Add RBAC support and allow more configuration on how the System Commands

2007-04-19  Brian Cameron  <brian.cameron@sun.com>

        * configure.ac, acconfig.h, daemon/gdm.c,
          daemon/gdm-daemon-config-entries.h, daemon/gdm-daemon-config-keys.h,
          gui/Makefile.am, gui/gdmlogin.c, gui/greeter/Makefile.am,
          gui/greeter/greeter.c, gui/greeter/greeter_system.c,
          config/Makefile.am, config/gdm.conf.in, docs/C/gdm.xml:  Add
          RBAC support and allow more configuration on how the System
          Commands are handled.  This includes adding the SystemCommandsInMenu
          option to specify which commands show up in the greeter menu and
          the AllowLogoutActions to specify which system commands are supported
          via the QUERY_LOGOUT_ACTION, SET_LOGOUT_ACTION, and
          SET_SAFE_LOGOUT_ACTION gdmflexiserver commands.  Also add the
          RBACSystemCommandKeys option so that RBAC can be configured in a
          generic way for each system command.  The configure.ac script sets
          up this key properly for Solaris.  Add RBAC section to the Security
          section of the docs and info about the three new configuration
          options.  This fixes bug #372738.  Note that the gdmflexiserver
          QUERY_LOGOUT_ACTION, SET_LOGOUT_ACTION, and SET_SAFE_LOGOUT_ACTION
          were broken after William Jon McCann's config cleanup, so I fixed
          this.
        * daemon/gdm-net.c: Fix includes so glib includes are after system
          includes.

svn path=/trunk/; revision=4843

5 files changed, 184 insertions, 40 deletions

diff --git a/gui/Makefile.am b/gui/Makefile.am
index d0229359..bcc1b405 100644
--- a/gui/Makefile.am
+++ b/gui/Makefile.am
@@ -117,6 +117,7 @@ gdmchooser_LDADD = \
 	$(NULL)
 
 gdmlogin_LDADD = \
+	$(EXTRA_GREETER_LIBS)	\
 	libgdmwm.a		\
 	libgdmcommon.a		\
 	$(GUING_LIBS)		\
diff --git a/gui/gdmlogin.c b/gui/gdmlogin.c
index 2e79cfcc..068cfc43 100644
--- a/gui/gdmlogin.c
+++ b/gui/gdmlogin.c
@@ -35,6 +35,11 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 
+#ifdef HAVE_CHKAUTHATTR
+#include <auth_attr.h>
+#include <secdb.h>
+#endif
+
 #include <X11/X.h>
 #include <X11/Xlib.h>
 #include <X11/XKBlib.h>
@@ -2127,6 +2132,63 @@ gdm_set_welcomemsg (void)
 	g_free (greeting);
 }
 
+static gboolean
+is_action_available (gchar *action)
+{
+	gchar **allowsyscmd = NULL;
+	const gchar *allowsyscmdval;
+	gboolean ret = FALSE;
+	int i;
+
+	allowsyscmdval = gdm_config_get_string (GDM_KEY_SYSTEM_COMMANDS_IN_MENU);
+	if (allowsyscmdval)
+		allowsyscmd = g_strsplit (allowsyscmdval, ";", 0);
+
+	if (allowsyscmd) {
+		for (i = 0; allowsyscmd[i] != NULL; i++) {
+			if (strcmp (allowsyscmd[i], action) == 0) {
+				ret = TRUE;
+				break;
+			}
+		}
+	}
+
+#ifdef HAVE_CHKAUTHATTR
+	if (ret == TRUE) {
+		gchar **rbackeys = NULL;
+		const gchar *rbackeysval;
+		const char *gdmuser;
+
+		gdmuser     = gdm_config_get_string (GDM_KEY_USER);
+		rbackeysval = gdm_config_get_string (GDM_KEY_RBAC_SYSTEM_COMMAND_KEYS);
+		if (rbackeysval)
+			rbackeys = g_strsplit (rbackeysval, ";", 0);
+
+		if (rbackeys) {
+			for (i = 0; rbackeys[i] != NULL; i++) {
+				gchar **rbackey = g_strsplit (rbackeys[i], ":", 2);
+
+				if (! ve_string_empty (rbackey[0]) &&
+				    ! ve_string_empty (rbackey[1]) &&
+				    strcmp (rbackey[0], action) == 0) {
+
+					if (!chkauthattr (rbackey[1], gdmuser)) {
+						g_strfreev (rbackey);
+						ret = FALSE;
+						break;
+					}
+				}
+				g_strfreev (rbackey);
+			}
+		}
+		g_strfreev (rbackeys);
+	}
+#endif
+	g_strfreev (allowsyscmd);
+
+	return ret;
+}
+
 static void
 gdm_login_gui_init (void)
 {
@@ -2251,7 +2313,8 @@ gdm_login_gui_init (void)
 		got_anything = TRUE;
 	}
 
