diff options
author | Matthias Clasen <mclasen@redhat.com> | 2009-07-20 17:08:23 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2009-07-20 17:22:49 -0400 |
commit | 89b9256ad86ddc2a9fd12d3359bc431df45c6b25 (patch) | |
tree | 5b03752d369af57bbc92593c623006f4a177bbc9 | |
parent | 282c47eb102f839cbf3bee646ba2841362284760 (diff) |
Port to PolicyKit 1.0 apis
-rw-r--r-- | configure.ac | 5 | ||||
-rw-r--r-- | data/Makefile.am | 2 | ||||
-rw-r--r-- | data/org.freedesktop.consolekit.policy | 4 | ||||
-rw-r--r-- | src/ck-manager.c | 673 | ||||
-rw-r--r-- | src/ck-manager.h | 5 | ||||
-rw-r--r-- | src/org.freedesktop.ConsoleKit.Manager.xml | 10 |
6 files changed, 226 insertions, 473 deletions
diff --git a/configure.ac b/configure.ac index f7b62fc..100887f 100644 --- a/configure.ac +++ b/configure.ac @@ -38,7 +38,7 @@ AM_GLIB_GNU_GETTEXT DBUS_REQUIRED_VERSION=0.30 GLIB_REQUIRED_VERSION=2.7.0 X11_REQUIRED_VERSION=1.0.0 -POLKIT_REQUIRED_VERSION=0.7 +POLKIT_REQUIRED_VERSION=0.92 AC_CHECK_HEADERS(unistd.h) AC_CHECK_HEADERS(paths.h) @@ -56,7 +56,7 @@ PKG_CHECK_MODULES(CONSOLE_KIT, ) PKG_CHECK_MODULES(POLKIT, - polkit >= $POLKIT_REQUIRED_VERSION, + polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION, have_polkit=yes, have_polkit=no) if test "x$have_polkit" = "xyes" ; then @@ -448,3 +448,4 @@ if test x${have_polkit} = xno -a x${msg_rbac_shutdown} = xno; then echo " ConsoleKit.conf to match your distro/site to avoid NASTY SECURITY HOLES." echo "" fi + diff --git a/data/Makefile.am b/data/Makefile.am index fb245b7..041b431 100644 --- a/data/Makefile.am +++ b/data/Makefile.am @@ -7,7 +7,7 @@ seatdir = $(sysconfdir)/ConsoleKit/seats.d seat_DATA = 00-primary.seat if HAVE_POLKIT -polkit_policydir = $(datadir)/PolicyKit/policy +polkit_policydir = $(datadir)/polkit-1/actions dist_polkit_policy_DATA = \ org.freedesktop.consolekit.policy \ $(NULL) diff --git a/data/org.freedesktop.consolekit.policy b/data/org.freedesktop.consolekit.policy index a5953f4..a709b39 100644 --- a/data/org.freedesktop.consolekit.policy +++ b/data/org.freedesktop.consolekit.policy @@ -23,7 +23,7 @@ Policy definitions for ConsoleKit <message>System policy prevents stopping the system when other users are logged in</message> <defaults> <allow_inactive>no</allow_inactive> - <allow_active>auth_admin_keep_always</allow_active> + <allow_active>auth_admin_keep</allow_active> </defaults> </action> @@ -41,7 +41,7 @@ Policy definitions for ConsoleKit <message>System policy prevents restarting the system when other users are logged in</message> <defaults> <allow_inactive>no</allow_inactive> - <allow_active>auth_admin_keep_always</allow_active> + <allow_active>auth_admin_keep</allow_active> </defaults> </action> diff --git a/src/ck-manager.c b/src/ck-manager.c index 12a69cb..bb65d73 100644 --- a/src/ck-manager.c +++ b/src/ck-manager.c @@ -67,7 +67,7 @@ struct CkManagerPrivate { #ifdef HAVE_POLKIT - PolKitContext *pol_ctx; + PolkitAuthority *pol_ctx; #endif GHashTable *seats; @@ -740,397 +740,157 @@ get_cookie_for_pid (CkManager *manager, return cookie; } -static CkSession * -get_session_for_unix_process (CkManager *manager, - guint pid) -{ - CkSessionLeader *leader; - CkSession *session; - char *cookie; - - session = NULL; - leader = NULL; - - cookie = get_cookie_for_pid (manager, pid); - if (cookie == NULL) { - goto out; - } +typedef void (*AuthorizedCallback) (CkManager *manager, + DBusGMethodInvocation *context); - leader = g_hash_table_lookup (manager->priv->leaders, cookie); - if (leader == NULL) { - goto out; - } - - session = g_hash_table_lookup (manager->priv->sessions, ck_session_leader_peek_session_id (leader)); - - out: - g_free (cookie); +typedef struct +{ + CkManager *manager; + DBusGMethodInvocation *context; + AuthorizedCallback callback; +} AuthorizedCallbackData; - return session; +static void +data_free (AuthorizedCallbackData *data) +{ + g_object_unref (data->manager); + g_free (data); } #ifdef HAVE_POLKIT -static