Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[sailfish-access-control] Add system user uid getter. Contributes to …
…JB#47615
  • Loading branch information
Marko Kenttala committed Dec 18, 2019
1 parent b6bfabb commit f2ec127
Show file tree
Hide file tree
Showing 5 changed files with 43 additions and 2 deletions.
25 changes: 25 additions & 0 deletions glib/sailfishaccesscontrol.c
Expand Up @@ -24,6 +24,8 @@
#include <glib.h>

#define NO_GROUPS GINT_TO_POINTER(1)
#define SAILFISH_SYSTEM_GROUP "sailfish-system"
#define SAILFISH_SYSTEM_PREFIX "sailfish-"

GHashTable *s_groups = NULL;

Expand Down Expand Up @@ -77,3 +79,26 @@ bool sailfish_access_control_hasgroup(uid_t uid, const char *group_name)

return false;
}

uid_t sailfish_access_control_systemuser_uid()
{
struct group *grp = getgrnam(SAILFISH_SYSTEM_GROUP);
struct passwd *pw;
int i;
uid_t uid = SAILFISH_UNDEFINED_UID;

// Get system user UID using sailfish-system group
if (grp) {
for (i = 0; grp->gr_mem[i]; i++) {
if (strncmp(grp->gr_mem[i], SAILFISH_SYSTEM_PREFIX, strlen(SAILFISH_SYSTEM_PREFIX))) {
pw = getpwnam(grp->gr_mem[i]);
if (pw) {
uid = pw->pw_uid;
break;
}
}
}
}

return uid;
}
3 changes: 3 additions & 0 deletions glib/sailfishaccesscontrol.h
Expand Up @@ -22,12 +22,15 @@
#include <stdbool.h>
#include <unistd.h>

#define SAILFISH_UNDEFINED_UID UINT_MAX

#ifdef __cplusplus
extern "C" {
#endif
#pragma GCC visibility push(default)

bool sailfish_access_control_hasgroup(uid_t uid, const char *group_name);
uid_t sailfish_access_control_systemuser_uid();

#pragma GCC visibility pop

Expand Down
11 changes: 11 additions & 0 deletions qt/accesscontrol.cpp
Expand Up @@ -38,9 +38,20 @@ bool AccessControl::hasGroup(int uid, const QString groupName)
case EffectiveUid:
uid = geteuid();
break;
case UndefinedUid:
return false;
break;
default:
Q_ASSERT_X(uid >= 0, Q_FUNC_INFO, "Uid must be either of enum type Uid or non-negative.");
break;
}
return sailfish_access_control_hasgroup(uid, groupName.toLatin1().data());
}

int AccessControl::systemUserUid()
{
uid_t uid = sailfish_access_control_systemuser_uid();
if (uid == SAILFISH_UNDEFINED_UID)
return Uid::UndefinedUid;
return uid;
}
4 changes: 3 additions & 1 deletion qt/accesscontrol.h
Expand Up @@ -32,11 +32,13 @@ class AccessControl : public QObject

enum Uid : int {
RealUid = -1,
EffectiveUid = -2
EffectiveUid = -2,
UndefinedUid = -INT_MAX
};
Q_ENUM(Uid)

Q_INVOKABLE bool hasGroup(int uid, const QString groupName);
Q_INVOKABLE int systemUserUid();
};

}
Expand Down
2 changes: 1 addition & 1 deletion rpm/sailfish-access-control-qt5.spec
Expand Up @@ -5,7 +5,7 @@ Release: 1
License: LGPLv2+
URL: https://git.sailfishos.org/mer-core/sailfish-access-control
Source0: %{name}-%{version}.tar.bz2
BuildRequires: pkgconfig(sailfishaccesscontrol) = %{version}
BuildRequires: pkgconfig(sailfishaccesscontrol) >= %{version}
BuildRequires: pkgconfig(Qt5Core)
BuildRequires: pkgconfig(Qt5Qml)

Expand Down

0 comments on commit f2ec127

Please sign in to comment.