summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan Winship <danw@gnome.org>2013-11-05 14:36:38 -0500
committerDan Winship <danw@gnome.org>2013-12-03 16:39:45 -0500
commitf3c2851c2bced480e918d83d0b6372ae2c891dfb (patch)
tree69beb190f4f2c1d78adeab3dae362074e3c5fd49
parent37b8983c39d8dcb8402da186dbd3245b019af7a9 (diff)
downloadNetworkManager-f3c2851c2bced480e918d83d0b6372ae2c891dfb.tar.gz
settings: port NMAgentManager, etc, to use NMAuthSubject
Rather than explicitly passing around a UID and a flag saying whether or not it's relevant. (This also fixes a bug where the wrong UID was being recorded in nm-settings-connection.c::auth_start(), which caused problems such as agent-owned secrets not getting saved because of a perceived UID mismatch.)
Diffstat
-rw-r--r--src/nm-activation-request.c7
-rw-r--r--src/nm-active-connection.c11
-rw-r--r--src/nm-active-connection.h2
-rw-r--r--src/settings/nm-agent-manager.c73
-rw-r--r--src/settings/nm-agent-manager.h13
-rw-r--r--src/settings/nm-settings-connection.c51
-rw-r--r--src/settings/nm-settings-connection.h4
-rw-r--r--src/settings/nm-settings.c12
-rw-r--r--src/settings/plugins/example/Makefile.am2
-rw-r--r--src/settings/plugins/ifcfg-rh/Makefile.am1
-rw-r--r--src/settings/plugins/ifcfg-suse/Makefile.am2
-rw-r--r--src/settings/plugins/ifnet/Makefile.am2
-rw-r--r--src/settings/plugins/ifnet/tests/Makefile.am3
-rw-r--r--src/settings/plugins/ifupdown/Makefile.am2
-rw-r--r--src/settings/plugins/ifupdown/tests/Makefile.am2
-rw-r--r--src/settings/plugins/keyfile/Makefile.am2
-rw-r--r--src/settings/plugins/keyfile/tests/Makefile.am2
-rw-r--r--src/vpn-manager/nm-vpn-connection.c6
18 files changed, 89 insertions, 108 deletions
diff --git a/src/nm-activation-request.c b/src/nm-activation-request.c
index 18968f7633..0f3c91ed78 100644
--- a/src/nm-activation-request.c
+++ b/src/nm-activation-request.c
@@ -105,7 +105,6 @@ nm_act_request_get_secrets (NMActRequest *self,
GetSecretsInfo *info;
guint32 call_id;
NMConnection *connection;
- gboolean user_requested;
const char *hints[2] = { hint, NULL };
g_return_val_if_fail (self, 0);
@@ -118,14 +117,12 @@ nm_act_request_get_secrets (NMActRequest *self,
info->callback = callback;
info->callback_data = callback_data;
- user_requested = nm_active_connection_get_user_requested (NM_ACTIVE_CONNECTION (self));
- if (user_requested)
+ if (nm_active_connection_get_user_requested (NM_ACTIVE_CONNECTION (self)))
flags |= NM_SETTINGS_GET_SECRETS_FLAG_USER_REQUESTED;
connection = nm_active_connection_get_connection (NM_ACTIVE_CONNECTION (self));
call_id = nm_settings_connection_get_secrets (NM_SETTINGS_CONNECTION (connection),
- user_requested,
- nm_active_connection_get_user_uid (NM_ACTIVE_CONNECTION (self)),
+ nm_active_connection_get_subject (NM_ACTIVE_CONNECTION (self)),
setting_name,
flags,
hints,
diff --git a/src/nm-active-connection.c b/src/nm-active-connection.c
index 44ff71624c..6a825bc0d7 100644
--- a/src/nm-active-connection.c
+++ b/src/nm-active-connection.c
@@ -282,17 +282,6 @@ nm_active_connection_get_user_requested (NMActiveConnection *self)
return !nm_auth_subject_get_internal (NM_ACTIVE_CONNECTION_GET_PRIVATE (self)->subject);
}
-gulong
-nm_active_connection_get_user_uid (NMActiveConnection *self)
-{
- NMActiveConnectionPrivate *priv;
-
- g_return_val_if_fail (NM_IS_ACTIVE_CONNECTION (self), G_MAXULONG);
- priv = NM_ACTIVE_CONNECTION_GET_PRIVATE (self);
-
- return nm_auth_subject_get_uid (priv->subject);
-}
-
NMDevice *
nm_active_connection_get_device (NMActiveConnection *self)
{
diff --git a/src/nm-active-connection.h b/src/nm-active-connection.h