PolKitSession * -new_polkit_session_from_session (CkManager *manager, - CkSession *ck_session) -{ - PolKitSession *pk_session; - PolKitSeat *pk_seat; - uid_t uid; - gboolean is_active; - gboolean is_local; - char *sid; - char *ssid; - char *remote_host; - - sid = NULL; - ssid = NULL; - remote_host = NULL; - - ck_session_get_seat_id (ck_session, &sid, NULL); - - g_object_get (ck_session, - "active", &is_active, - "is-local", &is_local, - "id", &ssid, - "unix-user", &uid, - "remote-host-name", &remote_host, - NULL); - - pk_session = polkit_session_new (); - if (pk_session == NULL) { - goto out; - } - if (!polkit_session_set_uid (pk_session, uid)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } - if (!polkit_session_set_ck_objref (pk_session, ssid)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } - if (!polkit_session_set_ck_is_active (pk_session, is_active)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } - if (!polkit_session_set_ck_is_local (pk_session, is_local)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } - if (!is_local) { - if (!polkit_session_set_ck_remote_host (pk_session, remote_host)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } - - } +static void +auth_ready_callback (PolkitAuthority *authority, + GAsyncResult *res, + AuthorizedCallbackData *data) +{ + GError *error; + GError *error2; + PolkitAuthorizationResult *result; + error = NULL; - pk_seat = polkit_seat_new (); - if (pk_seat == NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; + result = polkit_authority_check_authorization_finish (authority, + res, + &error); + if (error != NULL) { + error2 = g_error_new (CK_MANAGER_ERROR, + CK_MANAGER_ERROR_NOT_PRIVILEGED, + "Not Authorized: %s", error->message); + dbus_g_method_return_error (data->context, error2); + g_error_free (error2); + g_error_free (error); } - if (!polkit_seat_set_ck_objref (pk_seat, sid)) { - polkit_seat_unref (pk_seat); - pk_seat = NULL; - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; + else if (polkit_authorization_result_get_is_authorized (result)) { + data->callback (data->manager, data->context); } - if (!polkit_seat_validate (pk_seat)) { - polkit_seat_unref (pk_seat); - pk_seat = NULL; - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } - - if (!polkit_session_set_seat (pk_session, pk_seat)) { - polkit_seat_unref (pk_seat); - pk_seat = NULL; - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; + else if (polkit_authorization_result_get_is_challenge (result)) { + error = g_error_new (CK_MANAGER_ERROR, + CK_MANAGER_ERROR_NOT_PRIVILEGED, + "Authorization is required"); + dbus_g_method_return_error (data->context, error); + g_error_free (error); } - polkit_seat_unref (pk_seat); /* session object now owns this object */ - pk_seat = NULL; - - if (!polkit_session_validate (pk_session)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; + else { + error = g_error_new (CK_MANAGER_ERROR, + CK_MANAGER_ERROR_NOT_PRIVILEGED, + "Not Authorized"); + dbus_g_method_return_error (data->context, error); + g_error_free (error); } -out: - g_free (ssid); - g_free (sid); - g_free (remote_host); + g_object_unref (result); - return pk_session; + data_free (data); } -static PolKitCaller * -new_polkit_caller_from_dbus_name (CkManager *manager, - const char *dbus_name) +static void +check_polkit_permissions (CkManager *manager, + DBusGMethodInvocation *context, + const char *action, + AuthorizedCallback callback) { - PolKitCaller *caller; - pid_t pid; - uid_t uid; - char *selinux_context; - PolKitSession *pk_session; - DBusMessage *message; - DBusMessage *reply; - DBusMessageIter iter; - DBusMessageIter sub_iter; - char *str; - int num_elems; - DBusConnection *con; - DBusError error; - CkSession *ck_session; - - dbus_error_init (&error); - - con = dbus_g_connection_get_connection (manager->priv->connection); + const char *sender; + GError *error; + PolkitSubject *subject; + AuthorizedCallbackData *data; - g_return_val_if_fail (con != NULL, NULL); - g_return_val_if_fail (dbus_name != NULL, NULL); - - selinux_context = NULL; - - caller = NULL; - ck_session = NULL; - pk_session = NULL; + error = NULL; - uid = dbus_bus_get_unix_user (con, dbus_name, &error); - if (dbus_error_is_set (&error)) { - g_warning ("Could not get uid for connection: %s %s", - error.name, - error.message); - dbus_error_free (&error); - goto out; - } + g_debug ("constructing polkit data"); - message = dbus_message_new_method_call ("org.freedesktop.DBus", - "/org/freedesktop/DBus/Bus", - "org.freedesktop.DBus", - "GetConnectionUnixProcessID"); - dbus_message_iter_init_append (message, &iter); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &dbus_name); - reply = dbus_connection_send_with_reply_and_block (con, message, -1, &error); - - if (reply == NULL || dbus_error_is_set (&error)) { - g_warning ("Error doing GetConnectionUnixProcessID on Bus: %s: %s", - error.name, - error.message); - dbus_message_unref (message); - if (reply != NULL) { - dbus_message_unref (reply); - } - dbus_error_free (&error); - goto out; - } - dbus_message_iter_init (reply, &iter); - dbus_message_iter_get_basic (&iter, &pid); - dbus_message_unref (message); - dbus_message_unref (reply); - - message = dbus_message_new_method_call ("org.freedesktop.DBus", - "/org/freedesktop/DBus/Bus", - "org.freedesktop.DBus", - "GetConnectionSELinuxSecurityContext"); - dbus_message_iter_init_append (message, &iter); - dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &dbus_name); - reply = dbus_connection_send_with_reply_and_block (con, message, -1, &error); - /* SELinux might not be enabled */ - if (dbus_error_is_set (&error) && - strcmp (error.name, "org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown") == 0) { - dbus_message_unref (message); - if (reply != NULL) { - dbus_message_unref (reply); - } - dbus_error_init (&error); - } else if (reply == NULL || dbus_error_is_set (&error)) { - g_warning ("Error doing GetConnectionSELinuxSecurityContext on Bus: %s: %s", error.name, error.message); - dbus_message_unref (message); - if (reply != NULL) { - dbus_message_unref (reply); - } - goto out; - } else { - /* TODO: verify signature */ - dbus_message_iter_init (reply, &iter); - dbus_message_iter_recurse (&iter, &sub_iter); - dbus_message_iter_get_fixed_array (&sub_iter, (void *) &str, &num_elems); - if (str != NULL && num_elems > 0) { - selinux_context = g_strndup (str, num_elems); - } - dbus_message_unref (message); - dbus_message_unref (reply); - } + /* Check that caller is privileged */ + sender = dbus_g_method_get_sender (context); + subject = polkit_system_bus_name_new (sender); - ck_session = get_session_for_unix_process (manager, pid); - if (ck_session == NULL) { - /* OK, this is not a catastrophe; just means the caller is not a - * member of any session or that ConsoleKit is not available.. - */ - goto not_in_session; - } + g_debug ("checking if caller %s is authorized", sender); - pk_session = new_polkit_session_from_session (manager, ck_session); - if (pk_session == NULL) { - g_warning ("Got a session but couldn't construct polkit session object!"); - goto out; - } - if (!polkit_session_validate (pk_session)) { - polkit_session_unref (pk_session); - pk_session = NULL; - goto out; - } + data = g_new0 (AuthorizedCallbackData, 1); + data->manager = g_object_ref (manager); + data->context = context; + data->callback = callback; -not_in_session: + polkit_authority_check_authorization (manager->priv->pol_ctx, + subject, + action, + NULL, + POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, + NULL, + (GAsyncReadyCallback)auth_ready_callback, + data); +} - caller = polkit_caller_new (); - if (caller == NULL) { - if (pk_session != NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - } - goto out; - } +static void +ready_cb (PolkitAuthority *authority, + GAsyncResult *res, + DBusGMethodInvocation *context) +{ + PolkitAuthorizationResult *ret; + GError *error; - if (!polkit_caller_set_dbus_name (caller, dbus_name)) { - if (pk_session != NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - } - polkit_caller_unref (caller); - caller = NULL; - goto out; - } - if (!polkit_caller_set_uid (caller, uid)) { - if (pk_session != NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - } - polkit_caller_unref (caller); - caller = NULL; - goto out; - } - if (!polkit_caller_set_pid (caller, pid)) { - if (pk_session != NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - } - polkit_caller_unref (caller); - caller = NULL; - goto out; + error = NULL; + ret = polkit_authority_check_authorization_finish (authority, res, &error); + if (error != NULL) { + dbus_g_method_return_error (context, error); + g_error_free (error); } - if (selinux_context != NULL) { - if (!polkit_caller_set_selinux_context (caller, selinux_context)) { - if (pk_session != NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - } - polkit_caller_unref (caller); - caller = NULL; - goto out; - } + else if (polkit_authorization_result_get_is_authorized (ret)) { + dbus_g_method_return (context, TRUE); } - if (pk_session != NULL) { - if (!polkit_caller_set_ck_session (caller, pk_session)) { - if (pk_session != NULL) { - polkit_session_unref (pk_session); - pk_session = NULL; - } - polkit_caller_unref (caller); - caller = NULL; - goto out; - } - polkit_session_unref (pk_session); /* caller object now own this object */ - pk_session = NULL; + else if (polkit_authorization_result_get_is_challenge (ret)) { + dbus_g_method_return (context, TRUE); } - - if (!polkit_caller_validate (caller)) { - polkit_caller_unref (caller); - caller = NULL; - goto out; + else { + dbus_g_method_return (context, FALSE); } -out: - g_free (selinux_context); - - return caller; + g_object_unref (ret); } -static gboolean -_check_polkit_for_action (CkManager *manager, - DBusGMethodInvocation *context, - const char *action) +static void +get_polkit_permissions (CkManager *manager, + const char *action, + DBusGMethodInvocation *context) { - const char *sender; - GError *error; - DBusError dbus_error; - PolKitCaller *pk_caller; - PolKitAction *pk_action; - PolKitResult pk_result; + const char *sender; + PolkitSubject *subject; + GError *error; - error = NULL; + g_debug ("get permissions for action %s", action); - g_debug ("constructing polkit data"); - - /* Check that caller is privileged */ sender = dbus_g_method_get_sender (context); - dbus_error_init (&dbus_error); - - pk_caller = new_polkit_caller_from_dbus_name (manager, sender); - if (pk_caller == NULL) { - error = g_error_new (CK_MANAGER_ERROR, - CK_MANAGER_ERROR_GENERAL, - "Error getting information about caller: %s: %s", - dbus_error.name, - dbus_error.message); - dbus_error_free (&dbus_error); - dbus_g_method_return_error (context, error); - g_error_free (error); - return FALSE; - } - - pk_action = polkit_action_new (); - polkit_action_set_action_id (pk_action, action); - - g_debug ("checking if caller %s is authorized", sender); - - /* this version crashes if error is used */ - pk_result = polkit_context_is_caller_authorized (manager->priv->pol_ctx, - pk_action, - pk_caller, - TRUE, - NULL); - g_debug ("answer is: %s", (pk_result == POLKIT_RESULT_YES) ? "yes" : "no"); + subject = polkit_system_bus_name_new (sender); - polkit_caller_unref (pk_caller); - polkit_action_unref (pk_action); - - if (pk_result != POLKIT_RESULT_YES) { - error = g_error_new (CK_MANAGER_ERROR, - CK_MANAGER_ERROR_NOT_PRIVILEGED, - "Not privileged for action: %s %s", - action, - polkit_result_to_string_representation (pk_result)); - dbus_error_free (&dbus_error); - dbus_g_method_return_error (context, error); - g_error_free (error); - return FALSE; - } + error = NULL; + polkit_authority_check_authorization (manager->priv->pol_ctx, + subject, + action, + NULL, + 0, + NULL, + (GAsyncReadyCallback) ready_cb, + context); + g_object_unref (subject); - return TRUE; } #endif @@ -1271,9 +1031,10 @@ get_system_num_users (CkManager *manager) } #ifdef ENABLE_RBAC_SHUTDOWN -static gboolean +static void check_rbac_permissions (CkManager *manager, - DBusGMethodInvocation *context) + DBusGMethodInvocation *context, + AuthorizedCallback callback) { const char *sender; char *username; @@ -1308,10 +1069,44 @@ out: } g_free (username); - return res; + + if (res) { + callback (manager, context); + } } #endif +static void +do_restart (CkManager *manager, + DBusGMethodInvocation *context) +{ + GError *error; + gboolean res; + + g_debug ("ConsoleKit preforming Restart"); + + log_system_restart_event (manager); + + error = NULL; + res = g_spawn_command_line_async (PREFIX "/lib/ConsoleKit/scripts/ck-system-restart", + &error); + if (! res) { + GError *new_error; + + g_warning ("Unable to restart system: %s", error->message); + + new_error = g_error_new (CK_MANAGER_ERROR, + CK_MANAGER_ERROR_GENERAL, + "Unable to restart system: %s", error->message); + dbus_g_method_return_error (context, new_error); + g_error_free (new_error); + + g_error_free (error); + } else { + dbus_g_method_return (context); + } +} + /* Example: dbus-send --system --dest=org.freedesktop.ConsoleKit \ @@ -1323,12 +1118,7 @@ gboolean ck_manager_restart (CkManager *manager, DBusGMethodInvocation *context) { - gboolean ret; - gboolean res; const char *action; - GError *error; - - ret = FALSE; if (get_system_num_users (manager) > 1) { action = "org.freedesktop.consolekit.system.restart-multiple-users"; @@ -1339,58 +1129,69 @@ ck_manager_restart (CkManager *manager, g_debug ("ConsoleKit Restart: %s", action); #if defined HAVE_POLKIT - res = _check_polkit_for_action (manager, context, action); - if (! res) { - goto out; - } + check_polkit_permissions (manager, context, action, do_restart); #elif defined ENABLE_RBAC_SHUTDOWN - if (! check_rbac_permissions (manager, context)) { - goto out; - } + check_rbac_permissions (manager, context, do_restart); #else g_warning ("Compiled without PolicyKit or RBAC support!"); - goto out; #endif - g_debug ("ConsoleKit preforming Restart: %s", action); + return TRUE; +} - log_system_restart_event (manager); +gboolean +ck_manager_can_restart (CkManager *manager, + DBusGMethodInvocation *context) + +{ + const char *action; + + action = "org.freedesktop.consolekit.system.restart"; + +#if defined HAVE_POLKIT + get_polkit_permissions (manager, action, context); +#else + dbus_g_method_return (context, TRUE); +#endif + + return TRUE; +} + +static void +do_stop (CkManager *manager, + DBusGMethodInvocation *context) +{ + GError *error; + gboolean res; + + g_debug ("Stopping system"); + + log_system_stop_event (manager); error = NULL; - res = g_spawn_command_line_async (PREFIX "/lib/ConsoleKit/scripts/ck-system-restart", + res = g_spawn_command_line_async (PREFIX "/lib/ConsoleKit/scripts/ck-system-stop", &error); if (! res) { GError *new_error; - g_warning ("Unable to restart system: %s", error->message); + g_warning ("Unable to stop system: %s", error->message); new_error = g_error_new (CK_MANAGER_ERROR, CK_MANAGER_ERROR_GENERAL, - "Unable to restart system: %s", error->message); + "Unable to stop system: %s", error->message); dbus_g_method_return_error (context, new_error); g_error_free (new_error); - g_error_free (error); } else { - ret = TRUE; dbus_g_method_return (context); } - - out: - - return ret; } gboolean ck_manager_stop (CkManager *manager, DBusGMethodInvocation *context) { - gboolean ret; - gboolean res; const char *action; - GError *error; - - ret = TRUE; if (get_system_num_users (manager) > 1) { action = "org.freedesktop.consolekit.system.stop-multiple-users"; @@ -1399,45 +1200,31 @@ ck_manager_stop (CkManager *manager, } #if defined HAVE_POLKIT - res = _check_polkit_for_action (manager, context, action); - if (! res) { - goto out; - } + check_polkit_permissions (manager, context, action, do_stop); #elif defined ENABLE_RBAC_SHUTDOWN - if (!check_rbac_permissions (manager, context)) { - goto