[libvirt] [PATCH 2/2] Add new error code VIR_ERROR_AUTH_CANCELLED

Cole Robinson crobinso at redhat.com
Fri Jan 27 20:10:07 UTC 2012 

On 01/27/2012 01:34 PM, Cole Robinson wrote:
> And hook it up for policykit auth. This allows virt-manager to detect
> that the user clicked the policykit 'cancel' button and not throw
> an 'authentication failed' error message at the user.
> ---
>  daemon/remote.c             |   13 +++++++++++--
>  include/libvirt/virterror.h |    1 +
>  src/util/virterror.c        |    6 ++++++
>  3 files changed, 18 insertions(+), 2 deletions(-)
> 
> diff --git a/daemon/remote.c b/daemon/remote.c
> index 1ada146..2e813d6 100644
> --- a/daemon/remote.c
> +++ b/daemon/remote.c
> @@ -2471,6 +2471,8 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
>      const char *action;
>      int status = -1;
>      char *ident = NULL;
> +    int authdismissed = 0;
> +    char *pkoutput = NULL;
>      struct daemonClientPrivate *priv =
>          virNetServerClientGetPrivateData(client);
>      virCommandPtr cmd = NULL;
> @@ -2481,6 +2483,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
>          "org.libvirt.unix.manage";
>  
>      cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
> +    virCommandSetOutputBuffer(cmd, &pkoutput);
>  
>      VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
>      if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
> @@ -2509,6 +2512,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
>      if (virCommandRun(cmd, &status) < 0)
>          goto authfail;
>  
> +    authdismissed = (pkoutput && strstr(pkoutput, "dismissed=true"));
>      if (status != 0) {
>          char *tmp = virCommandTranslateStatus(status);
>          VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d: %s"),
> @@ -2534,8 +2538,13 @@ error:
>      virCommandFree(cmd);
>      VIR_FREE(ident);
>      virResetLastError();
> -    virNetError(VIR_ERR_AUTH_FAILED, "%s",
> -                _("authentication failed"));
> +    if (authdismissed) {
> +        virNetError(VIR_ERR_AUTH_CANCELLED, "%s",
> +                    _("authentication cancelled by user"));
> +    } else {
> +        virNetError(VIR_ERR_AUTH_FAILED, "%s",
> +                    _("authentication failed"));
> +    }

This doesn't free pkoutput. Another patch is coming.

- Cole

More information about the libvir-list mailing list