Added polkit support to TDE HW DBus daemon and removed obsolete

"at_console" support.

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
feat/fix-suspend-code
Michele Calgaro 6 years ago
parent 880ff6da35
commit b11c809588
Signed by: MicheleC
GPG Key ID: 2A75B7CA8ADED5CF

@ -1128,6 +1128,14 @@ tde_setup_dbus( dbus-1-tqt )
list( APPEND TDECORE_LIBRARY_DIRS ${DBUS_TQT_LIBRARY_DIRS} )
##### set POLKIT-1 file locations ##################
if( NOT DEFINED POLKIT_ACTIONS_DIRECTORY )
set (POLKIT_ACTIONS_DIRECTORY "/usr/share/polkit-1/actions/" )
message( STATUS "Using " ${POLKIT_ACTIONS_DIRECTORY} " for Polkit-1 policy action files" )
endif( NOT DEFINED POLKIT_ACTIONS_DIRECTORY )
##### Add '[KDE4]' to KDE4 menu items #########
if( WITH_KDE4_MENU_SUFFIX )

@ -9,8 +9,10 @@
#
#################################################
include_directories(
${DBUS_INCLUDE_DIRS}
${DBUS_TQT_INCLUDE_DIRS}
${CMAKE_CURRENT_BINARY_DIR}
${CMAKE_BINARY_DIR}
${CMAKE_CURRENT_SOURCE_DIR}
@ -19,8 +21,8 @@ include_directories(
##### tde_dbus_hardwarecontrol ##################
tde_add_executable( tde_dbus_hardwarecontrol
SOURCES tde_dbus_hardwarecontrol.c
LINK ${DBUS_LIBRARIES}
SOURCES tde_dbus_hardwarecontrol.cpp
LINK ${DBUS_LIBRARIES} ${DBUS_TQT_LIBRARIES} ${TQT_LIBRARIES}
DESTINATION ${BIN_INSTALL_DIR}
)
@ -28,10 +30,11 @@ tde_add_executable( tde_dbus_hardwarecontrol
configure_file( org.trinitydesktop.hardwarecontrol.service.cmake org.trinitydesktop.hardwarecontrol.service @ONLY )
install( FILES
org.trinitydesktop.hardwarecontrol.conf
install( FILES org.trinitydesktop.hardwarecontrol.conf
DESTINATION ${DBUS_SYSTEM_CONF_DIRECTORY} )
install( FILES
${CMAKE_CURRENT_BINARY_DIR}/org.trinitydesktop.hardwarecontrol.service
install( FILES ${CMAKE_CURRENT_BINARY_DIR}/org.trinitydesktop.hardwarecontrol.service
DESTINATION ${DBUS_SERVICE_DIRECTORY} )
install( FILES org.trinitydesktop.hardwarecontrol.policy
DESTINATION ${POLKIT_ACTIONS_DIRECTORY} )

@ -3,14 +3,14 @@
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Only root can own the service -->
<policy user="root">
<allow own="org.trinitydesktop.hardwarecontrol"/>
</policy>
<policy at_console="true">
<!-- Users with physical access to the machine are allowed access -->
<policy context="default">
<allow send_destination="org.trinitydesktop.hardwarecontrol"
send_interface="org.freedesktop.DBus.Introspectable"/>
@ -36,11 +36,4 @@
<allow send_destination="org.trinitydesktop.hardwarecontrol"
send_interface="org.trinitydesktop.hardwarecontrol.Power"/>
</policy>
<policy context="default">
<!-- Everyone else is denied access -->
<deny own="org.trinitydesktop.hardwarecontrol"/>
<deny send_destination="org.trinitydesktop.hardwarecontrol"/>
</policy>
</busconfig>

@ -0,0 +1,60 @@
<?xml version="1.0" encoding="UTF-8"?> <!--*-nxml-*-->
<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
<policyconfig>
<vendor>The Trinity Desktop Environment Project</vendor>
<vendor_url>http://www.trinitydesktop.org</vendor_url>
<action id="org.trinitydesktop.hardwarecontrol.power.freeze">
<description>Freeze the system.</description>
<message>Authentication is required to freeze the system.</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
</action>
<action id="org.trinitydesktop.hardwarecontrol.power.standby">
<description>Put the system in standby mode.</description>
<message>Authentication is required to put the system in standby.</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
</action>
<action id="org.trinitydesktop.hardwarecontrol.power.suspend">
<description>Put the system in suspend mode.</description>
<message>Authentication is required to suspend the system.</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
</action>
<action id="org.trinitydesktop.hardwarecontrol.power.hybridsuspend">
<description>Put the system in hybrid suspend mode.</description>
<message>Authentication is required to put the system in hybrid suspend mode.</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
</action>
<action id="org.trinitydesktop.hardwarecontrol.power.hibernate">
<description>Hibernate the system.</description>
<message>Authentication is required to hibernate the system.</message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
</action>
</policyconfig>