-	if (gdm_working_command_exists (gdm_config_get_string (GDM_KEY_REBOOT))) {
+	if (gdm_working_command_exists (gdm_config_get_string (GDM_KEY_REBOOT)) &&
+	    is_action_available ("REBOOT")) {
 		item = gtk_menu_item_new_with_mnemonic (_("_Restart"));
 		gtk_menu_shell_append (GTK_MENU_SHELL (menu), item);
 		g_signal_connect (G_OBJECT (item), "activate",
@@ -2261,25 +2324,8 @@ gdm_login_gui_init (void)
 		got_anything = TRUE;
 	}
 	
-	for (i = 0; i < GDM_CUSTOM_COMMAND_MAX; i++) {
-		gchar * key_string = NULL;
-		key_string = g_strdup_printf ("%s%d=", GDM_KEY_CUSTOM_CMD_TEMPLATE, i);
-		if (gdm_working_command_exists (gdm_config_get_string (key_string))) {
-			gint * cmd_index = g_new0(gint, 1);
-			*cmd_index = i;
-			key_string = g_strdup_printf ("%s%d=", GDM_KEY_CUSTOM_CMD_LR_LABEL_TEMPLATE, i);
-			item = gtk_menu_item_new_with_mnemonic (gdm_config_get_string (key_string));
-			gtk_menu_shell_append (GTK_MENU_SHELL (menu), item);
-			g_signal_connect (G_OBJECT (item), "activate",
-					  G_CALLBACK (gdm_custom_cmd_handler), 
-					  cmd_index);
-			gtk_widget_show (GTK_WIDGET (item));
-			got_anything = TRUE;			
-		}
-		g_free (key_string);
-	}
-
-	if (gdm_working_command_exists (gdm_config_get_string (GDM_KEY_HALT))) {
+	if (gdm_working_command_exists (gdm_config_get_string (GDM_KEY_HALT)) &&
+	    is_action_available ("HALT")) {
 		item = gtk_menu_item_new_with_mnemonic (_("Shut _Down"));
 		gtk_menu_shell_append (GTK_MENU_SHELL (menu), item);
 		g_signal_connect (G_OBJECT (item), "activate",
@@ -2289,7 +2335,8 @@ gdm_login_gui_init (void)
 		got_anything = TRUE;
 	}
 
-	if (gdm_working_command_exists (gdm_config_get_string (GDM_KEY_SUSPEND))) {
+	if (gdm_working_command_exists (gdm_config_get_string (GDM_KEY_SUSPEND)) &&
+	    is_action_available ("SUSPEND")) {
 		item = gtk_menu_item_new_with_mnemonic (_("_Suspend"));
 		gtk_menu_shell_append (GTK_MENU_SHELL (menu), item);
 		g_signal_connect (G_OBJECT (item), "activate",
@@ -2299,6 +2346,26 @@ gdm_login_gui_init (void)
 		got_anything = TRUE;
 	}
 	
