xref: /titanic_51/usr/src/cmd/policykit/polkit-is-privileged.c (revision 18c2aff776a775d34a4c9893a4c72e0434d68e36)
1*18c2aff7Sartem /***************************************************************************
2*18c2aff7Sartem  * CVSID: $Id$
3*18c2aff7Sartem  *
4*18c2aff7Sartem  * polkit-is-privileged.c : Determine if a user has privileges
5*18c2aff7Sartem  *
6*18c2aff7Sartem  * Copyright (C) 2006 David Zeuthen, <david@fubar.dk>
7*18c2aff7Sartem  *
8*18c2aff7Sartem  * This program is free software; you can redistribute it and/or modify
9*18c2aff7Sartem  * it under the terms of the GNU General Public License as published by
10*18c2aff7Sartem  * the Free Software Foundation; either version 2 of the License, or
11*18c2aff7Sartem  * (at your option) any later version.
12*18c2aff7Sartem  *
13*18c2aff7Sartem  * This program is distributed in the hope that it will be useful,
14*18c2aff7Sartem  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15*18c2aff7Sartem  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16*18c2aff7Sartem  * GNU General Public License for more details.
17*18c2aff7Sartem  *
18*18c2aff7Sartem  * You should have received a copy of the GNU General Public License
19*18c2aff7Sartem  * along with this program; if not, write to the Free Software
20*18c2aff7Sartem  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
21*18c2aff7Sartem  *
22*18c2aff7Sartem  **************************************************************************/
23*18c2aff7Sartem 
24*18c2aff7Sartem 
25*18c2aff7Sartem #ifdef HAVE_CONFIG_H
26*18c2aff7Sartem #  include <config.h>
27*18c2aff7Sartem #endif
28*18c2aff7Sartem 
29*18c2aff7Sartem #include <stdio.h>
30*18c2aff7Sartem #include <stdlib.h>
31*18c2aff7Sartem #include <getopt.h>
32*18c2aff7Sartem #include <dbus/dbus.h>
33*18c2aff7Sartem 
34*18c2aff7Sartem #include <libpolkit/libpolkit.h>
35*18c2aff7Sartem 
36*18c2aff7Sartem static void
37*18c2aff7Sartem usage (int argc, char *argv[])
38*18c2aff7Sartem {
39*18c2aff7Sartem 	fprintf (stderr, "polkit-is-privileged version " PACKAGE_VERSION "\n");
40*18c2aff7Sartem 
41*18c2aff7Sartem 	fprintf (stderr,
42*18c2aff7Sartem 		 "\n"
43*18c2aff7Sartem 		 "usage : %s -u <uid> -p <privilege> [-r <resource>]\n"
44*18c2aff7Sartem 		 "        [-s <system-bus-connection-name>]", argv[0]);
45*18c2aff7Sartem 	fprintf (stderr,
46*18c2aff7Sartem 		 "\n"
47*18c2aff7Sartem 		 "Options:\n"
48*18c2aff7Sartem 		 "    -u, --user                    Username or user id\n"
49*18c2aff7Sartem 		 "    -s, --system-bus-unique-name  Unique system bus connection name\n"
50*18c2aff7Sartem 		 "    -r, --resource                Resource\n"
51*18c2aff7Sartem 		 "    -p, --privilege               Privilege to test for\n"
52*18c2aff7Sartem 		 "    -h, --help                    Show this information and exit\n"
53*18c2aff7Sartem 		 "    -v, --verbose                 Verbose operation\n"
54*18c2aff7Sartem 		 "    -V, --version                 Print version number\n"
