David Zeuthen [Thu, 3 Mar 2011 18:13:11 +0000 (13:13 -0500)]
Deprecated PolkitBackendActionLookup
Instead, pass the untranslated message as polkit.message and set the
gettext domain on polkit.gettext_domain. For printf()-style messages,
occurences of the form $(name_of_key) in the translated version of
polkit.message are expanded with the value of the property
name_of_key. See the pkexec(1) mechanism for an example of how to use
this.
Additionally, the property polkit.icon_name can be set to the
icon. Note that not all authentication agents use this - in
particular, gnome-shell does not.
It is no longer possible to set the details to be shown in the
authentication dialog. It was never a good idea to hide information
there anyway. Instead, the mechanism should format a meaningful
message.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 21:45:59 +0000 (16:45 -0500)]
Allow overriding message shown in authentication dialog
This is much easier than writing a PolkitBackendActionLookup class and
installing an extension. On the downside it requires the caller to be
uid 0.
Example: http://people.freedesktop.org/~david/polkit-pass-messages.png
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 20:47:20 +0000 (15:47 -0500)]
Bug 29712 – Use monotonic for temporary authorizations
https://bugs.freedesktop.org/show_bug.cgi?id=29712
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 20:11:07 +0000 (15:11 -0500)]
Be a bit more careful parsing the command-line
In particular, avoid crashing for Zombies
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 19:47:11 +0000 (14:47 -0500)]
pkcheck: Make it possible to list and revoke temporary authorizations
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 17:36:22 +0000 (12:36 -0500)]
Make pkcheck(1) report if the authentication dialog was dismissed
Signed-off-by: David Zeuthen <davidz@redhat.com>
Adrian Bunk [Wed, 23 Feb 2011 17:00:34 +0000 (12:00 -0500)]
Bug 27253 – Use GOBJECT_INTROSPECTION_CHECK from gobject-introspection
https://bugs.freedesktop.org/show_bug.cgi?id=27253
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 16:01:31 +0000 (11:01 -0500)]
Be more specific about what info we want when enumerating files
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 15:49:14 +0000 (10:49 -0500)]
Fix a memory leak
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 14:56:17 +0000 (09:56 -0500)]
Bug 32334 – Always set polkit.retains_authorization_after_challenge
Otherwise it's impossible to implement lock buttons.
https://bugs.freedesktop.org/show_bug.cgi?id=32334
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 14:16:00 +0000 (09:16 -0500)]
Bug 30438 – PolicyKit fails to build on AIX
https://bugs.freedesktop.org/show_bug.cgi?id=30438
Signed-off-by: David Zeuthen <davidz@redhat.com>
Michael Biebl [Sun, 29 Aug 2010 14:35:34 +0000 (16:35 +0200)]
Bug 29871 – Fix build failures with binutils-gold
Link polkit_agent_helper_1 against GLIB_LIBS.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 23 Feb 2011 13:38:17 +0000 (08:38 -0500)]
Bug 27081 – pkexec fails to build on non glibc systems
https://bugs.freedesktop.org/show_bug.cgi?id=27081
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 22 Feb 2011 21:49:44 +0000 (16:49 -0500)]
Bug 30653 – No way to detect cancellation in pkexec
https://bugs.freedesktop.org/show_bug.cgi?id=30653
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 22:48:39 +0000 (17:48 -0500)]
Post-release version bump to 0.101
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 22:43:19 +0000 (17:43 -0500)]
Fix 'make distcheck'
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 22:35:05 +0000 (17:35 -0500)]
Update NEWS for release
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 22:12:17 +0000 (17:12 -0500)]
Pass caller and subject pid to authentication agent
The authentication agent can use information this to inform the user
about the UI application that triggered the authentication request (if
any).
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 21:32:16 +0000 (16:32 -0500)]
Add a note about POLKIT_DEBUG
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 21:24:00 +0000 (16:24 -0500)]
Always pass non-zero value to g_once_init_leave()
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 19:13:06 +0000 (14:13 -0500)]
Fix up debug and timeouts in agent helper
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 18:52:34 +0000 (13:52 -0500)]
Add some debug info that can be shown with the env var POLKIT_DEBUG
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 21 Feb 2011 17:11:11 +0000 (12:11 -0500)]
Improve error reporting for authentication sessions
In particular ensure that we show
Incorrect permissions on /opt/gnome-shell/install/libexec/polkit-agent-helper-1
as a PAM error message if the permissions on the helper are incorrect
(e.g. if the helper is not setuid root).