+	if (is_action_available ("CUSTOM_CMD")) {
+		for (i = 0; i < GDM_CUSTOM_COMMAND_MAX; i++) {
+			gchar * key_string = NULL;
+			key_string = g_strdup_printf ("%s%d=", GDM_KEY_CUSTOM_CMD_TEMPLATE, i);
+			if (gdm_working_command_exists (gdm_config_get_string (key_string))) {
+				gint * cmd_index = g_new0(gint, 1);
+				*cmd_index = i;
+				key_string = g_strdup_printf ("%s%d=", GDM_KEY_CUSTOM_CMD_LR_LABEL_TEMPLATE, i);
+				item = gtk_menu_item_new_with_mnemonic (gdm_config_get_string (key_string));
+				gtk_menu_shell_append (GTK_MENU_SHELL (menu), item);
+				g_signal_connect (G_OBJECT (item), "activate",
+						  G_CALLBACK (gdm_custom_cmd_handler), 
+						  cmd_index);
+				gtk_widget_show (GTK_WIDGET (item));
+				got_anything = TRUE;			
+			}
+			g_free (key_string);
+		}
+	}
+
 	if (got_anything) {
 		item = gtk_menu_item_new_with_mnemonic (_("_Actions"));
 		gtk_menu_shell_append (GTK_MENU_SHELL (menubar), item);
@@ -2884,6 +2951,8 @@ gdm_read_config (void)
 	gdm_config_get_string (GDM_KEY_TIMED_LOGIN);
 	gdm_config_get_string (GDM_KEY_USE_24_CLOCK);
 	gdm_config_get_string (GDM_KEY_WELCOME);
+	gdm_config_get_string (GDM_KEY_RBAC_SYSTEM_COMMAND_KEYS);
+	gdm_config_get_string (GDM_KEY_SYSTEM_COMMANDS_IN_MENU);
 
 	/* String keys for custom commands */	
 	for (i = 0; i < GDM_CUSTOM_COMMAND_MAX; i++) {		
@@ -2992,6 +3061,8 @@ gdm_reread_config (int sig, gpointer data)
 	    gdm_config_reload_string (GDM_KEY_SESSION_DESKTOP_DIR) ||
 	    gdm_config_reload_string (GDM_KEY_SUSPEND) ||
 	    gdm_config_reload_string (GDM_KEY_TIMED_LOGIN) ||
+	    gdm_config_reload_string (GDM_KEY_RBAC_SYSTEM_COMMAND_KEYS) ||
+	    gdm_config_reload_string (GDM_KEY_SYSTEM_COMMANDS_IN_MENU) ||
 
 	    gdm_config_reload_int    (GDM_KEY_BACKGROUND_PROGRAM_INITIAL_DELAY) ||
 	    gdm_config_reload_int    (GDM_KEY_BACKGROUND_PROGRAM_RESTART_DELAY) ||
diff --git a/gui/greeter/Makefile.am b/gui/greeter/Makefile.am
index 8622ed49..efcbc5f6 100644
--- a/gui/greeter/Makefile.am
+++ b/gui/greeter/Makefile.am
@@ -74,6 +74,7 @@ gdmgreeter_SOURCES =  \
 	greeter_system.h
 
