Top |
PolkitAuthorityFeatures | backend-features | Read |
char * | backend-name | Read |
char * | backend-version | Read |
char * | owner | Read |
GFlags ├── PolkitAuthorityFeatures ╰── PolkitCheckAuthorizationFlags GObject ╰── PolkitAuthority
PolkitAuthority is used for checking whether a given subject is authorized to perform a given action. Typically privileged system daemons or suid helpers will use this when handling requests from untrusted clients.
User sessions can register an authentication agent with the authority. This is used for requests from untrusted clients where system policy requires that the user needs to acknowledge (through proving he is the user or the administrator) a given action. See PolkitAgentListener and PolkitAgentSession for details.
void polkit_authority_get_async (GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously gets a reference to the authority.
This is an asynchronous failable function. When the result is
ready, callback
will be invoked in the polkit_authority_get_finish()
to get the result. See
polkit_authority_get_sync()
for the synchronous version.
PolkitAuthority * polkit_authority_get_finish (GAsyncResult *res
,GError **error
);
Finishes an operation started with polkit_authority_get_async()
.
res |
A GAsyncResult obtained from the GAsyncReadyCallback passed to |
|
error |
Return location for error or |
[allow-none] |
PolkitAuthority * polkit_authority_get_sync (GCancellable *cancellable
,GError **error
);
Synchronously gets a reference to the authority.
This is a synchronous failable function - the calling thread is
blocked until a reply is received. See polkit_authority_get_async()
for the asynchronous version.
PolkitAuthority *
polkit_authority_get (void
);
polkit_authority_get
is deprecated and should not be used in newly-written code.
(deprecated)
gchar *
polkit_authority_get_owner (PolkitAuthority *authority
);
The unique name on the system message bus of the owner of the name
org.freedesktop.PolicyKit1
or NULL
if no-one
currently owns the name. You may connect to the “notify”
signal to track changes to the “owner” property.
const gchar *
polkit_authority_get_backend_name (PolkitAuthority *authority
);
Gets the name of the authority backend.
const gchar *
polkit_authority_get_backend_version (PolkitAuthority *authority
);
Gets the version of the authority backend.
PolkitAuthorityFeatures
polkit_authority_get_backend_features (PolkitAuthority *authority
);
Gets the features supported by the authority backend.
void polkit_authority_check_authorization (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *action_id
,PolkitDetails *details
,PolkitCheckAuthorizationFlags flags
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously checks if subject
is authorized to perform the action represented
by action_id
.
Note that POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION
SHOULD be passed ONLY if
the event that triggered the authorization check is stemming from
an user action, e.g. the user pressing a button or attaching a
device.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_check_authorization_finish()
to get the result of
the operation.
Known keys in details
include polkit.message
and polkit.gettext_domain
that can be used to
override the message shown to the user. See the documentation for
the D-Bus method for more details.
If details
is non-empty then the request will fail with
POLKIT_ERROR_FAILED unless the process doing the check itsef is
sufficiently authorized (e.g. running as uid 0).
authority |
||
subject |
||
action_id |
The action to check for. |
|
details |
Details about the action or |
[allow-none] |
flags |
A set of PolkitCheckAuthorizationFlags. |
|
cancellable |
A GCancellable or |
[allow-none] |
callback |
A GAsyncReadyCallback to call when the request is satisfied. |
|
user_data |
The data to pass to |
PolkitAuthorizationResult * polkit_authority_check_authorization_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes checking if a subject is authorized for an action.
authority |
||
res |
A GAsyncResult obtained from the callback. |
|
error |
Return location for error or |
[allow-none] |
A PolkitAuthorizationResult or NULL
if
error
is set. Free with g_object_unref()
.
[transfer full]
PolkitAuthorizationResult * polkit_authority_check_authorization_sync (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *action_id
,PolkitDetails *details
,PolkitCheckAuthorizationFlags flags
,GCancellable *cancellable
,GError **error
);
Checks if subject
is authorized to perform the action represented
by action_id
.
