Author: jreidinger Date: Thu Jul 3 08:53:49 2008 New Revision: 48791 URL: http://svn.opensuse.org/viewcvs/yast?rev=48791&view=rev Log: convert to dbus call Added: branches/tmp/lslezak/workshop/auth_dbus_layer/readme.txt branches/tmp/lslezak/workshop/auth_dbus_layer/test.py (with props) Modified: branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.c branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.h branches/tmp/lslezak/workshop/auth_dbus_layer/polkitwrapper.py Modified: branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.c URL: http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.c?rev=48791&r1=48790&r2=48791&view=diff ============================================================================== --- branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.c (original) +++ branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.c Thu Jul 3 08:53:49 2008 @@ -15,7 +15,7 @@ #define SCRIPT_FILE "polkitwrapper.py" -int polkit_check(const char *action_id) { +int polkit_check(const char *action_id, const char *caller_bus) { int ret = -1; DBusError dbus_error; DBusConnection *bus = NULL; @@ -32,8 +32,12 @@ goto finish; } - if (!(caller = polkit_caller_new_from_pid(bus, getpid(), &dbus_error))) { + /*if (!(caller = polkit_caller_new_from_pid(bus, getpid(), &dbus_error))) { goto finish; + }*/ + if (!(caller = polkit_caller_new_from_dbus_name(bus, caller_bus, &dbus_error))) + { + goto finish; } /* This function is called when PulseAudio is called SUID root. We @@ -41,12 +45,13 @@ * effective user we gained through being SUID root. Hence we * overwrite the UID caller data here explicitly, just for * paranoia. In fact PolicyKit should fill in the UID here anyway - * -- an not the EUID or any other user id. */ + * -- an not the EUID or any other user id. if (!(polkit_caller_set_uid(caller, getuid()))) { goto finish; } - + */ + /* if (!(polkit_caller_get_ck_session(caller, &session))) { goto finish; @@ -55,14 +60,14 @@ if (session!=NULL) { - /* We need to overwrite the UID in both the caller and the session - * object */ + * We need to overwrite the UID in both the caller and the session + * object * if (!(polkit_session_set_uid(session, getuid()))) { goto finish; } } - + */ if (!(action = polkit_action_new())) { goto finish; @@ -139,10 +144,11 @@ PyObject* pResult; int result; char* arg_text; + char* arg_caller; - PyArg_ParseTuple(args, "s", &arg_text); + PyArg_ParseTuple(args, "ss", &arg_text, &arg_caller); - result = polkit_check(arg_text); + result = polkit_check(arg_text,arg_caller); pResult = Py_BuildValue("i", result); return pResult; Modified: branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.h URL: http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.h?rev=48791&r1=48790&r2=48791&view=diff ============================================================================== --- branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.h (original) +++ branches/tmp/lslezak/workshop/auth_dbus_layer/polkit.h Thu Jul 3 08:53:49 2008 @@ -8,6 +8,6 @@ * \param action action which user want do * \return 0 if user have permision, -1 if error occured, -2 if authorization required and -3 if permision denied */ -int polkit_check(const char *action); +int polkit_check(const char *action, const char *caller_bus); #endif Modified: branches/tmp/lslezak/workshop/auth_dbus_layer/polkitwrapper.py URL: http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/workshop/auth_dbus_layer/polkitwrapper.py?rev=48791&r1=48790&r2=48791&view=diff ============================================================================== --- branches/tmp/lslezak/workshop/auth_dbus_layer/polkitwrapper.py (original) +++ branches/tmp/lslezak/workshop/auth_dbus_layer/polkitwrapper.py Thu Jul 3 08:53:49 2008 @@ -2,8 +2,8 @@ import AuthException import logging -def PolkitCheck(name): - result = polkitbind.checkPolicyLow(name) +def PolkitCheck(name,caller_bus): + result = polkitbind.checkPolicyLow(name,caller_bus) logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(levelname)s %(message)s', filename='/tmp/polkitcheck.log', @@ -22,4 +22,4 @@ if __name__=="__main__": - print PolkitCheck("org.yast.policy") + print PolkitCheck("org.yast.policy",':1.8') Added: branches/tmp/lslezak/workshop/auth_dbus_layer/readme.txt URL: http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/workshop/auth_dbus_layer/readme.txt?rev=48791&view=auto ============================================================================== --- branches/tmp/lslezak/workshop/auth_dbus_layer/readme.txt (added) +++ branches/tmp/lslezak/workshop/auth_dbus_layer/readme.txt Thu Jul 3 08:53:49 2008 @@ -0,0 +1,16 @@ +you must have setted yast_service projekt +then use 'make install' + +/usr/share/dbus-1/services/org.opensuse.YaST.Auth.service +-------------------------------------------------------- +[D-BUS Service] +Name=org.opensuse.YaST +Exec=/usr/lib64/python/site-packages/auth_layer_service.py +---------------------------------------------------------- + +How to run: +./test.py + + +TODO: +set policy in /etc/dbus-1/system.d/yast.conf to prevent call scr service directly, use only auth proxy Added: branches/tmp/lslezak/workshop/auth_dbus_layer/test.py URL: http://svn.opensuse.org/viewcvs/yast/branches/tmp/lslezak/workshop/auth_dbus_layer/test.py?rev=48791&view=auto ============================================================================== --- branches/tmp/lslezak/workshop/auth_dbus_layer/test.py (added) +++ branches/tmp/lslezak/workshop/auth_dbus_layer/test.py Thu Jul 3 08:53:49 2008 @@ -0,0 +1,16 @@ +#!/usr/bin/env python + +import dbus + +bus = dbus.SystemBus() + +yast_SCR = bus.get_object('org.opensuse.YaST.Auth', '/') + + +if __name__ == "__main__": + print yast_SCR.Dirpk('.sysconfig.kdump', dbus_interface='org.opensuse.YaST.Auth') + + print yast_SCR.Readpk('.time', dbus_interface='org.opensuse.YaST.Auth') + + print yast_SCR.Readpk('.sysconfig.kdump.KDUMP_COMMANDLINE', dbus_interface='org.opensuse.YaST.Auth') + -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org