man_MANS = \
polkit.8 \
polkitd.8 \
- pklocalauthority.8 \
pkexec.1 \
pkcheck.1 \
pkaction.1 \
EXTRA_DIST = \
polkit.xml \
polkitd.xml \
- pklocalauthority.xml \
pkexec.xml \
pkcheck.xml \
pkaction.xml \
<title>DESCRIPTION</title>
<para>
<command>pkaction</command> is used to obtain information about registered
- PolicyKit actions. If called with <option>--action-id</option> then all
+ polkit actions. If called with <option>--action-id</option> then all
actions are displayed. Otherwise the action <replaceable>action</replaceable>.
If called without the <option>--verbose</option> option only the name
of the action is shown. Otherwise details about the actions are shown.
temporary authorizations for the current session.
</para>
<para>
- This command is a simple wrapper around the PolicyKit D-Bus interface; see the
+ This command is a simple wrapper around the polkit D-Bus interface; see the
D-Bus interface documentation for details.
</para>
</refsect1>
<refsect1 id="pkcheck-auth-agent"><title>AUTHENTICATION AGENT</title>
<para>
- <command>pkcheck</command>, like any other PolicyKit
+ <command>pkcheck</command>, like any other polkit
application, will use the authentication agent registered for
the process in question. However, if no authentication agent is
available, then <command>pkcheck</command> can register its own
<refsect1 id="pkexec-auth-agent"><title>AUTHENTICATION AGENT</title>
<para>
- <command>pkexec</command>, like any other PolicyKit application,
+ <command>pkexec</command>, like any other polkit application,
will use the authentication agent registered for the calling
- process. However, if no authentication agent is available, then
- <command>pkexec</command> will register its own textual
- authentication agent. This behavior can be turned off by passing
- the <option>--disable-internal-agent</option> option.
+ process or session. However, if no authentication agent is
+ available, then <command>pkexec</command> will register its own
+ textual authentication agent. This behavior can be turned off by
+ passing the <option>--disable-internal-agent</option> option.
</para>
</refsect1>
<xref linkend="pkexec-required-authz"/>) requires administrator
authentication. In addition, the authentication dialog presented
to the user will display the full path to the program to be
- executed so the user is aware of what will happen:
+ executed so the user is aware of what will happen.
</para>
- <mediaobject id="pkexec-bash">
- <imageobject>
- <imagedata fileref="pkexec-bash.png" format="PNG"/>
- </imageobject>
- <textobject>
- <programlisting><![CDATA[
-+----------------------------------------------------------+
-| Authenticate [X] |
-+----------------------------------------------------------+
-| |
-| [Icon] Authentication is needed to run `/bin/bash' |
-| as the super user |
-| |
-| An application is attempting to perform an |
-| action that requires privileges. Authentication |
-| as the super user is required to perform this |
-| action. |
-| |
-| Password for root: [_________________________] |
-| |
-| [V] Details: |
-| Command: /bin/bash |
-| Run As: Super User (root) |
-| Action: org.freedesktop.policykit.exec |
-| Vendor: The PolicyKit Project |
-| |
-| [Cancel] [Authenticate] |
-+----------------------------------------------------------+
-]]></programlisting>
- </textobject>
- </mediaobject>
<para>
The environment that <replaceable>PROGRAM</replaceable> will run
it, will be set to a minimal known and safe environment in order
mechanisms. In addition the <literal>PKEXEC_UID</literal>
environment variable is set to the user id of the process
invoking <command>pkexec</command>. As a
- result, <command>pkexec</command> will not allow you to run
+ result, <command>pkexec</command> will not by default allow you to run
X11 applications as another user since
the <literal>$DISPLAY</literal> and <literal>$XAUTHORITY</literal>
environment variables are not set. These two variables will be retained
on an action is set to a nonempty value; this is discouraged, though, and
should only be used for legacy programs.
</para>
- </refsect1>
- <refsect1 id="pkexec-required-authz"><title>REQUIRED AUTHORIZATIONS</title>
- <para>
- By default,
- the <emphasis>org.freedesktop.policykit.exec</emphasis>
- authorization is required unless an action definition file is
- present for the program in question. To require another
- authorization, it can be specified using the <emphasis>org.freedesktop.policykit.exec.path</emphasis> annotation on an action (See <xref linkend="pkexec-example"/> for details).
- </para>
- </refsect1>
-
- <refsect1 id="pkexec-example"><title>EXAMPLE</title>
- <para>
- To specify what kind of authorization is needed to execute the
- program <filename>/usr/bin/pk-example-frobnicate</filename> as
- another user, simply write an action definition file like this
- </para>
- <programlisting>
-<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" parse="text" href="../../src/examples/org.freedesktop.policykit.examples.pkexec.policy"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
- <para>
- and drop it in the
- <filename>/usr/share/polkit-1/actions</filename> directory under
- a suitable name (e.g. matching the namespace of the action).
- Note that in addition to specifying the program, the
- authentication message, description, icon and defaults can be
- specified. Note that occurences of the strings
- <literal>$(user)</literal>, <literal>$(program)</literal> and
- <literal>$(command_line)</literal> in the message will be
- replaced with respectively the user (of the form "Real Name
- (username)" or just "username" if there is no real name for the
- username), the binary to execute (a fully-qualified path,
- e.g. "<literal>/usr/bin/pk-example-frobnicate</literal>") and
- the command-line, e.g. "<literal>pk-example-frobnicate foo
- bar</literal>". For example, for the action defined above, the
- following authentication dialog will be shown:
- </para>
- <mediaobject id="pkexec-frobnicate">
- <imageobject>
- <imagedata fileref="pkexec-frobnicate.png" format="PNG"/>
- </imageobject>
- <textobject>
- <programlisting><![CDATA[
-+----------------------------------------------------------+
-| Authenticate [X] |
-+----------------------------------------------------------+
-| |
-| [Icon] Authentication is required to run the PolicyKit |
-| example program Frobnicate |
-| |
-| An application is attempting to perform an |
-| action that requires privileges. Authentication |
-| is required to perform this action. |
-| |
-| Password: [__________________________________] |
-| |
-| [V] Details: |
-| Command: /usr/bin/pk-example-frobnicate |
-| Run As: Super User (root) |
-| Action: org.fd.pk.example.pkexec.run-frobnicate |
-| Vendor: Examples for the PolicyKit Project |
-| |
-| [Cancel] [Authenticate] |
-+----------------------------------------------------------+
-]]></programlisting>
- </textobject>
- </mediaobject>
- <para>
- If the user is using the <literal>da_DK</literal> locale, the
- dialog looks like this:
- </para>
- <mediaobject id="pkexec-frobnicate-da">
- <imageobject>
- <imagedata fileref="pkexec-frobnicate-da.png" format="PNG"/>
- </imageobject>
- <textobject>
- <programlisting><![CDATA[
-+----------------------------------------------------------+
-| Autorisering [X] |
-+----------------------------------------------------------+
-| |
-| [Icon] Autorisering er påkrævet for at afvikle |
-| PolicyKit eksemplet Frobnicate |
-| |
-| Et program forsøger at udføre en handling der |
-| kræver privilegier. Autorisering er påkrævet. |
-| |
-| Kodeord: [___________________________________] |
-| |
-| [V] Detaljer: |
-| Bruger: Super User (root) |
-| Program: /usr/bin/pk-example-frobnicate |
-| Handling: org.fd.pk.example.pkexec.run-frobnicate |
-| Vendor: Examples for the PolicyKit Project |
-| |
-| [Annullér] [Autorisering] |
-+----------------------------------------------------------+
-]]></programlisting>
- </textobject>
- </mediaobject>
<para>
Note that <command>pkexec</command> does no validation of
the <replaceable>ARGUMENTS</replaceable> passed
since if the user is an administrator he might as well just
run <command>pkexec bash</command> to get root.
