Commit 0999c4a0 authored by Thomas Wood's avatar Thomas Wood

sharing: add helper application to enable or disable remote login

Add a helper application and PolicyKit action to enable and disable the
remote login service.

https://bugzilla.gnome.org/show_bug.cgi?id=691962
parent da2a8bd6
......@@ -166,6 +166,7 @@ PKG_CHECK_MODULES(USER_ACCOUNTS_PANEL, $COMMON_MODULES
pwquality
accountsservice >= $ACCOUNTSSERVICE_REQUIRED_VERSION)
PKG_CHECK_MODULES(SHARING_PANEL, $COMMON_MODULES egg-list-box)
PKG_CHECK_MODULES(REMOTE_LOGIN_HELPER, glib-2.0 >= $GLIB_REQUIRED_VERSION gio-2.0)
PKG_CHECK_MODULES(GVC, gobject-2.0 libpulse libpulse-mainloop-glib)
AM_CONDITIONAL(HAVE_INTROSPECTION, false)
......
......@@ -6,6 +6,7 @@ uidir = $(pkgdatadir)/ui/sharing
AM_CPPFLAGS = \
$(PANEL_CFLAGS) \
$(SHARING_PANEL_CFLAGS) \
-DLIBEXECDIR=\"$(libexecdir)\" \
$(NULL)
noinst_LTLIBRARIES = libsharing.la
......@@ -40,8 +41,22 @@ cc-sharing-resources.h: sharing.gresource.xml $(resource_files)
libsharing_la_LIBADD = $(PANEL_LIBS) $(SHARING_PANEL_LIBS)
libsharing_la_LDFLAGS = $(PANEL_LDFLAGS)
@INTLTOOL_DESKTOP_RULE@
libexec_PROGRAMS = cc-remote-login-helper
cc_remote_login_helper_SOURCES = cc-remote-login-helper.c
cc_remote_login_helper_LDADD = $(REMOTE_LOGIN_HELPER_LIBS)
cc_remote_login_helper_CFLAGS = $(REMOTE_LOGIN_HELPER_CFLAGS)
org.gnome.controlcenter.remote-login-helper.policy.in: org.gnome.controlcenter.remote-login-helper.policy.in.in Makefile
$(AM_V_GEN) sed -e "s|\@libexecdir\@|$(libexecdir)|" $< > $@
@INTLTOOL_POLICY_RULE@
polkit_policydir = $(datadir)/polkit-1/actions
polkit_policy_in_files = org.gnome.controlcenter.remote-login-helper.policy.in
polkit_policy_DATA = $(polkit_policy_in_files:.policy.in=.policy)
@INTLTOOL_DESKTOP_RULE@
desktopdir = $(datadir)/applications
desktop_in_files = gnome-sharing-panel.desktop.in
desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
......
/*
* Copyright (C) 2013 Intel, Inc
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Author: Thomas Wood <thomas.wood@intel.com>
*
*/
#include <gio/gio.h>
#define SSHD_SERVICE "sshd.service"
static const gchar *service_list[] = { SSHD_SERVICE, NULL };
static gint
enable_ssh_service ()
{
GDBusConnection *connection;
GError *error = NULL;
GVariant *temp_variant;
connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, &error);
if (!connection)
{
g_critical ("Error connecting to D-Bus system bus: %s", error->message);
g_clear_error (&error);
return 1;
}
temp_variant = g_dbus_connection_call_sync (connection,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
"StartUnit",
g_variant_new ("(ss)",
SSHD_SERVICE,
"replace"),
(GVariantType *) "(o)",
G_DBUS_CALL_FLAGS_NONE,
-1,
NULL,
&error);
if (!temp_variant)
{
g_critical ("Error starting " SSHD_SERVICE ": %s", error->message);
g_clear_error (&error);
return 1;
}
g_variant_unref (temp_variant);
temp_variant = g_dbus_connection_call_sync (connection,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
"EnableUnitFiles",
g_variant_new ("(^asbb)",
service_list,
FALSE, FALSE),
(GVariantType *) "(ba(sss))",
G_DBUS_CALL_FLAGS_NONE,
-1,
NULL,
&error);
if (!temp_variant)
{
g_critical ("Error enabling " SSHD_SERVICE ": %s", error->message);
g_clear_error (&error);
return 1;
}
g_variant_unref (temp_variant);
return 0;
}
static gint
disable_ssh_service ()
{
GDBusConnection *connection;
GError *error = NULL;
GVariant *temp_variant;
connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, &error);
if (!connection)
{
g_critical ("Error connecting to D-Bus system bus: %s", error->message);
g_clear_error (&error);
return 1;
}
temp_variant = g_dbus_connection_call_sync (connection,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
"StopUnit",
g_variant_new ("(ss)", SSHD_SERVICE, "replace"),
(GVariantType *) "(o)",
G_DBUS_CALL_FLAGS_NONE,
-1,
NULL,
&error);
if (!temp_variant)
{
g_critical ("Error stopping " SSHD_SERVICE ": %s", error->message);
