shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-26 14:04:03 +03:00
Code

inhibit: add --no-ask-password option and allow interactive polkit auth

Browse Source 
It seems entirely reasonable to make a policy which e.g. allows block operations
for interactive users after authentication. The tool should support this, so that
more complicated local policies can be used.

Related to https://github.com/systemd/systemd/pull/30307.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2024-06-26 12:21:05 +02:00
parent a8c3ed5f13
commit a87b7aa1a1
2 changed files with 26 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
man/systemd-inhibit.xml
View File

@ -114,6 +114,7 @@
acquiring one.</para></listitem>
</varlistentry>
<xi:include href="standard-options.xml" xpointer="no-ask-password" />
<xi:include href="standard-options.xml" xpointer="no-pager" />
<xi:include href="standard-options.xml" xpointer="no-legend" />
<xi:include href="standard-options.xml" xpointer="help" />

38
src/login/inhibit.c
View File

@ -25,10 +25,11 @@
#include "terminal-util.h"
#include "user-util.h"
static const char* arg_what = "idle:sleep:shutdown";
static const char* arg_who = NULL;
static const char* arg_why = "Unknown reason";
static const char* arg_mode = NULL;
static const char *arg_what = "idle:sleep:shutdown";
static const char *arg_who = NULL;
static const char *arg_why = "Unknown reason";
static const char *arg_mode = NULL;
static bool arg_ask_password = true;
static PagerFlags arg_pager_flags = 0;
static bool arg_legend = true;
@ -42,6 +43,8 @@ static int inhibit(sd_bus *bus, sd_bus_error *error) {
int r;
int fd;
(void) polkit_agent_open_if_enabled(BUS_TRANSPORT_LOCAL, arg_ask_password);
r = bus_call_method(bus, bus_login_mgr, "Inhibit", error, &reply, "ssss", arg_what, arg_who, arg_why, arg_mode);
if (r < 0)
return r;
@ -145,6 +148,7 @@ static int help(void) {
"\n%sExecute a process while inhibiting shutdown/sleep/idle.%s\n\n"
" -h --help Show this help\n"
" --version Show package version\n"
" --no-ask-password Do not attempt interactive authorization\n"
" --no-pager Do not pipe output into a pager\n"
" --no-legend Do not show the headers and footers\n"
" --what=WHAT Operations to inhibit, colon separated list of:\n"
@ -173,20 +177,22 @@ static int parse_argv(int argc, char *argv[]) {
ARG_WHY,
ARG_MODE,
ARG_LIST,
ARG_NO_ASK_PASSWORD,
ARG_NO_PAGER,
ARG_NO_LEGEND,
};
static const struct option options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "what", required_argument, NULL, ARG_WHAT },
{ "who", required_argument, NULL, ARG_WHO },
{ "why", required_argument, NULL, ARG_WHY },
{ "mode", required_argument, NULL, ARG_MODE },
{ "list", no_argument, NULL, ARG_LIST },
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
{ "no-legend", no_argument, NULL, ARG_NO_LEGEND },
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
{ "what", required_argument, NULL, ARG_WHAT },
{ "who", required_argument, NULL, ARG_WHO },
{ "why", required_argument, NULL, ARG_WHY },
{ "mode", required_argument, NULL, ARG_MODE },
{ "list", no_argument, NULL, ARG_LIST },
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
{ "no-legend", no_argument, NULL, ARG_NO_LEGEND },
{}
};
@ -228,6 +234,10 @@ static int parse_argv(int argc, char *argv[]) {
arg_action = ACTION_LIST;
break;
case ARG_NO_ASK_PASSWORD:
arg_ask_password = false;
break;
case ARG_NO_PAGER:
arg_pager_flags |= PAGER_DISABLE;
break;
@ -267,6 +277,8 @@ static int run(int argc, char *argv[]) {
if (r < 0)
return bus_log_connect_error(r, BUS_TRANSPORT_LOCAL);
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
if (arg_action == ACTION_LIST)
return print_inhibitors(bus);
else {