From bee6d42503ec9b56f6e10704db02bcedb6a4fdf1 Mon Sep 17 00:00:00 2001

From: Richard Hughes <rhughes@redhat.com>

Date: Thu, 20 Aug 2020 11:16:09 -0400

Subject: [PATCH 01/15] subman: Add a new plugin to provide system subscription

 registration

---

 meson.build                                   |   1 +

 plugins/meson.build                           |   1 +

 plugins/subman/README.md                      |  56 +

 plugins/subman/gsd-subman-common.c            |  36 +

 plugins/subman/gsd-subman-common.h            |  40 +

 plugins/subman/gsd-subman-helper.c            | 378 +++++++

 plugins/subman/gsd-subscription-manager.c     | 982 ++++++++++++++++++

 plugins/subman/gsd-subscription-manager.h     |  63 ++

 plugins/subman/main.c                         |   8 +

 plugins/subman/meson.build                    |  56 +

 ...ome.SettingsDaemon.Subscription.desktop.in |   9 +

 ...ettings-daemon.plugins.subman.policy.in.in |  27 +

 ...gnome.settings-daemon.plugins.subman.rules |   7 +

 13 files changed, 1664 insertions(+)

 create mode 100644 plugins/subman/README.md

 create mode 100644 plugins/subman/gsd-subman-common.c

 create mode 100644 plugins/subman/gsd-subman-common.h

 create mode 100644 plugins/subman/gsd-subman-helper.c

 create mode 100644 plugins/subman/gsd-subscription-manager.c

 create mode 100644 plugins/subman/gsd-subscription-manager.h

 create mode 100644 plugins/subman/main.c

 create mode 100644 plugins/subman/meson.build

 create mode 100644 plugins/subman/org.gnome.SettingsDaemon.Subscription.desktop.in

 create mode 100644 plugins/subman/org.gnome.settings-daemon.plugins.subman.policy.in.in

 create mode 100644 plugins/subman/org.gnome.settings-daemon.plugins.subman.rules

diff --git a/meson.build b/meson.build

index 1632ea05..27bf8c4c 100644

--- a/meson.build

+++ b/meson.build

@@ -70,60 +70,61 @@ if gsd_buildtype.contains('debug')

   ]

   compiler_flags = cc.get_supported_arguments(test_cflags)

 elif gsd_buildtype.contains('release')

   common_flags += ['-DG_DISABLE_CAST_CHECKS']

 endif

 # Workaround for meson's bug

 # https://github.com/mesonbuild/meson/pull/1896

 if get_option('b_ndebug') == true

   common_flags += ['-DG_DISABLE_ASSERT']

 endif

 add_project_arguments(common_flags + compiler_flags, language: 'c')

 glib_dep = dependency('glib-2.0', version: '>= 2.56')

 colord_dep = dependency('colord', version: '>= 1.0.2')

 geocode_glib_dep = dependency('geocode-glib-1.0', version: '>= 3.10.0')

 gio_dep = dependency('gio-2.0', version: '>= 2.53.0')

 gio_unix_dep = dependency('gio-unix-2.0')

 gnome_desktop_dep = dependency('gnome-desktop-3.0', version: '>= 3.11.1')

 gsettings_desktop_dep = dependency('gsettings-desktop-schemas', version: '>= 3.27.90')

 gtk_dep = dependency('gtk+-3.0', version: '>= 3.15.3')

 gtk_x11_dep = dependency('gtk+-x11-3.0')

 gweather_dep = dependency('gweather-3.0', version: '>= 3.9.5')

 lcms_dep = dependency('lcms2', version: '>= 2.2')

 libcanberra_gtk_dep = dependency('libcanberra-gtk3')

 libgeoclue_dep = dependency('libgeoclue-2.0', version: '>= 2.3.1')

 libnotify_dep = dependency('libnotify', version: '>= 0.7.3')

 libpulse_mainloop_glib_dep = dependency('libpulse-mainloop-glib', version: '>= 2.0')

