pool/gnome-control-center
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 126546 from GNOME:Factory

Browse Source 
Fix bnc751211 - no more root to create a wifi connection (forwarded request 126529 from dimstar)

OBS-URL: https://build.opensuse.org/request/show/126546
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnome-control-center?expand=0&rev=79
This commit is contained in:
Stephan Kulow 2012-06-29 11:21:59 +00:00 committed by Git OBS Bridge
commit 6994a82f14
3 changed files with 265 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

253
gcc-private-connection.patch Normal file
View File

@ -0,0 +1,253 @@
From 92c236ea488f8d774a876f1e6ece410b5c920173 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <chingpang@gmail.com>
Date: Tue, 14 Feb 2012 18:41:51 +0800
Subject: [PATCH] network: create private connections if the user if not
authorized
This commit checks whether the polkit policy allows the user to
create a system connection without authentication. If not, create
private connections.
https://bugzilla.gnome.org/show_bug.cgi?id=646187
---
configure.ac | 3 +-
panels/network/cc-network-panel.c | 72 ++++++++++++++++++++++++++++++++++++-
panels/network/cc-network-panel.h | 2 +
panels/network/network-dialogs.c | 16 ++++++++
4 files changed, 91 insertions(+), 2 deletions(-)
Index: gnome-control-center-3.4.2/configure.ac
===================================================================
--- gnome-control-center-3.4.2.orig/configure.ac
+++ gnome-control-center-3.4.2/configure.ac
@@ -105,7 +105,8 @@ PKG_CHECK_MODULES(KEYBOARD_PANEL, $COMMO
PKG_CHECK_MODULES(MEDIA_PANEL, $COMMON_MODULES)
PKG_CHECK_MODULES(MOUSE_PANEL, $COMMON_MODULES xi >= 1.2
gnome-settings-daemon >= $GSD_REQUIRED_VERSION x11)
-PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES)
+PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES
+ polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION)
PKG_CHECK_MODULES(ONLINE_ACCOUNTS_PANEL, $COMMON_MODULES goa-1.0 goa-backend-1.0)
PKG_CHECK_MODULES(POWER_PANEL, $COMMON_MODULES upower-glib >= 0.9.1
gnome-settings-daemon >= $GSD_REQUIRED_VERSION)
Index: gnome-control-center-3.4.2/panels/network/cc-network-panel.c
===================================================================
--- gnome-control-center-3.4.2.orig/panels/network/cc-network-panel.c
+++ gnome-control-center-3.4.2/panels/network/cc-network-panel.c
@@ -24,6 +24,8 @@
#include <netinet/ether.h>
#include <stdlib.h>
+#include <polkit/polkit.h>
+
#include "cc-network-panel.h"
#include "nm-remote-settings.h"
@@ -85,6 +87,9 @@ struct _CcNetworkPanelPrivate
gchar *arg_device;
gchar *arg_access_point;
gboolean operation_done;
+
+ /* polkit authentication check */
+ gboolean default_private;
};
enum {
@@ -2827,8 +2832,10 @@ wireless_ap_changed_cb (GtkComboBox *com
NetObject *object;
NMConnection *connection;
NMConnection *connection_activate = NULL;
+ NMConnection *partial = NULL;
NMDevice *device;
NMSettingWireless *setting_wireless;
+ NMSettingConnection *setting_con;
if (panel->priv->updating_device)
goto out;
@@ -2897,8 +2904,17 @@ wireless_ap_changed_cb (GtkComboBox *com
/* create one, as it's missing */
g_debug ("no existing connection found for %s, creating",
ssid_target);
+ if (panel->priv->default_private) {
+ partial = nm_connection_new ();
+ setting_con = nm_setting_connection_new ();
+ nm_connection_add_setting (partial, NM_SETTING (setting_con));
+ nm_setting_connection_add_permission (setting_con,
+ "user",
+ g_get_user_name(),
+ NULL);
+ }
nm_client_add_and_activate_connection (panel->priv->client,
- NULL,
+ partial,
device, object_path,
connection_add_activate_cb, panel);
out:
@@ -3150,6 +3166,11 @@ start_shared_connection (CcNetworkPanel
"id", "Hotspot",
"autoconnect", FALSE,
NULL);
+ if (panel->priv->default_private)
+ nm_setting_connection_add_permission (sc,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (c, (NMSetting *)sc);
sw = (NMSettingWireless *)nm_setting_wireless_new ();
@@ -3373,6 +3394,24 @@ network_add_shell_header_widgets_cb (gpo
}
static void
+check_authorization_cb (PolkitAuthority *authority,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ PolkitAuthorizationResult *result;
+ CcNetworkPanel *panel = user_data;
+ GError *error = NULL;
+
+ result = polkit_authority_check_authorization_finish (authority, res, &error);
+ if (error != NULL) {
