|
|
|
PolicyKit Library Reference Manual | |
|---|---|---|---|---|
struct PolKitModuleInterface; polkit_bool_t (*PolKitModuleInitialize) (PolKitModuleInterface *module_interface, int argc, char *argv[]); void (*PolKitModuleShutdown) (PolKitModuleInterface *module_interface); PolKitResult (*PolKitModuleCanSessionDoAction) (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitSession *session); PolKitResult (*PolKitModuleCanCallerDoAction) (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitCaller *caller); PolKitModuleInterface* polkit_module_interface_new (void); PolKitModuleInterface* polkit_module_interface_ref (PolKitModuleInterface *module_interface); void polkit_module_interface_unref (PolKitModuleInterface *module_interface); const char* polkit_module_get_name (PolKitModuleInterface *module_interface); void polkit_module_set_user_data (PolKitModuleInterface *module_interface, void *user_data); void* polkit_module_get_user_data (PolKitModuleInterface *module_interface); void polkit_module_set_func_initialize (PolKitModuleInterface *module_interface, PolKitModuleInitialize func); void polkit_module_set_func_shutdown (PolKitModuleInterface *module_interface, PolKitModuleShutdown func); void polkit_module_set_func_can_session_do_action (PolKitModuleInterface *module_interface, PolKitModuleCanSessionDoAction func); void polkit_module_set_func_can_caller_do_action (PolKitModuleInterface *module_interface, PolKitModuleCanCallerDoAction func); PolKitModuleInitialize polkit_module_get_func_initialize (PolKitModuleInterface *module_interface); PolKitModuleShutdown polkit_module_get_func_shutdown (PolKitModuleInterface *module_interface); PolKitModuleCanSessionDoAction polkit_module_get_func_can_session_do_action (PolKitModuleInterface *module_interface); PolKitModuleCanCallerDoAction polkit_module_get_func_can_caller_do_action (PolKitModuleInterface *module_interface); enum PolKitModuleControl; const char* polkit_module_control_to_string_representation (PolKitModuleControl module_control); polkit_bool_t polkit_module_control_from_string_representation (const char *string, PolKitModuleControl *out_module_control); PolKitModuleInterface* polkit_module_interface_load_module (const char *name, PolKitModuleControl module_control, int argc, char *argv[]); PolKitModuleControl polkit_module_interface_get_control (PolKitModuleInterface *module_interface); polkit_bool_t polkit_module_interface_check_builtin_confinement_for_session (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitSession *session); polkit_bool_t polkit_module_interface_check_builtin_confinement_for_caller (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitCaller *caller);
struct PolKitModuleInterface;
Objects of this class are used to interface with PolicyKit modules
polkit_bool_t (*PolKitModuleInitialize) (PolKitModuleInterface *module_interface, int argc, char *argv[]);
Type of PolicyKit module function to initialize the module.
| module_interface : | the module interface |
| argc : | number of arguments to pass to module |
| argv : | arguments passed to module; the first argument is the filename/path to the module |
| Returns : | Whether the module was initialized. |
void (*PolKitModuleShutdown) (PolKitModuleInterface *module_interface);
Type of PolicyKit module function to shutdown the module.
| module_interface : | the module interface |
PolKitResult (*PolKitModuleCanSessionDoAction) (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitSession *session);
| module_interface : | |
| pk_context : | |
| action : | |
| session : | |
| Returns : |
PolKitResult (*PolKitModuleCanCallerDoAction) (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitCaller *caller);
| module_interface : | |
| pk_context : | |
| action : | |
| caller : | |
| Returns : |
PolKitModuleInterface* polkit_module_interface_new (void);
Create a new PolKitModuleInterface object.
| Returns : | the new object |
PolKitModuleInterface* polkit_module_interface_ref (PolKitModuleInterface *module_interface);
Increase reference count.
| module_interface : | the module_interface object |
| Returns : | the object |
void polkit_module_interface_unref (PolKitModuleInterface *module_interface);
Decreases the reference count of the object. If it becomes zero, the object is freed. Before freeing, reference counts on embedded objects are decresed by one.
| module_interface : | the module_interface object |
const char* polkit_module_get_name (PolKitModuleInterface *module_interface);
Get the name of the module
| module_interface : | the module interface |
| Returns : | name or NULL if an error occured |
void polkit_module_set_user_data (PolKitModuleInterface *module_interface, void *user_data);
Set user data. A PolicyKit module should use these instead of global variables as multiple instances of the module may be instantiated at the same time.
| module_interface : | module interface |
| user_data : | user data to set |
void* polkit_module_get_user_data (PolKitModuleInterface *module_interface);
Get user data.
| module_interface : | module interface |
| Returns : | The user data set with polkit_module_set_user_data() |
void polkit_module_set_func_initialize (PolKitModuleInterface *module_interface, PolKitModuleInitialize func);
Set the function pointer.
| module_interface : | the module interface |
| func : | the function pointer |
void polkit_module_set_func_shutdown (PolKitModuleInterface *module_interface, PolKitModuleShutdown func);
Set the function pointer.