 gdmgreeter_LDADD = \
+	$(EXTRA_GREETER_LIBS)   \
 	-L$(top_builddir)/gui	\
 	-lgdmwm			\
 	-lgdmcommon		\
diff --git a/gui/greeter/greeter.c b/gui/greeter/greeter.c
index 56a5a4e8..4881339c 100644
--- a/gui/greeter/greeter.c
+++ b/gui/greeter/greeter.c
@@ -855,6 +855,9 @@ gdm_read_config (void)
 	gdm_config_get_string (GDM_KEY_USE_24_CLOCK);
 	gdm_config_get_string (GDM_KEY_WELCOME);
 	gdm_config_get_string (GDM_KEY_REMOTE_WELCOME);
+        gdm_config_get_string (GDM_KEY_RBAC_SYSTEM_COMMAND_KEYS);
+        gdm_config_get_string (GDM_KEY_SYSTEM_COMMANDS_IN_MENU);
+
 	gdm_config_get_int    (GDM_KEY_XINERAMA_SCREEN);
 	gdm_config_get_int    (GDM_KEY_TIMED_LOGIN_DELAY);
 	gdm_config_get_int    (GDM_KEY_FLEXI_REAP_DELAY_MINUTES);
@@ -940,12 +943,16 @@ greeter_reread_config (int sig, gpointer data)
 	    gdm_config_reload_string (GDM_KEY_BACKGROUND_COLOR) ||
 	    gdm_config_reload_string (GDM_KEY_DEFAULT_FACE) ||
 	    gdm_config_reload_string (GDM_KEY_DEFAULT_SESSION) ||
+            gdm_config_reload_string (GDM_KEY_RBAC_SYSTEM_COMMAND_KEYS) ||
+            gdm_config_reload_string (GDM_KEY_SYSTEM_COMMANDS_IN_MENU) ||
+
 	    gdm_config_reload_int    (GDM_KEY_XINERAMA_SCREEN) ||
 	    gdm_config_reload_int    (GDM_KEY_TIMED_LOGIN_DELAY) ||
 	    gdm_config_reload_int    (GDM_KEY_FLEXI_REAP_DELAY_MINUTES) ||
 	    gdm_config_reload_int    (GDM_KEY_MAX_ICON_HEIGHT) ||
 	    gdm_config_reload_int    (GDM_KEY_MAX_ICON_WIDTH) ||
 	    gdm_config_reload_int    (GDM_KEY_MINIMAL_UID) ||
+
 	    gdm_config_reload_bool   (GDM_KEY_ENTRY_CIRCLES) ||
 	    gdm_config_reload_bool   (GDM_KEY_ENTRY_INVISIBLE) ||
 	    gdm_config_reload_bool   (GDM_KEY_SHOW_XTERM_FAILSAFE) ||
diff --git a/gui/greeter/greeter_system.c b/gui/greeter/greeter_system.c
index 0161d100..65729c83 100644
--- a/gui/greeter/greeter_system.c
+++ b/gui/greeter/greeter_system.c
@@ -19,6 +19,12 @@
 #include "config.h"
 
 #include <unistd.h>
+#include <string.h>
+
+#ifdef HAVE_CHKAUTHATTR
+#include <auth_attr.h>
+#include <secdb.h>
+#endif
 
 #include <gtk/gtk.h>
 #include <glib/gi18n.h>
@@ -165,6 +171,63 @@ greeter_chooser_handler (void)
 	_exit (DISPLAY_RUN_CHOOSER);
 }
 
