--- clients/cli/general.c | 2 ++ libnm/nm-client.h | 5 ++++- libnm/nm-manager.c | 2 ++ policy/org.freedesktop.NetworkManager.policy.in.in | 9 +++++++++ shared/nm-common-macros.h | 1 + src/nm-audit-manager.h | 1 + src/nm-manager.c | 15 +++++++++++++++ 7 files changed, 34 insertions(+), 1 deletion(-)
diff --git a/clients/cli/general.c b/clients/cli/general.c index b919ccb..7f87842 100644 --- a/clients/cli/general.c +++ b/clients/cli/general.c @@ -437,6 +437,8 @@ permission_to_string (NMClientPermission perm) return NM_AUTH_PERMISSION_SETTINGS_MODIFY_GLOBAL_DNS; case NM_CLIENT_PERMISSION_RELOAD: return NM_AUTH_PERMISSION_RELOAD; + case NM_CLIENT_PERMISSION_ENABLE_DISABLE_STATISTICS: + return NM_AUTH_PERMISSION_ENABLE_DISABLE_STATISTICS; default: return _("unknown"); } diff --git a/libnm/nm-client.h b/libnm/nm-client.h index a496d9a..4b50b0e 100644 --- a/libnm/nm-client.h +++ b/libnm/nm-client.h @@ -98,6 +98,8 @@ G_BEGIN_DECLS * DNS configuration * @NM_CLIENT_PERMISSION_RELOAD: controls access to Reload. * @NM_CLIENT_PERMISSION_LAST: a reserved boundary value + * @NM_CLIENT_PERMISSION_ENABLE_DISABLE_STATISTICS: controls whether device + * statistics can be globally enabled or disabled * * #NMClientPermission values indicate various permissions that NetworkManager * clients can obtain to perform certain tasks on behalf of the current user. @@ -117,8 +119,9 @@ typedef enum { NM_CLIENT_PERMISSION_SETTINGS_MODIFY_HOSTNAME = 11, NM_CLIENT_PERMISSION_SETTINGS_MODIFY_GLOBAL_DNS = 12, NM_CLIENT_PERMISSION_RELOAD = 13, + NM_CLIENT_PERMISSION_ENABLE_DISABLE_STATISTICS = 14, - NM_CLIENT_PERMISSION_LAST = 13, + NM_CLIENT_PERMISSION_LAST = 14, } NMClientPermission; /** diff --git a/libnm/nm-manager.c b/libnm/nm-manager.c index 27bd4ca..0b24d30 100644 --- a/libnm/nm-manager.c +++ b/libnm/nm-manager.c @@ -232,6 +232,8 @@ nm_permission_to_client (const char *nm) return NM_CLIENT_PERMISSION_SETTINGS_MODIFY_GLOBAL_DNS; else if (!strcmp (nm, NM_AUTH_PERMISSION_RELOAD)) return NM_CLIENT_PERMISSION_RELOAD; + else if (!strcmp (nm, NM_AUTH_PERMISSION_ENABLE_DISABLE_STATISTICS)) + return NM_CLIENT_PERMISSION_ENABLE_DISABLE_STATISTICS; return NM_CLIENT_PERMISSION_NONE; } diff --git a/policy/org.freedesktop.NetworkManager.policy.in.in b/policy/org.freedesktop.NetworkManager.policy.in.in index 94d5cb8..9668a48 100644 --- a/policy/org.freedesktop.NetworkManager.policy.in.in +++ b/policy/org.freedesktop.NetworkManager.policy.in.in @@ -132,5 +132,14 @@ </defaults> </action> + <action id="org.freedesktop.NetworkManager.enable-disable-statistics"> + <_description>Enable or disable device statistics</_description> + <_message>System policy prevents enabling or disabling device statistics</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + </action> + </policyconfig> diff --git a/shared/nm-common-macros.h b/shared/nm-common-macros.h index 3e5f349..282246a 100644 --- a/shared/nm-common-macros.h +++ b/shared/nm-common-macros.h @@ -37,6 +37,7 @@ #define NM_AUTH_PERMISSION_SETTINGS_MODIFY_HOSTNAME "org.freedesktop.NetworkManager.settings.modify.hostname" #define NM_AUTH_PERMISSION_SETTINGS_MODIFY_GLOBAL_DNS "org.freedesktop.NetworkManager.settings.modify.global-dns" #define NM_AUTH_PERMISSION_RELOAD "org.freedesktop.NetworkManager.reload" +#define NM_AUTH_PERMISSION_ENABLE_DISABLE_STATISTICS "org.freedesktop.NetworkManager.enable-disable-statistics" #define NM_CLONED_MAC_PRESERVE "preserve" #define NM_CLONED_MAC_PERMANENT "permanent" diff --git a/src/nm-audit-manager.h b/src/nm-audit-manager.h index d304ad2..7e7e374 100644 --- a/src/nm-audit-manager.h +++ b/src/nm-audit-manager.h @@ -57,6 +57,7 @@ typedef struct { #define NM_AUDIT_OP_SLEEP_CONTROL "sleep-control" #define NM_AUDIT_OP_NET_CONTROL "networking-control" #define NM_AUDIT_OP_RADIO_CONTROL "radio-control" +#define NM_AUDIT_OP_STATISTICS "statistics" #define NM_AUDIT_OP_DEVICE_AUTOCONNECT "device-autoconnect" #define NM_AUDIT_OP_DEVICE_DISCONNECT "device-disconnect" diff --git a/src/nm-manager.c b/src/nm-manager.c index b3576b0..c460f72 100644 --- a/src/nm-manager.c +++ b/src/nm-manager.c @@ -4410,6 +4410,7 @@ get_permissions_done_cb (NMAuthChain *chain, get_perm_add_result (self, chain, &results, NM_AUTH_PERMISSION_SETTINGS_MODIFY_HOSTNAME); get_perm_add_result (self, chain, &results, NM_AUTH_PERMISSION_SETTINGS_MODIFY_GLOBAL_DNS); get_perm_add_result (self, chain, &results, NM_AUTH_PERMISSION_RELOAD); + get_perm_add_result (self, chain, &results, NM_AUTH_PERMISSION_ENABLE_DISABLE_STATISTICS); g_dbus_method_invocation_return_value (context, g_variant_new ("(a{ss})", &results)); @@ -4449,6 +4450,7 @@ impl_manager_get_permissions (NMManager *self, nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_HOSTNAME, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_SETTINGS_MODIFY_GLOBAL_DNS, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_RELOAD, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_ENABLE_DISABLE_STATISTICS, FALSE); } static void @@ -4909,6 +4911,10 @@ prop_set_auth_done_cb (NMAuthChain *chain, /* ... but set the property on the @object itself. It would be correct to set the property * on the skeleton interface, but as it is now, the result is the same. */ g_object_set (object, pfd->glib_propname, value, NULL); + } else if (!strcmp (pfd->glib_propname, NM_DEVICE_STATISTICS_REFRESH_RATE_MS)) { + g_assert (g_variant_is_of_type (value, G_VARIANT_TYPE_UINT32)); + /* the same here */ + g_object_set (object, pfd->glib_propname, g_variant_get_uint32 (value), NULL); } else { g_assert (g_variant_is_of_type (value, G_VARIANT_TYPE_BOOLEAN)); /* the same here */ @@ -5043,6 +5049,15 @@ prop_filter (GDBusConnection *connection, } else return message; interface_type = NMDBUS_TYPE_DEVICE_SKELETON; + } else if (!strcmp (propiface, NM_DBUS_INTERFACE_DEVICE_STATISTICS)) { + if (!strcmp (propname, "RefreshRateMs")) { + glib_propname = NM_DEVICE_STATISTICS_REFRESH_RATE_MS; + permission = NM_AUTH_PERMISSION_ENABLE_DISABLE_STATISTICS; + audit_op = NM_AUDIT_OP_STATISTICS; + expected_type = G_VARIANT_TYPE ("u"); + } else + return message; + interface_type = NMDBUS_TYPE_DEVICE_SKELETON; } else return message; -- 2.7.4 _______________________________________________ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list