diff --git a/gnome-shell-private-connection.patch b/gnome-shell-private-connection.patch new file mode 100644 index 0000000..3dc384c --- /dev/null +++ b/gnome-shell-private-connection.patch @@ -0,0 +1,201 @@ +From b4e856b5a0965b10bad37a0d4f08da20aa1ffcd8 Mon Sep 17 00:00:00 2001 +From: Giovanni Campagna +Date: Thu, 31 Mar 2011 15:56:13 +0200 +Subject: [PATCH] NetworkMenu: create private connections if the user is not + authorized + +Check polkit setting at startup and add, if needed, the "permissions" +setting to the connections we create, so that polkit authentication is +never needed. The connection is thus only available to other users +if the system administrator decides so. + +https://bugzilla.gnome.org/show_bug.cgi?id=646187 +--- + js/ui/status/network.js | 58 ++++++++++++++++++++++++++++++++++------------- + 1 file changed, 42 insertions(+), 16 deletions(-) + +diff --git a/js/ui/status/network.js b/js/ui/status/network.js +index f7d2258..cab7552 100644 +--- a/js/ui/status/network.js ++++ b/js/ui/status/network.js +@@ -6,9 +6,11 @@ const Lang = imports.lang; + const Mainloop = imports.mainloop; + const NetworkManager = imports.gi.NetworkManager; + const NMClient = imports.gi.NMClient; ++const Polkit = imports.gi.Polkit; + const Shell = imports.gi.Shell; + const Signals = imports.signals; + const St = imports.gi.St; ++const System = imports.system; + + const Main = imports.ui.main; + const PanelMenu = imports.ui.panelMenu; +@@ -285,8 +287,9 @@ const NMDevice = new Lang.Class({ + Name: 'NMDevice', + Abstract: true, + +- _init: function(client, device, connections) { ++ _init: function(client, device, connections, privateConnections) { + this.device = device; ++ + if (device) { + this.device._delegate = this; + this._stateChangedId = this.device.connect('state-changed', Lang.bind(this, this._deviceStateChanged)); +@@ -295,6 +298,8 @@ const NMDevice = new Lang.Class({ + + // protected + this._client = client; ++ this._privateConnections = privateConnections; ++ + this._connections = [ ]; + for (let i = 0; i < connections.length; i++) { + if (!connections[i]._uuid) +@@ -692,11 +697,11 @@ const NMDeviceWired = new Lang.Class({ + Name: 'NMDeviceWired', + Extends: NMDevice, + +- _init: function(client, device, connections) { ++ _init: function(client, device, connections, privateConnections) { + this._autoConnectionName = _("Auto Ethernet"); + this.category = NMConnectionCategory.WIRED; + +- this.parent(client, device, connections); ++ this.parent(client, device, connections, privateConnections); + }, + + _createSection: function() { +@@ -717,12 +722,15 @@ const NMDeviceWired = new Lang.Class({ + let connection = new NetworkManager.Connection(); + connection._uuid = NetworkManager.utils_uuid_generate(); + connection.add_setting(new NetworkManager.SettingWired()); +- connection.add_setting(new NetworkManager.SettingConnection({ ++ let connectionSetting = new NetworkManager.SettingConnection({ + uuid: connection._uuid, + id: this._autoConnectionName, + type: NetworkManager.SETTING_WIRED_SETTING_NAME, + autoconnect: true +- })); ++ }); ++ if (this._privateConnections) ++ connectionSetting.add_permission('user', GLib.get_user_name(), null); ++ connection.add_setting(connectionSetting); + return connection; + } + }); +@@ -731,7 +739,7 @@ const NMDeviceModem = new Lang.Class({ + Name: 'NMDeviceModem', + Extends: NMDevice, + +- _init: function(client, device, connections) { ++ _init: function(client, device, connections, privateConnections) { + let is_wwan = false; + + this._enabled = true; +@@ -778,7 +786,7 @@ const NMDeviceModem = new Lang.Class({ + })); + } + +- this.parent(client, device, connections); ++ this.parent(client, device, connections, privateConnections); + }, + + setEnabled: function(enabled) { +@@ -851,25 +859,28 @@ const NMDeviceBluetooth = new Lang.Class({ + Name: 'NMDeviceBluetooth', + Extends: NMDevice, + +- _init: function(client, device, connections) { ++ _init: function(client, device, connections, privateConnections) { + this._autoConnectionName = this._makeConnectionName(device); + device.connect('notify::name', Lang.bind(this, this._updateAutoConnectionName)); + + this.category = NMConnectionCategory.WWAN; + +- this.parent(client, device, connections); ++ this.parent(client, device, connections, privateConnections); + }, + + _createAutomaticConnection: function() { + let connection = new NetworkManager.Connection; + connection._uuid = NetworkManager.utils_uuid_generate(); + connection.add_setting(new NetworkManager.SettingBluetooth); +- connection.add_setting(new NetworkManager.SettingConnection({ ++ let connectionSetting = new NetworkManager.SettingConnection({ + uuid: connection._uuid, + id: this._autoConnectionName, + type: NetworkManager.SETTING_BLUETOOTH_SETTING_NAME, + autoconnect: false +- })); ++ }); ++ if (this._privateConnections) ++ connectionSetting.add_permission('user', GLib.get_user_name(), null); ++ connection.add_setting(connectionSetting); + return connection; + }, + +@@ -944,7 +955,7 @@ const NMDeviceWireless = new Lang.Class({ + Name: 'NMDeviceWireless', + Extends: NMDevice, + +- _init: function(client, device, connections) { ++ _init: function(client, device, connections, privateConnections) { + this.category = NMConnectionCategory.WIRELESS; + + this._overflowItem = null; +@@ -1014,7 +1025,7 @@ const NMDeviceWireless = new Lang.Class({ + this._apAddedId = device.connect('access-point-added', Lang.bind(this, this._accessPointAdded)); + this._apRemovedId = device.connect('access-point-removed', Lang.bind(this, this._accessPointRemoved)); + +- this.parent(client, device, validConnections); ++ this.parent(client, device, validConnections, privateConnections); + }, + + destroy: function() { +@@ -1455,12 +1466,15 @@ const NMDeviceWireless = new Lang.Class({ + + let connection = new NetworkManager.Connection(); + connection.add_setting(new NetworkManager.SettingWireless()); +- connection.add_setting(new NetworkManager.SettingConnection({ ++ let connectionSetting = new NetworkManager.SettingConnection({ + id: name, + autoconnect: true, // NetworkManager will know to ignore this if appropriate + uuid: NetworkManager.utils_uuid_generate(), + type: NetworkManager.SETTING_WIRELESS_SETTING_NAME +- })); ++ }); ++ if (this._privateConnections) ++ connectionSetting.add_permission('user', GLib.get_user_name(), null); ++ connection.add_setting(connectionSetting); + return connection; + }, + +@@ -1542,6 +1556,18 @@ const NMApplet = new Lang.Class({ + + this._client = NMClient.Client.new(); + ++ // Check if newly created connections should be private or not ++ this._privateConnections = true; ++ let authority = Polkit.Authority.get_sync(null); ++ let subject = new Polkit.UnixProcess({ pid: System.getpid(), uid: System.getuid() }); ++ let authResult = authority.check_authorization_sync(subject, ++ 'org.freedesktop.NetworkManager.settings.modify.system', ++ null /* details */, ++ Polkit.CheckAuthorizationFlags.NONE, ++ null /* cancellable */); ++ if (authResult) ++ this._privateConnections = !authResult.get_is_authorized(); ++ + this._statusSection = new PopupMenu.PopupMenuSection(); + this._statusItem = new PopupMenu.PopupMenuItem('', { style_class: 'popup-inactive-menu-item', reactive: false }); + this._statusSection.addMenuItem(this._statusItem); +@@ -1730,7 +1756,7 @@ const NMApplet = new Lang.Class({ + } + let wrapperClass = this._dtypes[device.get_device_type()]; + if (wrapperClass) { +- let wrapper = new wrapperClass(this._client, device, this._connections); ++ let wrapper = new wrapperClass(this._client, device, this._connections, this._privateConnections); + + wrapper._activationFailedId = wrapper.connect('activation-failed', Lang.bind(this, function(device, reason) { + // XXX: nm-applet has no special text depending on reason +-- +1.7.10 diff --git a/gnome-shell.changes b/gnome-shell.changes index 5b6a27d..1407385 100644 --- a/gnome-shell.changes +++ b/gnome-shell.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Jun 28 21:24:30 UTC 2012 - dimstar@opensuse.org + +- Add gnome-shell-private-connection.patch: create private + connections if the user is not authorized. [bnc#751211]. + ------------------------------------------------------------------- Wed May 2 05:59:51 UTC 2012 - dimstar@opensuse.org diff --git a/gnome-shell.spec b/gnome-shell.spec index c874fad..cbbbc80 100644 --- a/gnome-shell.spec +++ b/gnome-shell.spec @@ -26,6 +26,8 @@ Url: http://live.gnome.org/GnomeShell Source: http://download.gnome.org/sources/gnome-shell/3.4/%{name}-%{version}.tar.xz # PATCH-FIX-OPENSUSE gnome-shell-load-ext.patch bnc#755862 bgo#670477 dimstar@opensuse.org - Ensure libgnome-shell-js.so is linked to gnome-shell. Upstream considers this not a bug. Patch0: gnome-shell-load-ext.patch +# PATCH-FIX-UPSTREAM gnome-shell-private-connection.patch bnc#751211 bgo#646187 dimstar@opensuse.org -- create private connections if the user is not authorized +Patch1: gnome-shell-private-connection.patch # Needed by patch0 BuildRequires: gnome-common BuildRequires: intltool @@ -129,6 +131,7 @@ to enable, disable and install them. %prep %setup -q %patch0 -p1 +%patch1 -p1 translation-update-upstream %build