rpms/fprintd/devel polkit1.patch,NONE,1.1 fprintd.spec,1.9,1.10
Matthias Clasen
mclasen at fedoraproject.org
Wed Jun 10 00:14:45 UTC 2009
Author: mclasen
Update of /cvs/pkgs/rpms/fprintd/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22243
Modified Files:
fprintd.spec
Added Files:
polkit1.patch
Log Message:
Port to PolicyKit 1
polkit1.patch:
--- NEW FILE polkit1.patch ---
diff -up fprintd-0.1/configure.ac.polkit1 fprintd-0.1/configure.ac
--- fprintd-0.1/configure.ac.polkit1 2008-11-22 09:34:59.000000000 -0500
+++ fprintd-0.1/configure.ac 2009-05-13 18:09:05.064187014 -0400
@@ -22,7 +22,7 @@ PKG_CHECK_MODULES(GLIB, glib-2.0 dbus-gl
AC_SUBST(GLIB_CFLAGS)
AC_SUBST(GLIB_LIBS)
-PKG_CHECK_MODULES(DAEMON, glib-2.0 dbus-glib-1 gmodule-2.0 polkit >= 0.8 polkit-dbus)
+PKG_CHECK_MODULES(DAEMON, glib-2.0 dbus-glib-1 gmodule-2.0 polkit-gobject-1 >= 0.91)
AC_SUBST(DAEMON_LIBS)
AC_SUBST(DAEMON_CFLAGS)
@@ -45,9 +45,6 @@ AC_MSG_CHECKING(for PAM headers and libr
AC_MSG_RESULT([$has_pam])
-AC_CHECK_PROG([POLKIT_POLICY_FILE_VALIDATE],
- [polkit-policy-file-validate], [polkit-policy-file-validate])
-
AC_PATH_PROG([XSLTPROC], [xsltproc])
GTK_DOC_CHECK([1.3])
diff -up fprintd-0.1/data/Makefile.am.polkit1 fprintd-0.1/data/Makefile.am
--- fprintd-0.1/data/Makefile.am.polkit1 2008-11-22 09:34:59.000000000 -0500
+++ fprintd-0.1/data/Makefile.am 2009-05-13 18:09:05.065186384 -0400
@@ -9,7 +9,7 @@ $(dbus_services_DATA): $(dbus_services_i
dbus_confdir = $(sysconfdir)/dbus-1/system.d
dbus_conf_DATA = net.reactivated.Fprint.conf
-polkitdir = $(datadir)/PolicyKit/policy
+polkitdir = $(datadir)/polkit-1/actions
polkit_in_files = net.reactivated.fprint.device.policy.in
@INTLTOOL_POLICY_RULE@
@@ -21,7 +21,3 @@ conf_DATA = fprintd.conf
EXTRA_DIST = $(dbus_services_in_files) $(dbus_conf_DATA) $(polkit_in_files) $(conf_DATA)
CLEANFILES = $(polkit_DATA) $(dbus_services_DATA)
-check:
- $(POLKIT_POLICY_FILE_VALIDATE) $(polkit_DATA)
-
-
diff -up fprintd-0.1/data/net.reactivated.fprint.device.policy.in.polkit1 fprintd-0.1/data/net.reactivated.fprint.device.policy.in
--- fprintd-0.1/data/net.reactivated.fprint.device.policy.in.polkit1 2008-11-22 09:34:59.000000000 -0500
+++ fprintd-0.1/data/net.reactivated.fprint.device.policy.in 2009-05-13 18:09:05.065186384 -0400
@@ -35,7 +35,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
diff -up fprintd-0.1/pam/Makefile.am.polkit1 fprintd-0.1/pam/Makefile.am
--- fprintd-0.1/pam/Makefile.am.polkit1 2009-01-26 05:35:54.000000000 -0500
+++ fprintd-0.1/pam/Makefile.am 2009-05-13 18:09:05.068186099 -0400
@@ -1,12 +1,12 @@
if HAVE_PAM
-pammod_PROGRAMS = pam_fprintd.so
+pammod_LTLIBRARIES = pam_fprintd.la
pammoddir=$(libdir)/security
-pam_fprintd_so_SOURCES = pam_fprintd.c $(MARSHALFILES)
-pam_fprintd_so_CFLAGS = -fPIC $(WARN_CFLAGS) $(GLIB_CFLAGS)
-pam_fprintd_so_LDFLAGS = -shared
-pam_fprintd_so_LDADD = $(PAM_LIBS) $(GLIB_LIBS)
+pam_fprintd_la_SOURCES = pam_fprintd.c $(MARSHALFILES)
+pam_fprintd_la_CFLAGS = -fPIC $(WARN_CFLAGS) $(GLIB_CFLAGS)
+pam_fprintd_la_LDFLAGS = -module
+pam_fprintd_la_LIBADD = $(PAM_LIBS) $(GLIB_LIBS)
