static char * _fprint_device_check_for_username (FprintDevice *rdev, DBusGMethodInvocation *context, const char *username, char **ret_sender, GError **error) { DBusConnection *conn; DBusError dbus_error; char *sender; unsigned long uid; struct passwd *user; char *client_username; /* Get details about the current sender, and username/uid */ conn = dbus_g_connection_get_connection (fprintd_dbus_conn); sender = dbus_g_method_get_sender (context); dbus_error_init (&dbus_error); uid = dbus_bus_get_unix_user (conn, sender, &dbus_error); if (dbus_error_is_set(&dbus_error)) { g_free (sender); dbus_set_g_error (error, &dbus_error); return NULL; } user = getpwuid (uid); if (user == NULL) { g_free (sender); g_set_error(error, FPRINT_ERROR, FPRINT_ERROR_INTERNAL, "Failed to get information about user UID %lu", uid); return NULL; } client_username = g_strdup (user->pw_name); /* The current user is usually allowed to access their * own data, this should be followed by PolicyKit checks * anyway */ if (username == NULL || *username == '\0' || g_str_equal (username, client_username)) { if (ret_sender != NULL) *ret_sender = sender; else g_free (sender); return client_username; } /* If we're not allowed to set a different username, * then fail */ if (_fprint_device_check_polkit_for_action (rdev, context, "net.reactivated.fprint.device.setusername", error) == FALSE) { g_free (sender); return NULL; } if (ret_sender != NULL) *ret_sender = sender; else g_free (sender); return g_strdup (username); }
static char * gconf_address_for_caller (GConfDefaults *mechanism, DBusGMethodInvocation *context, GError **gerror) { char *sender; DBusConnection *conn; uid_t uid; struct passwd *pwd; char *result; DBusError error; conn = dbus_g_connection_get_connection (mechanism->priv->system_bus_connection); sender = dbus_g_method_get_sender (context); dbus_error_init (&error); uid = dbus_bus_get_unix_user (conn, sender, &error); g_free (sender); if (uid == (unsigned)-1) { dbus_set_g_error (gerror, &error); dbus_error_free (&error); return NULL; } pwd = getpwuid (uid); if (pwd == NULL) { g_set_error (gerror, 0, 0, "Failed to get passwd information for uid %d", uid); return NULL; } result = g_strconcat ("xml:merged:", pwd->pw_dir, "/.gconf", NULL); return result; }
static long get_remote_uid(DBusMessage* call, const char** ppSender) { DBusError err; dbus_error_init(&err); const char* sender = dbus_message_get_sender(call); if (ppSender) *ppSender = sender; long uid = dbus_bus_get_unix_user(g_dbus_conn, sender, &err); if (dbus_error_is_set(&err)) { dbus_error_free(&err); error_msg("Can't determine remote uid, assuming 0"); return 0; } return uid; }
gboolean bm_auth_get_caller_uid (DBusGMethodInvocation *context, BMDBusManager *dbus_mgr, gulong *out_uid, const char **out_error_desc) { DBusConnection *connection; char *sender = NULL; gboolean success = FALSE; DBusError dbus_error; g_return_val_if_fail (context != NULL, FALSE); g_return_val_if_fail (dbus_mgr != NULL, FALSE); g_return_val_if_fail (out_uid != NULL, FALSE); *out_uid = G_MAXULONG; sender = dbus_g_method_get_sender (context); if (!sender) { if (out_error_desc) *out_error_desc = "Could not determine D-Bus requestor"; goto out; } connection = bm_dbus_manager_get_dbus_connection (dbus_mgr); if (!connection) { if (out_error_desc) *out_error_desc = "Could not get the D-Bus system bus"; goto out; } dbus_error_init (&dbus_error); /* FIXME: do this async */ *out_uid = dbus_bus_get_unix_user (connection, sender, &dbus_error); if (dbus_error_is_set (&dbus_error)) { if (out_error_desc) *out_error_desc = "Could not determine the user ID of the requestor"; dbus_error_free (&dbus_error); *out_uid = G_MAXULONG; } else success = TRUE; out: g_free (sender); return success; }
