[libvirt] [PATCH v2 2/3] util: Introduce API's for Polkit text authentication
John Ferlan
jferlan at redhat.com
Thu Feb 11 23:38:13 UTC 2016
Introduce virPolkitAgentCreate and virPolkitAgentDestroy
virPolkitAgentCreate will run the polkit pkttyagent image as an asynchronous
command in order to handle the local agent authentication via stdin/stdout.
virPolkitAgentDestroy will close the command effectively reaping our
child process
Needed to move around or add the "#include vircommand.h" since,
virpolkit.h now uses it.
Signed-off-by: John Ferlan <jferlan at redhat.com>
---
src/libvirt_private.syms | 2 ++
src/util/virpolkit.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++-
src/util/virpolkit.h | 5 +++++
tests/virpolkittest.c | 3 ++-
4 files changed, 64 insertions(+), 2 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 4cfaed5..8f2358f 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2029,6 +2029,8 @@ virPidFileWritePath;
# util/virpolkit.h
+virPolkitAgentCreate;
+virPolkitAgentDestroy;
virPolkitCheckAuth;
diff --git a/src/util/virpolkit.c b/src/util/virpolkit.c
index d837a14..48d214a 100644
--- a/src/util/virpolkit.c
+++ b/src/util/virpolkit.c
@@ -26,8 +26,8 @@
# include <polkit-dbus/polkit-dbus.h>
#endif
-#include "virpolkit.h"
#include "vircommand.h"
+#include "virpolkit.h"
#include "virerror.h"
#include "virlog.h"
#include "virstring.h"
@@ -136,6 +136,46 @@ int virPolkitCheckAuth(const char *actionid,
}
+/* virPolkitAgentDestroy:
+ * @cmd: Pointer to the virCommandPtr created during virPolkitAgentCreate
+ *
+ * Destroy resources used by Polkit Agent
+ */
+void
+virPolkitAgentDestroy(virCommandPtr cmd)
+{
+ virCommandFree(cmd);
+}
+
+/* virPolkitAgentCreate:
+ *
+ * Allocate and setup a polkit agent
+ *
+ * Returns a virCommandPtr on success and NULL on failure
+ */
+virCommandPtr
+virPolkitAgentCreate(void)
+{
+ virCommandPtr cmd = virCommandNewArgList(PKTTYAGENT, "--process", NULL);
+ int outfd = STDOUT_FILENO;
+ int errfd = STDERR_FILENO;
+
+ virCommandAddArgFormat(cmd, "%lld", (long long int) getpid());
+ virCommandAddArg(cmd, "--fallback");
+ virCommandSetInputFD(cmd, STDIN_FILENO);
+ virCommandSetOutputFD(cmd, &outfd);
+ virCommandSetErrorFD(cmd, &errfd);
+ if (virCommandRunAsync(cmd, NULL) < 0)
+ goto error;
+
+ return cmd;
+
+ error:
+ virCommandFree(cmd);
+ return NULL;
+}
+
+
#elif WITH_POLKIT0
int virPolkitCheckAuth(const char *actionid,
pid_t pid,
@@ -254,4 +294,18 @@ int virPolkitCheckAuth(const char *actionid ATTRIBUTE_UNUSED,
}
+void
+virPolkitAgentDestroy(virCommandPtr cmd ATTRIBUTE_UNUSED)
+{
+ return; /* do nothing */
+}
+
+
+virCommandPtr
+virPolkitAgentCreate(void)
+{
+ virReportError(VIR_ERR_AUTH_FAILED, "%s",
+ _("polkit text authentication agent unavailable"));
+ return NULL;
+}
#endif /* WITH_POLKIT1 */
diff --git a/src/util/virpolkit.h b/src/util/virpolkit.h
index 36122d0..f0aea37 100644
--- a/src/util/virpolkit.h
+++ b/src/util/virpolkit.h
@@ -24,6 +24,8 @@
# include "internal.h"
+# define PKTTYAGENT "/usr/bin/pkttyagent"
+
int virPolkitCheckAuth(const char *actionid,
pid_t pid,
unsigned long long startTime,
@@ -31,4 +33,7 @@ int virPolkitCheckAuth(const char *actionid,
const char **details,
bool allowInteraction);
+void virPolkitAgentDestroy(virCommandPtr cmd);
+virCommandPtr virPolkitAgentCreate(void);
+
#endif /* __VIR_POLKIT_H__ */
diff --git a/tests/virpolkittest.c b/tests/virpolkittest.c
index b39beed..3ccb779 100644
--- a/tests/virpolkittest.c
+++ b/tests/virpolkittest.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2013, 2014 Red Hat, Inc.
+ * Copyright (C) 2013, 2014, 2016 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -27,6 +27,7 @@
# include <stdlib.h>
# include <dbus/dbus.h>
+# include "vircommand.h"
# include "virpolkit.h"
# include "virdbus.h"
# include "virlog.h"
--
2.5.0
More information about the libvir-list
mailing list