+static gboolean
+is_action_available (gchar *action)
+{
+	gchar **allowsyscmd = NULL;
+	const gchar *allowsyscmdval;
+	gboolean ret = FALSE;
+	int i;
+
+	allowsyscmdval = gdm_config_get_string (GDM_KEY_SYSTEM_COMMANDS_IN_MENU);
+	if (allowsyscmdval)
+		allowsyscmd = g_strsplit (allowsyscmdval, ";", 0);
+
+	if (allowsyscmd) {
+		for (i = 0; allowsyscmd[i] != NULL; i++) {
+			if (strcmp (allowsyscmd[i], action) == 0) {
+				ret = TRUE;
+				break;
+			}
+		}
+	}
+
+#ifdef HAVE_CHKAUTHATTR
+	if (ret == TRUE) {
+		gchar **rbackeys = NULL;
+		const gchar *rbackeysval;
+		const char *gdmuser;
+
+		gdmuser     = gdm_config_get_string (GDM_KEY_USER);
+		rbackeysval = gdm_config_get_string (GDM_KEY_RBAC_SYSTEM_COMMAND_KEYS);
+		if (rbackeysval)
+			rbackeys = g_strsplit (rbackeysval, ";", 0);
+
+		if (rbackeys) {
+			for (i = 0; rbackeys[i] != NULL; i++) {
+				gchar **rbackey = g_strsplit (rbackeys[i], ":", 2);
+
+				if (! ve_string_empty (rbackey[0]) &&
+				    ! ve_string_empty (rbackey[1]) &&
+				    strcmp (rbackey[0], action) == 0) {
+
+					if (!chkauthattr (rbackey[1], gdmuser)) {
+						g_strfreev (rbackey);
+						ret = FALSE;
+						break;
+					}
+				}
+				g_strfreev (rbackey);
+			}
+		}
+		g_strfreev (rbackeys);
+	}
+#endif
+	g_strfreev (allowsyscmd);
+
+	return ret;
+}
+
 void
 greeter_system_append_system_menu (GtkWidget *menu)
 {
@@ -206,7 +269,7 @@ greeter_system_append_system_menu (GtkWidget *menu)
 		gtk_widget_show (sep);
 	}
 
-	if (GdmRebootFound) {
+	if (GdmRebootFound && is_action_available ("REBOOT")) {
 		w = gtk_menu_item_new_with_mnemonic (_("_Restart"));
 		gtk_menu_shell_append (GTK_MENU_SHELL (menu), w);
 		gtk_widget_show (GTK_WIDGET (w));
@@ -215,7 +278,25 @@ greeter_system_append_system_menu (GtkWidget *menu)
 				  NULL);
 	}
 
-	if (GdmAnyCustomCmdsFound) {
+	if (GdmHaltFound && is_action_available ("HALT")) {
+		w = gtk_menu_item_new_with_mnemonic (_("Shut _Down"));
+		gtk_menu_shell_append (GTK_MENU_SHELL (menu), w);
+		gtk_widget_show (GTK_WIDGET (w));
+		g_signal_connect (G_OBJECT (w), "activate",
+				  G_CALLBACK (query_greeter_halt_handler),
+				  NULL);
+	}
+
+	if (GdmSuspendFound && is_action_available ("SUSPEND")) {
+		w = gtk_menu_item_new_with_mnemonic (_("Sus_pend"));
+		gtk_menu_shell_append (GTK_MENU_SHELL (menu), w);
+		gtk_widget_show (GTK_WIDGET (w));
+		g_signal_connect (G_OBJECT (w), "activate",
+				  G_CALLBACK (query_greeter_suspend_handler),
+				  NULL);
+	}
+
+	if (GdmAnyCustomCmdsFound && is_action_available ("CUSTOM_CMD")) {
 		for (i = 0; i < GDM_CUSTOM_COMMAND_MAX; i++) {
 		        if (GdmCustomCmdsFound[i]){
 				gint * cmd_index = g_new0(gint, 1);
@@ -233,23 +314,6 @@ greeter_system_append_system_menu (GtkWidget *menu)
 		}
 	}
 
-	if (GdmHaltFound) {
-		w = gtk_menu_item_new_with_mnemonic (_("Shut _Down"));
-		gtk_menu_shell_append (GTK_MENU_SHELL (menu), w);
-		gtk_widget_show (GTK_WIDGET (w));
-		g_signal_connect (G_OBJECT (w), "activate",
-				  G_CALLBACK (query_greeter_halt_handler),
-				  NULL);
-	}
-
-	if (GdmSuspendFound) {
-		w = gtk_menu_item_new_with_mnemonic (_("Sus_pend"));
-		gtk_menu_shell_append (GTK_MENU_SHELL (menu), w);
-		gtk_widget_show (GTK_WIDGET (w));
-		g_signal_connect (G_OBJECT (w), "activate",
-				  G_CALLBACK (query_greeter_suspend_handler),
-				  NULL);
-	}
 }
 
 static gboolean