File nm-applet-private-connection.patch of Package NetworkManager-gnome
From d646ee98751194e6bd7e2f57418a2a995c634924 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <chingpang@gmail.com>
Date: Thu, 2 Feb 2012 18:08:56 +0800
Subject: [PATCH] Create private connections if the user is not authorized
Some distributions do not allow the normal user to create a system
connection without the polkit authentication. This commit checks
the polkit policy and creates private connections if the user is
not authorized.
https://bugzilla.gnome.org/show_bug.cgi?id=646187
---
src/applet-device-cdma.c | 6 ++++
src/applet-device-gsm.c | 6 ++++
src/applet-device-wifi.c | 12 +++++++
src/applet-device-wimax.c | 6 ++++
src/applet-device-wired.c | 6 ++++
src/connection-editor/Makefile.am | 2 +
src/connection-editor/ce-page.c | 47 +++++++++++++++++++++++++++++
src/gnome-bluetooth/Makefile.am | 2 +
src/gnome-bluetooth/bt-widget.c | 59 +++++++++++++++++++++++++++++++++++++
src/utils/Makefile.am | 3 +-
src/utils/utils.c | 40 +++++++++++++++++++++++++
src/utils/utils.h | 2 +
12 files changed, 190 insertions(+), 1 deletions(-)
Index: network-manager-applet-0.9.4.1/src/applet-device-cdma.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/applet-device-cdma.c
+++ network-manager-applet-0.9.4.1/src/applet-device-cdma.c
@@ -148,6 +148,12 @@ mobile_wizard_done (NMAMobileWizard *wiz
NULL);
g_free (uuid);
g_free (id);
+ if (!utils_system_connection_authorized ()) {
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, setting);
}
Index: network-manager-applet-0.9.4.1/src/applet-device-gsm.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/applet-device-gsm.c
+++ network-manager-applet-0.9.4.1/src/applet-device-gsm.c
@@ -177,6 +177,12 @@ mobile_wizard_done (NMAMobileWizard *wiz
NULL);
g_free (uuid);
g_free (id);
+ if (!utils_system_connection_authorized ()) {
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, setting);
}
Index: network-manager-applet-0.9.4.1/src/applet-device-wifi.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/applet-device-wifi.c
+++ network-manager-applet-0.9.4.1/src/applet-device-wifi.c
@@ -462,6 +462,18 @@ _do_new_auto_connection (NMApplet *apple
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
}
+ if (!utils_system_connection_authorized ()) {
+ s_con = nm_connection_get_setting_connection (connection);
+ if (!s_con) {
+ s_con = (NMSettingConnection *) nm_setting_connection_new ();
+ nm_connection_add_setting (connection, NM_SETTING (s_con));
+ }
+ nm_setting_connection_add_permission (s_con,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
+
/* If it's an 802.1x connection, we need more information, so pop up the
* Dialog Of Doom.
*/
Index: network-manager-applet-0.9.4.1/src/applet-device-wimax.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/applet-device-wimax.c
+++ network-manager-applet-0.9.4.1/src/applet-device-wimax.c
@@ -94,6 +94,12 @@ wimax_new_auto_connection (NMDevice *dev
NM_SETTING_CONNECTION_UUID, uuid,
NULL);
g_free (uuid);
+ if (!utils_system_connection_authorized ()) {
+ nm_setting_connection_add_permission (s_con,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, NM_SETTING (s_con));
Index: network-manager-applet-0.9.4.1/src/applet-device-wired.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/applet-device-wired.c
+++ network-manager-applet-0.9.4.1/src/applet-device-wired.c
@@ -86,6 +86,12 @@ wired_new_auto_connection (NMDevice *dev
NM_SETTING_CONNECTION_UUID, uuid,
NULL);
g_free (uuid);
+ if (!utils_system_connection_authorized ()) {
+ nm_setting_connection_add_permission (s_con,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, NM_SETTING (s_con));
Index: network-manager-applet-0.9.4.1/src/connection-editor/Makefile.am
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/connection-editor/Makefile.am
+++ network-manager-applet-0.9.4.1/src/connection-editor/Makefile.am
@@ -12,6 +12,7 @@ nm_connection_editor_CPPFLAGS = \
-DDATADIR=\""$(datadir)"\" \