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 18 Feb 2011 20:21:40 +0000 (15:21 -0500)]
Fix-up PolkitAgentSession to use GObject properties
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 17 Feb 2011 20:25:39 +0000 (15:25 -0500)]
Build gir/typelib for PolkitAgent-1.0
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 17 Feb 2011 20:10:49 +0000 (15:10 -0500)]
Add missing GObject Introspection annotations
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 15 Sep 2010 16:57:25 +0000 (12:57 -0400)]
Post-release version bump to 0.100
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 15 Sep 2010 16:54:15 +0000 (12:54 -0400)]
Update NEWS for release
Signed-off-by: David Zeuthen <davidz@redhat.com>
Colin Walters [Fri, 10 Sep 2010 18:52:22 +0000 (14:52 -0400)]
Fix another GCC uninitialized variable warning
Colin Walters [Fri, 10 Sep 2010 18:45:09 +0000 (14:45 -0400)]
Fix (correct) GCC warning about possibly-uninitialized variable
Signed-off-by: David Zeuthen <davidz@redhat.com>
Colin Walters [Fri, 10 Sep 2010 18:42:51 +0000 (14:42 -0400)]
Remove duplicate definitions of enumeration types
These are defined in polkitenumtypes.h, don't re-define them.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Vincent Untz [Thu, 26 Aug 2010 14:08:26 +0000 (10:08 -0400)]
Bug 29816 – Install polkitagentenumtypes.h
https://bugs.freedesktop.org/show_bug.cgi?id=29816
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 17:03:41 +0000 (13:03 -0400)]
Post-release version bump to 0.99
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 17:00:04 +0000 (13:00 -0400)]
Update NEWS for release
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 16:58:59 +0000 (12:58 -0400)]
Fix dist-check
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 16:29:18 +0000 (12:29 -0400)]
Various doc cleanups
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 15:04:00 +0000 (11:04 -0400)]
Fix wording in pkexec(1) man page
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 15:00:05 +0000 (11:00 -0400)]
pkcheck: add --enable-internal-agent option
We don't want this on by default because things like system daemons
(such as libvirtd) are using pkcheck(1) and in some unfortunate cases
these may have a tty attached.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 20 Aug 2010 14:50:34 +0000 (10:50 -0400)]
pkexec: add --disable-internal-agent option
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 18 Aug 2010 16:24:04 +0000 (12:24 -0400)]
Fix ConsoleKit interaction bug
First of all, there was a glaring bug where we forgot to load the
GKeyFile for /var/run/ConsoleKit/database resulting in criticals like
this:
(lt-polkitd:17984): GLib-CRITICAL **: g_key_file_get_boolean: assertion `key_file != NULL' failed
(lt-polkitd:17984): GLib-CRITICAL **: g_key_file_get_boolean: assertion `key_file != NULL' failed
Furthermore, this resulted in the Authority returning "not authorized"
for subjects that should have been authorized. For an example, see
https://bugzilla.redhat.com/show_bug.cgi?id=624125
Fix this bug by calling ensure_database() to make sure the GKeyFile
contains information from /var/run/ConsoleKit/database. Also, since
there is a race (theoretical at least, but see
https://bugzilla.gnome.org/show_bug.cgi?id=627285 ) with file
monitoring, also ensure that we are using the latest and greatest
version of /var/run/ConsoleKit/database.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 12 Aug 2010 20:51:51 +0000 (16:51 -0400)]
Add textual authentication agent and use it in pkexec(1)
This makes pkexec(1) work when e.g. logging in via ssh(1) or the linux
console but also when using `su -'. Example:
[davidz@x61 ~]$ su - bateman
Password:
[bateman@x61 ~]$ pkexec bash
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/bin/bash' as the super user
Authenticating as: root
Password:
==== AUTHENTICATION COMPLETE ===
[root@x61 ~]#
Summary of changes
- Added a PolkitAgentTextListener class
- Add new polkit_agent_listener_register() (and _unregister()) API
- Deprecate polkit_agent_register_listener API
- Allow registering authentication agents for PolkitUnixProcess subjects
and prefer such agents to ones governing the session
- Make PolkitAgentSession use the thread-default GMainContext - otherwise
it won't work in spawned threads
- (finally) use PolkitAgentTextListener in pkexec(1) if authorization
via authentication is possible but no authentication agent was
found
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 12 Aug 2010 20:49:25 +0000 (16:49 -0400)]
Fix scanning of unix-process subjects
In particular accept both "unix-process:<pid>,<starttime>" and
"unix-process:<pid>". For the latter, return an error if we cannot
lookup the starttime (for example if the given pid references a
non-existing process).