</para>
+
<para>
However, if an action is used for which the user can retain
- authorization (or if the user is implicitly authorized), such as
- with <filename>pk-example-frobnicate</filename> above, this
+ authorization (or if the user is implicitly authorized) this
could be a security hole. Therefore, as a rule of thumb,
programs for which the default required authorization is
- changed, should never implicitly trust user input (e.g. like any
+ changed, should <emphasis role='strong'>never</emphasis> implicitly trust user input (e.g. like any
other well-written <emphasis>suid</emphasis> program).
</para>
</refsect1>
+ <refsect1 id="pkexec-required-authz"><title>REQUIRED AUTHORIZATIONS</title>
+ <para>
+ By default, the
+ <emphasis>org.freedesktop.policykit.exec</emphasis> action is
+ used. To use another action, use the
+ <emphasis>org.freedesktop.policykit.exec.path</emphasis>
+ annotation on an action with the value set to the full path of
+ the program. In addition to specifying the program, the
+ authentication message, description, icon and defaults can be
+ specified. The strings <literal>$(user)</literal>,
+ <literal>$(program)</literal> and
+ <literal>$(command_line)</literal> in the message will be
+ expanded, see <xref linkend="pkexec-variables"/>.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pkexec-variables"><title>VARIABLES</title>
+ <para>
+ The following variables are set by
+ <command>pkexec</command>. They can be used in authorization
+ rules and messages shown in authentication dialogs:
+ </para>
+
+ <variablelist>
+ <varlistentry>
+ <term><emphasis>program</emphasis></term>
+ <listitem>
+ <para>
+ Fully qualified path to the program to be executed.
+ Example: <quote>/bin/cat</quote>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>command_line</emphasis></term>
+ <listitem>
+ <para>
+ The requested command-line (do not use this for any
+ security checks, it is not secure).
+ Example: <quote>cat /srv/xyz/foobar</quote>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>user</emphasis></term>
+ <listitem>
+ <para>
+ The user name of the user to execute the program as.
+ Example: <quote>davidz</quote>
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>user_full</emphasis></term>
+ <listitem>
+ <para>
+ The full name of the user to execute the program as.
+ Example: <quote>David Zeuthen</quote>
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ </refsect1>
+
<refsect1 id="pkexec-author"><title>AUTHOR</title>
<para>
Written by David Zeuthen <email>davidz@redhat.com</email> with
+++ /dev/null
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
- "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-<!ENTITY version SYSTEM "../version.xml">
-]>
-<refentry id="pklocalauthority.8">
- <refentryinfo>
- <title>pklocalauthority</title>
- <date>May 2009</date>
- <productname>polkit</productname>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>pklocalauthority</refentrytitle>
- <manvolnum>8</manvolnum>
- <refmiscinfo class="version"></refmiscinfo>
- </refmeta>
-
- <refnamediv>
- <refname>pklocalauthority</refname>
- <refpurpose>PolicyKit Local Authority</refpurpose>
- </refnamediv>
-
- <refsect1 id="pklocalauthority-description">
- <title>DESCRIPTION</title>
- <para>
- The Local Authority is the default PolicyKit authority
- implementation. Configuration for the Local Authority and
- information pertaining to authorization decisions are read from
- local files on the disk. One design goal of the Local Authority
- is to split configuration items into separate files such that
- 3rd party packages and users won't conflict trying to edit the
- same files. This policy also ensures smooth upgrades when
- distributing PolicyKit using a package management system.
- </para>
- <para>
- Files shipped with PolicyKit and 3rd party packages (e.g. under
- package manager control) typically have comments (such
- as <quote>DO NOT EDIT THIS FILE, it will be overwritten on
- update</quote>) telling the system administrator that changes
- will be overwritten on update.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-admin-authentication">
- <title>ADMINISTRATOR AUTHENTICATION</title>
- <para>
- PolicyKit makes a distinction between <emphasis>user
- authentication</emphasis> (to make the user in front of the
- system prove he really is the user) and <emphasis>administrator
- authentication</emphasis> (to make the user in front of the
- system prove he really is an administrator). Since various
- operating systems (or even flavors of the same operating system)
- has different ways of defining "administrator", the Local
- Authority provides a way to specify what "administrator
- authentication" means.
- </para>
- <para>
- By default, "administrator authentication" is defined as asking
- for the root password. Since some systems, for usability
- reasons, don't have a root password and instead rely on a group
- of users being member of an administrative group that gives them
- super-user privileges, the Local Authority can be configured to
- support this use-case as well.
- </para>
- <para>
- Configuration for the Local Authority is read from files in
- the <filename>/etc/polkit-1/localauthority.conf.d</filename>
- directory. All files are read in lexigraphical order (using the
- C locale) meaning that later files can override earlier
- ones. The file <filename>50-localauthority.conf</filename>
- contains the settings provided by the OS vendor. Users and 3rd
- party packages can drop configuration files with a priority
- higher than 60 to change the defaults. The configuration file
- format is simple. Each configuration file is a <emphasis>key
- file</emphasis> (also commonly known as a <emphasis>ini
- file</emphasis>) with a single group
- called <literal>[Configuration]</literal>. Only a single
- key, <literal>AdminIdentities</literal> is read. The value of
- this key is a semi-colon separated list of identities that can
- be used when administrator authentication is required. Users are
- specified by prefixing the user name with
- <literal>unix-user:</literal>, groups of users are specified by
- prefixing with <literal>unix-group:</literal>, and netgroups of
- users are specified with <literal>unix-netgroup:</literal>. See
- <xref linkend="pklocalauthority-examples"/> for an example of a
- configuration file.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-directory-structure">
- <title>DIRECTORY STRUCTURE</title>
- <para>
- The Local Authority reads files with <filename>.pkla</filename>
- extension from all directories located inside the
- <filename>/etc/polkit-1/localauthority</filename>
- and <filename>/var/lib/polkit-1/localauthority</filename>
- directories. By default, the following sub-directories are installed.
- </para>
- <programlisting>
-/etc/polkit-1/
-`-- localauthority
- |-- 10-vendor.d
- |-- 20-org.d
- |-- 30-site.d
- |-- 50-local.d
- `-- 90-mandatory.d
- </programlisting>
- <para>
- and
- </para>
- <programlisting>
-/var/lib/polkit-1/
-`-- localauthority
- |-- 10-vendor.d
- |-- 20-org.d
- |-- 30-site.d
- |-- 50-local.d
- `-- 90-mandatory.d
- </programlisting>
- <para>
- The <filename>/etc/polkit-1/localauthority</filename> hierarchy
- is inteded for local configuration and
- the <filename>/var/lib/polkit-1/localauthority</filename> is
- intended for 3rd party packages.
