diff options
-rw-r--r-- | lib/Plugins/CCpp.cpp | 40 | ||||
-rw-r--r-- | lib/Utils/Polkit.cpp | 77 |
2 files changed, 72 insertions, 45 deletions
diff --git a/lib/Plugins/CCpp.cpp b/lib/Plugins/CCpp.cpp index 2f8d3559..65851cb8 100644 --- a/lib/Plugins/CCpp.cpp +++ b/lib/Plugins/CCpp.cpp @@ -24,6 +24,8 @@ #include "ABRTException.h" #include "DebugDump.h" #include "CommLayerInner.h" +#include "Polkit.h" +#include <sys/wait.h> #include <fstream> #include <sstream> #include <set> @@ -467,12 +469,46 @@ std::string CAnalyzerCCpp::GetGlobalUUID(const std::string& pDebugDumpDir) return CreateHash(package + executable + independentBacktrace); } +static bool DebuginfoCheckPolkit(int uid) +{ + PolkitResult result; + int child_pid; + + child_pid = fork(); + + if (child_pid == 0) + { + //child + setuid(uid); + result = polkit_check_authorization(getpid(), + "org.fedoraproject.abrt.change-daemon-settings"); + if (result == PolkitYes) + { + exit(0); //authentication OK + } + exit(1); + } else + { + //parent + int status; + + waitpid(child_pid, &status, 0); + if (WEXITSTATUS(status) == 0) + { + return true; //authentication OK + } + return false; + } + +} + void CAnalyzerCCpp::CreateReport(const std::string& pDebugDumpDir) { update_client(_("Starting report creation...")); std::string package; std::string backtrace; + std::string UID; CDebugDump dd; dd.Open(pDebugDumpDir); @@ -481,10 +517,12 @@ void CAnalyzerCCpp::CreateReport(const std::string& pDebugDumpDir) return; } dd.LoadText(FILENAME_PACKAGE, package); + dd.LoadText(FILENAME_UID, UID); dd.Close(); map_plugin_settings_t settings = GetSettings(); - if (settings["InstallDebuginfo"] == "yes") + if (settings["InstallDebuginfo"] == "yes" && + DebuginfoCheckPolkit(atoi(UID.c_str())) ) { InstallDebugInfos(package); } diff --git a/lib/Utils/Polkit.cpp b/lib/Utils/Polkit.cpp index ea2316a2..a5541c9f 100644 --- a/lib/Utils/Polkit.cpp +++ b/lib/Utils/Polkit.cpp @@ -25,24 +25,38 @@ #include <unistd.h> #include "Polkit.h" +#include "abrtlib.h" -PolkitResult polkit_check_authorization(const char *dbus_name, const char *action_id) +/*number of seconds: timeout for the authorization*/ +#define POLKIT_TIMEOUT 20 + +static gboolean do_cancel(GCancellable* cancellable) +{ + log("Timer has expired; cancelling authorization check\n"); + g_cancellable_cancel(cancellable); + return FALSE; +} + +static PolkitResult do_check(PolkitSubject *subject, const char *action_id) { PolkitAuthority *authority; - PolkitSubject *subject; PolkitAuthorizationResult *result; GError *error = NULL; + GCancellable * cancellable; - g_type_init(); authority = polkit_authority_get(); - subject = polkit_system_bus_name_new(dbus_name); + cancellable = g_cancellable_new(); + + g_timeout_add (POLKIT_TIMEOUT * 1000, + (GSourceFunc) do_cancel, + cancellable); result = polkit_authority_check_authorization_sync(authority, subject, action_id, NULL, POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, - NULL, + cancellable, &error); if (error) @@ -53,53 +67,28 @@ PolkitResult polkit_check_authorization(const char *dbus_name, const char *actio if (result) { - if (polkit_authorization_result_get_is_challenge(result)) + if (polkit_authorization_result_get_is_challenge(result)) /* Can't happen (happens only with * POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE flag) */ - return PolkitChallenge; - if (polkit_authorization_result_get_is_authorized(result)) - return PolkitYes; - return PolkitNo; + return PolkitChallenge; + if (polkit_authorization_result_get_is_authorized(result)) + return PolkitYes; + return PolkitNo; } return PolkitUnknown; } -PolkitResult polkit_check_authorization(pid_t pid, const char *action_id) +PolkitResult polkit_check_authorization(const char *dbus_name, const char *action_id) { - PolkitAuthority *authority; - PolkitSubject *subject; - PolkitAuthorizationResult *result; - GError *error = NULL; - g_type_init(); - authority = polkit_authority_get(); - subject = polkit_unix_process_new(pid); - - result = polkit_authority_check_authorization_sync(authority, - subject, - action_id, - NULL, - POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, - NULL, - &error); - - if (error) - { - g_error_free(error); - return PolkitUnknown; - } - - if (result) - { - if (polkit_authorization_result_get_is_challenge(result)) - /* Can't happen (happens only with - * POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE flag) */ - return PolkitChallenge; - if (polkit_authorization_result_get_is_authorized(result)) - return PolkitYes; - return PolkitNo; - } + PolkitSubject *subject = polkit_system_bus_name_new(dbus_name); + return do_check(subject, action_id); +} - return PolkitUnknown; +PolkitResult polkit_check_authorization(pid_t pid, const char *action_id) +{ + g_type_init(); + PolkitSubject *subject = polkit_unix_process_new(pid); + return do_check(subject, action_id); } |