From 573a9b6988c48abb7579acbe634d6b532ecb8517 Mon Sep 17 00:00:00 2001 Message-Id: <573a9b6988c48abb7579acbe634d6b532ecb8517.1616318066.git.stefan@agner.ch> In-Reply-To: References: From: Stefan Agner Date: Sat, 13 Mar 2021 15:24:45 +0100 Subject: [PATCH 2/3] Make polkit dependency optional Make authorization using polkit a compile time option. This allows to build udisks2 without polkit. Fixes: #615 --- configure.ac | 33 +++++++++++++++---- data/Makefile.am | 2 ++ src/udisksauthorization.c | 68 +++++++++++++++++++++++---------------- src/udisksauthorization.h | 5 +++ src/udisksdaemon.c | 2 ++ tools/udisksctl.c | 13 ++++++++ 6 files changed, 89 insertions(+), 34 deletions(-) diff --git a/configure.ac b/configure.ac index 53917998..7d95bc91 100644 --- a/configure.ac +++ b/configure.ac @@ -150,13 +150,31 @@ PKG_CHECK_MODULES(GIO, [gio-unix-2.0 >= 2.50]) AC_SUBST(GIO_CFLAGS) AC_SUBST(GIO_LIBS) -PKG_CHECK_MODULES(POLKIT_GOBJECT_1, [polkit-gobject-1 >= 0.102]) -AC_SUBST(POLKIT_GOBJECT_1_CFLAGS) -AC_SUBST(POLKIT_GOBJECT_1_LIBS) - -PKG_CHECK_MODULES(POLKIT_AGENT_1, [polkit-agent-1 >= 0.102]) -AC_SUBST(POLKIT_AGENT_1_CFLAGS) -AC_SUBST(POLKIT_AGENT_1_LIBS) +have_polkit=no +AC_ARG_ENABLE(polkit, AS_HELP_STRING([--disable-polkit], [disable polkit support])) +if test "x$enable_polkit" != "xno"; then + PKG_CHECK_MODULES(POLKIT_GOBJECT_1, [polkit-gobject-1 >= 0.102], + [have_polkit_gobject=yes], + [have_polkit_gobject=no]) + if test "x$have_polkit_gobject" = "xno"; then + AC_MSG_ERROR([polkit support requested but polkit-gobject libraries not found]) + fi + AC_SUBST(POLKIT_GOBJECT_1_CFLAGS) + AC_SUBST(POLKIT_GOBJECT_1_LIBS) + + PKG_CHECK_MODULES(POLKIT_AGENT_1, [polkit-agent-1 >= 0.102], + [have_polkit_agent=yes], + [have_polkit_agent=no]) + if test "x$have_polkit_agent" = "xno"; then + AC_MSG_ERROR([polkit support requested but polkit-agent libraries not found]) + fi + AC_SUBST(POLKIT_AGENT_1_CFLAGS) + AC_SUBST(POLKIT_AGENT_1_LIBS) + if test "$have_polkit_gobject" = "yes" -a "$have_polkit_agent" = "yes"; then + have_polkit=yes + fi +fi +AM_CONDITIONAL(HAVE_POLKIT, [test "$have_polkit" = "yes"]) if test "x$enable_daemon" = "xyes"; then PKG_CHECK_MODULES(GUDEV, [gudev-1.0 >= 165]) @@ -793,6 +811,7 @@ echo " using libelogind: ${have_libelogind} use /media for mounting: ${fhs_media} acl support: ${have_acl} + polkit support: ${have_polkit} using libmount/utab: ${have_libmount_utab} compiler: ${CC} diff --git a/data/Makefile.am b/data/Makefile.am index 758644be..bf4f29b8 100644 --- a/data/Makefile.am +++ b/data/Makefile.am @@ -31,6 +31,7 @@ endif udevrulesdir = $(udevdir)/rules.d udevrules_DATA = 80-udisks2.rules +if HAVE_POLKIT polkitdir = $(datadir)/polkit-1/actions polkit_in_files = org.freedesktop.UDisks2.policy.in polkit_DATA = $(polkit_in_files:.policy.in=.policy) @@ -38,6 +39,7 @@ polkit_DATA = $(polkit_in_files:.policy.in=.policy) $(polkit_DATA): $(polkit_in_files) $(AM_V_GEN) $(MSGFMT) --xml --template $< -d $(top_srcdir)/po -o $@ endif +endif completionsdir = $(datadir)/bash-completion/completions completions_DATA = \ diff --git a/src/udisksauthorization.c b/src/udisksauthorization.c index f74e194a..0256cef9 100644 --- a/src/udisksauthorization.c +++ b/src/udisksauthorization.c @@ -24,33 +24,6 @@ #include "udisksdaemonutil.h" #include "udisksauthorization.h" -/* Need this until we can depend on a libpolkit with this bugfix - * - * http://cgit.freedesktop.org/polkit/commit/?h=wip/js-rule-files&id=224f7b892478302dccbe7e567b013d3c73d376fd - */ -static void -_safe_polkit_details_insert (PolkitDetails *details, const gchar *key, const gchar *value) -{ - if (value != NULL && strlen (value) > 0) - polkit_details_insert (details, key, value); -} - -static void -_safe_polkit_details_insert_int (PolkitDetails *details, const gchar *key, gint value) -{ - gchar buf[32]; - snprintf (buf, sizeof buf, "%d", value); - polkit_details_insert (details, key, buf); -} - -static