- </para>
- <para>
- Each <filename>.pkla</filename> file contains one or more
- authorization entries. If the underlying filesystem supports
- file monitoring, the Local Authority will reload information
- whenever <filename>.pkla</filename> files are added, removed or
- changed.
- </para>
- <para>
- Each directory is intended for a specific audience
- </para>
- <variablelist>
- <varlistentry>
- <term><emphasis>10-vendor.d</emphasis></term>
- <listitem>
- <para>
- Intended for use by the OS vendor.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>20-org.d</emphasis></term>
- <listitem>
- <para>
- Intended for the organization deploying the OS.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>30-site.d</emphasis></term>
- <listitem>
- <para>
- Intended for the site deploying the system.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>50-local.d</emphasis></term>
- <listitem>
- <para>
- Intended for local usage.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>90-mandatory.d</emphasis></term>
- <listitem>
- <para>
- Intended for the organization deploying the OS.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- <para>
- and new directories can be added/removed as needed.
- </para>
- <para>
- As to regards to the content, each <filename>.pkla</filename>
- file is a standard <emphasis>key file</emphasis> and contains
- key/value pairs in one or more groups with each group
- representing an authorization entry.
- A <filename>.pkla</filename> file MUST be named by using a
- scheme to ensure that the name is unique, e.g. reverse DNS
- notation or similar. For example, if the organization is
- <quote>Acme Corp</quote> needs to modify policy for the
- product <quote>Frobnicator</quote>, a name
- like <filename>com.acme.frobnicator.pkla</filename> would be
- suitable.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-authorization-entry">
- <title>AUTHORIZATION ENTRY</title>
- <para>
- Each group in a <filename>.pkla</filename> file must have a name
- that is unique within the file it belongs to. The following keys
- are are recognized:
- </para>
- <variablelist>
- <varlistentry>
- <term><emphasis>Identity</emphasis></term>
- <listitem>
- <para>
- A semi-colon separated list of globs to match identities. Each glob
- should start with <literal>unix-user:</literal> or
- <literal>unix-group:</literal> to specify whether to match on a
- UNIX user name or a UNIX group name. Netgroups are supported with
- the <literal>unix-netgroup:</literal> prefix, but cannot support
- glob syntax.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>Action</emphasis></term>
- <listitem>
- <para>
- A semi-colon separated list of globs to match action identifiers.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>ResultActive</emphasis></term>
- <listitem>
- <para>
- The result to return for subjects in an active local
- session that matches one or more of the given identities.
- Allowed values are similar to what can be used in
- the <emphasis>defaults</emphasis> section
- of <filename>.policy</filename> files used to define
- actions, e.g.
- <literal>yes</literal>,
- <literal>no</literal>,
- <literal>auth_self</literal>,
- <literal>auth_self_keep</literal>,
- <literal>auth_admin</literal> and
- <literal>auth_admin_keep</literal>.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>ResultInactive</emphasis></term>
- <listitem>
- <para>
- Like <emphasis>ResultActive</emphasis> but instead applies
- to subjects in inactive local sessions.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>ResultAny</emphasis></term>
- <listitem>
- <para>
- Like <emphasis>ResultActive</emphasis> but instead applies
- to any subject.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><emphasis>ReturnValue</emphasis></term>
- <listitem>
- <para>
- A semi-colon separated list of key/value pairs (of the
- form key=value) that are added to the details of
- authorization result on positive matches.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- <para>
- All keys specified above are required except that only at least
- one
- of <emphasis>ResultAny</emphasis>, <emphasis>ResultInactive</emphasis>
- and <emphasis>ResultActive</emphasis> must
- be present. The <emphasis>ReturnValue</emphasis> key is optional.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-evaluation-order">
- <title>EVALUATION ORDER</title>
- <para>
- When a Mechanism requests services from the Authority to check
- if a given Subject is authorized for a given Action, the
- authorization entries discussed above are consulted using the
- following algorithm.
- </para>
- <para>
- The authorization entries from all .pkla files are ordered using
- the following rules. First all the basename of all
- sub-directories (e.g. <emphasis>30-site.d</emphasis>) from both
- the <filename>/etc/polkit-1/localauthority</filename>
- and <filename>/var/lib/polkit-1/localauthority</filename>
- directories are enumerated and sorted (using the C locale). If a
- name exists in both <filename>/etc</filename>
- and <filename>/var</filename>, the one
- in <filename>/etc</filename> takes precedence. Then
- all <filename>.pkla</filename> files are read in order from this
- list of sub-directories. For each <filename>.pkla</filename>
- file, authorizations from each file are appended in order resulting
- in an ordered list of authorization entries.
- </para>
- <para>
- For example, given the following files
- </para>
- <programlisting>
-/var/lib/polkit-1
-└── localauthority
- ├── 10-vendor.d
- │ └── 10-desktop-policy.pkla
- ├── 20-org.d
- ├── 30-site.d
- ├── 50-local.d
- ├── 55-org.my.company.d
- │ └── 10-org.my.company.product.pkla
- └── 90-mandatory.d
-
-/etc/polkit-1
-└── localauthority
- ├── 10-vendor.d
- │ └── 01-some-changes-from-a-subvendor.pkla
- ├── 20-org.d
- ├── 30-site.d
- ├── 50-local.d
- ├── 55-org.my.company.d
- │ └── 10-org.my.company.product.pkla
- └── 90-mandatory.d
- </programlisting>
- <para>
- the evaluation order of the <filename>.pkla</filename> files is:
- </para>
- <orderedlist>
- <listitem>
- <para>
- <filename>10-desktop-policy.pkla</filename>
- </para>
- </listitem>
- <listitem>
- <para>
- <filename>01-some-changes-from-a-subvendor.pkla</filename>
- </para>
- </listitem>
- <listitem>
- <para>
- <filename>10-org.my.company.product.pkla</filename> (the <filename>/var</filename> one)
- </para>
- </listitem>
- <listitem>
- <para>
- <filename>10-org.my.company.product.pkla</filename> (the <filename>/etc</filename> one)
- </para>
- </listitem>
- </orderedlist>
- <para>
- When the list of authorization entries has been calculated, the
- authorization check can be made. First, the user of the Subject
- is determined and the groups that the user belongs are looked
- up. For each group identity, the authorization entries are
- consulted in order. If the authorization check matches the data
- from the authorization check, then the authorization result
- from <emphasis>RequireAny</emphasis>, <emphasis>RequireInactive</emphasis>
- or <emphasis>RequireActive</emphasis> is used
- and <emphasis>ReturnValue</emphasis> is added to the
- authorization result.
- </para>
- <para>
- Finally, the authorization entries are consulted using the user
- identity in the same manner.
