From: Zbigniew Jędrzejewski-Szmek Date: Wed, 26 Jun 2024 10:21:05 +0000 (+0200) Subject: inhibit: add --no-ask-password option and allow interactive polkit auth X-Git-Tag: v257-rc1~1042^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a87b7aa1a1c9a02c53d6766fe9a1278deb81a4f4;p=thirdparty%2Fsystemd.git inhibit: add --no-ask-password option and allow interactive polkit auth It seems entirely reasonable to make a policy which e.g. allows block operations for interactive users after authentication. The tool should support this, so that more complicated local policies can be used. Related to https://github.com/systemd/systemd/pull/30307. --- diff --git a/man/systemd-inhibit.xml b/man/systemd-inhibit.xml index a6dbb06c360..52997195254 100644 --- a/man/systemd-inhibit.xml +++ b/man/systemd-inhibit.xml @@ -114,6 +114,7 @@ acquiring one. + diff --git a/src/login/inhibit.c b/src/login/inhibit.c index 4682830d198..13ba4b82f46 100644 --- a/src/login/inhibit.c +++ b/src/login/inhibit.c @@ -25,10 +25,11 @@ #include "terminal-util.h" #include "user-util.h" -static const char* arg_what = "idle:sleep:shutdown"; -static const char* arg_who = NULL; -static const char* arg_why = "Unknown reason"; -static const char* arg_mode = NULL; +static const char *arg_what = "idle:sleep:shutdown"; +static const char *arg_who = NULL; +static const char *arg_why = "Unknown reason"; +static const char *arg_mode = NULL; +static bool arg_ask_password = true; static PagerFlags arg_pager_flags = 0; static bool arg_legend = true; @@ -42,6 +43,8 @@ static int inhibit(sd_bus *bus, sd_bus_error *error) { int r; int fd; + (void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password); + r = bus_call_method(bus, bus_login_mgr, "Inhibit", error, &reply, "ssss", arg_what, arg_who, arg_why, arg_mode); if (r < 0) return r; @@ -145,6 +148,7 @@ static int help(void) { "\n%sExecute a process while inhibiting shutdown/sleep/idle.%s\n\n" " -h --help Show this help\n" " --version Show package version\n" + " --no-ask-password Do not attempt interactive authorization\n" " --no-pager Do not pipe output into a pager\n" " --no-legend Do not show the headers and footers\n" " --what=WHAT Operations to inhibit, colon separated list of:\n" @@ -173,20 +177,22 @@ static int parse_argv(int argc, char *argv[]) { ARG_WHY, ARG_MODE, ARG_LIST, + ARG_NO_ASK_PASSWORD, ARG_NO_PAGER, ARG_NO_LEGEND, }; static const struct option options[] = { - { "help", no_argument, NULL, 'h' }, - { "version", no_argument, NULL, ARG_VERSION }, - { "what", required_argument, NULL, ARG_WHAT }, - { "who", required_argument, NULL, ARG_WHO }, - { "why", required_argument, NULL, ARG_WHY }, - { "mode", required_argument, NULL, ARG_MODE }, - { "list", no_argument, NULL, ARG_LIST }, - { "no-pager", no_argument, NULL, ARG_NO_PAGER }, - { "no-legend", no_argument, NULL, ARG_NO_LEGEND }, + { "help", no_argument, NULL, 'h' }, + { "version", no_argument, NULL, ARG_VERSION }, + { "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD }, + { "what", required_argument, NULL, ARG_WHAT }, + { "who", required_argument, NULL, ARG_WHO }, + { "why", required_argument, NULL, ARG_WHY }, + { "mode", required_argument, NULL, ARG_MODE }, + { "list", no_argument, NULL, ARG_LIST }, + { "no-pager", no_argument, NULL, ARG_NO_PAGER }, + { "no-legend", no_argument, NULL, ARG_NO_LEGEND }, {} }; @@ -228,6 +234,10 @@ static int parse_argv(int argc, char *argv[]) { arg_action = ACTION_LIST; break; + case ARG_NO_ASK_PASSWORD: + arg_ask_password = false; + break; + case ARG_NO_PAGER: arg_pager_flags |= PAGER_DISABLE; break; @@ -267,6 +277,8 @@ static int run(int argc, char *argv[]) { if (r < 0) return bus_log_connect_error(r, BUS_TRANSPORT_LOCAL); + (void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password); + if (arg_action == ACTION_LIST) return print_inhibitors(bus); else {