Add new error code VIR_ERROR_AUTH_CANCELLED

And hook it up for policykit auth. This allows virt-manager to detect that the user clicked the policykit 'cancel' button and not throw an 'authentication failed' error message at the user.
2025-02-22 11:22:23 +00:00 · 2012-01-27 13:06:49 -05:00 · 2012-01-27 13:06:49 -05:00 · bb2eddc6cf
commit bb2eddc6cf
parent ab6f1c9814
3 changed files with 19 additions and 2 deletions
--- a/daemon/remote.c
+++ b/daemon/remote.c
@ -2471,6 +2471,8 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
    const char *action;
    int status = -1;
    char *ident = NULL;
+    bool authdismissed = 0;
+    char *pkout = NULL;
    struct daemonClientPrivate *priv =
        virNetServerClientGetPrivateData(client);
    virCommandPtr cmd = NULL;
@ -2481,6 +2483,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
        "org.libvirt.unix.manage";

    cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
+    virCommandSetOutputBuffer(cmd, &pkout);

    VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
    if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
@ -2509,6 +2512,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
    if (virCommandRun(cmd, &status) < 0)
        goto authfail;

+    authdismissed = (pkout && strstr(pkout, "dismissed=true"));
    if (status != 0) {
        char *tmp = virCommandTranslateStatus(status);
        VIR_ERROR(_("Policy kit denied action %s from pid %lld, uid %d: %s"),
@ -2533,9 +2537,15 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
 error:
    virCommandFree(cmd);
    VIR_FREE(ident);
+    VIR_FREE(pkout);
    virResetLastError();
-    virNetError(VIR_ERR_AUTH_FAILED, "%s",
-                _("authentication failed"));
+    if (authdismissed) {
+        virNetError(VIR_ERR_AUTH_CANCELLED, "%s",
+                    _("authentication cancelled by user"));
+    } else {
+        virNetError(VIR_ERR_AUTH_FAILED, "%s",
+                    _("authentication failed"));
+    }
    virNetMessageSaveError(rerr);
    virMutexUnlock(&priv->lock);
    return -1;
--- a/include/libvirt/virterror.h
+++ b/include/libvirt/virterror.h
@ -243,6 +243,7 @@ typedef enum {
                                           risky domain snapshot revert */
    VIR_ERR_OPERATION_ABORTED = 78,     /* operation on a domain was
                                           canceled/aborted by user */
+    VIR_ERR_AUTH_CANCELLED = 79,        /* authentication cancelled */
 } virErrorNumber;

 /**
--- a/src/util/virterror.c
+++ b/src/util/virterror.c
@ -1022,6 +1022,12 @@ virErrorMsg(virErrorNumber error, const char *info)
            else
                errmsg = _("authentication failed: %s");
            break;
+        case VIR_ERR_AUTH_CANCELLED:
+            if (info == NULL)
+                errmsg = _("authentication cancelled");
+            else
+                errmsg = _("authentication cancelled: %s");
+            break;
        case VIR_ERR_NO_STORAGE_POOL:
            if (info == NULL)
                errmsg = _("Storage pool not found");