index 074aba9734..43b76bd53b 100644
--- a/src/nm-active-connection.h
+++ b/src/nm-active-connection.h
@@ -120,8 +120,6 @@ NMAuthSubject *nm_active_connection_get_subject (NMActiveConnection *self);
gboolean nm_active_connection_get_user_requested (NMActiveConnection *self);
-gulong nm_active_connection_get_user_uid (NMActiveConnection *self);
-
NMActiveConnection *nm_active_connection_get_master (NMActiveConnection *self);
gboolean nm_active_connection_get_master_ready (NMActiveConnection *self);
diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c
index d63042b5fe..23e2283300 100644
--- a/src/settings/nm-agent-manager.c
+++ b/src/settings/nm-agent-manager.c
@@ -413,8 +413,7 @@ struct _Request {
char *detail;
char *verb;
- gboolean filter_by_uid;
- gulong uid_filter;
+ NMAuthSubject *subject;
/* Current agent being asked for secrets */
NMSecretAgent *current;
@@ -447,8 +446,7 @@ static Request *
request_new (gsize struct_size,
const char *detail,
const char *verb,
- gboolean filter_by_uid,
- gulong uid_filter,
+ NMAuthSubject *subject,
RequestCompleteFunc complete_callback,
gpointer complete_callback_data,
RequestAddAgentFunc add_agent_callback,
@@ -462,8 +460,7 @@ request_new (gsize struct_size,
req->reqid = next_req_id++;
req->detail = g_strdup (detail);
req->verb = g_strdup (verb);
- req->filter_by_uid = filter_by_uid;
- req->uid_filter = uid_filter;
+ req->subject = g_object_ref (subject);
req->complete_callback = complete_callback;
req->complete_callback_data = complete_callback_data;
req->add_agent_callback = add_agent_callback,
@@ -485,6 +482,8 @@ request_free (Request *req)
if (!req->completed && req->cancel_callback)
req->cancel_callback (req);
+ g_object_unref (req->subject);
+
g_free (req->detail);
g_free (req->verb);
g_slist_free_full (req->pending, g_object_unref);
@@ -547,8 +546,6 @@ agent_compare_func (NMSecretAgent *a, NMSecretAgent *b, gpointer user_data)
static void
request_add_agent (Request *req, NMSecretAgent *agent)
{
- uid_t agent_uid;
-
g_return_if_fail (req != NULL);
g_return_if_fail (agent != NULL);
@@ -559,13 +556,19 @@ request_add_agent (Request *req, NMSecretAgent *agent)
return;
/* If the request should filter agents by UID, do that now */
- agent_uid = nm_secret_agent_get_owner_uid (agent);
- if (req->filter_by_uid && (agent_uid != req->uid_filter)) {
- nm_log_dbg (LOGD_AGENTS, "(%s) agent ignored for secrets request %p/%s "
- "(uid %d not required %ld)",
- nm_secret_agent_get_description (agent),
- req, req->detail, agent_uid, req->uid_filter);
- return;
+ if (!nm_auth_subject_get_internal (req->subject)) {
+ uid_t agent_uid, subject_uid;
+
+ agent_uid = nm_secret_agent_get_owner_uid (agent);
+ subject_uid = nm_auth_subject_get_uid (req->subject);
+ if (agent_uid != subject_uid) {
+ nm_log_dbg (LOGD_AGENTS, "(%s) agent ignored for secrets request %p/%s "
+ "(uid %ld not required %ld)",
+ nm_secret_agent_get_description (agent),
+ req, req->detail,
+ (long)agent_uid, (long)subject_uid);
+ return;
+ }
}
nm_log_dbg (LOGD_AGENTS, "(%s) agent allowed for secrets request %p/%s",
@@ -712,8 +715,7 @@ connection_request_add_agent (Request *parent, NMSecretAgent *agent)
static ConnectionRequest *
connection_request_new_get (NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter,
+ NMAuthSubject *subject,
GHashTable *existing_secrets,
const char *setting_name,
const char *verb,
@@ -733,8 +735,7 @@ connection_request_new_get (NMConnection *connection,
req = (ConnectionRequest *) request_new (sizeof (ConnectionRequest),
nm_connection_get_id (connection),
