diff options
author | Ondrej Holy <oholy@redhat.com> | 2019-05-14 08:46:48 +0200 |
---|---|---|
committer | Ondrej Holy <oholy@redhat.com> | 2019-07-11 11:24:17 +0000 |
commit | 6493083b1d7a839257e7dcec390c6ae20c0f3aa4 (patch) | |
tree | 183d93904c8a8880b3eca872fff530e485205fdf | |
parent | 8b45eca75812e884b046c8fa8a6e09c915381197 (diff) | |
download | gvfs-6493083b1d7a839257e7dcec390c6ae20c0f3aa4.tar.gz |
udisks2: Handle lockdown option to disable writing
Handle the new mount-removable-storage-devices-as-read-only option of
org.gnome.desktop.lockdown schema and mount removable devices as read-only
if enabled.
-rw-r--r-- | monitor/udisks2/gvfsudisks2volume.c | 8 | ||||
-rw-r--r-- | monitor/udisks2/gvfsudisks2volumemonitor.c | 34 | ||||
-rw-r--r-- | monitor/udisks2/gvfsudisks2volumemonitor.h | 1 |
3 files changed, 43 insertions, 0 deletions
diff --git a/monitor/udisks2/gvfsudisks2volume.c b/monitor/udisks2/gvfsudisks2volume.c index a509b5dd..b2545058 100644 --- a/monitor/udisks2/gvfsudisks2volume.c +++ b/monitor/udisks2/gvfsudisks2volume.c @@ -1093,6 +1093,7 @@ do_mount (GTask *task) { MountData *data = g_task_get_task_data (task); GVariantBuilder builder; + GVfsUDisks2Volume *volume = g_task_get_source_object (task); g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT); if (data->mount_operation == NULL) @@ -1101,6 +1102,13 @@ do_mount (GTask *task) "{sv}", "auth.no_user_interaction", g_variant_new_boolean (TRUE)); } + if (gvfs_udisks2_volume_monitor_get_readonly_lockdown (volume->monitor)) + { + g_variant_builder_add (&builder, + "{sv}", + "options", g_variant_new_string ("ro")); + + } udisks_filesystem_call_mount (data->filesystem_to_mount, g_variant_builder_end (&builder), g_task_get_cancellable (task), diff --git a/monitor/udisks2/gvfsudisks2volumemonitor.c b/monitor/udisks2/gvfsudisks2volumemonitor.c index 0a5ce96e..37c81fcf 100644 --- a/monitor/udisks2/gvfsudisks2volumemonitor.c +++ b/monitor/udisks2/gvfsudisks2volumemonitor.c @@ -65,6 +65,9 @@ struct _GVfsUDisks2VolumeMonitor /* we keep volumes/mounts for blank and audio discs separate to handle e.g. mixed discs properly */ GList *disc_volumes; GList *disc_mounts; + + GSettings *lockdown_settings; + gboolean readonly_lockdown; }; static UDisksClient *get_udisks_client_sync (GError **error); @@ -140,6 +143,8 @@ gvfs_udisks2_volume_monitor_finalize (GObject *object) g_list_free_full (monitor->disc_volumes, g_object_unref); g_list_free_full (monitor->disc_mounts, g_object_unref); + g_clear_object (&monitor->lockdown_settings); + G_OBJECT_CLASS (gvfs_udisks2_volume_monitor_parent_class)->finalize (object); } @@ -305,6 +310,17 @@ gvfs_udisks2_volume_monitor_constructor (GType type, } static void +lockdown_settings_changed (GSettings *settings, + gchar *key, + gpointer user_data) +{ + GVfsUDisks2VolumeMonitor *monitor = GVFS_UDISKS2_VOLUME_MONITOR (user_data); + + monitor->readonly_lockdown = g_settings_get_boolean (settings, + "mount-removable-storage-devices-as-read-only"); +} + +static void gvfs_udisks2_volume_monitor_init (GVfsUDisks2VolumeMonitor *monitor) { monitor->gudev_client = g_udev_client_new (NULL); /* don't listen to any changes */ @@ -325,6 +341,15 @@ gvfs_udisks2_volume_monitor_init (GVfsUDisks2VolumeMonitor *monitor) G_CALLBACK (mountpoints_changed), monitor); + monitor->lockdown_settings = g_settings_new ("org.gnome.desktop.lockdown"); + monitor->readonly_lockdown = g_settings_get_boolean (monitor->lockdown_settings, + "mount-removable-storage-devices-as-read-only"); + g_signal_connect_object (monitor->lockdown_settings, + "changed", + G_CALLBACK (lockdown_settings_changed), + monitor, + 0); + update_all (monitor, FALSE, TRUE); } @@ -388,6 +413,15 @@ gvfs_udisks2_volume_monitor_get_gudev_client (GVfsUDisks2VolumeMonitor *monitor) /* ---------------------------------------------------------------------------------------------------- */ +gboolean +gvfs_udisks2_volume_monitor_get_readonly_lockdown (GVfsUDisks2VolumeMonitor *monitor) +{ + g_return_val_if_fail (GVFS_IS_UDISKS2_VOLUME_MONITOR (monitor), FALSE); + return monitor->readonly_lockdown; +} + +/* ---------------------------------------------------------------------------------------------------- */ + void gvfs_udisks2_volume_monitor_update (GVfsUDisks2VolumeMonitor *monitor) { diff --git a/monitor/udisks2/gvfsudisks2volumemonitor.h b/monitor/udisks2/gvfsudisks2volumemonitor.h index 7f0215dc..751a0236 100644 --- a/monitor/udisks2/gvfsudisks2volumemonitor.h +++ b/monitor/udisks2/gvfsudisks2volumemonitor.h @@ -49,6 +49,7 @@ GVolumeMonitor *gvfs_udisks2_volume_monitor_new (void); UDisksClient *gvfs_udisks2_volume_monitor_get_udisks_client (GVfsUDisks2VolumeMonitor *monitor); void gvfs_udisks2_volume_monitor_update (GVfsUDisks2VolumeMonitor *monitor); GUdevClient *gvfs_udisks2_volume_monitor_get_gudev_client (GVfsUDisks2VolumeMonitor *monitor); +gboolean gvfs_udisks2_volume_monitor_get_readonly_lockdown (GVfsUDisks2VolumeMonitor *monitor); G_END_DECLS |