DESCRIPTION

B

@@ -1327,6 +1327,8 @@

udisks_linux_drive_object_housekeeping, udisks_linux_drive_object_housekeeping ()

udisks_linux_drive_object_is_not_in_use, udisks_linux_drive_object_is_not_in_use () +

udisks_linux_drive_object_new, udisks_linux_drive_object_new ()

udisks_linux_drive_object_uevent, udisks_linux_drive_object_uevent () diff -Nru udisks2-1.97.0/doc/html/overview.html udisks2-1.98.0/doc/html/overview.html --- udisks2-1.97.0/doc/html/overview.html 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/html/overview.html 2012-06-07 18:39:06.000000000 +0000 @@ -26,7 +26,7 @@

Table of Contents

-udisks — Introduction to udisks +udisks — Disk Manager
udisksd — The udisks system daemon diff -Nru udisks2-1.97.0/doc/html/udisks2.devhelp2 udisks2-1.98.0/doc/html/udisks2.devhelp2 --- udisks2-1.97.0/doc/html/udisks2.devhelp2 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/html/udisks2.devhelp2 2012-06-07 18:39:06.000000000 +0000 @@ -1019,6 +1019,7 @@ + diff -Nru udisks2-1.97.0/doc/html/udisks2-Utilities.html udisks2-1.98.0/doc/html/udisks2-Utilities.html --- udisks2-1.97.0/doc/html/udisks2-Utilities.html 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/html/udisks2-Utilities.html 2012-06-07 18:39:06.000000000 +0000 @@ -249,17 +249,25 @@ via invocation. -The calling thread is blocked for the duration of the -authentication which may be a very long time unless -auth_no_user_interaction is TRUE. +The calling thread is blocked for the duration of the authorization +check which could be a very long time since it may involve +presenting an authentication dialog and having a human user use +it. If “auth.no_user_interaction” in options is TRUE +no authentication dialog will be presented and the check is not +expected to take a long time. -The follow variables can be used in message - - - - udisks2.device - If object has a UDisksBlock interface, this property is set to the value of the "preferred-device" property. - +See Table 1, “Known polkit variables” for the variables that +can be used in message but note that not all variables can be used +in all checks. For example, any check involving a UDisksDrive or a +UDisksBlock object can safely include the fragment +“$(drive)” since it will always expand to the name of +the drive, e.g. “INTEL SSDSA2MH080G1GC (/dev/sda1)” or +the block device file e.g. “/dev/vg_lucifer/lv_root” +or “/dev/sda1”. However this won't work for operations +that isn't on a drive or block device, for example calls on the +Manager +object. @@ -279,7 +287,7 @@ - diff -Nru udisks2-1.97.0/doc/html/udisks.8.html udisks2-1.98.0/doc/html/udisks.8.html --- udisks2-1.97.0/doc/html/udisks.8.html 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/html/udisks.8.html 2012-06-07 18:39:06.000000000 +0000 @@ -24,16 +24,16 @@ options : A GVariant to check for the auth.no_user_interaction option or NULL. [allow-none] + A GVariant to check for the “auth.no_user_interaction” option or NULL. [allow-none] udisks - udisks — Introduction to udisks + udisks — Disk Manager - DESCRIPTION + DESCRIPTION udisks provides interfaces to enumerate and perform operations - on storage devices. Any application (including unprivileged - ones) can access the + on disks and storage devices. Any application (including + unprivileged ones) can access the udisksd(8) daemon via the name org.freedesktop.UDisks2 on the system message bus. In addition to the D-Bus API, a @@ -41,19 +41,14 @@ library can be used from C/C++ and any high-level language with GObjectIntrospection support such as Javascript and Python. - - - Except for providing a list of devices, support for udev - properties as well as routines used to present the devices to - the end user, udisks, as a system-level component, is not - involved with what a desktop user interface shows the user. For - GNOME see these GVfs - notes about what is shown in the desktop user interface - and how to influence it. + udisks is only indirectly involved in what devices and objects + are shown in the user interface. See these + notes + for what is shown in GNOME 3. - ACCESS CONTROL + ACCESS CONTROL By default, logged-in users in active log-in sessions are permitted to perform operations (for example, mounting, @@ -64,8 +59,6 @@ Checks” chapter in the udisks documentation for more information (available online here). - - Note that the x-udisks-auth option can be used in the /etc/fstab and /etc/crypttab files to specify that @@ -75,7 +68,7 @@ - DEVICE INFORMATION + DEVICE INFORMATION udisks relies on recent versions of udev(7) @@ -136,7 +129,7 @@

API STABILITY

udisks guarantees a stable D-Bus API within the same major version and this guarantee also extends to the client-side @@ -172,7 +165,7 @@

AUDIENCE

The intended audience of udisks include operating system developers working on the higher-level parts of the operating @@ -221,14 +214,14 @@

AUTHOR

Written by David Zeuthen <zeuthen@gmail.com> with a lot of help from many others.

BUGS

Please send bug reports to either the distribution bug tracker or the upstream bug tracker at @@ -236,7 +229,7 @@

DESCRIPTION

udisksctl is a command-line program used to interact with the @@ -49,7 +52,7 @@

COMMANDS

@@ -77,11 +80,10 @@ @@ -96,8 +98,31 @@ + + + + + + + + + + + + @@ -122,7 +147,7 @@

`unmount`	- Unmounts a device previously mounted by - udisksd(8). - The option `--force` can be used to request - that the device is unmounted even if active references - exists. + Unmounts a device. This only works if the device is + mounted. The option `--force` can be used + to request that the device is unmounted even if active + references exists.
`lock`	- Locks a device previously unlocked by - udisksd(8). + Locks a device. This only works if the device is a + cleartext device backed by a cryptotext device. +
`loop-setup`	+ Sets up a loop device backed by `FILE`. +
`loop-delete`	+ Tears down a loop device. +
`smart-simulate`	+ Sets SMART data from the libatasmart blob given by + `FILE` - see + `/usr/share/doc/libatasmart-devel-VERSION/` + for blobs shipped with libatasmart. This is a debugging + feature used to check that applications act correctly when + a disk is failing.

COMMON OPTIONS

The option --no-user-interaction can be used to request that no interaction (such as the user being @@ -134,7 +159,7 @@

AUDIENCE

This program does not assume that the caller is the super user - it is intended to be used by unprivileged users and @@ -149,21 +174,21 @@

BASH COMPLETION

udisksctl ships with a bash completion script to complete commands, objects, block devices and some options.

AUTHOR

Written by David Zeuthen <zeuthen@gmail.com> with a lot of help from many others.

BUGS

Please send bug reports to either the distribution bug tracker or the upstream bug tracker at @@ -171,7 +196,7 @@

DESCRIPTION

The udisksd program provides the org.freedesktop.UDisks2 name on the system @@ -51,7 +51,7 @@

OPTIONS

@@ -86,14 +86,14 @@

AUTHOR

Written by David Zeuthen <zeuthen@gmail.com> with a lot of help from many others.

BUGS

Please send bug reports to either the distribution bug tracker or the upstream bug tracker at @@ -101,7 +101,7 @@

Property Details

diff -Nru udisks2-1.97.0/doc/html/udisks-polkit-actions.html udisks2-1.98.0/doc/html/udisks-polkit-actions.html --- udisks2-1.97.0/doc/html/udisks-polkit-actions.html 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/html/udisks-polkit-actions.html 2012-06-07 18:39:06.000000000 +0000 @@ -26,9 +26,8 @@ Many methods and operations offered by udisks requires the calling user to be sufficiently authorized. Whether the user is authorized is checked using polkit - and the administrator can configure polkit's - local authority (but note that the system may be - using another polkit authority implementation). + allowing the administrator to configure fine-grained permissions via + polkit authorization rules.