verb,
- filter_by_uid,
- uid_filter,
+ subject,
complete_callback,
complete_callback_data,
connection_request_add_agent,
@@ -758,8 +759,7 @@ connection_request_new_get (NMConnection *connection,
static ConnectionRequest *
connection_request_new_other (NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter,
+ NMAuthSubject *subject,
const char *verb,
RequestCompleteFunc complete_callback,
gpointer complete_callback_data,
@@ -770,8 +770,7 @@ connection_request_new_other (NMConnection *connection,
req = (ConnectionRequest *) request_new (sizeof (ConnectionRequest),
nm_connection_get_id (connection),
verb,
- filter_by_uid,
- uid_filter,
+ subject,
complete_callback,
complete_callback_data,
NULL,
@@ -1146,8 +1145,7 @@ get_cancel_cb (Request *parent)
guint32
nm_agent_manager_get_secrets (NMAgentManager *self,
NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter,
+ NMAuthSubject *subject,
GHashTable *existing_secrets,
const char *setting_name,
NMSettingsGetSecretsFlags flags,
@@ -1178,8 +1176,7 @@ nm_agent_manager_get_secrets (NMAgentManager *self,
*/
req = connection_request_new_get (connection,
- filter_by_uid,
- uid_filter,
+ subject,
existing_secrets,
setting_name,
"getting",
@@ -1279,8 +1276,7 @@ save_complete_cb (Request *req,
guint32
nm_agent_manager_save_secrets (NMAgentManager *self,
NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter)
+ NMAuthSubject *subject)
{
NMAgentManagerPrivate *priv = NM_AGENT_MANAGER_GET_PRIVATE (self);
ConnectionRequest *req;
@@ -1295,8 +1291,7 @@ nm_agent_manager_save_secrets (NMAgentManager *self,
nm_connection_get_id (connection));
req = connection_request_new_other (connection,
- filter_by_uid,
- uid_filter,
+ subject,
"saving",
save_complete_cb,
self,
@@ -1367,11 +1362,10 @@ delete_complete_cb (Request *req,
guint32
nm_agent_manager_delete_secrets (NMAgentManager *self,
- NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter)
+ NMConnection *connection)
{
NMAgentManagerPrivate *priv = NM_AGENT_MANAGER_GET_PRIVATE (self);
+ NMAuthSubject *subject;
ConnectionRequest *req;
Request *parent;
@@ -1383,13 +1377,14 @@ nm_agent_manager_delete_secrets (NMAgentManager *self,
nm_connection_get_path (connection),
nm_connection_get_id (connection));
+ subject = nm_auth_subject_new_internal ();
req = connection_request_new_other (connection,
- filter_by_uid,
- uid_filter,
+ subject,
"deleting",
delete_complete_cb,
self,
delete_next_cb);
+ g_object_unref (subject);
parent = (Request *) req;
g_hash_table_insert (priv->requests, GUINT_TO_POINTER (parent->reqid), req);
@@ -1421,8 +1416,7 @@ nm_agent_manager_get_agent_by_user (NMAgentManager *self, const char *username)
gboolean
nm_agent_manager_all_agents_have_capability (NMAgentManager *manager,
- gboolean filter_by_uid,
- gulong owner_uid,
+ NMAuthSubject *subject,
NMSecretAgentCapabilities capability)
{
NMAgentManagerPrivate *priv = NM_AGENT_MANAGER_GET_PRIVATE (manager);
@@ -1431,7 +1425,8 @@ nm_agent_manager_all_agents_have_capability (NMAgentManager *manager,
g_hash_table_iter_init (&iter, priv->agents);
while (g_hash_table_iter_next (&iter, NULL, (gpointer) &agent)) {
- if (filter_by_uid && nm_secret_agent_get_owner_uid (agent) != owner_uid)
+ if ( !nm_auth_subject_get_internal (subject)
+ && nm_secret_agent_get_owner_uid (agent) != nm_auth_subject_get_uid (subject))
continue;
if (!(nm_secret_agent_get_capabilities (agent) & capability))
diff --git a/src/settings/nm-agent-manager.h b/src/settings/nm-agent-manager.h
index 767bd2abf2..d6db0df2f3 100644
--- a/src/settings/nm-agent-manager.h
