xref: /onnv-gate/usr/src/cmd/policykit/polkit-is-privileged.c (revision 2912:85ea316d9c18) 
1*2912Sartem /***************************************************************************
2*2912Sartem  * CVSID: $Id$
3*2912Sartem  *
4*2912Sartem  * polkit-is-privileged.c : Determine if a user has privileges
5*2912Sartem  *
6*2912Sartem  * Copyright (C) 2006 David Zeuthen, <david@fubar.dk>
7*2912Sartem  *
8*2912Sartem  * This program is free software; you can redistribute it and/or modify
9*2912Sartem  * it under the terms of the GNU General Public License as published by
10*2912Sartem  * the Free Software Foundation; either version 2 of the License, or
11*2912Sartem  * (at your option) any later version.
12*2912Sartem  *
13*2912Sartem  * This program is distributed in the hope that it will be useful,
14*2912Sartem  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15*2912Sartem  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16*2912Sartem  * GNU General Public License for more details.
17*2912Sartem  *
18*2912Sartem  * You should have received a copy of the GNU General Public License
19*2912Sartem  * along with this program; if not, write to the Free Software
20*2912Sartem  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
21*2912Sartem  *
22*2912Sartem  **************************************************************************/
23*2912Sartem 
24*2912Sartem 
25*2912Sartem #ifdef HAVE_CONFIG_H
26*2912Sartem #  include <config.h>
27*2912Sartem #endif
28*2912Sartem 
29*2912Sartem #include <stdio.h>
30*2912Sartem #include <stdlib.h>
31*2912Sartem #include <getopt.h>
32*2912Sartem #include <dbus/dbus.h>
33*2912Sartem 
34*2912Sartem #include <libpolkit/libpolkit.h>
35*2912Sartem 
36*2912Sartem static void
usage(int argc,char * argv[])37*2912Sartem usage (int argc, char *argv[])
38*2912Sartem {
39*2912Sartem 	fprintf (stderr, "polkit-is-privileged version " PACKAGE_VERSION "\n");
40*2912Sartem 
41*2912Sartem 	fprintf (stderr,
42*2912Sartem 		 "\n"
43*2912Sartem 		 "usage : %s -u <uid> -p <privilege> [-r <resource>]\n"
44*2912Sartem 		 "        [-s <system-bus-connection-name>]", argv[0]);
45*2912Sartem 	fprintf (stderr,
46*2912Sartem 		 "\n"
47*2912Sartem 		 "Options:\n"
48*2912Sartem 		 "    -u, --user                    Username or user id\n"
49*2912Sartem 		 "    -s, --system-bus-unique-name  Unique system bus connection name\n"
50*2912Sartem 		 "    -r, --resource                Resource\n"
51*2912Sartem 		 "    -p, --privilege               Privilege to test for\n"
52*2912Sartem 		 "    -h, --help                    Show this information and exit\n"
53*2912Sartem 		 "    -v, --verbose                 Verbose operation\n"
54*2912Sartem 		 "    -V, --version                 Print version number\n"
55*2912Sartem 		 "\n"
56*2912Sartem 		 "Queries system policy whether a given user is allowed for a given\n"
57*2912Sartem 		 "privilege for a given resource. The resource may be omitted.\n"
58*2912Sartem 		 "\n");
59*2912Sartem }
60*2912Sartem 
61*2912Sartem int
main(int argc,char * argv[])62*2912Sartem main (int argc, char *argv[])
63*2912Sartem {
64*2912Sartem 	int rc;
65*2912Sartem 	char *user = NULL;
66*2912Sartem 	char *privilege = NULL;
67*2912Sartem 	char *resource = NULL;
68*2912Sartem 	char *system_bus_unique_name = NULL;
69*2912Sartem 	static const struct option long_options[] = {
70*2912Sartem 		{"user", required_argument, NULL, 'u'},
71*2912Sartem 		{"system-bus-unique-name", required_argument, NULL, 's'},
72*2912Sartem 		{"resource", required_argument, NULL, 'r'},
73*2912Sartem 		{"privilege", required_argument, NULL, 'p'},
74*2912Sartem 		{"help", no_argument, NULL, 'h'},
75*2912Sartem 		{"verbose", no_argument, NULL, 'v'},
76*2912Sartem 		{"version", no_argument, NULL, 'V'},
77*2912Sartem 		{NULL, 0, NULL, 0}
78*2912Sartem 	};
79*2912Sartem 	LibPolKitContext *ctx = NULL;
80*2912Sartem 	gboolean is_allowed;
81*2912Sartem 	gboolean is_temporary;
82*2912Sartem 	LibPolKitResult result;
83*2912Sartem 	gboolean is_verbose = FALSE;
84*2912Sartem 	DBusError error;
