Mercurial Mercurial > upstream > oracle > spec-files / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patches/gnome-desktop-03-trusted-extensions.diff
author yippi
Mon, 27 Sep 2010 21:07:51 +0000
changeset 20108 51df67ca9307
parent 15881 ad1e2c38787d
permissions -rw-r--r--
I had these modules listed as being owned by me, but they are really owned by wangke, correcting.

--- gnome-desktop-2.21.2/configure.in.orig	2007-11-13 14:16:58.522935817 +0000
+++ gnome-desktop-2.21.2/configure.in	2007-11-13 14:18:35.457698128 +0000
@@ -108,6 +108,23 @@
 dnl for gnome-about
 AM_PATH_PYTHON
 
+#
+# Solaris Trusted Extensions stuff
+#
+case "$host" in
+*solaris*)
+	AC_CHECK_HEADERS(sys/tsol/label_macro.h,
+	  AC_DEFINE(HAVE_TSOL, ,[Building with TSOL support]) found_tsol=yes,)
+	;;
+*)
+	;;
+esac
+
+AM_CONDITIONAL(TSOL_DEFINED, test x$found_tsol = xyes)
+if test "x$found_tsol" = "xyes" ; then
+	GNOME_DESKTOP_LIBS="$GNOME_DESKTOP_LIBS -lsecdb"
+fi
+
 dnl gnome-doc-utils stuff
 
 GNOME_DOC_INIT
diff -urN -x '*~' -x '*.rej*' gnome-desktop.orig/libgnome-desktop/gnome-desktop-tsol-extensions.c gnome-desktop.new/libgnome-desktop/gnome-desktop-tsol-extensions.c
--- gnome-desktop.orig/libgnome-desktop/gnome-desktop-tsol-extensions.c	1970-01-01 01:00:00.000000000 +0100
+++ gnome-desktop.new/libgnome-desktop/gnome-desktop-tsol-extensions.c	2007-09-19 22:17:22.377451000 +0100
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#include <config.h>
+#include <gdk/gdk.h>
+#include <gdk/gdkx.h>
+#include <X11/Xlib.h>
+#include <stdlib.h>
+#include <strings.h>
+#include <user_attr.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <dlfcn.h>
+#include <link.h>
+
+#define ATOM "_LABEL_EXEC_COMMAND"
+
+typedef Status (*xtsol_XTSOLgetWorkstationOwner) (Display *xpdy, uid_t *uidp);
+
+gboolean
+gnome_desktop_tsol_user_is_workstation_owner (void)
+{
+	uid_t uid;
+	gpointer handle;
+	Display *xdpy;
+	static int ret = -1;
+	xtsol_XTSOLgetWorkstationOwner libxtsol_XTSOLgetWorkstationOwner= NULL;
+
+	if (ret == -1) {
+		if (!(handle = dlopen ("/usr/lib/libXtsol.so.1", RTLD_LAZY)) ||
+		    !(libxtsol_XTSOLgetWorkstationOwner =
+			(xtsol_XTSOLgetWorkstationOwner) dlsym (handle,
+						"XTSOLgetWorkstationOwner"))) {
+			ret = 0;
+			return FALSE;
+		}
+
+		xdpy = GDK_DISPLAY_XDISPLAY (gdk_display_get_default ());
+
+		libxtsol_XTSOLgetWorkstationOwner (xdpy, &uid);
+
+		if (uid == getuid ()) {
+			ret = 1;
+		} else {
+			ret = 0;
+		}
+	}
+
+	return ret ? TRUE : FALSE;
+}
+
+gboolean 
+gnome_desktop_tsol_is_clearance_admin_high (void)
+{
+        userattr_t      *uattr;
+        char            *value = NULL;
+
+        uattr = getuseruid (getuid ());
+
+        if (uattr) {
+                value = kva_match (uattr->attr, USERATTR_CLEARANCE);
+                if (value)
+                        if (strncasecmp ("admin_high", value, 10) == 0 ||
+                            strncasecmp ("ADMIN_HIGH", value, 10) == 0)
+                                return TRUE;
+        }
+        return FALSE;
+}
+
+gboolean
+gnome_desktop_tsol_is_multi_label_session (void)
+{
+	static int trusted = -1;
+
+	if (trusted < 0) {
+		if (getenv ("TRUSTED_SESSION")) {
+			trusted = 1;
+		} else {
+			trusted = 0;
+		}
+	}
+
+	return trusted ? TRUE : FALSE;
+}
+
+void
+gnome_desktop_tsol_proxy_app_launch (char *command)
+{
+	GdkDisplay *dpy;
+	Display *xdpy;
+	Window root;
+	Atom atom, utf8_string;
+
+	if (!command) return;
+
+	dpy = gdk_display_get_default ();
+	xdpy = GDK_DISPLAY_XDISPLAY (dpy);
+
+	utf8_string = XInternAtom (xdpy, "UTF8_STRING", FALSE);
+
+	root = DefaultRootWindow (xdpy);
+
+	atom = XInternAtom (xdpy, ATOM, FALSE);
+
+	gdk_error_trap_push ();
+
+	XChangeProperty (xdpy, root, atom, utf8_string, 8, PropModeReplace,
+			 command, strlen (command));
+
+	XSync (xdpy, False);
+
+	gdk_error_trap_pop ();
+}
+
diff -urN -x '*~' -x '*.rej*' gnome-desktop.orig/libgnome-desktop/libgnome/Makefile.am gnome-desktop.new/libgnome-desktop/libgnome/Makefile.am
diff -urN -x '*~' -x '*.rej*' gnome-desktop.orig/libgnome-desktop/libgnome/gnome-desktop-tsol-extensions.h gnome-desktop.new/libgnome-desktop/libgnome/gnome-desktop-tsol-extensions.h
--- gnome-desktop.orig/libgnome-desktop/libgnome/gnome-desktop-tsol-extensions.h	1970-01-01 01:00:00.000000000 +0100
+++ gnome-desktop.new/libgnome-desktop/libgnome/gnome-desktop-tsol-extensions.h	2007-09-19 21:54:08.669028000 +0100
@@ -0,0 +1,10 @@
+/*
+ * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+gboolean gnome_desktop_tsol_is_clearance_admin_high (void);
+gboolean gnome_desktop_tsol_is_multi_label_session (void);
+void gnome_desktop_tsol_proxy_app_launch (char *command);
+gboolean gnome_desktop_tsol_user_is_workstation_owner (void);
+
--- gnome-desktop-2.25.2/libgnome-desktop/Makefile.am.ori	2008-12-10 06:56:26.211081440 +0000
+++ gnome-desktop-2.25.2/libgnome-desktop/Makefile.am	2008-12-10 06:57:08.915616350 +0000
@@ -18,6 +18,7 @@
 
