cmd/policykit/polkit-is-privileged.c

18c2aff776a775d34a4c9893a4c72e0434d68e36artem/***************************************************************************
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * CVSID: $Id$
18c2aff776a775d34a4c9893a4c72e0434d68e36artem *
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * polkit-is-privileged.c : Determine if a user has privileges
18c2aff776a775d34a4c9893a4c72e0434d68e36artem *
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * Copyright (C) 2006 David Zeuthen, <david@fubar.dk>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem *
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * This program is free software; you can redistribute it and/or modify
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * it under the terms of the GNU General Public License as published by
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * the Free Software Foundation; either version 2 of the License, or
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * (at your option) any later version.
18c2aff776a775d34a4c9893a4c72e0434d68e36artem *
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * This program is distributed in the hope that it will be useful,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * but WITHOUT ANY WARRANTY; without even the implied warranty of
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * GNU General Public License for more details.
18c2aff776a775d34a4c9893a4c72e0434d68e36artem *
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * You should have received a copy of the GNU General Public License
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * along with this program; if not, write to the Free Software
18c2aff776a775d34a4c9893a4c72e0434d68e36artem * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
18c2aff776a775d34a4c9893a4c72e0434d68e36artem *
18c2aff776a775d34a4c9893a4c72e0434d68e36artem **************************************************************************/
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#ifdef HAVE_CONFIG_H
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#  include <config.h>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#endif
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#include <stdio.h>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#include <stdlib.h>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#include <getopt.h>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#include <dbus/dbus.h>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#include <libpolkit/libpolkit.h>
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artemstatic void
18c2aff776a775d34a4c9893a4c72e0434d68e36artemusage (int argc, char *argv[])
18c2aff776a775d34a4c9893a4c72e0434d68e36artem{
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    fprintf (stderr, "polkit-is-privileged version " PACKAGE_VERSION "\n");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    fprintf (stderr,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "usage : %s -u <uid> -p <privilege> [-r <resource>]\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "        [-s <system-bus-connection-name>]", argv[0]);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    fprintf (stderr,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "Options:\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -u, --user                    Username or user id\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -s, --system-bus-unique-name  Unique system bus connection name\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -r, --resource                Resource\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -p, --privilege               Privilege to test for\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -h, --help                    Show this information and exit\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -v, --verbose                 Verbose operation\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "    -V, --version                 Print version number\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "Queries system policy whether a given user is allowed for a given\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "privilege for a given resource. The resource may be omitted.\n"
18c2aff776a775d34a4c9893a4c72e0434d68e36artem         "\n");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem}
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artemint
18c2aff776a775d34a4c9893a4c72e0434d68e36artemmain (int argc, char *argv[])
18c2aff776a775d34a4c9893a4c72e0434d68e36artem{
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    int rc;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    char *user = NULL;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    char *privilege = NULL;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    char *resource = NULL;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    char *system_bus_unique_name = NULL;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    static const struct option long_options[] = {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"user", required_argument, NULL, 'u'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"system-bus-unique-name", required_argument, NULL, 's'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"resource", required_argument, NULL, 'r'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"privilege", required_argument, NULL, 'p'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"help", no_argument, NULL, 'h'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"verbose", no_argument, NULL, 'v'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {"version", no_argument, NULL, 'V'},
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        {NULL, 0, NULL, 0}
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    };
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    LibPolKitContext *ctx = NULL;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    gboolean is_allowed;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    gboolean is_temporary;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    LibPolKitResult result;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    gboolean is_verbose = FALSE;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    DBusError error;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    DBusConnection *connection = NULL;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    rc = 1;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    while (TRUE) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        int c;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        c = getopt_long (argc, argv, "u:r:p:s:hVv", long_options, NULL);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        if (c == -1)
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        switch (c) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 's':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            system_bus_unique_name = g_strdup (optarg);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 'u':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            user = g_strdup (optarg);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 'r':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            resource = g_strdup (optarg);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 'p':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            privilege = g_strdup (optarg);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 'v':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            is_verbose = TRUE;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 'h':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            usage (argc, argv);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            rc = 0;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        case 'V':
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            printf ("polkit-is-privileged version " PACKAGE_VERSION "\n");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            rc = 0;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        default:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            usage (argc, argv);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    if (user == NULL || privilege == NULL) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        usage (argc, argv);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        return 1;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    if (is_verbose) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        printf ("user      = '%s'\n", user);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        printf ("privilege = '%s'\n", privilege);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        if (resource != NULL)
18c2aff776a775d34a4c9893a4c72e0434d68e36artem            printf ("resource  = '%s'\n", resource);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#ifdef POLKITD_ENABLED
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    dbus_error_init (&error);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    if (connection == NULL) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_warning ("Cannot connect to system message bus");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        return 1;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem#endif /* POLKITD_ENABLED */
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    ctx = libpolkit_new_context (connection);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    if (ctx == NULL) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_warning ("Cannot get libpolkit context");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    result = libpolkit_is_uid_allowed_for_privilege (ctx,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             system_bus_unique_name,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             user,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             privilege,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             resource,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             &is_allowed,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             &is_temporary,
18c2aff776a775d34a4c9893a4c72e0434d68e36artem                             NULL);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    switch (result) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    case LIBPOLKIT_RESULT_OK:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        rc = is_allowed ? 0 : 1;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    case LIBPOLKIT_RESULT_ERROR:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_warning ("Error determing whether user is privileged.");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        break;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    case LIBPOLKIT_RESULT_INVALID_CONTEXT:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_print ("Invalid context.\n");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_print ("Not privileged.\n");
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_print ("No such privilege '%s'.\n", privilege);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    case LIBPOLKIT_RESULT_NO_SUCH_USER:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        g_print ("No such user '%s'.\n", user);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        goto out;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    if (is_verbose) {
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        printf ("result %d\n", result);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        printf ("is_allowed %d\n", is_allowed);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    }
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artemout:
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    if (ctx != NULL)
18c2aff776a775d34a4c9893a4c72e0434d68e36artem        libpolkit_free_context (ctx);
18c2aff776a775d34a4c9893a4c72e0434d68e36artem
18c2aff776a775d34a4c9893a4c72e0434d68e36artem    return rc;
18c2aff776a775d34a4c9893a4c72e0434d68e36artem}
18c2aff776a775d34a4c9893a4c72e0434d68e36artem