+++ b/src/settings/nm-agent-manager.h
@@ -75,8 +75,7 @@ typedef void (*NMAgentSecretsResultFunc) (NMAgentManager *manager,
guint32 nm_agent_manager_get_secrets (NMAgentManager *manager,
NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid,
+ NMAuthSubject *subject,
GHashTable *existing_secrets,
const char *setting_name,
NMSettingsGetSecretsFlags flags,
@@ -91,20 +90,16 @@ void nm_agent_manager_cancel_secrets (NMAgentManager *manager,
guint32 nm_agent_manager_save_secrets (NMAgentManager *manager,
NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter);
+ NMAuthSubject *subject);
guint32 nm_agent_manager_delete_secrets (NMAgentManager *manager,
- NMConnection *connection,
- gboolean filter_by_uid,
- gulong uid_filter);
+ NMConnection *connection);
NMSecretAgent *nm_agent_manager_get_agent_by_user (NMAgentManager *manager,
const char *username);
gboolean nm_agent_manager_all_agents_have_capability (NMAgentManager *manager,
- gboolean filter_by_uid,
- gulong owner_uid,
+ NMAuthSubject *subject,
NMSecretAgentCapabilities capability);
#endif /* NM_AGENT_MANAGER_H */
diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c
index b4174ceed6..c252da5df7 100644
--- a/src/settings/nm-settings-connection.c
+++ b/src/settings/nm-settings-connection.c
@@ -620,7 +620,7 @@ do_delete (NMSettingsConnection *connection,
/* Tell agents to remove secrets for this connection */
for_agents = nm_connection_duplicate (NM_CONNECTION (connection));
nm_connection_clear_secrets (for_agents);
- nm_agent_manager_delete_secrets (priv->agent_mgr, for_agents, FALSE, 0);
+ nm_agent_manager_delete_secrets (priv->agent_mgr, for_agents);
g_object_unref (for_agents);
/* Remove timestamp from timestamps database file */
@@ -850,10 +850,7 @@ agent_secrets_done_cb (NMAgentManager *manager,
/**
* nm_settings_connection_get_secrets:
* @connection: the #NMSettingsConnection
- * @filter_by_uid: if TRUE, only request secrets from agents registered by the
- * same UID as @uid.
- * @uid: when @filter_by_uid is TRUE, only request secrets from agents belonging
- * to this UID
+ * @subject: the #NMAuthSubject originating the request
* @setting_name: the setting to return secrets for
* @flags: flags to modify the secrets request
* @hints: key names in @setting_name for which secrets may be required, or some
@@ -868,8 +865,7 @@ agent_secrets_done_cb (NMAgentManager *manager,
**/
guint32
nm_settings_connection_get_secrets (NMSettingsConnection *self,
- gboolean filter_by_uid,
- gulong uid,
+ NMAuthSubject *subject,
const char *setting_name,
NMSettingsGetSecretsFlags flags,
const char **hints,
@@ -903,8 +899,7 @@ nm_settings_connection_get_secrets (NMSettingsConnection *self,
existing_secrets = nm_connection_to_hash (priv->system_secrets, NM_SETTING_HASH_FLAG_ONLY_SECRETS);
call_id = nm_agent_manager_get_secrets (priv->agent_mgr,
NM_CONNECTION (self),
- filter_by_uid,
- uid,
+ subject,
existing_secrets,
setting_name,
flags,
@@ -949,7 +944,7 @@ nm_settings_connection_cancel_secrets (NMSettingsConnection *self,
typedef void (*AuthCallback) (NMSettingsConnection *connection,
DBusGMethodInvocation *context,
- gulong sender_uid,
+ NMAuthSubject *subject,
GError *error,
gpointer data);
@@ -966,7 +961,7 @@ pk_auth_cb (NMAuthChain *chain,
const char *perm;
AuthCallback callback;
gpointer callback_data;
- gulong sender_uid;
+ NMAuthSubject *subject;
priv->pending_auths = g_slist_remove (priv->pending_auths, chain);
@@ -988,8 +983,8 @@ pk_auth_cb (NMAuthChain *chain,
callback = nm_auth_chain_get_data (chain, "callback");
callback_data = nm_auth_chain_get_data (chain, "callback-data");