- </para>
- <para>
- Note that processing continues even after a match. This allows
- for socalled <quote>negative authorizations</quote>, see
- <xref linkend="pklocalauthority-examples"/> for further
- discussion.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-examples">
- <title>EXAMPLES</title>
- <para>
- The following <filename>.conf</filename> file
- </para>
- <programlisting>
-[Configuration]
-AdminIdentities=unix-group:staff
- </programlisting>
- <para>
- specifies that any user in the <literal>staff</literal> UNIX
- group can be used for authentication when administrator
- authentication is needed. This file would typically be installed
- in the <filename>/etc/polkit-1/localauthority.conf.d</filename>
- directory and given the
- name <filename>60-desktop-policy.conf</filename> to ensure that
- it is evaluted after
- the <filename>50-localauthority.conf</filename> file shipped
- with PolicyKit. If the local administrator wants to override this (suppose <filename>60-desktop-policy.conf</filename> was shipped as part of the OS) he can simply create a file <filename>99-my-admin-configuration.conf</filename> with the following content
- </para>
- <programlisting>
-[Configuration]
-AdminIdentities=unix-user:lisa;unix-user:marge
- </programlisting>
- <para>
- to specify that only the users <literal>lisa</literal>
- and <literal>marge</literal> can authenticate when
- administrator authentication is needed.
- </para>
- <para>
- The following <filename>.pkla</filename> file grants
- authorization to all users in the <literal>staff</literal> group
- for actions matching the
- glob <literal>com.example.awesomeproduct.*</literal> provided
- they are in an active session on the local console:
- </para>
- <programlisting>
-[Normal Staff Permissions]
-Identity=unix-group:staff
-Action=com.example.awesomeproduct.*
-ResultAny=no
-ResultInactive=no
-ResultActive=yes
- </programlisting>
- <para>
- If the users <literal>homer</literal> and <literal>grimes</literal> are member of
- the <literal>staff</literal> group but policy requires that an
- administrator needs to authenticate every time authorization for
- any action
- matching <literal>com.example.awesomeproduct.*</literal> is
- required, one would add
- </para>
- <programlisting>
-[Exclude Some Problematic Users]
-Identity=unix-user:homer;unix-user:grimes
-Action=com.example.awesomeproduct.*
-ResultAny=no
-ResultInactive=no
-ResultActive=auth_admin
- </programlisting>
- <para>
- and make sure this authorization entry is after the first one.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-author"><title>AUTHOR</title>
- <para>
- Written by David Zeuthen <email>davidz@redhat.com</email> with
- a lot of help from many others.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-bugs">
- <title>BUGS</title>
- <para>
- Please send bug reports to either the distribution or the
- polkit-devel mailing list,
- see the link <ulink url="http://lists.freedesktop.org/mailman/listinfo/polkit-devel"/>
- on how to subscribe.
- </para>
- </refsect1>
-
- <refsect1 id="pklocalauthority-see-also">
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>polkit</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
-</refentry>
<refnamediv>
<refname>polkit</refname>
- <refpurpose>Authorization Framework</refpurpose>
+ <refpurpose>Authorization Manager</refpurpose>
</refnamediv>
<refsect1 id="polkit-overview"><title>OVERVIEW</title>
<para>
- PolicyKit provides an authorization API intended to be used by
+ polkit provides an authorization API intended to be used by
privileged programs (<quote>MECHANISMS</quote>) offering service
- to unprivileged programs (<quote>CLIENTS</quote>) through some
+ to unprivileged programs (<quote>SUBJECTS</quote>) through some
form of IPC mechanism such as D-Bus or Unix pipes. In this
- scenario, the mechanism typically treats the client as
- untrusted. For every request from a client, the mechanism needs
+ scenario, the mechanism typically treats the subject as
+ untrusted. For every request from a subject, the mechanism needs
to determine if the request is authorized or if it should refuse
- to service the client. Using the PolicyKit API, a mechanism can
- offload this decision to a trusted party: The PolicyKit
+ to service the subject. Using the polkit APIs, a mechanism can
+ offload this decision to a trusted party: The polkit
Authority.
</para>
<para>
- In addition to acting as an authority, PolicyKit allows users to
+ In addition to acting as an authority, polkit allows users to
obtain temporary authorization through authenticating either an
administrative user or the owner of the session the client
belongs to. This is useful for scenarios where a mechanism needs
<refsect1 id="polkit-system-architecture"><title>SYSTEM ARCHITECTURE</title>
<para>
- The system architecture of PolicyKit is comprised of
- the <emphasis>Authority</emphasis> (implemented as a service on
- the system message bus) and a
- <emphasis>Authentication Agent</emphasis> per user session
- (provided and started by the user session e.g. GNOME or KDE).
- Additionally, PolicyKit supports a number of extension points –
- specifically, vendors and/or sites can write extensions to
- completely control authorization policy. In a block diagram, the
- architecture looks like this:
+ The system architecture of polkit is comprised of the
+ <emphasis>Authority</emphasis> (implemented as a service on the
+ system message bus) and an <emphasis>Authentication
+ Agent</emphasis> per user session (provided and started by the
+ user's graphical environment, for example <ulink
+ url="http://www.gnome.org/">GNOME</ulink>). <emphasis>Actions</emphasis>
+ are defined by applications and vendors, sites and system
+ administrators can control authorization policy through
+ <emphasis>Authorization Rules</emphasis>
</para>
<mediaobject id="polkit-architecture">
<imageobject>
+-------------------+
| libpolkit-agent-1 |
+-------------------+
- ^ +--------+
- | | Client |
- +--------------+ +--------+
+ ^ +---------+
+ | | Subject |
+ +--------------+ +---------+
| ^
| |
User Session | |
| | +---------------------+
V +----> | libpolkit-gobject-1 |
+------------------+ +---------------------+
-| org.freedesktop. |
-| PolicyKit1 |
-+------------------+
-| Backends and |
-| Extensions |
+| polkitd(8) |
+------------------+
+| org.freedesktop. |
+| PolicyKit1 |<---------+
++------------------+ |
+ ^ |
+ | +--------------------------------------+
+ | | /usr/share/polkit-1/actions/*.policy |
+ | +--------------------------------------+
+ |
+ +--------------------------------------+
+ | /etc/polkit-1/rules.d/*.rules |
+ | /usr/share/polkit-1/rules.d/*.rules |
+ +--------------------------------------+
]]></programlisting>
</textobject>
</mediaobject>
<para>
For convenience, the <literal>libpolkit-gobject-1</literal>
- library wraps the PolicyKit D-Bus API using GObject. However, a
- mechanism can also use the D-Bus API or the
+ library wraps the polkit D-Bus API and is usable from any C/C++
+ program as well as higher-level languages <ulink
+ url="https://live.gnome.org/GObjectIntrospection">GObjectIntrospection</ulink>
+ support such as Javascript and Python. A mechanism can also use
+ the D-Bus API or the
<citerefentry><refentrytitle>pkcheck</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- command to check authorizations.
- </para>
-
- <para>
- The <literal>libpolkit-agent-1</literal> library provides an
+ command to check authorizations. The
+ <literal>libpolkit-agent-1</literal> library provides an
abstraction of the native authentication system, e.g.
<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
and also facilities registration and communication with the
- PolicyKit D-Bus service.
