solaris-desktop/patches/accountsservice-01-polkit.diff

--- accountsservice-0.6.15/src/util.c-orig  2012-05-10 18:07:00.402732206 -0500
+++ accountsservice-0.6.15/src/util.c   2012-05-10 18:07:36.471823338 -0500
@@ -26,6 +26,7 @@
 #include <sys/stat.h>
 #include <sys/wait.h>
 #include <fcntl.h>
+#include <unistd.h>
 #include <grp.h>

 #include <syslog.h>
@@ -33,11 +34,14 @@
 #include <dbus/dbus-glib.h>
 #include <dbus/dbus-glib-lowlevel.h>

+#ifdef HAVE_POLKIT
 #include <polkit/polkit.h>
+#endif

 #include "util.h"


+#ifdef HAVE_POLKIT
 static gchar *
 _polkit_subject_get_cmdline (PolkitSubject *subject, gint *pid, gint *uid)
 {
@@ -115,6 +119,7 @@ _polkit_subject_get_cmdline (PolkitSubje
     g_object_unref (process);
   return ret;
 }
+#endif

 void
 sys_log (DBusGMethodInvocation *context,
@@ -128,6 +133,7 @@ sys_log (DBusGMethodInvocation *context,
         msg = g_strdup_vprintf (format, args);
         va_end (args);

+#if HAVE_POLKIT
         if (context) {
                 PolkitSubject *subject;
                 gchar *cmdline;
@@ -154,6 +160,7 @@ sys_log (DBusGMethodInvocation *context,
                 g_free (cmdline);
                 g_object_unref (subject);
         }
+#endif

         syslog (LOG_NOTICE, "%s", msg);

@@ -163,6 +170,7 @@ sys_log (DBusGMethodInvocation *context,
 static void
 get_caller_loginuid (DBusGMethodInvocation *context, gchar *loginuid, gint size)
 {
+#ifdef HAVE_POLKIT
         PolkitSubject *subject;
         gchar *cmdline;
         gint pid;
@@ -185,6 +193,7 @@ get_caller_loginuid (DBusGMethodInvocati
         }

         g_free (path);
+#endif
 }

 static void
@@ -234,6 +243,55 @@ spawn_with_login_uid (DBusGMethodInvocat
         return TRUE;
 }

+#if __sun
+
+int
+getgrouplist(const char *uname, gid_t agroup, gid_t *groups, int *grpcnt)
+{
+   const struct group *grp;
+   int i, maxgroups, ngroups, ret;
+
+   ret = 0;
+   ngroups = 0;
+   maxgroups = *grpcnt;
+   /*
+    * When installing primary group, duplicate it;
+    * the first element of groups is the effective gid
+    * and will be overwritten when a setgid file is executed.
+    */
+   groups ? groups[ngroups++] = agroup : ngroups++;
+   if (maxgroups > 1)
+       groups ? groups[ngroups++] = agroup : ngroups++;
+   /*
+    * Scan the group file to find additional groups.
+    */
+   setgrent();
+   while ((grp = getgrent()) != NULL) {
+       if (groups) {
+           for (i = 0; i < ngroups; i++) {
+               if (grp->gr_gid == groups[i])
+                   goto skip;
+           }
+       }
+       for (i = 0; grp->gr_mem[i]; i++) {
+           if (!strcmp(grp->gr_mem[i], uname)) {
+               if (ngroups >= maxgroups) {
+                   ret = -1;
+                   break;
+               }
+               groups ? groups[ngroups++] = grp->gr_gid : ngroups++;
+               break;
+           }
+       }
+skip:
+       ;
+   }
+   endgrent();
+   *grpcnt = ngroups;
+   return (ret);
+}
+#endif
+
 gint
 get_user_groups (const gchar  *user,
                  gid_t         group,
@@ -256,6 +314,7 @@ get_user_groups (const gchar  *user,
 gboolean
 get_caller_uid (DBusGMethodInvocation *context, gint *uid)
 {
+#ifdef HAVE_POLKIT
         PolkitSubject *subject;
         PolkitSubject *process;

@@ -272,4 +331,7 @@ get_caller_uid (DBusGMethodInvocation *c
         g_object_unref (process);

         return TRUE;
+#else
+        return TRUE;
+#endif
 }
--- accountsservice-0.6.15/src/daemon.c-orig    2012-05-10 18:06:53.610798033 -0500
+++ accountsservice-0.6.15/src/daemon.c 2012-05-10 18:08:27.894077014 -0500
@@ -43,7 +43,9 @@
 #include <gio/gio.h>
 #include <dbus/dbus-glib.h>
 #include <dbus/dbus-glib-lowlevel.h>
+#if HAVE_POLKIT
 #include <polkit/polkit.h>
+#endif

 #include "daemon.h"
 #include "daemon-glue.h"
@@ -114,7 +116,11 @@ struct DaemonPrivate {
         guint reload_id;
         guint autologin_id;

