You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
129 lines
5.2 KiB
129 lines
5.2 KiB
From 9fdd59cfda93b508e76770146a8295d0a26b175d Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Holy <oholy@redhat.com>
|
|
Date: Tue, 14 May 2019 08:46:48 +0200
|
|
Subject: [PATCH 1/3] udisks2: Handle lockdown option to disable writing
|
|
|
|
Handle the new mount-removable-storage-devices-as-read-only option of
|
|
org.gnome.desktop.lockdown schema and mount removable devices as read-only
|
|
if enabled.
|
|
---
|
|
monitor/udisks2/gvfsudisks2volume.c | 8 +++++
|
|
monitor/udisks2/gvfsudisks2volumemonitor.c | 34 ++++++++++++++++++++++
|
|
monitor/udisks2/gvfsudisks2volumemonitor.h | 1 +
|
|
3 files changed, 43 insertions(+)
|
|
|
|
diff --git a/monitor/udisks2/gvfsudisks2volume.c b/monitor/udisks2/gvfsudisks2volume.c
|
|
index a509b5dd..b2545058 100644
|
|
--- a/monitor/udisks2/gvfsudisks2volume.c
|
|
+++ b/monitor/udisks2/gvfsudisks2volume.c
|
|
@@ -1093,6 +1093,7 @@ do_mount (GTask *task)
|
|
{
|
|
MountData *data = g_task_get_task_data (task);
|
|
GVariantBuilder builder;
|
|
+ GVfsUDisks2Volume *volume = g_task_get_source_object (task);
|
|
|
|
g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT);
|
|
if (data->mount_operation == NULL)
|
|
@@ -1101,6 +1102,13 @@ do_mount (GTask *task)
|
|
"{sv}",
|
|
"auth.no_user_interaction", g_variant_new_boolean (TRUE));
|
|
}
|
|
+ if (gvfs_udisks2_volume_monitor_get_readonly_lockdown (volume->monitor))
|
|
+ {
|
|
+ g_variant_builder_add (&builder,
|
|
+ "{sv}",
|
|
+ "options", g_variant_new_string ("ro"));
|
|
+
|
|
+ }
|
|
udisks_filesystem_call_mount (data->filesystem_to_mount,
|
|
g_variant_builder_end (&builder),
|
|
g_task_get_cancellable (task),
|
|
diff --git a/monitor/udisks2/gvfsudisks2volumemonitor.c b/monitor/udisks2/gvfsudisks2volumemonitor.c
|
|
index 0a5ce96e..37c81fcf 100644
|
|
--- a/monitor/udisks2/gvfsudisks2volumemonitor.c
|
|
+++ b/monitor/udisks2/gvfsudisks2volumemonitor.c
|
|
@@ -65,6 +65,9 @@ struct _GVfsUDisks2VolumeMonitor
|
|
/* we keep volumes/mounts for blank and audio discs separate to handle e.g. mixed discs properly */
|
|
GList *disc_volumes;
|
|
GList *disc_mounts;
|
|
+
|
|
+ GSettings *lockdown_settings;
|
|
+ gboolean readonly_lockdown;
|
|
};
|
|
|
|
static UDisksClient *get_udisks_client_sync (GError **error);
|
|
@@ -140,6 +143,8 @@ gvfs_udisks2_volume_monitor_finalize (GObject *object)
|
|
g_list_free_full (monitor->disc_volumes, g_object_unref);
|
|
g_list_free_full (monitor->disc_mounts, g_object_unref);
|
|
|
|
+ g_clear_object (&monitor->lockdown_settings);
|
|
+
|
|
G_OBJECT_CLASS (gvfs_udisks2_volume_monitor_parent_class)->finalize (object);
|
|
}
|
|
|
|
@@ -304,6 +309,17 @@ gvfs_udisks2_volume_monitor_constructor (GType type,
|
|
return ret;
|
|
}
|
|
|
|
+static void
|
|
+lockdown_settings_changed (GSettings *settings,
|
|
+ gchar *key,
|
|
+ gpointer user_data)
|
|
+{
|
|
+ GVfsUDisks2VolumeMonitor *monitor = GVFS_UDISKS2_VOLUME_MONITOR (user_data);
|
|
+
|
|
+ monitor->readonly_lockdown = g_settings_get_boolean (settings,
|
|
+ "mount-removable-storage-devices-as-read-only");
|
|
+}
|
|
+
|
|
static void
|
|
gvfs_udisks2_volume_monitor_init (GVfsUDisks2VolumeMonitor *monitor)
|
|
{
|
|
@@ -325,6 +341,15 @@ gvfs_udisks2_volume_monitor_init (GVfsUDisks2VolumeMonitor *monitor)
|
|
G_CALLBACK (mountpoints_changed),
|
|
monitor);
|
|
|
|
+ monitor->lockdown_settings = g_settings_new ("org.gnome.desktop.lockdown");
|
|
+ monitor->readonly_lockdown = g_settings_get_boolean (monitor->lockdown_settings,
|
|
+ "mount-removable-storage-devices-as-read-only");
|
|
+ g_signal_connect_object (monitor->lockdown_settings,
|
|
+ "changed",
|
|
+ G_CALLBACK (lockdown_settings_changed),
|
|
+ monitor,
|
|
+ 0);
|
|
+
|
|
update_all (monitor, FALSE, TRUE);
|
|
}
|
|
|
|
@@ -388,6 +413,15 @@ gvfs_udisks2_volume_monitor_get_gudev_client (GVfsUDisks2VolumeMonitor *monitor)
|
|
|
|
/* ---------------------------------------------------------------------------------------------------- */
|
|
|
|
+gboolean
|
|
+gvfs_udisks2_volume_monitor_get_readonly_lockdown (GVfsUDisks2VolumeMonitor *monitor)
|
|
+{
|
|
+ g_return_val_if_fail (GVFS_IS_UDISKS2_VOLUME_MONITOR (monitor), FALSE);
|
|
+ return monitor->readonly_lockdown;
|
|
+}
|
|
+
|
|
+/* ---------------------------------------------------------------------------------------------------- */
|
|
+
|
|
void
|
|
gvfs_udisks2_volume_monitor_update (GVfsUDisks2VolumeMonitor *monitor)
|
|
{
|
|
diff --git a/monitor/udisks2/gvfsudisks2volumemonitor.h b/monitor/udisks2/gvfsudisks2volumemonitor.h
|
|
index 7f0215dc..751a0236 100644
|
|
--- a/monitor/udisks2/gvfsudisks2volumemonitor.h
|
|
+++ b/monitor/udisks2/gvfsudisks2volumemonitor.h
|
|
@@ -49,6 +49,7 @@ GVolumeMonitor *gvfs_udisks2_volume_monitor_new (void);
|
|
UDisksClient *gvfs_udisks2_volume_monitor_get_udisks_client (GVfsUDisks2VolumeMonitor *monitor);
|
|
void gvfs_udisks2_volume_monitor_update (GVfsUDisks2VolumeMonitor *monitor);
|
|
GUdevClient *gvfs_udisks2_volume_monitor_get_gudev_client (GVfsUDisks2VolumeMonitor *monitor);
|
|
+gboolean gvfs_udisks2_volume_monitor_get_readonly_lockdown (GVfsUDisks2VolumeMonitor *monitor);
|
|
|
|
G_END_DECLS
|
|
|
|
--
|
|
2.21.0
|
|
|