There is not necessarily a one-to-one relationship between @@ -62,9 +61,109 @@ The polkit actions are not considered stable and may change from release to release so administrators should take notice when upgrading from one version of udisks to another. For - example, .pkla files may need to be - updated to match an updated policy. - For reference, the polkit actions defined by udisks 1.97.0 + example, polkit authorization rules may need to be updated + to match an updated policy. +

+ See Table 1, “Known polkit variables” for the + variables that can be used to assist in determining if the + caller is authorized (note that each variable may not be set + for request). For example, a polkit authorization rule for + any of the + org.freedesktop.udisks2.filesystem-mount* + actions can use the device variable + to determine if the caller is authorized to mount a specific + block device. +

Table 1. Known polkit variables

++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

key	value
`device`	If the object is a block device, this property is set to the value of the Block:PreferredDevice property. If set, this is guaranteed to be a device file, for example “/dev/vg_lucifer/lv_root” or “/dev/sda1”. If the object is not a block device, this is not set.
`drive`	Like the `device` variable, but if the object is also a drive, this variable includes Vital Product Data about the drive such as the vendor and model identifiers (if available), for example “INTEL SSDSA2MH080G1GC (/dev/sda1)”. Otherwise is just set to the same value as `device`. If the object is not a block device, this is not set (it is however set if the object is a block device but not a drive).
`drive.wwn`	If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:WWN property.
`drive.serial`	If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Serial property.
`drive.vendor`	If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Vendor property.
`drive.model`	If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Model property.
`drive.revision`	If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Revision property.
`drive.removable`	If the object is a drive (or a block device that is part of a drive), this is set to the string “true” only if the value of the Drive:Removable property is `TRUE`.
`id.type`	If the object is a block device, this property is set to the value of the Block:IdType property.
`id.usage`	If the object is a block device, this property is set to the value of the Block:IdUsage property.
`id.version`	If the object is a block device, this property is set to the value of the Block:IdVersion property.
`id.label`	If the object is a block device, this property is set to the value of the Block:IdLabel property.
`id.uuid`	If the object is a block device, this property is set to the value of the Block:IdUUID property.
`partition.number`	If the object is a partition, this property is set to the value of the Partition:Number property.
`partition.type`	If the object is a partition, this property is set to the value of the Partition:Type property.
`partition.flags`	If the object is a partition, this property is set to the value of the Partition:Flags property.
`partition.name`	If the object is a partition, this property is set to the value of the Partition:Name property.
`partition.uuid`	If the object is a partition, this property is set to the value of the Partition:UUID property.

+ For reference, the polkit actions defined by udisks 1.98.0 are included here:

@@ -412,6 +511,17 @@ </defaults> </action> +  + <action id="org.freedesktop.udisks2.ata-smart-simulate"> + <_description>Set SMART data from blob</_description> + <_message>Authentication is required to set SMART data from blob</_message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> +  <action id="org.freedesktop.udisks2.ata-smart-selftest"> <_description>Run SMART self-test</_description> diff -Nru udisks2-1.97.0/doc/html/udisks-std-options.html udisks2-1.98.0/doc/html/udisks-std-options.html --- udisks2-1.97.0/doc/html/udisks-std-options.html 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/html/udisks-std-options.html 2012-06-07 18:39:06.000000000 +0000 @@ -29,7 +29,7 @@ The following table lists well-known options:

Table 1. Well-known options

Table 2. Well-known options

diff -Nru udisks2-1.97.0/doc/man/udisksctl.xml udisks2-1.98.0/doc/man/udisksctl.xml --- udisks2-1.97.0/doc/man/udisksctl.xml 2012-05-04 23:30:24.000000000 +0000 +++ udisks2-1.98.0/doc/man/udisksctl.xml 2012-05-13 16:12:03.000000000 +0000 @@ -73,6 +73,37 @@ udisksctl + loop-setup + --file PATH + --read-only + --offset OFFSET + --size SIZE + --no-user-interaction + + + + udisksctl + loop-delete + + --object-path OBJECT + --block-device DEVICE + + --no-user-interaction + + + + udisksctl + smart-simulate + --file PATH + + --object-path OBJECT + --block-device DEVICE + + --no-user-interaction + + + + udisksctl monitor @@ -126,11 +157,10 @@ - Unmounts a device previously mounted by - udisksd8. - The option can be used to request - that the device is unmounted even if active references - exists. + Unmounts a device. This only works if the device is + mounted. The option can be used + to request that the device is unmounted even if active + references exists. @@ -151,8 +181,40 @@ - Locks a device previously unlocked by - udisksd8. + Locks a device. This only works if the device is a + cleartext device backed by a cryptotext device. + + + + + + + + + Sets up a loop device backed by FILE. + + + + + + + + + Tears down a loop device. + + + + + + + + + Sets SMART data from the libatasmart blob given by + FILE - see + /usr/share/doc/libatasmart-devel-VERSION/ + for blobs shipped with libatasmart. This is a debugging + feature used to check that applications act correctly when + a disk is failing. diff -Nru udisks2-1.97.0/doc/man/udisks.xml udisks2-1.98.0/doc/man/udisks.xml --- udisks2-1.97.0/doc/man/udisks.xml 2012-04-30 18:11:58.000000000 +0000 +++ udisks2-1.98.0/doc/man/udisks.xml 2012-05-14 15:02:51.000000000 +0000 @@ -13,31 +13,26 @@ udisks - Introduction to udisks + Disk Manager DESCRIPTION udisks provides interfaces to enumerate and perform operations - on storage devices. Any application (including unprivileged - ones) can access the + on disks and storage devices. Any application (including + unprivileged ones) can access the udisksd8 daemon via the name org.freedesktop.UDisks2 on the system message bus. In addition to the D-Bus API, a library, libudisks2 is also provided. This library can be used from C/C++ and any high-level language with - GObjectIntrospection + GObjectIntrospection support such as Javascript and Python. - - - Except for providing a list of devices, support for udev - properties as well as routines used to present the devices to - the end user, udisks, as a system-level component, is not - involved with what a desktop user interface shows the user. For - GNOME see these GVfs - notes about what is shown in the desktop user interface - and how to influence it. + udisks is only indirectly involved in what devices and objects + are shown in the user interface. See these + notes + for what is shown in GNOME 3. @@ -54,8 +49,6 @@ more information (available online here). - - Note that the x-udisks-auth option can be used in the /etc/fstab and /etc/crypttab files to specify that diff -Nru udisks2-1.97.0/doc/tmpl/udiskslinuxdriveobject.sgml udisks2-1.98.0/doc/tmpl/udiskslinuxdriveobject.sgml --- udisks2-1.97.0/doc/tmpl/udiskslinuxdriveobject.sgml 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/tmpl/udiskslinuxdriveobject.sgml 2012-06-07 18:39:06.000000000 +0000 @@ -108,3 +108,14 @@ @Returns: + + + + + +@object: +@cancellable: +@error: +@Returns: + + diff -Nru udisks2-1.97.0/doc/udisks2-docs.xml udisks2-1.98.0/doc/udisks2-docs.xml --- udisks2-1.97.0/doc/udisks2-docs.xml 2012-04-30 18:18:36.000000000 +0000 +++ udisks2-1.98.0/doc/udisks2-docs.xml 2012-06-06 17:18:25.000000000 +0000 @@ -135,10 +135,8 @@ calling user to be sufficiently authorized. Whether the user is authorized is checked using polkit - and the administrator can configure polkit's - local authority (but note that the system may be - using another polkit authority implementation). + allowing the administrator to configure fine-grained permissions via + polkit authorization rules. There is not necessarily a one-to-one relationship between @@ -174,8 +172,112 @@ The polkit actions are not considered stable and may change from release to release so administrators should take notice when upgrading from one version of udisks to another. For - example, .pkla files may need to be - updated to match an updated policy. + example, polkit authorization rules may need to be updated + to match an updated policy. + + + See for the + variables that can be used to assist in determining if the + caller is authorized (note that each variable may not be set + for request). For example, a polkit authorization rule for + any of the + org.freedesktop.udisks2.filesystem-mount* + actions can use the device variable + to determine if the caller is authorized to mount a specific + block device. + + +

