rpms/gnome-settings-daemon
7
0
Fork 0
Code Issues Pull Requests Releases Activity
646ba50930
gnome-settings-daemon/SOURCES/0001-subman-Add-a-new-plugin-to-provide-system-subscripti.patch
CentOS Sources 646ba50930 import gnome-settings-daemon-3.32.0-13.el8
2021-10-08 11:28:28 +00:00

1872 lines
62 KiB
Diff
Raw Blame History

From bee6d42503ec9b56f6e10704db02bcedb6a4fdf1 Mon Sep 17 00:00:00 2001
From: Richard Hughes <rhughes@redhat.com>
Date: Thu, 20 Aug 2020 11:16:09 -0400
Subject: [PATCH 01/15] subman: Add a new plugin to provide system subscription
registration
---
meson.build | 1 +
plugins/meson.build | 1 +
plugins/subman/README.md | 56 +
plugins/subman/gsd-subman-common.c | 36 +
plugins/subman/gsd-subman-common.h | 40 +
plugins/subman/gsd-subman-helper.c | 378 +++++++
plugins/subman/gsd-subscription-manager.c | 982 ++++++++++++++++++
plugins/subman/gsd-subscription-manager.h | 63 ++
plugins/subman/main.c | 8 +
plugins/subman/meson.build | 56 +
...ome.SettingsDaemon.Subscription.desktop.in | 9 +
...ettings-daemon.plugins.subman.policy.in.in | 27 +
...gnome.settings-daemon.plugins.subman.rules | 7 +
13 files changed, 1664 insertions(+)
create mode 100644 plugins/subman/README.md
create mode 100644 plugins/subman/gsd-subman-common.c
create mode 100644 plugins/subman/gsd-subman-common.h
create mode 100644 plugins/subman/gsd-subman-helper.c
create mode 100644 plugins/subman/gsd-subscription-manager.c
create mode 100644 plugins/subman/gsd-subscription-manager.h
create mode 100644 plugins/subman/main.c
create mode 100644 plugins/subman/meson.build
create mode 100644 plugins/subman/org.gnome.SettingsDaemon.Subscription.desktop.in
create mode 100644 plugins/subman/org.gnome.settings-daemon.plugins.subman.policy.in.in
create mode 100644 plugins/subman/org.gnome.settings-daemon.plugins.subman.rules
diff --git a/meson.build b/meson.build
index 1632ea05..27bf8c4c 100644
--- a/meson.build
+++ b/meson.build
@@ -70,60 +70,61 @@ if gsd_buildtype.contains('debug')
]
compiler_flags = cc.get_supported_arguments(test_cflags)
elif gsd_buildtype.contains('release')
common_flags += ['-DG_DISABLE_CAST_CHECKS']
endif
# Workaround for meson's bug
# https://github.com/mesonbuild/meson/pull/1896
if get_option('b_ndebug') == true
common_flags += ['-DG_DISABLE_ASSERT']
endif
add_project_arguments(common_flags + compiler_flags, language: 'c')
glib_dep = dependency('glib-2.0', version: '>= 2.56')
colord_dep = dependency('colord', version: '>= 1.0.2')
geocode_glib_dep = dependency('geocode-glib-1.0', version: '>= 3.10.0')
gio_dep = dependency('gio-2.0', version: '>= 2.53.0')
gio_unix_dep = dependency('gio-unix-2.0')
gnome_desktop_dep = dependency('gnome-desktop-3.0', version: '>= 3.11.1')
gsettings_desktop_dep = dependency('gsettings-desktop-schemas', version: '>= 3.27.90')
gtk_dep = dependency('gtk+-3.0', version: '>= 3.15.3')
gtk_x11_dep = dependency('gtk+-x11-3.0')
gweather_dep = dependency('gweather-3.0', version: '>= 3.9.5')
lcms_dep = dependency('lcms2', version: '>= 2.2')
libcanberra_gtk_dep = dependency('libcanberra-gtk3')
libgeoclue_dep = dependency('libgeoclue-2.0', version: '>= 2.3.1')
libnotify_dep = dependency('libnotify', version: '>= 0.7.3')
libpulse_mainloop_glib_dep = dependency('libpulse-mainloop-glib', version: '>= 2.0')
+jsonglib_dep = dependency('json-glib-1.0', version: '>= 1.1.1')
pango_dep = dependency('pango', version: '>= 1.20.0')
polkit_gobject_dep = dependency('polkit-gobject-1', version: '>= 0.103')
upower_glib_dep = dependency('upower-glib', version: '>= 0.99.0')
x11_dep = dependency('x11')
m_dep = cc.find_library('m')
dl_dep = cc.find_library('dl')
# ALSA integration (default enabled)
enable_alsa = get_option('alsa')
assert(enable_alsa or not host_is_linux, 'ALSA is not optional on Linux platforms')
libgvc = subproject(
'gvc',
default_options: [
'static=true',
'alsa=' + enable_alsa.to_string()
]
)
libgvc_dep = libgvc.get_variable('libgvc_dep')
# GUdev integration (default enabled)
enable_gudev = get_option('gudev')
if enable_gudev
gudev_dep = dependency('gudev-1.0')
endif
config_h.set10('HAVE_GUDEV', enable_gudev)
if host_is_linux
assert(enable_gudev, 'GUdev is not optional on Linux platforms')
endif
diff --git a/plugins/meson.build b/plugins/meson.build
index 3c4d42ac..4c9caf47 100644
--- a/plugins/meson.build
+++ b/plugins/meson.build
@@ -1,35 +1,36 @@
enabled_plugins = [
['a11y-settings', 'A11ySettings'],
['account', 'Account'],
['clipboard', 'Clipboard'],
['color', 'Color'],
+ ['subman', 'Subscription'],
['datetime', 'Datetime'],
['dummy', ''],
['power', 'Power'],
['housekeeping', 'Housekeeping'],
['keyboard', 'Keyboard'],
['media-keys', 'MediaKeys'],
['mouse', 'Mouse'],
['screensaver-proxy', 'ScreensaverProxy'],
['sharing', 'Sharing'],
['sound', 'Sound'],
['xsettings', 'XSettings']
]
if enable_smartcard
enabled_plugins += [['smartcard', 'Smartcard']]
endif
if enable_wacom
enabled_plugins += [['wacom', 'Wacom']]
endif
if enable_cups
enabled_plugins += [['print-notifications', 'PrintNotifications']]
endif
if enable_rfkill
enabled_plugins += [['rfkill', 'Rfkill']]
endif
plugins_conf = configuration_data()
diff --git a/plugins/subman/README.md b/plugins/subman/README.md
new file mode 100644
index 00000000..3e1cc3cd
--- /dev/null
+++ b/plugins/subman/README.md
@@ -0,0 +1,56 @@
+GNOME Settings Daemon: Subscription Manager Plugin
+==================================================
+
+Testing:
+
+To add a test acccount on subscription.rhsm.stage.redhat.com, use Ethel:
+http://account-manager-stage.app.eng.rdu2.redhat.com/#view
+
+Register with a username and password
+-------------------------------------
+
+ gdbus call \
+ --session \
+ --dest org.gnome.SettingsDaemon.Subscription \
+ --object-path /org/gnome/SettingsDaemon/Subscription \
+ --method org.gnome.SettingsDaemon.Subscription.Register "{'kind':<'username'>,'hostname':<'subscription.rhsm.stage.redhat.com'>,'username':<'rhughes_test'>,'password':<'barbaz'>}"
+
+To register with a certificate
+------------------------------
+
+ gdbus call \
+ --session \
+ --dest org.gnome.SettingsDaemon.Subscription \
+ --object-path /org/gnome/SettingsDaemon/Subscription \
+ --method org.gnome.SettingsDaemon.Subscription.Register "{'kind':<'key'>,'hostname':<'subscription.rhsm.stage.redhat.com'>,'organisation':<'foo'>,'activation-key':<'barbaz'>}"
+
+To unregister
+-------------
+
+ gdbus call \
+ --session \
+ --dest org.gnome.SettingsDaemon.Subscription \
+ --object-path /org/gnome/SettingsDaemon/Subscription \
+ --method org.gnome.SettingsDaemon.Subscription.Unregister
+
+Debugging
+---------
+
+Get the UNIX socket using `Subscription.Register` then call something like:
+
+ sudo G_MESSAGES_DEBUG=all ./plugins/subman/gsd-subman-helper \
+ --address="unix:abstract=/var/run/dbus-ulGB1wfnbn,guid=71e6bf329d861ce366df7a1d5d036a5b" \
+ --kind="register-with-username" \
+ --username="rhughes_test" \
+ --password="barbaz" \
+ --hostname="subscription.rhsm.stage.redhat.com" \
+ --organisation=""
+
+You can all see some basic debugging running `rhsmd` in the foreground:
+
+ sudo /usr/libexec/rhsmd -d -k
+
+Known Limitations
+=================
+
+Proxy servers are not supported, nor are custom host ports or prefixes.