gboolean bm_auth_uid_authorized (gulong uid, BMDBusManager *dbus_mgr, DBusGProxy *user_proxy, const char **out_error_desc) { DBusConnection *connection; DBusError dbus_error; char *service_owner = NULL; const char *service_name; gulong service_uid = G_MAXULONG; g_return_val_if_fail (dbus_mgr != NULL, FALSE); g_return_val_if_fail (out_error_desc != NULL, FALSE); /* Ensure the request to activate the user connection came from the * same session as the user settings service. FIXME: use ConsoleKit * too. */ if (!user_proxy) { *out_error_desc = "No user settings service available"; return FALSE; } service_name = dbus_g_proxy_get_bus_name (user_proxy); if (!service_name) { *out_error_desc = "Could not determine user settings service name"; return FALSE; } connection = bm_dbus_manager_get_dbus_connection (dbus_mgr); if (!connection) { *out_error_desc = "Could not get the D-Bus system bus"; return FALSE; } service_owner = bm_dbus_manager_get_name_owner (dbus_mgr, service_name, NULL); if (!service_owner) { *out_error_desc = "Could not determine D-Bus owner of the user settings service"; return FALSE; } dbus_error_init (&dbus_error); service_uid = dbus_bus_get_unix_user (connection, service_owner, &dbus_error); g_free (service_owner); if (dbus_error_is_set (&dbus_error)) { dbus_error_free (&dbus_error); *out_error_desc = "Could not determine the Unix UID of the sender of the request"; return FALSE; } /* And finally, the actual UID check */ if (uid != service_uid) { *out_error_desc = "Requestor UID does not match the UID of the user settings service"; return FALSE; } return TRUE; }
//! Check if sender is allowed to call method int policy_check(const char *sender, const char *action, PolKitResult *result) { /*! * * @sender Bus name of the sender * @result PK result * @return 0 on success, 1 on error */ DBusConnection *conn; DBusError err; PolKitContext *polkit_ctx; PolKitCaller *polkit_clr; PolKitAction *polkit_act; PolKitError *perr; int uid = -1; *result = (PolKitResult) POLKIT_RESULT_NO; dbus_error_init(&err); conn = dbus_bus_get_private(DBUS_BUS_SYSTEM, &err); if (dbus_error_is_set(&err)) { log_error("Unable to open connection to query PolicyKit: %s\n", err.message); dbus_error_free(&err); return -1; } // If UID is 0, don't query PolicyKit uid = dbus_bus_get_unix_user(conn, sender, &err); if (dbus_error_is_set(&err)) { log_error("Unable to get caller UID: %s\n", err.message); dbus_error_free(&err); return -1; } if (uid == 0) { *result = (PolKitResult) POLKIT_RESULT_YES; return 0; } polkit_ctx = polkit_context_new(); if (!polkit_context_init(polkit_ctx, &perr)) { log_error("Unable to initialize PK context: %s\n", polkit_error_get_error_message(perr)); polkit_error_free(perr); return -1; } polkit_clr = polkit_caller_new_from_dbus_name(conn, sender, &err); if (dbus_error_is_set(&err)) { log_error("Unable to get caller info: %s\n", err.message); dbus_error_free(&err); return -1; } if (!polkit_action_validate_id(action)) { log_error("Unable to query PolicyKit, action is not valid: %s\n", action); return -1; } polkit_act = polkit_action_new(); polkit_action_set_action_id(polkit_act, action); *result = polkit_context_is_caller_authorized(polkit_ctx, polkit_act, polkit_clr, FALSE, &perr); return 0; }
