git.delta.rocks / remowt / refs/commits / 113f1e5ab113

15use remowt_link_shared::{Address, BifConfig, Fs, Pty, Systemd};15use remowt_link_shared::{Address, BifConfig, Fs, Pty, Systemd};
16use remowt_polkit_shared::{emphasize, BackendRequest, Identity, PidDisplay};16use remowt_polkit_shared::{emphasize, BackendRequest, Identity, PidDisplay};
17use remowt_ui_prompt::bifrost::PromptEndpointsClient;17use remowt_ui_prompt::bifrost::PromptEndpointsClient;
18use remowt_ui_prompt::rofi::RofiPrompter;
18use remowt_ui_prompt::{PrependSourcePrompter, Prompter, Source};19use remowt_ui_prompt::{PrependSourcePrompter, Prompter, Source};
19use tokio::fs;20use tokio::fs;
20use tokio::net::UnixStream;21use tokio::net::UnixStream;
21use tokio::runtime::Builder;22use tokio::runtime::Builder;
22use tokio::task::AbortHandle;23use tokio::task::AbortHandle;
23use tracing::{info, trace};24use tracing::{debug, info, trace};
24use zbus::fdo;25use zbus::fdo;
25use zbus::zvariant::{OwnedValue, Str};26use zbus::zvariant::{OwnedValue, Str};
26use zbus::{interface, proxy, Connection};27use zbus::{interface, proxy, Connection};
39}40}
40impl Drop for CancelTaskOnDrop {41impl Drop for CancelTaskOnDrop {
41	fn drop(&mut self) {42	fn drop(&mut self) {
42		info!("cancel on drop");43		debug!("cancel on drop");
43		if let Some(task) = self44		if let Some(task) = self
44			.tasks45			.tasks
45			.lock()46			.lock()
121					identities.iter().map(|v| v.to_string()).collect();122					identities.iter().map(|v| v.to_string()).collect();
122				let identity_displays: Vec<&str> =123				let identity_displays: Vec<&str> =
123					identity_displays.iter().map(|v| v.as_str()).collect();124					identity_displays.iter().map(|v| v.as_str()).collect();
124				info!("choose identity");125				debug!("choose identity");
125				let choosen_identity = match identity_displays.len() {126				let choosen_identity = match identity_displays.len() {
126					0 => {127					0 => {
127						return Err(fdo::Error::AuthFailed(128						return Err(fdo::Error::AuthFailed(
140							.await?141							.await?
141					}142					}
142				};143				};
143				info!("identity chosen");144				debug!("identity chosen");
144145
145				let _ = write!(146				let _ = write!(
146					description,147					description,
169			.lock()170			.lock()
170			.unwrap()171			.unwrap()
171			.insert(cookie.clone(), task.abort_handle());172			.insert(cookie.clone(), task.abort_handle());
172		info!("abort handle stored");173		debug!("abort handle stored");
173		let _ = _cancel_guard.set(CancelTaskOnDrop {174		let _ = _cancel_guard.set(CancelTaskOnDrop {
174			tasks: self.tasks.clone(),175			tasks: self.tasks.clone(),
175			handle: cookie.clone(),176			handle: cookie.clone(),
182183
183	/// CancelAuthentication method184	/// CancelAuthentication method
184	async fn cancel_authentication(&self, cookie: &str) -> zbus::fdo::Result<()> {185	async fn cancel_authentication(&self, cookie: &str) -> zbus::fdo::Result<()> {
185		info!("auth cancelled");186		debug!("auth cancelled");
186		if let Some(abort) = self.tasks.lock().unwrap().remove(cookie) {187		if let Some(abort) = self.tasks.lock().unwrap().remove(cookie) {
187			info!("abort handle found");188			debug!("abort handle found");
188			abort.abort();189			abort.abort();
189		}190		}
190		// debug!("Authentication cancled ! {cookie}");191		// debug!("Authentication cancled ! {cookie}");
220		#[arg(long)]221		#[arg(long)]
221		privileged: bool,222		privileged: bool,
222	},223	},
224	LocalAgent,
223}225}
224226
225fn main() -> anyhow::Result<()> {227fn main() -> anyhow::Result<()> {
226	// Log to stderr: `privileged-agent` uses stdout as the bifrost transport,228	// Log to stderr: `privileged-agent` uses stdout as the bifrost transport,
227	// so anything written there would corrupt the stream.229	// so anything written there would corrupt the stream.
228	tracing_subscriber::fmt()230	tracing_subscriber::fmt()
229		.with_writer(std::io::stderr)231		.with_writer(std::io::stderr)
232		.without_time()
230		.init();233		.init();
231	let opts = Opts::parse();234	let opts = Opts::parse();
232235
237			prompt,240			prompt,
238			description,241			description,
239		} => runtime.block_on(askpass::ask(&prompt, description)),242		} => runtime.block_on(askpass::ask(&prompt, description)),
243		Opts::LocalAgent => runtime.block_on(main_real()),
240		Opts::Editor { path } => runtime.block_on(editor::edit(path)),244		Opts::Editor { path } => runtime.block_on(editor::edit(path)),
241		Opts::RealAgent { path, privileged } => runtime.block_on(main_real_agent(path, privileged)),245		Opts::RealAgent { path, privileged } => runtime.block_on(main_real_agent(path, privileged)),
242	}246	}
243}247}
248async fn main_real() -> anyhow::Result<()> {
249	let conn = Connection::system().await?;
250	let helper = SocketHelper {
251		fallback: SuidHelper,
252	};
253	register_auth_agent(&conn, Agent::new(helper, RofiPrompter)).await?;
254
255	let _conn = conn;
256	pending().await
257}
244async fn main_real_agent(path: Option<PathBuf>, privileged: bool) -> anyhow::Result<()> {258async fn main_real_agent(path: Option<PathBuf>, privileged: bool) -> anyhow::Result<()> {
245	let address = if privileged {259	let address = if privileged {
246		Address::AgentPrivileged260		Address::AgentPrivileged
330	proxy344	proxy
331		.register_authentication_agent(&subject, "C", OBJ_PATH)345		.register_authentication_agent(&subject, "C", OBJ_PATH)
332		.await?;346		.await?;
333	info!(kind = subject.subject_kind, "registered polkit agent");347	debug!(kind = subject.subject_kind, "registered polkit agent");
334	Ok(())348	Ok(())
335}349}
336350

