difftreelog
fix privileged agent plugins
in: trunk
4 files changed
cmds/remowt-agent/src/main.rsdiffbeforeafterboth--- a/cmds/remowt-agent/src/main.rs
+++ b/cmds/remowt-agent/src/main.rs
@@ -15,12 +15,13 @@
use remowt_link_shared::{Address, BifConfig, Fs, Pty, Systemd};
use remowt_polkit_shared::{emphasize, BackendRequest, Identity, PidDisplay};
use remowt_ui_prompt::bifrost::PromptEndpointsClient;
+use remowt_ui_prompt::rofi::RofiPrompter;
use remowt_ui_prompt::{PrependSourcePrompter, Prompter, Source};
use tokio::fs;
use tokio::net::UnixStream;
use tokio::runtime::Builder;
use tokio::task::AbortHandle;
-use tracing::{info, trace};
+use tracing::{debug, info, trace};
use zbus::fdo;
use zbus::zvariant::{OwnedValue, Str};
use zbus::{interface, proxy, Connection};
@@ -39,7 +40,7 @@
}
impl Drop for CancelTaskOnDrop {
fn drop(&mut self) {
- info!("cancel on drop");
+ debug!("cancel on drop");
if let Some(task) = self
.tasks
.lock()
@@ -121,7 +122,7 @@
identities.iter().map(|v| v.to_string()).collect();
let identity_displays: Vec<&str> =
identity_displays.iter().map(|v| v.as_str()).collect();
- info!("choose identity");
+ debug!("choose identity");
let choosen_identity = match identity_displays.len() {
0 => {
return Err(fdo::Error::AuthFailed(
@@ -140,7 +141,7 @@
.await?
}
};
- info!("identity chosen");
+ debug!("identity chosen");
let _ = write!(
description,
@@ -169,7 +170,7 @@
.lock()
.unwrap()
.insert(cookie.clone(), task.abort_handle());
- info!("abort handle stored");
+ debug!("abort handle stored");
let _ = _cancel_guard.set(CancelTaskOnDrop {
tasks: self.tasks.clone(),
handle: cookie.clone(),
@@ -182,9 +183,9 @@
/// CancelAuthentication method
async fn cancel_authentication(&self, cookie: &str) -> zbus::fdo::Result<()> {
- info!("auth cancelled");
+ debug!("auth cancelled");
if let Some(abort) = self.tasks.lock().unwrap().remove(cookie) {
- info!("abort handle found");
+ debug!("abort handle found");
abort.abort();
}
// debug!("Authentication cancled ! {cookie}");
@@ -220,6 +221,7 @@
#[arg(long)]
privileged: bool,
},
+ LocalAgent,
}
fn main() -> anyhow::Result<()> {
@@ -227,6 +229,7 @@
// so anything written there would corrupt the stream.
tracing_subscriber::fmt()
.with_writer(std::io::stderr)
+ .without_time()
.init();
let opts = Opts::parse();
@@ -237,10 +240,21 @@
prompt,
description,
} => runtime.block_on(askpass::ask(&prompt, description)),
+ Opts::LocalAgent => runtime.block_on(main_real()),
Opts::Editor { path } => runtime.block_on(editor::edit(path)),
Opts::RealAgent { path, privileged } => runtime.block_on(main_real_agent(path, privileged)),
}
}
+async fn main_real() -> anyhow::Result<()> {
+ let conn = Connection::system().await?;
+ let helper = SocketHelper {
+ fallback: SuidHelper,
+ };
+ register_auth_agent(&conn, Agent::new(helper, RofiPrompter)).await?;
+
+ let _conn = conn;
+ pending().await
+}
async fn main_real_agent(path: Option<PathBuf>, privileged: bool) -> anyhow::Result<()> {
let address = if privileged {
Address::AgentPrivileged
@@ -330,7 +344,7 @@
proxy
.register_authentication_agent(&subject, "C", OBJ_PATH)
.await?;
- info!(kind = subject.subject_kind, "registered polkit agent");
+ debug!(kind = subject.subject_kind, "registered polkit agent");
Ok(())
}
crates/remowt-plugin/Cargo.tomldiffbeforeafterboth--- a/crates/remowt-plugin/Cargo.toml
+++ b/crates/remowt-plugin/Cargo.toml
@@ -11,6 +11,7 @@
bifrostlink-ports.workspace = true
bytes.workspace = true
remowt-link-shared.workspace = true
+serde_json.workspace = true
tokio = { workspace = true, features = [
"rt",
"net",
crates/remowt-plugin/src/host.rsdiffbeforeafterboth131314pub fn serve(rpc: &mut Rpc<BifConfig>) {14pub fn serve(rpc: &mut Rpc<BifConfig>) {15 let host = Host {15 let host = Host {16 me: rpc.me(),16 rpc: rpc.clone().downgrade(),17 rpc: rpc.clone().downgrade(),17 children: Mutex::new(Vec::new()),18 children: Mutex::new(Vec::new()),18 };19 };19 PluginEndpoints(host).register_endpoints(rpc);20 PluginEndpoints(host).register_endpoints(rpc);20}21}212222struct Host {23struct Host {24 me: Address,23 rpc: WeakRpc<BifConfig>,25 rpc: WeakRpc<BifConfig>,24 children: Mutex<Vec<Child>>,26 children: Mutex<Vec<Child>>,25}27}303231 let mut child = Command::new(path)33 let mut child = Command::new(path)32 .arg(id.to_string())34 .arg(id.to_string())35 .arg(serde_json::to_string(&self.me).expect("address serializes"))33 .stdin(Stdio::piped())36 .stdin(Stdio::piped())34 .stdout(Stdio::piped())37 .stdout(Stdio::piped())35 .kill_on_drop(true)38 .kill_on_drop(true)crates/remowt-plugin/src/lib.rsdiffbeforeafterboth--- a/crates/remowt-plugin/src/lib.rs
+++ b/crates/remowt-plugin/src/lib.rs
@@ -18,6 +18,13 @@
.map_err(|e| anyhow::anyhow!("invalid plugin index {arg:?}: {e}"))
}
+pub fn host_address() -> Result<Address> {
+ let arg = std::env::args()
+ .nth(2)
+ .ok_or_else(|| anyhow::anyhow!("missing host address argument"))?;
+ serde_json::from_str(&arg).map_err(|e| anyhow::anyhow!("invalid host address {arg:?}: {e}"))
+}
+
pub fn run<F>(register: F) -> Result<()>
where
F: FnOnce(&mut Rpc<BifConfig>),
@@ -27,10 +34,11 @@
.init();
let index = plugin_index()?;
+ let host = host_address()?;
let runtime = Builder::new_current_thread().enable_all().build()?;
runtime.block_on(async move {
let mut rpc = Rpc::<BifConfig>::new(Address::Plugin(index));
- rpc.add_direct(Address::Agent, from_stdio(), Rtt(0));
+ rpc.add_direct(host, from_stdio(), Rtt(0));
register(&mut rpc);
let _rpc = rpc;
pending::<Result<()>>().await