diff -up gnome-system-monitor-2.28.2/configure.in.polkit gnome-system-monitor-2.28.2/configure.in --- gnome-system-monitor-2.28.2/configure.in.polkit 2010-09-27 19:13:17.000000000 -0400 +++ gnome-system-monitor-2.28.2/configure.in 2010-09-30 13:05:41.132603002 -0400 @@ -35,10 +35,35 @@ GIOMM_REQUIRED=2.16.0 GLIBMM_REQUIRED=2.14 LIBXML_REQUIRED=2.0 RSVG_REQUIRED=2.12 -DBUS_REQUIRED=0.7 +POLKIT_REQUIRED=0.92 +DBUS_GLIB_REQUIRED=0.71 +DBUS_REQUIRED=1.1.2 -PKG_CHECK_MODULES(PROCMAN, glib-2.0 >= $GLIB_REQUIRED gconf-2.0 >= $GCONF_REQUIRED libgtop-2.0 >= $LIBGTOP_REQUIRED libwnck-1.0 >= $LIBWNCK_REQUIRED gtk+-2.0 >= $GTK_REQUIRED gnome-icon-theme >= $GNOME_ICON_THEME_REQUIRED gtkmm-2.4 >= $GTKMM_REQUIRED libxml-2.0 >= $LIBXML_REQUIRED librsvg-2.0 >= $RSVG_REQUIRED glibmm-2.4 >= $GLIBMM_REQUIRED giomm-2.4 >= $GIOMM_REQUIRED dbus-glib-1 >= $DBUS_REQUIRED) +PKG_CHECK_MODULES(PROCMAN, glib-2.0 >= $GLIB_REQUIRED gconf-2.0 >= $GCONF_REQUIRED libgtop-2.0 >= $LIBGTOP_REQUIRED libwnck-1.0 >= $LIBWNCK_REQUIRED gtk+-2.0 >= $GTK_REQUIRED gnome-icon-theme >= $GNOME_ICON_THEME_REQUIRED gtkmm-2.4 >= $GTKMM_REQUIRED libxml-2.0 >= $LIBXML_REQUIRED librsvg-2.0 >= $RSVG_REQUIRED glibmm-2.4 >= $GLIBMM_REQUIRED giomm-2.4 >= $GIOMM_REQUIRED dbus-glib-1 >= $DBUS_GLIB_REQUIRED) + +# PolicyKit detection; defaults to 'auto' (use it if it's available) +# +POLKIT_CFLAGS= +POLKIT_LIBS= +AC_ARG_ENABLE(polkit, AS_HELP_STRING([--enable-polkit],[Enable PolicyKit support (auto)]),enable_polkit=$enableval,enable_polkit=auto) +if test "x$enable_polkit" = "xno" ; then + HAVE_POLKIT=no +else + HAVE_POLKIT=no + PKG_CHECK_MODULES(POLKIT, polkit-gobject-1 >= $POLKIT_REQUIRED dbus-1 >= $DBUS_REQUIRED dbus-glib-1 >= $DBUS_GLIB_REQUIRED gobject-2.0, HAVE_POLKIT=yes, HAVE_POLKIT=no) + + if test "x$enable_polkit" = "xyes" -a "x$HAVE_POLKIT" = "xno" ; then + AC_MSG_ERROR(PolicyKit support explicity enabled but not available) + fi + + if test "x$HAVE_POLKIT" = "xyes" ; then + AC_DEFINE(HAVE_POLKIT, 1, [Defined if PolicyKit support is enabled]) + fi +fi +AM_CONDITIONAL(HAVE_POLKIT, test "x$HAVE_POLKIT" = "xyes") +AC_SUBST(POLKIT_CFLAGS) +AC_SUBST(POLKIT_LIBS) AC_ARG_ENABLE(more-warnings, [AC_HELP_STRING([--enable-more-warnings], [Maximum compiler warnings])], @@ -98,6 +123,7 @@ Configuration: C++ Compiler: ${CXX} CFLAGS: ${CFLAGS} CXXFLAGS: ${CXXFLAGS} + PolicyKit support: ${HAVE_POLKIT} Maintainer mode: ${USER_MAINTAINER_MODE} Languages: ${ALL_LINGUAS} " diff -up gnome-system-monitor-2.28.2/po/POTFILES.in.polkit gnome-system-monitor-2.28.2/po/POTFILES.in --- gnome-system-monitor-2.28.2/po/POTFILES.in.polkit 2010-02-09 08:23:26.000000000 -0500 +++ gnome-system-monitor-2.28.2/po/POTFILES.in 2010-09-30 13:05:41.132603002 -0400 @@ -8,6 +8,7 @@ src/callbacks.cpp src/defaulttable.h src/disks.cpp src/e_date.c +src/gnome-system-monitor.policy.in src/gnome-system-monitor.schemas.in src/gsm_color_button.c src/interface.cpp diff -up gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.c.polkit gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.c --- gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.c.polkit 2010-09-30 13:05:41.148603002 -0400 +++ gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.c 2010-09-30 13:05:41.148603002 -0400 @@ -0,0 +1,592 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- + * + * Copyright (C) 2007 David Zeuthen + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +static gboolean no_exit = FALSE; + +/*--------------------------------------------------------------------------------------------------------------*/ + +#define GNOME_SYSTEM_MONITOR_TYPE_MECHANISM (gnome_system_monitor_mechanism_get_type ()) +#define GNOME_SYSTEM_MONITOR_MECHANISM(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), GNOME_SYSTEM_MONITOR_TYPE_MECHANISM, GnomeSystemMonitorMechanism)) +#define GNOME_SYSTEM_MONITOR_MECHANISM_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), GNOME_SYSTEM_MONITOR_TYPE_MECHANISM, GnomeSystemMonitorMechanismClass)) +#define GNOME_SYSTEM_MONITOR_IS_MECHANISM(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), GNOME_SYSTEM_MONITOR_TYPE_MECHANISM)) +#define GNOME_SYSTEM_MONITOR_IS_MECHANISM_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), GNOME_SYSTEM_MONITOR_TYPE_MECHANISM)) +#define GNOME_SYSTEM_MONITOR_MECHANISM_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), GNOME_SYSTEM_MONITOR_TYPE_MECHANISM, GnomeSystemMonitorMechanismClass)) + +typedef struct GnomeSystemMonitorMechanismPrivate GnomeSystemMonitorMechanismPrivate; + +typedef struct +{ + GObject parent; + GnomeSystemMonitorMechanismPrivate *priv; +} GnomeSystemMonitorMechanism; + +typedef