- </para>
-
- <para>
- PolicyKit extensions and authority backends are implemented
- using the
- <literal>libpolkit-backend-1</literal> library.
- </para>
-
- <para>
- See the
- <ulink url="file:///usr/share/gtk-doc/html/polkit-1/index.html">developer
- documentation</ulink> for more information about using and
- extending PolicyKit.
+ polkit D-Bus service.
</para>
<para>
- See
- <citerefentry><refentrytitle>pklocalauthority</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- for information about the Local Authority - the default
- authority implementation shipped with PolicyKit.
+ See the <ulink
+ url="http://www.freedesktop.org/software/polkit/docs/latest/">developer
+ documentation</ulink> for more information about writing polkit
+ applications.
</para>
</refsect1>
<textobject>
<programlisting><![CDATA[
+----------------------------------------------------------+
-| Authenticate [X] |
-+----------------------------------------------------------+
| |
-| [Icon] Authentication is required to run ATA SMART |
-| self tests |
+| [Icon] Authentication required |
| |
-| An application is attempting to perform an |
-| action that requires privileges. Authentication |
-| as the super user is required to perform this |
-| action. |
+| Authentication is required to format INTEL |
+| SSDSA2MH080G1GC (/dev/sda) |
| |
-| Password for root: [_________________________] |
+| Administrator |
| |
-| [V] Details: |
-| Drive: ATA INTEL SSDSA2MH08 (045C) |
-| Device: /dev/sda |
-| Action: org.fd.devicekit.disks.drive-ata-smart-selftest |
-| Vendor: The DeviceKit Project |
+| Password: [__________________________________] |
| |
-| [Cancel] [Authenticate] |
+| [Cancel] [Authenticate] |
+----------------------------------------------------------+
]]></programlisting>
</textobject>
</mediaobject>
<para>
If the system is configured without a <emphasis>root</emphasis>
- account it may allow you to select the administrative user who
- is authenticating:
+ account it may prompt for a specific user designated as the
+ administrative user:
</para>
<mediaobject id="polkit-authentication-agent-example-wheel">
<imageobject>
<textobject>
<programlisting><![CDATA[
+----------------------------------------------------------+
-| Authenticate [X] |
-+----------------------------------------------------------+
| |
-| [Icon] Authentication is required to run ATA SMART |
-| self tests |
+| [Icon] Authentication required |
| |
-| An application is attempting to perform an |
-| action that requires privileges. Authentication |
-| as one of the users below is required to |
-| perform this action. |
+| Authentication is required to format INTEL |
+| SSDSA2MH080G1GC (/dev/sda) |
| |
-| [[Face] Patrick Bateman (bateman) [V]] |
+| [Icon] David Zeuthen |
| |
-| Password for bateman: [______________________] |
+| Password: [__________________________________] |
| |
-| [V] Details: |
-| Drive: ATA INTEL SSDSA2MH08 (045C) |
-| Device: /dev/sda |
-| Action: org.fd.devicekit.disks.drive-ata-smart-selftest |
-| Vendor: The DeviceKit Project |
-| |
-| [Cancel] [Authenticate] |
+| [Cancel] [Authenticate] |
+----------------------------------------------------------+
]]></programlisting>
</textobject>
</mediaobject>
<para>
- See
- <citerefentry><refentrytitle>pklocalauthority</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- on how to set up the local authority
- implemention for systems without a <literal>root</literal>
- account.
- </para>
-
- <para>
Applications that do not run under a desktop environment (for
example, if launched from a
<citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry>
<refsect1 id="polkit-declaring-actions"><title>DECLARING ACTIONS</title>
<para>
A mechanism need to declare a set of <quote>ACTIONS</quote> in
- order to use PolicyKit. Actions correspond to operations that
+ order to use polkit. Actions correspond to operations that
clients can request the mechanism to carry out and are defined
- in XML files that the mechanism installs into
- the <filename>/usr/share/polkit-1/actions</filename> directory.
+ in XML files that the mechanism installs into the <filename
+ class='directory'>/usr/share/polkit-1/actions</filename>
+ directory.
</para>
<para>
- PolicyKit actions are namespaced and can only contain the
- characters <literal>[a-z][0-9].-</literal> e.g. lower-case
- ASCII, digits, period and hyphen. Each XML file can contain more
- than one action but all actions need to be in the same namespace
- and the file needs to be named after the namespace and have the
- extension <literal>.policy</literal>.
+ polkit actions are namespaced and can only contain the
+ characters <literal>[A-Z][a-z][0-9].-</literal> e.g. ASCII,
+ digits, period and hyphen. Each XML file can contain more than
+ one action but all actions need to be in the same namespace and
+ the file needs to be named after the namespace and have the
+ extension <filename class='extension'>.policy</filename>.
</para>
<para>
</para>
<programlisting><![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
-"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
+<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD polkit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/software/polkit/policyconfig-1.dtd">
]]></programlisting>
<para>
The <emphasis>policyconfig</emphasis> element must be present
<variablelist>
<varlistentry>
<term><emphasis>vendor</emphasis></term>
- <listitem><para>The name of the project or vendor that is
- supplying the actions in the XML
- document. Optional.</para></listitem>
+ <listitem>
+ <para>
+ The name of the project or vendor that is supplying the
+ actions in the XML document. Optional.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>vendor_url</emphasis></term>
- <listitem><para>A URL to the project or vendor that is
- supplying the actions in the XML document.
- Optional.</para></listitem>
+ <listitem>
+ <para>
+ A URL to the project or vendor that is supplying the
+ actions in the XML document. Optional.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>icon_name</emphasis></term>
- <listitem><para>An icon representing the project or vendor
- that is supplying the actions in the XML document. The icon
- name must adhere to
- the <ulink url="http://standards.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html">Freedesktop.org
- Icon Naming Specification</ulink>. Optional.</para></listitem>
+ <listitem>
+ <para>
+ An icon representing the project or vendor that is
+ supplying the actions in the XML document. The icon name
+ must adhere to the <ulink
+ url="http://standards.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html">Freedesktop.org
+ Icon Naming Specification</ulink>. Optional.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>action</emphasis></term>
- <listitem><para>Declares an action. The action name is
- specified using the <literal>id</literal> attribute and can
- only contain the characters <literal>[a-z][0-9].-</literal>
- e.g. lower-case ASCII, digits, period and
- hyphen.</para></listitem>
+ <listitem>
+ <para>
+ Declares an action. The action name is specified using the
+ <literal>id</literal> attribute and can only contain the
+ characters <literal>[A-Z][a-z][0-9].-</literal>
+ e.g. ASCII, digits, period and hyphen.
