std::string getDaemonConfigPath()
{
USBGUARD_LOG(Trace);
const char * const envval = getenv("USBGUARD_DAEMON_CONF");
if (envval != nullptr) {
USBGUARD_LOG(Debug) << "Returning environment variable path: " << envval;
return std::string(envval);
}
else {
USBGUARD_LOG(Debug) << "Returning build-time path: " << USBGUARD_DAEMON_CONF_PATH;
return std::string(USBGUARD_DAEMON_CONF_PATH);
}
}
std::string getIPCAccessControlFileBasename(const std::string& name, bool is_group)
{
USBGUARD_LOG(Trace) << "name=" << name << " is_group=" << is_group;
std::string basename;
if (is_group) {
basename.append(":");
}
basename.append(name);
return basename;
}
void wait()
{
if (_thread.joinable()) {
try {
_thread.join();
} catch(const std::system_error& ex) {
USBGUARD_LOG(Error) << ex.what();
throw;
}
}
_stop_request = false;
}
std::string getIPCAccessControlFilesPath()
{
USBGUARD_LOG(Trace);
const std::string daemon_conf_path = getDaemonConfigPath();
ConfigFile daemon_conf;
daemon_conf.open(daemon_conf_path);
if (daemon_conf.hasSettingValue("IPCAccessControlFiles")) {
return daemon_conf.getSettingValue("IPCAccessControlFiles");
}
throw Exception("getIPCAccessControlFilesPath", daemon_conf_path, "IPCAccessControlFiles not set");
}
int main(int argc, char *argv[])
{
QApplication a(argc, argv);
QTranslator translator;
USBGUARD_LOG(Debug) << "Loading translations for locale: "
<< QLocale::system().name().toStdString();
if (translator.load(QLocale::system(),
/*filename=*/QString(),
/*prefix=*/QString(),
/*directory=*/":/translations",
/*suffix=*/".qm")) {
a.installTranslator(&translator);
}
else {
USBGUARD_LOG(Debug) << "Translations not available for the current locale.";
}
MainWindow w;
a.setQuitOnLastWindowClosed(false);
return a.exec();
}
int usbguard_remove_user(int argc, char *argv[])
{
int opt = 0;
bool opt_is_group = false;
bool opt_no_root_check = false;
while ((opt = getopt_long(argc, argv, options_short, options_long, nullptr)) != -1) {
switch(opt) {
case 'u':
opt_is_group = false;
break;
case 'g':
opt_is_group = true;
break;
case 'h':
showHelp(std::cout);
return EXIT_SUCCESS;
case 'N':
opt_no_root_check = true;
break;
case '?':
showHelp(std::cerr);
default:
return EXIT_FAILURE;
}
}
argv += optind;
argc -= optind;
if (argc != 1) {
showHelp(std::cerr);
return EXIT_FAILURE;
}
if (!opt_no_root_check) {
if (!(getuid() == 0 && geteuid() == 0)) {
USBGUARD_LOG(Error) << "This subcommand requires root privileges. Please retry as root.";
return EXIT_FAILURE;
}
}
const std::string name(argv[0]);
const std::string path(getIPCAccessControlFilesPath());
removeIPCAccessControlFile(path, name, opt_is_group);
return EXIT_SUCCESS;
}
int usbguard_add_user(int argc, char *argv[])
{
int opt = 0;
bool opt_is_group = false;
bool opt_no_root_check = false;
IPCServer::AccessControl access_control;
while ((opt = getopt_long(argc, argv, options_short, options_long, nullptr)) != -1) {
switch(opt) {
case 'h':
showHelp(std::cout);
return EXIT_SUCCESS;
case 'u':
opt_is_group = false;
break;
case 'g':
opt_is_group = true;
break;
case 'p':
access_control.merge(std::string("Policy=").append(optarg));
break;
case 'd':
access_control.merge(std::string("Devices=").append(optarg));
break;
case 'e':
access_control.merge(std::string("Exceptions=").append(optarg));
break;
case 'P':
access_control.merge(std::string("Parameters=").append(optarg));
break;
case 'N':
opt_no_root_check = true;
break;
case '?':
showHelp(std::cerr);
default:
return EXIT_FAILURE;
}
}
argv += optind;
argc -= optind;
if (argc != 1) {
showHelp(std::cerr);
return EXIT_FAILURE;
}
if (!opt_no_root_check) {
if (!(getuid() == 0 && geteuid() == 0)) {
USBGUARD_LOG(Error) << "This subcommand requires root privileges. Please retry as root.";
return EXIT_FAILURE;
}
}
const std::string name(argv[0]);
const std::string path(getIPCAccessControlFilesPath());
createIPCAccessControlFile(path, name, opt_is_group, access_control);
return EXIT_SUCCESS;
}