static DBusHandlerResult session_message_dispatch( Session *s, DBusConnection *connection, DBusMessage *message) { const BusProperty properties[] = { { "org.freedesktop.login1.Session", "Id", bus_property_append_string, "s", s->id }, { "org.freedesktop.login1.Session", "User", bus_session_append_user, "(uo)", s }, { "org.freedesktop.login1.Session", "Name", bus_property_append_string, "s", s->user->name }, { "org.freedesktop.login1.Session", "Timestamp", bus_property_append_usec, "t", &s->timestamp.realtime }, { "org.freedesktop.login1.Session", "TimestampMonotonic", bus_property_append_usec, "t", &s->timestamp.monotonic }, { "org.freedesktop.login1.Session", "ControlGroupPath", bus_property_append_string, "s", s->cgroup_path }, { "org.freedesktop.login1.Session", "VTNr", bus_property_append_uint32, "u", &s->vtnr }, { "org.freedesktop.login1.Session", "Seat", bus_session_append_seat, "(so)", s }, { "org.freedesktop.login1.Session", "TTY", bus_property_append_string, "s", s->tty }, { "org.freedesktop.login1.Session", "Display", bus_property_append_string, "s", s->display }, { "org.freedesktop.login1.Session", "Remote", bus_property_append_bool, "b", &s->remote }, { "org.freedesktop.login1.Session", "RemoteUser", bus_property_append_string, "s", s->remote_user }, { "org.freedesktop.login1.Session", "RemoteHost", bus_property_append_string, "s", s->remote_host }, { "org.freedesktop.login1.Session", "Service", bus_property_append_string, "s", s->service }, { "org.freedesktop.login1.Session", "Leader", bus_property_append_pid, "u", &s->leader }, { "org.freedesktop.login1.Session", "Audit", bus_property_append_uint32, "u", &s->audit_id }, { "org.freedesktop.login1.Session", "Type", bus_session_append_type, "s", &s->type }, { "org.freedesktop.login1.Session", "Active", bus_session_append_active, "b", s }, { "org.freedesktop.login1.Session", "Controllers", bus_property_append_strv, "as", s->controllers }, { "org.freedesktop.login1.Session", "ResetControllers", bus_property_append_strv, "as", s->reset_controllers }, { "org.freedesktop.login1.Session", "KillProcesses", bus_property_append_bool, "b", &s->kill_processes }, { "org.freedesktop.login1.Session", "IdleHint", bus_session_append_idle_hint, "b", s }, { "org.freedesktop.login1.Session", "IdleSinceHint", bus_session_append_idle_hint_since, "t", s }, { "org.freedesktop.login1.Session", "IdleSinceHintMonotonic", bus_session_append_idle_hint_since, "t", s }, { NULL, NULL, NULL, NULL, NULL } }; DBusError error; DBusMessage *reply = NULL; int r; assert(s); assert(connection); assert(message); dbus_error_init(&error); if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "Terminate")) { r = session_stop(s); if (r < 0) return bus_send_error_reply(connection, message, NULL, r); reply = dbus_message_new_method_return(message); if (!reply) goto oom; } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "Activate")) { r = session_activate(s); if (r < 0) return bus_send_error_reply(connection, message, NULL, r); reply = dbus_message_new_method_return(message); if (!reply) goto oom; } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "Lock") || dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "Unlock")) { if (session_send_signal(s, streq(dbus_message_get_member(message), "Lock")) < 0) goto oom; reply = dbus_message_new_method_return(message); if (!reply) goto oom; } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "SetIdleHint")) { dbus_bool_t b; unsigned long ul; if (!dbus_message_get_args( message, &error, DBUS_TYPE_BOOLEAN, &b, DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); ul = dbus_bus_get_unix_user(connection, dbus_message_get_sender(message), &error); if (ul == (unsigned long) -1) return bus_send_error_reply(connection, message, &error, -EIO); if (ul != 0 && ul != s->user->uid) return bus_send_error_reply(connection, message, NULL, -EPERM); session_set_idle_hint(s, b); reply = dbus_message_new_method_return(message); if (!reply) goto oom; } else if (dbus_message_is_method_call(message, "org.freedesktop.login1.Session", "Kill")) { const char *swho; int32_t signo; KillWho who; if (!dbus_message_get_args( message, &error, DBUS_TYPE_STRING, &swho, DBUS_TYPE_INT32, &signo, DBUS_TYPE_INVALID)) return