MARSHALFILES = marshal.c marshal.h
GLIB_GENMARSHAL=`pkg-config --variable=glib_genmarshal glib-2.0`
diff -up fprintd-0.1/src/device.c.polkit1 fprintd-0.1/src/device.c
--- fprintd-0.1/src/device.c.polkit1 2009-05-13 18:09:05.047196683 -0400
+++ fprintd-0.1/src/device.c 2009-05-13 18:10:05.449188670 -0400
@@ -23,7 +23,6 @@
#include <dbus/dbus-glib-lowlevel.h>
#include <glib/gi18n.h>
#include <polkit/polkit.h>
-#include <polkit-dbus/polkit-dbus.h>
#include <libfprint/fprint.h>
#include <sys/types.h>
@@ -96,7 +95,7 @@ struct FprintDevicePrivate {
struct fp_dev *dev;
struct session_data *session;
- PolKitContext *pol_ctx;
+ PolkitAuthority *auth;
/* The current user of the device, if claimed */
char *sender;
@@ -266,53 +265,13 @@ static void fprint_device_class_init(Fpr
g_cclosure_marshal_VOID__STRING, G_TYPE_NONE, 1, G_TYPE_STRING);
}
-static gboolean
-pk_io_watch_have_data (GIOChannel *channel, GIOCondition condition, gpointer user_data)
-{
- int fd;
- PolKitContext *pk_context = user_data;
- fd = g_io_channel_unix_get_fd (channel);
- polkit_context_io_func (pk_context, fd);
- return TRUE;
-}
-
-static int
-pk_io_add_watch (PolKitContext *pk_context, int fd)
-{
- guint id = 0;
- GIOChannel *channel;
- channel = g_io_channel_unix_new (fd);
- if (channel == NULL)
- goto out;
- id = g_io_add_watch (channel, G_IO_IN, pk_io_watch_have_data, pk_context);
- if (id == 0) {
- g_io_channel_unref (channel);
- goto out;
- }
- g_io_channel_unref (channel);
-out:
- return id;
-}
-
-static void
-pk_io_remove_watch (PolKitContext *pk_context, int watch_id)
-{
- g_source_remove (watch_id);
-}
-
static void fprint_device_init(FprintDevice *device)
{
FprintDevicePrivate *priv = DEVICE_GET_PRIVATE(device);
priv->id = ++last_id;
/* Setup PolicyKit */
- priv->pol_ctx = polkit_context_new ();
- polkit_context_set_io_watch_functions (priv->pol_ctx, pk_io_add_watch, pk_io_remove_watch);
- if (!polkit_context_init (priv->pol_ctx, NULL)) {
- g_critical ("cannot initialize libpolkit");
- polkit_context_unref (priv->pol_ctx);
- priv->pol_ctx = NULL;
- }
+ priv->auth = polkit_authority_get ();
priv->clients = g_hash_table_new_full (g_str_hash,
g_str_equal,
g_free,
@@ -449,28 +408,14 @@ _fprint_device_check_polkit_for_action (
{
FprintDevicePrivate *priv = DEVICE_GET_PRIVATE(rdev);
const char *sender;
- DBusError dbus_error;
- PolKitCaller *pk_caller;
- PolKitAction *pk_action;
- PolKitResult pk_result;
- uid_t uid;
+ PolkitSubject *subject;
+ PolkitAuthorizationResult *result;
/* Check that caller is privileged */
sender = dbus_g_method_get_sender (context);
- dbus_error_init (&dbus_error);
- pk_caller = polkit_caller_new_from_dbus_name (
- dbus_g_connection_get_connection (fprintd_dbus_conn),
- sender,
- &dbus_error);
- if (pk_caller == NULL) {
- g_set_error (error, FPRINT_ERROR,
- FPRINT_ERROR_INTERNAL,
- "Error getting information about caller: %s: %s",
- dbus_error.name, dbus_error.message);
- dbus_error_free (&dbus_error);
- return FALSE;
- }
+ subject = polkit_system_bus_name_new (sender);
+#if 0
/* XXX Hack?
