9:38 a.m.
On Thu, Jul 07, 2011 at 03:18:45PM -0600, Jim Fehlig wrote:
Here's a hacked attempt at fixing the build on older distros
using
polkit0. It works and user is authorized or denied depending on
settings in PolicyKit.conf.
Sorry for breaking this. It completely slipped my mind to
test this codepath
I'm not too happy with it but haven't yet digested all the
changes in
rpc and daemon code. In the meantime, hopefully someone can suggest
improvements.
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c
index 5e1719b..6e9eb2c 100644
--- a/src/rpc/virnetserver.c
+++ b/src/rpc/virnetserver.c
@@ -39,6 +39,9 @@
#if HAVE_AVAHI
# include "virnetservermdns.h"
#endif
+#if HAVE_POLKIT0
+# include <dbus/dbus.h>
+#endif
#define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
@@ -84,6 +87,10 @@ struct _virNetServer {
virNetServerMDNSGroupPtr mdnsGroup;
#endif
+#if HAVE_POLKIT0
+ DBusConnection *sysbus;
+#endif
+
size_t nservices;
virNetServerServicePtr *services;
@@ -270,6 +277,7 @@ virNetServerPtr virNetServerNew(size_t min_workers,
size_t max_workers,
size_t max_clients,
const char *mdnsGroupName,
+ bool usePolkit,
virNetServerClientInitHook clientInitHook)
{
virNetServerPtr srv;
@@ -306,6 +314,25 @@ virNetServerPtr virNetServerNew(size_t min_workers,
}
#endif
+#if HAVE_POLKIT0
+ if (usePolkit) {
+ DBusError derr;
+
+ dbus_connection_set_change_sigpipe(FALSE);
+ dbus_threads_init_default();
+
+ dbus_error_init(&derr);
+ srv->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr);
+ if (!(srv->sysbus)) {
+ VIR_ERROR(_("Failed to connect to system bus for PolicyKit auth:
%s"),
+ derr.message);
+ dbus_error_free(&derr);
+ goto error;
+ }
+ dbus_connection_set_exit_on_disconnect(srv->sysbus, FALSE);
+ }
+#endif
+
if (virMutexInit(&srv->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot initialize mutex"));
@@ -363,6 +390,14 @@ bool virNetServerIsPrivileged(virNetServerPtr srv)
}
+#if HAVE_POLKIT0
+DBusConnection* virNetServerGetDBusConn(virNetServerPtr srv)
+{
+ return srv->sysbus;
+}
+#endif
+
+
void virNetServerAutoShutdown(virNetServerPtr srv,
unsigned int timeout,
virNetServerAutoShutdownFunc func,
@@ -747,6 +782,11 @@ void virNetServerFree(virNetServerPtr srv)
VIR_FREE(srv->mdnsGroupName);
+#if HAVE_POLKIT0
+ if (srv->sysbus)
+ dbus_connection_unref(srv->sysbus);
+#endif
+
virNetServerUnlock(srv);
virMutexDestroy(&srv->lock);
VIR_FREE(srv);
diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h
index 6e7a21b..d96280e 100644
--- a/src/rpc/virnetserver.h
+++ b/src/rpc/virnetserver.h
@@ -25,6 +25,9 @@
# define __VIR_NET_SERVER_H__
# include <signal.h>
+# if HAVE_POLKIT0
+# include <dbus/dbus.h>
+# endif
# include "virnettlscontext.h"
# include "virnetserverprogram.h"
@@ -38,6 +41,7 @@ virNetServerPtr virNetServerNew(size_t min_workers,
size_t max_workers,
size_t max_clients,
const char *mdnsGroupName,
+ bool usePolkit,
virNetServerClientInitHook clientInitHook);
typedef int (*virNetServerAutoShutdownFunc)(virNetServerPtr srv, void *opaque);
@@ -46,6 +50,10 @@ void virNetServerRef(virNetServerPtr srv);
bool virNetServerIsPrivileged(virNetServerPtr srv);
+# if HAVE_POLKIT0
+DBusConnection* virNetServerGetDBusConn(virNetServerPtr srv);
+# endif
+
I'd like the virNetServer stuff to not have any mention of policy
kit in it. So rather than saying 'bool usePolkit', have a
'bool connectDBus', and just remove those HAVE_POLKIT0 conditionals
so that the DBus API is always available in virNetServer. The changes
you made under daemon/ are all fine
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|