out; - } + check_rbac_permissions (manager, context, do_stop); #else g_warning ("Compiled without PolicyKit or RBAC support!"); - goto out; #endif - g_debug ("Stopping system"); - - log_system_stop_event (manager); - - error = NULL; - res = g_spawn_command_line_async (PREFIX "/lib/ConsoleKit/scripts/ck-system-stop", - &error); - if (! res) { - GError *new_error; + return TRUE; +} - g_warning ("Unable to stop system: %s", error->message); +gboolean +ck_manager_can_stop (CkManager *manager, + DBusGMethodInvocation *context) +{ + const char *action; - new_error = g_error_new (CK_MANAGER_ERROR, - CK_MANAGER_ERROR_GENERAL, - "Unable to stop system: %s", error->message); - dbus_g_method_return_error (context, new_error); - g_error_free (new_error); + action = "org.freedesktop.consolekit.system.stop"; - g_error_free (error); - } else { - ret = TRUE; - dbus_g_method_return (context); - } +#if defined HAVE_POLKIT + get_polkit_permissions (manager, action, context); +#else + dbus_g_method_return (context, TRUE); +#endif - out: - return ret; + return TRUE; } static void @@ -2423,63 +2210,13 @@ bus_name_owner_changed (DBusGProxy *bus_proxy, service_name, old_service_name, new_service_name); } -#ifdef HAVE_POLKIT -static gboolean -pk_io_watch_have_data (GIOChannel *channel, - GIOCondition condition, - gpointer user_data) -{ - int fd; - PolKitContext *pk_context = user_data; - - fd = g_io_channel_unix_get_fd (channel); - polkit_context_io_func (pk_context, fd); - return TRUE; -} - -static int -pk_io_add_watch (PolKitContext *pk_context, - int fd) -{ - guint id = 0; - GIOChannel *channel; - - channel = g_io_channel_unix_new (fd); - if (channel == NULL) { - goto out; - } - - id = g_io_add_watch (channel, G_IO_IN, pk_io_watch_have_data, pk_context); - if (id == 0) { - g_io_channel_unref (channel); - goto out; - } - g_io_channel_unref (channel); - -out: - return id; -} - -static void -pk_io_remove_watch (PolKitContext *pk_context, - int watch_id) -{ - g_source_remove (watch_id); -} -#endif - static gboolean register_manager (CkManager *manager) { GError *error = NULL; #ifdef HAVE_POLKIT - manager->priv->pol_ctx = polkit_context_new (); - polkit_context_set_io_watch_functions (manager->priv->pol_ctx, pk_io_add_watch, pk_io_remove_watch); - if (! polkit_context_init (manager->priv->pol_ctx, NULL)) { - g_critical ("cannot initialize libpolkit"); - return FALSE; - } + manager->priv->pol_ctx = polkit_authority_get (); #endif error = NULL; diff --git a/src/ck-manager.h b/src/ck-manager.h index 45910b7..4bd56e8 100644 --- a/src/ck-manager.h +++ b/src/ck-manager.h @@ -79,9 +79,14 @@ CkManager * ck_manager_new (void); /* System actions */ gboolean ck_manager_stop (CkManager *manager, DBusGMethodInvocation *context); + gboolean ck_manager_restart (CkManager *manager, DBusGMethodInvocation *context); +gboolean ck_manager_can_stop (CkManager *manager, + DBusGMethodInvocation *context); +gboolean ck_manager_can_restart (CkManager *manager, + DBusGMethodInvocation *context); /* Authoritative properties */ gboolean ck_manager_open_session (CkManager *manager, DBusGMethodInvocation *context); diff --git a/src/org.freedesktop.ConsoleKit.Manager.xml b/src/org.freedesktop.ConsoleKit.Manager.xml index c4d3dd5..f903b55 100644 --- a/src/org.freedesktop.ConsoleKit.Manager.xml +++ b/src/org.freedesktop.ConsoleKit.Manager.xml @@ -13,6 +13,11 @@ </doc:doc> </method> + <method name="CanRestart"> + <annotation name="org.freedesktop.DBus.GLib.Async" value=""/> + <arg name="can_restart" type="b" direction="out"/> + </method> + <method name="Stop"> <annotation name="org.freedesktop.DBus.GLib.Async" value=""/> <doc:doc> @@ -22,6 +27,11 @@ </doc:doc> </method> + <method name="CanStop"> + <annotation name="org.freedesktop.DBus.GLib.Async" value=""/> + <arg name="can_stop" type="b" direction="out"/> + </method> + <method name="OpenSession"> <annotation name="org.freedesktop.DBus.GLib.Async" value=""/> <arg name="cookie" direction="out" type="s"> |