diff --git a/plugins/subman/gsd-subman-common.c b/plugins/subman/gsd-subman-common.c
new file mode 100644
index 00000000..e515131e
--- /dev/null
+++ b/plugins/subman/gsd-subman-common.c
@@ -0,0 +1,36 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2019 Richard Hughes <rhughes@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "config.h"
+
+#include "gsd-subman-common.h"
+
+const gchar *
+gsd_subman_subscription_status_to_string (GsdSubmanSubscriptionStatus status)
+{
+ if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID)
+ return "valid";
+ if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID)
+ return "invalid";
+ if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_DISABLED)
+ return "disabled";
+ if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_PARTIALLY_VALID)
+ return "partially-valid";
+ return "unknown";
+}
diff --git a/plugins/subman/gsd-subman-common.h b/plugins/subman/gsd-subman-common.h
new file mode 100644
index 00000000..fccf9f6a
--- /dev/null
+++ b/plugins/subman/gsd-subman-common.h
@@ -0,0 +1,40 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2019 Richard Hughes <rhughes@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef __GSD_SUBMAN_COMMON_H
+#define __GSD_SUBMAN_COMMON_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+typedef enum {
+ GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN,
+ GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID,
+ GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID,
+ GSD_SUBMAN_SUBSCRIPTION_STATUS_DISABLED,
+ GSD_SUBMAN_SUBSCRIPTION_STATUS_PARTIALLY_VALID,
+ GSD_SUBMAN_SUBSCRIPTION_STATUS_LAST
+} GsdSubmanSubscriptionStatus;
+
+const gchar *gsd_subman_subscription_status_to_string (GsdSubmanSubscriptionStatus status);
+
+G_END_DECLS
+
+#endif /* __GSD_SUBMAN_COMMON_H */
diff --git a/plugins/subman/gsd-subman-helper.c b/plugins/subman/gsd-subman-helper.c
new file mode 100644
index 00000000..182f7190
--- /dev/null
+++ b/plugins/subman/gsd-subman-helper.c
@@ -0,0 +1,378 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2019 Richard Hughes <rhughes@redhat.com>
+ *
+ * Licensed under the GNU General Public License Version 2
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "config.h"
+
+#include <sys/types.h>
+#include <unistd.h>
+#include <stdlib.h>
+
+#include <gio/gio.h>
+#include <json-glib/json-glib.h>
+
+static void
+_helper_convert_error (const gchar *json_txt, GError **error)
+{
+ JsonNode *json_root;
+ JsonObject *json_obj;
+ const gchar *message;
+ g_autoptr(JsonParser) json_parser = json_parser_new ();
+
+ /* this may be plain text or JSON :| */
+ if (!json_parser_load_from_data (json_parser, json_txt, -1, NULL)) {
+ g_set_error_literal (error,
+ G_IO_ERROR,
+ G_IO_ERROR_NOT_SUPPORTED,
+ json_txt);
+ return;
+ }
+ json_root = json_parser_get_root (json_parser);
+ json_obj = json_node_get_object (json_root);
+ if (!json_object_has_member (json_obj, "message")) {
+ g_set_error (error,
+ G_IO_ERROR,
+ G_IO_ERROR_INVALID_DATA,
+ "no message' in %s", json_txt);
+ return;
+ }
+ message = json_object_get_string_member (json_obj, "message");
+ if (g_strstr_len (message, -1, "Invalid user credentials") != NULL) {
+ g_set_error_literal (error,
+ G_IO_ERROR,
+ G_IO_ERROR_PERMISSION_DENIED,
+ message);
+ return;
+ }
+ g_set_error_literal (error,
+ G_IO_ERROR,
+ G_IO_ERROR_NOT_SUPPORTED,
+ message);
+}
+
+static gboolean
+_helper_unregister (GError **error)
+{
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GVariantBuilder) proxy_options = NULL;
+ g_autoptr(GVariant) res = NULL;
+
+ g_debug ("unregistering");
+ proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
+ G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |
+ G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,
+ NULL,
+ "com.redhat.RHSM1",
+ "/com/redhat/RHSM1/Unregister",
+ "com.redhat.RHSM1.Unregister",
+ NULL, error);
+ if (proxy == NULL) {
+ g_prefix_error (error, "Failed to get proxy: ");
+ return FALSE;
+ }
+ proxy_options = g_variant_builder_new (G_VARIANT_TYPE_VARDICT);
+ res = g_dbus_proxy_call_sync (proxy,
+ "Unregister",
+ g_variant_new ("(a{sv}s)",
+ proxy_options,
+ ""), /* lang */
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ return res != NULL;
+}
+
+static gboolean
+_helper_auto_attach (GError **error)
+{
+ const gchar *str = NULL;
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GVariantBuilder) proxy_options = NULL;
+ g_autoptr(GVariant) res = NULL;
+
+ g_debug ("auto-attaching subscriptions");
+ proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
+ G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |
+ G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,
+ NULL,
+ "com.redhat.RHSM1",
+ "/com/redhat/RHSM1/Attach",
+ "com.redhat.RHSM1.Attach",
+ NULL, error);
+ if (proxy == NULL) {
+ g_prefix_error (error, "Failed to get proxy: ");
+ return FALSE;
+ }
+ proxy_options = g_variant_builder_new (G_VARIANT_TYPE_VARDICT);
+ res = g_dbus_proxy_call_sync (proxy,
+ "AutoAttach",
+ g_variant_new ("(sa{sv}s)",
+ "", /* now? */
+ proxy_options,
+ ""), /* lang */
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ if (res == NULL)
+ return FALSE;
+ g_variant_get (res, "(&s)", &str);
+ g_debug ("Attach.AutoAttach: %s", str);
+ return TRUE;
+}
+
+static gboolean
+_helper_save_config (const gchar *key, const gchar *value, GError **error)
+{
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GVariant) res = NULL;
+ proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
+ G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |
+ G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,
+ NULL,
+ "com.redhat.RHSM1",
+ "/com/redhat/RHSM1/Config",
+ "com.redhat.RHSM1.Config",
+ NULL, error);
+ if (proxy == NULL) {
+ g_prefix_error (error, "Failed to get proxy: ");
+ return FALSE;
+ }
+ res = g_dbus_proxy_call_sync (proxy, "Set",
+ g_variant_new ("(svs)",
+ key,
+ g_variant_new_string (value),
+ ""), /* lang */
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ return res != NULL;
+}
+
+int
+main (int argc, char *argv[])
+{
+ const gchar *userlang = ""; /* as root, so no translations */
+ g_autofree gchar *activation_key = NULL;
+ g_autofree gchar *address = NULL;
+ g_autofree gchar *hostname = NULL;
+ g_autofree gchar *kind = NULL;
+ g_autofree gchar *organisation = NULL;
+ g_autofree gchar *password = NULL;
+ g_autofree gchar *port = NULL;
+ g_autofree gchar *prefix = NULL;
+ g_autofree gchar *proxy_server = NULL;
+ g_autofree gchar *username = NULL;
+ g_autoptr(GDBusConnection) conn_private = NULL;
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GError) error = NULL;
+ g_autoptr(GOptionContext) context = g_option_context_new (NULL);
+ g_autoptr(GVariantBuilder) proxy_options = NULL;
+ g_autoptr(GVariantBuilder) subman_conopts = NULL;
+ g_autoptr(GVariantBuilder) subman_options = NULL;
+
+ const GOptionEntry options[] = {
+ { "kind", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,
+ &kind, "Kind, e.g. 'username' or 'key'", NULL },
+ { "address", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,
+ &address, "UNIX address", NULL },
+ { "username", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,
+ &username, "Username", NULL },