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 10 Aug 2010 15:53:40 +0000 (11:53 -0400)]
Require GLib 2.25.12
This was pointed out by Radek Novacek here
http://lists.freedesktop.org/archives/polkit-devel/2010-August/000329.html
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 20:49:53 +0000 (16:49 -0400)]
Post-release version bump to 0.98
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 20:19:55 +0000 (16:19 -0400)]
Update NEWS for release
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 18:58:17 +0000 (14:58 -0400)]
Properly reference headers
Based on a patch from Jonathan Conder <j@skurvy.no-ip.org>, see
https://bugs.freedesktop.org/show_bug.cgi?id=25798
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 18:50:52 +0000 (14:50 -0400)]
Don't dist org.freedesktop.ConsoleKit.xml; It's dead, Jim
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 18:48:10 +0000 (14:48 -0400)]
Update GI annotations
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 17:50:33 +0000 (13:50 -0400)]
PolkitBackend: Don't export unneeded convenience API
No need to export these classes
PolkitBackendActionPool
PolkitBackendSessionMonitor
PolkitBackendConfigSource
PolkitBackendLocalAuthorizationStore
since exporting them means we need to support their API and ABI
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 17:33:41 +0000 (13:33 -0400)]
Use polkit_authority_get_sync() instead of deprecated polkit_authority_get()
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 17:15:58 +0000 (13:15 -0400)]
Add g_return_if_fail() to all public API entry points
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 16:15:47 +0000 (12:15 -0400)]
PolkitAuthority: Add g_return_if_fail() checks
Also fix a locking bug.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 9 Aug 2010 15:27:08 +0000 (11:27 -0400)]
PolkitAuthority: Implement failable initialization
... and deprecate polkit_authority_get(). Also fix up locking in
PolkitAuthority.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Sat, 7 Aug 2010 16:48:07 +0000 (12:48 -0400)]
Add a GPermission implementation
Based on code from Matthias Clasen <mclasen@redhat.com>.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 6 Aug 2010 17:25:37 +0000 (13:25 -0400)]
Merge remote branch 'origin/gdbus'
David Zeuthen [Fri, 6 Aug 2010 17:24:43 +0000 (13:24 -0400)]
Update README
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 3 Aug 2010 20:37:49 +0000 (16:37 -0400)]
Make NameOwnerChanged a private impl detail of the interactive authority
There's no need to expose this as public API.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 3 Aug 2010 18:10:12 +0000 (14:10 -0400)]
Remove Lock Down functionality
This is better implemented as a separate set of extension to the local
authority. The only current known user, PolkitLockButton, will be
ported away from using these interfaces.