bus_send_error_reply(connection, message, &error, -EINVAL); if (isempty(swho)) who = KILL_ALL; else { who = kill_who_from_string(swho); if (who < 0) return bus_send_error_reply(connection, message, &error, -EINVAL); } if (signo <= 0 || signo >= _NSIG) return bus_send_error_reply(connection, message, &error, -EINVAL); r = session_kill(s, who, signo); if (r < 0) return bus_send_error_reply(connection, message, NULL, r); reply = dbus_message_new_method_return(message); if (!reply) goto oom; } else return bus_default_message_handler(connection, message, INTROSPECTION, INTERFACES_LIST, properties); if (reply) { if (!dbus_connection_send(connection, reply, NULL)) goto oom; dbus_message_unref(reply); } return DBUS_HANDLER_RESULT_HANDLED; oom: if (reply) dbus_message_unref(reply); dbus_error_free(&error); return DBUS_HANDLER_RESULT_NEED_MEMORY; }
int verify_polkit( DBusConnection *c, DBusMessage *request, const char *action, bool interactive, bool *_challenge, DBusError *error) { #ifdef ENABLE_POLKIT DBusMessage *m = NULL, *reply = NULL; const char *unix_process = "unix-process", *pid = "pid", *starttime = "start-time", *cancel_id = ""; uint32_t flags = interactive ? 1 : 0; pid_t pid_raw; uint32_t pid_u32; unsigned long long starttime_raw; uint64_t starttime_u64; DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant; int r; dbus_bool_t authorized = FALSE, challenge = FALSE; #endif const char *sender; unsigned long ul; assert(c); assert(request); sender = dbus_message_get_sender(request); if (!sender) return -EINVAL; ul = dbus_bus_get_unix_user(c, sender, error); if (ul == (unsigned long) -1) return -EINVAL; /* Shortcut things for root, to avoid the PK roundtrip and dependency */ if (ul == 0) return 1; #ifdef ENABLE_POLKIT pid_raw = bus_get_unix_process_id(c, sender, error); if (pid_raw == 0) return -EINVAL; r = get_starttime_of_pid(pid_raw, &starttime_raw); if (r < 0) return r; m = dbus_message_new_method_call( "org.freedesktop.PolicyKit1", "/org/freedesktop/PolicyKit1/Authority", "org.freedesktop.PolicyKit1.Authority", "CheckAuthorization"); if (!m) return -ENOMEM; dbus_message_iter_init_append(m, &iter_msg); pid_u32 = (uint32_t) pid_raw; starttime_u64 = (uint64_t) starttime_raw; if (!dbus_message_iter_open_container(&iter_msg, DBUS_TYPE_STRUCT, NULL, &iter_struct) || !dbus_message_iter_append_basic(&iter_struct, DBUS_TYPE_STRING, &unix_process) || !dbus_message_iter_open_container(&iter_struct, DBUS_TYPE_ARRAY, "{sv}", &iter_array) || !dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict) || !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &pid) || !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant) || !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &pid_u32) || !dbus_message_iter_close_container(&iter_dict, &iter_variant) || !dbus_message_iter_close_container(&iter_array, &iter_dict) || !dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict) || !dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &starttime) || !dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "t", &iter_variant) || !dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT64, &starttime_u64) || !dbus_message_iter_close_container(&iter_dict, &iter_variant) || !dbus_message_iter_close_container(&iter_array, &iter_dict) || !dbus_message_iter_close_container(&iter_struct, &iter_array) || !dbus_message_iter_close_container(&iter_msg, &iter_struct) || !dbus_message_iter_append_basic(&iter_msg, DBUS_TYPE_STRING, &action) || !dbus_message_iter_open_container(&iter_msg, DBUS_TYPE_ARRAY, "{ss}", &iter_array) || !dbus_message_iter_close_container(&iter_msg, &iter_array) || !dbus_message_iter_append_basic(&iter_msg, DBUS_TYPE_UINT32, &flags) || !dbus_message_iter_append_basic(&iter_msg, DBUS_TYPE_STRING, &cancel_id)) { r = -ENOMEM; goto finish; } reply = dbus_connection_send_with_reply_and_block(c, m, -1, error); if (!reply) { /* Treat no PK available as access denied */ if (dbus_error_has_name(error, DBUS_ERROR_SERVICE_UNKNOWN)) { r = -EACCES; dbus_error_free(error); goto finish; } r = -EIO; goto finish; } if (!dbus_message_iter_init(reply, &iter_msg) || dbus_message_iter_get_arg_type(&iter_msg) != DBUS_TYPE_STRUCT) { r = -EIO; goto finish; } dbus_message_iter_recurse(&iter_msg, &iter_struct); if (dbus_message_iter_get_arg_type(&iter_struct) != DBUS_TYPE_BOOLEAN) { r = -EIO; goto finish; } dbus_message_iter_get_basic(&iter_struct, &authorized); if (!dbus_message_iter_next(&iter_struct) || dbus_message_iter_get_arg_type(&iter_struct) != DBUS_TYPE_BOOLEAN) { r = -EIO; goto finish; } dbus_message_iter_get_basic(&iter_struct, &challenge); if (authorized) r = 1; else if (_challenge) { *_challenge = !!challenge; r = 0; } else r = -EPERM; finish: if (m) dbus_message_unref(m); if (reply) dbus_message_unref(reply); return r; #else return -EPERM; #endif }
/** * session_from_dbus: * @parent: parent, * @message: D-Bus message. * * Create a new session, based on the specified D-Bus message. * * Return new Session, or NULL on error. **/ Session * session_from_dbus (const void *parent, NihDBusMessage *message) { const char *sender; DBusError dbus_error; unsigned long unix_user; unsigned long unix_process_id; char root[PATH_MAX]; Session *session; struct passwd *pwd; nih_local char *conf_path = NULL; nih_assert (message != NULL); /* Handle explicit command-line request and alternative request * method (primarily for test framework) to disable session support. */ if (disable_sessions || getenv ("UPSTART_NO_SESSIONS")) return NULL; session_init (); /* Ask D-Bus nicely for the origin uid and/or pid of the caller; * sadly we can't ask the bus daemon for the origin pid, so that * one will just have to stay user-session only. */ dbus_error_init (&dbus_error); sender = dbus_message_get_sender (message->message); if (sender) { unix_user = dbus_bus_get_unix_user (message->connection, sender, &dbus_error); if (unix_user == (unsigned long)-1) { dbus_error_free (&dbus_error); unix_user = 0; } unix_process_id = 0; } else { if (! dbus_connection_get_unix_user (message->connection, &unix_user)) unix_process_id = 0; if (! dbus_connection_get_unix_process_id (message->connection, &unix_process_id)) unix_process_id = 0; } /* If we retrieved a process id, look up the root path for it; * if it's just '/' don't worry so much about it. */ if (unix_process_id) { nih_local char *symlink = NULL; ssize_t len; symlink = NIH_MUST (nih_sprintf (NULL, "/proc/%lu/root", unix_process_id)); len = readlink (symlink, root, sizeof root); if (len < 0) return NULL; root[len] = '\0'; if (! strcmp (root, "/")) { unix_process_id = 0; if (! unix_user) return NULL; } } else if (! unix_user) { /* No process id or user id found, return the NULL session */ return NULL; } if (unix_user) { pwd = getpwuid (unix_user); if (! pwd || ! pwd->pw_dir) { nih_error ("%lu: %s: %s", unix_user, _("Unable to lookup home directory"), strerror (errno)); return NULL; } NIH_MUST (nih_strcat_sprintf (&conf_path, NULL, "%s/%s", pwd->pw_dir, USERCONFDIR)); } /* Now find in the existing Sessions list */ NIH_LIST_FOREACH_SAFE (sessions, iter) { Session *session = (Session *)iter; if (unix_process_id) { if (! session->chroot) continue; /* ignore sessions relating to other chroots */ if (strcmp (session->chroot, root)) continue; } /* ignore sessions relating to other users */ if (unix_user != session->user) continue; /* Found a user with the same uid but