- sender_uid = nm_auth_chain_get_data_ulong (chain, "sender-uid");
- callback (self, context, sender_uid, error, callback_data);
+ subject = nm_auth_chain_get_data (chain, "subject");
+ callback (self, context, subject, error, callback_data);
g_clear_error (&error);
nm_auth_chain_unref (chain);
@@ -1030,7 +1025,6 @@ auth_start (NMSettingsConnection *self,
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self);
NMAuthChain *chain;
- gulong sender_uid = G_MAXULONG;
GError *error = NULL;
char *error_desc = NULL;
@@ -1047,14 +1041,14 @@ auth_start (NMSettingsConnection *self,
error_desc);
g_free (error_desc);
- callback (self, context, G_MAXULONG, error, callback_data);
+ callback (self, context, subject, error, callback_data);
g_clear_error (&error);
return;
}
if (!check_permission) {
/* Don't need polkit auth, automatic success */
- callback (self, context, nm_auth_subject_get_uid (subject), NULL, callback_data);
+ callback (self, context, subject, NULL, callback_data);
return;
}
@@ -1064,7 +1058,7 @@ auth_start (NMSettingsConnection *self,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_PERMISSION_DENIED,
"Unable to authenticate the request.");
- callback (self, context, G_MAXULONG, error, callback_data);
+ callback (self, context, subject, error, callback_data);
g_clear_error (&error);
return;
}
@@ -1073,7 +1067,7 @@ auth_start (NMSettingsConnection *self,
nm_auth_chain_set_data (chain, "perm", (gpointer) check_permission, NULL);
nm_auth_chain_set_data (chain, "callback", callback, NULL);
nm_auth_chain_set_data (chain, "callback-data", callback_data, NULL);
- nm_auth_chain_set_data_ulong (chain, "sender-uid", sender_uid);
+ nm_auth_chain_set_data (chain, "subject", g_object_ref (subject), g_object_unref);
nm_auth_chain_add_call (chain, check_permission, TRUE);
}
@@ -1113,7 +1107,7 @@ check_writable (NMConnection *connection, GError **error)
static void
get_settings_auth_cb (NMSettingsConnection *self,
DBusGMethodInvocation *context,
- gulong sender_uid,
+ NMAuthSubject *subject,
GError *error,
gpointer data)
{
@@ -1197,7 +1191,7 @@ impl_settings_connection_get_settings (NMSettingsConnection *self,
typedef struct {
DBusGMethodInvocation *context;
NMAgentManager *agent_mgr;
- gulong sender_uid;
+ NMAuthSubject *subject;
NMConnection *new_settings;
gboolean save_to_disk;
} UpdateInfo;
@@ -1212,6 +1206,7 @@ update_complete (NMSettingsConnection *self,
else
dbus_g_method_return (info->context);
+ g_clear_object (&info->subject);
g_clear_object (&info->agent_mgr);
g_clear_object (&info->new_settings);
memset (info, 0, sizeof (*info));
@@ -1235,7 +1230,7 @@ con_update_cb (NMSettingsConnection *self,
nm_connection_clear_secrets_with_flags (for_agent,
secrets_filter_cb,
GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED));
- nm_agent_manager_save_secrets (info->agent_mgr, for_agent, TRUE, info->sender_uid);
+ nm_agent_manager_save_secrets (info->agent_mgr, for_agent, info->subject);
g_object_unref (for_agent);
g_signal_emit (self, signals[DBUS_UPDATED], 0);
@@ -1247,7 +1242,7 @@ con_update_cb (NMSettingsConnection *self,
static void
update_auth_cb (NMSettingsConnection *self,
DBusGMethodInvocation *context,
- gulong sender_uid,
+ NMAuthSubject *subject,
GError *error,
gpointer data)
{
@@ -1259,8 +1254,6 @@ update_auth_cb (NMSettingsConnection *self,
return;
}
- info->sender_uid = sender_uid;
-
/* Cache the new secrets from the agent, as stuff like inotify-triggered
* changes to connection's backing config files will blow them away if
* they're in the main connection.