Since polkit still hasn't reached 1.0 this removal of functionality is
OK especially since the NEWS file has already wanred something like
this may happen.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Mon, 2 Aug 2010 19:05:18 +0000 (15:05 -0400)]
Implement polkit_temporary_authorization_new_for_gvariant()
This is hit by the authentication agent in order to display a padlock
when temporary authorizations exist.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 30 Jul 2010 16:19:55 +0000 (12:19 -0400)]
Make polkitd accept --replace and gracefully handle SIGINT
E.g. actually clean up everything before exiting. This makes it much
easier to chase memory leaks.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 30 Jul 2010 15:10:24 +0000 (11:10 -0400)]
Nuke eggdbus usage
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 29 Jul 2010 20:56:59 +0000 (16:56 -0400)]
Add generated docbook D-Bus API docs to git
When we switch away from eggdbus these will no longer be
autogenerated.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 29 Jul 2010 20:49:37 +0000 (16:49 -0400)]
Port PolkitAgent to gdbus
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 29 Jul 2010 15:37:07 +0000 (11:37 -0400)]
Port PolkitBackendInteractiveAuthority to gdbus
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 28 Jul 2010 19:29:14 +0000 (15:29 -0400)]
Port CK class to gdbus
Also simplify the code it by using the on-disk database. Makes
everything a lot simpler.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Wed, 28 Jul 2010 16:16:42 +0000 (12:16 -0400)]
Port core bits to gdbus
Signed-off-by: David Zeuthen <davidz@redhat.com>
Petr Mrázek [Wed, 14 Jul 2010 00:59:12 +0000 (02:59 +0200)]
Bug 29051 – Configuration reload on every query
Set has_data to true after the data is loaded to prevent excessive
reloading of config files.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Andrew Psaltis [Tue, 29 Jun 2010 02:04:00 +0000 (22:04 -0400)]
Add shadow support
Added support for the shadow authentication framework instead of PAM.
Enable it by passing --with-authfw=shadow to configure.
This is done by splitting the polkitagenthelper source into separate
parts, one that does auth with PAM, and another that does auth with
shadow, sharing functions where appropriate.
Also, all PAM-dependendent code in all other files has been #ifdef'd.
The only affected file is src/programs/pkexec.c
Signed-off-by: David Zeuthen <davidz@redhat.com>
Dan Rosenberg [Wed, 10 Mar 2010 17:46:19 +0000 (12:46 -0500)]
Bug 26982 – pkexec information disclosure vulnerability
pkexec is vulnerable to a minor information disclosure vulnerability
that allows an attacker to verify whether or not arbitrary files
exist, violating directory permissions. I reproduced the issue on my
Karmic installation as follows:
$ mkdir secret
$ sudo chown root:root secret
$ sudo chmod 400 secret
$ sudo touch secret/hidden
$ pkexec /home/drosenbe/secret/hidden
(password prompt)
$ pkexec /home/drosenbe/secret/doesnotexist
Error getting information about /home/drosenbe/secret/doesnotexist: No such
file or directory
I've attached my patch for the issue. I replaced the stat() call
entirely with access() using F_OK, so rather than check that the
target exists, pkexec now checks if the user has permission to verify
the existence of the program. There might be another way of doing
this, such as chdir()'ing to the parent directory of the target and
calling lstat(), but this seemed like more code than necessary to
prevent such a minor problem. I see no reason to allow pkexec to
execute targets that are not accessible to the executing user because
of directory permissions. This is such a limited use case anyway that
this doesn't really affect functionality.
http://bugs.freedesktop.org/show_bug.cgi?id=26982
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 15 Jan 2010 19:13:24 +0000 (14:13 -0500)]
Post-release version bump to 0.97
We might change this to 1.0 if nothing big comes up!
David Zeuthen [Fri, 15 Jan 2010 19:11:00 +0000 (14:11 -0500)]
Update NEWS for release
David Zeuthen [Fri, 15 Jan 2010 19:02:21 +0000 (14:02 -0500)]
Don't log authorization checks
It's a little too verbose to do this. See
http://lists.freedesktop.org/archives/polkit-devel/2009-December/000283.html
for the rationale.