g_clear_error (&error);
return 1;
}
g_variant_unref (temp_variant);
temp_variant = g_dbus_connection_call_sync (connection,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
"DisableUnitFiles",
g_variant_new ("(^asb)", service_list, FALSE,
FALSE),
(GVariantType *) "(a(sss))",
G_DBUS_CALL_FLAGS_NONE,
-1,
NULL,
&error);
if (!temp_variant)
{
g_critical ("Error disabling " SSHD_SERVICE ": %s", error->message);
g_clear_error (&error);
return 1;
}
g_variant_unref (temp_variant);
return 0;
}
int
main (int argc,
char **argv)
{
if (argc < 2)
return 1;
if (argv[1] == NULL)
return 1;
if (g_str_equal (argv[1], "enable"))
return enable_ssh_service ();
else if (g_str_equal (argv[1], "disable"))
return disable_ssh_service ();
return 1;
}
......@@ -52,10 +52,9 @@ active_state_ready_callback (GObject *source_object,
g_variant_unref (tmp_variant);
/* set the switch to the correct state */
g_object_set_data (G_OBJECT (gtkswitch), "set-from-dbus", GINT_TO_POINTER (1));
gtk_switch_set_active (gtkswitch, active);
/* TODO: enable the switch when cc_remote_login_set_enabled is implemented */
/* gtk_widget_set_sensitive (gtkswitch, TRUE); */
gtk_widget_set_sensitive (gtkswitch, TRUE);
}
static void
......@@ -135,14 +134,62 @@ void
cc_remote_login_get_enabled (GtkSwitch *gtkswitch)
{
/* disable the switch until the current state is known */
gtk_widget_set_sensitive (gtkswitch, FALSE);
gtk_widget_set_sensitive (GTK_WIDGET (gtkswitch), FALSE);
g_bus_get (G_BUS_TYPE_SYSTEM, NULL, bus_ready_callback, gtkswitch);
}
gboolean
cc_remote_login_set_enabled (gboolean enabled)
static gint std_err;
static void
child_watch_func (GPid pid,
gint status,
gpointer gtkswitch)
{
/* not implemented yet */
return FALSE;
if (status != 0)
{
g_warning ("Error enabling or disabling remote login service");
/* make sure the switch reflects the current status */
cc_remote_login_get_enabled (GTK_SWITCH (gtkswitch));
}
g_spawn_close_pid (pid);
gtk_widget_set_sensitive (GTK_WIDGET (gtkswitch), TRUE);
}
void
cc_remote_login_set_enabled (GtkSwitch *gtkswitch)
{
gchar *command[] = { "pkexec", LIBEXECDIR "/cc-remote-login-helper", NULL,
NULL };
GError *error = NULL;
GPid pid;
if (GPOINTER_TO_INT (g_object_get_data (G_OBJECT (gtkswitch), "set-from-dbus")) == 1)
{
g_object_set_data (G_OBJECT (gtkswitch), "set-from-dbus", NULL);
return;
}
if (gtk_switch_get_active (gtkswitch))
command[2] = "enable";
else
command[2] = "disable";
gtk_widget_set_sensitive (GTK_WIDGET (gtkswitch), FALSE);
g_spawn_async_with_pipes (NULL, command, NULL,
G_SPAWN_SEARCH_PATH | G_SPAWN_DO_NOT_REAP_CHILD, NULL,
NULL, &pid, NULL, NULL, &std_err, &error);
g_child_watch_add (pid, child_watch_func, gtkswitch);
if (error)
{
g_error ("Error running cc-remote-login-helper: %s", error->message);
g_clear_error (&error);
}
}
......@@ -25,6 +25,6 @@
#include <gtk/gtk.h>
void cc_remote_login_get_enabled (GtkSwitch *gtkswitch);
gboolean cc_remote_login_set_enabled (gboolean enabled);
void cc_remote_login_set_enabled (GtkSwitch *gtkswitch);
#endif /* __CC_REMOTE_LOGIN_H__ **/
......@@ -591,7 +591,7 @@ static void
remote_login_switch_activate (GtkSwitch *remote_login_switch,
CcSharingPanel *self)
{
cc_remote_login_set_enabled (gtk_switch_get_active (remote_login_switch));
cc_remote_login_set_enabled (remote_login_switch);
}
static void
......
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
<policyconfig>
<vendor>The GNOME Project</vendor>
<vendor_url>http://www.gnome.org/</vendor_url>
<action id="org.gnome.controlcenter.remote-login-helper">
<_description>Enable or disable remote login</_description>
<_message>Authentication is required to enable or disable remote login</_message>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.exec.path">@libexecdir@/cc-remote-login-helper</annotate>
</action>
</policyconfig>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment