From 46ba8aae2b82bc5c87ba347e6bf914ecd5e9d51e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 13 Feb 2013 22:56:43 +0100 Subject: [PATCH] build-sys: make PolicyKit support compile-time optional (was runtime-optional already) --- Makefile.am | 5 ++++- README | 1 + configure.ac | 10 ++++++++++ src/shared/polkit.c | 10 +++++++++- src/shared/spawn-polkit-agent.c | 12 ++++++++++++ 5 files changed, 36 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index aae3c27d364..d73b78ce316 100644 --- a/Makefile.am +++ b/Makefile.am @@ -109,6 +109,7 @@ noinst_LTLIBRARIES = lib_LTLIBRARIES = include_HEADERS = pkgconfiglib_DATA = +polkitpolicy_in_in_files = polkitpolicy_in_files = polkitpolicy_files = dist_udevrules_DATA = @@ -969,7 +970,7 @@ dbusinterface_DATA += \ org.freedesktop.systemd1.Swap.xml \ org.freedesktop.systemd1.Path.xml -polkitpolicy_in_in_files = \ +polkitpolicy_in_in_files += \ src/core/org.freedesktop.systemd1.policy.in.in org.freedesktop.systemd1.%.xml: systemd @@ -3474,9 +3475,11 @@ units/user/%: units/%.m4 Makefile $(AM_V_M4)$(MKDIR_P) $(dir $@) $(AM_V_M4)$(M4) -P $(M4_DEFINES) -DFOR_USER=1 < $< > $@ +if ENABLE_POLKIT nodist_polkitpolicy_DATA = \ $(polkitpolicy_files) \ $(polkitpolicy_in_in_files:.policy.in.in=.policy) +endif EXTRA_DIST += \ $(polkitpolicy_in_files) \ diff --git a/README b/README index 3b248048cc5..f20bd388940 100644 --- a/README +++ b/README @@ -61,6 +61,7 @@ REQUIREMENTS: util-linux >= v2.19 (requires fsck -l, agetty -s) sulogin (from util-linux >= 2.22 or sysvinit-tools, optional but recommended) dracut (optional) + PolicyKit (optional) When building from git you need the following additional dependencies: diff --git a/configure.ac b/configure.ac index 4e36dc3dcae..228f6969fff 100644 --- a/configure.ac +++ b/configure.ac @@ -626,6 +626,15 @@ if test "x$enable_coredump" != "xno"; then fi AM_CONDITIONAL(ENABLE_COREDUMP, [test "$have_coredump" = "yes"]) +# ------------------------------------------------------------------------------ +have_polkit=no +AC_ARG_ENABLE(polkit, AS_HELP_STRING([--disable-polkit], [disable PolicyKit support])) +if test "x$enable_polkit" != "xno"; then + AC_DEFINE(ENABLE_POLKIT, 1, [Define if PolicyKit support is to be enabled]) + have_polkit=yes +fi +AM_CONDITIONAL(ENABLE_POLKIT, [test "x$have_polkit" = "xyes"]) + # ------------------------------------------------------------------------------ AC_ARG_WITH(rc-local-script-path-start, AS_HELP_STRING([--with-rc-local-script-path-start=PATH], @@ -872,6 +881,7 @@ AC_MSG_RESULT([ timedated: ${have_timedated} localed: ${have_localed} coredump: ${have_coredump} + polkit: ${have_polkit} kmod: ${have_kmod} blkid: ${have_blkid} nss-myhostname: ${have_myhostname} diff --git a/src/shared/polkit.c b/src/shared/polkit.c index 826944585c1..cea7074ad3d 100644 --- a/src/shared/polkit.c +++ b/src/shared/polkit.c @@ -35,9 +35,10 @@ int verify_polkit( bool *_challenge, DBusError *error) { + +#ifdef ENABLE_POLKIT DBusMessage *m = NULL, *reply = NULL; const char *unix_process = "unix-process", *pid = "pid", *starttime = "start-time", *cancel_id = ""; - const char *sender; uint32_t flags = interactive ? 1 : 0; pid_t pid_raw; uint32_t pid_u32; @@ -46,6 +47,8 @@ int verify_polkit( DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant; int r; dbus_bool_t authorized = FALSE, challenge = FALSE; +#endif + const char *sender; unsigned long ul; assert(c); @@ -63,6 +66,8 @@ int verify_polkit( if (ul == 0) return 1; +#ifdef ENABLE_POLKIT + pid_raw = bus_get_unix_process_id(c, sender, error); if (pid_raw == 0) return -EINVAL; @@ -163,4 +168,7 @@ finish: dbus_message_unref(reply); return r; +#else + return -EPERM; +#endif } diff --git a/src/shared/spawn-polkit-agent.c b/src/shared/spawn-polkit-agent.c index fcb3722ddf9..f9e52cdcbd1 100644 --- a/src/shared/spawn-polkit-agent.c +++ b/src/shared/spawn-polkit-agent.c @@ -33,6 +33,7 @@ #include "util.h" #include "spawn-polkit-agent.h" +#ifdef ENABLE_POLKIT static pid_t agent_pid = 0; int polkit_agent_open(void) { @@ -84,3 +85,14 @@ void polkit_agent_close(void) { wait_for_terminate(agent_pid, NULL); agent_pid = 0; } + +#else + +int polkit_agent_open(void) { + return 0; +} + +void polkit_agent_close(void) { +} + +#endif