+ { "password", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,
+ &password, "Password", NULL },
+ { "organisation", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,
+ &organisation, "Organisation", NULL },
+ { "activation-key", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,
+ &activation_key, "Activation keys", NULL },
+ { "hostname", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
+ &hostname, "Registration server hostname", NULL },
+ { "prefix", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
+ &prefix, "Registration server prefix", NULL },
+ { "port", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
+ &port, "Registration server port", NULL },
+ { "proxy", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,
+ &proxy_server, "Proxy settings", NULL },
+ { NULL}
+ };
+
+ /* check calling UID */
+ if (getuid () != 0 || geteuid () != 0) {
+ g_printerr ("This program can only be used by the root user\n");
+ return G_IO_ERROR_NOT_SUPPORTED;
+ }
+ g_option_context_add_main_entries (context, options, NULL);
+ if (!g_option_context_parse (context, &argc, &argv, &error)) {
+ g_printerr ("Failed to parse arguments: %s\n", error->message);
+ return G_IO_ERROR_NOT_SUPPORTED;
+ }
+
+ /* uncommon actions */
+ if (kind == NULL) {
+ g_printerr ("No --kind specified\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ if (g_strcmp0 (kind, "unregister") == 0) {
+ if (!_helper_unregister (&error)) {
+ g_printerr ("Failed to Unregister: %s\n", error->message);
+ return G_IO_ERROR_NOT_INITIALIZED;
+ }
+ return EXIT_SUCCESS;
+ }
+ if (g_strcmp0 (kind, "auto-attach") == 0) {
+ if (!_helper_auto_attach (&error)) {
+ g_printerr ("Failed to AutoAttach: %s\n", error->message);
+ return G_IO_ERROR_NOT_INITIALIZED;
+ }
+ return EXIT_SUCCESS;
+ }
+
+ /* connect to abstract socket for reasons */
+ if (address == NULL) {
+ g_printerr ("No --address specified\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ conn_private = g_dbus_connection_new_for_address_sync (address,
+ G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT,
+ NULL, NULL,
+ &error);
+ if (conn_private == NULL) {
+ g_printerr ("Invalid --address specified: %s\n", error->message);
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ proxy = g_dbus_proxy_new_sync (conn_private,
+ G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES,
+ NULL, /* GDBusInterfaceInfo */
+ NULL, /* name */
+ "/com/redhat/RHSM1/Register",
+ "com.redhat.RHSM1.Register",
+ NULL, &error);
+ if (proxy == NULL) {
+ g_printerr ("Count not contact RHSM: %s\n", error->message);
+ return G_IO_ERROR_NOT_FOUND;
+ }
+
+ /* no options */
+ subman_options = g_variant_builder_new (G_VARIANT_TYPE("a{ss}"));
+
+ /* set registration server */
+ if (hostname == NULL || hostname[0] == '\0')
+ hostname = g_strdup ("subscription.rhsm.redhat.com");
+ if (prefix == NULL || prefix[0] == '\0')
+ prefix = g_strdup ("/subscription");
+ if (port == NULL || port[0] == '\0')
+ port = g_strdup ("443");
+ subman_conopts = g_variant_builder_new (G_VARIANT_TYPE("a{ss}"));
+ g_variant_builder_add (subman_conopts, "{ss}", "host", hostname);
+ g_variant_builder_add (subman_conopts, "{ss}", "handler", prefix);
+ g_variant_builder_add (subman_conopts, "{ss}", "port", port);
+
+ /* call into RHSM */
+ if (g_strcmp0 (kind, "register-with-key") == 0) {
+ g_auto(GStrv) activation_keys = NULL;
+ g_autoptr(GError) error_local = NULL;
+ g_autoptr(GVariant) res = NULL;
+
+ if (activation_key == NULL) {
+ g_printerr ("Required --activation-key\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ if (organisation == NULL) {
+ g_printerr ("Required --organisation\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+
+ g_debug ("registering using activation key");
+ activation_keys = g_strsplit (activation_key, ",", -1);
+ res = g_dbus_proxy_call_sync (proxy,
+ "RegisterWithActivationKeys",
+ g_variant_new ("(s^asa{ss}a{ss}s)",
+ organisation,
+ activation_keys,
+ subman_options,
+ subman_conopts,
+ userlang),
+ G_DBUS_CALL_FLAGS_NO_AUTO_START,
+ -1, NULL, &error_local);
+ if (res == NULL) {
+ g_dbus_error_strip_remote_error (error_local);
+ _helper_convert_error (error_local->message, &error);
+ g_printerr ("Failed to RegisterWithActivationKeys: %s\n", error->message);
+ return error->code;
+ }
+ } else if (g_strcmp0 (kind, "register-with-username") == 0) {
+ g_autoptr(GError) error_local = NULL;
+ g_autoptr(GVariant) res = NULL;
+
+ g_debug ("registering using username and password");
+ if (username == NULL) {
+ g_printerr ("Required --username\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ if (password == NULL) {
+ g_printerr ("Required --password\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ if (organisation == NULL) {
+ g_printerr ("Required --organisation\n");
+ return G_IO_ERROR_INVALID_DATA;
+ }
+ res = g_dbus_proxy_call_sync (proxy,
+ "Register",
+ g_variant_new ("(sssa{ss}a{ss}s)",
+ organisation,
+ username,
+ password,
+ subman_options,
+ subman_conopts,
+ userlang),
+ G_DBUS_CALL_FLAGS_NO_AUTO_START,
+ -1, NULL, &error_local);
+ if (res == NULL) {
+ g_dbus_error_strip_remote_error (error_local);
+ _helper_convert_error (error_local->message, &error);
+ g_printerr ("Failed to Register: %s\n", error->message);
+ return error->code;
+ }
+ } else {
+ g_printerr ("Invalid --kind specified: %s\n", kind);
+ return G_IO_ERROR_INVALID_DATA;
+ }
+
+ /* set the new hostname */
+ if (!_helper_save_config ("server.hostname", hostname, &error)) {
+ g_printerr ("Failed to save hostname: %s\n", error->message);
+ return G_IO_ERROR_NOT_INITIALIZED;
+ }
+ if (!_helper_save_config ("server.prefix", prefix, &error)) {
+ g_printerr ("Failed to save prefix: %s\n", error->message);
+ return G_IO_ERROR_NOT_INITIALIZED;
+ }
+ if (!_helper_save_config ("server.port", port, &error)) {
+ g_printerr ("Failed to save port: %s\n", error->message);
+ return G_IO_ERROR_NOT_INITIALIZED;
+ }
+
+ /* wait for rhsmd to notice the new config */
+ g_usleep (G_USEC_PER_SEC * 5);
+
+ /* auto-attach */
+ if (!_helper_auto_attach (&error)) {
+ g_printerr ("Failed to AutoAttach: %s\n", error->message);
+ return G_IO_ERROR_NOT_INITIALIZED;
+ }
+
+ return EXIT_SUCCESS;
+}
diff --git a/plugins/subman/gsd-subscription-manager.c b/plugins/subman/gsd-subscription-manager.c
new file mode 100644
index 00000000..08b13fa6
--- /dev/null
+++ b/plugins/subman/gsd-subscription-manager.c
@@ -0,0 +1,982 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2019 Richard Hughes <richard@hughsie.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "config.h"
+
+#include <glib/gi18n.h>
+#include <gdk/gdk.h>
+#include <gtk/gtk.h>
+#include <json-glib/json-glib.h>
+#include <libnotify/notify.h>
+
+#include "gnome-settings-profile.h"
+#include "gsd-subman-common.h"
+#include "gsd-subscription-manager.h"
+
+#define GSD_DBUS_NAME "org.gnome.SettingsDaemon"
+#define GSD_DBUS_PATH "/org/gnome/SettingsDaemon"
+#define GSD_DBUS_BASE_INTERFACE "org.gnome.SettingsDaemon"
+
+#define GSD_SUBSCRIPTION_DBUS_NAME GSD_DBUS_NAME ".Subscription"
+#define GSD_SUBSCRIPTION_DBUS_PATH GSD_DBUS_PATH "/Subscription"
+#define GSD_SUBSCRIPTION_DBUS_INTERFACE GSD_DBUS_BASE_INTERFACE ".Subscription"
+
+static const gchar introspection_xml[] =
+"<node>"