different * conf_dir to the existing session user. Either the * original user has been deleted and a new user created * with the same uid, or the original users home * directory has changed since they first started * running jobs. Whatever the reason, we (can only) honour * the new value. * * Since multiple users with the same uid are considered * to be "the same user", invalidate the old path, * allowing the correct new path to be set below. * * Note that there may be a possibility of trouble if * the scenario relates to a deleted user and that original * user still has jobs running. However, if that were the * case, those jobs would likely fail anyway since they * would have no working directory due to the original * users home directory being deleted/changed/made inaccessible. */ if (unix_user && conf_path && session->conf_path && strcmp (conf_path, session->conf_path)) { nih_free (session->conf_path); session->conf_path = NULL; } if (! session->conf_path) session_create_conf_source (session); return session; }
CICallerInfo * ci_tracker_get_info (CITracker *cit, const char *system_bus_unique_name) { CICallerInfo *ci; DBusError error; #ifdef HAVE_CONKIT DBusMessage *message; DBusMessage *reply; DBusMessageIter iter; DBusMessageIter sub_iter; char *dbus_session_name; char *str; int num_elems; #endif /* HAVE_CONKIT */ ci = NULL; if (system_bus_unique_name == NULL) goto error; if (!validate_bus_name (system_bus_unique_name)) goto error; /*HAL_INFO (("=========================")); HAL_INFO (("Looking up CICallerInfo for system_bus_unique_name = %s", system_bus_unique_name));*/ ci = g_hash_table_lookup (cit->connection_name_to_caller_info, system_bus_unique_name); if (ci != NULL) { /*HAL_INFO (("(using cached information)"));*/ goto got_caller_info; } /*HAL_INFO (("(retrieving info from system bus and ConsoleKit)"));*/ ci = caller_info_new (); ci->system_bus_unique_name = g_strdup (system_bus_unique_name); dbus_error_init (&error); ci->uid = dbus_bus_get_unix_user (cit->dbus_connection, system_bus_unique_name, &error); if (ci->uid == ((unsigned long) -1) || dbus_error_is_set (&error)) { HAL_WARNING (("Could not get uid for connection: %s %s", error.name, error.message)); dbus_error_free (&error); goto error; } #ifdef HAVE_CONKIT message = dbus_message_new_method_call ("org.freedesktop.DBus", "/org/freedesktop/DBus/Bus", "org.freedesktop.DBus", "GetConnectionUnixProcessID"); dbus_message_iter_init_append (message, &iter); dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &system_bus_unique_name); dbus_error_init (&error); reply = dbus_connection_send_with_reply_and_block (cit->dbus_connection, message, -1, &error); if (reply == NULL || dbus_error_is_set (&error)) { HAL_WARNING (("Error doing GetConnectionUnixProcessID on Bus: %s: %s", error.name, error.message)); dbus_message_unref (message); if (reply != NULL) dbus_message_unref (reply); dbus_error_free (&error); goto error; } dbus_message_iter_init (reply, &iter); dbus_message_iter_get_basic (&iter, &ci->pid); dbus_message_unref (message); dbus_message_unref (reply); message = dbus_message_new_method_call ("org.freedesktop.DBus", "/org/freedesktop/DBus/Bus", "org.freedesktop.DBus", "GetConnectionSELinuxSecurityContext"); dbus_message_iter_init_append (message, &iter); dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &system_bus_unique_name); reply = dbus_connection_send_with_reply_and_block (cit->dbus_connection, message, -1, &error); /* SELinux might not be enabled */ if (dbus_error_is_set (&error) && strcmp (error.name, "org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown") == 0) { dbus_message_unref (message); if (reply != NULL) dbus_message_unref (reply); dbus_error_init (&error); } else