Note that POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION
SHOULD be passed ONLY if
the event that triggered the authorization check is stemming from
an user action, e.g. the user pressing a button or attaching a
device.
Note the calling thread is blocked until a reply is received. You
should therefore NEVER do this from a GUI
thread or a daemon service thread when using the
POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION
flag. This
is because it may potentially take minutes (or even hours) for the
operation to complete because it involves waiting for the user to
authenticate.
Known keys in details
include polkit.message
and polkit.gettext_domain
that can be used to
override the message shown to the user. See the documentation for
the D-Bus method for more details.
authority |
||
subject |
||
action_id |
The action to check for. |
|
details |
Details about the action or |
[allow-none] |
flags |
A set of PolkitCheckAuthorizationFlags. |
|
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
A PolkitAuthorizationResult or NULL
if error
is set. Free with g_object_unref()
.
[transfer full]
void polkit_authority_enumerate_actions (PolkitAuthority *authority
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously retrieves all registered actions.
When the operation is finished, callback
will be invoked in the
from. You can then call polkit_authority_enumerate_actions_finish()
to get the result of the operation.
GList * polkit_authority_enumerate_actions_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes retrieving all registered actions.
authority |
||
res |
A GAsyncResult obtained from the callback. |
|
error |
Return location for error or |
[allow-none] |
A list of
PolkitActionDescription objects or NULL
if error
is set. The returned
list should be freed with g_list_free()
after each element have been freed
with g_object_unref()
.
[element-type Polkit.ActionDescription][transfer full]
GList * polkit_authority_enumerate_actions_sync (PolkitAuthority *authority
,GCancellable *cancellable
,GError **error
);
Synchronously retrieves all registered actions - the calling thread
is blocked until a reply is received. See
polkit_authority_enumerate_actions()
for the asynchronous version.
authority |
||
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
A list of
PolkitActionDescription or NULL
if error
is set. The returned list should
be freed with g_list_free()
after each element have been freed with
g_object_unref()
.
[element-type Polkit.ActionDescription][transfer full]
void polkit_authority_register_authentication_agent (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *locale
,const gchar *object_path
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously registers an authentication agent.
Note that this should be called by the same effective UID which will be
the real UID using the PolkitAgentSession API or otherwise calling
polkit_authority_authentication_agent_response()
.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_register_authentication_agent_finish()
to get the
result of the operation.
authority |
||
subject |
The subject the authentication agent is for, typically a PolkitUnixSession object. |
|
locale |
The locale of the authentication agent. |
|
object_path |
The object path for the authentication agent. |
|
cancellable |
A GCancellable or |
[allow-none] |
callback |
A GAsyncReadyCallback to call when the request is satisfied. |
|
user_data |
The data to pass to |
gboolean polkit_authority_register_authentication_agent_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes registering an authentication agent.
gboolean polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *locale
,const gchar *object_path
,GCancellable *cancellable
,GError **error
);
Registers an authentication agent.
Note that this should be called by the same effective UID which will be
the real UID using the PolkitAgentSession API or otherwise calling
polkit_authority_authentication_agent_response()
.
The calling thread is blocked
until a reply is received. See
polkit_authority_register_authentication_agent()
for the
asynchronous version.
authority |
||
subject |
The subject the authentication agent is for, typically a PolkitUnixSession object. |
|
locale |
The locale of the authentication agent. |
|
object_path |
The object path for the authentication agent. |
|
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
void polkit_authority_register_authentication_agent_with_options (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *locale
,const gchar *object_path
,GVariant *options
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously registers an authentication agent.