+" <interface name='org.gnome.SettingsDaemon.Subscription'>"
+" <method name='Register'>"
+" <arg type='a{sv}' name='options' direction='in'/>"
+" </method>"
+" <method name='Unregister'/>"
+" <property name='SubscriptionStatus' type='u' access='read'/>"
+" </interface>"
+"</node>";
+
+#define GSD_SUBSCRIPTION_MANAGER_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), GSD_TYPE_SUBSCRIPTION_MANAGER, GsdSubscriptionManagerPrivate))
+
+typedef enum {
+ _RHSM_INTERFACE_CONFIG,
+ _RHSM_INTERFACE_REGISTER_SERVER,
+ _RHSM_INTERFACE_ATTACH,
+ _RHSM_INTERFACE_ENTITLEMENT,
+ _RHSM_INTERFACE_PRODUCTS,
+ _RHSM_INTERFACE_CONSUMER,
+ _RHSM_INTERFACE_SYSPURPOSE,
+ _RHSM_INTERFACE_LAST
+} _RhsmInterface;
+
+struct GsdSubscriptionManagerPrivate
+{
+ /* D-Bus */
+ guint name_id;
+ GDBusNodeInfo *introspection_data;
+ GDBusConnection *connection;
+ GCancellable *bus_cancellable;
+
+ GDBusProxy *proxies[_RHSM_INTERFACE_LAST];
+ const gchar *userlang; /* owned by GLib internally */
+ GHashTable *config; /* str:str */
+ gchar *address;
+
+ GTimer *timer_last_notified;
+ NotifyNotification *notification_expired;
+ NotifyNotification *notification_registered;
+ NotifyNotification *notification_registration_required;
+ GsdSubmanSubscriptionStatus subscription_status;
+ GsdSubmanSubscriptionStatus subscription_status_last;
+};
+
+enum {
+ PROP_0,
+};
+
+static void gsd_subscription_manager_class_init (GsdSubscriptionManagerClass *klass);
+static void gsd_subscription_manager_init (GsdSubscriptionManager *subscription_manager);
+static void gsd_subscription_manager_finalize (GObject *object);
+
+G_DEFINE_TYPE (GsdSubscriptionManager, gsd_subscription_manager, G_TYPE_OBJECT)
+
+static gpointer manager_object = NULL;
+
+GQuark
+gsd_subscription_manager_error_quark (void)
+{
+ static GQuark quark = 0;
+ if (!quark)
+ quark = g_quark_from_static_string ("gsd_subscription_manager_error");
+ return quark;
+}
+
+static GsdSubmanSubscriptionStatus
+_client_subscription_status_from_text (const gchar *status_txt)
+{
+ if (g_strcmp0 (status_txt, "Unknown") == 0)
+ return GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN;
+ if (g_strcmp0 (status_txt, "Current") == 0)
+ return GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID;
+ if (g_strcmp0 (status_txt, "Invalid") == 0)
+ return GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID;
+ if (g_strcmp0 (status_txt, "Disabled") == 0)
+ return GSD_SUBMAN_SUBSCRIPTION_STATUS_DISABLED;
+ if (g_strcmp0 (status_txt, "Insufficient") == 0)
+ return GSD_SUBMAN_SUBSCRIPTION_STATUS_PARTIALLY_VALID;
+ g_warning ("Unknown subscription status: %s", status_txt); // 'Current'?
+ return GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN;
+}
+
+static void
+_emit_property_changed (GsdSubscriptionManager *manager,
+ const gchar *property_name,
+ GVariant *property_value)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ GVariantBuilder builder;
+ GVariantBuilder invalidated_builder;
+
+ /* not yet connected */
+ if (priv->connection == NULL)
+ return;
+
+ /* build the dict */
+ g_variant_builder_init (&invalidated_builder, G_VARIANT_TYPE ("as"));
+ g_variant_builder_init (&builder, G_VARIANT_TYPE_ARRAY);
+ g_variant_builder_add (&builder,
+ "{sv}",
+ property_name,
+ property_value);
+ g_dbus_connection_emit_signal (priv->connection,
+ NULL,
+ GSD_SUBSCRIPTION_DBUS_PATH,
+ "org.freedesktop.DBus.Properties",
+ "PropertiesChanged",
+ g_variant_new ("(sa{sv}as)",
+ GSD_SUBSCRIPTION_DBUS_INTERFACE,
+ &builder,
+ &invalidated_builder),
+ NULL);
+ g_variant_builder_clear (&builder);
+ g_variant_builder_clear (&invalidated_builder);
+}
+
+static gboolean
+_client_subscription_status_update (GsdSubscriptionManager *manager, GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ JsonNode *json_root;
+ JsonObject *json_obj;
+ const gchar *json_txt = NULL;
+ const gchar *status_txt = NULL;
+ g_autoptr(GVariant) val = NULL;
+ g_autoptr(JsonParser) json_parser = json_parser_new ();
+
+ /* save old value */
+ priv->subscription_status_last = priv->subscription_status;
+
+ val = g_dbus_proxy_call_sync (priv->proxies[_RHSM_INTERFACE_ENTITLEMENT],
+ "GetStatus",
+ g_variant_new ("(ss)",
+ "", /* assumed as 'now' */
+ priv->userlang),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ if (val == NULL)
+ return FALSE;
+ g_variant_get (val, "(&s)", &json_txt);
+ g_debug ("Entitlement.GetStatus JSON: %s", json_txt);
+ if (!json_parser_load_from_data (json_parser, json_txt, -1, error))
+ return FALSE;
+ json_root = json_parser_get_root (json_parser);
+ json_obj = json_node_get_object (json_root);
+ if (!json_object_has_member (json_obj, "status")) {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_INVALID_DATA,
+ "no Entitlement.GetStatus status in %s", json_txt);
+ return FALSE;
+ }
+
+ status_txt = json_object_get_string_member (json_obj, "status");
+ g_debug ("Entitlement.GetStatus: %s", status_txt);
+ priv->subscription_status = _client_subscription_status_from_text (status_txt);
+
+ /* emit notification for g-c-c */
+ if (priv->subscription_status != priv->subscription_status_last) {
+ _emit_property_changed (manager, "SubscriptionStatus",
+ g_variant_new_uint32 (priv->subscription_status));
+ }
+
+ return TRUE;
+}
+
+static gboolean
+_client_syspurpose_update (GsdSubscriptionManager *manager, GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ JsonNode *json_root;
+ JsonObject *json_obj;
+ const gchar *json_txt = NULL;
+ g_autoptr(GVariant) val = NULL;
+ g_autoptr(JsonParser) json_parser = json_parser_new ();
+
+ val = g_dbus_proxy_call_sync (priv->proxies[_RHSM_INTERFACE_SYSPURPOSE],
+ "GetSyspurpose",
+ g_variant_new ("(s)", priv->userlang),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ if (val == NULL)
+ return FALSE;
+ g_variant_get (val, "(&s)", &json_txt);
+ g_debug ("Syspurpose.GetSyspurpose JSON: %s", json_txt);
+ if (!json_parser_load_from_data (json_parser, json_txt, -1, error))
+ return FALSE;
+ json_root = json_parser_get_root (json_parser);
+ json_obj = json_node_get_object (json_root);
+ if (!json_object_has_member (json_obj, "status")) {
+ g_debug ("Syspurpose.GetSyspurpose: Unknown");
+ return TRUE;
+ }
+ g_debug ("Syspurpose.GetSyspurpose: '%s", json_object_get_string_member (json_obj, "status"));
+ return TRUE;
+}
+
+static gboolean
+_client_register_start (GsdSubscriptionManager *manager, GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ const gchar *address = NULL;
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GVariant) val = NULL;
+
+ /* already started */
+ if (priv->address != NULL)
+ return TRUE;
+
+ /* apparently: "we can't send registration credentials over the regular
+ * system or session bus since those aren't really locked down..." */
+ proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
+ G_DBUS_PROXY_FLAGS_NONE,
+ NULL,
+ "com.redhat.RHSM1",
+ "/com/redhat/RHSM1/RegisterServer",
+ "com.redhat.RHSM1.RegisterServer",
+ NULL, error);
+ if (proxy == NULL)
+ return FALSE;
+ val = g_dbus_proxy_call_sync (proxy, "Start",
+ g_variant_new ("(s)", priv->userlang),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ if (val == NULL)
+ return FALSE;
+ g_variant_get (val, "(&s)", &address);
+ g_debug ("RegisterServer.Start: %s", address);