@@ -1363,14 +1356,13 @@ impl_settings_connection_update_helper (NMSettingsConnection *self,
info = g_malloc0 (sizeof (*info));
info->context = context;
info->agent_mgr = g_object_ref (priv->agent_mgr);
- info->sender_uid = G_MAXULONG;
+ info->subject = subject;
info->save_to_disk = save_to_disk;
info->new_settings = tmp;
permission = get_update_modify_permission (NM_CONNECTION (self),
tmp ? tmp : NM_CONNECTION (self));
auth_start (self, context, subject, permission, update_auth_cb, info);
- g_object_unref (subject);
return;
error:
@@ -1426,7 +1418,7 @@ con_delete_cb (NMSettingsConnection *connection,
static void
delete_auth_cb (NMSettingsConnection *self,
DBusGMethodInvocation *context,
- gulong sender_uid,
+ NMAuthSubject *subject,
GError *error,
gpointer data)
{
@@ -1513,7 +1505,7 @@ dbus_get_agent_secrets_cb (NMSettingsConnection *self,
static void
dbus_secrets_auth_cb (NMSettingsConnection *self,
DBusGMethodInvocation *context,
- gulong sender_uid,
+ NMAuthSubject *subject,
GError *error,
gpointer user_data)
{
@@ -1524,8 +1516,7 @@ dbus_secrets_auth_cb (NMSettingsConnection *self,
if (!error) {
call_id = nm_settings_connection_get_secrets (self,
- TRUE,
- sender_uid,
+ subject,
setting_name,
NM_SETTINGS_GET_SECRETS_FLAG_USER_REQUESTED,
NULL,
diff --git a/src/settings/nm-settings-connection.h b/src/settings/nm-settings-connection.h
index a687ddbfcc..ab29ae81ef 100644
--- a/src/settings/nm-settings-connection.h
+++ b/src/settings/nm-settings-connection.h
@@ -24,6 +24,7 @@
#include <nm-connection.h>
#include "nm-settings-flags.h"
+#include "nm-auth-subject.h"
#include <net/ethernet.h>
G_BEGIN_DECLS
@@ -107,8 +108,7 @@ typedef void (*NMSettingsConnectionSecretsFunc) (NMSettingsConnection *connectio
gpointer user_data);
guint32 nm_settings_connection_get_secrets (NMSettingsConnection *connection,
- gboolean filter_by_uid,
- gulong uid,
+ NMAuthSubject *subject,
const char *setting_name,
NMSettingsGetSecretsFlags flags,
const char **hints,
diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c
index ad50db0565..057dc45382 100644
--- a/src/settings/nm-settings.c
+++ b/src/settings/nm-settings.c
@@ -961,7 +961,7 @@ secrets_filter_cb (NMSetting *setting,
static void
send_agent_owned_secrets (NMSettings *self,
NMSettingsConnection *connection,
- gulong caller_uid)
+ NMAuthSubject *subject)
{
NMSettingsPrivate *priv = NM_SETTINGS_GET_PRIVATE (self);
NMConnection *for_agent;
@@ -974,7 +974,7 @@ send_agent_owned_secrets (NMSettings *self,
nm_connection_clear_secrets_with_flags (for_agent,
secrets_filter_cb,
GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED));
- nm_agent_manager_save_secrets (priv->agent_mgr, for_agent, TRUE, caller_uid);
+ nm_agent_manager_save_secrets (priv->agent_mgr, for_agent, subject);
g_object_unref (for_agent);
}
@@ -992,7 +992,7 @@ pk_add_cb (NMAuthChain *chain,
NMSettingsConnection *added = NULL;
NMSettingsAddCallback callback;
gpointer callback_data;
- gulong caller_uid;
+ NMAuthSubject *subject;
const char *perm;
gboolean save_to_disk;
@@ -1023,13 +1023,13 @@ pk_add_cb (NMAuthChain *chain,
callback = nm_auth_chain_get_data (chain, "callback");
callback_data = nm_auth_chain_get_data (chain, "callback-data");
- caller_uid = nm_auth_chain_get_data_ulong (chain, "caller-uid");
+ subject = nm_auth_chain_get_data (chain, "subject");
callback (self, added, error, context, callback_data);
/* Send agent-owned secrets to the agents */
if (!error && added)
- send_agent_owned_secrets (self, added, caller_uid);