 libgnome_desktop_2_la_SOURCES = \
 	gnome-desktop-item.c	\
+	gnome-desktop-tsol-extensions.c \
 	gnome-desktop-utils.c	\
 	gnome-desktop-thumbnail.c \
 	gnome-thumbnail-pixbuf-utils.c \
--- gnome-desktop-2.25.2/libgnome-desktop/libgnome/Makefile.am.ori	2008-12-10 06:58:48.957248389 +0000
+++ gnome-desktop-2.25.2/libgnome-desktop/libgnome/Makefile.am	2008-12-10 06:59:16.104630627 +0000
@@ -1,6 +1,7 @@
 libgnome_desktopdir = $(includedir)/gnome-desktop-2.0/libgnome
 libgnome_desktop_HEADERS = \
 	gnome-desktop-utils.h \
-	gnome-desktop-item.h
+	gnome-desktop-item.h \
+	gnome-desktop-tsol-extensions.h
 
 -include $(top_srcdir)/git.mk
--- gnome-desktop-2.25.92/libgnome-desktop/gnome-desktop-item.c.ori	2009-03-13 08:09:32.130714679 +0000
+++ gnome-desktop-2.25.92/libgnome-desktop/gnome-desktop-item.c	2009-03-13 08:10:58.807107686 +0000
@@ -41,6 +41,7 @@
 #include <glib/gi18n-lib.h>
 #include <locale.h>
 #include <stdlib.h>
+#include <zone.h>
 
 #include <gio/gio.h>
 
@@ -58,6 +59,7 @@
 #undef GNOME_DISABLE_DEPRECATED
 #include <libgnome/gnome-desktop-item.h>
 #include <libgnome/gnome-desktop-utils.h>
+#include <libgnome/gnome-desktop-tsol-extensions.h>
 
 #include "private.h"
 
@@ -1746,6 +1748,7 @@
 	char *new_exec, *uris, *temp;
 	char *exec_locale;
 	int launched = 0;
+	char *command;
 #ifdef HAVE_STARTUP_NOTIFICATION
 	SnLauncherContext *sn_context;
 	SnDisplay *sn_display;
@@ -1944,7 +1947,15 @@
 #endif
 		
 		
-		if ( ! g_spawn_async (working_dir,
+
+		if (gnome_desktop_tsol_is_multi_label_session () &&
+			gnome_desktop_tsol_user_is_workstation_owner () &&
+			getzoneid () == 0) {
+			command = g_strdup_printf ("%d:%s", gdk_screen_get_number (screen), g_strjoinv (" ", real_argv));
+			gnome_desktop_tsol_proxy_app_launch (command);
+			g_free (command);
+		} else {
+			if ( ! g_spawn_async (working_dir,
 				      real_argv,
 				      envp,
 				      (do_not_reap_child ? G_SPAWN_DO_NOT_REAP_CHILD : 0) | G_SPAWN_SEARCH_PATH /* flags */,
@@ -1952,11 +1963,12 @@
 				      NULL, /* child_setup_func_data */
 				      &ret /* child_pid */,
 				      error)) {
-			/* The error was set for us,
-			 * we just can't launch this thingie */
-			ret = -1;
-			g_strfreev (real_argv);
-			break;
+				/* The error was set for us,
+			 	* we just can't launch this thingie */
+				ret = -1;
+				g_strfreev (real_argv);
+				break;
+			}
 		}
 		launched ++;
upstream/oracle/spec-files