5 * Copyright (C) 2007-2009 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
29 #include <polkit-dbus/polkit-dbus.h>
31 #define CONNMAN_API_SUBJECT_TO_CHANGE
32 #include <connman/plugin.h>
33 #include <connman/security.h>
34 #include <connman/dbus.h>
35 #include <connman/log.h>
37 #define ACTION_MODIFY "org.moblin.connman.modify"
38 #define ACTION_SECRET "org.moblin.connman.secret"
40 static DBusConnection *connection;
41 static PolKitContext *polkit_context;
43 static int polkit_authorize(const char *sender,
44 enum connman_security_privilege privilege)
50 const char *id = NULL;
52 DBG("sender %s", sender);
55 case CONNMAN_SECURITY_PRIVILEGE_PUBLIC:
57 case CONNMAN_SECURITY_PRIVILEGE_MODIFY:
60 case CONNMAN_SECURITY_PRIVILEGE_SECRET:
65 dbus_error_init(&error);
67 caller = polkit_caller_new_from_dbus_name(connection, sender, &error);
69 if (dbus_error_is_set(&error) == TRUE) {
70 connman_error("%s", error.message);
71 dbus_error_free(&error);
73 connman_error("Failed to get caller information");
77 action = polkit_action_new();
78 polkit_action_set_action_id(action, id);
80 result = polkit_context_is_caller_authorized(polkit_context,
81 action, caller, TRUE, NULL);
83 polkit_action_unref(action);
84 polkit_caller_unref(caller);
86 DBG("result %s", polkit_result_to_string_representation(result));
88 if (result == POLKIT_RESULT_NO)
94 static struct connman_security polkit_security = {
96 .authorize_sender = polkit_authorize,
99 static gboolean watch_event(GIOChannel *channel, GIOCondition condition,
102 PolKitContext *context = user_data;
105 DBG("context %p", context);
107 fd = g_io_channel_unix_get_fd(channel);
109 polkit_context_io_func(context, fd);
114 static int add_watch(PolKitContext *context, int fd)
119 DBG("context %p", context);
121 channel = g_io_channel_unix_new(fd);
125 id = g_io_add_watch(channel, G_IO_IN, watch_event, context);
127 g_io_channel_unref(channel);
132 static void remove_watch(PolKitContext *context, int id)
134 DBG("context %p", context);
139 static int polkit_init(void)
143 connection = connman_dbus_get_connection();
144 if (connection == NULL)
147 polkit_context = polkit_context_new();
149 polkit_context_set_io_watch_functions(polkit_context,
150 add_watch, remove_watch);
152 if (polkit_context_init(polkit_context, NULL) == FALSE) {
153 connman_error("Can't initialize PolicyKit");
154 polkit_context_unref(polkit_context);
155 dbus_connection_unref(connection);
159 err = connman_security_register(&polkit_security);
161 polkit_context_unref(polkit_context);
162 dbus_connection_unref(connection);
169 static void polkit_exit(void)
171 connman_security_unregister(&polkit_security);
173 polkit_context_unref(polkit_context);
175 dbus_connection_unref(connection);
178 CONNMAN_PLUGIN_DEFINE(polkit, "PolicyKit authorization plugin", VERSION,
179 polkit_init, polkit_exit)