* We'd like to allow root to set the username by default, so
* it can authenticate users through PAM
@@ -481,24 +426,26 @@ _fprint_device_check_polkit_for_action (
polkit_caller_unref (pk_caller);
return TRUE;
}
+#endif
- pk_action = polkit_action_new ();
- polkit_action_set_action_id (pk_action, action);
- pk_result = polkit_context_is_caller_authorized (priv->pol_ctx, pk_action, pk_caller,
- TRUE, NULL);
- polkit_caller_unref (pk_caller);
- polkit_action_unref (pk_action);
+ result = polkit_authority_check_authorization_sync (priv->auth,
+ subject,
+ action,
+ NULL,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
+ NULL, NULL);
+ g_object_unref (subject);
- if (pk_result != POLKIT_RESULT_YES) {
+ if (!polkit_authorization_result_get_is_authorized (result)) {
g_set_error (error, FPRINT_ERROR,
FPRINT_ERROR_PERMISSION_DENIED,
- "%s %s <-- (action, result)",
- action,
- polkit_result_to_string_representation (pk_result));
- dbus_error_free (&dbus_error);
+ "Not Authorized: %s", action);
+ g_object_unref (result);
return FALSE;
}
+ g_object_unref (result);
+
return TRUE;
}
@@ -1095,6 +1042,7 @@ static void fprint_device_enroll_start(F
}
if (_fprint_device_check_polkit_for_action (rdev, context, "net.reactivated.fprint.device.enroll", &error) == FALSE) {
+ g_print ("enroll not allowed: %s\n", error->message);
dbus_g_method_return_error (context, error);
return;
}
diff -up fprintd-0.1/src/net.reactivated.Fprint.Device.xml.polkit1 fprintd-0.1/src/net.reactivated.Fprint.Device.xml
--- fprintd-0.1/src/net.reactivated.Fprint.Device.xml.polkit1 2009-01-26 05:31:45.000000000 -0500
+++ fprintd-0.1/src/net.reactivated.Fprint.Device.xml 2009-05-13 18:09:05.071212005 -0400
@@ -183,6 +183,12 @@
</doc:definition>
</doc:item>
<doc:item>
+ <doc:term>verify-disconnected</doc:term>
+ <doc:definition>
+ The device was disconnected during the verification, no other actions should be taken, and you shouldn't use the device any more.
+ </doc:definition>
+ </doc:item>
+ <doc:item>
<doc:term>verify-unknown-error</doc:term>
<doc:definition>
An unknown error occurred (usually a driver problem), <doc:ref type="method" to="Device.VerifyStop">Device.VerifyStop</doc:ref> should now be called.
@@ -240,6 +246,13 @@
</doc:definition>
</doc:item>
<doc:item>
+ <doc:term>enroll-disconnected</doc:term>
+ <doc:definition>
+ The device was disconnected during the enrollment, no other actions should be taken, and you shouldn't use the device any more.
+
+ </doc:definition>
+ </doc:item>
+ <doc:item>
<doc:term>enroll-unknown-error</doc:term>
<doc:definition>
An unknown error occurred (usually a driver problem), <doc:ref type="method" to="Device.EnrollStop">Device.EnrollStop</doc:ref> should now be called.
Index: fprintd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/fprintd/devel/fprintd.spec,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -p -r1.9 -r1.10
--- fprintd.spec 7 May 2009 14:33:13 -0000 1.9
+++ fprintd.spec 10 Jun 2009 00:14:14 -0000 1.10
@@ -3,7 +3,7 @@
Name: fprintd
Version: 0.1
-Release: 9.git%{short_hash}%{?dist}
+Release: 10.git%{short_hash}%{?dist}
Summary: D-Bus service for Fingerprint reader access
Group: System Environment/Daemons
@@ -17,6 +17,8 @@ Source0: fprintd-0.1-%{short_hash}.tar.b
# FIXME remove when we have a newer libfprint
Patch0: old-libfprint.patch
Patch1: 0001-Detect-when-a-device-is-disconnected.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=498368
+Patch2: polkit1.patch
Url: http://www.reactivated.net/fprint/wiki/Fprintd
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
ExcludeArch: s390 s390x
@@ -24,9 +26,10 @@ ExcludeArch: s390 s390x
BuildRequires: dbus-glib-devel
BuildRequires: pam-devel
BuildRequires: libfprint-devel >= 0.1.0
-BuildRequires: PolicyKit-devel
+BuildRequires: polkit-devel
BuildRequires: gtk-doc
-BuildRequires: perl(XML::Parser) intltool
+BuildRequires: intltool
+BuildRequires: autoconf automake libtool
%description
D-Bus service to access fingerprint readers.
@@ -61,6 +64,9 @@ fingerprint readers access.
%setup -q -n %{name}-%{version}
%patch0 -p1
%patch1 -p1
+%patch2 -p1 -b .polkit1
+
+autoreconf -i -f
%build
%configure --libdir=/%{_lib}/ --enable-gtk-doc --enable-pam
@@ -84,7 +90,7 @@ rm -rf $RPM_BUILD_ROOT
%{_sysconfdir}/fprintd.conf
%{_sysconfdir}/dbus-1/system.d/net.reactivated.Fprint.conf
%{_datadir}/dbus-1/system-services/net.reactivated.Fprint.service
-%{_datadir}/PolicyKit/policy/net.reactivated.fprint.device.policy
+%{_datadir}/polkit-1/actions/net.reactivated.fprint.device.policy
%{_localstatedir}/lib/fprint
%files pam
@@ -99,6 +105,9 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/dbus-1/interfaces/net.reactivated.Fprint.Manager.xml
%changelog
+* Tue Jun 9 2009 Matthias Clasen <mclasen at redhat.com> 0.1-10.git04fd09cfa
+- Port to PolicyKit 1
+
* Thu May 07 2009 Bastien Nocera <bnocera at redhat.com> 0.1-9.git04fd09cfa
- Add /var/lib/fprint to the RPM to avoid SELinux errors (#499513)
More information about the fedora-extras-commits
mailing list