+#if HAVE_POLKIT
         PolkitAuthority *authority;
+#else
+        gpointer *authority;
+#endif
 };

 static void daemon_finalize   (GObject     *object);
@@ -731,6 +737,7 @@ register_accounts_daemon (Daemon *daemon
         DBusError dbus_error;
         GError *error = NULL;

+#if HAVE_POLKIT
         daemon->priv->authority = polkit_authority_get_sync (NULL, &error);

         if (daemon->priv->authority == NULL) {
@@ -740,6 +747,7 @@ register_accounts_daemon (Daemon *daemon
                 }
                 goto error;
         }
+#endif

         daemon->priv->bus_connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
         if (daemon->priv->bus_connection == NULL) {
@@ -1080,6 +1088,7 @@ daemon_create_user (Daemon
         data->real_name = g_strdup (real_name);
         data->account_type = account_type;

+#if HAVE_POLKIT
         daemon_local_check_auth (daemon,
                                  NULL,
                                  "org.freedesktop.accounts.user-administration",
@@ -1088,6 +1097,7 @@ daemon_create_user (Daemon
                                  context,
                                  data,
                                  (GDestroyNotify)create_data_free);
+#endif

         return TRUE;
 }
@@ -1196,6 +1206,7 @@ check_auth_data_free (CheckAuthData *dat
         g_free (data);
 }

+#if HAVE_POLKIT
 static void
 check_auth_cb (PolkitAuthority *authority,
                GAsyncResult    *res,
@@ -1237,6 +1248,7 @@ check_auth_cb (PolkitAuthority *authorit

         check_auth_data_free (data);
 }
+#endif

 void
 daemon_local_check_auth (Daemon                *daemon,
@@ -1249,8 +1261,10 @@ daemon_local_check_auth (Daemon
                          GDestroyNotify         destroy_notify)
 {
         CheckAuthData *data;
+#ifdef HAVE_POLKIT
         PolkitSubject *subject;
         PolkitCheckAuthorizationFlags flags;
+#endif

         data = g_new0 (CheckAuthData, 1);
         data->daemon = g_object_ref (daemon);
@@ -1261,6 +1275,7 @@ daemon_local_check_auth (Daemon
         data->data = authorized_cb_data;
         data->destroy_notify = destroy_notify;

+#if HAVE_POLKIT
         subject = polkit_system_bus_name_new (dbus_g_method_get_sender (context));

         flags = POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE;
@@ -1276,6 +1291,13 @@ daemon_local_check_auth (Daemon
                                               data);

         g_object_unref (subject);
+#else
+        /*
+         * Just call the authorized callback.  This makes GDM work, but this
+         * code probably needs to be integrated with RBAC.
+         */
+        (authorized_cb) (daemon, user, context, authorized_cb_data);
+#endif
 }

 gboolean
--- accountsservice-0.6.12/src/main.c-orig  2011-07-09 15:47:08.167584745 -0500
+++ accountsservice-0.6.12/src/main.c   2011-07-09 15:47:34.672759727 -0500
@@ -207,7 +207,9 @@ main (int argc, char *argv[])
         openlog ("accounts-daemon", LOG_PID, LOG_DAEMON);
         syslog (LOG_INFO, "started daemon version %s", VERSION);
         closelog ();
+#ifdef LOG_AUTHPRIV
         openlog ("accounts-daemon", 0, LOG_AUTHPRIV);
+#endif

         loop = g_main_loop_new (NULL, FALSE);

--- accountsservice-0.6.12/configure.ac-orig    2011-07-09 15:37:18.422776754 -0500
+++ accountsservice-0.6.12/configure.ac 2011-07-09 15:40:02.924011932 -0500
@@ -17,7 +17,7 @@ AM_GLIB_GNU_GETTEXT
 IT_PROG_INTLTOOL([0.40.0])
 AC_USE_SYSTEM_EXTENSIONS

-LT_INIT
+AC_PROG_LIBTOOL
 LT_CURRENT=0
 LT_REVISION=0
 LT_AGE=0
@@ -28,7 +28,18 @@ AC_SUBST(LT_AGE)
 PKG_CHECK_MODULES(GLIB, glib-2.0)
 PKG_CHECK_MODULES(GIO, gio-2.0 gio-unix-2.0)
 PKG_CHECK_MODULES(DBUS_GLIB, dbus-glib-1)
-PKG_CHECK_MODULES(POLKIT, polkit-gobject-1)
+
+PKG_CHECK_MODULES(POLKIT,
+        polkit-gobject-1,
+        have_polkit=yes,
+        have_polkit=no)
+if test "x$have_polkit" = "xyes" ; then
+  AC_DEFINE(HAVE_POLKIT, [], [Define if we have polkit])
+fi
+AM_CONDITIONAL(HAVE_POLKIT, test x$have_polkit = xyes)
+AC_SUBST(HAVE_POLKIT)
+AC_SUBST(POLKIT_CFLAGS)
+AC_SUBST(POLKIT_LIBS)

 AM_MAINTAINER_MODE([enable])