+ Known polkit variables + + + + key + value + + + + + device + If the object is a block device, this property is set to the value of the Block:PreferredDevice property. If set, this is guaranteed to be a device file, for example /dev/vg_lucifer/lv_root or /dev/sda1. If the object is not a block device, this is not set. + + + drive + Like the device variable, but if the object is also a drive, this variable includes Vital Product Data about the drive such as the vendor and model identifiers (if available), for example INTEL SSDSA2MH080G1GC (/dev/sda1). Otherwise is just set to the same value as device. If the object is not a block device, this is not set (it is however set if the object is a block device but not a drive). + + + + drive.wwn + If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:WWN property. + + + drive.serial + If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Serial property. + + + drive.vendor + If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Vendor property. + + + drive.model + If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Model property. + + + drive.revision + If the object is a drive (or a block device that is part of a drive), this is set to the value of the Drive:Revision property. + + + drive.removable + If the object is a drive (or a block device that is part of a drive), this is set to the string true only if the value of the Drive:Removable property is TRUE. + + + + id.type + If the object is a block device, this property is set to the value of the Block:IdType property. + + + id.usage + If the object is a block device, this property is set to the value of the Block:IdUsage property. + + + id.version + If the object is a block device, this property is set to the value of the Block:IdVersion property. + + + id.label + If the object is a block device, this property is set to the value of the Block:IdLabel property. + + + id.uuid + If the object is a block device, this property is set to the value of the Block:IdUUID property. + + + + partition.number + If the object is a partition, this property is set to the value of the Partition:Number property. + + + partition.type + If the object is a partition, this property is set to the value of the Partition:Type property. + + + partition.flags + If the object is a partition, this property is set to the value of the Partition:Flags property. + + + partition.name + If the object is a partition, this property is set to the value of the Partition:Name property. + + + partition.uuid + If the object is a partition, this property is set to the value of the Partition:UUID property. + + + + +