+ </para>
+ </listitem>
</varlistentry>
</variablelist>
<para>
- Elements that can be used inside <emphasis>action</emphasis> includes:
+ Elements that can be used inside <emphasis>action</emphasis> include:
</para>
<variablelist>
<varlistentry>
<term><emphasis>description</emphasis></term>
- <listitem><para>A human readable description of the action, e.g. <quote>Install unsigned software</quote>.</para></listitem>
+ <listitem>
+ <para>
+ A human readable description of the action,
+ e.g. <quote>Install unsigned software</quote>.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>message</emphasis></term>
- <listitem><para>A human readable message displayed to the user when asking for credentials when authentication is needed, e.g. <quote>Installing unsigned software requires authentication</quote>.</para></listitem>
+ <listitem>
+ <para>
+ A human readable message displayed to the user when asking
+ for credentials when authentication is needed,
+ e.g. <quote>Installing unsigned software requires
+ authentication</quote>.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>defaults</emphasis></term>
- <listitem><para>This element is used to specify implicit authorizations for clients.</para>
+ <listitem>
<para>
- Elements that can be used inside <emphasis>defaults</emphasis> includes:
+ This element is used to specify implicit authorizations
+ for clients. Elements that can be used inside
+ <emphasis>defaults</emphasis> include:
</para>
<variablelist>
<varlistentry>
</varlistentry>
<varlistentry>
<term><emphasis>annotate</emphasis></term>
- <listitem><para>Used for annotating an action with a key/value
- pair. The key is specified using the
- the <literal>key</literal> attribute and the value is
- specified using the <literal>value</literal> attribute. This
- element may appear zero or more times. See
- below for known annotations. </para></listitem>
+ <listitem>
+ <para>
+ Used for annotating an action with a key/value pair. The
+ key is specified using the the <literal>key</literal>
+ attribute and the value is specified using the
+ <literal>value</literal> attribute. This element may
+ appear zero or more times. See below for known
+ annotations.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>vendor</emphasis></term>
- <listitem><para>Used for overriding the vendor on a per-action
- basis. Optional.</para></listitem>
+ <listitem>
+ <para>
+ Used for overriding the vendor on a per-action
+ basis. Optional.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>vendor_url</emphasis></term>
- <listitem><para>Used for overriding the vendor URL on a
- per-action basis. Optional.</para></listitem>
+ <listitem>
+ <para>
+ Used for overriding the vendor URL on a per-action
+ basis. Optional.
+ </para>
+ </listitem>
</varlistentry>
<varlistentry>
<term><emphasis>icon_name</emphasis></term>
- <listitem><para>Used for overriding the icon name on a
- per-action basis. Optional.</para></listitem>
+ <listitem>
+ <para>
+ Used for overriding the icon name on a per-action
+ basis. Optional.
+ </para>
+ </listitem>
</varlistentry>
</variablelist>
<para>
- For localization, <emphasis>description</emphasis>
- and <emphasis>message</emphasis> elements may occur multiple
- times with different <literal>xml:lang</literal> attributes.
+ For localization, <emphasis>description</emphasis> and
+ <emphasis>message</emphasis> elements may occur multiple times
+ with different <literal>xml:lang</literal> attributes.
</para>
<para>
- To list installed PolicyKit actions, use the
+ To list installed polkit actions, use the
<citerefentry><refentrytitle>pkaction</refentrytitle><manvolnum>1</manvolnum></citerefentry>
command.
</para>
- <refsect2><title>Known annotations</title>
- <para>
- The <literal>org.freedesktop.policykit.exec.path</literal>
- annotation is used by the <command>pkexec</command> program
- shipped with PolicyKit - see the
- <citerefentry><refentrytitle>pkexec</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- man page for details.
- </para>
- <para>
- The <literal>org.freedesktop.policykit.imply</literal>
- annotation (its value is a string containing a space separated
- list of action identifiers) can be used to define <emphasis>meta
- actions</emphasis>. The way it works is that if a subject is
- authorized for an action with this annotation, then it is also
- authorized for any action specified by the annotation. A typical
- use of this annotation is when defining an UI shell with a
- single lock button that should unlock multiple actions from
- distinct mechanisms.
- </para>
- <para>
- The <literal>org.freedesktop.policykit.owner</literal>
- annotation can be used to define a set of users who can query
- whether a client is authorized to perform this action. If this
- annotation is not specified then only root can query whether a
- client running as a different user is authorized for an action.
- The value of this annotation is a string containing a space
- separated list of <link
- linkend="PolkitIdentity-struct">PolkitIdentity</link> entries,
- for example <literal>"unix-user:42 unix-user:colord"</literal>.
- A typical use of this annotation is for a daemon process that
- runs as a system user rather than root.
- </para>
+ <refsect2>
+ <title>Known annotations</title>
+ <para>
+ The <literal>org.freedesktop.policykit.exec.path</literal>
+ annotation is used by the <command>pkexec</command> program
+ shipped with polkit - see the
+ <citerefentry><refentrytitle>pkexec</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ man page for details.
+ </para>
+ <para>
+ The <literal>org.freedesktop.policykit.imply</literal>
+ annotation (its value is a string containing a space separated
+ list of action identifiers) can be used to define
+ <emphasis>meta actions</emphasis>. The way it works is that if
+ a subject is authorized for an action with this annotation,
+ then it is also authorized for any action specified by the
+ annotation. A typical use of this annotation is when defining
+ an UI shell with a single lock button that should unlock
+ multiple actions from distinct mechanisms.
+ </para>
+ <para>
+ The <literal>org.freedesktop.policykit.owner</literal>
+ annotation can be used to define a set of users who can query
+ whether a client is authorized to perform this action. If
+ this annotation is not specified then only root can query
+ whether a client running as a different user is authorized for
+ an action. The value of this annotation is a string
+ containing a space separated list of <link
+ linkend="PolkitIdentity-struct">PolkitIdentity</link> entries,
+ for example <literal>"unix-user:42
+ unix-user:colord"</literal>. A typical use of this annotation
+ is for a daemon process that runs as a system user rather than
+ root.
