From b64302b1f0be2c489b23f3462ffcb7edc3d95bae Mon Sep 17 00:00:00 2001 From: Kay Sievers Date: Mon, 18 May 2009 23:51:02 +0200 Subject: udev-acl: add/remove ACLs for active/inactive local sessions --- udev-acl/udev-acl.c | 70 ++++++++++++++++++++++++++++++++--------------------- 1 file changed, 43 insertions(+), 27 deletions(-) diff --git a/udev-acl/udev-acl.c b/udev-acl/udev-acl.c index 443ba45..5bac6bd 100644 --- a/udev-acl/udev-acl.c +++ b/udev-acl/udev-acl.c @@ -114,8 +114,8 @@ static int uid_in_list(GSList *list, uid_t uid) return 0; } -/* return list of current uids of local sessions */ -static GSList *uids_with_local_session(const char *own_id) +/* return list of current uids of local active sessions */ +static GSList *uids_with_local_active_session(const char *own_id) { GSList *list = NULL; GKeyFile *keyfile; @@ -134,13 +134,12 @@ static GSList *uids_with_local_session(const char *own_id) if (!g_str_has_prefix(groups[i], "Session ")) continue; - if (own_id != NULL) { - /* exclude our own session */ - if (g_str_has_suffix(groups[i], own_id)) - continue; - } + if (own_id != NULL &&g_str_has_suffix(groups[i], own_id)) + continue; if (!g_key_file_get_boolean(keyfile, groups[i], "is_local", NULL)) continue; + if (!g_key_file_get_boolean(keyfile, groups[i], "is_active", NULL)) + continue; u = g_key_file_get_integer(keyfile, groups[i], "uid", NULL); if (u > 0 && !uid_in_list(list, u)) list = g_slist_prepend(list, GUINT_TO_POINTER(u)); @@ -156,34 +155,42 @@ static GSList *uids_with_local_session(const char *own_id) /* ConsoleKit calls us with special variables */ static int consolekit_called(const char *action, uid_t *uid, const char **own_session, int *add) { - const char *id; - const char *local; + int a; + uid_t u; + const char *s; const char *session; - id = getenv("CK_SESSION_USER_UID"); - if (id == NULL) + if (strcmp(action, "session_active_changed") != 0) return -1; - local = getenv("CK_SESSION_IS_LOCAL"); - if (local == NULL) + s = getenv("CK_SESSION_IS_LOCAL"); + if (s == NULL) return -1; + if (strcmp(s, "true") != 0) + return 0; - session = getenv("CK_SESSION_ID"); - if (session == NULL) + s = getenv("CK_SESSION_IS_ACTIVE"); + if (s == NULL) return -1; + if (strcmp(s, "true") == 0) + a = 1; + else + a = 0; - if (strcmp(local, "true") != 0) + session = getenv("CK_SESSION_ID"); + if (session == NULL) return -1; - if (strcmp(action, "session_added") == 0) - *add = 1; - else if (strcmp(action, "session_removed") == 0) - *add = 0; - else + s = getenv("CK_SESSION_USER_UID"); + if (s == NULL) return -1; + u = strtoul(s, NULL, 10); + if (u == 0) + return 0; *own_session = session; - *uid = strtoul(id, NULL, 10); + *uid = u; + *add = a; return 0; } @@ -286,23 +293,32 @@ int main (int argc, char* argv[]) if (uid != 0) { if (add) { - /* add ACL for given uid to all matching devices */ + /* Add ACL for given uid to all matching devices. */ apply_acl_to_devices(uid, 1); } else { - /* remove ACL for given uid to all matching devices, if last session goes away */ + /* + * Remove ACL for given uid from all matching devices + * when there is currently no local active session. + */ GSList *list; - list = uids_with_local_session(own_session); + list = uids_with_local_active_session(own_session); if (!uid_in_list(list, uid)) apply_acl_to_devices(uid, 0); g_slist_free(list); } } else if (device != NULL) { - /* update list of ACLs of all current session uids to a given device */ + /* + * Add ACLs for all current session uids to a given device. + * + * Or remove ACLs for uids which do not have any current local + * active session. Remove is not really interesting, because in + * most cases the device node is removed anyway. + */ GSList *list; GSList *l; - list = uids_with_local_session(NULL); + list = uids_with_local_active_session(NULL); for (l = list; l != NULL; l = g_slist_next(l)) { uid_t u; -- cgit