+jsonglib_dep = dependency('json-glib-1.0', version: '>= 1.1.1')

 pango_dep = dependency('pango', version: '>= 1.20.0')

 polkit_gobject_dep = dependency('polkit-gobject-1', version: '>= 0.103')

 upower_glib_dep = dependency('upower-glib', version: '>= 0.99.0')

 x11_dep = dependency('x11')

 m_dep = cc.find_library('m')

 dl_dep = cc.find_library('dl')

 # ALSA integration (default enabled)

 enable_alsa = get_option('alsa')

 assert(enable_alsa or not host_is_linux, 'ALSA is not optional on Linux platforms')

 libgvc = subproject(

   'gvc',

   default_options: [

     'static=true',

     'alsa=' + enable_alsa.to_string()

   ]

 )

 libgvc_dep = libgvc.get_variable('libgvc_dep')

 # GUdev integration (default enabled)

 enable_gudev = get_option('gudev')

 if enable_gudev

   gudev_dep = dependency('gudev-1.0')

 endif

 config_h.set10('HAVE_GUDEV', enable_gudev)

 if host_is_linux

   assert(enable_gudev, 'GUdev is not optional on Linux platforms')

 endif

diff --git a/plugins/meson.build b/plugins/meson.build

index 3c4d42ac..4c9caf47 100644

--- a/plugins/meson.build

+++ b/plugins/meson.build

@@ -1,35 +1,36 @@

 enabled_plugins = [

   ['a11y-settings', 'A11ySettings'],

   ['account', 'Account'],

   ['clipboard', 'Clipboard'],

   ['color', 'Color'],

+  ['subman', 'Subscription'],

   ['datetime', 'Datetime'],

   ['dummy', ''],

   ['power', 'Power'],

   ['housekeeping', 'Housekeeping'],

   ['keyboard', 'Keyboard'],

   ['media-keys', 'MediaKeys'],

   ['mouse', 'Mouse'],

   ['screensaver-proxy', 'ScreensaverProxy'],

   ['sharing', 'Sharing'],

   ['sound', 'Sound'],

   ['xsettings', 'XSettings']

 ]

 if enable_smartcard

   enabled_plugins += [['smartcard', 'Smartcard']]

 endif

 if enable_wacom

   enabled_plugins += [['wacom', 'Wacom']]

 endif

 if enable_cups

   enabled_plugins += [['print-notifications', 'PrintNotifications']]

 endif

 if enable_rfkill

   enabled_plugins += [['rfkill', 'Rfkill']]

 endif

 plugins_conf = configuration_data()

diff --git a/plugins/subman/README.md b/plugins/subman/README.md

new file mode 100644

index 00000000..3e1cc3cd

--- /dev/null

+++ b/plugins/subman/README.md

@@ -0,0 +1,56 @@

+GNOME Settings Daemon: Subscription Manager Plugin

+==================================================

+

+Testing:

+

+To add a test acccount on subscription.rhsm.stage.redhat.com, use Ethel:

+http://account-manager-stage.app.eng.rdu2.redhat.com/#view

+

+Register with a username and password

+-------------------------------------

+

+    gdbus call \

+     --session \

+     --dest org.gnome.SettingsDaemon.Subscription \

+     --object-path /org/gnome/SettingsDaemon/Subscription \

+     --method org.gnome.SettingsDaemon.Subscription.Register "{'kind':<'username'>,'hostname':<'subscription.rhsm.stage.redhat.com'>,'username':<'rhughes_test'>,'password':<'barbaz'>}"

+

+To register with a certificate

+------------------------------

+

+    gdbus call \

+     --session \

+     --dest org.gnome.SettingsDaemon.Subscription \

+     --object-path /org/gnome/SettingsDaemon/Subscription \

+     --method org.gnome.SettingsDaemon.Subscription.Register "{'kind':<'key'>,'hostname':<'subscription.rhsm.stage.redhat.com'>,'organisation':<'foo'>,'activation-key':<'barbaz'>}"