void -_safe_polkit_details_insert_uint64 (PolkitDetails *details, const gchar *key, guint64 value) -{ - gchar buf[32]; - snprintf (buf, sizeof buf, "0x%08llx", (unsigned long long int) value); - polkit_details_insert (details, key, buf); -} - static gboolean check_authorization_no_polkit (UDisksDaemon *daemon, UDisksObject *object, @@ -157,6 +130,34 @@ udisks_daemon_util_check_authorization_sync (UDisksDaemon *daemon, return TRUE; } +#ifdef HAVE_POLKIT +/* Need this until we can depend on a libpolkit with this bugfix + * + * http://cgit.freedesktop.org/polkit/commit/?h=wip/js-rule-files&id=224f7b892478302dccbe7e567b013d3c73d376fd + */ +static void +_safe_polkit_details_insert (PolkitDetails *details, const gchar *key, const gchar *value) +{ + if (value != NULL && strlen (value) > 0) + polkit_details_insert (details, key, value); +} + +static void +_safe_polkit_details_insert_int (PolkitDetails *details, const gchar *key, gint value) +{ + gchar buf[32]; + snprintf (buf, sizeof buf, "%d", value); + polkit_details_insert (details, key, buf); +} + +static void +_safe_polkit_details_insert_uint64 (PolkitDetails *details, const gchar *key, guint64 value) +{ + gchar buf[32]; + snprintf (buf, sizeof buf, "0x%08llx", (unsigned long long int) value); + polkit_details_insert (details, key, buf); +} + gboolean udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon *daemon, UDisksObject *object, @@ -379,4 +380,17 @@ udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon * g_clear_object (&result); return ret; } +#else +gboolean +udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon *daemon, + UDisksObject *object, + const gchar *action_id, + GVariant *options, + const gchar *message, + GDBusMethodInvocation *invocation, + GError **error) +{ + return check_authorization_no_polkit (daemon, object, action_id, options, message, invocation, error); +} +#endif diff --git a/src/udisksauthorization.h b/src/udisksauthorization.h index 4903bb57..64dcf4e4 100644 --- a/src/udisksauthorization.h +++ b/src/udisksauthorization.h @@ -22,7 +22,12 @@ #define __UDISKS_AUTHORIZATION_H__ #include "udisksdaemontypes.h" + +#ifdef HAVE_POLKIT #include +#else +typedef void* PolkitAuthority; +#endif G_BEGIN_DECLS diff --git a/src/udisksdaemon.c b/src/udisksdaemon.c index 51e2bb5c..8995167f 100644 --- a/src/udisksdaemon.c +++ b/src/udisksdaemon.c @@ -379,6 +379,7 @@ udisks_daemon_constructed (GObject *object) uuid_unparse (uuid, &uuid_buf[0]); daemon->uuid = g_strdup (uuid_buf); +#ifdef HAVE_POLKIT daemon->authority = polkit_authority_get_sync (NULL, &error); if (daemon->authority == NULL) { @@ -386,6 +387,7 @@ udisks_daemon_constructed (GObject *object) error->message, g_quark_to_string (error->domain), error->code); g_clear_error (&error); } +#endif daemon->object_manager = g_dbus_object_manager_server_new ("/org/freedesktop/UDisks2"); diff --git a/tools/udisksctl.c b/tools/udisksctl.c index 7a5de65d..feacfa6d 100644 --- a/tools/udisksctl.c +++ b/tools/udisksctl.c @@ -35,9 +35,11 @@ #include +#ifdef HAVE_POLKIT #include #define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE #include +#endif static UDisksClient *client = NULL; static GMainLoop *loop = NULL; @@ -57,6 +59,7 @@ static void modify_argv0_for_command (gint *argc, gchar **argv[], const gchar *c /* ---------------------------------------------------------------------------------------------------- */ +#ifdef HAVE_POLKIT static PolkitAgentListener *local_polkit_agent = NULL; static gpointer local_agent_handle = NULL; @@ -119,6 +122,16 @@ shutdown_local_polkit_agent (void) if (local_polkit_agent != NULL) g_object_unref (local_polkit_agent); } +#else +static gboolean +setup_local_polkit_agent (void) +{ + return TRUE; +} + +static void +shutdown_local_polkit_agent (void) { } +#endif /* ---------------------------------------------------------------------------------------------------- */ -- 2.30.2