projects / thirdparty / systemd.git / blame
| Commit | Line | Data |
|---|---|---|
| 53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
| 6bb92a16 | 2 | /*** |
| 6bb92a16 | 3 | Copyright 2011 Lennart Poettering |
| 6bb92a16 LP |
4 | ***/ |
| 5 | ||
| 9bdc770c | 6 | #include <errno.h> |
| 0a6f50c0 | 7 | #include <poll.h> |
| cf0fbc49 TA |
8 | #include <signal.h> |
| 9 | #include <stdlib.h> | |
| 10 | #include <unistd.h> | |
| 6bb92a16 | 11 | |
| c004493c LP |
12 | #include "fd-util.h" |
| 13 | #include "io-util.h" | |
| 6bb92a16 | 14 | #include "log.h" |
| a8fbdf54 | 15 | #include "macro.h" |
| 0b452006 | 16 | #include "process-util.h" |
| 6bb92a16 | 17 | #include "spawn-polkit-agent.h" |
| 15a5e950 | 18 | #include "stdio-util.h" |
| a8fbdf54 | 19 | #include "time-util.h" |
| c004493c | 20 | #include "util.h" |
| 6bb92a16 | 21 | |
| 349cc4a5 | 22 | #if ENABLE_POLKIT |
| 6bb92a16 LP |
23 | static pid_t agent_pid = 0; |
| 24 | ||
| 25 | int polkit_agent_open(void) { | |
| 5ffa8c81 | 26 | char notify_fd[DECIMAL_STR_MAX(int) + 1]; |
| 78752f2e | 27 | int pipe_fd[2], r; |
| 6bb92a16 LP |
28 | |
| 29 | if (agent_pid > 0) | |
| 30 | return 0; | |
| 31 | ||
| 89d03482 MP |
32 | /* Clients that run as root don't need to activate/query polkit */ |
| 33 | if (geteuid() == 0) | |
| 34 | return 0; | |
| 35 | ||
| 78752f2e | 36 | /* We check STDIN here, not STDOUT, since this is about input, not output */ |
| 6bb92a16 LP |
37 | if (!isatty(STDIN_FILENO)) |
| 38 | return 0; | |
| 39 | ||
| 85afeae8 LP |
40 | if (!is_main_thread()) |
| 41 | return -EPERM; | |
| 42 | ||
| 9bdc770c LP |
43 | if (pipe2(pipe_fd, 0) < 0) |
| 44 | return -errno; | |
| 45 | ||
| 5ffa8c81 | 46 | xsprintf(notify_fd, "%i", pipe_fd[1]); |
| 9bdc770c | 47 | |
| 78752f2e | 48 | r = fork_agent("(polkit-agent)", |
| 9bdc770c | 49 | &pipe_fd[1], 1, |
| 78752f2e | 50 | &agent_pid, |
| 9bdc770c | 51 | POLKIT_AGENT_BINARY_PATH, |
| 8aec53fb | 52 | POLKIT_AGENT_BINARY_PATH, "--notify-fd", notify_fd, "--fallback", NULL); |
| 9bdc770c LP |
53 | |
| 54 | /* Close the writing side, because that's the one for the agent */ | |
| 03e334a1 | 55 | safe_close(pipe_fd[1]); |
| 9bdc770c | 56 | |
| 6bb92a16 | 57 | if (r < 0) |
| da927ba9 | 58 | log_error_errno(r, "Failed to fork TTY ask password agent: %m"); |
| 9bdc770c LP |
59 | else |
| 60 | /* Wait until the agent closes the fd */ | |
| 3a43da28 | 61 | fd_wait_for_event(pipe_fd[0], POLLHUP, USEC_INFINITY); |
| 9bdc770c | 62 | |
| 03e334a1 | 63 | safe_close(pipe_fd[0]); |
| 6bb92a16 LP |
64 | |
| 65 | return r; | |
| 66 | } | |
| 67 | ||
| 68 | void polkit_agent_close(void) { | |
| 69 | ||
| 70 | if (agent_pid <= 0) | |
| 71 | return; | |
| 72 | ||
| 73 | /* Inform agent that we are done */ | |
| 0adc28ce | 74 | (void) kill_and_sigcont(agent_pid, SIGTERM); |
| c73d180d | 75 | (void) wait_for_terminate(agent_pid, NULL); |
| 6bb92a16 LP |
76 | agent_pid = 0; |
| 77 | } | |
| 46ba8aae LP |
78 | |
| 79 | #else | |
| 80 | ||
| 81 | int polkit_agent_open(void) { | |
| 82 | return 0; | |
| 83 | } | |
| 84 | ||
| 85 | void polkit_agent_close(void) { | |
| 86 | } | |
| 87 | ||
| 88 | #endif |