
On Thu, Jul 07, 2011 at 03:18:45PM -0600, Jim Fehlig wrote:
Here's a hacked attempt at fixing the build on older distros using polkit0. It works and user is authorized or denied depending on settings in PolicyKit.conf.
Sorry for breaking this. It completely slipped my mind to test this codepath
I'm not too happy with it but haven't yet digested all the changes in rpc and daemon code. In the meantime, hopefully someone can suggest improvements.
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c index 5e1719b..6e9eb2c 100644 --- a/src/rpc/virnetserver.c +++ b/src/rpc/virnetserver.c @@ -39,6 +39,9 @@ #if HAVE_AVAHI # include "virnetservermdns.h" #endif +#if HAVE_POLKIT0 +# include <dbus/dbus.h> +#endif
#define VIR_FROM_THIS VIR_FROM_RPC #define virNetError(code, ...) \ @@ -84,6 +87,10 @@ struct _virNetServer { virNetServerMDNSGroupPtr mdnsGroup; #endif
+#if HAVE_POLKIT0 + DBusConnection *sysbus; +#endif + size_t nservices; virNetServerServicePtr *services;
@@ -270,6 +277,7 @@ virNetServerPtr virNetServerNew(size_t min_workers, size_t max_workers, size_t max_clients, const char *mdnsGroupName, + bool usePolkit, virNetServerClientInitHook clientInitHook) { virNetServerPtr srv; @@ -306,6 +314,25 @@ virNetServerPtr virNetServerNew(size_t min_workers, } #endif
+#if HAVE_POLKIT0 + if (usePolkit) { + DBusError derr; + + dbus_connection_set_change_sigpipe(FALSE); + dbus_threads_init_default(); + + dbus_error_init(&derr); + srv->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr); + if (!(srv->sysbus)) { + VIR_ERROR(_("Failed to connect to system bus for PolicyKit auth: %s"), + derr.message); + dbus_error_free(&derr); + goto error; + } + dbus_connection_set_exit_on_disconnect(srv->sysbus, FALSE); + } +#endif + if (virMutexInit(&srv->lock) < 0) { virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("cannot initialize mutex")); @@ -363,6 +390,14 @@ bool virNetServerIsPrivileged(virNetServerPtr srv) }
+#if HAVE_POLKIT0 +DBusConnection* virNetServerGetDBusConn(virNetServerPtr srv) +{ + return srv->sysbus; +} +#endif + + void virNetServerAutoShutdown(virNetServerPtr srv, unsigned int timeout, virNetServerAutoShutdownFunc func, @@ -747,6 +782,11 @@ void virNetServerFree(virNetServerPtr srv)
VIR_FREE(srv->mdnsGroupName);
+#if HAVE_POLKIT0 + if (srv->sysbus) + dbus_connection_unref(srv->sysbus); +#endif + virNetServerUnlock(srv); virMutexDestroy(&srv->lock); VIR_FREE(srv); diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h index 6e7a21b..d96280e 100644 --- a/src/rpc/virnetserver.h +++ b/src/rpc/virnetserver.h @@ -25,6 +25,9 @@ # define __VIR_NET_SERVER_H__
# include <signal.h> +# if HAVE_POLKIT0 +# include <dbus/dbus.h> +# endif
# include "virnettlscontext.h" # include "virnetserverprogram.h" @@ -38,6 +41,7 @@ virNetServerPtr virNetServerNew(size_t min_workers, size_t max_workers, size_t max_clients, const char *mdnsGroupName, + bool usePolkit, virNetServerClientInitHook clientInitHook);
typedef int (*virNetServerAutoShutdownFunc)(virNetServerPtr srv, void *opaque); @@ -46,6 +50,10 @@ void virNetServerRef(virNetServerPtr srv);
bool virNetServerIsPrivileged(virNetServerPtr srv);
+# if HAVE_POLKIT0 +DBusConnection* virNetServerGetDBusConn(virNetServerPtr srv); +# endif +
I'd like the virNetServer stuff to not have any mention of policy kit in it. So rather than saying 'bool usePolkit', have a 'bool connectDBus', and just remove those HAVE_POLKIT0 conditionals so that the DBus API is always available in virNetServer. The changes you made under daemon/ are all fine Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|