struct +{ + GObjectClass parent_class; +} GnomeSystemMonitorMechanismClass; + +typedef enum +{ + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_GENERAL, + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_NOT_PRIVILEGED, + GNOME_SYSTEM_MONITOR_MECHANISM_NUM_ERRORS +} GnomeSystemMonitorMechanismError; + +#define GNOME_SYSTEM_MONITOR_MECHANISM_ERROR gnome_system_monitor_mechanism_error_quark () + +GType gnome_system_monitor_mechanism_error_get_type (void); +#define GNOME_SYSTEM_MONITOR_MECHANISM_TYPE_ERROR (gnome_system_monitor_mechanism_error_get_type ()) + + +GQuark gnome_system_monitor_mechanism_error_quark (void); +GType gnome_system_monitor_mechanism_get_type (void); +GnomeSystemMonitorMechanism *gnome_system_monitor_mechanism_new (void); + +/* exported methods */ +gboolean gnome_system_monitor_mechanism_kill (GnomeSystemMonitorMechanism *mechanism, + int pid, + int sig, + DBusGMethodInvocation *context); + +gboolean gnome_system_monitor_mechanism_renice (GnomeSystemMonitorMechanism *mechanism, + int pid, + int nice_value, + DBusGMethodInvocation *context); + +/*--------------------------------------------------------------------------------------------------------------*/ +#include "gnome-system-monitor-mechanism-glue.h" + +static gboolean +do_exit (gpointer user_data) +{ + g_debug ("Exiting due to inactivity"); + exit (1); + return FALSE; +} + +static void +reset_killtimer (void) +{ + static guint timer_id = 0; + + if (no_exit) + return; + + if (timer_id > 0) { + g_source_remove (timer_id); + } + g_debug ("Setting killtimer to 30 seconds..."); + timer_id = g_timeout_add (30 * 1000, do_exit, NULL); +} + +struct GnomeSystemMonitorMechanismPrivate +{ + DBusGConnection *system_bus_connection; + DBusGProxy *system_bus_proxy; + PolkitAuthority *pol_ctx; +}; + +static void gnome_system_monitor_mechanism_class_init (GnomeSystemMonitorMechanismClass *klass); +static void gnome_system_monitor_mechanism_init (GnomeSystemMonitorMechanism *seat); +static void gnome_system_monitor_mechanism_finalize (GObject *object); + +G_DEFINE_TYPE (GnomeSystemMonitorMechanism, gnome_system_monitor_mechanism, G_TYPE_OBJECT) + +#define GNOME_SYSTEM_MONITOR_MECHANISM_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), GNOME_SYSTEM_MONITOR_TYPE_MECHANISM, GnomeSystemMonitorMechanismPrivate)) + +GQuark +gnome_system_monitor_mechanism_error_quark (void) +{ + static GQuark ret = 0; + + if (ret == 0) { + ret = g_quark_from_static_string ("gnome_system_monitor_mechanism_error"); + } + + return ret; +} + + +#define ENUM_ENTRY(NAME, DESC) { NAME, "" #NAME "", DESC } + +GType +gnome_system_monitor_mechanism_error_get_type (void) +{ + static GType etype = 0; + + if (etype == 0) + { + static const GEnumValue values[] = + { + ENUM_ENTRY (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_GENERAL, "GeneralError"), + ENUM_ENTRY (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_NOT_PRIVILEGED, "NotPrivileged"), + { 0, 0, 0 } + }; + + g_assert (GNOME_SYSTEM_MONITOR_MECHANISM_NUM_ERRORS == G_N_ELEMENTS (values) - 1); + + etype = g_enum_register_static ("GnomeSystemMonitorMechanismError", values); + } + + return etype; +} + + +static GObject * +gnome_system_monitor_mechanism_constructor (GType type, + guint n_construct_properties, + GObjectConstructParam *construct_properties) +{ + GnomeSystemMonitorMechanism *mechanism; + GnomeSystemMonitorMechanismClass *klass; + + klass = GNOME_SYSTEM_MONITOR_MECHANISM_CLASS (g_type_class_peek (GNOME_SYSTEM_MONITOR_TYPE_MECHANISM)); + + mechanism = GNOME_SYSTEM_MONITOR_MECHANISM ( + G_OBJECT_CLASS (gnome_system_monitor_mechanism_parent_class)->constructor (type, + n_construct_properties, + construct_properties)); + + return G_OBJECT (mechanism); +} + +static void +gnome_system_monitor_mechanism_class_init (GnomeSystemMonitorMechanismClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS (klass); + + object_class->constructor = gnome_system_monitor_mechanism_constructor; + object_class->finalize = gnome_system_monitor_mechanism_finalize; + + g_type_class_add_private (klass, sizeof (GnomeSystemMonitorMechanismPrivate)); + + dbus_g_object_type_install_info (GNOME_SYSTEM_MONITOR_TYPE_MECHANISM, &dbus_glib_gnome_system_monitor_mechanism_object_info); + + dbus_g_error_domain_register (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR, NULL, GNOME_SYSTEM_MONITOR_MECHANISM_TYPE_ERROR); + +} + +static void +gnome_system_monitor_mechanism_init (GnomeSystemMonitorMechanism *mechanism) +{ + mechanism->priv = GNOME_SYSTEM_MONITOR_MECHANISM_GET_PRIVATE (mechanism); + +} + +static void +gnome_system_monitor_mechanism_finalize (GObject *object) +{ + GnomeSystemMonitorMechanism *mechanism; + + g_return_if_fail (object != NULL); + g_return_if_fail (GNOME_SYSTEM_MONITOR_IS_MECHANISM (object)); + + mechanism = GNOME_SYSTEM_MONITOR_MECHANISM (object); + + g_return_if_fail (mechanism->priv != NULL); + + g_object_unref (mechanism->priv->system_bus_proxy); + + G_OBJECT_CLASS (gnome_system_monitor_mechanism_parent_class)->finalize (object); +} + +static gboolean +register_mechanism (GnomeSystemMonitorMechanism *mechanism) +{ + GError *error = NULL; + + mechanism->priv->pol_ctx = polkit_authority_get (); + + error = NULL; + mechanism->priv->system_bus_connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error); + if (mechanism->priv->system_bus_connection == NULL) { + if (error != NULL) { + g_critical ("error getting system bus: %s", error->message); + g_error_free (error); + } + goto error; + } + + dbus_g_connection_register_g_object (mechanism->priv->system_bus_connection, "/", + G_OBJECT (mechanism)); + + mechanism->priv->system_bus_proxy = dbus_g_proxy_new_for_name (mechanism->priv->system_bus_connection, + DBUS_SERVICE_DBUS, + DBUS_PATH_DBUS, + DBUS_INTERFACE_DBUS); + + reset_killtimer (); + + return TRUE; + +error: + return FALSE; +} + + +GnomeSystemMonitorMechanism * +gnome_system_monitor_mechanism_new (void) +{ + GObject *object; + gboolean res; + + object = g_object_new (GNOME_SYSTEM_MONITOR_TYPE_MECHANISM, NULL); + + res = register_mechanism (GNOME_SYSTEM_MONITOR_MECHANISM (object)); + if (! res) { + g_object_unref (object); + return NULL; + } + + return GNOME_SYSTEM_MONITOR_MECHANISM (object); +} + +static PolkitSubject * +get_caller_from_context (GnomeSystemMonitorMechanism *mechanism, DBusGMethodInvocation *context) +{ + char *sender; + PolkitSubject *pk_caller; + + sender = dbus_g_method_get_sender (context); + pk_caller = polkit_system_bus_name_new (sender); + g_free (sender); + + return pk_caller; +} + +/* note, we take ownership of the passed PolkitSubject object */ +static gboolean +_check_polkit_for_action_for_caller (GnomeSystemMonitorMechanism *mechanism, + DBusGMethodInvocation *context, + PolkitSubject *subject, + const char *action) +{ + GError *error; + PolkitAuthorizationResult *result; + + error = NULL; + + result = polkit_authority_check_authorization_sync (mechanism->priv->pol_ctx, + subject, + action, + NULL, + POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, + NULL, NULL); + g_object_unref (subject); + + if (!polkit_authorization_result_get_is_authorized (result)) { + error = g_error_new (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR, + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_NOT_PRIVILEGED, + "%s", + action); + dbus_g_method_return_error (context, error); + g_error_free (error); + g_object_unref (result); + return FALSE; + } + + g_object_unref (result); + return TRUE; +} + +static gboolean +_check_polkit_for_action (GnomeSystemMonitorMechanism *mechanism, + DBusGMethodInvocation *context, + const char *action) +{ + PolkitSubject *subject; + + /* Check that caller is privileged */ + if ((subject = get_caller_from_context (mechanism, context)) == NULL) + return FALSE; + + return _check_polkit_for_action_for_caller (mechanism, context, subject, action); +} + +/*--------------------------------------------------------------------------------------------------------------*/ +/* exported methods */ + +gboolean +gnome_system_monitor_mechanism_kill (GnomeSystemMonitorMechanism *mechanism, + int pid, + int sig, + DBusGMethodInvocation *context) +{ + reset_killtimer (); + + if (!_check_polkit_for_action (mechanism, context, "org.gnome.system-monitor.kill")) + return FALSE; + + g_debug ("Sending signal %d to pid %d", sig, pid); + + if (kill (pid, sig) != 0) { + GError *error; + error = g_error_new (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR, + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_GENERAL, + "Error sending signal %d to pid %d: %m", sig, pid); + g_warning ("Error: %s", error->message); + dbus_g_method_return_error (context, error); + g_error_free (error); + return FALSE; + } + + dbus_g_method_return (context); + return TRUE; +} + +static gboolean +get_uid_from_context (GnomeSystemMonitorMechanism *mechanism, + DBusGMethodInvocation *context, + uid_t *uid) +{ + char *sender; + DBusConnection *con; + + con = dbus_g_connection_get_connection (dbus_g_bus_get (DBUS_BUS_SYSTEM, NULL)); + if (con == NULL) + return FALSE; + + sender = dbus_g_method_get_sender (context); + *uid = dbus_bus_get_unix_user (con, sender, NULL); + g_free (sender); + + if (*uid == (unsigned)-1) + return FALSE; + + return