+ </para>
</refsect2>
-
</refsect1>
<refsect1 id="polkit-rules"><title>AUTHORIZATION RULES</title>
<title>SEE ALSO</title>
<para>
<citerefentry>
- <refentrytitle>pklocalauthority</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>
- <citerefentry>
<refentrytitle>polkitd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
<citerefentry>
<refnamediv>
<refname>polkitd</refname>
- <refpurpose>PolicyKit daemon</refpurpose>
+ <refpurpose>The polkit system daemon</refpurpose>
</refnamediv>
<refsynopsisdiv>
height="1052.3622047"
id="svg270"
sodipodi:version="0.32"
- inkscape:version="0.46+devel"
+ inkscape:version="0.48.2 r9819"
sodipodi:docname="polkit-1-diagrams.svg"
- inkscape:output_extension="org.inkscape.output.svg.inkscape">
+ inkscape:output_extension="org.inkscape.output.svg.inkscape"
+ version="1.1">
<defs
id="defs272">
<marker
xlink:href="#linearGradient14609"
id="linearGradient13600"
gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.7347995,0,0,0.5175383,193.46355,269.41609)"
+ gradientTransform="matrix(0.7347995,0,0,0.5175383,193.46355,289.41609)"
x1="52.07793"
y1="89.181732"
x2="196.4196"
offset="1"
id="stop28970-9" />
</linearGradient>
- <linearGradient
- y2="89.181732"
- x2="196.4196"
- y1="89.181732"
- x1="52.07793"
- gradientTransform="matrix(0.73549098,0,0,0.34876094,193.37764,330.54439)"
- gradientUnits="userSpaceOnUse"
- id="linearGradient624"
- xlink:href="#linearGradient28966-4"
- inkscape:collect="always" />
<inkscape:perspective
id="perspective697"
inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
id="linearGradient860"
xlink:href="#linearGradient28966-4-1-6"
inkscape:collect="always" />
+ <linearGradient
+ y2="89.181732"
+ x2="196.4196"
+ y1="89.181732"
+ x1="52.07793"
+ gradientTransform="matrix(1.0156707,0,0,0.51700825,362.58942,235.61128)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient782-4"
+ xlink:href="#linearGradient3144-1-7"
+ inkscape:collect="always" />
+ <linearGradient
+ id="linearGradient3144-1-7">
+ <stop
+ style="stop-color:#ffffff;stop-opacity:1;"
+ offset="0"
+ id="stop3146-3-8" />
+ <stop
+ style="stop-color:#898585;stop-opacity:0;"
+ offset="1"
+ id="stop3148-7-7" />
+ </linearGradient>
+ <linearGradient
+ inkscape:collect="always"
+ xlink:href="#linearGradient3144-1-7"
+ id="linearGradient3982"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.5328769,0,0,0.51700825,256.34481,384.82592)"
+ x1="52.07793"
+ y1="89.181732"
+ x2="196.4196"
+ y2="89.181732" />
+ <linearGradient
+ inkscape:collect="always"
+ xlink:href="#linearGradient3144-1-7-5"
+ id="linearGradient3982-1"
+ gradientUnits="userSpaceOnUse"
+ gradientTransform="matrix(1.5328769,0,0,0.51700825,256.34481,364.82592)"
+ x1="52.07793"
+ y1="89.181732"
+ x2="196.4196"
+ y2="89.181732" />
+ <linearGradient
+ id="linearGradient3144-1-7-5">
+ <stop
+ style="stop-color:#ffffff;stop-opacity:1;"
+ offset="0"
+ id="stop3146-3-8-1" />
+ <stop
+ style="stop-color:#898585;stop-opacity:0;"
+ offset="1"
+ id="stop3148-7-7-5" />
+ </linearGradient>
+ <linearGradient
+ y2="89.181732"
+ x2="196.4196"
+ y1="89.181732"
+ x1="52.07793"
+ gradientTransform="matrix(1.5328769,0,0,0.51700825,173.82749,458.25449)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient4001"
+ xlink:href="#linearGradient3144-1-7-5"
+ inkscape:collect="always" />
+ <marker
+ inkscape:stockid="Arrow2Lstart"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow2Lstart-7"
+ style="overflow:visible">
+ <path
+ inkscape:connector-curvature="0"
+ id="path1742-4"
+ style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+ d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+ transform="matrix(1.1,0,0,1.1,1.1,0)" />
+ </marker>
+ <marker
+ inkscape:stockid="Arrow2Lend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow2Lend-3"
+ style="overflow:visible">
+ <path
+ inkscape:connector-curvature="0"
+ id="path1745-4"
+ style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+ d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+ transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+ </marker>
+ <marker
+ inkscape:stockid="Arrow2Lstart"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow2Lstart-9"
+ style="overflow:visible">
+ <path
+ inkscape:connector-curvature="0"
+ id="path1742-3"
+ style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+ d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+ transform="matrix(1.1,0,0,1.1,1.1,0)" />
+ </marker>
+ <marker
+ inkscape:stockid="Arrow2Lend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow2Lend-9"
+ style="overflow:visible">
+ <path
+ inkscape:connector-curvature="0"
+ id="path1745-3"
+ style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+ d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+ transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+ </marker>
+ <marker
+ inkscape:stockid="Arrow2Lstart"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow2Lstart-73"
+ style="overflow:visible">
+ <path
+ inkscape:connector-curvature="0"
+ id="path1742-2"
+ style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+ d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
+ transform="matrix(1.1,0,0,1.1,1.1,0)" />
+ </marker>
+ <linearGradient
+ y2="89.181732"
+ x2="196.4196"
+ y1="89.181732"
+ x1="52.07793"
+ gradientTransform="matrix(0.7361648,0,0,0.2163389,153.65639,99.058497)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient860-3"
+ xlink:href="#linearGradient28966-4-1-6-8"
+ inkscape:collect="always" />
+ <linearGradient
+ id="linearGradient28966-4-1-6-8">
+ <stop
+ style="stop-color:#ffffff;stop-opacity:1;"
+ offset="0"
+ id="stop28968-5-1-4-4" />
+ <stop
+ style="stop-color:#9dff9d;stop-opacity:0;"
+ offset="1"
+ id="stop28970-9-7-0-8" />
+ </linearGradient>
+ <linearGradient
+ y2="89.181732"
+ x2="196.4196"
+ y1="89.181732"
+ x1="52.07793"
+ gradientTransform="matrix(0.7361648,0,0,0.2163389,193.24673,277.06866)"
+ gradientUnits="userSpaceOnUse"
+ id="linearGradient3144-3"
+ xlink:href="#linearGradient28966-4-1-6-8"
+ inkscape:collect="always" />
</defs>
<sodipodi:namedview
id="base"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
- inkscape:zoom="0.7"
- inkscape:cx="342.5823"
- inkscape:cy="812.67628"
+ inkscape:zoom="1.4"
+ inkscape:cx="347.45975"
+ inkscape:cy="686.70778"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
- inkscape:window-width="1024"
- inkscape:window-height="724"
+ inkscape:window-width="1600"
+ inkscape:window-height="841"
inkscape:window-x="0"
- inkscape:window-y="0" />
+ inkscape:window-y="27"
+ inkscape:window-maximized="1" />
<metadata
id="metadata275">
<rdf:RDF>
height="54.89323"
x="192.42352"
y="51.90543"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<rect
height="54.837009"
x="415.94064"
y="254.30046"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<rect
height="3.3034956"
x="42.631001"
y="165.95226"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<rect
height="54.89323"
x="427.33624"
y="59.769047"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<text
x="481.04681"
y="90.185196"
id="text7646"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
x="481.04681"
y="90.185196"
id="tspan7654"
- style="text-align:center;text-anchor:middle">Client</tspan></text>
+ style="text-align:center;text-anchor:middle">Subject</tspan></text>
<text
xml:space="preserve"
style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
x="243.28027"
y="77.398422"
id="text7678"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
width="105.40086"
height="54.89323"
x="232.06105"
- y="288.12442"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ y="308.12442"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
x="286.21173"
- y="312.54059"