+ + For reference, the polkit actions defined by udisks &version; are included here: FIXME: MISSING XINCLUDE CONTENT diff -Nru udisks2-1.97.0/doc/udisks2-sections.txt udisks2-1.98.0/doc/udisks2-sections.txt --- udisks2-1.97.0/doc/udisks2-sections.txt 2012-05-09 17:58:48.000000000 +0000 +++ udisks2-1.98.0/doc/udisks2-sections.txt 2012-06-07 18:39:06.000000000 +0000 @@ -184,6 +184,7 @@ udisks_linux_drive_object_get_device udisks_linux_drive_object_get_devices udisks_linux_drive_object_housekeeping +udisks_linux_drive_object_is_not_in_use UDISKS_TYPE_LINUX_DRIVE_OBJECT UDISKS_LINUX_DRIVE_OBJECT diff -Nru udisks2-1.97.0/NEWS udisks2-1.98.0/NEWS --- udisks2-1.97.0/NEWS 2012-05-09 17:56:39.000000000 +0000 +++ udisks2-1.98.0/NEWS 2012-06-07 18:36:11.000000000 +0000 @@ -1,4 +1,45 @@ ------------ +udisks 1.98.0 +------------ + +The udisks project provides a daemon, tools and libraries to access +and manipulate disks and storage devices. + +Changes since udisks 1.97.0: + +David Zeuthen (15): + Post-release version bump to 1.98.0 + udisksctl: add 'smart-simulate' verb + udisksctl: describe 'loop-setup' and 'loop-delete' verbs + Call it "Disk Manager" and reword some sections of udisks(8) man page + Bug 49842 – Unhandled rootfs on bind mount + Drive: Refuse to eject drives that appear to be in use + Add some documentation about polkit variables + Rename current polkit variables and also add some new ones + Move table with polkit variables to the "Authorization Checks" chapter + If a block device has ID_PATH set, consider it to be a drive + Use "device" instead of "block_device" in the polkit variables + Add id.* and partition.* polkit variables + Rework part of the polkit variable documentation + udisksd: work if polkitd is not available + Update NEWS for release + +Martin Pitt (8): + integration tests: Update expected mount points + integration tests: Suspend gvfs-udisks2-volume-monitor + integration-test: Update expected exception names + integration-test: Mitigate race after mounting + Wait for the correct device after formatting + integration-test: Update expected Luks mount points + integration-test: Quiesce wipefs output + integration-test: Run on temporary local DBus + +Thanks to all our contributors. + +David Zeuthen, +June 7, 2012 + +------------ udisks 1.97.0 ------------ diff -Nru udisks2-1.97.0/src/udisksdaemon.c udisks2-1.98.0/src/udisksdaemon.c --- udisks2-1.97.0/src/udisksdaemon.c 2012-05-04 20:48:27.000000000 +0000 +++ udisks2-1.98.0/src/udisksdaemon.c 2012-06-07 15:46:30.000000000 +0000 @@ -67,6 +67,7 @@ UDisksLinuxProvider *linux_provider; + /* may be NULL if polkit is masked */ PolkitAuthority *authority; UDisksCleanup *cleanup; @@ -101,7 +102,7 @@ udisks_cleanup_stop (daemon->cleanup); g_object_unref (daemon->cleanup); - g_object_unref (daemon->authority); + g_clear_object (&daemon->authority); g_object_unref (daemon->persistent_store); g_object_unref (daemon->object_manager); g_object_unref (daemon->linux_provider); @@ -195,7 +196,7 @@ daemon->authority = polkit_authority_get_sync (NULL, &error); if (daemon->authority == NULL) { - udisks_error ("Error initializing PolicyKit authority: %s (%s, %d)", + udisks_error ("Error initializing polkit authority: %s (%s, %d)", error->message, g_quark_to_string (error->domain), error->code); g_error_free (error); } @@ -433,7 +434,9 @@ * * Gets the PolicyKit authority used by @daemon. * - * Returns: A #PolkitAuthority instance. Do not free, the object is owned by @daemon. + * Returns: A #PolkitAuthority instance or %NULL if the polkit + * authority is not available. Do not free, the object is owned by + * @daemon. */ PolkitAuthority * udisks_daemon_get_authority (UDisksDaemon *daemon) diff -Nru udisks2-1.97.0/src/udisksdaemonutil.c udisks2-1.98.0/src/udisksdaemonutil.c --- udisks2-1.97.0/src/udisksdaemonutil.c 2012-05-04 18:57:50.000000000 +0000 +++ udisks2-1.98.0/src/udisksdaemonutil.c 2012-06-07 15:46:30.000000000 +0000 @@ -21,6 +21,8 @@ #include "config.h" #include +#include + #include #include #include @@ -398,12 +400,86 @@ return ret; } +/* Need this until we can depend on a libpolkit with this bugfix + * + * http://cgit.freedesktop.org/polkit/commit/?h=wip/js-rule-files&id=224f7b892478302dccbe7e567b013d3c73d376fd + */ +static void +_safe_polkit_details_insert (PolkitDetails *details, const gchar *key, const gchar *value) +{ + if (value != NULL && strlen (value) > 0) + polkit_details_insert (details, key, value); +} + +static void +_safe_polkit_details_insert_int (PolkitDetails *details, const gchar *key, gint value) +{ + gchar buf[32]; + snprintf (buf, sizeof buf, "%d", value); + polkit_details_insert (details, key, buf); +} + +static void +_safe_polkit_details_insert_uint64 (PolkitDetails *details, const gchar *key, guint64 value) +{ + gchar buf[32]; + snprintf (buf, sizeof buf, "0x%08llx", (unsigned long long int) value); + polkit_details_insert (details, key, buf); +} + +static gboolean +check_authorization_no_polkit (UDisksDaemon *daemon, + UDisksObject *object, + const gchar *action_id, + GVariant *options, + const gchar *message, + GDBusMethodInvocation *invocation) +{ + gboolean ret = FALSE; + uid_t caller_uid = -1; + GError *error = NULL; + + if (!udisks_daemon_util_get_caller_uid_sync (daemon, + invocation, + NULL, /* GCancellable* */ + &caller_uid, + NULL, /* gid_t *out_gid */ + NULL, /* gchar **out_user_name */ + &error)) + { + g_dbus_method_invocation_return_error (invocation, + UDISKS_ERROR, + UDISKS_ERROR_FAILED, + "Error getting uid for caller with bus name %s: %s (%s, %d)", + g_dbus_method_invocation_get_sender (invocation), + error->message, g_quark_to_string (error->domain), error->code); + g_clear_error (&error); + goto out; + } + + /* only allow root */ + if (caller_uid == 0) + { + ret = TRUE; + } + else + { + g_dbus_method_invocation_return_error_literal (invocation, + UDISKS_ERROR, + UDISKS_ERROR_NOT_AUTHORIZED, + "Not authorized to perform operation (polkit authority not available and caller is not uid 0)"); + } + + out: + return ret; +} + /** * udisks_daemon_util_check_authorization_sync: * @daemon: A #UDisksDaemon. * @object: (allow-none): The #GDBusObject that the call is on or %NULL. * @action_id: The action id to check for. - * @options: (allow-none): A #GVariant to check for the auth.no_user_interaction option or %NULL. + * @options: (allow-none): A #GVariant to check for the auth.no_user_interaction option or %NULL. * @message: The message to convey (use N_). * @invocation: The invocation to check for. * @@ -413,13 +489,24 @@ * authorized, the appropriate error is already returned to the caller * via @invocation. * - * The calling thread is blocked for the duration of the - * authentication which may be a very long time unless - * @auth_no_user_interaction is %TRUE. - * - * The follow variables can be used in @message - * - * - udisks2.device - If @object has a #UDisksBlock interface, this property is set to the value of the #UDisksBlock::preferred-device property. + * The calling thread is blocked for the duration of the authorization + * check which could be a very long time since it may involve + * presenting an authentication dialog and having a human user use + * it. If auth.no_user_interaction in @options is %TRUE + * no authentication dialog will be presented and the check is not + * expected to take a long time. + * + * See for the variables that + * can be used in @message but note that not all variables can be used + * in all checks. For example, any check involving a #UDisksDrive or a + * #UDisksBlock object can safely include the fragment + * $(drive) since it will always expand to the name of + * the drive, e.g. INTEL SSDSA2MH080G1GC (/dev/sda1) or + * the block device file e.g. /dev/vg_lucifer/lv_root + * or /dev/sda1. However this won't work for operations + * that isn't on a drive or block device, for example calls on the + * Manager + * object. * * Returns: %TRUE if caller is authorized, %FALSE if not. */ @@ -431,6 +518,7 @@ const gchar *message, GDBusMethodInvocation *invocation) { + PolkitAuthority *authority = NULL; PolkitSubject *subject = NULL; PolkitDetails *details = NULL; PolkitCheckAuthorizationFlags flags = POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE; @@ -439,10 +527,19 @@ gboolean ret = FALSE; UDisksBlock *block = NULL; UDisksDrive *drive = NULL; + UDisksPartition *partition = NULL; UDisksObject *block_object = NULL; UDisksObject *drive_object = NULL; gboolean auth_no_user_interaction = FALSE; - gchar *details_udisks2_device = NULL; + const gchar *details_device = NULL; + gchar *details_drive = NULL; + + authority = udisks_daemon_get_authority (daemon); + if (authority == NULL) + { + ret = check_authorization_no_polkit (daemon, object, action_id, options, message, invocation); + goto out; + } subject = polkit_system_bus_name_new (g_dbus_method_invocation_get_sender (invocation)); if (options != NULL) @@ -470,8 +567,13 @@ if (drive_object != NULL) drive = udisks_object_get_drive (drive_object); } + + partition = udisks_object_get_partition (object); } + if (block != NULL) + details_device = udisks_block_get_preferred_device (block); + /* If we have a drive, use vendor/model in the message (in addition to Block:preferred-device) */ if (drive != NULL) { @@ -495,25 +597,53 @@ if (block != NULL) { - details_udisks2_device = g_strdup_printf ("%s (%s)", s, udisks_block_get_preferred_device (block)); + details_drive = g_strdup_printf ("%s (%s)", s, udisks_block_get_preferred_device (block)); } else { - details_udisks2_device = s; + details_drive = s; s = NULL; } g_free (s); + + _safe_polkit_details_insert (details, "drive.wwn", udisks_drive_get_wwn (drive)); + _safe_polkit_details_insert (details, "drive.serial", udisks_drive_get_serial (drive)); + _safe_polkit_details_insert (details, "drive.vendor", udisks_drive_get_vendor (drive)); + _safe_polkit_details_insert (details, "drive.model", udisks_drive_get_model (drive)); + _safe_polkit_details_insert (details, "drive.revision", udisks_drive_get_revision (drive)); + if (udisks_drive_get_removable (drive)) + polkit_details_insert (details, "drive.removable", "true"); + } + + if (block != NULL) + { + _safe_polkit_details_insert (details, "id.type", udisks_block_get_id_type (block)); + _safe_polkit_details_insert (details, "id.usage", udisks_block_get_id_usage (block)); + _safe_polkit_details_insert (details, "id.version", udisks_block_get_id_version (block)); + _safe_polkit_details_insert (details, "id.label", udisks_block_get_id_label (block)); + _safe_polkit_details_insert (details, "id.uuid", udisks_block_get_id_uuid (block)); + } + + if (partition != NULL) + { + _safe_polkit_details_insert_int (details, "partition.number", udisks_partition_get_number (partition)); + _safe_polkit_details_insert (details, "partition.type", udisks_partition_get_type_ (partition)); + _safe_polkit_details_insert_uint64 (details, "partition.flags", udisks_partition_get_flags (partition)); + _safe_polkit_details_insert (details, "partition.name", udisks_partition_get_name (partition)); + _safe_polkit_details_insert (details, "partition.uuid", udisks_partition_get_uuid (partition)); } /* Fall back to Block:preferred-device */ - if (details_udisks2_device == NULL && block != NULL) - details_udisks2_device = udisks_block_dup_preferred_device (block); + if (details_drive == NULL && block != NULL) + details_drive = udisks_block_dup_preferred_device (block); - if (details_udisks2_device != NULL) - polkit_details_insert (details, "udisks2.device", details_udisks2_device); + if (details_device != NULL) + polkit_details_insert (details, "device", details_device); + if (details_drive != NULL) + polkit_details_insert (details, "drive", details_drive); error = NULL; - result = polkit_authority_check_authorization_sync (udisks_daemon_get_authority (daemon), + result = polkit_authority_check_authorization_sync (authority, subject, action_id, details, @@ -552,10 +682,11 @@ ret = TRUE; out: - g_free (details_udisks2_device); + g_free (details_drive); g_clear_object (&block_object); g_clear_object (&drive_object); g_clear_object (&block); + g_clear_object (&partition); g_clear_object (&drive); g_clear_object (&subject); g_clear_object (&details); diff -Nru udisks2-1.97.0/src/udiskslinuxblock.c udisks2-1.98.0/src/udiskslinuxblock.c --- udisks2-1.97.0/src/udiskslinuxblock.c 2012-05-04 20:59:18.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxblock.c 2012-06-07 15:46:30.000000000 +0000 @@ -1880,10 +1880,10 @@ * device. This includes both creating a filesystem or partition * table. * - * Do not translate $(udisks2.device), it's a placeholder and will + * Do not translate $(drive), it's a placeholder and will * be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to format $(udisks2.device)"); + message = N_("Authentication is required to format $(drive)"); action_id = "org.freedesktop.udisks2.modify-device"; if (udisks_block_get_hint_system (block)) { @@ -2104,6 +2104,7 @@ * trigger an event here */ udisks_linux_block_object_trigger_uevent (UDISKS_LINUX_BLOCK_OBJECT (object_to_mkfs)); + wait_data->object = object_to_mkfs; if (udisks_daemon_wait_for_object_sync (daemon, wait_for_filesystem, wait_data, @@ -2243,10 +2244,10 @@ /* Translators: Shown in authentication dialog when creating a * disk image file. * - * Do not translate $(udisks2.device), it's a placeholder and will + * Do not translate $(drive), it's a placeholder and will * be replaced by the name of the drive/device in question */ - N_("Authentication is required to open $(udisks2.device) for reading"), + N_("Authentication is required to open $(drive) for reading"), invocation)) goto out; @@ -2307,10 +2308,10 @@ /* Translators: Shown in authentication dialog when restoring * from a disk image file. * - * Do not translate $(udisks2.device), it's a placeholder and will + * Do not translate $(drive), it's a placeholder and will * be replaced by the name of the drive/device in question */ - N_("Authentication is required to open $(udisks2.device) for writing"), + N_("Authentication is required to open $(drive) for writing"), invocation)) goto out; diff -Nru udisks2-1.97.0/src/udiskslinuxdriveata.c udisks2-1.98.0/src/udiskslinuxdriveata.c --- udisks2-1.97.0/src/udiskslinuxdriveata.c 2012-04-27 16:07:27.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxdriveata.c 2012-05-23 17:12:49.000000000 +0000 @@ -581,6 +581,8 @@ gboolean nowakeup = FALSE; const gchar *atasmart_blob = NULL; GError *error; + const gchar *message; + const gchar *action_id; daemon = NULL; @@ -606,42 +608,28 @@ g_variant_lookup (options, "nowakeup", "b", &nowakeup); g_variant_lookup (options, "atasmart_blob", "s", &atasmart_blob); + /* Translators: Shown in authentication dialog when the user + * refreshes SMART data from a disk. + * + * Do not translate $(drive), it's a placeholder and + * will be replaced by the name of the drive/device in question + */ + message = N_("Authentication is required to update SMART data from $(drive)"); + action_id = "org.freedesktop.udisks2.ata-smart-update"; + if (atasmart_blob != NULL) { - uid_t caller_uid; - error = NULL; - if (!udisks_daemon_util_get_caller_uid_sync (daemon, invocation, NULL /* GCancellable */, &caller_uid, NULL, NULL, &error)) - { - g_dbus_method_invocation_return_gerror (invocation, error); - g_error_free (error); - goto out; - } - if (caller_uid != 0) - { - g_dbus_method_invocation_return_error (invocation, - UDISKS_ERROR, - UDISKS_ERROR_FAILED, - "Only root can update SMART data from a blob"); - goto out; - } + /* Translators: Shown in authentication dialog when the user + * tries to simulate SMART data from a libatasmart blob. + * + * Do not translate $(drive), it's a placeholder and + * will be replaced by the name of the drive/device in question + */ + message = N_("Authentication is required to set SMART data from a blob on $(drive)"); + action_id = "org.freedesktop.udisks2.ata-smart-simulate"; } else { - /* Check that the user is actually authorized */ - if (!udisks_daemon_util_check_authorization_sync (daemon, - UDISKS_OBJECT (block_object), - "org.freedesktop.udisks2.ata-smart-update", - options, - /* Translators: Shown in authentication dialog when the user - * refreshes SMART data from a disk. - * - * Do not translate $(udisks2.device), it's a placeholder and - * will be replaced by the name of the drive/device in question - */ - N_("Authentication is required to update SMART data from $(udisks2.device)"), - invocation)) - goto out; - if (!udisks_drive_ata_get_smart_supported (UDISKS_DRIVE_ATA (drive))) { g_dbus_method_invocation_return_error (invocation, @@ -661,6 +649,15 @@ } } + /* Check that the user is authorized */ + if (!udisks_daemon_util_check_authorization_sync (daemon, + UDISKS_OBJECT (block_object), + action_id, + options, + message, + invocation)) + goto out; + error = NULL; if (!udisks_linux_drive_ata_refresh_smart_sync (drive, nowakeup, @@ -759,10 +756,10 @@ /* Translators: Shown in authentication dialog when the user * aborts a running SMART self-test. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to abort a SMART self-test on $(udisks2.device)"), + N_("Authentication is required to abort a SMART self-test on $(drive)"), invocation)) goto out; @@ -956,10 +953,10 @@ /* Translators: Shown in authentication dialog when the user * initiates a SMART self-test. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to start a SMART self-test on $(udisks2.device)"), + N_("Authentication is required to start a SMART self-test on $(drive)"), invocation)) goto out; diff -Nru udisks2-1.97.0/src/udiskslinuxdrive.c udisks2-1.98.0/src/udiskslinuxdrive.c --- udisks2-1.97.0/src/udiskslinuxdrive.c 2012-04-27 16:08:09.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxdrive.c 2012-05-23 17:11:06.000000000 +0000 @@ -706,17 +706,25 @@ } daemon = udisks_linux_drive_object_get_daemon (object); - block_object = udisks_linux_drive_object_get_block (object, TRUE); + block_object = udisks_linux_drive_object_get_block (object, FALSE); if (block_object == NULL) { g_dbus_method_invocation_return_error (invocation, UDISKS_ERROR, UDISKS_ERROR_FAILED, - "Unable to find physical block device for drive"); + "Unable to find block device for drive"); goto out; } block = udisks_object_peek_block (UDISKS_OBJECT (block_object)); + /* refuse to eject if drive appears to be in use */ + if (!udisks_linux_drive_object_is_not_in_use (object, NULL, &error)) + { + g_prefix_error (&error, "Cannot eject drive in use: "); + g_dbus_method_invocation_take_error (invocation, error); + goto out; + } + error = NULL; if (!udisks_daemon_util_get_caller_pid_sync (daemon, invocation, @@ -732,10 +740,10 @@ /* Translators: Shown in authentication dialog when the user * requests ejecting media from a drive. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to eject $(udisks2.device)"); + message = N_("Authentication is required to eject $(drive)"); action_id = "org.freedesktop.udisks2.eject-media"; if (udisks_block_get_hint_system (block)) { diff -Nru udisks2-1.97.0/src/udiskslinuxdriveobject.c udisks2-1.98.0/src/udiskslinuxdriveobject.c --- udisks2-1.97.0/src/udiskslinuxdriveobject.c 2012-04-20 21:35:13.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxdriveobject.c 2012-06-05 18:59:27.000000000 +0000 @@ -665,17 +665,17 @@ static gchar * check_for_vpd (GUdevDevice *device) { - gchar *ret; + gchar *ret = NULL; const gchar *serial; const gchar *wwn; + const gchar *path; g_return_val_if_fail (G_UDEV_IS_DEVICE (device), FALSE); - ret = NULL; - - /* prefer WWN to serial */ + /* order of preference: WWN, serial, path */ serial = g_udev_device_get_property (device, "ID_SERIAL"); wwn = g_udev_device_get_property (device, "ID_WWN_WITH_EXTENSION"); + path = g_udev_device_get_property (device, "ID_PATH"); if (wwn != NULL && strlen (wwn) > 0) { ret = g_strdup (wwn); @@ -684,6 +684,10 @@ { ret = g_strdup (serial); } + else if (path != NULL && strlen (path) > 0) + { + ret = g_strdup (path); + } return ret; } @@ -881,3 +885,106 @@ out: return ret; } + +static gboolean +is_block_unlocked (GList *objects, const gchar *crypto_object_path) +{ + gboolean ret = FALSE; + GList *l; + for (l = objects; l != NULL; l = l->next) + { + UDisksObject *object = UDISKS_OBJECT (l->data); + UDisksBlock *block; + block = udisks_object_peek_block (object); + if (block != NULL) + { + if (g_strcmp0 (udisks_block_get_crypto_backing_device (block), crypto_object_path) == 0) + { + ret = TRUE; + goto out; + } + } + } + out: + return ret; +} + +/** + * udisks_linux_drive_object_is_not_in_use: + * @object: A #UDisksLinuxDriveObject. + * @cancellable: (allow-none): A #GCancellable or %NULL. + * @error: A #GError or %NULL. + * + * Checks if the drive represented by @object is in use and sets + * @error if so. + * + * Returns: %TRUE if @object is not is use, %FALSE if @error is set. + */ +gboolean +udisks_linux_drive_object_is_not_in_use (UDisksLinuxDriveObject *object, + GCancellable *cancellable, + GError **error) +{ + GDBusObjectManagerServer *object_manager; + const gchar *drive_object_path; + gboolean ret = TRUE; + GList *objects = NULL; + GList *l; + + g_return_val_if_fail (UDISKS_IS_LINUX_DRIVE_OBJECT (object), FALSE); + g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); + g_return_val_if_fail (error == NULL || *error == NULL, FALSE); + + drive_object_path = g_dbus_object_get_object_path (G_DBUS_OBJECT (object)); + + object_manager = udisks_daemon_get_object_manager (object->daemon); + objects = g_dbus_object_manager_get_objects (G_DBUS_OBJECT_MANAGER (object_manager)); + + /* Visit all block devices related to the drive... */ + for (l = objects; l != NULL; l = l->next) + { + GDBusObjectSkeleton *iter_object = G_DBUS_OBJECT_SKELETON (l->data); + UDisksBlock *block; + UDisksFilesystem *filesystem; + + if (!UDISKS_IS_LINUX_BLOCK_OBJECT (iter_object)) + continue; + + block = udisks_object_peek_block (UDISKS_OBJECT (iter_object)); + filesystem = udisks_object_peek_filesystem (UDISKS_OBJECT (iter_object)); + + if (g_strcmp0 (udisks_block_get_drive (block), drive_object_path) != 0) + continue; + + /* bail if block device is mounted */ + if (filesystem != NULL) + { + if (g_strv_length ((gchar **) udisks_filesystem_get_mount_points (filesystem)) > 0) + { + g_set_error (error, + UDISKS_ERROR, + UDISKS_ERROR_DEVICE_BUSY, + "Device %s is mounted", + udisks_block_get_preferred_device (block)); + ret = FALSE; + goto out; + } + } + + /* bail if block device is unlocked (LUKS) */ + if (is_block_unlocked (objects, g_dbus_object_get_object_path (G_DBUS_OBJECT (iter_object)))) + { + g_set_error (error, + UDISKS_ERROR, + UDISKS_ERROR_DEVICE_BUSY, + "Encrypted device %s is unlocked", + udisks_block_get_preferred_device (block)); + ret = FALSE; + goto out; + } + } + + out: + g_list_free_full (objects, g_object_unref); + return ret; +} diff -Nru udisks2-1.97.0/src/udiskslinuxdriveobject.h udisks2-1.98.0/src/udiskslinuxdriveobject.h --- udisks2-1.97.0/src/udiskslinuxdriveobject.h 2011-08-26 17:12:31.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxdriveobject.h 2012-05-15 14:47:22.000000000 +0000 @@ -48,6 +48,10 @@ GCancellable *cancellable, GError **error); +gboolean udisks_linux_drive_object_is_not_in_use (UDisksLinuxDriveObject *object, + GCancellable *cancellable, + GError **error); + gboolean udisks_linux_drive_object_should_include_device (GUdevClient *client, GUdevDevice *device, gchar **out_vpd); diff -Nru udisks2-1.97.0/src/udiskslinuxencrypted.c udisks2-1.98.0/src/udiskslinuxencrypted.c --- udisks2-1.97.0/src/udiskslinuxencrypted.c 2012-05-04 20:36:31.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxencrypted.c 2012-05-23 17:12:02.000000000 +0000 @@ -346,10 +346,10 @@ /* Translators: Shown in authentication dialog when the user * requests unlocking an encrypted device. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to unlock the encrypted device $(udisks2.device)"); + message = N_("Authentication is required to unlock the encrypted device $(drive)"); if (!udisks_daemon_util_setup_by_user (daemon, object, caller_uid)) { if (is_in_crypttab && has_option (crypttab_options, "x-udisks-auth")) @@ -577,10 +577,10 @@ * requests locking an encrypted device that was previously. * unlocked by another user. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to lock the encrypted device $(udisks2.device) unlocked by another user"), + N_("Authentication is required to lock the encrypted device $(drive) unlocked by another user"), invocation)) goto out; } @@ -698,10 +698,10 @@ /* Translators: Shown in authentication dialog when the user * requests unlocking an encrypted device. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to unlock the encrypted device $(udisks2.device)"), + N_("Authentication is required to unlock the encrypted device $(drive)"), invocation)) goto out; diff -Nru udisks2-1.97.0/src/udiskslinuxfilesystem.c udisks2-1.98.0/src/udiskslinuxfilesystem.c --- udisks2-1.97.0/src/udiskslinuxfilesystem.c 2012-05-04 23:30:24.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxfilesystem.c 2012-05-23 17:11:03.000000000 +0000 @@ -1216,10 +1216,10 @@ /* Translators: Shown in authentication dialog when the user * requests mounting a filesystem. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to mount $(udisks2.device)"); + message = N_("Authentication is required to mount $(drive)"); if (!udisks_daemon_util_setup_by_user (daemon, object, caller_uid)) { if (udisks_block_get_hint_system (block)) @@ -1281,13 +1281,13 @@ * user requests mounting a filesystem that is in * /etc/fstab file with the x-udisks-auth option. * - * Do not translate $(udisks2.device), it's a + * Do not translate $(drive), it's a * placeholder and will be replaced by the name of * the drive/device in question * * Do not translate /etc/fstab */ - N_("Authentication is required to mount $(udisks2.device) referenced in the /etc/fstab file"), + N_("Authentication is required to mount $(drive) referenced in the /etc/fstab file"), invocation)) goto out; mount_fstab_as_root = TRUE; @@ -1377,10 +1377,10 @@ /* Translators: Shown in authentication dialog when the user * requests mounting a filesystem. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to mount $(udisks2.device)"); + message = N_("Authentication is required to mount $(drive)"); if (!udisks_daemon_util_setup_by_user (daemon, object, caller_uid)) { if (udisks_block_get_hint_system (block)) @@ -1626,13 +1626,13 @@ * user requests unmounting a filesystem that is in * /etc/fstab file with the x-udisks-auth option. * - * Do not translate $(udisks2.device), it's a + * Do not translate $(drive), it's a * placeholder and will be replaced by the name of * the drive/device in question * * Do not translate /etc/fstab */ - N_("Authentication is required to unmount $(udisks2.device) referenced in the /etc/fstab file"), + N_("Authentication is required to unmount $(drive) referenced in the /etc/fstab file"), invocation)) goto out; unmount_fstab_as_root = TRUE; @@ -1676,10 +1676,10 @@ * requests unmounting a filesystem previously mounted by * another user. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to unmount $(udisks2.device) mounted by another user"); + message = N_("Authentication is required to unmount $(drive) mounted by another user"); if (!udisks_daemon_util_check_authorization_sync (daemon, object, @@ -1894,10 +1894,10 @@ /* Translators: Shown in authentication dialog when the user * requests changing the filesystem label. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to change the filesystem label on $(udisks2.device)"); + message = N_("Authentication is required to change the filesystem label on $(drive)"); if (udisks_block_get_hint_system (block)) { action_id = "org.freedesktop.udisks2.modify-device-system"; diff -Nru udisks2-1.97.0/src/udiskslinuxloop.c udisks2-1.98.0/src/udiskslinuxloop.c --- udisks2-1.97.0/src/udiskslinuxloop.c 2012-05-09 17:30:34.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxloop.c 2012-05-23 17:12:36.000000000 +0000 @@ -238,10 +238,10 @@ * requests deleting a loop device previously set up by * another user. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to delete the loop device $(udisks2.device)"), + N_("Authentication is required to delete the loop device $(drive)"), invocation)) goto out; } @@ -416,10 +416,10 @@ * requests changing autoclear on a loop device set up by * another user. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to modify the loop device $(udisks2.device)"), + N_("Authentication is required to modify the loop device $(drive)"), invocation)) goto out; } diff -Nru udisks2-1.97.0/src/udiskslinuxpartition.c udisks2-1.98.0/src/udiskslinuxpartition.c --- udisks2-1.97.0/src/udiskslinuxpartition.c 2012-04-27 16:18:45.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxpartition.c 2012-05-23 17:10:52.000000000 +0000 @@ -259,10 +259,10 @@ /* Translators: Shown in authentication dialog when the user * requests modifying a partition (changing type, flags, name etc.). * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to modify the partition on device $(udisks2.device)"); + message = N_("Authentication is required to modify the partition on device $(drive)"); if (udisks_block_get_hint_system (block)) { action_id = "org.freedesktop.udisks2.modify-device-system"; @@ -404,10 +404,10 @@ /* Translators: Shown in authentication dialog when the user * requests modifying a partition (changing type, flags, name etc.). * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to modify the partition on device $(udisks2.device)"); + message = N_("Authentication is required to modify the partition on device $(drive)"); if (udisks_block_get_hint_system (block)) { action_id = "org.freedesktop.udisks2.modify-device-system"; @@ -586,10 +586,10 @@ /* Translators: Shown in authentication dialog when the user * requests modifying a partition (changing type, flags, name etc.). * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to modify the partition on device $(udisks2.device)"); + message = N_("Authentication is required to modify the partition on device $(drive)"); if (udisks_block_get_hint_system (block)) { action_id = "org.freedesktop.udisks2.modify-device-system"; @@ -759,10 +759,10 @@ /* Translators: Shown in authentication dialog when the user * requests deleting a partition. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to delete the partition $(udisks2.device)"); + message = N_("Authentication is required to delete the partition $(drive)"); if (udisks_block_get_hint_system (block)) { action_id = "org.freedesktop.udisks2.modify-device-system"; diff -Nru udisks2-1.97.0/src/udiskslinuxpartitiontable.c udisks2-1.98.0/src/udiskslinuxpartitiontable.c --- udisks2-1.97.0/src/udiskslinuxpartitiontable.c 2012-05-04 20:39:56.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxpartitiontable.c 2012-05-23 17:11:52.000000000 +0000 @@ -326,10 +326,10 @@ /* Translators: Shown in authentication dialog when the user * requests creating a new partition. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - message = N_("Authentication is required to create a partition on $(udisks2.device)"); + message = N_("Authentication is required to create a partition on $(drive)"); if (udisks_block_get_hint_system (block)) { action_id = "org.freedesktop.udisks2.modify-device-system"; diff -Nru udisks2-1.97.0/src/udiskslinuxswapspace.c udisks2-1.98.0/src/udiskslinuxswapspace.c --- udisks2-1.97.0/src/udiskslinuxswapspace.c 2012-04-27 16:19:38.000000000 +0000 +++ udisks2-1.98.0/src/udiskslinuxswapspace.c 2012-05-23 17:10:45.000000000 +0000 @@ -179,10 +179,10 @@ /* Translators: Shown in authentication dialog when the user * requests activating a swap device. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to activate swapspace on $(udisks2.device)"), + N_("Authentication is required to activate swapspace on $(drive)"), invocation)) goto out; @@ -253,10 +253,10 @@ /* Translators: Shown in authentication dialog when the user * requests deactivating a swap device. * - * Do not translate $(udisks2.device), it's a placeholder and + * Do not translate $(drive), it's a placeholder and * will be replaced by the name of the drive/device in question */ - N_("Authentication is required to deactivate swapspace on $(udisks2.device)"), + N_("Authentication is required to deactivate swapspace on $(drive)"), invocation)) goto out; diff -Nru udisks2-1.97.0/src/udisksmountmonitor.c udisks2-1.98.0/src/udisksmountmonitor.c --- udisks2-1.97.0/src/udisksmountmonitor.c 2012-03-13 21:42:35.000000000 +0000 +++ udisks2-1.98.0/src/udisksmountmonitor.c 2012-05-15 14:16:34.000000000 +0000 @@ -433,10 +433,6 @@ continue; } - /* ignore mounts where only a subtree of a filesystem is mounted */ - if (g_strcmp0 (encoded_root, "/") != 0) - continue; - /* Temporary work-around for btrfs, see * * https://bugzilla.redhat.com/show_bug.cgi?id=495152#c31 diff -Nru udisks2-1.97.0/tools/udisksctl.c udisks2-1.98.0/tools/udisksctl.c --- udisks2-1.97.0/tools/udisksctl.c 2012-05-04 23:30:24.000000000 +0000 +++ udisks2-1.98.0/tools/udisksctl.c 2012-05-13 16:12:03.000000000 +0000 @@ -1728,6 +1728,287 @@ /* ---------------------------------------------------------------------------------------------------- */ +static gchar *opt_smart_simulate_file = NULL; +static gchar *opt_smart_simulate_object_path = NULL; +static gchar *opt_smart_simulate_device = NULL; +static gboolean opt_smart_simulate_no_user_interaction = FALSE; + +static const GOptionEntry command_smart_simulate_entries[] = +{ + { + "file", + 'f', + 0, + G_OPTION_ARG_FILENAME, + &opt_smart_simulate_file, + "File with libatasmart blob", + NULL + }, + { + "object-path", + 'p', + 0, + G_OPTION_ARG_STRING, + &opt_smart_simulate_object_path, + "Object path for ATA device", + NULL + }, + { + "block-device", + 'b', + 0, + G_OPTION_ARG_STRING, + &opt_smart_simulate_device, + "Device file for ATA device", + NULL + }, + { + "no-user-interaction", + 0, /* no short option */ + 0, + G_OPTION_ARG_NONE, + &opt_smart_simulate_no_user_interaction, + "Do not authenticate the user if needed", + NULL + }, + { + NULL + } +}; + +static gint +handle_command_smart_simulate (gint *argc, + gchar **argv[], + gboolean request_completion, + const gchar *completion_cur, + const gchar *completion_prev) +{ + gint ret; + GOptionContext *o; + gchar *s; + gboolean complete_objects; + gboolean complete_devices; + gboolean complete_files; + GList *l; + GList *objects; + UDisksObject *object; + UDisksDriveAta *ata; + guint n; + GVariant *options; + GVariantBuilder builder; + GError *error; + + ret = 1; + opt_smart_simulate_object_path = NULL; + opt_smart_simulate_device = NULL; + object = NULL; + options = NULL; + + modify_argv0_for_command (argc, argv, "smart-simulate"); + + o = g_option_context_new (NULL); + if (request_completion) + g_option_context_set_ignore_unknown_options (o, TRUE); + g_option_context_set_help_enabled (o, FALSE); + g_option_context_set_summary (o, "Set SMART data for drive."); + g_option_context_add_main_entries (o, + command_smart_simulate_entries, + NULL /* GETTEXT_PACKAGE*/); + + complete_objects = FALSE; + if (request_completion && (g_strcmp0 (completion_prev, "--object-path") == 0 || g_strcmp0 (completion_prev, "-p") == 0)) + { + complete_objects = TRUE; + remove_arg ((*argc) - 1, argc, argv); + } + + complete_devices = FALSE; + if (request_completion && (g_strcmp0 (completion_prev, "--block-device") == 0 || g_strcmp0 (completion_prev, "-b") == 0)) + { + complete_devices = TRUE; + remove_arg ((*argc) - 1, argc, argv); + } + + complete_files = FALSE; + if (request_completion && (g_strcmp0 (completion_prev, "--file") == 0 || g_strcmp0 (completion_prev, "-f") == 0)) + { + complete_files = TRUE; + remove_arg ((*argc) - 1, argc, argv); + } + + if (!g_option_context_parse (o, argc, argv, NULL)) + { + if (!request_completion) + { + s = g_option_context_get_help (o, FALSE, NULL); + g_printerr ("%s", s); + g_free (s); + goto out; + } + } + + if (request_completion) + { + if (opt_smart_simulate_file == NULL && !complete_files && !complete_objects && !complete_devices) + { + g_print ("--file \n"); + } + + if (complete_files) + { + g_print ("@FILES@"); + goto out; + } + + if ((opt_smart_simulate_object_path == NULL && !complete_objects) && + (opt_smart_simulate_device == NULL && !complete_devices)) + { + g_print ("--object-path \n" + "--block-device \n"); + } + + if (complete_objects) + { + const gchar *object_path; + objects = g_dbus_object_manager_get_objects (udisks_client_get_object_manager (client)); + for (l = objects; l != NULL; l = l->next) + { + object = UDISKS_OBJECT (l->data); + ata = udisks_object_peek_drive_ata (object); + if (ata != NULL) + { + object_path = g_dbus_object_get_object_path (G_DBUS_OBJECT (object)); + g_assert (g_str_has_prefix (object_path, "/org/freedesktop/UDisks2/")); + g_print ("%s \n", object_path + sizeof ("/org/freedesktop/UDisks2/") - 1); + } + } + g_list_foreach (objects, (GFunc) g_object_unref, NULL); + g_list_free (objects); + } + + if (complete_devices) + { + objects = g_dbus_object_manager_get_objects (udisks_client_get_object_manager (client)); + for (l = objects; l != NULL; l = l->next) + { + object = UDISKS_OBJECT (l->data); + ata = udisks_object_peek_drive_ata (object); + if (ata != NULL) + { + const gchar * const *symlinks; + UDisksBlock *block; + block = udisks_client_get_block_for_drive (client, udisks_object_peek_drive (object), TRUE); + g_print ("%s \n", udisks_block_get_device (block)); + symlinks = udisks_block_get_symlinks (block); + for (n = 0; symlinks != NULL && symlinks[n] != NULL; n++) + g_print ("%s \n", symlinks[n]); + } + } + g_list_foreach (objects, (GFunc) g_object_unref, NULL); + g_list_free (objects); + } + goto out; + } + + if (opt_smart_simulate_file == NULL) + { + s = g_option_context_get_help (o, FALSE, NULL); + g_printerr ("%s", s); + g_free (s); + goto out; + } + + g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT); + if (opt_smart_simulate_no_user_interaction) + { + g_variant_builder_add (&builder, + "{sv}", + "auth.no_user_interaction", g_variant_new_boolean (TRUE)); + } + g_variant_builder_add (&builder, + "{sv}", + "atasmart_blob", g_variant_new_string (opt_smart_simulate_file)); + options = g_variant_builder_end (&builder); + g_variant_ref_sink (options); + + if (opt_smart_simulate_object_path != NULL) + { + object = lookup_object_by_path (opt_smart_simulate_object_path); + if (object == NULL) + { + g_printerr ("Error looking up object with path %s\n", opt_smart_simulate_object_path); + goto out; + } + } + else if (opt_smart_simulate_device != NULL) + { + UDisksObject *block_object; + UDisksDrive *drive; + block_object = lookup_object_by_device (opt_smart_simulate_device); + if (block_object == NULL) + { + g_printerr ("Error looking up object for device %s\n", opt_smart_simulate_device); + goto out; + } + drive = udisks_client_get_drive_for_block (client, udisks_object_peek_block (block_object)); + object = (UDisksObject *) g_dbus_interface_dup_object (G_DBUS_INTERFACE (drive)); + g_object_unref (block_object); + } + else + { + s = g_option_context_get_help (o, FALSE, NULL); + g_printerr ("%s", s); + g_free (s); + goto out; + } + + if (udisks_object_peek_drive_ata (object) == NULL) + { + g_printerr ("Device %s is not an ATA device\n", + udisks_block_get_device (udisks_object_peek_block (object))); + g_object_unref (object); + goto out; + } + + try_again: + error = NULL; + if (!udisks_drive_ata_call_smart_update_sync (udisks_object_peek_drive_ata (object), + options, + NULL, /* GCancellable */ + &error)) + { + if (error->domain == UDISKS_ERROR && + error->code == UDISKS_ERROR_NOT_AUTHORIZED_CAN_OBTAIN && + setup_local_polkit_agent ()) + { + g_error_free (error); + goto try_again; + } + g_dbus_error_strip_remote_error (error); + g_printerr ("Error updating SMART data: %s (%s, %d)\n", + error->message, g_quark_to_string (error->domain), error->code); + g_clear_error (&error); + g_object_unref (object); + goto out; + } + + g_object_unref (object); + + + ret = 0; + + out: + if (options != NULL) + g_variant_unref (options); + g_option_context_free (o); + g_free (opt_smart_simulate_file); + g_free (opt_smart_simulate_object_path); + g_free (opt_smart_simulate_device); + return ret; +} + +/* ---------------------------------------------------------------------------------------------------- */ + static gchar *opt_info_object = NULL; static gchar *opt_info_device = NULL; static gchar *opt_info_drive = NULL; @@ -2563,17 +2844,18 @@ g_option_context_parse (o, argc, argv, NULL); program_name = g_path_get_basename ((*argv)[0]); s = g_strdup_printf ("Commands:\n" - " help Shows this information\n" - " info Shows information about an object\n" - " dump Shows information about all objects\n" - " status Shows high-level status\n" - " monitor Monitor changes to objects\n" - " mount Mount a filesystem\n" - " unmount Unmount a filesystem\n" - " unlock Unlock an encrypted device\n" - " lock Lock an encrypted device\n" - " loop-setup Set-up a loop device\n" - " loop-delete Delete a loop device\n" + " help Shows this information\n" + " info Shows information about an object\n" + " dump Shows information about all objects\n" + " status Shows high-level status\n" + " monitor Monitor changes to objects\n" + " mount Mount a filesystem\n" + " unmount Unmount a filesystem\n" + " unlock Unlock an encrypted device\n" + " lock Lock an encrypted device\n" + " loop-setup Set-up a loop device\n" + " loop-delete Delete a loop device\n" + " smart-simulate Set SMART data for a drive\n" "\n" "Use \"%s COMMAND --help\" to get help on each command.\n", program_name); @@ -2762,6 +3044,15 @@ g_strcmp0 (command, "loop-setup") == 0); goto out; } + else if (g_strcmp0 (command, "smart-simulate") == 0) + { + ret = handle_command_smart_simulate (&argc, + &argv, + request_completion, + completion_cur, + completion_prev); + goto out; + } else if (g_strcmp0 (command, "dump") == 0) { ret = handle_command_dump (&argc, @@ -2865,6 +3156,7 @@ "unlock \n" "loop-setup \n" "loop-delete \n" + "smart-simulate \n" ); ret = 0; goto out;