+

+To unregister

+-------------

+

+    gdbus call \

+     --session \

+     --dest org.gnome.SettingsDaemon.Subscription \

+     --object-path /org/gnome/SettingsDaemon/Subscription \

+     --method org.gnome.SettingsDaemon.Subscription.Unregister

+

+Debugging

+---------

+

+Get the UNIX socket using `Subscription.Register` then call something like:

+

+    sudo G_MESSAGES_DEBUG=all ./plugins/subman/gsd-subman-helper \

+     --address="unix:abstract=/var/run/dbus-ulGB1wfnbn,guid=71e6bf329d861ce366df7a1d5d036a5b" \

+     --kind="register-with-username" \

+     --username="rhughes_test" \

+     --password="barbaz" \

+     --hostname="subscription.rhsm.stage.redhat.com" \

+     --organisation=""

+

+You can all see some basic debugging running `rhsmd` in the foreground:

+

+    sudo /usr/libexec/rhsmd -d -k

+

+Known Limitations

+=================

+

+Proxy servers are not supported, nor are custom host ports or prefixes.

diff --git a/plugins/subman/gsd-subman-common.c b/plugins/subman/gsd-subman-common.c

new file mode 100644

index 00000000..e515131e

--- /dev/null

+++ b/plugins/subman/gsd-subman-common.c

@@ -0,0 +1,36 @@

+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-

+ *

+ * Copyright (C) 2019 Richard Hughes <rhughes@redhat.com>

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, see <http://www.gnu.org/licenses/>.

+ *

+ */

+

+#include "config.h"

+

+#include "gsd-subman-common.h"

+

+const gchar *

+gsd_subman_subscription_status_to_string (GsdSubmanSubscriptionStatus status)

+{

+	if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID)

+		return "valid";

+	if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID)

+		return "invalid";

+	if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_DISABLED)

+		return "disabled";

+	if (status == GSD_SUBMAN_SUBSCRIPTION_STATUS_PARTIALLY_VALID)

+		return "partially-valid";

+	return "unknown";

+}

diff --git a/plugins/subman/gsd-subman-common.h b/plugins/subman/gsd-subman-common.h

new file mode 100644

index 00000000..fccf9f6a

--- /dev/null

+++ b/plugins/subman/gsd-subman-common.h

@@ -0,0 +1,40 @@

+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-

+ *

+ * Copyright (C) 2019 Richard Hughes <rhughes@redhat.com>

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, see <http://www.gnu.org/licenses/>.

+ *

+ */

+

+#ifndef __GSD_SUBMAN_COMMON_H

+#define __GSD_SUBMAN_COMMON_H

+

+#include <glib-object.h>

+

+G_BEGIN_DECLS

+

+typedef enum {

+	GSD_SUBMAN_SUBSCRIPTION_STATUS_UNKNOWN,

+	GSD_SUBMAN_SUBSCRIPTION_STATUS_VALID,

+	GSD_SUBMAN_SUBSCRIPTION_STATUS_INVALID,

+	GSD_SUBMAN_SUBSCRIPTION_STATUS_DISABLED,

+	GSD_SUBMAN_SUBSCRIPTION_STATUS_PARTIALLY_VALID,

+	GSD_SUBMAN_SUBSCRIPTION_STATUS_LAST

+} GsdSubmanSubscriptionStatus;

+

+const gchar	*gsd_subman_subscription_status_to_string	(GsdSubmanSubscriptionStatus	 status);

+

+G_END_DECLS

+

+#endif /* __GSD_SUBMAN_COMMON_H */

diff --git a/plugins/subman/gsd-subman-helper.c b/plugins/subman/gsd-subman-helper.c

new file mode 100644

index 00000000..182f7190

--- /dev/null

+++ b/plugins/subman/gsd-subman-helper.c

@@ -0,0 +1,378 @@

+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*-

+ *

+ * Copyright (C) 2019 Richard Hughes <rhughes@redhat.com>

+ *

+ * Licensed under the GNU General Public License Version 2

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, write to the Free Software

