Add new error code VIR_ERROR_AUTH_CANCELLED

And hook it up for policykit auth. This allows virt-manager to detect that the user clicked the policykit 'cancel' button and not throw an 'authentication failed' error message at the user.

Add new error code VIR_ERROR_AUTH_CANCELLED
And hook it up for policykit auth. This allows virt-manager to detect that the user clicked the policykit 'cancel' button and not throw an 'authentication failed' error message at the user.
bb2eddc6 · Cole Robinson · ab6f1c98 · bb2eddc6 · bb2eddc6 · bb2eddc6
隐藏空白更改
内联并排

Showing with 19 addition and 2 deletion

daemon/remote.c daemon/remote.c +12 -2

include/libvirt/virterror.h include/libvirt/virterror.h +1 -0

src/util/virterror.c src/util/virterror.c +6 -0

未找到文件。
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -2471,6 +2471,8 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
    const char *action;
    int status = -1;
    char *ident = NULL;
+    bool authdismissed = 0;
+    char *pkout = NULL;
    struct daemonClientPrivate *priv =
        virNetServerClientGetPrivateData(client);
    virCommandPtr cmd = NULL;
@@ -2481,6 +2483,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
        "org.libvirt.unix.manage";

    cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
+    virCommandSetOutputBuffer(cmd, &pkout);

    VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
    if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
@@ -2509,6 +2512,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
    if (virCommandRun(cmd, &status) < 0)
        goto authfail;

+    authdismissed = (pkout && strstr(pkout, "dismissed=true"));
    if (status != 0) {
        char *tmp = virCommandTranslateStatus(status);
        VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d: %s"),
@@ -2533,9 +2537,15 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
 error:
    virCommandFree(cmd);
    VIR_FREE(ident);
+    VIR_FREE(pkout);
    virResetLastError();
-    virNetError(VIR_ERR_AUTH_FAILED, "%s",
-                _("authentication failed"));
+    if (authdismissed) {
+        virNetError(VIR_ERR_AUTH_CANCELLED, "%s",
+                    _("authentication cancelled by user"));
+    } else {
+        virNetError(VIR_ERR_AUTH_FAILED, "%s",
+                    _("authentication failed"));
+    }
    virNetMessageSaveError(rerr);
    virMutexUnlock(&priv->lock);
    return -1;

--- a/include/libvirt/virterror.h
+++ b/include/libvirt/virterror.h
@@ -243,6 +243,7 @@ typedef enum {
                                           risky domain snapshot revert */
    VIR_ERR_OPERATION_ABORTED = 78,     /* operation on a domain was
                                           canceled/aborted by user */
+    VIR_ERR_AUTH_CANCELLED = 79,        /* authentication cancelled */
 } virErrorNumber;

 /**

--- a/src/util/virterror.c
+++ b/src/util/virterror.c
@@ -1022,6 +1022,12 @@ virErrorMsg(virErrorNumber error, const char *info)
            else
                errmsg = _("authentication failed: %s");
            break;
+        case VIR_ERR_AUTH_CANCELLED:
+            if (info == NULL)
+                errmsg = _("authentication cancelled");
+            else
+                errmsg = _("authentication cancelled: %s");
+            break;
        case VIR_ERR_NO_STORAGE_POOL:
            if (info == NULL)
                errmsg = _("Storage pool not found");