55*18c2aff7Sartem 		 "\n"
56*18c2aff7Sartem 		 "Queries system policy whether a given user is allowed for a given\n"
57*18c2aff7Sartem 		 "privilege for a given resource. The resource may be omitted.\n"
58*18c2aff7Sartem 		 "\n");
59*18c2aff7Sartem }
60*18c2aff7Sartem 
61*18c2aff7Sartem int
62*18c2aff7Sartem main (int argc, char *argv[])
63*18c2aff7Sartem {
64*18c2aff7Sartem 	int rc;
65*18c2aff7Sartem 	char *user = NULL;
66*18c2aff7Sartem 	char *privilege = NULL;
67*18c2aff7Sartem 	char *resource = NULL;
68*18c2aff7Sartem 	char *system_bus_unique_name = NULL;
69*18c2aff7Sartem 	static const struct option long_options[] = {
70*18c2aff7Sartem 		{"user", required_argument, NULL, 'u'},
71*18c2aff7Sartem 		{"system-bus-unique-name", required_argument, NULL, 's'},
72*18c2aff7Sartem 		{"resource", required_argument, NULL, 'r'},
73*18c2aff7Sartem 		{"privilege", required_argument, NULL, 'p'},
74*18c2aff7Sartem 		{"help", no_argument, NULL, 'h'},
75*18c2aff7Sartem 		{"verbose", no_argument, NULL, 'v'},
76*18c2aff7Sartem 		{"version", no_argument, NULL, 'V'},
77*18c2aff7Sartem 		{NULL, 0, NULL, 0}
78*18c2aff7Sartem 	};
79*18c2aff7Sartem 	LibPolKitContext *ctx = NULL;
80*18c2aff7Sartem 	gboolean is_allowed;
81*18c2aff7Sartem 	gboolean is_temporary;
82*18c2aff7Sartem 	LibPolKitResult result;
83*18c2aff7Sartem 	gboolean is_verbose = FALSE;
84*18c2aff7Sartem 	DBusError error;
85*18c2aff7Sartem 	DBusConnection *connection = NULL;
86*18c2aff7Sartem 
87*18c2aff7Sartem 	rc = 1;
88*18c2aff7Sartem 
89*18c2aff7Sartem 	while (TRUE) {
90*18c2aff7Sartem 		int c;
91*18c2aff7Sartem 
92*18c2aff7Sartem 		c = getopt_long (argc, argv, "u:r:p:s:hVv", long_options, NULL);
93*18c2aff7Sartem 
94*18c2aff7Sartem 		if (c == -1)
95*18c2aff7Sartem 			break;
96*18c2aff7Sartem 
97*18c2aff7Sartem 		switch (c) {
98*18c2aff7Sartem 		case 's':
99*18c2aff7Sartem 			system_bus_unique_name = g_strdup (optarg);
100*18c2aff7Sartem 			break;
101*18c2aff7Sartem 
102*18c2aff7Sartem 		case 'u':
103*18c2aff7Sartem 			user = g_strdup (optarg);
104*18c2aff7Sartem 			break;
105*18c2aff7Sartem 
106*18c2aff7Sartem 		case 'r':
107*18c2aff7Sartem 			resource = g_strdup (optarg);
108*18c2aff7Sartem 			break;
109*18c2aff7Sartem 
110*18c2aff7Sartem 		case 'p':
111*18c2aff7Sartem 			privilege = g_strdup (optarg);
112*18c2aff7Sartem 			break;
113*18c2aff7Sartem 
114*18c2aff7Sartem 		case 'v':
115*18c2aff7Sartem 			is_verbose = TRUE;
116*18c2aff7Sartem 			break;
117*18c2aff7Sartem 
118*18c2aff7Sartem 		case 'h':
119*18c2aff7Sartem 			usage (argc, argv);
120*18c2aff7Sartem 			rc = 0;
121*18c2aff7Sartem 			goto out;
122*18c2aff7Sartem 
123*18c2aff7Sartem 		case 'V':
124*18c2aff7Sartem 			printf ("polkit-is-privileged version " PACKAGE_VERSION "\n");
125*18c2aff7Sartem 			rc = 0;
126*18c2aff7Sartem 			goto out;
127*18c2aff7Sartem 
128*18c2aff7Sartem 		default:
129*18c2aff7Sartem 			usage (argc, argv);
130*18c2aff7Sartem 			goto out;
131*18c2aff7Sartem 		}
132*18c2aff7Sartem 	}