@ -7,12 +7,63 @@
#include <string.h>
#include <fcntl.h>
#include <tqdbusconnection.h>
#include <tqdbusdata.h>
#include <tqdbusdatamap.h>
#include <tqdbuserror.h>
#include <tqdbusmessage.h>
#include <tqdbusproxy.h>
#include <tqdbusvariant.h>
// Input devices
#include <linux/input.h>
#define BITS_PER_LONG (sizeof(long) * 8)
#define NUM_BITS(x) ((((x) - 1) / BITS_PER_LONG) + 1)
bool checkPolKitAuthorization(DBusMessage* msg, const TQString &action_id)
{
if (!msg) {
return false;
}
TQT_DBusConnection dbusConn = TQT_DBusConnection::addConnection(TQT_DBusConnection::SystemBus);
if (!dbusConn.isConnected()) {
return false;
}
TQT_DBusProxy polkitProxy("org.freedesktop.PolicyKit1", "/org/freedesktop/PolicyKit1/Authority",
"org.freedesktop.PolicyKit1.Authority", dbusConn);
if (polkitProxy.canSend()) {
// Check whether the requested action is authorized
TQString sender(dbus_message_get_sender(msg));
TQT_DBusVariant sysname;
sysname.value = TQT_DBusData::fromString(sender);
sysname.signature = sysname.value.buildDBusSignature();
TQT_DBusDataMap<TQString> subjectMap = TQT_DBusDataMap<TQString>();
subjectMap.insert(TQString("name"), TQT_DBusData::fromVariant(sysname));
TQValueList<TQT_DBusData> subjectStruct;
subjectStruct << TQT_DBusData::fromString("system-bus-name");
subjectStruct << TQT_DBusData::fromStringKeyMap(subjectMap);
TQMap<TQString, TQString> detailsMap;
detailsMap.insert(TQString(""), TQString(""));
TQT_DBusDataMap<TQString> dbusDetailsMap(detailsMap);
TQValueList<TQT_DBusData> params;
params << TQT_DBusData::fromStruct(subjectStruct);
params << TQT_DBusData::fromString(action_id);
params << TQT_DBusData::fromStringKeyMap(dbusDetailsMap);
params << TQT_DBusData::fromUInt32(0); // No user interaction
params << TQT_DBusData::fromString(""); // No cancellation
TQT_DBusMessage reply = polkitProxy.sendWithReply("CheckAuthorization", params);
if (reply.type() == TQT_DBusMessage::ReplyMessage && reply.count() == 1) {
return (reply[0].toStruct())[0].toBool();
}
}
return false;
}
void reply_Bool(DBusMessage* msg, DBusConnection* conn, int value) {
DBusMessage* reply;
DBusMessageIter args;
@ -513,7 +564,7 @@ void reply_Introspect(DBusMessage* msg, DBusConnection* conn) {
size_t size = 4096;
const char* member = dbus_message_get_member(msg);
const char *path = dbus_message_get_path(msg);
char *data = malloc(size);
char *data = new char[size];
// compose reply
strncpy(data,
@ -632,7 +683,7 @@ void reply_Introspect(DBusMessage* msg, DBusConnection* conn) {
// free the reply
dbus_message_unref(reply);
free((void*)data);
delete[] data;
}
void reply_PropertiesGetAll(DBusMessage* msg, DBusConnection* conn) {
@ -667,11 +718,8 @@ void reply_PropertiesGetAll(DBusMessage* msg, DBusConnection* conn) {
}
void error_UnknownMessage(DBusMessage* msg, DBusConnection* conn) {
DBusMessage* reply;
dbus_uint32_t serial = 0;
const char* member = dbus_message_get_member(msg);
const char* interface = dbus_message_get_interface(msg);
// print message
fprintf(stderr, "[tde_dbus_hardwarecontrol] Unknown method '%s' called on interface '%s', ignoring\n", member, interface);
if (DBUS_MESSAGE_TYPE_METHOD_CALL != dbus_message_get_type(msg)) {
@ -679,12 +727,13 @@ void error_UnknownMessage(DBusMessage* msg, DBusConnection* conn) {
}
// create a reply from the message
reply = dbus_message_new_error_printf(msg,
DBusMessage* reply = dbus_message_new_error_printf(msg,
"org.freedesktop.DBus.Error.UnknownMethod",
"Method \"%s\" on interface \"%s\" doesn't exist",
member, interface);
// send the reply && flush the connection
dbus_uint32_t serial = 0;
if (!dbus_connection_send(conn, reply, &serial)) {
fprintf(stderr, "[tde_dbus_hardwarecontrol] %s: dbus_connection_send failed\n", member);
return;
@ -695,6 +744,23 @@ void error_UnknownMessage(DBusMessage* msg, DBusConnection* conn) {
dbus_message_unref(reply);
}
void error_PolkitAccessDenied(DBusMessage* msg, DBusConnection* conn) {
// create a reply from the message
DBusMessage* reply = dbus_message_new_error(msg,
"org.freedesktop.DBus.Error.AccessDenied", "Permission denied.");
// send the reply && flush the connection
dbus_uint32_t serial = 0;
if (!dbus_connection_send(conn, reply, &serial)) {