| module_interface : | the module interface |
| func : | the function pointer |
void polkit_module_set_func_can_session_do_action
(PolKitModuleInterface *module_interface,
PolKitModuleCanSessionDoAction func);
Set the function pointer.
| module_interface : | the module interface |
| func : | the function pointer |
void polkit_module_set_func_can_caller_do_action
(PolKitModuleInterface *module_interface,
PolKitModuleCanCallerDoAction func);
Set the function pointer.
| module_interface : | the module interface |
| func : | the function pointer |
PolKitModuleInitialize polkit_module_get_func_initialize (PolKitModuleInterface *module_interface);
Get the function pointer.
| module_interface : | the module interface |
| Returns : | Function pointer or NULL if it's unavailable or an error occured |
PolKitModuleShutdown polkit_module_get_func_shutdown (PolKitModuleInterface *module_interface);
Get the function pointer.
| module_interface : | the module interface |
| Returns : | Function pointer or NULL if it's unavailable or an error occured |
PolKitModuleCanSessionDoAction polkit_module_get_func_can_session_do_action (PolKitModuleInterface *module_interface);
Get the function pointer.
| module_interface : | the module interface |
| Returns : | Function pointer or NULL if it's unavailable or an error occured |
PolKitModuleCanCallerDoAction polkit_module_get_func_can_caller_do_action (PolKitModuleInterface *module_interface);
Get the function pointer.
| module_interface : | the module interface |
| Returns : | Function pointer or NULL if it's unavailable or an error occured |
typedef enum
{
POLKIT_MODULE_CONTROL_ADVISE,
POLKIT_MODULE_CONTROL_MANDATORY,
POLKIT_MODULE_CONTROL_N_CONTROLS
} PolKitModuleControl;
The control stanza for a PolicyKit module. This is read from the PolicyKit configuration file (/etc/PolicyKit/PolicyKit.conf) that defines the stacked order of the modules and is chosen by the system administrator. See the definition of PolKitResult for the definition of "strict" with respect to result values.
| POLKIT_MODULE_CONTROL_ADVISE | Allow modules, marked with POLKIT_MODULE_CONTROL_MANDATORY, down the stack to override results from this module. Modules down the stack that are also marked with the POLKIT_MODULE_CONTROL_ADVISE control will only take effect it they change the result to be "less strict". |
| POLKIT_MODULE_CONTROL_MANDATORY | Always use results (unless it returns POLKIT_RESULT_UNKNOWN_ACTION for a given request) from this module, even if it changes whether the result to be "more strict". . If a later module also uses this control, results from that module will override it. |
| POLKIT_MODULE_CONTROL_N_CONTROLS | Number of control stanzas |
const char* polkit_module_control_to_string_representation
(PolKitModuleControl module_control);
Gives a textual representation of a PolKitModuleControl object.
| module_control : | the given value |
| Returns : | The textual representation or NULL if the value passed is invalid |
polkit_bool_t polkit_module_control_from_string_representation (const char *string, PolKitModuleControl *out_module_control);
Given a textual representation of a PolKitModuleControl object, find the PolKitModuleControl value.
| string : | the textual representation |
| out_module_control : | return location for the value |
| Returns : | TRUE if the textual representation was valid, otherwise FALSE |
PolKitModuleInterface* polkit_module_interface_load_module (const char *name, PolKitModuleControl module_control, int argc, char *argv[]);
Load and initialize a PolicyKit module
| name : | name of module, e.g. "polkit-module-default.so" |
| module_control : | the module control; from the configuration file |
| argc : | number arguments to pass |
| argv : | argument vector, the first argument must be the filename/path to the module |
| Returns : | A PolKitModuleInterface object on success; NULL on failure. |
PolKitModuleControl polkit_module_interface_get_control (PolKitModuleInterface *module_interface);
Get the control for this module.
| module_interface : | the module interface |
| Returns : | A PolKitModuleControl value. |
polkit_bool_t polkit_module_interface_check_builtin_confinement_for_session (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitSession *session);
Check whether some of the built-in module options (e.g. action="hal-storage-*", user=davidz) confines the given module, e.g. whether it should be skipped.
| module_interface : | the given module |
| pk_context : | the PolicyKit context |
| action : | the type of access to check for |
| session : | the session in question |
| Returns : | TRUE if, and only if, the module is confined from handling the request |
polkit_bool_t polkit_module_interface_check_builtin_confinement_for_caller (PolKitModuleInterface *module_interface, PolKitContext *pk_context, PolKitAction *action, PolKitCaller *caller);
Check whether some of the built-in module options (e.g. action="hal-storage-*", user=davidz) confines the given module, e.g. whether it should be skipped.
| module_interface : | the given module |
| pk_context : | the PolicyKit context |
| action : | the type of access to check for |
| caller : | the caller in question |
| Returns : | TRUE if, and only if, the module is confined from handling the request |