From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Michael Albinus via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Newsgroups: gmane.emacs.bugs Subject: bug#71969: [PATCH] Support interactive D-Bus authentication Date: Mon, 08 Jul 2024 14:29:55 +0200 Message-ID: <87le2coym4.fsf@gmx.de> References: <877cdzklbd.fsf@stebalien.com> <87o77a20s6.fsf@gmx.de> <87frsm1sht.fsf@gmx.de> <86v81i36vh.fsf@gnu.org> <877cdy1r2a.fsf@gmx.de> <874j91ifkj.fsf@stebalien.com> <87msmtz264.fsf@gmx.de> <87sewk2q4t.fsf@stebalien.com> Reply-To: Michael Albinus Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="2881"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: Eli Zaretskii , 71969@debbugs.gnu.org To: Steven Allen Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Mon Jul 08 14:31:17 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1sQnWX-0000Yp-Bc for geb-bug-gnu-emacs@m.gmane-mx.org; Mon, 08 Jul 2024 14:31:17 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sQnWE-0004yL-H5; Mon, 08 Jul 2024 08:30:58 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sQnWD-0004y6-KW for bug-gnu-emacs@gnu.org; Mon, 08 Jul 2024 08:30:57 -0400 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sQnWD-00048V-Bm for bug-gnu-emacs@gnu.org; Mon, 08 Jul 2024 08:30:57 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sQnWI-0002JG-50 for bug-gnu-emacs@gnu.org; Mon, 08 Jul 2024 08:31:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Michael Albinus Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 08 Jul 2024 12:31:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 71969 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 71969-submit@debbugs.gnu.org id=B71969.17204418178809 (code B ref 71969); Mon, 08 Jul 2024 12:31:02 +0000 Original-Received: (at 71969) by debbugs.gnu.org; 8 Jul 2024 12:30:17 +0000 Original-Received: from localhost ([127.0.0.1]:49875 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQnVY-0002I1-VW for submit@debbugs.gnu.org; Mon, 08 Jul 2024 08:30:17 -0400 Original-Received: from mout.gmx.net ([212.227.17.20]:55737) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sQnVU-0002Gc-8n for 71969@debbugs.gnu.org; Mon, 08 Jul 2024 08:30:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1720441798; x=1721046598; i=michael.albinus@gmx.de; bh=URRwpb0D/QKWlchY7/BhHxIu99z6z0bDGcUGYcw5yIg=; h=X-UI-Sender-Class:From:To:Cc:Subject:In-Reply-To:References:Date: Message-ID:MIME-Version:Content-Type:cc:content-transfer-encoding: content-type:date:from:message-id:mime-version:reply-to:subject: to; b=pxoxwZhGUpwGLI78H6pZ/Fr8BiNcYCkJ3z2S8iaZdAUuHa/V7LCNrxmJBrVg4iHn pVZAY2nCDUEs4HByYhDcraXCtOLe641hOLb69y3xt9k1iFVflfHQpkA+mbMaggQND KIb0FvnVNkXp2k7AvQdU4RDYmY57sdiHkCQ2uhQW+SDFTAvmu2scytOXFZ9/QCids CVwGXXnQmwqSq3VPVlr3RiAVLaLxg6sWHrZQrtVQpugw2SCmQSMMKLrVT1CgjS3HP kvj5XqKyaRSLpksLBTBfozfPdlRxt8rX4gaLIHcetPdua1CssGHwaNc7G+WBso5JS hIRBzJOQYCXpetCS+g== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Original-Received: from gandalf.gmx.de ([185.89.38.155]) by mail.gmx.net (mrgmx104 [212.227.17.168]) with ESMTPSA (Nemesis) id 1M4Jqb-1sQWO71B3Z-002ws5; Mon, 08 Jul 2024 14:29:58 +0200 In-Reply-To: <87sewk2q4t.fsf@stebalien.com> (Steven Allen's message of "Mon, 08 Jul 2024 11:24:02 +0200") X-Provags-ID: V03:K1:dX1HjNwcCSBTLkiTk1I6DbazjJ+WDr6USELTt8CiJBy7rWJ2L5z ZsyrOCXVb+GqB2DrQy8SbZvzcNNTXLpvM824ipEqqCB/kEJyucunPuF4NlvkqN7NpEgAqpd el1cE6KzKV8Uv7yi7X5wpgTmbgMak50I0pEWMNuwBQ65D7QUaEZHpFDQnetiljW7FZstynM A2f0qQAnLi8MUN3tADlmQ== UI-OutboundReport: notjunk:1;M01:P0:CNCaB5XD+Z8=;wJ1qCZ4sSAchOSIxwjXClKG5cmG woPi/3er9HbDwg4qRQndUE7r9LJtinPfTDPhQlBrt/hTGl1t8d1HbbpZ64WM6Wrx21ucfmNM2 8V1ZEhtANo1F1zGCguRgVYeLON7KxYEidzVN591lkeEJ/KKLpTYsZxOhdtuHNj/IWKEJu4Pev Q5RjneQQCJvzGKlsVYXeU9t2JojXQzFuPjGI9woUu/aDL7VeIDjJV5ORSeFIpzH16q6TN8K3a F1FktKy/r4qVKLHw09KTKC0On6/YIq2s7ihXL6sVHkUFEO5kBd3ZJvF/tA5iqorPg1N7AAC3f OBjftVoybBXYKPF3sTTUd/bOJHIDHUOQUD+IVHOtSkqHr0cOsnrNg225Zf5qATATcLHhHlDYv