11bifrostlink-ports.workspace = true11bifrostlink-ports.workspace = true
12bytes.workspace = true12bytes.workspace = true
13remowt-link-shared.workspace = true13remowt-link-shared.workspace = true
14serde_json.workspace = true
14tokio = { workspace = true, features = [15tokio = { workspace = true, features = [
15	"rt",16	"rt",
16	"net",17	"net",

1313
14pub fn serve(rpc: &mut Rpc<BifConfig>) {14pub fn serve(rpc: &mut Rpc<BifConfig>) {
15	let host = Host {15	let host = Host {
16		me: rpc.me(),
16		rpc: rpc.clone().downgrade(),17		rpc: rpc.clone().downgrade(),
17		children: Mutex::new(Vec::new()),18		children: Mutex::new(Vec::new()),
18	};19	};
19	PluginEndpoints(host).register_endpoints(rpc);20	PluginEndpoints(host).register_endpoints(rpc);
20}21}
2122
22struct Host {23struct Host {
24	me: Address,
23	rpc: WeakRpc<BifConfig>,25	rpc: WeakRpc<BifConfig>,
24	children: Mutex<Vec<Child>>,26	children: Mutex<Vec<Child>>,
25}27}
3032
31		let mut child = Command::new(path)33		let mut child = Command::new(path)
32			.arg(id.to_string())34			.arg(id.to_string())
35			.arg(serde_json::to_string(&self.me).expect("address serializes"))
33			.stdin(Stdio::piped())36			.stdin(Stdio::piped())
34			.stdout(Stdio::piped())37			.stdout(Stdio::piped())
35			.kill_on_drop(true)38			.kill_on_drop(true)

18		.map_err(|e| anyhow::anyhow!("invalid plugin index {arg:?}: {e}"))18		.map_err(|e| anyhow::anyhow!("invalid plugin index {arg:?}: {e}"))
19}19}
20
21pub fn host_address() -> Result<Address> {
22	let arg = std::env::args()
23		.nth(2)
24		.ok_or_else(|| anyhow::anyhow!("missing host address argument"))?;
25	serde_json::from_str(&arg).map_err(|e| anyhow::anyhow!("invalid host address {arg:?}: {e}"))
26}
2027
21pub fn run<F>(register: F) -> Result<()>28pub fn run<F>(register: F) -> Result<()>
22where29where
27		.init();34		.init();
2835
29	let index = plugin_index()?;36	let index = plugin_index()?;
37	let host = host_address()?;
30	let runtime = Builder::new_current_thread().enable_all().build()?;38	let runtime = Builder::new_current_thread().enable_all().build()?;
31	runtime.block_on(async move {39	runtime.block_on(async move {
32		let mut rpc = Rpc::<BifConfig>::new(Address::Plugin(index));40		let mut rpc = Rpc::<BifConfig>::new(Address::Plugin(index));
33		rpc.add_direct(Address::Agent, from_stdio(), Rtt(0));41		rpc.add_direct(host, from_stdio(), Rtt(0));
34		register(&mut rpc);42		register(&mut rpc);
35		let _rpc = rpc;43		let _rpc = rpc;
36		pending::<Result<()>>().await44		pending::<Result<()>>().await