Note that this should be called by the same effective UID which will be
the real UID using the PolkitAgentSession API or otherwise calling
polkit_authority_authentication_agent_response()
.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_register_authentication_agent_with_options_finish()
to get the
result of the operation.
authority |
||
subject |
The subject the authentication agent is for, typically a PolkitUnixSession object. |
|
locale |
The locale of the authentication agent. |
|
object_path |
The object path for the authentication agent. |
|
options |
A GVariant with options or |
[allow-none] |
cancellable |
A GCancellable or |
[allow-none] |
callback |
A GAsyncReadyCallback to call when the request is satisfied. |
|
user_data |
The data to pass to |
gboolean polkit_authority_register_authentication_agent_with_options_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes registering an authentication agent.
gboolean polkit_authority_register_authentication_agent_with_options_sync (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *locale
,const gchar *object_path
,GVariant *options
,GCancellable *cancellable
,GError **error
);
Registers an authentication agent.
Note that this should be called by the same effective UID which will be
the real UID using the PolkitAgentSession API or otherwise calling
polkit_authority_authentication_agent_response()
.
The calling thread is blocked
until a reply is received. See
polkit_authority_register_authentication_agent_with_options()
for the
asynchronous version.
authority |
||
subject |
The subject the authentication agent is for, typically a PolkitUnixSession object. |
|
locale |
The locale of the authentication agent. |
|
object_path |
The object path for the authentication agent. |
|
options |
A GVariant with options or |
[allow-none] |
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
void polkit_authority_unregister_authentication_agent (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *object_path
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously unregisters an authentication agent.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_unregister_authentication_agent_finish()
to get
the result of the operation.
authority |
||
subject |
The subject the authentication agent is for, typically a PolkitUnixSession object. |
|
object_path |
The object path for the authentication agent. |
|
cancellable |
A GCancellable or |
[allow-none] |
callback |
A GAsyncReadyCallback to call when the request is satisfied. |
|
user_data |
The data to pass to |
gboolean polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes unregistering an authentication agent.
gboolean polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority
,PolkitSubject *subject
,const gchar *object_path
,GCancellable *cancellable
,GError **error
);
Unregisters an authentication agent. The calling thread is blocked
until a reply is received. See
polkit_authority_unregister_authentication_agent()
for the
asynchronous version.
authority |
||
subject |
The subject the authentication agent is for, typically a PolkitUnixSession object. |
|
object_path |
The object path for the authentication agent. |
|
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
void polkit_authority_authentication_agent_response (PolkitAuthority *authority
,const gchar *cookie
,PolkitIdentity *identity
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously provide response that identity
successfully authenticated
for the authentication request identified by cookie
.
This function is only used by the privileged bits of an authentication agent. It will fail if the caller is not sufficiently privileged (typically uid 0).
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_authentication_agent_response_finish()
to get the
result of the operation.
gboolean polkit_authority_authentication_agent_response_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes providing response from an authentication agent.
gboolean polkit_authority_authentication_agent_response_sync (PolkitAuthority *authority
,const gchar *cookie
,PolkitIdentity *identity
,GCancellable *cancellable
,GError **error
);
Provide response that identity
successfully authenticated for the
authentication request identified by cookie
. See polkit_authority_authentication_agent_response()
for limitations on who is allowed is to call this method.
The calling thread is blocked until a reply is received. See
polkit_authority_authentication_agent_response()
for the
asynchronous version.
void polkit_authority_enumerate_temporary_authorizations (PolkitAuthority *authority
,PolkitSubject *subject
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously gets all temporary authorizations for subject
.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_enumerate_temporary_authorizations_finish()
to get
the result of the operation.
authority |
||
subject |
A PolkitSubject, typically a PolkitUnixSession. |
|
cancellable |
A GCancellable or |
[allow-none] |
callback |
A GAsyncReadyCallback to call when the request is satisfied. |
|
user_data |
The data to pass to |
GList * polkit_authority_enumerate_temporary_authorizations_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes retrieving all registered actions.
authority |
||
res |
A GAsyncResult obtained from the callback. |
|
error |
Return location for error or |
[allow-none] |
A
list of PolkitTemporaryAuthorization objects or NULL
if error
is set. The
returned list should be freed with g_list_free()
after each element have
been freed with g_object_unref()
.
