summaryrefslogtreecommitdiff
path: root/src/machine
diff options
context:
space:
mode:
authorMichael Chapman <mike@very.puzzling.org>2015-09-06 00:07:16 +1000
committerMichael Chapman <mike@very.puzzling.org>2015-09-06 00:07:16 +1000
commit403ed0e5c914f2a0a683403d8ba7eaf96e3ffcdf (patch)
tree1522b7c2adc228dda7bc9fd3d94c0d1bac9d504c /src/machine
parent17258f5f27dd3dd57c36f2805e0a0c27a1aeabba (diff)
bus-util: support details in CheckAuthorization calls
Extra details for an action can be supplied when calling polkit's CheckAuthorization method. Details are a list of key/value string pairs. Custom policy can use these details when making authorization decisions.
Diffstat (limited to 'src/machine')
-rw-r--r--src/machine/image-dbus.c5
-rw-r--r--src/machine/machine-dbus.c7
-rw-r--r--src/machine/machined-dbus.c1
3 files changed, 13 insertions, 0 deletions
diff --git a/src/machine/image-dbus.c b/src/machine/image-dbus.c
index 95d7bca4bf..2453a9ff04 100644
--- a/src/machine/image-dbus.c
+++ b/src/machine/image-dbus.c
@@ -43,6 +43,7 @@ int bus_image_method_remove(
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
+ NULL,
false,
UID_INVALID,
&m->polkit_registry,
@@ -83,6 +84,7 @@ int bus_image_method_rename(
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
+ NULL,
false,
UID_INVALID,
&m->polkit_registry,
@@ -123,6 +125,7 @@ int bus_image_method_clone(
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
+ NULL,
false,
UID_INVALID,
&m->polkit_registry,
@@ -158,6 +161,7 @@ int bus_image_method_mark_read_only(
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
+ NULL,
false,
UID_INVALID,
&m->polkit_registry,
@@ -194,6 +198,7 @@ int bus_image_method_set_limit(
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-images",
+ NULL,
false,
UID_INVALID,
&m->polkit_registry,
diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c
index a63b9785af..fbeace0ed6 100644
--- a/src/machine/machine-dbus.c
+++ b/src/machine/machine-dbus.c
@@ -124,6 +124,7 @@ int bus_machine_method_terminate(sd_bus_message *message, void *userdata, sd_bus
message,
CAP_KILL,
"org.freedesktop.machine1.manage-machines",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
@@ -169,6 +170,7 @@ int bus_machine_method_kill(sd_bus_message *message, void *userdata, sd_bus_erro
message,
CAP_KILL,
"org.freedesktop.machine1.manage-machines",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
@@ -488,6 +490,7 @@ int bus_machine_method_open_pty(sd_bus_message *message, void *userdata, sd_bus_
message,
CAP_SYS_ADMIN,
m->class == MACHINE_HOST ? "org.freedesktop.machine1.host-open-pty" : "org.freedesktop.machine1.open-pty",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
@@ -577,6 +580,7 @@ int bus_machine_method_open_login(sd_bus_message *message, void *userdata, sd_bu
message,
CAP_SYS_ADMIN,
m->class == MACHINE_HOST ? "org.freedesktop.machine1.host-login" : "org.freedesktop.machine1.login",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
@@ -675,6 +679,7 @@ int bus_machine_method_open_shell(sd_bus_message *message, void *userdata, sd_bu
message,
CAP_SYS_ADMIN,
m->class == MACHINE_HOST ? "org.freedesktop.machine1.host-shell" : "org.freedesktop.machine1.shell",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
@@ -883,6 +888,7 @@ int bus_machine_method_bind_mount(sd_bus_message *message, void *userdata, sd_bu
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-machines",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
@@ -1145,6 +1151,7 @@ int bus_machine_method_copy(sd_bus_message *message, void *userdata, sd_bus_erro
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-machines",
+ NULL,
false,
UID_INVALID,
&m->manager->polkit_registry,
diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c
index 0d52c693e4..eef9c5fa5f 100644
--- a/src/machine/machined-dbus.c
+++ b/src/machine/machined-dbus.c
@@ -810,6 +810,7 @@ static int method_set_pool_limit(sd_bus_message *message, void *userdata, sd_bus
message,
CAP_SYS_ADMIN,
"org.freedesktop.machine1.manage-machines",
+ NULL,
false,
UID_INVALID,
&m->polkit_registry,