52
53
static GList *get_users_in_group (PolkitIdentity *group,
53
54
gboolean include_root);
56
static GList *get_users_in_net_group (PolkitIdentity *group,
57
gboolean include_root);
55
59
static GList *get_groups_for_user (PolkitIdentity *user);
57
61
/* ---------------------------------------------------------------------------------------------------- */
61
66
PolkitBackendConfigSource *config_source;
68
gchar **authorization_store_paths;
63
69
GList *authorization_stores;
65
GFileMonitor *sysconf_dir_monitor;
66
GFileMonitor *localstate_dir_monitor;
70
GList *authorization_store_monitors;
68
72
} PolkitBackendLocalAuthorityPrivate;
70
74
/* ---------------------------------------------------------------------------------------------------- */
80
// Path overrides used for unit testing
82
PROP_AUTH_STORE_PATHS,
85
/* ---------------------------------------------------------------------------------------------------- */
72
87
static GList *polkit_backend_local_authority_get_admin_auth_identities (PolkitBackendInteractiveAuthority *authority,
73
88
PolkitSubject *caller,
74
89
PolkitSubject *subject,
189
toplevel_path = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1/localauthority";
191
toplevel_path = PACKAGE_SYSCONF_DIR "/polkit-1/localauthority";
205
toplevel_path = priv->authorization_store_paths[n];
193
206
toplevel_directory = g_file_new_for_path (toplevel_path);
194
207
directory_enumerator = g_file_enumerate_children (toplevel_directory,
195
208
"standard::name,standard::type",
276
289
polkit_backend_local_authority_init (PolkitBackendLocalAuthority *authority)
278
291
PolkitBackendLocalAuthorityPrivate *priv;
293
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
295
priv->config_path = NULL;
296
priv->authorization_store_paths = NULL;
300
polkit_backend_local_authority_constructed (GObject *object)
302
PolkitBackendLocalAuthority *authority;
303
PolkitBackendLocalAuthorityPrivate *priv;
279
304
GFile *config_directory;
307
authority = POLKIT_BACKEND_LOCAL_AUTHORITY (object);
282
308
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (authority);
284
config_directory = g_file_new_for_path (PACKAGE_SYSCONF_DIR "/polkit-1/localauthority.conf.d");
310
g_debug ("Using config directory `%s'", priv->config_path);
311
config_directory = g_file_new_for_path (priv->config_path);
285
312
priv->config_source = polkit_backend_config_source_new (config_directory);
286
313
g_object_unref (config_directory);
288
315
add_all_authorization_stores (authority);
290
317
/* Monitor the toplevels */
291
for (n = 0; n < 2; n++)
318
priv->authorization_store_monitors = NULL;
319
for (n = 0; priv->authorization_store_paths && priv->authorization_store_paths[n]; n++)
293
321
const gchar *toplevel_path;
294
322
GFile *toplevel_directory;
295
323
GFileMonitor *monitor;
299
toplevel_path = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1/localauthority";
301
toplevel_path = PACKAGE_SYSCONF_DIR "/polkit-1/localauthority";
326
toplevel_path = priv->authorization_store_paths[n];
303
327
toplevel_directory = g_file_new_for_path (toplevel_path);
322
346
G_CALLBACK (on_toplevel_authority_store_monitor_changed),
326
priv->sysconf_dir_monitor = monitor;
328
priv->localstate_dir_monitor = monitor;
349
priv->authorization_store_monitors = g_list_append (priv->authorization_store_monitors, monitor);
330
351
g_object_unref (toplevel_directory);
354
G_OBJECT_CLASS (polkit_backend_local_authority_parent_class)->constructed (object);
343
366
purge_all_authorization_stores (local_authority);
345
if (priv->sysconf_dir_monitor != NULL)
346
g_object_unref (priv->sysconf_dir_monitor);
347
if (priv->localstate_dir_monitor != NULL)
348
g_object_unref (priv->localstate_dir_monitor);
368
g_list_free_full (priv->authorization_store_monitors, g_object_unref);
350
370
if (priv->config_source != NULL)
351
371