+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

+ */

+

+#include "config.h"

+

+#include <sys/types.h>

+#include <unistd.h>

+#include <stdlib.h>

+

+#include <gio/gio.h>

+#include <json-glib/json-glib.h>

+

+static void

+_helper_convert_error (const gchar *json_txt, GError **error)

+{

+	JsonNode *json_root;

+	JsonObject *json_obj;

+	const gchar *message;

+	g_autoptr(JsonParser) json_parser = json_parser_new ();

+

+	/* this may be plain text or JSON :| */

+	if (!json_parser_load_from_data (json_parser, json_txt, -1, NULL)) {

+		g_set_error_literal (error,

+				     G_IO_ERROR,

+				     G_IO_ERROR_NOT_SUPPORTED,

+				     json_txt);

+		return;

+	}

+	json_root = json_parser_get_root (json_parser);

+	json_obj = json_node_get_object (json_root);

+	if (!json_object_has_member (json_obj, "message")) {

+		g_set_error (error,

+			     G_IO_ERROR,

+			     G_IO_ERROR_INVALID_DATA,

+			     "no message' in %s", json_txt);

+		return;

+	}

+	message = json_object_get_string_member (json_obj, "message");

+	if (g_strstr_len (message, -1, "Invalid user credentials") != NULL) {

+		g_set_error_literal (error,

+				     G_IO_ERROR,

+				     G_IO_ERROR_PERMISSION_DENIED,

+				     message);

+		return;

+	}

+	g_set_error_literal (error,

+			     G_IO_ERROR,

+			     G_IO_ERROR_NOT_SUPPORTED,

+			     message);

+}

+

+static gboolean

+_helper_unregister (GError **error)

+{

+	g_autoptr(GDBusProxy) proxy = NULL;

+	g_autoptr(GVariantBuilder) proxy_options = NULL;

+	g_autoptr(GVariant) res = NULL;

+

+	g_debug ("unregistering");

+	proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,

+					       G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |

+					       G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,

+					       NULL,

+					       "com.redhat.RHSM1",

+					       "/com/redhat/RHSM1/Unregister",

+					       "com.redhat.RHSM1.Unregister",

+					       NULL, error);

+	if (proxy == NULL) {

+		g_prefix_error (error, "Failed to get proxy: ");

+		return FALSE;

+	}

+	proxy_options = g_variant_builder_new (G_VARIANT_TYPE_VARDICT);

+	res = g_dbus_proxy_call_sync (proxy,

+				      "Unregister",

+				      g_variant_new ("(a{sv}s)",

+						     proxy_options,

+						     ""), /* lang */

+				      G_DBUS_CALL_FLAGS_NONE,

+				      -1, NULL, error);

+	return res != NULL;

+}

+

+static gboolean

+_helper_auto_attach (GError **error)

+{

+	const gchar *str = NULL;

+	g_autoptr(GDBusProxy) proxy = NULL;

+	g_autoptr(GVariantBuilder) proxy_options = NULL;

+	g_autoptr(GVariant) res = NULL;

+

+	g_debug ("auto-attaching subscriptions");

+	proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,

+					       G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |

+					       G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,

+					       NULL,

+					       "com.redhat.RHSM1",

+					       "/com/redhat/RHSM1/Attach",

+					       "com.redhat.RHSM1.Attach",

+					       NULL, error);

+	if (proxy == NULL) {

+		g_prefix_error (error, "Failed to get proxy: ");

+		return FALSE;

+	}

+	proxy_options = g_variant_builder_new (G_VARIANT_TYPE_VARDICT);

+	res = g_dbus_proxy_call_sync (proxy,

+				      "AutoAttach",

+				      g_variant_new ("(sa{sv}s)",

+						     "", /* now? */

+						     proxy_options,

+						     ""), /* lang */

+				      G_DBUS_CALL_FLAGS_NONE,

+				      -1, NULL, error);

