diff --git a/gcc-private-connection.patch b/gcc-private-connection.patch new file mode 100644 index 0000000..853fe29 --- /dev/null +++ b/gcc-private-connection.patch @@ -0,0 +1,253 @@ +From 92c236ea488f8d774a876f1e6ece410b5c920173 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Tue, 14 Feb 2012 18:41:51 +0800 +Subject: [PATCH] network: create private connections if the user if not + authorized + +This commit checks whether the polkit policy allows the user to +create a system connection without authentication. If not, create +private connections. + +https://bugzilla.gnome.org/show_bug.cgi?id=646187 +--- + configure.ac | 3 +- + panels/network/cc-network-panel.c | 72 ++++++++++++++++++++++++++++++++++++- + panels/network/cc-network-panel.h | 2 + + panels/network/network-dialogs.c | 16 ++++++++ + 4 files changed, 91 insertions(+), 2 deletions(-) + +Index: gnome-control-center-3.4.2/configure.ac +=================================================================== +--- gnome-control-center-3.4.2.orig/configure.ac ++++ gnome-control-center-3.4.2/configure.ac +@@ -105,7 +105,8 @@ PKG_CHECK_MODULES(KEYBOARD_PANEL, $COMMO + PKG_CHECK_MODULES(MEDIA_PANEL, $COMMON_MODULES) + PKG_CHECK_MODULES(MOUSE_PANEL, $COMMON_MODULES xi >= 1.2 + gnome-settings-daemon >= $GSD_REQUIRED_VERSION x11) +-PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES) ++PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES ++ polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION) + PKG_CHECK_MODULES(ONLINE_ACCOUNTS_PANEL, $COMMON_MODULES goa-1.0 goa-backend-1.0) + PKG_CHECK_MODULES(POWER_PANEL, $COMMON_MODULES upower-glib >= 0.9.1 + gnome-settings-daemon >= $GSD_REQUIRED_VERSION) +Index: gnome-control-center-3.4.2/panels/network/cc-network-panel.c +=================================================================== +--- gnome-control-center-3.4.2.orig/panels/network/cc-network-panel.c ++++ gnome-control-center-3.4.2/panels/network/cc-network-panel.c +@@ -24,6 +24,8 @@ + #include + #include + ++#include ++ + #include "cc-network-panel.h" + + #include "nm-remote-settings.h" +@@ -85,6 +87,9 @@ struct _CcNetworkPanelPrivate + gchar *arg_device; + gchar *arg_access_point; + gboolean operation_done; ++ ++ /* polkit authentication check */ ++ gboolean default_private; + }; + + enum { +@@ -2827,8 +2832,10 @@ wireless_ap_changed_cb (GtkComboBox *com + NetObject *object; + NMConnection *connection; + NMConnection *connection_activate = NULL; ++ NMConnection *partial = NULL; + NMDevice *device; + NMSettingWireless *setting_wireless; ++ NMSettingConnection *setting_con; + + if (panel->priv->updating_device) + goto out; +@@ -2897,8 +2904,17 @@ wireless_ap_changed_cb (GtkComboBox *com + /* create one, as it's missing */ + g_debug ("no existing connection found for %s, creating", + ssid_target); ++ if (panel->priv->default_private) { ++ partial = nm_connection_new (); ++ setting_con = nm_setting_connection_new (); ++ nm_connection_add_setting (partial, NM_SETTING (setting_con)); ++ nm_setting_connection_add_permission (setting_con, ++ "user", ++ g_get_user_name(), ++ NULL); ++ } + nm_client_add_and_activate_connection (panel->priv->client, +- NULL, ++ partial, + device, object_path, + connection_add_activate_cb, panel); + out: +@@ -3150,6 +3166,11 @@ start_shared_connection (CcNetworkPanel + "id", "Hotspot", + "autoconnect", FALSE, + NULL); ++ if (panel->priv->default_private) ++ nm_setting_connection_add_permission (sc, ++ "user", ++ g_get_user_name(), ++ NULL); + nm_connection_add_setting (c, (NMSetting *)sc); + + sw = (NMSettingWireless *)nm_setting_wireless_new (); +@@ -3373,6 +3394,24 @@ network_add_shell_header_widgets_cb (gpo + } + + static void ++check_authorization_cb (PolkitAuthority *authority, ++ GAsyncResult *res, ++ gpointer user_data) ++{ ++ PolkitAuthorizationResult *result; ++ CcNetworkPanel *panel = user_data; ++ GError *error = NULL; ++ ++ result = polkit_authority_check_authorization_finish (authority, res, &error); ++ if (error != NULL) { ++ g_warning ("Failed to check authorization: %s", error->message); ++ g_error_free (error); ++ } else if (polkit_authorization_result_get_is_authorized (result)) { ++ panel->priv->default_private = FALSE; ++ } ++} ++ ++static void + cc_network_panel_init (CcNetworkPanel *panel) + { + DBusGConnection *bus = NULL; +@@ -3387,6 +3426,9 @@ cc_network_panel_init (CcNetworkPanel *p + GtkTreeSortable *sortable; + GtkWidget *widget; + GtkWidget *toplevel; ++ PolkitSubject *subject; ++ PolkitAuthority *authority; ++ PolkitAuthorizationResult *result; + + panel->priv = NETWORK_PANEL_PRIVATE (panel); + +@@ -3666,6 +3708,28 @@ cc_network_panel_init (CcNetworkPanel *p + + /* add kill switch widgets when dialog activated */ + panel->priv->add_header_widgets_idle = g_idle_add (network_add_shell_header_widgets_cb, panel); ++ ++ /* check the polkit authentication */ ++ panel->priv->default_private = TRUE; ++ authority = polkit_authority_get_sync (NULL, NULL); ++ subject = polkit_unix_process_new (getpid ()); ++ result = polkit_authority_check_authorization_sync (authority, ++ subject, ++ "org.freedesktop.NetworkManager.settings.modify.system", ++ NULL, ++ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE, ++ NULL, ++ &error); ++ if (error || !result) { ++ g_warning ("Failed to check polkit authorization! %s", ++ error->message); ++ g_clear_error (&error); ++ } else if (polkit_authorization_result_get_is_authorized (result)) { ++ panel->priv->default_private = FALSE; ++ } ++ g_object_unref (result); ++ g_object_unref (authority); ++ g_object_unref (subject); + } + + void +@@ -3676,3 +3740,9 @@ cc_network_panel_register (GIOModule *mo + CC_TYPE_NETWORK_PANEL, + "network", 0); + } ++ ++gboolean ++cc_network_panel_get_default_private (CcNetworkPanel *panel) ++{ ++ return panel->priv->default_private; ++} +Index: gnome-control-center-3.4.2/panels/network/cc-network-panel.h +=================================================================== +--- gnome-control-center-3.4.2.orig/panels/network/cc-network-panel.h ++++ gnome-control-center-3.4.2/panels/network/cc-network-panel.h +@@ -67,6 +67,8 @@ GType cc_network_panel_get_type (void) G + + void cc_network_panel_register (GIOModule *module); + ++gboolean cc_network_panel_get_default_private (CcNetworkPanel *panel); ++ + G_END_DECLS + + #endif /* _CC_NETWORK_PANEL_H */ +Index: gnome-control-center-3.4.2/panels/network/network-dialogs.c +=================================================================== +--- gnome-control-center-3.4.2.orig/panels/network/network-dialogs.c ++++ gnome-control-center-3.4.2/panels/network/network-dialogs.c +@@ -41,6 +41,7 @@ typedef struct { + NMClient *client; + NMRemoteSettings *settings; + NMDevice *device; ++ gboolean default_private; + } MobileDialogClosure; + + static void +@@ -288,6 +289,8 @@ cc_network_panel_connect_to_8021x_networ + uuid = nm_utils_uuid_generate (); + g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL); + g_free (uuid); ++ if (cc_network_panel_get_default_private (panel)) ++ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL); + nm_connection_add_setting (connection, NM_SETTING (s_con)); + + s_wifi = (NMSettingWireless *) nm_setting_wireless_new (); +@@ -345,6 +348,7 @@ cdma_mobile_wizard_done (NMAMobileWizard + if (!canceled && method) { + NMSetting *setting; + char *uuid, *id; ++ MobileDialogClosure *closure = user_data; + + if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_CDMA_EVDO) { + g_warning ("Unexpected device type (not CDMA)."); +@@ -388,6 +392,11 @@ cdma_mobile_wizard_done (NMAMobileWizard + NULL); + g_free (uuid); + g_free (id); ++ if (closure->default_private) ++ nm_setting_connection_add_permission ((NMSettingConnection *)setting, ++ "user", ++ g_get_user_name(), ++ NULL); + nm_connection_add_setting (connection, setting); + } + +@@ -407,6 +416,7 @@ gsm_mobile_wizard_done (NMAMobileWizard + if (!canceled && method) { + NMSetting *setting; + char *uuid, *id; ++ MobileDialogClosure *closure = user_data; + + if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) { + g_warning ("Unexpected device type (not GSM)."); +@@ -451,6 +461,11 @@ gsm_mobile_wizard_done (NMAMobileWizard + NULL); + g_free (uuid); + g_free (id); ++ if (closure->default_private) ++ nm_setting_connection_add_permission ((NMSettingConnection *)setting, ++ "user", ++ g_get_user_name(), ++ NULL); + nm_connection_add_setting (connection, setting); + } + +@@ -480,6 +495,7 @@ cc_network_panel_connect_to_3g_network ( + closure->client = g_object_ref (client); + closure->settings = g_object_ref (settings); + closure->device = g_object_ref (device); ++ closure->default_private = cc_network_panel_get_default_private (panel); + + caps = nm_device_modem_get_current_capabilities (NM_DEVICE_MODEM (device)); + if (caps & NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) { diff --git a/gnome-control-center.changes b/gnome-control-center.changes index 4614b81..7504c5b 100644 --- a/gnome-control-center.changes +++ b/gnome-control-center.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Jun 28 21:20:55 UTC 2012 - dimstar@opensuse.org + +- Add gcc-private-connection.patch: network: create private + connections if the user if not authorized [bnc#751211]. +- Add call to gnome-autogen.sh in setup section. + ------------------------------------------------------------------- Fri May 25 12:20:40 UTC 2012 - vuntz@opensuse.org diff --git a/gnome-control-center.spec b/gnome-control-center.spec index 5b14b48..a7bb006 100644 --- a/gnome-control-center.spec +++ b/gnome-control-center.spec @@ -37,6 +37,8 @@ Patch2: gnome-control-center-hide-region-system-tab.patch Patch3: gnome-control-center-fine-grained-tz-polkit.patch # PATCH-NEEDS-REBASE gnome-control-center-system-proxy-configuration.patch -- this needs to be reimplemented to be more distro-generic before submitting upstream - docs at http://en.opensuse.org/GNOME/Proxy_configuration (was PATCH-FEATURE-OPENSUSE) Patch14: gnome-control-center-system-proxy-configuration.patch +# PATCH-FIX-UPSTREAM gcc-private-connection.patch bnc#751211 bgo#646187 dimstar@opensuse.org -- network: create private connections if the user if not authorized. +Patch15: gcc-private-connection.patch BuildRequires: cups-devel BuildRequires: desktop-file-utils BuildRequires: fdupes @@ -160,9 +162,12 @@ translation-update-upstream %patch3 -p1 #NEEDS-REBASE #%patch14 -p1 +%patch15 -p1 %if 0%{?BUILD_FROM_VCS} [ -x ./autogen.sh ] && NOCONFIGURE=1 ./autogen.sh +%else +NOCONFIGURE=1 gnome-autogen.sh %endif %build