[element-type Polkit.TemporaryAuthorization][transfer full]
GList * polkit_authority_enumerate_temporary_authorizations_sync (PolkitAuthority *authority
,PolkitSubject *subject
,GCancellable *cancellable
,GError **error
);
Synchronousky gets all temporary authorizations for subject
.
The calling thread is blocked until a reply is received. See
polkit_authority_enumerate_temporary_authorizations()
for the
asynchronous version.
authority |
||
subject |
A PolkitSubject, typically a PolkitUnixSession. |
|
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
A
list of PolkitTemporaryAuthorization objects or NULL
if error
is set. The
returned list should be freed with g_list_free()
after each element have
been freed with g_object_unref()
.
[element-type Polkit.TemporaryAuthorization][transfer full]
void polkit_authority_revoke_temporary_authorizations (PolkitAuthority *authority
,PolkitSubject *subject
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously revokes all temporary authorizations for subject
.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_revoke_temporary_authorizations_finish()
to get
the result of the operation.
authority |
||
subject |
The subject to revoke authorizations from, typically a PolkitUnixSession. |
|
cancellable |
A GCancellable or |
[allow-none] |
callback |
A GAsyncReadyCallback to call when the request is satisfied. |
|
user_data |
The data to pass to |
gboolean polkit_authority_revoke_temporary_authorizations_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes revoking temporary authorizations.
gboolean polkit_authority_revoke_temporary_authorizations_sync (PolkitAuthority *authority
,PolkitSubject *subject
,GCancellable *cancellable
,GError **error
);
Synchronously revokes all temporary authorization from subject
.
The calling thread is blocked until a reply is received. See
polkit_authority_revoke_temporary_authorizations()
for the
asynchronous version.
authority |
||
subject |
The subject to revoke authorizations from, typically a PolkitUnixSession. |
|
cancellable |
A GCancellable or |
[allow-none] |
error |
Return location for error or |
[allow-none] |
void polkit_authority_revoke_temporary_authorization_by_id (PolkitAuthority *authority
,const gchar *id
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Asynchronously revoke a temporary authorization.
When the operation is finished, callback
will be invoked in the
from. You can then call
polkit_authority_revoke_temporary_authorization_by_id_finish()
to
get the result of the operation.
gboolean polkit_authority_revoke_temporary_authorization_by_id_finish (PolkitAuthority *authority
,GAsyncResult *res
,GError **error
);
Finishes revoking a temporary authorization by id.
gboolean polkit_authority_revoke_temporary_authorization_by_id_sync (PolkitAuthority *authority
,const gchar *id
,GCancellable *cancellable
,GError **error
);
Synchronously revokes a temporary authorization.
The calling thread is blocked until a reply is received. See
polkit_authority_revoke_temporary_authorization_by_id()
for the
asynchronous version.
typedef struct _PolkitAuthority PolkitAuthority;
The PolkitAuthority struct should not be accessed directly.
Possible flags when checking authorizations.
No flags set. |
||
If the subject can obtain the authorization through authentication, and an authentication agent is available, then attempt to do so. Note, this means that the method used for checking authorization is likely to block for a long time. |
||
Check access against policy even for root user. |
“backend-features”
property“backend-features” PolkitAuthorityFeatures
The features of the currently used Authority backend.
Owner: PolkitAuthority
Flags: Read
“backend-name”
property “backend-name” char *
The name of the currently used Authority backend.
Owner: PolkitAuthority
Flags: Read
Default value: NULL
“backend-version”
property “backend-version” char *
The version of the currently used Authority backend.
Owner: PolkitAuthority
Flags: Read
Default value: NULL
“changed”
signalvoid user_function (PolkitAuthority *authority, gpointer user_data)
Emitted when actions and/or authorizations change
Flags: Run Last
“sessions-changed”
signalvoid user_function (PolkitAuthority *authority, gpointer user_data)
Emitted when sessions change
Flags: Run Last