+	if (res == NULL)

+		return FALSE;

+	g_variant_get (res, "(&s)", &str);

+	g_debug ("Attach.AutoAttach: %s", str);

+	return TRUE;

+}

+

+static gboolean

+_helper_save_config (const gchar *key, const gchar *value, GError **error)

+{

+	g_autoptr(GDBusProxy) proxy = NULL;

+	g_autoptr(GVariant) res = NULL;

+	proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,

+					       G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES |

+					       G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS,

+					       NULL,

+					       "com.redhat.RHSM1",

+					       "/com/redhat/RHSM1/Config",

+					       "com.redhat.RHSM1.Config",

+					       NULL, error);

+	if (proxy == NULL) {

+		g_prefix_error (error, "Failed to get proxy: ");

+		return FALSE;

+	}

+	res = g_dbus_proxy_call_sync (proxy, "Set",

+				      g_variant_new ("(svs)",

+						     key,

+						     g_variant_new_string (value),

+						     ""), /* lang */

+				      G_DBUS_CALL_FLAGS_NONE,

+				      -1, NULL, error);

+	return res != NULL;

+}

+

+int

+main (int argc, char *argv[])

+{

+	const gchar *userlang = ""; /* as root, so no translations */

+	g_autofree gchar *activation_key = NULL;

+	g_autofree gchar *address = NULL;

+	g_autofree gchar *hostname = NULL;

+	g_autofree gchar *kind = NULL;

+	g_autofree gchar *organisation = NULL;

+	g_autofree gchar *password = NULL;

+	g_autofree gchar *port = NULL;

+	g_autofree gchar *prefix = NULL;

+	g_autofree gchar *proxy_server = NULL;

+	g_autofree gchar *username = NULL;

+	g_autoptr(GDBusConnection) conn_private = NULL;

+	g_autoptr(GDBusProxy) proxy = NULL;

+	g_autoptr(GError) error = NULL;

+	g_autoptr(GOptionContext) context = g_option_context_new (NULL);

+	g_autoptr(GVariantBuilder) proxy_options = NULL;

+	g_autoptr(GVariantBuilder) subman_conopts = NULL;

+	g_autoptr(GVariantBuilder) subman_options = NULL;

+

+	const GOptionEntry options[] = {

+		{ "kind", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,

+			&kind, "Kind, e.g. 'username' or 'key'", NULL },

+		{ "address", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,

+			&address, "UNIX address", NULL },

+		{ "username", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,

+			&username, "Username", NULL },

+		{ "password", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,

+			&password, "Password", NULL },

+		{ "organisation", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,

+			&organisation, "Organisation", NULL },

+		{ "activation-key", '\0', G_OPTION_FLAG_NONE, G_OPTION_ARG_STRING,

+			&activation_key, "Activation keys", NULL },

+		{ "hostname", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,

+			&hostname, "Registration server hostname", NULL },

+		{ "prefix", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,

+			&prefix, "Registration server prefix", NULL },

+		{ "port", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,

+			&port, "Registration server port", NULL },

+		{ "proxy", '\0', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_STRING,

+			&proxy_server, "Proxy settings", NULL },

+		{ NULL}

+	};

+

+	/* check calling UID */

+	if (getuid () != 0 || geteuid () != 0) {

+		g_printerr ("This program can only be used by the root user\n");

+		return G_IO_ERROR_NOT_SUPPORTED;

+	}

+	g_option_context_add_main_entries (context, options, NULL);

+	if (!g_option_context_parse (context, &argc, &argv, &error)) {

+		g_printerr ("Failed to parse arguments: %s\n", error->message);

+		return G_IO_ERROR_NOT_SUPPORTED;

+	}

+

+	/* uncommon actions */

+	if (kind == NULL) {

+		g_printerr ("No --kind specified\n");

+		return G_IO_ERROR_INVALID_DATA;