+ g_warning ("Failed to check authorization: %s", error->message);
+ g_error_free (error);
+ } else if (polkit_authorization_result_get_is_authorized (result)) {
+ panel->priv->default_private = FALSE;
+ }
+}
+
+static void
cc_network_panel_init (CcNetworkPanel *panel)
{
DBusGConnection *bus = NULL;
@@ -3387,6 +3426,9 @@ cc_network_panel_init (CcNetworkPanel *p
GtkTreeSortable *sortable;
GtkWidget *widget;
GtkWidget *toplevel;
+ PolkitSubject *subject;
+ PolkitAuthority *authority;
+ PolkitAuthorizationResult *result;
panel->priv = NETWORK_PANEL_PRIVATE (panel);
@@ -3666,6 +3708,28 @@ cc_network_panel_init (CcNetworkPanel *p
/* add kill switch widgets when dialog activated */
panel->priv->add_header_widgets_idle = g_idle_add (network_add_shell_header_widgets_cb, panel);
+
+ /* check the polkit authentication */
+ panel->priv->default_private = TRUE;
+ authority = polkit_authority_get_sync (NULL, NULL);
+ subject = polkit_unix_process_new (getpid ());
+ result = polkit_authority_check_authorization_sync (authority,
+ subject,
+ "org.freedesktop.NetworkManager.settings.modify.system",
+ NULL,
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+ NULL,
+ &error);
+ if (error || !result) {
+ g_warning ("Failed to check polkit authorization! %s",
+ error->message);
+ g_clear_error (&error);
+ } else if (polkit_authorization_result_get_is_authorized (result)) {
+ panel->priv->default_private = FALSE;
+ }
+ g_object_unref (result);
+ g_object_unref (authority);
+ g_object_unref (subject);
}
void
@@ -3676,3 +3740,9 @@ cc_network_panel_register (GIOModule *mo
CC_TYPE_NETWORK_PANEL,
"network", 0);
}
+
+gboolean
+cc_network_panel_get_default_private (CcNetworkPanel *panel)
+{
+ return panel->priv->default_private;
+}
Index: gnome-control-center-3.4.2/panels/network/cc-network-panel.h
===================================================================
--- gnome-control-center-3.4.2.orig/panels/network/cc-network-panel.h
+++ gnome-control-center-3.4.2/panels/network/cc-network-panel.h
@@ -67,6 +67,8 @@ GType cc_network_panel_get_type (void) G
void cc_network_panel_register (GIOModule *module);
+gboolean cc_network_panel_get_default_private (CcNetworkPanel *panel);
+
G_END_DECLS
#endif /* _CC_NETWORK_PANEL_H */
Index: gnome-control-center-3.4.2/panels/network/network-dialogs.c
===================================================================
--- gnome-control-center-3.4.2.orig/panels/network/network-dialogs.c
+++ gnome-control-center-3.4.2/panels/network/network-dialogs.c
@@ -41,6 +41,7 @@ typedef struct {
NMClient *client;
NMRemoteSettings *settings;
NMDevice *device;
+ gboolean default_private;
} MobileDialogClosure;
static void
@@ -288,6 +289,8 @@ cc_network_panel_connect_to_8021x_networ
uuid = nm_utils_uuid_generate ();
g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL);
g_free (uuid);
+ if (cc_network_panel_get_default_private (panel))
+ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
nm_connection_add_setting (connection, NM_SETTING (s_con));
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
@@ -345,6 +348,7 @@ cdma_mobile_wizard_done (NMAMobileWizard
if (!canceled && method) {
NMSetting *setting;
char *uuid, *id;
+ MobileDialogClosure *closure = user_data;
if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_CDMA_EVDO) {
g_warning ("Unexpected device type (not CDMA).");
@@ -388,6 +392,11 @@ cdma_mobile_wizard_done (NMAMobileWizard
NULL);
g_free (uuid);
g_free (id);
+ if (closure->default_private)
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
}
@@ -407,6 +416,7 @@ gsm_mobile_wizard_done (NMAMobileWizard
if (!canceled && method) {
NMSetting *setting;
char *uuid, *id;
+ MobileDialogClosure *closure = user_data;
if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) {
g_warning ("Unexpected device type (not GSM).");
@@ -451,6 +461,11 @@ gsm_mobile_wizard_done (NMAMobileWizard
NULL);
g_free (uuid);
g_free (id);
+ if (closure->default_private)
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
}
@@ -480,6 +495,7 @@ cc_network_panel_connect_to_3g_network (
closure->client = g_object_ref (client);
closure->settings = g_object_ref (settings);
closure->device = g_object_ref (device);
+ closure->default_private = cc_network_panel_get_default_private (panel);
caps = nm_device_modem_get_current_capabilities (NM_DEVICE_MODEM (device));
if (caps & NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) {