fprintf(stderr, "[tde_dbus_hardwarecontrol] error_PolkitAccessDenied: dbus_connection_send failed\n");
return;
}
dbus_connection_flush(conn);
// free the reply
dbus_message_unref(reply);
}
void listen() {
DBusMessage* msg;
DBusConnection* conn;
@ -753,11 +819,22 @@ void listen() {
reply_SetBrightness(msg, conn);
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "CanFreeze")) {
bool result = CanSetPowerState("freeze", NULL, NULL) || CanSetPowerState("mem", NULL, "s2idle");
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.freeze");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = CanSetPowerState("freeze", NULL, NULL) || CanSetPowerState("mem", NULL, "s2idle");
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "Freeze")) {
bool result = false;
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.freeze");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = false;
if (CanSetPowerState("freeze", NULL, NULL)) {
result = SetPowerState("freeze", NULL, NULL);
}
@ -766,12 +843,24 @@ void listen() {
}
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "CanStandby")) {
bool result = CanSetPowerState("standby", NULL, NULL) || CanSetPowerState("mem", NULL, "shallow");
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.standby");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = CanSetPowerState("standby", NULL, NULL) || CanSetPowerState("mem", NULL, "shallow");
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "Standby")) {
bool result = false;
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.standby");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = false;
if (CanSetPowerState("standby", NULL, NULL)) {
result = SetPowerState("standby", NULL, NULL);
}
@ -780,13 +869,25 @@ void listen() {
}
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "CanSuspend")) {
bool result = (CanSetPowerState("mem", NULL, NULL) && access("/sys/power/mem_sleep", R_OK) != 0) ||
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.suspend");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = (CanSetPowerState("mem", NULL, NULL) && access("/sys/power/mem_sleep", R_OK) != 0) ||
CanSetPowerState("mem", NULL, "deep");
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "Suspend")) {
bool result = false;
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.suspend");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = false;
if (CanSetPowerState("mem", NULL, NULL) && access("/sys/power/mem_sleep", R_OK) != 0) {
result = SetPowerState("mem", NULL, NULL);
}
@ -795,20 +896,44 @@ void listen() {
}
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "CanHybridSuspend")) {
bool result = CanSetPowerState("disk", "suspend", NULL);
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.hybridsuspend");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = CanSetPowerState("disk", "suspend", NULL);
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "HybridSuspend")) {
bool result = SetPowerState("disk", "suspend", NULL);
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.hybridsuspend");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = SetPowerState("disk", "suspend", NULL);
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "CanHibernate")) {
bool result = CanSetPowerState("disk", "shutdown", NULL) || CanSetPowerState("disk", "platform", NULL);
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.hibernate");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = CanSetPowerState("disk", "shutdown", NULL) || CanSetPowerState("disk", "platform", NULL);
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "Hibernate")) {
bool result = false;
bool result = checkPolKitAuthorization(msg, "org.trinitydesktop.hardwarecontrol.power.hibernate");
if (!result) {
error_PolkitAccessDenied(msg, conn);
}
else {
result = false;
if (CanSetPowerState("disk", "shutdown", NULL)) {
result = SetPowerState("disk", "shutdown", NULL);
}
@ -817,6 +942,7 @@ void listen() {
}
reply_Bool(msg, conn, result);
}
}
else if (dbus_message_is_method_call(msg, "org.trinitydesktop.hardwarecontrol.Power", "CanSetHibernationMethod")) {
reply_CanSetHibernationMethod(msg, conn);
}
Loading…
Cancel
Save