+	}

+	if (g_strcmp0 (kind, "unregister") == 0) {

+		if (!_helper_unregister (&error)) {

+			g_printerr ("Failed to Unregister: %s\n", error->message);

+			return G_IO_ERROR_NOT_INITIALIZED;

+		}

+		return EXIT_SUCCESS;

+	}

+	if (g_strcmp0 (kind, "auto-attach") == 0) {

+		if (!_helper_auto_attach (&error)) {

+			g_printerr ("Failed to AutoAttach: %s\n", error->message);

+			return G_IO_ERROR_NOT_INITIALIZED;

+		}

+		return EXIT_SUCCESS;

+	}

+

+	/* connect to abstract socket for reasons */

+	if (address == NULL) {

+		g_printerr ("No --address specified\n");

+		return G_IO_ERROR_INVALID_DATA;

+	}

+	conn_private = g_dbus_connection_new_for_address_sync (address,

+							       G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT,

+							       NULL, NULL,

+							       &error);

+	if (conn_private == NULL) {

+		g_printerr ("Invalid --address specified: %s\n", error->message);

+		return G_IO_ERROR_INVALID_DATA;

+	}

+	proxy = g_dbus_proxy_new_sync (conn_private,

+				       G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES,

+				       NULL, /* GDBusInterfaceInfo */

+				       NULL, /* name */

+				       "/com/redhat/RHSM1/Register",

+				       "com.redhat.RHSM1.Register",

+				       NULL, &error);

+	if (proxy == NULL) {

+		g_printerr ("Count not contact RHSM: %s\n", error->message);

+		return G_IO_ERROR_NOT_FOUND;

+	}

+

+	/* no options */

+	subman_options = g_variant_builder_new (G_VARIANT_TYPE("a{ss}"));

+

+	/* set registration server */

+	if (hostname == NULL || hostname[0] == '\0')

+		hostname = g_strdup ("subscription.rhsm.redhat.com");

+	if (prefix == NULL || prefix[0] == '\0')

+		prefix = g_strdup ("/subscription");

+	if (port == NULL || port[0] == '\0')

+		port = g_strdup ("443");

+	subman_conopts = g_variant_builder_new (G_VARIANT_TYPE("a{ss}"));

+	g_variant_builder_add (subman_conopts, "{ss}", "host", hostname);

+	g_variant_builder_add (subman_conopts, "{ss}", "handler", prefix);

+	g_variant_builder_add (subman_conopts, "{ss}", "port", port);

+

+	/* call into RHSM */

+	if (g_strcmp0 (kind, "register-with-key") == 0) {

+		g_auto(GStrv) activation_keys = NULL;

+		g_autoptr(GError) error_local = NULL;

+		g_autoptr(GVariant) res = NULL;

+

+		if (activation_key == NULL) {

+			g_printerr ("Required --activation-key\n");

+			return G_IO_ERROR_INVALID_DATA;

+		}

+		if (organisation == NULL) {

+			g_printerr ("Required --organisation\n");

+			return G_IO_ERROR_INVALID_DATA;

+		}

+

+		g_debug ("registering using activation key");

+		activation_keys = g_strsplit (activation_key, ",", -1);

+		res = g_dbus_proxy_call_sync (proxy,

+					      "RegisterWithActivationKeys",

+					      g_variant_new ("(s^asa{ss}a{ss}s)",

+							     organisation,

+							     activation_keys,

+							     subman_options,

+							     subman_conopts,

+							     userlang),

+					      G_DBUS_CALL_FLAGS_NO_AUTO_START,

+					      -1, NULL, &error_local);

+		if (res == NULL) {

+			g_dbus_error_strip_remote_error (error_local);

+			_helper_convert_error (error_local->message, &error);

+			g_printerr ("Failed to RegisterWithActivationKeys: %s\n", error->message);

+			return error->code;

+		}

+	} else if (g_strcmp0 (kind, "register-with-username") == 0) {

+		g_autoptr(GError) error_local = NULL;