+ priv->address = g_strdup (address);
+ return TRUE;
+}
+
+static gboolean
+_client_register_stop (GsdSubscriptionManager *manager, GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ g_autoptr(GDBusProxy) proxy = NULL;
+ g_autoptr(GVariant) val = NULL;
+
+ /* already started */
+ if (priv->address == NULL)
+ return TRUE;
+
+ /* stop registration server */
+ proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
+ G_DBUS_PROXY_FLAGS_NONE,
+ NULL,
+ "com.redhat.RHSM1",
+ "/com/redhat/RHSM1/RegisterServer",
+ "com.redhat.RHSM1.RegisterServer",
+ NULL, error);
+ if (proxy == NULL)
+ return FALSE;
+ val = g_dbus_proxy_call_sync (proxy, "Stop",
+ g_variant_new ("(s)", priv->userlang),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ if (val == NULL)
+ return FALSE;
+ g_clear_pointer (&priv->address, g_free);
+ return TRUE;
+}
+
+static gboolean
+_client_subprocess_wait_check (GSubprocess *subprocess, GError **error)
+{
+ gint rc;
+ if (!g_subprocess_wait (subprocess, NULL, error)) {
+ g_prefix_error (error, "failed to run pkexec: ");
+ return FALSE;
+ }
+ rc = g_subprocess_get_exit_status (subprocess);
+ if (rc != 0) {
+ GInputStream *istream = g_subprocess_get_stderr_pipe (subprocess);
+ gchar buf[1024] = { 0x0 };
+ gsize sz = 0;
+ g_input_stream_read_all (istream, buf, sizeof(buf) - 1, &sz, NULL, NULL);
+ if (sz == 0) {
+ g_set_error_literal (error, G_IO_ERROR, rc,
+ "Failed to run helper without stderr");
+ return FALSE;
+ }
+ g_set_error_literal (error, G_IO_ERROR, rc, buf);
+ return FALSE;
+ }
+ return TRUE;
+}
+
+typedef enum {
+ _NOTIFY_EXPIRED,
+ _NOTIFY_REGISTRATION_REQUIRED,
+ _NOTIFY_REGISTERED
+} _NotifyKind;
+
+static void
+_show_notification (GsdSubscriptionManager *manager, _NotifyKind notify_kind)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ switch (notify_kind) {
+ case _NOTIFY_EXPIRED:
+ notify_notification_close (priv->notification_registered, NULL);
+ notify_notification_close (priv->notification_registration_required, NULL);
+ notify_notification_show (priv->notification_expired, NULL);
+ break;
+ case _NOTIFY_REGISTRATION_REQUIRED:
+ notify_notification_close (priv->notification_registered, NULL);
+ notify_notification_close (priv->notification_expired, NULL);
+ notify_notification_show (priv->notification_registration_required, NULL);
+ break;
+ case _NOTIFY_REGISTERED:
+ notify_notification_close (priv->notification_expired, NULL);
+ notify_notification_close (priv->notification_registration_required, NULL);
+ notify_notification_show (priv->notification_registered, NULL);
+ break;
+ default:
+ break;
+ }
+ g_timer_reset (priv->timer_last_notified);
+}
+
+static void
+_client_maybe__show_notification (GsdSubscriptionManager *manager)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+
+ /* startup */
+ if (priv->subscription_status_last == GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN &&
+ priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN) {
+ _show_notification (manager, _NOTIFY_REGISTRATION_REQUIRED);
+ return;
+ }
+
+ /* something changed */
+ if (priv->subscription_status_last != priv->subscription_status) {
+ g_debug ("transisition from subscription status '%s' to '%s'",
+ gsd_subman_subscription_status_to_string (priv->subscription_status_last),
+ gsd_subman_subscription_status_to_string (priv->subscription_status));
+
+ /* needs registration */
+ if (priv->subscription_status_last == GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID &&
+ priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID) {
+ _show_notification (manager, _NOTIFY_REGISTRATION_REQUIRED);
+ return;
+ }
+
+ /* was unregistered */
+ if (priv->subscription_status_last == GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID &&
+ priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN) {
+ _show_notification (manager, _NOTIFY_REGISTRATION_REQUIRED);
+ return;
+ }
+
+ /* registered */
+ if (priv->subscription_status_last == GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN &&
+ priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID &&
+ g_timer_elapsed (priv->timer_last_notified, NULL) > 60) {
+ _show_notification (manager, _NOTIFY_REGISTERED);
+ return;
+ }
+ }
+
+ /* nag again */
+ if (priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN &&
+ g_timer_elapsed (priv->timer_last_notified, NULL) > 60 * 60 * 24) {
+ _show_notification (manager, _NOTIFY_REGISTRATION_REQUIRED);
+ return;
+ }
+ if (priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID &&
+ g_timer_elapsed (priv->timer_last_notified, NULL) > 60 * 60 * 24) {
+ _show_notification (manager, _NOTIFY_EXPIRED);
+ return;
+ }
+ if (priv->subscription_status == GSD_SUBMAN_SUBSCRIPTION_STATUS_PARTIALLY_VALID &&
+ g_timer_elapsed (priv->timer_last_notified, NULL) > 60 * 60 * 24) {
+ _show_notification (manager, _NOTIFY_EXPIRED);
+ return;
+ }
+}
+
+static gboolean
+_client_register_with_keys (GsdSubscriptionManager *manager,
+ const gchar *hostname,
+ const gchar *organisation,
+ const gchar *activation_key,
+ GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ g_autoptr(GSubprocess) subprocess = NULL;
+
+ /* apparently: "we can't send registration credentials over the regular
+ * system or session bus since those aren't really locked down..." */
+ if (!_client_register_start (manager, error))
+ return FALSE;
+ g_debug ("spawning %s", LIBEXECDIR "/gsd-subman-helper");
+ subprocess = g_subprocess_new (G_SUBPROCESS_FLAGS_STDERR_PIPE, error,
+ "pkexec", LIBEXECDIR "/gsd-subman-helper",
+ "--kind", "register-with-key",
+ "--address", priv->address,
+ "--hostname", hostname,
+ "--organisation", organisation,
+ "--activation-key", activation_key,
+ NULL);
+ if (subprocess == NULL) {
+ g_prefix_error (error, "failed to find pkexec: ");
+ return FALSE;
+ }
+ if (!_client_subprocess_wait_check (subprocess, error))
+ return FALSE;
+
+ /* FIXME: also do on error? */
+ if (!_client_register_stop (manager, error))
+ return FALSE;
+ if (!_client_subscription_status_update (manager, error))
+ return FALSE;
+ _client_maybe__show_notification (manager);
+
+ /* success */
+ return TRUE;
+}
+
+static gboolean
+_client_register (GsdSubscriptionManager *manager,
+ const gchar *hostname,
+ const gchar *organisation,
+ const gchar *username,
+ const gchar *password,
+ GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ g_autoptr(GSubprocess) subprocess = NULL;
+
+ /* fallback */
+ if (organisation == NULL)
+ organisation = "";
+
+ /* apparently: "we can't send registration credentials over the regular
+ * system or session bus since those aren't really locked down..." */
+ if (!_client_register_start (manager, error))
+ return FALSE;
+ g_debug ("spawning %s", LIBEXECDIR "/gsd-subman-helper");
+ subprocess = g_subprocess_new (G_SUBPROCESS_FLAGS_STDERR_PIPE, error,
+ "pkexec", LIBEXECDIR "/gsd-subman-helper",
+ "--kind", "register-with-username",
+ "--address", priv->address,
+ "--hostname", hostname,
+ "--organisation", organisation,
+ "--username", username,
+ "--password", password,
+ NULL);
+ if (subprocess == NULL) {
+ g_prefix_error (error, "failed to find pkexec: ");
+ return FALSE;
+ }
+ if (!_client_subprocess_wait_check (subprocess, error))
+ return FALSE;
+