7
gnome-control-center.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Jun 28 21:20:55 UTC 2012 - dimstar@opensuse.org
- Add gcc-private-connection.patch: network: create private
connections if the user if not authorized [bnc#751211].
- Add call to gnome-autogen.sh in setup section.
------------------------------------------------------------------- -------------------------------------------------------------------
Fri May 25 12:20:40 UTC 2012 - vuntz@opensuse.org Fri May 25 12:20:40 UTC 2012 - vuntz@opensuse.org

5
gnome-control-center.spec
View File

@ -37,6 +37,8 @@ Patch2: gnome-control-center-hide-region-system-tab.patch
Patch3: gnome-control-center-fine-grained-tz-polkit.patch Patch3: gnome-control-center-fine-grained-tz-polkit.patch
# PATCH-NEEDS-REBASE gnome-control-center-system-proxy-configuration.patch -- this needs to be reimplemented to be more distro-generic before submitting upstream - docs at http://en.opensuse.org/GNOME/Proxy_configuration (was PATCH-FEATURE-OPENSUSE) # PATCH-NEEDS-REBASE gnome-control-center-system-proxy-configuration.patch -- this needs to be reimplemented to be more distro-generic before submitting upstream - docs at http://en.opensuse.org/GNOME/Proxy_configuration (was PATCH-FEATURE-OPENSUSE)
Patch14: gnome-control-center-system-proxy-configuration.patch Patch14: gnome-control-center-system-proxy-configuration.patch
# PATCH-FIX-UPSTREAM gcc-private-connection.patch bnc#751211 bgo#646187 dimstar@opensuse.org -- network: create private connections if the user if not authorized.
Patch15: gcc-private-connection.patch
BuildRequires: cups-devel BuildRequires: cups-devel
BuildRequires: desktop-file-utils BuildRequires: desktop-file-utils
BuildRequires: fdupes BuildRequires: fdupes
@ -160,9 +162,12 @@ translation-update-upstream
%patch3 -p1 %patch3 -p1
#NEEDS-REBASE #NEEDS-REBASE
#%patch14 -p1 #%patch14 -p1
%patch15 -p1
%if 0%{?BUILD_FROM_VCS} %if 0%{?BUILD_FROM_VCS}
[ -x ./autogen.sh ] && NOCONFIGURE=1 ./autogen.sh [ -x ./autogen.sh ] && NOCONFIGURE=1 ./autogen.sh
%else
NOCONFIGURE=1 gnome-autogen.sh
%endif %endif
%build %build