+		g_autoptr(GVariant) res = NULL;

+

+		g_debug ("registering using username and password");

+		if (username == NULL) {

+			g_printerr ("Required --username\n");

+			return G_IO_ERROR_INVALID_DATA;

+		}

+		if (password == NULL) {

+			g_printerr ("Required --password\n");

+			return G_IO_ERROR_INVALID_DATA;

+		}

+		if (organisation == NULL) {

+			g_printerr ("Required --organisation\n");

+			return G_IO_ERROR_INVALID_DATA;

+		}

+		res = g_dbus_proxy_call_sync (proxy,

+					      "Register",

+					      g_variant_new ("(sssa{ss}a{ss}s)",

+							     organisation,

+							     username,

+							     password,

+							     subman_options,

+							     subman_conopts,

+							     userlang),

+					      G_DBUS_CALL_FLAGS_NO_AUTO_START,

+					      -1, NULL, &error_local);

+		if (res == NULL) {

+			g_dbus_error_strip_remote_error (error_local);

+			_helper_convert_error (error_local->message, &error);

+			g_printerr ("Failed to Register: %s\n", error->message);

+			return error->code;

+		}

+	} else {

+		g_printerr ("Invalid --kind specified: %s\n", kind);

+		return G_IO_ERROR_INVALID_DATA;

+	}

+

+	/* set the new hostname */

+	if (!_helper_save_config ("server.hostname", hostname, &error)) {

+		g_printerr ("Failed to save hostname: %s\n", error->message);

+		return G_IO_ERROR_NOT_INITIALIZED;

+	}

+	if (!_helper_save_config ("server.prefix", prefix, &error)) {

+		g_printerr ("Failed to save prefix: %s\n", error->message);

+		return G_IO_ERROR_NOT_INITIALIZED;

+	}

+	if (!_helper_save_config ("server.port", port, &error)) {

+		g_printerr ("Failed to save port: %s\n", error->message);

+		return G_IO_ERROR_NOT_INITIALIZED;

+	}

+

+	/* wait for rhsmd to notice the new config */

+	g_usleep (G_USEC_PER_SEC * 5);

+

+	/* auto-attach */

+	if (!_helper_auto_attach (&error)) {

+		g_printerr ("Failed to AutoAttach: %s\n", error->message);

+		return G_IO_ERROR_NOT_INITIALIZED;

+	}

+

+	return EXIT_SUCCESS;

+}

diff --git a/plugins/subman/gsd-subscription-manager.c b/plugins/subman/gsd-subscription-manager.c

new file mode 100644

index 00000000..08b13fa6

--- /dev/null

+++ b/plugins/subman/gsd-subscription-manager.c

@@ -0,0 +1,982 @@

+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-

+ *

+ * Copyright (C) 2019 Richard Hughes <richard@hughsie.com>

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, see <http://www.gnu.org/licenses/>.

+ *

+ */

+

+#include "config.h"

+

+#include <glib/gi18n.h>

+#include <gdk/gdk.h>

+#include <gtk/gtk.h>

+#include <json-glib/json-glib.h>

+#include <libnotify/notify.h>

+

+#include "gnome-settings-profile.h"

+#include "gsd-subman-common.h"

+#include "gsd-subscription-manager.h"

+

+#define GSD_DBUS_NAME "org.gnome.SettingsDaemon"

+#define GSD_DBUS_PATH "/org/gnome/SettingsDaemon"

+#define GSD_DBUS_BASE_INTERFACE "org.gnome.SettingsDaemon"

+

+#define GSD_SUBSCRIPTION_DBUS_NAME		GSD_DBUS_NAME ".Subscription"

+#define GSD_SUBSCRIPTION_DBUS_PATH		GSD_DBUS_PATH "/Subscription"

+#define GSD_SUBSCRIPTION_DBUS_INTERFACE		GSD_DBUS_BASE_INTERFACE ".Subscription"

+