+ send_agent_owned_secrets (self, added, subject);
g_clear_error (&error);
nm_auth_chain_unref (chain);
@@ -1163,7 +1163,7 @@ nm_settings_add_connection_dbus (NMSettings *self,
nm_auth_chain_set_data (chain, "connection", g_object_ref (connection), g_object_unref);
nm_auth_chain_set_data (chain, "callback", callback, NULL);
nm_auth_chain_set_data (chain, "callback-data", user_data, NULL);
- nm_auth_chain_set_data_ulong (chain, "caller-uid", nm_auth_subject_get_uid (subject));
+ nm_auth_chain_set_data (chain, "subject", g_object_ref (subject), g_object_unref);
nm_auth_chain_set_data (chain, "save-to-disk", GUINT_TO_POINTER (save_to_disk), NULL);
done:
diff --git a/src/settings/plugins/example/Makefile.am b/src/settings/plugins/example/Makefile.am
index 8cb7adebf2..9bcb76c063 100644
--- a/src/settings/plugins/example/Makefile.am
+++ b/src/settings/plugins/example/Makefile.am
@@ -1,4 +1,5 @@
AM_CPPFLAGS = \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/config \
-I$(top_srcdir)/src/settings \
-I$(top_srcdir)/include \
@@ -7,6 +8,7 @@ AM_CPPFLAGS = \
-I$(top_builddir)/libnm-util \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
-DNMCONFDIR=\"$(nmconfdir)\"
# 'noinst' here because this is an example plugin we don't want to install
diff --git a/src/settings/plugins/ifcfg-rh/Makefile.am b/src/settings/plugins/ifcfg-rh/Makefile.am
index e0214ddebe..8185f6e415 100644
--- a/src/settings/plugins/ifcfg-rh/Makefile.am
+++ b/src/settings/plugins/ifcfg-rh/Makefile.am
@@ -38,6 +38,7 @@ AM_CPPFLAGS = \
-I$(top_builddir)/libnm-util \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(NSS_CFLAGS) \
-DSYSCONFDIR=\"$(sysconfdir)\" \
-DSBINDIR=\"$(sbindir)\"
diff --git a/src/settings/plugins/ifcfg-suse/Makefile.am b/src/settings/plugins/ifcfg-suse/Makefile.am
index e9f3b6f094..1bcc4f1aa4 100644
--- a/src/settings/plugins/ifcfg-suse/Makefile.am
+++ b/src/settings/plugins/ifcfg-suse/Makefile.am
@@ -1,6 +1,8 @@
AM_CPPFLAGS = \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
+ -I${top_srcdir}/src \
-I${top_srcdir}/src/settings \
-I$(top_srcdir)/include \
-I$(top_builddir)/include \
diff --git a/src/settings/plugins/ifnet/Makefile.am b/src/settings/plugins/ifnet/Makefile.am
index 55e2f05b74..d6579fd16c 100644
--- a/src/settings/plugins/ifnet/Makefile.am
+++ b/src/settings/plugins/ifnet/Makefile.am
@@ -3,6 +3,7 @@ SUBDIRS = . tests
@GNOME_CODE_COVERAGE_RULES@
AM_CPPFLAGS = \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/config \
-I$(top_srcdir)/src/wifi \
-I$(top_srcdir)/src/settings \
@@ -13,6 +14,7 @@ AM_CPPFLAGS = \
-I$(top_builddir)/libnm-util \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(GUDEV_CFLAGS) \
-DSYSCONFDIR=\"$(sysconfdir)\"
-DSBINDIR=\"$(sbindir)\"
diff --git a/src/settings/plugins/ifnet/tests/Makefile.am b/src/settings/plugins/ifnet/tests/Makefile.am
index 1f908046f5..67184d4bf0 100644
--- a/src/settings/plugins/ifnet/tests/Makefile.am
+++ b/src/settings/plugins/ifnet/tests/Makefile.am
@@ -9,11 +9,14 @@ AM_CPPFLAGS= \
-I$(top_builddir)/libnm-util \
-I$(top_srcdir)/include \
-I$(top_builddir)/include \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/config \
-I$(top_srcdir)/src/settings \
-I$(top_srcdir)/src/wifi \
$(CHECK_CFLAGS) \
$(GLIB_CFLAGS) \
+ $(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(CODE_COVERAGE_CFLAGS) \
-DTEST_WPA_SUPPLICANT_CONF='"$(srcdir)/wpa_supplicant.conf"' \
-DSYSCONFDIR=\"nonexistent\"
diff --git a/src/settings/plugins/ifupdown/Makefile.am b/src/settings/plugins/ifupdown/Makefile.am
index c8a7c0ac8d..c363e1a894 100644