+ /* FIXME: also do on error? */
+ if (!_client_register_stop (manager, error))
+ return FALSE;
+ if (!_client_subscription_status_update (manager, error))
+ return FALSE;
+ _client_maybe__show_notification (manager);
+ return TRUE;
+}
+
+static gboolean
+_client_unregister (GsdSubscriptionManager *manager, GError **error)
+{
+ g_autoptr(GSubprocess) subprocess = NULL;
+
+ /* apparently: "we can't send registration credentials over the regular
+ * system or session bus since those aren't really locked down..." */
+ if (!_client_register_start (manager, error))
+ return FALSE;
+ g_debug ("spawning %s", LIBEXECDIR "/gsd-subman-helper");
+ subprocess = g_subprocess_new (G_SUBPROCESS_FLAGS_STDERR_PIPE, error,
+ "pkexec", LIBEXECDIR "/gsd-subman-helper",
+ "--kind", "unregister",
+ NULL);
+ if (subprocess == NULL) {
+ g_prefix_error (error, "failed to find pkexec: ");
+ return FALSE;
+ }
+ if (!_client_subprocess_wait_check (subprocess, error))
+ return FALSE;
+ if (!_client_subscription_status_update (manager, error))
+ return FALSE;
+ _client_maybe__show_notification (manager);
+ return TRUE;
+}
+
+static gboolean
+_client_update_config (GsdSubscriptionManager *manager, GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ g_autoptr(GVariant) val = NULL;
+ g_autoptr(GVariant) val_server = NULL;
+ g_autoptr(GVariantDict) dict = NULL;
+ GVariantIter iter;
+ gchar *key;
+ gchar *value;
+
+ val = g_dbus_proxy_call_sync (priv->proxies[_RHSM_INTERFACE_CONFIG],
+ "GetAll",
+ g_variant_new ("(s)", priv->userlang),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1, NULL, error);
+ if (val == NULL)
+ return FALSE;
+ dict = g_variant_dict_new (g_variant_get_child_value (val, 0));
+ val_server = g_variant_dict_lookup_value (dict, "server", G_VARIANT_TYPE("a{ss}"));
+ if (val_server != NULL) {
+ g_variant_iter_init (&iter, val_server);
+ while (g_variant_iter_next (&iter, "{ss}", &key, &value)) {
+ g_debug ("%s=%s", key, value);
+ g_hash_table_insert (priv->config,
+ g_steal_pointer (&key),
+ g_steal_pointer (&value));
+ }
+ }
+ return TRUE;
+}
+
+static void
+_subman_proxy_signal_cb (GDBusProxy *proxy,
+ const gchar *sender_name,
+ const gchar *signal_name,
+ GVariant *parameters,
+ GsdSubscriptionManager *manager)
+{
+ g_autoptr(GError) error = NULL;
+ if (!_client_syspurpose_update (manager, &error)) {
+ g_warning ("failed to update syspurpose: %s", error->message);
+ g_clear_error (&error);
+ }
+ if (!_client_subscription_status_update (manager, &error)) {
+ g_warning ("failed to update subscription status: %s", error->message);
+ g_clear_error (&error);
+ }
+ _client_maybe__show_notification (manager);
+}
+
+static void
+_client_unload (GsdSubscriptionManager *manager)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ for (guint i = 0; i < _RHSM_INTERFACE_LAST; i++)
+ g_clear_object (&priv->proxies[i]);
+ g_hash_table_unref (priv->config);
+}
+
+static const gchar *
+_rhsm_interface_to_string (_RhsmInterface kind)
+{
+ if (kind == _RHSM_INTERFACE_CONFIG)
+ return "Config";
+ if (kind == _RHSM_INTERFACE_REGISTER_SERVER)
+ return "RegisterServer";
+ if (kind == _RHSM_INTERFACE_ATTACH)
+ return "Attach";
+ if (kind == _RHSM_INTERFACE_ENTITLEMENT)
+ return "Entitlement";
+ if (kind == _RHSM_INTERFACE_PRODUCTS)
+ return "Products";
+ if (kind == _RHSM_INTERFACE_CONSUMER)
+ return "Consumer";
+ if (kind == _RHSM_INTERFACE_SYSPURPOSE)
+ return "Syspurpose";
+ return NULL;
+}
+
+static gboolean
+_client_load (GsdSubscriptionManager *manager, GError **error)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+
+ priv->config = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
+
+ /* connect to all the interfaces on the *different* objects :| */
+ for (guint i = 0; i < _RHSM_INTERFACE_LAST; i++) {
+ const gchar *kind = _rhsm_interface_to_string (i);
+ g_autofree gchar *opath = g_strdup_printf ("/com/redhat/RHSM1/%s", kind);
+ g_autofree gchar *iface = g_strdup_printf ("com.redhat.RHSM1.%s", kind);
+ priv->proxies[i] =
+ g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
+ G_DBUS_PROXY_FLAGS_NONE,
+ NULL,
+ "com.redhat.RHSM1",
+ opath, iface,
+ NULL,
+ error);
+ if (priv->proxies[i] == NULL)
+ return FALSE;
+ /* we want to get notified if the status of the system changes */
+ g_signal_connect (priv->proxies[i], "g-signal",
+ G_CALLBACK (_subman_proxy_signal_cb), manager);
+ }
+
+ /* get initial status */
+ priv->userlang = "";
+ if (!_client_update_config (manager, error))
+ return FALSE;
+ if (!_client_subscription_status_update (manager, error))
+ return FALSE;
+ if (!_client_syspurpose_update (manager, error))
+ return FALSE;
+
+ /* success */
+ return TRUE;
+}
+
+gboolean
+gsd_subscription_manager_start (GsdSubscriptionManager *manager, GError **error)
+{
+ gboolean ret;
+ g_debug ("Starting subscription manager");
+ gnome_settings_profile_start (NULL);
+ ret = _client_load (manager, error);
+ _client_maybe__show_notification (manager);
+ gnome_settings_profile_end (NULL);
+ return ret;
+}
+
+void
+gsd_subscription_manager_stop (GsdSubscriptionManager *manager)
+{
+ g_debug ("Stopping subscription manager");
+ _client_unload (manager);
+}
+
+static void
+gsd_subscription_manager_class_init (GsdSubscriptionManagerClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+ object_class->finalize = gsd_subscription_manager_finalize;
+ notify_init ("gnome-settings-daemon");
+ g_type_class_add_private (klass, sizeof (GsdSubscriptionManagerPrivate));
+}
+
+static void
+_launch_info_overview (void)
+{
+ const gchar *argv[] = { "gnome-control-center", "info-overview", NULL };
+ g_debug ("Running gnome-control-center info-overview");
+ g_spawn_async (NULL, (gchar **) argv, NULL, G_SPAWN_SEARCH_PATH,
+ NULL, NULL, NULL, NULL);
+}
+
+static void
+_notify_closed_cb (NotifyNotification *notification, gpointer user_data)
+{
+ /* FIXME: only launch when clicking on the main body, not the window close */
+ if (notify_notification_get_closed_reason (notification) == 0x400)
+ _launch_info_overview ();
+}
+
+static void
+_notify_clicked_cb (NotifyNotification *notification, char *action, gpointer user_data)
+{
+ _launch_info_overview ();
+}
+
+static void
+gsd_subscription_manager_init (GsdSubscriptionManager *manager)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv = GSD_SUBSCRIPTION_MANAGER_GET_PRIVATE (manager);
+
+ priv->timer_last_notified = g_timer_new ();
+
+ /* expired */
+ priv->notification_expired =
+ notify_notification_new (_("Subscription Has Expired"),
+ _("Add or renew a subscription to continue receiving software updates."),
+ NULL);
+ notify_notification_set_app_name (priv->notification_expired, _("Subscription"));
+ notify_notification_set_hint_string (priv->notification_expired, "desktop-entry", "subman-panel");
+ notify_notification_set_hint_string (priv->notification_expired, "x-gnome-privacy-scope", "system");
+ notify_notification_set_urgency (priv->notification_expired, NOTIFY_URGENCY_CRITICAL);
+ notify_notification_add_action (priv->notification_expired,
+ "info-overview", _("Subscribe System…"),
+ _notify_clicked_cb,
+ manager, NULL);
+ g_signal_connect (priv->notification_expired, "closed",
+ G_CALLBACK (_notify_closed_cb), manager);
+
+ /* registered */
+ priv->notification_registered =
