KEY", "PK_ACTION_CANCEL_FOREIGN",
 
26
           "PK_ACTION_CHANGE_REPOSITORY", "PK_ACTION_FIX",
 
27
           "PK_ACTION_GET_TRUSTED_VENDOR_KEYS",
 
28
           "PK_ACTION_INSTALL_FILE", "PK_ACTION_INSTALL_PACKAGES",
 
29
           "PK_ACTION_REMOVE_PACKAGES", "PK_ACTION_REMOVE_VENDOR_KEY",
 
30
           "PK_ACTION_UPDATE_CACHE", "PK_ACTION_UPGRADE_PACKAGES",
 
31
           "PK_ACTION_UPGRADE_SYSTEM")
 
32
 
22
33
import os
23
34
 
24
35
import dbus
25
36
 
26
 
from defer import Deferred, defer
 
37
from defer import Deferred, defer, inline_callbacks, return_value
 
38
from errors import NotAuthorizedError
27
39
 
28
40
PK_ACTION_REMOVE_PACKAGES = "org.debian.apt.remove-packages"
29
41
PK_ACTION_INSTALL_PACKAGES = "org.debian.apt.install-packages"
42
54
CHECK_AUTH_ALLOW_USER_INTERACTION = 1
43
55
 
44
56
 
45
 
class NotAuthorizedError(dbus.DBusException):
46
 
 
47
 
    def __init__(self, subject, action_id):
48
 
        message = "%s is not authorized: %s" % (subject, action_id)
49
 
        dbus.DBusException.__init__(self, message,
50
 
                                    name="org.freedesktop.PolicyKit.Error."
51
 
                                         "NotAuthorized")
52
 
        self.action_id = action_id
53
 
        self.subject = subject
54
 
 
55
 
def check_authorization_by_name(dbus_name, action_id, timeout=300, bus=None):
 
57
def check_authorization_by_name(dbus_name, action_id, timeout=300, bus=None,
 
58
                                flags=None):
56
59
    """Check if the given sender is authorized for the specified action.
57
60
 
58
61
    If the sender is not authorized raise NotAuthorizedError.
62
65
    action_id -- the PolicyKit policy name of the action
63
66
    timeout -- time in seconds for the user to authenticate
64
67
    bus -- the D-Bus connection (defaults to the system bus)
 
68
    flags -- optional flags to control the authentication process
65
69
    """
66
70
    subject = ("system-bus-name", {"name": dbus_name})
67
 
    return _check_authorization(subject, action_id, timeout, bus)
 
71
    return _check_authorization(subject, action_id, timeout, bus, flags)
68
72
 
69
 
def check_authorization_by_pid(pid, action_id, timeout=300, bus=None):
 
73
def check_authorization_by_pid(pid, action_id, timeout=300, bus=None,
 
74
                               flags=None):
70
75
    """Check if the given process is authorized for the specified action.
71
76
 
72
77
    If the sender is not authorized raise NotAuthorizedError.
76
81
    action_id -- the PolicyKit policy name of the action
77
82
    timeout -- time in seconds for the user to authenticate
78
83
    bus -- the D-Bus connection (defaults to the system bus)
 
84
    flags -- optional flags to control the authentication process
79
85
    """
80
86
    subject = ("unix-process", {"pid": pid})
81
87
    return _check_authorization(subject, action_id, timeout, bus)
82
88
 
83
 
def _check_authorization(subject, action_id, timeout, bus):
 
89
def _check_authorization(subject, action_id, timeout, bus, flags=None):
84
90
    def policykit_done((authorized, challenged, auth_details)):
85
91
        if authorized:
86
92
            deferred.callback(auth_details)
88
94
            deferred.errback(NotAuthorizedError(subject, action_id))
89
95
    if not bus:
90
96
        bus = dbus.SystemBus()
 
97
    # Set the default flags
 
98
    if flags is None:
 
99
        flags = CHECK_AUTH_ALLOW_USER_INTERACTION
91
100
    deferred = Deferred()
92
101
    pk = bus.get_object("org.freedesktop.PolicyKit1",
93
102
                        "/org/freedesktop/PolicyKit1/Authority")
94
103
    details = {}
95
 
    pk.CheckAuthorization(subject, action_id, details,
96
 
                          CHECK_AUTH_ALLOW_USER_INTERACTION, "",
 
104
    pk.CheckAuthorization(subject, action_id, details, flags, "",
97
105
                          dbus_interface="org.freedesktop.PolicyKit1.Authority",
98
106
                          timeout=timeout,
99
107
                          reply_handler=policykit_done,
115
123
                                       error_handler=deferred.errback)
116
124
    return deferred
117
125
 
 
126
@inline_callbacks
118
127
def get_uid_from_dbus_name(dbus_name, bus=None):
119
128
    """Return a deferred that gets the uid of the user owning the given
120
129
    system D-Bus name.
121
130
    """
122
131
    if not bus:
123
132
        bus = dbus.SystemBus()
124
 
    deferred = get_pid_from_dbus_name(dbus_name)
125
 
    deferred.add_callback(_get_uid_from_pid)
126
 
    return deferred
127
 
 
128
 
def _get_uid_from_pid(pid):
129
 
    """Return the uid of the process."""
 
133
    pid = yield get_pid_from_dbus_name(dbus_name)
130
134
    proc = open("/proc/%s/status" % pid)
131
135
    values = [v for v in proc.readlines() if v.startswith("Uid:")]
132
136
    proc.close()
133
137
    uid = int(values[0].split()[1])
134
 
    return uid
 
138
    return_value(uid)
135
139
 
136
140
 
137
141
# vim:ts=4:sw=4:et