--- a/src/settings/plugins/ifupdown/Makefile.am
+++ b/src/settings/plugins/ifupdown/Makefile.am
@@ -3,6 +3,7 @@ SUBDIRS = . tests
@GNOME_CODE_COVERAGE_RULES@
AM_CPPFLAGS = \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/logging \
-I$(top_srcdir)/src/config \
-I$(top_srcdir)/src/settings \
@@ -13,6 +14,7 @@ AM_CPPFLAGS = \
-I$(top_builddir)/libnm-util \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(GUDEV_CFLAGS) \
-DSYSCONFDIR=\"$(sysconfdir)\"
diff --git a/src/settings/plugins/ifupdown/tests/Makefile.am b/src/settings/plugins/ifupdown/tests/Makefile.am
index 3ddf293652..d27f7e62b3 100644
--- a/src/settings/plugins/ifupdown/tests/Makefile.am
+++ b/src/settings/plugins/ifupdown/tests/Makefile.am
@@ -6,10 +6,12 @@ AM_CPPFLAGS = \
-I$(top_srcdir)/libnm-util \
-I$(top_builddir)/libnm-util \
-I$(top_srcdir)/libnm-glib \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/settings \
-I$(srcdir)/../ \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
-DTEST_ENI_DIR=\"$(abs_srcdir)\"
noinst_PROGRAMS = test-ifupdown
diff --git a/src/settings/plugins/keyfile/Makefile.am b/src/settings/plugins/keyfile/Makefile.am
index e975cabd28..388186f4e0 100644
--- a/src/settings/plugins/keyfile/Makefile.am
+++ b/src/settings/plugins/keyfile/Makefile.am
@@ -3,6 +3,7 @@ SUBDIRS = . tests
@GNOME_CODE_COVERAGE_RULES@
AM_CPPFLAGS = \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/config \
-I$(top_srcdir)/src/settings \
-I$(top_srcdir)/include \
@@ -11,6 +12,7 @@ AM_CPPFLAGS = \
-I$(top_builddir)/libnm-util \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
-DNMCONFDIR=\"$(nmconfdir)\"
noinst_LTLIBRARIES = \
diff --git a/src/settings/plugins/keyfile/tests/Makefile.am b/src/settings/plugins/keyfile/tests/Makefile.am
index 56a051f40d..f2607292de 100644
--- a/src/settings/plugins/keyfile/tests/Makefile.am
+++ b/src/settings/plugins/keyfile/tests/Makefile.am
@@ -10,10 +10,12 @@ AM_CPPFLAGS = \
-I$(top_srcdir)/libnm-util \
-I$(top_builddir)/libnm-util \
-I$(top_srcdir)/libnm-glib \
+ -I$(top_srcdir)/src \
-I$(top_srcdir)/src/settings \
-I$(srcdir)/../ \
$(GLIB_CFLAGS) \
$(DBUS_CFLAGS) \
+ $(POLKIT_CFLAGS) \
$(CODE_COVERAGE_CFLAGS) \
-DTEST_KEYFILES_DIR=\"$(abs_srcdir)/keyfiles\" \
-DTEST_SCRATCH_DIR=\"$(abs_builddir)/keyfiles\" \
diff --git a/src/vpn-manager/nm-vpn-connection.c b/src/vpn-manager/nm-vpn-connection.c
index 2d534492c3..bb6fd02c7d 100644
--- a/src/vpn-manager/nm-vpn-connection.c
+++ b/src/vpn-manager/nm-vpn-connection.c
@@ -1271,8 +1271,7 @@ really_activate (NMVPNConnection *connection, const char *username)
*/
agent_mgr = nm_agent_manager_get ();
if (nm_agent_manager_all_agents_have_capability (agent_mgr,
- nm_active_connection_get_user_requested (NM_ACTIVE_CONNECTION (connection)),
- nm_active_connection_get_user_uid (NM_ACTIVE_CONNECTION (connection)),
+ nm_active_connection_get_subject (NM_ACTIVE_CONNECTION (connection)),
NM_SECRET_AGENT_CAPABILITY_VPN_HINTS)) {
nm_log_dbg (LOGD_VPN, "Allowing interactive secrets as all agents have that capability");
dbus_g_proxy_begin_call (priv->proxy, "ConnectInteractive",
@@ -1601,8 +1600,7 @@ get_secrets (NMVPNConnection *self,
flags |= NM_SETTINGS_GET_SECRETS_FLAG_USER_REQUESTED;
priv->secrets_id = nm_settings_connection_get_secrets (NM_SETTINGS_CONNECTION (priv->connection),
- filter_by_uid,
- nm_active_connection_get_user_uid (NM_ACTIVE_CONNECTION (self)),
+ nm_active_connection_get_subject (NM_ACTIVE_CONNECTION (self)),
NM_SETTING_VPN_SETTING_NAME,
flags,
hints,
View Lorry Controller Status