On 01/27/2012 01:34 PM, Cole Robinson wrote:
And hook it up for policykit auth. This allows virt-manager to detect that the user clicked the policykit 'cancel' button and not throw an 'authentication failed' error message at the user. --- daemon/remote.c | 13 +++++++++++-- include/libvirt/virterror.h | 1 + src/util/virterror.c | 6 ++++++ 3 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c index 1ada146..2e813d6 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -2471,6 +2471,8 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED, const char *action; int status = -1; char *ident = NULL; + int authdismissed = 0; + char *pkoutput = NULL; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virCommandPtr cmd = NULL; @@ -2481,6 +2483,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED, "org.libvirt.unix.manage";
cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL); + virCommandSetOutputBuffer(cmd, &pkoutput);
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client)); if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) { @@ -2509,6 +2512,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED, if (virCommandRun(cmd, &status) < 0) goto authfail;
+ authdismissed = (pkoutput && strstr(pkoutput, "dismissed=true")); if (status != 0) { char *tmp = virCommandTranslateStatus(status); VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d: %s"), @@ -2534,8 +2538,13 @@ error: virCommandFree(cmd); VIR_FREE(ident); virResetLastError(); - virNetError(VIR_ERR_AUTH_FAILED, "%s", - _("authentication failed")); + if (authdismissed) { + virNetError(VIR_ERR_AUTH_CANCELLED, "%s", + _("authentication cancelled by user")); + } else { + virNetError(VIR_ERR_AUTH_FAILED, "%s", + _("authentication failed")); + }
This doesn't free pkoutput. Another patch is coming. - Cole