133*18c2aff7Sartem 
134*18c2aff7Sartem 	if (user == NULL || privilege == NULL) {
135*18c2aff7Sartem 		usage (argc, argv);
136*18c2aff7Sartem 		return 1;
137*18c2aff7Sartem 	}
138*18c2aff7Sartem 
139*18c2aff7Sartem 	if (is_verbose) {
140*18c2aff7Sartem 		printf ("user      = '%s'\n", user);
141*18c2aff7Sartem 		printf ("privilege = '%s'\n", privilege);
142*18c2aff7Sartem 		if (resource != NULL)
143*18c2aff7Sartem 			printf ("resource  = '%s'\n", resource);
144*18c2aff7Sartem 	}
145*18c2aff7Sartem 
146*18c2aff7Sartem #ifdef POLKITD_ENABLED
147*18c2aff7Sartem 	dbus_error_init (&error);
148*18c2aff7Sartem 	connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
149*18c2aff7Sartem 	if (connection == NULL) {
150*18c2aff7Sartem 		g_warning ("Cannot connect to system message bus");
151*18c2aff7Sartem 		return 1;
152*18c2aff7Sartem 	}
153*18c2aff7Sartem #endif /* POLKITD_ENABLED */
154*18c2aff7Sartem 
155*18c2aff7Sartem 	ctx = libpolkit_new_context (connection);
156*18c2aff7Sartem 	if (ctx == NULL) {
157*18c2aff7Sartem 		g_warning ("Cannot get libpolkit context");
158*18c2aff7Sartem 		goto out;
159*18c2aff7Sartem 	}
160*18c2aff7Sartem 
161*18c2aff7Sartem 	result = libpolkit_is_uid_allowed_for_privilege (ctx,
162*18c2aff7Sartem 							 system_bus_unique_name,
163*18c2aff7Sartem 							 user,
164*18c2aff7Sartem 							 privilege,
165*18c2aff7Sartem 							 resource,
166*18c2aff7Sartem 							 &is_allowed,
167*18c2aff7Sartem 							 &is_temporary,
168*18c2aff7Sartem 							 NULL);
169*18c2aff7Sartem 	switch (result) {
170*18c2aff7Sartem 	case LIBPOLKIT_RESULT_OK:
171*18c2aff7Sartem 		rc = is_allowed ? 0 : 1;
172*18c2aff7Sartem 		break;
173*18c2aff7Sartem 
174*18c2aff7Sartem 	case LIBPOLKIT_RESULT_ERROR:
175*18c2aff7Sartem 		g_warning ("Error determing whether user is privileged.");
176*18c2aff7Sartem 		break;
177*18c2aff7Sartem 
178*18c2aff7Sartem 	case LIBPOLKIT_RESULT_INVALID_CONTEXT:
179*18c2aff7Sartem 		g_print ("Invalid context.\n");
180*18c2aff7Sartem 		goto out;
181*18c2aff7Sartem 
182*18c2aff7Sartem 	case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
183*18c2aff7Sartem 		g_print ("Not privileged.\n");
184*18c2aff7Sartem 
185*18c2aff7Sartem 	case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
186*18c2aff7Sartem 		g_print ("No such privilege '%s'.\n", privilege);
187*18c2aff7Sartem 		goto out;
188*18c2aff7Sartem 
189*18c2aff7Sartem 	case LIBPOLKIT_RESULT_NO_SUCH_USER:
190*18c2aff7Sartem 		g_print ("No such user '%s'.\n", user);
191*18c2aff7Sartem 		goto out;
192*18c2aff7Sartem 	}
193*18c2aff7Sartem 
194*18c2aff7Sartem 	if (is_verbose) {
195*18c2aff7Sartem 		printf ("result %d\n", result);
196*18c2aff7Sartem 		printf ("is_allowed %d\n", is_allowed);
197*18c2aff7Sartem 	}
198*18c2aff7Sartem 
199*18c2aff7Sartem out:
200*18c2aff7Sartem 	if (ctx != NULL)
201*18c2aff7Sartem 		libpolkit_free_context (ctx);
202*18c2aff7Sartem 
203*18c2aff7Sartem 	return rc;
204*18c2aff7Sartem }
205*18c2aff7Sartem 
206