85*2912Sartem 	DBusConnection *connection = NULL;
86*2912Sartem 
87*2912Sartem 	rc = 1;
88*2912Sartem 
89*2912Sartem 	while (TRUE) {
90*2912Sartem 		int c;
91*2912Sartem 
92*2912Sartem 		c = getopt_long (argc, argv, "u:r:p:s:hVv", long_options, NULL);
93*2912Sartem 
94*2912Sartem 		if (c == -1)
95*2912Sartem 			break;
96*2912Sartem 
97*2912Sartem 		switch (c) {
98*2912Sartem 		case 's':
99*2912Sartem 			system_bus_unique_name = g_strdup (optarg);
100*2912Sartem 			break;
101*2912Sartem 
102*2912Sartem 		case 'u':
103*2912Sartem 			user = g_strdup (optarg);
104*2912Sartem 			break;
105*2912Sartem 
106*2912Sartem 		case 'r':
107*2912Sartem 			resource = g_strdup (optarg);
108*2912Sartem 			break;
109*2912Sartem 
110*2912Sartem 		case 'p':
111*2912Sartem 			privilege = g_strdup (optarg);
112*2912Sartem 			break;
113*2912Sartem 
114*2912Sartem 		case 'v':
115*2912Sartem 			is_verbose = TRUE;
116*2912Sartem 			break;
117*2912Sartem 
118*2912Sartem 		case 'h':
119*2912Sartem 			usage (argc, argv);
120*2912Sartem 			rc = 0;
121*2912Sartem 			goto out;
122*2912Sartem 
123*2912Sartem 		case 'V':
124*2912Sartem 			printf ("polkit-is-privileged version " PACKAGE_VERSION "\n");
125*2912Sartem 			rc = 0;
126*2912Sartem 			goto out;
127*2912Sartem 
128*2912Sartem 		default:
129*2912Sartem 			usage (argc, argv);
130*2912Sartem 			goto out;
131*2912Sartem 		}
132*2912Sartem 	}
133*2912Sartem 
134*2912Sartem 	if (user == NULL || privilege == NULL) {
135*2912Sartem 		usage (argc, argv);
136*2912Sartem 		return 1;
137*2912Sartem 	}
138*2912Sartem 
139*2912Sartem 	if (is_verbose) {
140*2912Sartem 		printf ("user      = '%s'\n", user);
141*2912Sartem 		printf ("privilege = '%s'\n", privilege);
142*2912Sartem 		if (resource != NULL)
143*2912Sartem 			printf ("resource  = '%s'\n", resource);
144*2912Sartem 	}
145*2912Sartem 
146*2912Sartem #ifdef POLKITD_ENABLED
147*2912Sartem 	dbus_error_init (&error);
148*2912Sartem 	connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
149*2912Sartem 	if (connection == NULL) {
150*2912Sartem 		g_warning ("Cannot connect to system message bus");
151*2912Sartem 		return 1;
152*2912Sartem 	}
153*2912Sartem #endif /* POLKITD_ENABLED */
154*2912Sartem 
155*2912Sartem 	ctx = libpolkit_new_context (connection);
156*2912Sartem 	if (ctx == NULL) {
157*2912Sartem 		g_warning ("Cannot get libpolkit context");
158*2912Sartem 		goto out;
159*2912Sartem 	}
160*2912Sartem 
161*2912Sartem 	result = libpolkit_is_uid_allowed_for_privilege (ctx,
162*2912Sartem 							 system_bus_unique_name,
163*2912Sartem 							 user,
164*2912Sartem 							 privilege,
165*2912Sartem 							 resource,
166*2912Sartem 							 &is_allowed,
167*2912Sartem 							 &is_temporary,
168*2912Sartem 							 NULL);
169*2912Sartem 	switch (result) {
170*2912Sartem 	case LIBPOLKIT_RESULT_OK:
171*2912Sartem 		rc = is_allowed ? 0 : 1;
172*2912Sartem 		break;
173*2912Sartem 
174*2912Sartem 	case LIBPOLKIT_RESULT_ERROR:
175*2912Sartem 		g_warning ("Error determing whether user is privileged.");
176*2912Sartem 		break;
177*2912Sartem 
178*2912Sartem 	case LIBPOLKIT_RESULT_INVALID_CONTEXT:
179*2912Sartem 		g_print ("Invalid context.\n");
180*2912Sartem 		goto out;
181*2912Sartem 
182*2912Sartem 	case LIBPOLKIT_RESULT_NOT_PRIVILEGED:
183*2912Sartem 		g_print ("Not privileged.\n");
184*2912Sartem 
185*2912Sartem 	case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE:
186*2912Sartem 		g_print ("No such privilege '%s'.\n", privilege);
187*2912Sartem 		goto out;
188*2912Sartem 
189*2912Sartem 	case LIBPOLKIT_RESULT_NO_SUCH_USER:
190*2912Sartem 		g_print ("No such user '%s'.\n", user);
191*2912Sartem 		goto out;
192*2912Sartem 	}
193*2912Sartem 
194*2912Sartem 	if (is_verbose) {
195*2912Sartem 		printf ("result %d\n", result);
196*2912Sartem 		printf ("is_allowed %d\n", is_allowed);
197*2912Sartem 	}
198*2912Sartem 
199*2912Sartem out:
200*2912Sartem 	if (ctx != NULL)
201*2912Sartem 		libpolkit_free_context (ctx);
202*2912Sartem 
203*2912Sartem 	return rc;
204*2912Sartem }
205*2912Sartem 
206