+ notify_notification_new (_("Registration Successful"),
+ _("The system has been registered and software updates have been enabled."),
+ NULL);
+ notify_notification_set_app_name (priv->notification_registered, _("Subscription"));
+ notify_notification_set_hint_string (priv->notification_registered, "desktop-entry", "subman-panel");
+ notify_notification_set_hint_string (priv->notification_registered, "x-gnome-privacy-scope", "system");
+ notify_notification_set_urgency (priv->notification_registered, NOTIFY_URGENCY_CRITICAL);
+ g_signal_connect (priv->notification_registered, "closed",
+ G_CALLBACK (_notify_closed_cb), manager);
+
+ /* registration required */
+ priv->notification_registration_required =
+ notify_notification_new (_("System Not Registered"),
+ _("Please register your system to receive software updates."),
+ NULL);
+ notify_notification_set_app_name (priv->notification_registration_required, _("Subscription"));
+ notify_notification_set_hint_string (priv->notification_registration_required, "desktop-entry", "subman-panel");
+ notify_notification_set_hint_string (priv->notification_registration_required, "x-gnome-privacy-scope", "system");
+ notify_notification_set_urgency (priv->notification_registration_required, NOTIFY_URGENCY_CRITICAL);
+ notify_notification_add_action (priv->notification_registration_required,
+ "info-overview", _("Register System…"),
+ _notify_clicked_cb,
+ manager, NULL);
+ g_signal_connect (priv->notification_registration_required, "closed",
+ G_CALLBACK (_notify_closed_cb), manager);
+}
+
+static void
+gsd_subscription_manager_finalize (GObject *object)
+{
+ GsdSubscriptionManager *manager;
+
+ g_return_if_fail (object != NULL);
+ g_return_if_fail (GSD_IS_SUBSCRIPTION_MANAGER (object));
+
+ manager = GSD_SUBSCRIPTION_MANAGER (object);
+
+ gsd_subscription_manager_stop (manager);
+
+ if (manager->priv->bus_cancellable != NULL) {
+ g_cancellable_cancel (manager->priv->bus_cancellable);
+ g_clear_object (&manager->priv->bus_cancellable);
+ }
+
+ g_clear_pointer (&manager->priv->introspection_data, g_dbus_node_info_unref);
+ g_clear_object (&manager->priv->connection);
+ g_clear_object (&manager->priv->notification_expired);
+ g_clear_object (&manager->priv->notification_registered);
+ g_timer_destroy (manager->priv->timer_last_notified);
+
+ if (manager->priv->name_id != 0) {
+ g_bus_unown_name (manager->priv->name_id);
+ manager->priv->name_id = 0;
+ }
+
+ G_OBJECT_CLASS (gsd_subscription_manager_parent_class)->finalize (object);
+}
+
+static void
+handle_method_call (GDBusConnection *connection,
+ const gchar *sender,
+ const gchar *object_path,
+ const gchar *interface_name,
+ const gchar *method_name,
+ GVariant *parameters,
+ GDBusMethodInvocation *invocation,
+ gpointer user_data)
+{
+ GsdSubscriptionManager *manager = GSD_SUBSCRIPTION_MANAGER (user_data);
+ g_autoptr(GError) error = NULL;
+
+ if (g_strcmp0 (method_name, "Register") == 0) {
+ const gchar *organisation = NULL;
+ const gchar *hostname = NULL;
+
+ if (FALSE) {
+ g_dbus_method_invocation_return_error_literal (invocation,
+ G_IO_ERROR, G_IO_ERROR_NOT_INITIALIZED,
+ "Cannot register at this time");
+
+ return;
+ }
+
+ g_autoptr(GVariantDict) dict = g_variant_dict_new (g_variant_get_child_value (parameters, 0));
+
+ const gchar *kind = NULL;
+ if (!g_variant_dict_lookup (dict, "kind", "&s", &kind)) {
+ g_dbus_method_invocation_return_error_literal (invocation,
+ G_IO_ERROR, G_IO_ERROR_FAILED,
+ "No kind specified");
+
+ return;
+ }
+ if (g_strcmp0 (kind, "username") == 0) {
+ const gchar *username = NULL;
+ const gchar *password = NULL;
+ g_variant_dict_lookup (dict, "hostname", "&s", &hostname);
+ g_variant_dict_lookup (dict, "organisation", "&s", &organisation);
+ g_variant_dict_lookup (dict, "username", "&s", &username);
+ g_variant_dict_lookup (dict, "password", "&s", &password);
+ if (!_client_register (manager,
+ hostname,
+ organisation,
+ username,
+ password,
+ &error)) {
+ g_dbus_method_invocation_return_gerror (invocation, error);
+ return;
+ }
+ } else if (g_strcmp0 (kind, "key") == 0) {
+ const gchar *activation_key = NULL;
+ g_variant_dict_lookup (dict, "hostname", "&s", &hostname);
+ g_variant_dict_lookup (dict, "organisation", "&s", &organisation);
+ g_variant_dict_lookup (dict, "activation-key", "&s", &activation_key);
+ if (!_client_register_with_keys (manager,
+ hostname,
+ organisation,
+ activation_key,
+ &error)) {
+ g_dbus_method_invocation_return_gerror (invocation, error);
+ return;
+ }
+ } else {
+ g_dbus_method_invocation_return_error_literal (invocation,
+ G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Invalid kind specified");
+
+ return;
+ }
+ g_dbus_method_invocation_return_value (invocation, NULL);
+ } else if (g_strcmp0 (method_name, "Unregister") == 0) {
+ if (!_client_unregister (manager, &error)) {
+ g_dbus_method_invocation_return_gerror (invocation, error);
+ return;
+ }
+ g_dbus_method_invocation_return_value (invocation, NULL);
+ } else {
+ g_assert_not_reached ();
+ }
+}
+
+static GVariant *
+handle_get_property (GDBusConnection *connection,
+ const gchar *sender,
+ const gchar *object_path,
+ const gchar *interface_name,
+ const gchar *property_name,
+ GError **error, gpointer user_data)
+{
+ GsdSubscriptionManager *manager = GSD_SUBSCRIPTION_MANAGER (user_data);
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+
+ if (g_strcmp0 (interface_name, GSD_SUBSCRIPTION_DBUS_INTERFACE) != 0) {
+ g_set_error (error, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
+ "No such interface: %s", interface_name);
+ return NULL;
+ }
+
+ if (g_strcmp0 (property_name, "SubscriptionStatus") == 0)
+ return g_variant_new_uint32 (priv->subscription_status);
+
+ g_set_error (error, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
+ "Failed to get property: %s", property_name);
+ return NULL;
+}
+
+static gboolean
+handle_set_property (GDBusConnection *connection,
+ const gchar *sender,
+ const gchar *object_path,
+ const gchar *interface_name,
+ const gchar *property_name,
+ GVariant *value,
+ GError **error, gpointer user_data)
+{
+ if (g_strcmp0 (interface_name, GSD_SUBSCRIPTION_DBUS_INTERFACE) != 0) {
+ g_set_error (error, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
+ "No such interface: %s", interface_name);
+ return FALSE;
+ }
+ g_set_error (error, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
+ "No such property: %s", property_name);
+ return FALSE;
+}
+
+static const GDBusInterfaceVTable interface_vtable =
+{
+ handle_method_call,
+ handle_get_property,
+ handle_set_property
+};
+
+static void
+name_lost_handler_cb (GDBusConnection *connection, const gchar *name, gpointer user_data)
+{
+ g_debug ("lost name, so exiting");
+ gtk_main_quit ();
+}
+
+static void
+on_bus_gotten (GObject *source_object, GAsyncResult *res, GsdSubscriptionManager *manager)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+ GDBusConnection *connection;
+ g_autoptr(GError) error = NULL;
+
+ connection = g_bus_get_finish (res, &error);
+ if (connection == NULL) {
+ if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
+ g_warning ("Could not get session bus: %s", error->message);
+ return;
+ }
+
+ priv->connection = connection;