g_object_unref (priv->config_source);
373
g_free (priv->config_path);
374
g_strfreev (priv->authorization_store_paths);
353
376
G_OBJECT_CLASS (polkit_backend_local_authority_parent_class)->finalize (object);
398
polkit_backend_local_authority_set_property (GObject *object, guint property_id, const GValue *value, GParamSpec *pspec)
400
PolkitBackendLocalAuthority *local_authority;
401
PolkitBackendLocalAuthorityPrivate *priv;
403
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (object);
404
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
408
case PROP_CONFIG_PATH:
409
g_free (priv->config_path);
410
priv->config_path = g_value_dup_string (value);
412
case PROP_AUTH_STORE_PATHS:
413
g_strfreev (priv->authorization_store_paths);
414
priv->authorization_store_paths = g_strsplit (g_value_get_string (value), ";", 0);
417
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
375
423
polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *klass)
377
425
GObjectClass *gobject_class;
378
426
PolkitBackendAuthorityClass *authority_class;
379
427
PolkitBackendInteractiveAuthorityClass *interactive_authority_class;
381
430
gobject_class = G_OBJECT_CLASS (klass);
382
431
authority_class = POLKIT_BACKEND_AUTHORITY_CLASS (klass);
383
432
interactive_authority_class = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_CLASS (klass);
434
gobject_class->set_property = polkit_backend_local_authority_set_property;
385
435
gobject_class->finalize = polkit_backend_local_authority_finalize;
436
gobject_class->constructed = polkit_backend_local_authority_constructed;
386
437
authority_class->get_name = polkit_backend_local_authority_get_name;
387
438
authority_class->get_version = polkit_backend_local_authority_get_version;
388
439
authority_class->get_features = polkit_backend_local_authority_get_features;
389
440
interactive_authority_class->get_admin_identities = polkit_backend_local_authority_get_admin_auth_identities;
390
441
interactive_authority_class->check_authorization_sync = polkit_backend_local_authority_check_authorization_sync;
443
pspec = g_param_spec_string ("config-path",
444
"Local Authority Configuration Path",
445
"Path to directory of LocalAuthority config files.",
446
PACKAGE_SYSCONF_DIR "/polkit-1/localauthority.conf.d",
447
G_PARAM_CONSTRUCT_ONLY | G_PARAM_WRITABLE);
448
g_object_class_install_property (gobject_class, PROP_CONFIG_PATH, pspec);
450
pspec = g_param_spec_string ("auth-store-paths",
451
"Local Authorization Store Paths",
452
"Semi-colon separated list of Authorization Store 'top' directories.",
453
PACKAGE_LOCALSTATE_DIR "/lib/polkit-1/localauthority;"
454
PACKAGE_SYSCONF_DIR "/polkit-1/localauthority",
455
G_PARAM_CONSTRUCT_ONLY | G_PARAM_WRITABLE);
456
g_object_class_install_property (gobject_class, PROP_AUTH_STORE_PATHS, pspec);
392
458
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
694
get_users_in_net_group (PolkitIdentity *group,
695
gboolean include_root)
701
name = polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (group));
703
if (setnetgrent (name) == 0)
705
g_warning ("Error looking up net group with name %s: %s", name, g_strerror (errno));
711
char *hostname, *username, *domainname;
712
PolkitIdentity *user;
713
GError *error = NULL;
715
if (getnetgrent (&hostname, &username, &domainname) == 0)
718
/* Skip NULL entries since we never want to make everyone an admin
719
* Skip "-" entries which mean "no match ever" in netgroup land */
720
if (username == NULL || g_strcmp0 (username, "-") == 0)
723
/* TODO: Should we match on hostname? Maybe only allow "-" as a hostname
726
user = polkit_unix_user_new_for_name (username, &error);
729
g_warning ("Unknown username '%s' in unix-netgroup: %s", username, error->message);
730
g_error_free (error);
734
ret = g_list_prepend (ret, user);
738
ret = g_list_reverse (ret);
624
747
get_groups_for_user (PolkitIdentity *user)