1N/A/***************************************************************************
1N/A * CVSID: $Id$
1N/A *
1N/A * polkit-is-privileged.c : Determine if a user has privileges
1N/A *
1N/A * Copyright (C) 2006 David Zeuthen, <david@fubar.dk>
1N/A *
1N/A * This program is free software; you can redistribute it and/or modify
1N/A * it under the terms of the GNU General Public License as published by
1N/A * the Free Software Foundation; either version 2 of the License, or
1N/A * (at your option) any later version.
1N/A *
1N/A * This program is distributed in the hope that it will be useful,
1N/A * but WITHOUT ANY WARRANTY; without even the implied warranty of
1N/A * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1N/A * GNU General Public License for more details.
1N/A *
1N/A * You should have received a copy of the GNU General Public License
1N/A * along with this program; if not, write to the Free Software
1N/A * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
1N/A *
1N/A **************************************************************************/
1N/A
1N/A
1N/A#ifdef HAVE_CONFIG_H
1N/A# include <config.h>
1N/A#endif
1N/A
1N/A#include <stdio.h>
1N/A#include <stdlib.h>
1N/A#include <getopt.h>
1N/A#include <dbus/dbus.h>
1N/A
1N/A#include <libpolkit/libpolkit.h>
1N/A
1N/Astatic void
1N/Ausage (int argc, char *argv[])
1N/A{
1N/A fprintf (stderr, "polkit-is-privileged version " PACKAGE_VERSION "\n");
1N/A
1N/A fprintf (stderr,
1N/A "\n"
1N/A "usage : %s -u <uid> -p <privilege> [-r <resource>]\n"
1N/A " [-s <system-bus-connection-name>]", argv[0]);
1N/A fprintf (stderr,
1N/A "\n"
1N/A "Options:\n"
1N/A " -u, --user Username or user id\n"
1N/A " -s, --system-bus-unique-name Unique system bus connection name\n"
1N/A " -r, --resource Resource\n"
1N/A " -p, --privilege Privilege to test for\n"
1N/A " -h, --help Show this information and exit\n"
1N/A " -v, --verbose Verbose operation\n"
1N/A " -V, --version Print version number\n"
1N/A "\n"
1N/A "Queries system policy whether a given user is allowed for a given\n"
1N/A "privilege for a given resource. The resource may be omitted.\n"
1N/A "\n");
1N/A}
1N/A
1N/Aint
1N/Amain (int argc, char *argv[])
1N/A{
1N/A int rc;
1N/A char *user = NULL;
1N/A char *privilege = NULL;
1N/A char *resource = NULL;
1N/A char *system_bus_unique_name = NULL;
1N/A static const struct option long_options[] = {
1N/A {"user", required_argument, NULL, 'u'},
1N/A {"system-bus-unique-name", required_argument, NULL, 's'},
1N/A {"resource", required_argument, NULL, 'r'},
1N/A {"privilege", required_argument, NULL, 'p'},
1N/A {"help", no_argument, NULL, 'h'},
1N/A {"verbose", no_argument, NULL, 'v'},
1N/A {"version", no_argument, NULL, 'V'},
1N/A {NULL, 0, NULL, 0}
1N/A };
1N/A LibPolKitContext *ctx = NULL;
1N/A gboolean is_allowed;
1N/A gboolean is_temporary;
1N/A LibPolKitResult result;
1N/A gboolean is_verbose = FALSE;
1N/A DBusError error;
1N/A DBusConnection *connection = NULL;
1N/A
1N/A rc = 1;
1N/A
1N/A while (TRUE) {
1N/A int c;
1N/A
1N/A c = getopt_long (argc, argv, "u:r:p:s:hVv", long_options, NULL);
1N/A
1N/A if (c == -1)
1N/A break;
1N/A
1N/A switch (c) {
1N/A case 's':
1N/A system_bus_unique_name = g_strdup (optarg);
1N/A break;
1N/A
1N/A case 'u':
1N/A user = g_strdup (optarg);
1N/A break;
1N/A
1N/A case 'r':
1N/A resource = g_strdup (optarg);
1N/A break;
1N/A
1N/A case 'p':
1N/A privilege = g_strdup (optarg);
1N/A break;
1N/A
1N/A case 'v':
1N/A is_verbose = TRUE;
1N/A break;
1N/A
1N/A case 'h':
1N/A usage (argc, argv);
1N/A rc = 0;
1N/A goto out;
1N/A
1N/A case 'V':
1N/A printf ("polkit-is-privileged version " PACKAGE_VERSION "\n");
1N/A rc = 0;
1N/A goto out;
1N/A
1N/A default:
1N/A usage (argc, argv);
1N/A goto out;
1N/A }
1N/A }
1N/A
1N/A if (user == NULL || privilege == NULL) {
1N/A usage (argc, argv);
1N/A return 1;
1N/A }
1N/A
1N/A if (is_verbose) {
1N/A printf ("user = '%s'\n", user);
1N/A printf ("privilege = '%s'\n", privilege);
1N/A if (resource != NULL)
1N/A printf ("resource = '%s'\n", resource);
1N/A }
1N/A
1N/A#ifdef POLKITD_ENABLED
1N/A dbus_error_init (&error);
1N/A connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
1N/A if (connection == NULL) {
1N/A g_warning ("Cannot connect to system message bus");
1N/A return 1;
1N/A }
1N/A#endif /* POLKITD_ENABLED */
1N/A
1N/A ctx = libpolkit_new_context (connection);
1N/A if (ctx == NULL) {
1N/A g_warning ("Cannot get libpolkit context");
1N/A goto out;
1N/A }
1N/A
1N/A result = libpolkit_is_uid_allowed_for_privilege (ctx,
1N/A system_bus_unique_name,
1N/A user,
1N/A privilege,
1N/A resource,
1N/A &is_allowed,
1N/A &is_temporary,
1N/A NULL);
1N/A switch (result) {
1N/A case LIBPOLKIT_RESULT_OK:
1N/A rc = is_allowed ? 0 : 1;
1N/A break;
1N/A
1N/A case LIBPOLKIT_RESULT_ERROR:
1N/A g_warning ("Error determing whether user is privileged.");
1N/A break;
1N/A
1N/A case LIBPOLKIT_RESULT_INVALID_CONTEXT:
1N/A g_print ("Invalid context.\n");
1N/A goto out;
1N/A
1N/A case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
1N/A g_print ("Not privileged.\n");
1N/A
1N/A case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
1N/A g_print ("No such privilege '%s'.\n", privilege);
1N/A goto out;
1N/A
1N/A case LIBPOLKIT_RESULT_NO_SUCH_USER:
1N/A g_print ("No such user '%s'.\n", user);
1N/A goto out;
1N/A }
1N/A
1N/A if (is_verbose) {
1N/A printf ("result %d\n", result);
1N/A printf ("is_allowed %d\n", is_allowed);
1N/A }
1N/A
1N/Aout:
1N/A if (ctx != NULL)
1N/A libpolkit_free_context (ctx);
1N/A
1N/A return rc;
1N/A}
1N/A