Se7m1NTbmqzGO5UeRaOTVvz+pp1hWe7ZkjssAD6QxTE7lI3MGD2v1xJqvRVArNUU6Oe1wXjmj Q4GVK/DyDDmtPqUzLxOKU6EqnbKh+jvLWhlLnw+PTc3wAMYAacWQnpD0WauaHjRmqyIRrwxIL PDpIqGvfoH8g2YqMrfkQAuTQwSHeu8qWl2FawGYoNHrSw1lI5zVKaQx7oWAYYWcKQgIgyJiW4 iC5dRSIfY9nrXnpzM9eZA0PIf71Gc2wdW3FM//ToDFom89RiZJ8ffEO+lK4/Rxwkt07qR0gJa lixur9RTWanbIS0hW4R9/Ky81TV1WzM07SWTdF5u8SHQf7iMngsbrrmWVb+AUQnYu4vRH+HdY fUZZ7lGMwz3fJug+ufGYs/s122EG2Q2wzNgLltc3YeIDS6K9gBsDOcPRL/xjJpxUmUlemuUS X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:288589 Archived-At: Steven Allen writes: Hi Steven, >>> Remaining questions: >>> >>> 1. I'm not sure if :authorize is quite correct either. Really, the key >>> part is that it allows /interactive/ authorization. I wonder if >>> :interactive-authorization or :interactive might be better (although >>> they're kind of long). >> >> I believe :authorize is OK. In the docstrings as well as in the D-Bus >> manual, interactive authorization is mentioned, so a user shall know >> what's about. > > Hm, it's still bugging me. We're _not_ authorizing the request, we're > telling D-Bus that it's ok to ask the user if they want to authorize it. > I'm hoping the example below will make this clearer. What about :authorizable? I don't like the alternative :interactive-authorize; it's too long to type, and it's also not obvious w/o knowing the context. >> Furthermore, you haven't given an example. I really would like to see >> how it works in practice. > > Sorry about that. To restart the bluetooth service, execute: > > (dbus-call-method > :system > "org.freedesktop.systemd1" "/org/freedesktop/systemd1" > "org.freedesktop.systemd1.Manager" "RestartUnit" > :authorize t > "bluetooth.service" "replace") > > Assuming you have a polkit agent running (most DEs will run one by > default, but agents like mate-polkit work pretty well standalone), > you'll be prompted to authorize the operation and the bluetooth service > will be restarted. Nice. I get an authorization prompt. However, on my Fedora 40 / Gnome 46 / systemd 255 system, it doesn't matter, whether I use ':authorize t', ':authorize nil', or none of them. Is interactive authorization enabled by default, and we don't need to care about? >>> +If the parameter @code{:authorize} is given and the following >>> +@var{auth} is non-nil, the invoked method may interactively prompt the >> >> non-@code{nil} > Done and done (the info manuals are pretty inconsistent in this regard...). If you see it somewhere else in the manuals, it is an error. The rule is to use @code{nil}, non-@code{nil}, and @code{t}. Feel free to correct this. >>> + /* Ignore this keyword if unsupported. */ >>> + #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION >>> + dbus_message_set_allow_interactive_authorization >>> + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); >>> + #endif >> >> #ifdef end #endif shall start in column 1. Futhermore, we need an #else >> clause. There shall be an error or a warning, that :authorize is not supported. > > I'm going to disagree on this last point. The flag is specifying whether > or not the D-Bus is _allowed_ to ask the user to ask the user to > authorize requests which can fail for multiple reasons anyways (e.g., if > no polkit agent is running, the user rejects the interactive > authorization, etc.). > > If authorization is required and wasn't possible for some reason, > D-Bus will return an error to the user anyways. So the user will get > their warning either way _if_ something actually goes wrong. Good point. However, we shall support developers if they run into this case. What about a debug message like --8<---------------cut here---------------start------------->8--- #ifdef HAVE_DBUS_MESSAGE_SET_ALLOW_INTERACTIVE_AUTHORIZATION dbus_message_set_allow_interactive_authorization (dmessage, NILP (args[count+1]) ? FALSE : TRUE); #else XD_DEBUG_MESSAGE (":authorize not supported"); #endif --8<---------------cut here---------------end--------------->8--- Best regards, Michael.