-DNMALOCALEDIR=\"$(datadir)/locale\" \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(DISABLE_DEPRECATED) \
-I${top_srcdir}/src/utils \
-I${top_srcdir}/src/wireless-security \
@@ -67,6 +68,7 @@ nm_connection_editor_LDADD = \
${top_builddir}/src/libnm-gtk/libnm-gtk.la \
$(GTK_LIBS) \
$(NMA_LIBS) \
+ $(POLKIT_LIBS) \
-lm
uidir = $(datadir)/nm-applet
Index: network-manager-applet-0.9.4.1/src/connection-editor/ce-page.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/connection-editor/ce-page.c
+++ network-manager-applet-0.9.4.1/src/connection-editor/ce-page.c
@@ -29,6 +29,8 @@
#include <glib/gi18n.h>
+#include <polkit/polkit.h>
+
#include <nm-setting-connection.h>
#include <nm-utils.h>
@@ -490,6 +492,44 @@ ce_page_class_init (CEPageClass *page_cl
G_TYPE_NONE, 1, G_TYPE_POINTER);
}
+static gboolean
+polkit_system_connection_authorized ()
+{
+ PolkitSubject *subject;
+ PolkitAuthority *authority;
+ PolkitAuthorizationResult *result;
+ GError *error = NULL;
+ static gboolean is_checked = FALSE;
+ static gboolean is_authorized = FALSE;
+
+ if (is_checked)
+ return is_authorized;
+
+ /* Check the polkit authorization */
+ authority = polkit_authority_get_sync (NULL, NULL);
+ subject = polkit_unix_process_new (getpid ());
+ result = polkit_authority_check_authorization_sync (authority,
+ subject,
+ "org.freedesktop.NetworkManager.settings.modify.system",
+ NULL,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+ NULL,
+ &error);
+ if (error || !result) {
+ g_warning ("%s: failed to check polkit authorization! %s", __func__,
+ error ? error->message : "(unknown)");
+ g_clear_error (&error);
+ } else if (polkit_authorization_result_get_is_authorized (result)) {
+ is_authorized = TRUE;
+ }
+ g_object_unref (result);
+ g_object_unref (authority);
+ g_object_unref (subject);
+
+ is_checked = TRUE;
+
+ return is_authorized;
+}
NMConnection *
ce_page_new_connection (const char *format,
@@ -524,6 +564,13 @@ ce_page_new_connection (const char *form
g_free (uuid);
g_free (id);
+ if (!polkit_system_connection_authorized ()) {
+ nm_setting_connection_add_permission (s_con,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
+
return connection;
}
Index: network-manager-applet-0.9.4.1/src/gnome-bluetooth/Makefile.am
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/gnome-bluetooth/Makefile.am
+++ network-manager-applet-0.9.4.1/src/gnome-bluetooth/Makefile.am
@@ -7,6 +7,7 @@ INCLUDES = \
-I${top_srcdir}/src/utils \
-I${top_srcdir}/src/libnm-gtk \
$(GNOME_BLUETOOTH_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(DISABLE_DEPRECATED) \
$(WARN_CFLAGS)
@@ -25,6 +26,7 @@ libnma_la_LIBADD = \
$(top_builddir)/src/marshallers/libmarshallers.la \
$(top_builddir)/src/utils/libutils.la \
$(top_builddir)/src/libnm-gtk/libnm-gtk.la \
+ $(POLKIT_LIBS) \
$(GNOME_BLUETOOTH_LIBS)
endif
Index: network-manager-applet-0.9.4.1/src/gnome-bluetooth/bt-widget.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/gnome-bluetooth/bt-widget.c
+++ network-manager-applet-0.9.4.1/src/gnome-bluetooth/bt-widget.c
@@ -48,6 +48,8 @@
#include <dbus/dbus.h>
#include <dbus/dbus-glib.h>
+#include <polkit/polkit.h>
+
#include "nma-marshal.h"
#include "nm-mobile-wizard.h"
@@ -187,6 +189,45 @@ get_device_iter (GtkTreeModel *model, co
return FALSE;
}
+static gboolean
+polkit_system_connection_authorized ()
+{
+ PolkitSubject *subject;
+ PolkitAuthority *authority;
+ PolkitAuthorizationResult *result;
+ GError *error = NULL;
+ static gboolean is_checked = FALSE;
+ static gboolean is_authorized = FALSE;
+
+ if (is_checked)
+ return is_authorized;
+
+ /* Check the polkit authorization */
+ authority = polkit_authority_get_sync (NULL, NULL);
+ subject = polkit_unix_process_new (getpid ());
+ result = polkit_authority_check_authorization_sync (authority,
+ subject,
+ "org.freedesktop.NetworkManager.settings.modify.system",
+ NULL,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+ NULL,
+ &error);
+ if (error || !result) {
+ g_warning ("%s: failed to check polkit authorization! %s", __func__,
