diff options
| author | John (J5) Palmieri <johnp@redhat.com> | 2004-08-25 22:11:49 +0000 |
|---|---|---|
| committer | John (J5) Palmieri <johnp@redhat.com> | 2004-08-25 22:11:49 +0000 |
| commit | b78d222083d1a1186743e2bb3aded49b5a950fe2 (patch) | |
| tree | 96e6386e5d27afc636a5ecc983466d14585b243e /bus/policy.h | |
| parent | 8a2c91b8a549402040c94b45b063311975583efd (diff) | |
Console user security policy
* bus/config-parser.c:
(struct PolicyType): Add POLICY_CONSOLE
(struct Element.d.policy): s/gid_or_uid/gid_uid_or_at_console
(start_busconfig_child): Sets up console element when
<policy at_console=""> is encountered in a policy file
(append_rule_from_element): Convert console elements to console
rules.
* bus/policy.c:
(bus_policy_create_client_policy): Add console rules to the client
policy based on if the client is at the console
(bus_policy_append_console_rule): New function for adding a
console rule to a policy
(bus_policy_merge): Handle console rule merging
* dbus/dbus-sysdeps.h: Added the DBUS_CONSOLE_DIR constant
where we check for console user files
* dbus/dbus-sysdeps.c:
(_dbus_file_exists): New function which checks if the given
file exists
(_dbus_user_at_console): New function which does the system
specific process of checking if the user is at the console
* dbus/dbus-userdb.c:
(_dbus_is_console_user): New function converts a UID to user name
and then calls the system specific _dbus_user_at_console to
see if the user is at the console and therefor a console user
Diffstat (limited to 'bus/policy.h')
| -rw-r--r-- | bus/policy.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/bus/policy.h b/bus/policy.h index 61e089a7..94b48e6f 100644 --- a/bus/policy.h +++ b/bus/policy.h @@ -26,6 +26,7 @@ #include <dbus/dbus.h> #include <dbus/dbus-string.h> +#include <dbus/dbus-list.h> #include <dbus/dbus-sysdeps.h> #include "bus.h" @@ -96,7 +97,7 @@ struct BusPolicyRule /* can be DBUS_GID_UNSET meaning "any" */ dbus_gid_t gid; } group; - + } d; }; @@ -124,6 +125,10 @@ dbus_bool_t bus_policy_append_user_rule (BusPolicy *policy, dbus_bool_t bus_policy_append_group_rule (BusPolicy *policy, dbus_gid_t gid, BusPolicyRule *rule); +dbus_bool_t bus_policy_append_console_rule (BusPolicy *policy, + dbus_bool_t at_console, + BusPolicyRule *rule); + dbus_bool_t bus_policy_merge (BusPolicy *policy, BusPolicy *to_absorb); |