if (reply == NULL || dbus_error_is_set (&error)) { g_warning ("Error doing GetConnectionSELinuxSecurityContext on Bus: %s: %s", error.name, error.message); dbus_message_unref (message); if (reply != NULL) dbus_message_unref (reply); dbus_error_free (&error); goto error; } else { /* TODO: verify signature */ dbus_message_iter_init (reply, &iter); dbus_message_iter_recurse (&iter, &sub_iter); dbus_message_iter_get_fixed_array (&sub_iter, (void *) &str, &num_elems); if (str != NULL && num_elems > 0) ci->selinux_context = g_strndup (str, num_elems); dbus_message_unref (message); dbus_message_unref (reply); } message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit", "/org/freedesktop/ConsoleKit/Manager", "org.freedesktop.ConsoleKit.Manager", "GetSessionForUnixProcess"); dbus_message_iter_init_append (message, &iter); dbus_message_iter_append_basic (&iter, DBUS_TYPE_UINT32, &ci->pid); dbus_error_init (&error); reply = dbus_connection_send_with_reply_and_block (cit->dbus_connection, message, -1, &error); if (reply == NULL || dbus_error_is_set (&error)) { HAL_WARNING (("Error doing GetSessionForUnixProcess on ConsoleKit: %s: %s", error.name, error.message)); dbus_message_unref (message); if (reply != NULL) dbus_message_unref (reply); /* OK, this is not a catastrophe; just means the caller is not a member of any session.. */ dbus_error_free (&error); goto store_caller_info; } dbus_message_iter_init (reply, &iter); dbus_message_iter_get_basic (&iter, &dbus_session_name); ci->session_objpath = g_strdup (dbus_session_name); dbus_message_unref (message); dbus_message_unref (reply); message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit", ci->session_objpath, "org.freedesktop.ConsoleKit.Session", "IsActive"); dbus_error_init (&error); reply = dbus_connection_send_with_reply_and_block (cit->dbus_connection, message, -1, &error); if (reply == NULL || dbus_error_is_set (&error)) { HAL_WARNING (("Error doing IsActive on ConsoleKit: %s: %s", error.name, error.message)); dbus_message_unref (message); if (reply != NULL) dbus_message_unref (reply); dbus_error_free (&error); goto error; } dbus_message_iter_init (reply, &iter); dbus_message_iter_get_basic (&iter, &ci->in_active_session); dbus_message_unref (message); dbus_message_unref (reply); message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit", ci->session_objpath, "org.freedesktop.ConsoleKit.Session", "IsLocal"); dbus_error_init (&error); reply = dbus_connection_send_with_reply_and_block (cit->dbus_connection, message, -1, &error); if (reply == NULL || dbus_error_is_set (&error)) { HAL_WARNING (("Error doing IsLocal on ConsoleKit: %s: %s", error.name, error.message)); dbus_message_unref (message); if (reply != NULL) dbus_message_unref (reply); dbus_error_free (&error); goto error; } dbus_message_iter_init (reply, &iter); dbus_message_iter_get_basic (&iter, &ci->is_local); dbus_message_unref (message); dbus_message_unref (reply); store_caller_info: #endif /* HAVE_CONKIT */ g_hash_table_insert (cit->connection_name_to_caller_info, ci->system_bus_unique_name, ci); got_caller_info: /*HAL_INFO (("system_bus_unique_name = %s", ci->system_bus_unique_name)); HAL_INFO (("uid = %d", ci->uid)); HAL_INFO (("pid = %d", ci->pid)); if (ci->session_objpath != NULL) { HAL_INFO (("session_objpath = %s", ci->session_objpath)); HAL_INFO (("in_active_session = %d", ci->in_active_session)); } else { HAL_INFO ((" (Caller is not in any session)")); } HAL_INFO ((" (keeping CICallerInfo for %d connections)", g_hash_table_size (cit->connection_name_to_caller_info))); HAL_INFO (("========================="));*/ return ci; error: /*HAL_INFO (("========================="));*/ if (ci != NULL) caller_info_free (ci); return NULL; }