+ error ? error->message : "(unknown)");
+ g_clear_error (&error);
+ } else if (polkit_authorization_result_get_is_authorized (result)) {
+ is_authorized = TRUE;
+ }
+ g_object_unref (result);
+ g_object_unref (authority);
+ g_object_unref (subject);
+
+ is_checked = TRUE;
+
+ return is_authorized;
+}
+
/*******************************************************************/
static void
@@ -256,6 +297,12 @@ add_pan_connection (PluginInfo *info)
NULL);
g_free (id);
g_free (uuid);
+ if (!polkit_system_connection_authorized ()) {
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, setting);
/* The Bluetooth settings */
@@ -421,6 +468,12 @@ dun_new_cdma (NMAMobileWizardAccessMetho
NULL);
g_free (uuid);
g_free (id);
+ if (!polkit_system_connection_authorized ()) {
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, setting);
return connection;
@@ -470,6 +523,12 @@ dun_new_gsm (NMAMobileWizardAccessMethod
NULL);
g_free (uuid);
g_free (id);
+ if (!polkit_system_connection_authorized ()) {
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_connection_add_setting (connection, setting);
return connection;
Index: network-manager-applet-0.9.4.1/src/utils/Makefile.am
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/utils/Makefile.am
+++ network-manager-applet-0.9.4.1/src/utils/Makefile.am
@@ -12,8 +12,9 @@ libutils_la_CPPFLAGS = \
$(GTK_CFLAGS) \
$(NMA_CFLAGS) \
$(GNOME_KEYRING_CFLAGS) \
+ $(POLKIT_CFLAGS) \
-DDATADIR=\""$(datadir)"\" \
$(DISABLE_DEPRECATED) \
-I${top_srcdir}/src
-libutils_la_LIBADD = $(GTK_LIBS) $(NMA_LIBS) $(GNOME_KEYRING_LIBS)
+libutils_la_LIBADD = $(GTK_LIBS) $(NMA_LIBS) $(GNOME_KEYRING_LIBS) $(POLKIT_LIBS)
Index: network-manager-applet-0.9.4.1/src/utils/utils.c
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/utils/utils.c
+++ network-manager-applet-0.9.4.1/src/utils/utils.c
@@ -26,6 +26,8 @@
#include <glib.h>
#include <gtk/gtk.h>
+#include <polkit/polkit.h>
+
#include <nm-setting-connection.h>
#include <nm-utils.h>
@@ -390,3 +392,41 @@ utils_show_error_dialog (const char *tit
}
}
+gboolean
+utils_system_connection_authorized ()
+{
+ PolkitSubject *subject;
+ PolkitAuthority *authority;
+ PolkitAuthorizationResult *result;
+ GError *error = NULL;
+ static gboolean is_checked = FALSE;
+ static gboolean is_authorized = FALSE;
+
+ if (is_checked)
+ return is_authorized;
+
+ /* Check the polkit authorization */
+ authority = polkit_authority_get_sync (NULL, NULL);
+ subject = polkit_unix_process_new (getpid ());
+ result = polkit_authority_check_authorization_sync (authority,
+ subject,
+ "org.freedesktop.NetworkManager.settings.modify.system",
+ NULL,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+ NULL,
+ &error);
+ if (error || !result) {
+ g_warning ("%s: failed to check polkit authorization! %s", __func__,
+ error ? error->message : "(unknown)");
+ g_clear_error (&error);
+ } else if (polkit_authorization_result_get_is_authorized (result)) {
+ is_authorized = TRUE;
+ }
+ g_object_unref (result);
+ g_object_unref (authority);
+ g_object_unref (subject);
+
+ is_checked = TRUE;
+
+ return is_authorized;
+}
Index: network-manager-applet-0.9.4.1/src/utils/utils.h
===================================================================
--- network-manager-applet-0.9.4.1.orig/src/utils/utils.h
+++ network-manager-applet-0.9.4.1/src/utils/utils.h
@@ -70,5 +70,7 @@ typedef enum {
NMA_ERROR_GENERIC
} NMAError;
+gboolean utils_system_connection_authorized ();
+
#endif /* UTILS_H */
Index: network-manager-applet-0.9.4.1/configure.ac
===================================================================
--- network-manager-applet-0.9.4.1.orig/configure.ac
+++ network-manager-applet-0.9.4.1/configure.ac
@@ -108,6 +108,10 @@ PKG_CHECK_MODULES(GCONF, [gconf-2.0])
AC_SUBST(GCONF_CFLAGS)
AC_SUBST(GCONF_LIBS)
+PKG_CHECK_MODULES(POLKIT, [polkit-gobject-1])
+AC_SUBST(POLKIT_CFLAGS)
+AC_SUBST(POLKIT_LIBS)
+
PKG_CHECK_MODULES(GNOME_KEYRING, [gnome-keyring-1])
AC_SUBST(GNOME_KEYRING_CFLAGS)
AC_SUBST(GNOME_KEYRING_LIBS)