+ y="332.54059"
id="text13586"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
x="286.21173"
- y="312.54059"
+ y="332.54059"
style="text-align:center;text-anchor:middle"
id="tspan13590">org.freedesktop.</tspan><tspan
sodipodi:role="line"
x="286.21173"
- y="327.54059"
+ y="347.54059"
style="text-align:center;text-anchor:middle"
id="tspan13606">PolicyKit1</tspan></text>
<text
x="489.5925"
y="283.14468"
id="text13594"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
sodipodi:ry="34.345188"
d="m 248.49753,161.40764 a 34.345188,34.345188 0 1 1 -68.69037,0 34.345188,34.345188 0 1 1 68.69037,0 z"
transform="translate(134.97058,58.198921)"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<text
x="349.52975"
y="210.38663"
id="text16841"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
x="93.62104"
y="143.63353"
id="text22909"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
id="text22919"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"><tspan
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"><tspan
sodipodi:role="line"
x="108.55364"
y="202.5914"
style="font-size:18px;text-align:center;text-anchor:middle"
id="tspan22927">System Context</tspan></text>
<rect
- style="fill:url(#linearGradient624);fill-opacity:1;stroke:#030000;stroke-width:0.45582184;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
- id="rect28982"
- width="105.50005"
- height="36.991695"
- x="232.01146"
- y="343.1517"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
- inkscape:export-xdpi="96.720001"
- inkscape:export-ydpi="96.720001" />
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
- x="284.86676"
- y="358.26434"
- id="text28990"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
- inkscape:export-xdpi="96.720001"
- inkscape:export-ydpi="96.720001"><tspan
- sodipodi:role="line"
- x="284.86676"
- y="358.26434"
- style="font-style:italic;text-align:center;text-anchor:middle"
- id="tspan28992">Backends +</tspan><tspan
- sodipodi:role="line"
- x="284.86676"
- y="373.26434"
- style="font-style:italic;text-align:center;text-anchor:middle"
- id="tspan649">Extensions</tspan></text>
- <rect
style="fill:url(#linearGradient709);fill-opacity:1;stroke:#030000;stroke-width:0.42205292;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
id="rect28982-0"
width="145.96021"
height="22.922712"
x="415.80527"
y="309.43832"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<text
x="487.01651"
y="325.36105"
id="text28990-4"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
height="22.946213"
x="192.32559"
y="106.87891"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<text
x="244.12958"
y="122.78507"
id="text28990-4-5"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
d="m 411.63462,322.0219 c -73.68449,-1.49124 -6.00174,-74.90542 -67.16623,-76.02779 -24.77688,-7.92418 -44.02981,-7.38813 -43.95096,34.61152"
id="path2409"
sodipodi:nodetypes="ccc"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<path
d="m 268.19295,136.15382 c 3.55124,52.7952 56.8059,41.36616 51.73617,77.56075 -5.15994,33.07396 -56.01669,4.80866 -57.79705,67.90122"
id="path4701"
sodipodi:nodetypes="ccc"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<path
d="m 463.15239,122.01168 c 0.65982,39.40007 27.62042,24.1776 26.81502,70.68828 1.07889,31.05898 22.63119,1.38255 22.68258,56.59095"
id="path5124"
sodipodi:nodetypes="ccc"
- inkscape:export-filename="/home/davidz/Hacking/PolicyKit/docs/polkit-architecture.png"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001" />
+ <rect
+ style="fill:url(#linearGradient3982);fill-opacity:1;stroke:#030000;stroke-width:0.80120724;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
+ id="rect7676-4-5"
+ width="219.8784"
+ height="54.837009"
+ x="336.86383"
+ y="403.51511"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
+ <text
+ xml:space="preserve"
+ style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="445.0928"
+ y="434.35934"
+ id="text13594-3"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001"><tspan
+ sodipodi:role="line"
+ x="445.0928"
+ y="434.35934"
+ style="text-align:center;text-anchor:middle"
+ id="tspan740-0">/usr/share/polkit-1/actions/*.policy</tspan></text>
+ <rect
+ style="fill:url(#linearGradient4001);fill-opacity:1;stroke:#030000;stroke-width:0.80120724;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
+ id="rect7676-4-5-7"
+ width="219.8784"
+ height="54.837009"
+ x="254.34653"
+ y="476.94366"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001" />
+ <text
+ xml:space="preserve"
+ style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="362.57547"
+ y="513.7879"
+ id="text13594-3-0"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001"><tspan
+ sodipodi:role="line"
+ x="362.57547"
+ y="513.7879"
+ style="text-align:center;text-anchor:middle"
+ id="tspan740-0-5">/usr/share/polkit-1/rules.d/*.rules</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="343.2959"
+ y="494.95844"
+ id="text13594-3-0-8"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001"><tspan
+ sodipodi:role="line"
+ x="343.2959"
+ y="494.95844"
+ style="text-align:center;text-anchor:middle"
+ id="tspan740-0-5-4">/etc/polkit-1/rules.d/*.rules</tspan></text>
+ <path
+ inkscape:connector-curvature="0"
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-opacity:1;marker-start:url(#Arrow2Lstart);marker-end:none"
+ d="m 342.3631,344.48627 c 41.38224,15.43253 92.15719,21.9995 93.22484,54.0334"
+ id="path4701-9"
+ sodipodi:nodetypes="cc"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001" />
+ <path
+ inkscape:connector-curvature="0"
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-opacity:1;marker-start:url(#Arrow2Lstart);marker-end:none"
+ d="m 301.61996,369.48834 c -2.18919,49.00395 -32.12853,71.9995 -31.06088,104.0334"
+ id="path4701-9-6"
+ sodipodi:nodetypes="cc"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001" />
+ <rect
+ style="fill:url(#linearGradient3144-3);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
+ id="rect28982-0-3-6"
+ width="105.5967"
+ height="22.946213"
+ x="231.91594"
+ y="284.88907"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001" />
+ <text
+ xml:space="preserve"
+ style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="283.71991"
+ y="300.79523"
+ id="text28990-4-5-6"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001"><tspan
+ sodipodi:role="line"
+ x="283.71991"
+ y="300.79523"
+ style="text-align:center;text-anchor:middle"
+ id="tspan649-8-8-7">polkitd(8)</tspan></text>
</g>
</svg>
docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml \
../man/polkit.xml \
../man/polkitd.xml \
- ../man/pklocalauthority.xml \
../man/pkcheck.xml \
../man/pkaction.xml \
../man/pkexec.xml \
../polkit-architecture.png \
../polkit-authentication-agent-example.png \
../polkit-authentication-agent-example-wheel.png \
- ../pkexec-bash.png \
- ../pkexec-frobnicate.png \
- ../pkexec-frobnicate-da.png \
$(NULL)
# Extra options to supply to gtkdoc-fixref
<xi:include href="../man/pkcheck.xml"/>
<xi:include href="../man/pkaction.xml"/>
<xi:include href="../man/pkexec.xml"/>
- <xi:include href="../man/pklocalauthority.xml"/>
<xi:include href="../man/pkttyagent.xml"/>
</part>
g_assert (action_id != NULL);
details = polkit_details_new ();
+ polkit_details_insert (details, "user", pw->pw_name);
if (pw->pw_gecos != NULL && strlen (pw->pw_gecos) > 0)
s = g_strdup_printf ("%s (%s)", pw->pw_gecos, pw->pw_name);
else
s = g_strdup_printf ("%s", pw->pw_name);
- polkit_details_insert (details, "user", s);
+ polkit_details_insert (details, "user_full", s);
g_free (s);
polkit_details_insert (details, "program", path);
polkit_details_insert (details, "command_line", command_line);