+ g_dbus_connection_register_object (connection,
+ GSD_SUBSCRIPTION_DBUS_PATH,
+ priv->introspection_data->interfaces[0],
+ &interface_vtable,
+ manager,
+ NULL,
+ NULL);
+ priv->name_id = g_bus_own_name_on_connection (connection,
+ GSD_SUBSCRIPTION_DBUS_NAME,
+ G_BUS_NAME_OWNER_FLAGS_NONE,
+ NULL,
+ name_lost_handler_cb,
+ manager,
+ NULL);
+}
+
+static void
+register_manager_dbus (GsdSubscriptionManager *manager)
+{
+ GsdSubscriptionManagerPrivate *priv = manager->priv;
+
+ priv->introspection_data = g_dbus_node_info_new_for_xml (introspection_xml, NULL);
+ g_assert (priv->introspection_data != NULL);
+ priv->bus_cancellable = g_cancellable_new ();
+
+ g_bus_get (G_BUS_TYPE_SESSION, priv->bus_cancellable,
+ (GAsyncReadyCallback) on_bus_gotten, manager);
+}
+
+GsdSubscriptionManager *
+gsd_subscription_manager_new (void)
+{
+ if (manager_object != NULL) {
+ g_object_ref (manager_object);
+ } else {
+ manager_object = g_object_new (GSD_TYPE_SUBSCRIPTION_MANAGER, NULL);
+ g_object_add_weak_pointer (manager_object,
+ (gpointer *) &manager_object);
+ register_manager_dbus (manager_object);
+ }
+
+ return GSD_SUBSCRIPTION_MANAGER (manager_object);
+}
diff --git a/plugins/subman/gsd-subscription-manager.h b/plugins/subman/gsd-subscription-manager.h
new file mode 100644
index 00000000..6a524b1b
--- /dev/null
+++ b/plugins/subman/gsd-subscription-manager.h
@@ -0,0 +1,63 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2019 Richard Hughes <richard@hughsie.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef __GSD_SUBSCRIPTION_MANAGER_H
+#define __GSD_SUBSCRIPTION_MANAGER_H
+
+#include <glib-object.h>
+
+G_BEGIN_DECLS
+
+#define GSD_TYPE_SUBSCRIPTION_MANAGER (gsd_subscription_manager_get_type ())
+#define GSD_SUBSCRIPTION_MANAGER(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), GSD_TYPE_SUBSCRIPTION_MANAGER, GsdSubscriptionManager))
+#define GSD_SUBSCRIPTION_MANAGER_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), GSD_TYPE_SUBSCRIPTION_MANAGER, GsdSubscriptionManagerClass))
+#define GSD_IS_SUBSCRIPTION_MANAGER(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), GSD_TYPE_SUBSCRIPTION_MANAGER))
+#define GSD_IS_SUBSCRIPTION_MANAGER_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), GSD_TYPE_SUBSCRIPTION_MANAGER))
+#define GSD_SUBSCRIPTION_MANAGER_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), GSD_TYPE_SUBSCRIPTION_MANAGER, GsdSubscriptionManagerClass))
+#define GSD_SUBSCRIPTION_MANAGER_ERROR (gsd_subscription_manager_error_quark ())
+
+typedef struct GsdSubscriptionManagerPrivate GsdSubscriptionManagerPrivate;
+
+typedef struct
+{
+ GObject parent;
+ GsdSubscriptionManagerPrivate *priv;
+} GsdSubscriptionManager;
+
+typedef struct
+{
+ GObjectClass parent_class;
+} GsdSubscriptionManagerClass;
+
+enum
+{
+ GSD_SUBSCRIPTION_MANAGER_ERROR_FAILED
+};
+
+GType gsd_subscription_manager_get_type (void);
+GQuark gsd_subscription_manager_error_quark (void);
+
+GsdSubscriptionManager *gsd_subscription_manager_new (void);
+gboolean gsd_subscription_manager_start (GsdSubscriptionManager *manager,
+ GError **error);
+void gsd_subscription_manager_stop (GsdSubscriptionManager *manager);
+
+G_END_DECLS
+
+#endif /* __GSD_SUBSCRIPTION_MANAGER_H */
diff --git a/plugins/subman/main.c b/plugins/subman/main.c
new file mode 100644
index 00000000..28ac995b
--- /dev/null
+++ b/plugins/subman/main.c
@@ -0,0 +1,8 @@
+#define NEW gsd_subscription_manager_new
+#define START gsd_subscription_manager_start
+#define STOP gsd_subscription_manager_stop
+#define MANAGER GsdSubscriptionManager
+#define GDK_BACKEND "x11"
+#include "gsd-subscription-manager.h"
+
+#include "daemon-skeleton-gtk.h"
diff --git a/plugins/subman/meson.build b/plugins/subman/meson.build
new file mode 100644
index 00000000..bfd073b6
--- /dev/null
+++ b/plugins/subman/meson.build
@@ -0,0 +1,56 @@
+sources = files(
+ 'gsd-subscription-manager.c',
+ 'gsd-subman-common.c',
+ 'main.c'
+)
+
+deps = plugins_deps + [
+ libnotify_dep,
+ gtk_dep,
+ jsonglib_dep,
+ m_dep,
+]
+
+cflags += ['-DBINDIR="@0@"'.format(gsd_bindir)]
+cflags += ['-DLIBEXECDIR="@0@"'.format(gsd_libexecdir)]
+
+executable(
+ 'gsd-' + plugin_name,
+ sources,
+ include_directories: [top_inc, common_inc],
+ dependencies: deps,
+ c_args: cflags,
+ install: true,
+ install_rpath: gsd_pkglibdir,
+ install_dir: gsd_libexecdir
+)
+
+# .Register needs to be called from root as subman can't do PolicyKit...
+policy = 'org.gnome.settings-daemon.plugins.subman.policy'
+policy_in = configure_file(
+ input: policy + '.in.in',
+ output: policy + '.in',
+ configuration: plugins_conf
+)
+
+i18n.merge_file(
+ policy,
+ input: policy_in,
+ output: policy,
+ po_dir: po_dir,
+ install: true,
+ install_dir: join_paths(gsd_datadir, 'polkit-1', 'actions')
+)
+
+install_data('org.gnome.settings-daemon.plugins.subman.rules',
+ install_dir : join_paths(gsd_datadir, 'polkit-1', 'rules.d'))
+
+executable(
+ 'gsd-subman-helper',
+ 'gsd-subman-helper.c',
+ include_directories: top_inc,
+ dependencies: [gio_dep, jsonglib_dep],
+ install: true,
+ install_rpath: gsd_pkglibdir,
+ install_dir: gsd_libexecdir
+)
diff --git a/plugins/subman/org.gnome.SettingsDaemon.Subscription.desktop.in b/plugins/subman/org.gnome.SettingsDaemon.Subscription.desktop.in
new file mode 100644
index 00000000..14fe5915
--- /dev/null
+++ b/plugins/subman/org.gnome.SettingsDaemon.Subscription.desktop.in
@@ -0,0 +1,9 @@
+[Desktop Entry]
+Type=Application
+Name=GNOME Settings Daemon's subscription manager plugin
+Exec=@libexecdir@/gsd-subman
+OnlyShowIn=GNOME;
+NoDisplay=true
+X-GNOME-Autostart-Phase=Initialization
+X-GNOME-Autostart-Notify=true
+X-GNOME-AutoRestart=true
diff --git a/plugins/subman/org.gnome.settings-daemon.plugins.subman.policy.in.in b/plugins/subman/org.gnome.settings-daemon.plugins.subman.policy.in.in
new file mode 100644
index 00000000..59e9fdd4
--- /dev/null
+++ b/plugins/subman/org.gnome.settings-daemon.plugins.subman.policy.in.in
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
+<policyconfig>
+
+ <!--
+ Policy definitions for gnome-settings-daemon system-wide actions.
+ Copyright (c) 2019 Richard Hughes <richard@hughsie.com>
+ -->
+
+ <vendor>GNOME Settings Daemon</vendor>
+ <vendor_url>http://git.gnome.org/browse/gnome-settings-daemon</vendor_url>
+ <icon_name>emblem-synchronizing</icon_name>
+
+ <action id="org.gnome.settings-daemon.plugins.subman.register">
+ <description>Register the system</description>
+ <message>Authentication is required to register the system</message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">@libexecdir@/gsd-subman-helper</annotate>
+ </action>
+
+</policyconfig>
diff --git a/plugins/subman/org.gnome.settings-daemon.plugins.subman.rules b/plugins/subman/org.gnome.settings-daemon.plugins.subman.rules
new file mode 100644
index 00000000..1ed3a0ea
--- /dev/null
+++ b/plugins/subman/org.gnome.settings-daemon.plugins.subman.rules
@@ -0,0 +1,7 @@
+polkit.addRule(function(action, subject) {
+ if (action.id == "org.gnome.settings-daemon.plugins.subman.register" &&
+ subject.active == true && subject.local == true &&
+ subject.isInGroup("wheel")) {
+ return polkit.Result.YES;
+ }
+});
--
2.30.0
Reference in New Issue View Git Blame Copy Permalink