`object` :	A UDisksLinuxDriveObject.
`cancellable` :	A GCancellable or `NULL`. [allow-none] +
`error` :	A GError or `NULL`.
Returns :	+`TRUE` if `object` is not is use, `FALSE` if `error` is set.

-D-Bus Interfaces

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Signals

Signals

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Properties

Properties

-Index

B

udisks

DESCRIPTION

DESCRIPTION

ACCESS CONTROL

ACCESS CONTROL

DEVICE INFORMATION

DEVICE INFORMATION

API STABILITY

API STABILITY

AUDIENCE

AUDIENCE

AUTHOR

AUTHOR

BUGS

BUGS

SEE ALSO

SEE ALSO

UDISKS_MINOR_VERSION

DESCRIPTION

DESCRIPTION

COMMANDS

COMMANDS

COMMON OPTIONS

COMMON OPTIONS

AUDIENCE

AUDIENCE

BASH COMPLETION

BASH COMPLETION

AUTHOR

AUTHOR

BUGS

BUGS

SEE ALSO

SEE ALSO

DESCRIPTION

DESCRIPTION

OPTIONS

OPTIONS

AUTHOR

AUTHOR

BUGS

BUGS

SEE ALSO

SEE ALSO

udisks_daemon_get_authority ()

udisks_linux_drive_object_is_not_in_use ()

Property Details