diff --git a/configure.ac b/configure.ac index b18ccc063f..e34f3f7964 100644 --- a/configure.ac +++ b/configure.ac @@ -337,13 +337,9 @@ else fi AM_CONDITIONAL(WITH_WIMAX, test "${enable_wimax}" = "yes") -PKG_CHECK_MODULES(POLKIT, polkit-gobject-1) +PKG_CHECK_MODULES(POLKIT, polkit-gobject-1 >= 0.97) AC_SUBST(POLKIT_CFLAGS) -# Check for polkit_authority_get_sync() -AC_CHECK_LIB([polkit-gobject-1], [polkit_authority_get_sync], ac_have_pk_auth_get_sync="1", ac_have_pk_auth_get_sync="0") -AC_DEFINE_UNQUOTED(HAVE_POLKIT_AUTHORITY_GET_SYNC, $ac_have_pk_auth_get_sync, [Define if you have a polkit with polkit_authority_get_sync()]) - AC_ARG_WITH(crypto, AS_HELP_STRING([--with-crypto=nss | gnutls], [Cryptography library to use for certificate and key operations]),ac_crypto=$withval, ac_crypto=nss) with_nss=no diff --git a/src/nm-manager-auth.c b/src/nm-manager-auth.c index 8515959ebf..9b3588cbcb 100644 --- a/src/nm-manager-auth.c +++ b/src/nm-manager-auth.c @@ -20,8 +20,9 @@ #include #include +#include -#include +#include "nm-setting-connection.h" #include "nm-manager-auth.h" #include "nm-logging.h" #include "nm-dbus-manager.h" @@ -37,7 +38,6 @@ struct NMAuthChain { GError *error; NMAuthChainResultFunc done_func; - NMAuthChainCallFunc call_func; gpointer user_data; }; @@ -45,6 +45,7 @@ typedef struct { NMAuthChain *chain; GCancellable *cancellable; char *permission; + guint idle_id; gboolean disposed; } PolkitCall; @@ -64,20 +65,29 @@ free_data (gpointer data) g_free (tmp); } -static void -default_call_func (NMAuthChain *chain, - const char *permission, - GError *error, - NMAuthCallResult result, - gpointer user_data) +static PolkitAuthority * +pk_authority_get (void) { - if (!error) - nm_auth_chain_set_data (chain, permission, GUINT_TO_POINTER (result), NULL); + static PolkitAuthority *authority = NULL; + GError *error = NULL; + + if (authority == NULL) { + authority = polkit_authority_get_sync (NULL, &error); + if (authority == NULL) { + nm_log_err (LOGD_CORE, "Failed to initialize PolicyKit: (%d) %s", + error ? error->code : -1, + (error && error->message) ? error->message : "(unknown)"); + g_clear_error (&error); + return NULL; + } + } + + /* Yes, ref every time; we want to keep the object alive */ + return g_object_ref (authority); } static NMAuthChain * -_auth_chain_new (PolkitAuthority *authority, - DBusGMethodInvocation *context, +_auth_chain_new (DBusGMethodInvocation *context, DBusGProxy *proxy, DBusMessage *message, const char *dbus_sender, @@ -90,10 +100,9 @@ _auth_chain_new (PolkitAuthority *authority, self = g_malloc0 (sizeof (NMAuthChain)); self->refcount = 1; - self->authority = g_object_ref (authority); + self->authority = pk_authority_get (); self->data = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, free_data); self->done_func = done_func; - self->call_func = /* call_func ? call_func : */ default_call_func; self->user_data = user_data; self->context = context; @@ -117,31 +126,28 @@ _auth_chain_new (PolkitAuthority *authority, } NMAuthChain * -nm_auth_chain_new (PolkitAuthority *authority, - DBusGMethodInvocation *context, +nm_auth_chain_new (DBusGMethodInvocation *context, DBusGProxy *proxy, NMAuthChainResultFunc done_func, gpointer user_data) { - return _auth_chain_new (authority, context, proxy, NULL, NULL, done_func, user_data); + return _auth_chain_new (context, proxy, NULL, NULL, done_func, user_data); } NMAuthChain * -nm_auth_chain_new_raw_message (PolkitAuthority *authority, - DBusMessage *message, +nm_auth_chain_new_raw_message (DBusMessage *message, NMAuthChainResultFunc done_func, gpointer user_data) { - return _auth_chain_new (authority, NULL, NULL, message, NULL, done_func, user_data); + return _auth_chain_new (NULL, NULL, message, NULL, done_func, user_data); } NMAuthChain * -nm_auth_chain_new_dbus_sender (PolkitAuthority *authority, - const char *dbus_sender, +nm_auth_chain_new_dbus_sender (const char *dbus_sender, NMAuthChainResultFunc done_func, gpointer user_data) { - return _auth_chain_new (authority, NULL, NULL, NULL, dbus_sender, done_func, user_data); + return _auth_chain_new (NULL, NULL, NULL, dbus_sender, done_func, user_data); } gpointer @@ -228,6 +234,15 @@ nm_auth_chain_check_done (NMAuthChain *self) } } +static void +nm_auth_chain_remove_call (NMAuthChain *self, PolkitCall *call) +{ + g_return_if_fail (self != NULL); + g_return_if_fail (call != NULL); + + self->calls = g_slist_remove (self->calls, call); +} + static void polkit_call_cancel (PolkitCall *call) { @@ -246,6 +261,9 @@ polkit_call_free (PolkitCall *call) call->chain = NULL; g_object_unref (call->cancellable); call->cancellable = NULL; + if (call->idle_id) + g_source_remove (call->idle_id); + memset (call, 0, sizeof (*call)); g_free (call); } @@ -265,7 +283,7 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data) } chain = call->chain; - chain->calls = g_slist_remove (chain->calls, call); + nm_auth_chain_remove_call (chain, call); pk_result = polkit_authority_check_authorization_finish (chain->authority, result, @@ -287,9 +305,11 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data) call_result = NM_AUTH_CALL_RESULT_AUTH; } else call_result = NM_AUTH_CALL_RESULT_NO; + + nm_auth_chain_set_data (chain, call->permission, GUINT_TO_POINTER (call_result), NULL); } - chain->call_func (chain, call->permission, error, call_result, chain->user_data); + /* Check if all calls in the chain are complete */ nm_auth_chain_check_done (chain); g_clear_error (&error); @@ -298,6 +318,26 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data) g_object_unref (pk_result); } +static gboolean +polkit_call_error_idle_cb (gpointer user_data) +{ + PolkitCall *call = user_data; + + call->idle_id = 0; + nm_auth_chain_remove_call (call->chain, call); + nm_auth_chain_check_done (call->chain); + polkit_call_free (call); + return FALSE; +} + +static void +polkit_call_schedule_error (PolkitCall *call) +{ + if (!call->chain->error) + call->chain->error = g_error_new_literal (0, 0, "PolicyKit unavailable"); + call->idle_id = g_idle_add (polkit_call_error_idle_cb, call); +} + gboolean nm_auth_chain_add_call (NMAuthChain *self, const char *permission, @@ -322,6 +362,13 @@ nm_auth_chain_add_call (NMAuthChain *self, self->calls = g_slist_append (self->calls, call); + if (self->authority == NULL) { + /* No polkit, no authorization */ + polkit_call_schedule_error (call); + g_object_unref (subject); + return FALSE; + } + if (allow_interaction) flags = POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION; @@ -348,7 +395,8 @@ nm_auth_chain_unref (NMAuthChain *self) if (self->refcount > 0) return; - g_object_unref (self->authority); + if (self->authority) + g_object_unref (self->authority); g_free (self->owner); for (iter = self->calls; iter; iter = g_slist_next (iter)) @@ -460,3 +508,46 @@ nm_auth_uid_in_acl (NMConnection *connection, return TRUE; } +typedef struct { + GDestroyNotify changed_callback; + gpointer changed_data; +} PkChangedInfo; + +static void +pk_authority_changed_cb (GObject *object, PkChangedInfo *info) +{ + info->changed_callback (info->changed_data); +} + +void +nm_auth_set_changed_func (GDestroyNotify callback, gpointer callback_data) +{ + static PkChangedInfo info = { NULL, NULL }; + static guint32 changed_id = 0; + PolkitAuthority *authority; + + authority = pk_authority_get (); + if (!authority) + return; + + if (callback == NULL) { + /* Clearing the callback */ + info.changed_callback = NULL; + info.changed_data = NULL; + g_signal_handler_disconnect (authority, changed_id); + changed_id = 0; + } else { + info.changed_callback = callback; + info.changed_data= callback_data; + + if (changed_id == 0) { + changed_id = g_signal_connect (authority, + "changed", + G_CALLBACK (pk_authority_changed_cb), + &info); + } + } + + g_object_unref (authority); +} + diff --git a/src/nm-manager-auth.h b/src/nm-manager-auth.h index 7e7ff7a12c..ad14d306c0 100644 --- a/src/nm-manager-auth.h +++ b/src/nm-manager-auth.h @@ -21,7 +21,6 @@ #ifndef NM_MANAGER_AUTH_H #define NM_MANAGER_AUTH_H -#include #include #include @@ -56,25 +55,16 @@ typedef void (*NMAuthChainResultFunc) (NMAuthChain *chain, DBusGMethodInvocation *context, gpointer user_data); -typedef void (*NMAuthChainCallFunc) (NMAuthChain *chain, - const char *permission, - GError *error, - NMAuthCallResult result, - gpointer user_data); - -NMAuthChain *nm_auth_chain_new (PolkitAuthority *authority, - DBusGMethodInvocation *context, +NMAuthChain *nm_auth_chain_new (DBusGMethodInvocation *context, DBusGProxy *proxy, NMAuthChainResultFunc done_func, gpointer user_data); -NMAuthChain *nm_auth_chain_new_raw_message (PolkitAuthority *authority, - DBusMessage *message, +NMAuthChain *nm_auth_chain_new_raw_message (DBusMessage *message, NMAuthChainResultFunc done_func, gpointer user_data); -NMAuthChain *nm_auth_chain_new_dbus_sender (PolkitAuthority *authority, - const char *dbus_sender, +NMAuthChain *nm_auth_chain_new_dbus_sender (const char *dbus_sender, NMAuthChainResultFunc done_func, gpointer user_data); @@ -112,5 +102,7 @@ gboolean nm_auth_uid_in_acl (NMConnection *connection, gulong uid, char **out_error_desc); +void nm_auth_set_changed_func (GDestroyNotify callback, gpointer callback_data); + #endif /* NM_MANAGER_AUTH_H */ diff --git a/src/nm-manager.c b/src/nm-manager.c index 760179c3aa..6fd2bfd3cc 100644 --- a/src/nm-manager.c +++ b/src/nm-manager.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #include "nm-glib-compat.h" @@ -158,20 +159,6 @@ static GSList * remove_one_device (NMManager *manager, NMDevice *device, gboolean quitting); -/* Fix for polkit 0.97 and later */ -#if !HAVE_POLKIT_AUTHORITY_GET_SYNC -static inline PolkitAuthority * -polkit_authority_get_sync (GCancellable *cancellable, GError **error) -{ - PolkitAuthority *authority; - - authority = polkit_authority_get (); - if (!authority) - g_set_error (error, 0, 0, "failed to get the PolicyKit authority"); - return authority; -} -#endif - #define SSD_POKE_INTERVAL 120 #define ORIGDEV_TAG "originating-device" @@ -183,7 +170,6 @@ struct PendingActivation { NMManager *manager; DBusGMethodInvocation *context; - PolkitAuthority *authority; PendingActivationFunc callback; NMAuthChain *chain; @@ -235,8 +221,6 @@ typedef struct { DBusGProxy *aipd_proxy; DBusGProxy *upower_proxy; - PolkitAuthority *authority; - guint auth_changed_id; GSList *auth_chains; /* Firmware dir monitor */ @@ -677,7 +661,6 @@ try_complete_vpn (NMConnection *connection, GSList *existing, GError **error) static PendingActivation * pending_activation_new (NMManager *manager, - PolkitAuthority *authority, DBusGMethodInvocation *context, const char *device_path, const char *connection_path, @@ -694,7 +677,6 @@ pending_activation_new (NMManager *manager, gboolean success; g_return_val_if_fail (manager != NULL, NULL); - g_return_val_if_fail (authority != NULL, NULL); g_return_val_if_fail (context != NULL, NULL); g_return_val_if_fail (device_path != NULL, NULL); @@ -742,7 +724,6 @@ pending_activation_new (NMManager *manager, pending = g_slice_new0 (PendingActivation); pending->manager = manager; - pending->authority = authority; pending->context = context; pending->callback = callback; @@ -765,31 +746,23 @@ pending_auth_net_done (NMAuthChain *chain, { PendingActivation *pending = user_data; NMAuthCallResult result; + GError *tmp_error = NULL; pending->chain = NULL; - if (error) { - pending->callback (pending, error); - goto out; - } - /* Caller has had a chance to obtain authorization, so we only need to * check for 'yes' here. */ result = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL)); if (result != NM_AUTH_CALL_RESULT_YES) { - error = g_error_new_literal (NM_MANAGER_ERROR, - NM_MANAGER_ERROR_PERMISSION_DENIED, - "Not authorized to control networking."); - pending->callback (pending, error); - g_error_free (error); - goto out; + tmp_error = g_error_new_literal (NM_MANAGER_ERROR, + NM_MANAGER_ERROR_PERMISSION_DENIED, + "Not authorized to control networking."); } - pending->callback (pending, NULL); - -out: + pending->callback (pending, tmp_error); nm_auth_chain_unref (chain); + g_clear_error (&tmp_error); } static void @@ -825,8 +798,7 @@ pending_activation_check_authorized (PendingActivation *pending, /* First check if the user is allowed to use networking at all, giving * the user a chance to authenticate to gain the permission. */ - pending->chain = nm_auth_chain_new (pending->authority, - pending->context, + pending->chain = nm_auth_chain_new (pending->context, NULL, pending_auth_net_done, pending); @@ -1386,7 +1358,7 @@ manager_device_disconnect_request (NMDevice *device, NMAuthChain *chain; /* Otherwise validate the user request */ - chain = nm_auth_chain_new (priv->authority, context, NULL, disconnect_net_auth_done_cb, self); + chain = nm_auth_chain_new (context, NULL, disconnect_net_auth_done_cb, self); g_assert (chain); priv->auth_chains = g_slist_append (priv->auth_chains, chain); @@ -2101,7 +2073,6 @@ impl_manager_activate_connection (NMManager *self, * activate the connection. */ pending = pending_activation_new (self, - priv->authority, context, device_path, connection_path, @@ -2170,7 +2141,6 @@ impl_manager_add_and_activate_connection (NMManager *self, * activate the connection. */ pending = pending_activation_new (self, - priv->authority, context, device_path, NULL, @@ -2234,37 +2204,35 @@ done: static void deactivate_net_auth_done_cb (NMAuthChain *chain, - GError *error, + GError *auth_error, DBusGMethodInvocation *context, gpointer user_data) { NMManager *self = NM_MANAGER (user_data); NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self); - GError *ret_error = NULL; + GError *error = NULL; NMAuthCallResult result; const char *active_path; priv->auth_chains = g_slist_remove (priv->auth_chains, chain); result = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL)); - ret_error = deactivate_disconnect_check_error (error, result, "Deactivate"); - if (ret_error) { - dbus_g_method_return_error (context, ret_error); - g_error_free (ret_error); - goto done; + error = deactivate_disconnect_check_error (auth_error, result, "Deactivate"); + if (!error) { + active_path = nm_auth_chain_get_data (chain, "path"); + if (!nm_manager_deactivate_connection (self, + active_path, + NM_DEVICE_STATE_REASON_USER_REQUESTED, + &error)) + g_assert (error); } - active_path = nm_auth_chain_get_data (chain, "path"); - if (!nm_manager_deactivate_connection (self, - active_path, - NM_DEVICE_STATE_REASON_USER_REQUESTED, - &ret_error)) { - dbus_g_method_return_error (context, ret_error); - g_clear_error (&ret_error); - } else + if (error) + dbus_g_method_return_error (context, error); + else dbus_g_method_return (context); -done: + g_clear_error (&error); nm_auth_chain_unref (chain); } @@ -2340,7 +2308,7 @@ impl_manager_deactivate_connection (NMManager *self, } /* Otherwise validate the user request */ - chain = nm_auth_chain_new (priv->authority, context, NULL, deactivate_net_auth_done_cb, self); + chain = nm_auth_chain_new (context, NULL, deactivate_net_auth_done_cb, self); g_assert (chain); priv->auth_chains = g_slist_append (priv->auth_chains, chain); @@ -2413,25 +2381,6 @@ do_sleep_wake (NMManager *self) nm_manager_update_state (self); } -static gboolean -return_no_pk_error (PolkitAuthority *authority, - const char *detail, - DBusGMethodInvocation *context) -{ - GError *error; - - if (!authority) { - error = g_error_new (NM_MANAGER_ERROR, - NM_MANAGER_ERROR_PERMISSION_DENIED, - "%s request failed: PolicyKit not initialized", - detail); - dbus_g_method_return_error (context, error); - g_error_free (error); - return FALSE; - } - return TRUE; -} - static void _internal_sleep (NMManager *self, gboolean do_sleep) { @@ -2548,10 +2497,7 @@ impl_manager_sleep (NMManager *self, return; } - if (!return_no_pk_error (priv->authority, "Sleep/wake", context)) - return; - - chain = nm_auth_chain_new (priv->authority, context, NULL, sleep_auth_done_cb, self); + chain = nm_auth_chain_new (context, NULL, sleep_auth_done_cb, self); g_assert (chain); priv->auth_chains = g_slist_append (priv->auth_chains, chain); @@ -2686,10 +2632,7 @@ impl_manager_enable (NMManager *self, return; } - if (!return_no_pk_error (priv->authority, "Enable/disable", context)) - return; - - chain = nm_auth_chain_new (priv->authority, context, NULL, enable_net_done_cb, self); + chain = nm_auth_chain_new (context, NULL, enable_net_done_cb, self); g_assert (chain); priv->auth_chains = g_slist_append (priv->auth_chains, chain); @@ -2699,13 +2642,6 @@ impl_manager_enable (NMManager *self, /* Permissions */ -static void -pk_authority_changed_cb (GObject *object, gpointer user_data) -{ - /* Let clients know they should re-check their authorization */ - g_signal_emit (NM_MANAGER (user_data), signals[CHECK_PERMISSIONS], 0); -} - static void get_perm_add_result (NMAuthChain *chain, GHashTable *results, const char *permission) { @@ -2770,10 +2706,7 @@ impl_manager_get_permissions (NMManager *self, NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self); NMAuthChain *chain; - if (!return_no_pk_error (priv->authority, "Permissions", context)) - return; - - chain = nm_auth_chain_new (priv->authority, context, NULL, get_permissions_done_cb, self); + chain = nm_auth_chain_new (context, NULL, get_permissions_done_cb, self); g_assert (chain); priv->auth_chains = g_slist_append (priv->auth_chains, chain); @@ -3057,7 +2990,7 @@ prop_filter (DBusConnection *connection, if (uid > 0) { /* Otherwise validate the user request */ - chain = nm_auth_chain_new_raw_message (priv->authority, message, prop_set_auth_done_cb, self); + chain = nm_auth_chain_new_raw_message (message, prop_set_auth_done_cb, self); g_assert (chain); priv->auth_chains = g_slist_append (priv->auth_chains, chain); nm_auth_chain_set_data (chain, "prop", g_strdup (glib_propname), g_free); @@ -3187,7 +3120,8 @@ dispose (GObject *object) g_slist_foreach (priv->auth_chains, (GFunc) nm_auth_chain_unref, NULL); g_slist_free (priv->auth_chains); - g_object_unref (priv->authority); + + nm_auth_set_changed_func (NULL, NULL); while (g_slist_length (priv->devices)) { priv->devices = remove_one_device (manager, @@ -3463,6 +3397,13 @@ periodic_update_active_connection_timestamps (gpointer user_data) return TRUE; } +static void +authority_changed_cb (gpointer user_data) +{ + /* Let clients know they should re-check their authorization */ + g_signal_emit (NM_MANAGER (user_data), signals[CHECK_PERMISSIONS], 0); +} + static void nm_manager_init (NMManager *manager) { @@ -3470,7 +3411,6 @@ nm_manager_init (NMManager *manager) DBusGConnection *g_connection; guint id, i; GFile *file; - GError *error = NULL; /* Initialize rfkill structures and states */ memset (priv->radio_states, 0, sizeof (priv->radio_states)); @@ -3561,18 +3501,8 @@ nm_manager_init (NMManager *manager) } else nm_log_warn (LOGD_SUSPEND, "could not initialize UPower D-Bus proxy"); - priv->authority = polkit_authority_get_sync (NULL, &error); - if (priv->authority) { - priv->auth_changed_id = g_signal_connect (priv->authority, - "changed", - G_CALLBACK (pk_authority_changed_cb), - manager); - } else { - nm_log_warn (LOGD_CORE, "failed to create PolicyKit authority: (%d) %s", - error ? error->code : -1, - error && error->message ? error->message : "(unknown)"); - g_clear_error (&error); - } + /* Listen for authorization changes */ + nm_auth_set_changed_func (authority_changed_cb, manager); /* Monitor the firmware directory */ if (strlen (KERNEL_FIRMWARE_DIR)) { diff --git a/src/settings/Makefile.am b/src/settings/Makefile.am index 55b5b7ef0c..21dc5bb0ed 100644 --- a/src/settings/Makefile.am +++ b/src/settings/Makefile.am @@ -32,7 +32,6 @@ libsettings_la_SOURCES = \ nm-settings.h \ nm-inotify-helper.c \ nm-inotify-helper.h \ - nm-polkit-helpers.h \ nm-settings-error.c \ nm-settings-error.h \ nm-system-config-interface.c \ diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c index dbc29cae49..5a1dfcba20 100644 --- a/src/settings/nm-agent-manager.c +++ b/src/settings/nm-agent-manager.c @@ -33,7 +33,6 @@ #include "nm-secret-agent.h" #include "nm-manager-auth.h" #include "nm-dbus-glib-types.h" -#include "nm-polkit-helpers.h" #include "nm-manager-auth.h" #include "nm-setting-vpn.h" #include "nm-setting-connection.h" @@ -49,7 +48,6 @@ typedef struct { NMDBusManager *dbus_mgr; NMSessionMonitor *session_monitor; - PolkitAuthority *authority; /* Hashed by owner name, not identifier, since two agents in different * sessions can use the same identifier. @@ -338,7 +336,6 @@ typedef void (*RequestCancelFunc) (Request *req); struct _Request { guint32 reqid; - PolkitAuthority *authority; NMAuthChain *chain; NMConnection *connection; @@ -381,7 +378,6 @@ static guint32 next_req_id = 1; static Request * request_new_get (NMConnection *connection, - PolkitAuthority *authority, gboolean filter_by_uid, gulong uid_filter, GHashTable *existing_secrets, @@ -402,7 +398,6 @@ request_new_get (NMConnection *connection, req = g_malloc0 (sizeof (Request)); req->reqid = next_req_id++; req->connection = g_object_ref (connection); - req->authority = g_object_ref (authority); req->filter_by_uid = filter_by_uid; req->uid_filter = uid_filter; if (existing_secrets) @@ -462,8 +457,6 @@ request_free (Request *req) g_hash_table_unref (req->existing_secrets); if (req->chain) nm_auth_chain_unref (req->chain); - if (req->authority) - g_object_unref (req->authority); memset (req, 0, sizeof (Request)); g_free (req); } @@ -896,8 +889,7 @@ get_next_cb (Request *req) nm_log_dbg (LOGD_AGENTS, "(%p/%s) request has system secrets; checking agent %s for MODIFY", req, req->setting_name, agent_dbus_owner); - req->chain = nm_auth_chain_new_dbus_sender (req->authority, - agent_dbus_owner, + req->chain = nm_auth_chain_new_dbus_sender (agent_dbus_owner, get_agent_modify_auth_cb, req); g_assert (req->chain); @@ -1050,7 +1042,6 @@ nm_agent_manager_get_secrets (NMAgentManager *self, */ req = request_new_get (connection, - priv->authority, filter_by_uid, uid_filter, existing_secrets, @@ -1335,15 +1326,6 @@ static void nm_agent_manager_init (NMAgentManager *self) { NMAgentManagerPrivate *priv = NM_AGENT_MANAGER_GET_PRIVATE (self); - GError *error = NULL; - - priv->authority = polkit_authority_get_sync (NULL, &error); - if (!priv->authority) { - nm_log_warn (LOGD_SETTINGS, "failed to create PolicyKit authority: (%d) %s", - error ? error->code : -1, - error && error->message ? error->message : "(unknown)"); - g_clear_error (&error); - } priv->agents = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_object_unref); priv->requests = g_hash_table_new_full (g_direct_hash, @@ -1365,7 +1347,6 @@ dispose (GObject *object) g_object_unref (priv->session_monitor); g_object_unref (priv->dbus_mgr); - g_object_unref (priv->authority); } G_OBJECT_CLASS (nm_agent_manager_parent_class)->dispose (object); diff --git a/src/settings/nm-polkit-helpers.h b/src/settings/nm-polkit-helpers.h deleted file mode 100644 index d812e94455..0000000000 --- a/src/settings/nm-polkit-helpers.h +++ /dev/null @@ -1,41 +0,0 @@ -/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ -/* NetworkManager system settings service - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - * (C) Copyright 2008 Novell, Inc. - * (C) Copyright 2008 - 2010 Red Hat, Inc. - */ - -#ifndef NM_POLKIT_HELPERS_H -#define NM_POLKIT_HELPERS_H - -#include - -/* Fix for polkit 0.97 and later */ -#if !HAVE_POLKIT_AUTHORITY_GET_SYNC -static inline PolkitAuthority * -polkit_authority_get_sync (GCancellable *cancellable, GError **error) -{ - PolkitAuthority *authority; - - authority = polkit_authority_get (); - if (!authority) - g_set_error (error, 0, 0, "failed to get the PolicyKit authority"); - return authority; -} -#endif - -#endif /* NM_POLKIT_HELPERS_H */ diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 5667d1c41a..2037b89430 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -34,7 +34,6 @@ #include "nm-dbus-manager.h" #include "nm-settings-error.h" #include "nm-dbus-glib-types.h" -#include "nm-polkit-helpers.h" #include "nm-logging.h" #include "nm-manager-auth.h" #include "nm-marshal.h" @@ -83,7 +82,6 @@ typedef struct { NMDBusManager *dbus_mgr; NMAgentManager *agent_mgr; - PolkitAuthority *authority; GSList *pending_auths; /* List of pending authentication requests */ NMConnection *secrets; gboolean visible; /* Is this connection is visible by some session? */ @@ -852,7 +850,7 @@ auth_start (NMSettingsConnection *self, } if (check_permission) { - chain = nm_auth_chain_new (priv->authority, context, NULL, pk_auth_cb, self); + chain = nm_auth_chain_new (context, NULL, pk_auth_cb, self); g_assert (chain); nm_auth_chain_set_data (chain, "perm", (gpointer) check_permission, NULL); nm_auth_chain_set_data (chain, "callback", callback, NULL); @@ -1371,18 +1369,9 @@ nm_settings_connection_init (NMSettingsConnection *self) NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); static guint32 dbus_counter = 0; char *dbus_path; - GError *error = NULL; priv->dbus_mgr = nm_dbus_manager_get (); - priv->authority = polkit_authority_get_sync (NULL, &error); - if (!priv->authority) { - nm_log_warn (LOGD_SETTINGS, "failed to create PolicyKit authority: (%d) %s", - error ? error->code : -1, - error && error->message ? error->message : "(unknown)"); - g_clear_error (&error); - } - dbus_path = g_strdup_printf ("%s/%u", NM_DBUS_PATH_SETTINGS, dbus_counter++); nm_connection_set_path (NM_CONNECTION (self), dbus_path); g_free (dbus_path); @@ -1429,7 +1418,6 @@ dispose (GObject *object) g_object_unref (priv->session_monitor); g_object_unref (priv->agent_mgr); g_object_unref (priv->dbus_mgr); - g_object_unref (priv->authority); out: G_OBJECT_CLASS (nm_settings_connection_parent_class)->dispose (object); diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c index 87fa4b6c9c..8ce90ffb75 100644 --- a/src/settings/nm-settings.c +++ b/src/settings/nm-settings.c @@ -56,7 +56,6 @@ #include "nm-dbus-glib-types.h" #include "nm-settings.h" #include "nm-settings-connection.h" -#include "nm-polkit-helpers.h" #include "nm-settings-error.h" #include "nm-default-wired-connection.h" #include "nm-logging.h" @@ -114,8 +113,6 @@ typedef struct { NMAgentManager *agent_mgr; - PolkitAuthority *authority; - guint auth_changed_id; char *config_file; NMSessionMonitor *session_monitor; @@ -999,7 +996,7 @@ nm_settings_add_connection (NMSettings *self, perm = NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM; /* Otherwise validate the user request */ - chain = nm_auth_chain_new (priv->authority, context, NULL, pk_add_cb, self); + chain = nm_auth_chain_new (context, NULL, pk_add_cb, self); g_assert (chain); priv->auths = g_slist_append (priv->auths, chain); nm_auth_chain_add_call (chain, perm, TRUE); @@ -1111,7 +1108,7 @@ impl_settings_save_hostname (NMSettings *self, } /* Otherwise validate the user request */ - chain = nm_auth_chain_new (priv->authority, context, NULL, pk_hostname_cb, self); + chain = nm_auth_chain_new (context, NULL, pk_hostname_cb, self); g_assert (chain); priv->auths = g_slist_append (priv->auths, chain); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_HOSTNAME, TRUE); @@ -1476,18 +1473,9 @@ static void nm_settings_init (NMSettings *self) { NMSettingsPrivate *priv = NM_SETTINGS_GET_PRIVATE (self); - GError *error = NULL; priv->connections = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, g_object_unref); - priv->authority = polkit_authority_get_sync (NULL, &error); - if (!priv->authority) { - nm_log_warn (LOGD_SETTINGS, "failed to create PolicyKit authority: (%d) %s", - error ? error->code : -1, - error && error->message ? error->message : "(unknown)"); - g_clear_error (&error); - } - priv->session_monitor = nm_session_monitor_get (); /* Hold a reference to the agent manager so it stays alive; the only @@ -1505,11 +1493,6 @@ dispose (GObject *object) NMSettingsPrivate *priv = NM_SETTINGS_GET_PRIVATE (self); GSList *iter; - if (priv->auth_changed_id) { - g_signal_handler_disconnect (priv->authority, priv->auth_changed_id); - priv->auth_changed_id = 0; - } - for (iter = priv->auths; iter; iter = g_slist_next (iter)) nm_auth_chain_unref ((NMAuthChain *) iter->data); g_slist_free (priv->auths);