TRUE; +} + +gboolean +gnome_system_monitor_mechanism_renice (GnomeSystemMonitorMechanism *mechanism, + int pid, + int nice_value, + DBusGMethodInvocation *context) +{ + uid_t caller_uid; + uid_t process_uid; + PolkitSubject *subject; + char *procpath; + struct stat statbuf; + const char *action_id; + + reset_killtimer (); + + /* Hmm; is there a better way to do this? This may be Linux specific.. */ + procpath = g_strdup_printf ("/proc/%d", pid); + if (stat (procpath, &statbuf) != 0) { + GError *error; + error = g_error_new (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR, + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_GENERAL, + "Error figuring out uid for pid %d", pid); + g_warning ("Error: %s", error->message); + dbus_g_method_return_error (context, error); + g_error_free (error); + g_free (procpath); + return FALSE; + } + g_free (procpath); + process_uid = statbuf.st_uid; + + subject = get_caller_from_context (mechanism, context); + if (subject == NULL) + return FALSE; + + if (!get_uid_from_context (mechanism, context, &caller_uid)) { + GError *error; + error = g_error_new (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR, + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_GENERAL, + "Error figuring out uid of caller"); + g_warning ("Error: %s", error->message); + dbus_g_method_return_error (context, error); + g_error_free (error); + g_object_unref (subject); + return FALSE; + } + + if (caller_uid == process_uid) { + action_id = "org.gnome.system-monitor.increase-own-priority"; + } else { + action_id = "org.gnome.system-monitor.change-priority"; + } + + if (!_check_polkit_for_action_for_caller (mechanism, context, subject, action_id)) { + return FALSE; + } + + g_debug ("Renicing pid %d (owned by uid %d) to priority %d on behalf of uid %d (action_id=%s)", + pid, process_uid, nice_value, caller_uid, action_id); + + errno = 0; + if (setpriority (PRIO_PROCESS, pid, nice_value) != 0) { + GError *error; + error = g_error_new (GNOME_SYSTEM_MONITOR_MECHANISM_ERROR, + GNOME_SYSTEM_MONITOR_MECHANISM_ERROR_GENERAL, + "Error renicing pid %d to priority %d: %m", pid, nice_value); + g_warning ("Error: %s", error->message); + dbus_g_method_return_error (context, error); + g_error_free (error); + return FALSE; + } + + dbus_g_method_return (context); + return TRUE; +} + +/*--------------------------------------------------------------------------------------------------------------*/ + +#define BUS_NAME "org.gnome.SystemMonitor.Mechanism" + +static gboolean +acquire_name_on_proxy (DBusGProxy *bus_proxy) +{ + GError *error; + guint result; + gboolean res; + gboolean ret; + + ret = FALSE; + + if (bus_proxy == NULL) { + goto out; + } + + error = NULL; + res = dbus_g_proxy_call (bus_proxy, + "RequestName", + &error, + G_TYPE_STRING, BUS_NAME, + G_TYPE_UINT, 0, + G_TYPE_INVALID, + G_TYPE_UINT, &result, + G_TYPE_INVALID); + if (! res) { + if (error != NULL) { + g_warning ("Failed to acquire %s: %s", BUS_NAME, error->message); + g_error_free (error); + } else { + g_warning ("Failed to acquire %s", BUS_NAME); + } + goto out; + } + + if (result != DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER) { + if (error != NULL) { + g_warning ("Failed to acquire %s: %s", BUS_NAME, error->message); + g_error_free (error); + } else { + g_warning ("Failed to acquire %s", BUS_NAME); + } + goto out; + } + + ret = TRUE; + + out: + return ret; +} + +int +main (int argc, char **argv) +{ + GMainLoop *loop; + GnomeSystemMonitorMechanism *mechanism; + DBusGProxy *bus_proxy; + DBusGConnection *connection; + int ret; + GError *error; + GOptionContext *context; + static GOptionEntry entries [] = { + { "no-exit", 0, 0, G_OPTION_ARG_NONE, &no_exit, N_("Don't exit after 30 seconds of inactivity"), NULL }, + { NULL } + }; + + ret = 1; + + g_type_init (); + + context = g_option_context_new (_("PolicyKit GNOME session daemon")); + g_option_context_add_main_entries (context, entries, NULL); + g_option_context_parse (context, &argc, &argv, NULL); + g_option_context_free (context); + + + error = NULL; + connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error); + if (connection == NULL) { + g_warning ("Couldn't connect to system bus: %s", error->message); + g_error_free (error); + goto out; + } + + bus_proxy = dbus_g_proxy_new_for_name (connection, + DBUS_SERVICE_DBUS, + DBUS_PATH_DBUS, + DBUS_INTERFACE_DBUS); + if (bus_proxy == NULL) { + g_warning ("Could not construct bus_proxy object; bailing out"); + goto out; + } + + if (!acquire_name_on_proxy (bus_proxy) ) { + g_warning ("Could not acquire name; bailing out"); + goto out; + } + + mechanism = gnome_system_monitor_mechanism_new (); + + if (mechanism == NULL) { + goto out; + } + + loop = g_main_loop_new (NULL, FALSE); + + g_main_loop_run (loop); + + g_object_unref (mechanism); + g_main_loop_unref (loop); + ret = 0; + +out: + return ret; +} diff -up gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.xml.polkit gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.xml --- gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.xml.polkit 2010-09-30 13:05:41.149603002 -0400 +++ gnome-system-monitor-2.28.2/src/gnome-system-monitor-mechanism.xml 2010-09-30 13:05:41.149603002 -0400 @@ -0,0 +1,15 @@ + + + + + + + + + + + + + + + diff -up gnome-system-monitor-2.28.2/src/interface.cpp.polkit gnome-system-monitor-2.28.2/src/interface.cpp --- gnome-system-monitor-2.28.2/src/interface.cpp.polkit 2010-02-09 08:23:26.000000000 -0500 +++ gnome-system-monitor-2.28.2/src/interface.cpp 2010-09-30 13:05:41.151603002 -0400 @@ -30,6 +30,10 @@ #include #include +#ifdef HAVE_POLKIT +# include +#endif + #include "procman.h" #include "callbacks.h" #include "interface.h" @@ -58,6 +62,7 @@ static const GtkActionEntry menu_entries N_("Quit the program"), G_CALLBACK (cb_app_exit) }, +#ifndef HAVE_POLKIT { "StopProcess", NULL, N_("_Stop Process"), "S", N_("Stop process"), G_CALLBACK(cb_kill_sigstop) }, { "ContProcess", NULL, N_("_Continue Process"), "C", @@ -67,6 +72,7 @@ static const GtkActionEntry menu_entries N_("Force process to finish normally"), G_CALLBACK (cb_end_process) }, { "KillProcess", NULL, N_("_Kill Process"), "K", N_("Force process to finish immediately"), G_CALLBACK (cb_kill_process) }, +#endif { "ChangePriority", NULL, N_("_Change Priority..."), "N", N_("Change the order of priority of process"), G_CALLBACK (cb_renice) }, { "Preferences", GTK_STOCK_PREFERENCES, NULL, NULL, @@ -186,10 +192,16 @@ create_proc_view (ProcData *procdata) hbox2 = gtk_hbox_new (FALSE, 0); gtk_box_pack_start (GTK_BOX (vbox1), hbox2, FALSE, FALSE, 0); +#ifdef HAVE_POLKIT + procdata->endprocessbutton = gtk_button_new (); + gtk_activatable_set_related_action (GTK_ACTIVATABLE (procdata->endprocessbutton), + procdata->sigterm_action); +#else procdata->endprocessbutton = gtk_button_new_with_mnemonic (_("End _Process")); - gtk_box_pack_end (GTK_BOX (hbox2), procdata->endprocessbutton, FALSE, FALSE, 0); g_signal_connect (G_OBJECT (procdata->endprocessbutton), "clicked", G_CALLBACK (cb_end_process_button_pressed), procdata); +#endif + gtk_box_pack_end (GTK_BOX (hbox2), procdata->endprocessbutton, FALSE, FALSE, 0); /* create popup_menu */ @@ -670,6 +682,41 @@ create_main_window (ProcData *procdata) G_CALLBACK(cb_radio_processes), procdata); +#ifdef HAVE_POLKIT + procdata->sigstop_action = gtk_action_new ("StopProcess", + _("_Stop Process"), + _("Stop process"), + NULL); + g_signal_connect (procdata->sigstop_action, "activate", G_CALLBACK (cb_kill_sigstop), procdata); + gtk_action_group_add_action_with_accel (procdata->action_group, + GTK_ACTION (procdata->sigstop_action), + "S"); + + procdata->sigcont_action = gtk_action_new ("ContProcess", + _("_Continue Process"), + _("Continue process"), + NULL); + g_signal_connect (procdata->sigcont_action, "activate", G_CALLBACK (cb_kill_sigcont), procdata); + gtk_action_group_add_action_with_accel (procdata->action_group, GTK_ACTION (procdata->sigcont_action), + "C"); + + procdata->sigterm_action = gtk_action_new ("EndProcess", + _("End _Process"), + _("Force process to finish normally"), + NULL); + g_signal_connect (procdata->sigterm_action, "activate", G_CALLBACK (cb_end_process), procdata); + gtk_action_group_add_action_with_accel (procdata->action_group, GTK_ACTION (procdata->sigterm_action), + "E"); + + procdata->sigkill_action = gtk_action_new ("KillProcess", + _("_Kill Process"), + _("Force process to finish immediately"), + NULL); + g_signal_connect (procdata->sigkill_action, "activate", G_CALLBACK (cb_kill_process), procdata); + gtk_action_group_add_action_with_accel (procdata->action_group, GTK_ACTION (procdata->sigkill_action), + "K"); +#endif + gtk_ui_manager_insert_action_group (procdata->uimanager, procdata->action_group, 0); @@ -677,7 +724,6 @@ create_main_window (ProcData *procdata) menubar = gtk_ui_manager_get_widget (procdata->uimanager, "/MenuBar"); gtk_box_pack_start (GTK_BOX (main_box), menubar, FALSE, FALSE, 0); - /* create the main notebook */ procdata->notebook = notebook = gtk_notebook_new (); gtk_box_pack_start (GTK_BOX (main_box), @@ -774,23 +820,26 @@ update_sensitivity(ProcData *data) processes_sensitivity = (data->config.current_tab == PROCMAN_TAB_PROCESSES); selected_sensitivity = (processes_sensitivity && data->selected_process != NULL); +#ifndef HAVE_POLKIT if(data->endprocessbutton) { /* avoid error on startup if endprocessbutton has not been built yet */ gtk_widget_set_sensitive(data->endprocessbutton, selected_sensitivity); } +#endif for (i = 0; i != G_N_ELEMENTS(processes_actions); ++i) { action = gtk_action_group_get_action(data->action_group, processes_actions[i]); - gtk_action_set_sensitive(action, processes_sensitivity); + gtk_action_set_sensitive(action, selected_sensitivity); } for (i = 0; i != G_N_ELEMENTS(selected_actions); ++i) { action = gtk_action_group_get_action(data->action_group, selected_actions[i]); - gtk_action_set_sensitive(action, selected_sensitivity); + gtk_action_set_sensitive(action, processes_sensitivity); } + } static void diff -up gnome-system-monitor-2.28.2/src/Makefile.am.polkit gnome-system-monitor-2.28.2/src/Makefile.am --- gnome-system-monitor-2.28.2/src/Makefile.am.polkit 2010-02-09 08:23:26.000000000 -0500 +++ gnome-system-monitor-2.28.2/src/Makefile.am 2010-09-30 13:05:41.153603002 -0400 @@ -4,7 +4,9 @@ INCLUDES = \ -DPROCMAN_DATADIR=\""$(datadir)/procman/"\" \ -DGNOMELOCALEDIR=\""$(datadir)/locale"\" \ -DDATADIR=\""$(datadir)"\" \ - @PROCMAN_CFLAGS@ + @PROCMAN_CFLAGS@ \ + @POLKIT_CFLAGS@ \ + @POLKIT_CFLAGS@ bin_PROGRAMS = gnome-system-monitor @@ -35,8 +37,11 @@ gnome_system_monitor_SOURCES = \ e_date.c e_date.h \ gsm_color_button.c gsm_color_button.h +if HAVE_POLKIT +gnome_system_monitor_SOURCES += gnome-system-monitor-mechanism-client-glue.h +endif -gnome_system_monitor_LDADD = @PROCMAN_LIBS@ libbacon.la +gnome_system_monitor_LDADD = @PROCMAN_LIBS@ @POLKIT_LIBS@ libbacon.la noinst_LTLIBRARIES = libbacon.la @@ -52,8 +57,44 @@ schema_ins = gnome-system-monitor.schem schema_DATA = $(schema_ins:.schemas.in=.schemas) @INTLTOOL_SCHEMAS_RULE@ +###################################################################### +if HAVE_POLKIT + +polkit_policydir = $(datadir)/polkit-1/actions +dist_polkit_policy_DATA = org.gnome.system-monitor.policy +# You will need a recent intltool or the patch from this bug http://bugzilla.gnome.org/show_bug.cgi?id=462312 +@INTLTOOL_POLICY_RULE@ + +gnome-system-monitor-mechanism-client-glue.h: gnome-system-monitor-mechanism.xml Makefile.am + dbus-binding-tool --prefix=gnome_system_monitor_mechanism --mode=glib-client --output=gnome-system-monitor-mechanism-client-glue.h gnome-system-monitor-mechanism.xml + +gnome-system-monitor-mechanism-glue.h: gnome-system-monitor-mechanism.xml Makefile.am + dbus-binding-tool --prefix=gnome_system_monitor_mechanism --mode=glib-server --output=gnome-system-monitor-mechanism-glue.h gnome-system-monitor-mechanism.xml + +dbusconfdir = $(sysconfdir)/dbus-1/system.d +dbusconf_DATA = org.gnome.SystemMonitor.Mechanism.conf + +org.gnome.SystemMonitor.Mechanism.service : org.gnome.SystemMonitor.Mechanism.service.in Makefile.am + sed -e s_libexecdir_$(libexecdir)_ org.gnome.SystemMonitor.Mechanism.service.in > org.gnome.SystemMonitor.Mechanism.service + +dbussyssvcdir = $(datadir)/dbus-1/system-services +dbussyssvc_DATA = org.gnome.SystemMonitor.Mechanism.service + +libexec_PROGRAMS = gnome-system-monitor-mechanism +gnome_system_monitor_mechanism_SOURCES = \ + gnome-system-monitor-mechanism-glue.h \ + gnome-system-monitor-mechanism.c + +gnome_system_monitor_mechanism_CFLAGS = $(POLKIT_CFLAGS) +gnome_system_monitor_mechanism_LDADD = $(POLKIT_LIBS) +endif +###################################################################### + + EXTRA_DIST = \ - $(schema_ins) + $(schema_ins) \ + org.gnome.system-monitor.policy.in \ + org.gnome.system-monitor.service.in CLEANFILES = \ $(schema_DATA) diff -up gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.conf.polkit gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.conf --- gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.conf.polkit 2010-09-30 13:05:41.154603002 -0400 +++ gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.conf 2010-09-30 13:05:41.154603002 -0400 @@ -0,0 +1,15 @@ + + + + + + + + + + + + + diff -up gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.service.in.polkit gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.service.in --- gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.service.in.polkit 2010-09-30 13:05:41.155603002 -0400 +++ gnome-system-monitor-2.28.2/src/org.gnome.SystemMonitor.Mechanism.service.in 2010-09-30 13:05:41.155603002 -0400 @@ -0,0 +1,4 @@ +[D-BUS Service] +Name=org.gnome.SystemMonitor.Mechanism +Exec=libexecdir/gnome-system-monitor-mechanism +User=root diff -up gnome-system-monitor-2.28.2/src/org.gnome.system-monitor.policy.in.polkit gnome-system-monitor-2.28.2/src/org.gnome.system-monitor.policy.in --- gnome-system-monitor-2.28.2/src/org.gnome.system-monitor.policy.in.polkit 2010-09-30 13:05:41.156603002 -0400 +++ gnome-system-monitor-2.28.2/src/org.gnome.system-monitor.policy.in 2010-09-30 13:05:41.156603002 -0400 @@ -0,0 +1,50 @@ + + + + + + + + + The GNOME Project + http://online.gnome.org/application?id=gnome-system-monitor + utilities-system-monitor + + + <_description>Change priority of a process owned by another user + <_message>Changing the priority of a process owned by another user requires privileges + + no + auth_admin + + + + + <_description>Increase the priority of a processes + <_message>Increasing the priority of one of your own processes requires privileges + + no + auth_self_keep + + + + + <_description>Kill a process owned by another user + <_message>Killing a process owned by another user requires privileges + + no + auth_admin + + + + diff -up gnome-system-monitor-2.28.2/src/procactions.cpp.polkit gnome-system-monitor-2.28.2/src/procactions.cpp --- gnome-system-monitor-2.28.2/src/procactions.cpp.polkit 2010-02-09 08:23:26.000000000 -0500 +++ gnome-system-monitor-2.28.2/src/procactions.cpp 2010-09-30 13:05:41.157603002 -0400 @@ -31,6 +31,10 @@ #include "procdialogs.h" #include "callbacks.h" +#ifdef HAVE_POLKIT +# include "gnome-system-monitor-mechanism-client-glue.h" +# include +#endif static void renice_single_process (GtkTreeModel *model, GtkTreePath *path, GtkTreeIter *iter, gpointer data) @@ -48,6 +52,10 @@ renice_single_process (GtkTreeModel *mod if (!info) return; + /* docs for getpriority suggest clearing errno before the call + * since -1 is a legitimate return value */ + errno = 0; + error = setpriority (PRIO_PROCESS, info->pid, args->nice_value); /* success */ @@ -55,6 +63,28 @@ renice_single_process (GtkTreeModel *mod saved_errno = errno; +#ifdef HAVE_POLKIT + /* need to be root */ + if (errno == EPERM || errno == EACCES) { + GError *error = NULL; + + if (!org_gnome_SystemMonitor_Mechanism_renice (args->procdata->mechanism_proxy, + info->pid, + args->nice_value, + &error)) { + /* TODO: Handle "require privileges" */ + error_msg = g_strdup_printf ( + _("Cannot renice process with pid %d to nice value %d: " + "%s"), + info->pid, args->nice_value, error->message); + g_error_free (error); + } else { + return; + } + } else { + return; + } +#else /* need to be root */ if(errno == EPERM || errno == EACCES) { gboolean success; @@ -69,10 +99,11 @@ renice_single_process (GtkTreeModel *mod saved_errno = errno; } } +#endif /* failed */ error_msg = g_strdup_printf ( - _("Cannot change the priority of process with pid %d to %d.\n" + _("Cannot change the priority of process with pid %d to %d: " "%s"), info->pid, args->nice_value, g_strerror(saved_errno)); @@ -135,6 +166,28 @@ kill_single_process (GtkTreeModel *model saved_errno = errno; +#ifdef HAVE_POLKIT + /* need to be root */ + if (errno == EPERM) { + GError *error = NULL; + + if (!org_gnome_SystemMonitor_Mechanism_kill (args->procdata->mechanism_proxy, + info->pid, + args->signal, + &error)) { + /* TODO: Handle "require privileges" */ + error_msg = g_strdup_printf ( + _("Cannot kill process with pid %d with signal %d.\n" + "%s"), + info->pid, args->signal, error->message); + g_error_free (error); + } else { + return; + } + } else { + return; + } +#else /* need to be root */ if(errno == EPERM) { gboolean success; @@ -149,12 +202,12 @@ kill_single_process (GtkTreeModel *model saved_errno = errno; } } - /* failed */ error_msg = g_strdup_printf ( _("Cannot kill process with pid %d with signal %d.\n" "%s"), info->pid, args->signal, g_strerror(saved_errno)); +#endif dialog = gtk_message_dialog_new ( NULL, @@ -188,3 +241,4 @@ kill_process (ProcData *procdata, int si procdata); proctable_update_all (procdata); } + diff -up gnome-system-monitor-2.28.2/src/procdialogs.cpp.polkit gnome-system-monitor-2.28.2/src/procdialogs.cpp --- gnome-system-monitor-2.28.2/src/procdialogs.cpp.polkit 2010-09-27 19:13:17.000000000 -0400 +++ gnome-system-monitor-2.28.2/src/procdialogs.cpp 2010-09-30 13:06:52.942602972 -0400 @@ -123,29 +123,34 @@ get_nice_level (gint nice) return _("(Very Low Priority)"); } +typedef struct { + GtkWidget *priority_label; + ProcData *procdata; +} ReniceClosure; + static void renice_scale_changed (GtkAdjustment *adj, gpointer data) { - GtkWidget *label = GTK_WIDGET (data); - + ReniceClosure *rc = (ReniceClosure *) data; + new_nice_value = int(gtk_adjustment_get_value (adj)); - gtk_label_set_text (GTK_LABEL (label), get_nice_level (new_nice_value)); - +‣‧‧‧‧‧‧gtk_label_set_text (GTK_LABEL (rc->priority_label), get_nice_level (new_nice_value));‣‧‧‣‧‧‧‧‧‧‧ } static void renice_dialog_button_pressed (GtkDialog *dialog, gint id, gpointer data) { - ProcData *procdata = static_cast(data); - + ReniceClosure *rc = (ReniceClosure *) data; + if (id == 100) { if (new_nice_value == -100) return; - renice(procdata, new_nice_value); + renice(rc->procdata, new_nice_value); } gtk_widget_destroy (GTK_WIDGET (dialog)); renice_dialog = NULL; + g_free (rc); } void @@ -155,7 +160,6 @@ procdialog_create_renice_dialog (ProcDat GtkWidget *dialog = NULL; GtkWidget *dialog_vbox; GtkWidget *vbox; - GtkWidget *hbox; GtkWidget *label; GtkWidget *priority_label; GtkWidget *table; @@ -163,14 +167,19 @@ procdialog_create_renice_dialog (ProcDat GtkWidget *hscale; GtkWidget *button; GtkWidget *align; + GtkWidget *hbox; GtkWidget *icon; gchar *text; + ReniceClosure *rc; if (renice_dialog) return; if (!info) return; + + rc = g_new0 (ReniceClosure, 1); + rc->procdata = procdata; dialog = gtk_dialog_new_with_buttons (_("Change Priority"), NULL, GTK_DIALOG_DESTROY_WITH_PARENT, @@ -180,24 +189,14 @@ procdialog_create_renice_dialog (ProcDat gtk_window_set_resizable (GTK_WINDOW (renice_dialog), FALSE); gtk_dialog_set_has_separator (GTK_DIALOG (renice_dialog), FALSE); gtk_container_set_border_width (GTK_CONTAINER (renice_dialog), 5); - - button = gtk_button_new (); - gtk_widget_set_can_default (button, TRUE); - - align = gtk_alignment_new (0.5, 0.5, 0.0, 0.0); - gtk_container_add (GTK_CONTAINER (button), align); - - hbox = gtk_hbox_new (FALSE, 2); - gtk_container_add (GTK_CONTAINER (align), hbox); + button = gtk_button_new_with_mnemonic (_("Change _Priority")); + gtk_widget_set_can_default (button, TRUE); icon = gtk_image_new_from_stock (GTK_STOCK_OK, GTK_ICON_SIZE_BUTTON); - gtk_box_pack_start (GTK_BOX (hbox), icon, FALSE, FALSE, 0); - - label = gtk_label_new_with_mnemonic (_("Change _Priority")); - gtk_label_set_mnemonic_widget (GTK_LABEL (label), button); - gtk_box_pack_end (GTK_BOX (hbox), label, FALSE, FALSE, 0); + gtk_button_set_image (GTK_BUTTON (button), icon); gtk_dialog_add_action_widget (GTK_DIALOG (renice_dialog), button, 100); + gtk_dialog_set_default_response (GTK_DIALOG (renice_dialog), 100); new_nice_value = -100; @@ -238,15 +237,16 @@ procdialog_create_renice_dialog (ProcDat gtk_label_set_use_markup (GTK_LABEL (label), TRUE); gtk_box_pack_start (GTK_BOX (vbox), label, FALSE, FALSE, 0); g_free (text); + + rc->priority_label = priority_label; + new_nice_value = info->nice; g_signal_connect (G_OBJECT (dialog), "response", - G_CALLBACK (renice_dialog_button_pressed), procdata); + G_CALLBACK (renice_dialog_button_pressed), rc); g_signal_connect (G_OBJECT (renice_adj), "value_changed", - G_CALLBACK (renice_scale_changed), priority_label); + G_CALLBACK (renice_scale_changed), rc); gtk_widget_show_all (dialog); - - } static void diff -up gnome-system-monitor-2.28.2/src/procman.cpp.polkit gnome-system-monitor-2.28.2/src/procman.cpp --- gnome-system-monitor-2.28.2/src/procman.cpp.polkit 2010-09-27 19:13:17.000000000 -0400 +++ gnome-system-monitor-2.28.2/src/procman.cpp 2010-09-30 13:05:41.161603002 -0400 @@ -36,6 +36,10 @@ #include #include +#ifdef HAVE_POLKIT +# include +#endif + #include "load-graph.h" #include "procman.h" #include "interface.h" @@ -58,7 +62,25 @@ ProcData::ProcData() disk_timeout(0), cpu_total_time(1), cpu_total_time_last(1) -{ } +{ +#ifdef HAVE_POLKIT + GError *error; + DBusGConnection *bus; + + error = NULL; + bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error); + if (bus == NULL) { + g_warning ("Couldn't connect to system bus: %s", error->message); + g_error_free (error); + this->mechanism_proxy = NULL; + } else { + this->mechanism_proxy = dbus_g_proxy_new_for_name (bus, + "org.gnome.SystemMonitor.Mechanism", + "/", + "org.gnome.SystemMonitor.Mechanism"); + } +#endif +} ProcData* ProcData::get_instance() diff -up gnome-system-monitor-2.28.2/src/procman.h.polkit gnome-system-monitor-2.28.2/src/procman.h --- gnome-system-monitor-2.28.2/src/procman.h.polkit 2010-02-09 08:23:26.000000000 -0500 +++ gnome-system-monitor-2.28.2/src/procman.h 2010-09-30 13:05:41.162603002 -0400 @@ -33,6 +33,10 @@ #include #include +#ifdef HAVE_POLKIT +# include +#endif + struct ProcInfo; struct ProcData; struct LoadGraph; @@ -210,6 +214,15 @@ struct ProcData GtkWidget *app; GtkUIManager *menu; +#ifdef HAVE_POLKIT + DBusGProxy *mechanism_proxy; + + GtkAction *sigstop_action; + GtkAction *sigcont_action; + GtkAction *sigterm_action; + GtkAction *sigkill_action; +#endif + unsigned frequency; SmoothRefresh *smooth_refresh; @@ -230,7 +243,6 @@ gboolean procman_get_tree_state (GConfCl - struct ReniceArgs { ProcData *procdata;