1 /*************************************************************************** 2 * CVSID: $Id$ 3 * 4 * polkit-is-privileged.c : Determine if a user has privileges 5 * 6 * Copyright (C) 2006 David Zeuthen, <david@fubar.dk> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 21 * 22 **************************************************************************/ 23 24 25 #ifdef HAVE_CONFIG_H 26 # include <config.h> 27 #endif 28 29 #include <stdio.h> 30 #include <stdlib.h> 31 #include <getopt.h> 32 #include <dbus/dbus.h> 33 34 #include <libpolkit/libpolkit.h> 35 36 static void 37 usage (int argc, char *argv[]) 38 { 39 fprintf (stderr, "polkit-is-privileged version " PACKAGE_VERSION "\n"); 40 41 fprintf (stderr, 42 "\n" 43 "usage : %s -u <uid> -p <privilege> [-r <resource>]\n" 44 " [-s <system-bus-connection-name>]", argv[0]); 45 fprintf (stderr, 46 "\n" 47 "Options:\n" 48 " -u, --user Username or user id\n" 49 " -s, --system-bus-unique-name Unique system bus connection name\n" 50 " -r, --resource Resource\n" 51 " -p, --privilege Privilege to test for\n" 52 " -h, --help Show this information and exit\n" 53 " -v, --verbose Verbose operation\n" 54 " -V, --version Print version number\n" 55 "\n" 56 "Queries system policy whether a given user is allowed for a given\n" 57 "privilege for a given resource. The resource may be omitted.\n" 58 "\n"); 59 } 60 61 int 62 main (int argc, char *argv[]) 63 { 64 int rc; 65 char *user = NULL; 66 char *privilege = NULL; 67 char *resource = NULL; 68 char *system_bus_unique_name = NULL; 69 static const struct option long_options[] = { 70 {"user", required_argument, NULL, 'u'}, 71 {"system-bus-unique-name", required_argument, NULL, 's'}, 72 {"resource", required_argument, NULL, 'r'}, 73 {"privilege", required_argument, NULL, 'p'}, 74 {"help", no_argument, NULL, 'h'}, 75 {"verbose", no_argument, NULL, 'v'}, 76 {"version", no_argument, NULL, 'V'}, 77 {NULL, 0, NULL, 0} 78 }; 79 LibPolKitContext *ctx = NULL; 80 gboolean is_allowed; 81 gboolean is_temporary; 82 LibPolKitResult result; 83 gboolean is_verbose = FALSE; 84 DBusError error; 85 DBusConnection *connection = NULL; 86 87 rc = 1; 88 89 while (TRUE) { 90 int c; 91 92 c = getopt_long (argc, argv, "u:r:p:s:hVv", long_options, NULL); 93 94 if (c == -1) 95 break; 96 97 switch (c) { 98 case 's': 99 system_bus_unique_name = g_strdup (optarg); 100 break; 101 102 case 'u': 103 user = g_strdup (optarg); 104 break; 105 106 case 'r': 107 resource = g_strdup (optarg); 108 break; 109 110 case 'p': 111 privilege = g_strdup (optarg); 112 break; 113 114 case 'v': 115 is_verbose = TRUE; 116 break; 117 118 case 'h': 119 usage (argc, argv); 120 rc = 0; 121 goto out; 122 123 case 'V': 124 printf ("polkit-is-privileged version " PACKAGE_VERSION "\n"); 125 rc = 0; 126 goto out; 127 128 default: 129 usage (argc, argv); 130 goto out; 131 } 132 } 133 134 if (user == NULL || privilege == NULL) { 135 usage (argc, argv); 136 return 1; 137 } 138 139 if (is_verbose) { 140 printf ("user = '%s'\n", user); 141 printf ("privilege = '%s'\n", privilege); 142 if (resource != NULL) 143 printf ("resource = '%s'\n", resource); 144 } 145 146 #ifdef POLKITD_ENABLED 147 dbus_error_init (&error); 148 connection = dbus_bus_get (DBUS_BUS_SYSTEM, &error); 149 if (connection == NULL) { 150 g_warning ("Cannot connect to system message bus"); 151 return 1; 152 } 153 #endif /* POLKITD_ENABLED */ 154 155 ctx = libpolkit_new_context (connection); 156 if (ctx == NULL) { 157 g_warning ("Cannot get libpolkit context"); 158 goto out; 159 } 160 161 result = libpolkit_is_uid_allowed_for_privilege (ctx, 162 system_bus_unique_name, 163 user, 164 privilege, 165 resource, 166 &is_allowed, 167 &is_temporary, 168 NULL); 169 switch (result) { 170 case LIBPOLKIT_RESULT_OK: 171 rc = is_allowed ? 0 : 1; 172 break; 173 174 case LIBPOLKIT_RESULT_ERROR: 175 g_warning ("Error determing whether user is privileged."); 176 break; 177 178 case LIBPOLKIT_RESULT_INVALID_CONTEXT: 179 g_print ("Invalid context.\n"); 180 goto out; 181 182 case LIBPOLKIT_RESULT_NOT_PRIVILEGED: 183 g_print ("Not privileged.\n"); 184 goto out; 185 186 case LIBPOLKIT_RESULT_NO_SUCH_PRIVILEGE: 187 g_print ("No such privilege '%s'.\n", privilege); 188 goto out; 189 190 case LIBPOLKIT_RESULT_NO_SUCH_USER: 191 g_print ("No such user '%s'.\n", user); 192 goto out; 193 } 194 195 if (is_verbose) { 196 printf ("result %d\n", result); 197 printf ("is_allowed %d\n", is_allowed); 198 } 199 200 out: 201 if (ctx != NULL) 202 libpolkit_free_context (ctx); 203 204 return rc; 205 } 206