David Zeuthen [Fri, 15 Jan 2010 18:53:04 +0000 (13:53 -0500)]
Post-release version bump to 0.96
David Zeuthen [Tue, 15 Dec 2009 19:04:24 +0000 (14:04 -0500)]
Complain on stderr, not stdout
David Zeuthen [Tue, 15 Dec 2009 19:02:47 +0000 (14:02 -0500)]
Save original cwd in pkexec(1) since it will change during the life-time
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 15 Dec 2009 18:48:37 +0000 (13:48 -0500)]
Make pkexec(1) use the syslogging facilities
Dec 15 13:48:05 localhost pkexec[29065]: davidz: Executing command [USER=root] [TTY=/dev/pts/8] [CWD=/root] [COMMAND=/usr/bin/pk-example-frobnicate]
Dec 15 13:49:30 localhost pkexec[29080]: davidz: The value for the SHELL variable was not found the /etc/shells file [USER=root] [TTY=/dev/pts/5] [CWD=/home/davidz] [COMMAND=/bin/bash]
Dec 15 13:49:45 localhost pkexec[29082]: davidz: The value for environment variable LC_ALL contains suscipious content [USER=root] [TTY=/dev/pts/5] [CWD=/home/davidz] [COMMAND=/bin/bash]
Dec 15 13:50:03 localhost pkexec[29086]: davidz: Error executing command as another user: Not authorized [USER=root] [TTY=/dev/pts/5] [CWD=/home/davidz] [COMMAND=/bin/bash]
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 15 Dec 2009 18:08:55 +0000 (13:08 -0500)]
Make pkexec(1) validate environment variables
Suggested here
http://lists.freedesktop.org/archives/polkit-devel/2009-December/000279.html
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 15 Dec 2009 17:19:44 +0000 (12:19 -0500)]
Fix error message when no authentication agent is available
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 15 Dec 2009 17:03:53 +0000 (12:03 -0500)]
Properly handle return value from getpwnam_r()
Pointed out by Kay Sievers - thanks!
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 15 Dec 2009 17:03:26 +0000 (12:03 -0500)]
Remove trailing whitespace from log messages
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 11 Dec 2009 20:14:49 +0000 (15:14 -0500)]
Bug 25594 – System logging
For now we log the following events
1. Daemon startup -> /var/log/messages
--------------------------------------
Dec 11 15:12:56 localhost polkitd[3035]: started daemon version 0.95 using authority implementation `local' version `0.95'
2. Authentication agent -> /var/log/secure
------------------------------------------
Dec 11 15:14:00 localhost polkitd(authority=local): Registered Authentication Agent for session /org/freedesktop/ConsoleKit/Session1 (system bus name :1.903 [./polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Dec 11 15:16:18 localhost polkitd(authority=local): Unregistered Authentication Agent for session /org/freedesktop/ConsoleKit/Session1 (system bus name :1.903, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
3. Authorization checks
-----------------------
Dec 11 15:17:57 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2517:
25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.905 [pkexec /usr/bin/pk-example-frobnicate])
Dec 11 15:18:10 localhost polkitd(authority=local): ALLOWING action org.freedesktop.udisks.filesystem-mount-system-internal for system-bus-name::1.902 [palimpsest] owned by unix-user:davidz (check requested by system-bus-name::1.380 [/usr/libexec/udisks-daemon])
4. Authorizations through authentication (both success and
failures) -> /var/log/secure
----------------------------------------------------------
Dec 11 15:19:01 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 successfully authenticated as unix-user:davidz to gain TEMPORARY authorization for action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2517:
25785526 [bash] (owned by unix-user:davidz)
Dec 11 15:19:01 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2517:
25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.906 [pkexec /usr/bin/pk-example-frobnicate])
Dec 11 15:19:10 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 successfully authenticated as unix-user:davidz to gain ONE-SHOT authorization for action org.freedesktop.policykit.exec for unix-process:2517:
25785526 [bash] (owned by unix-user:davidz)
Dec 11 15:19:10 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.exec for unix-process:2517:
25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.908 [pkexec bash])
Dec 11 15:19:10 localhost pkexec: pam_unix(polkit-1:session): session opened for user root by davidz(uid=500)
Dec 11 15:19:22 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 FAILED to authenticate to gain authorization for action org.freedesktop.policykit.exec for unix-process:2517:
25785526 [bash] (owned by unix-user:davidz)
Dec 11 15:19:22 localhost polkitd(authority=local): DENYING action org.freedesktop.policykit.exec for unix-process:2517:
25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.910 [pkexec bash])
Dec 11 15:20:06 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 successfully authenticated as unix-user:bateman to gain ONE-SHOT authorization for action org.freedesktop.policykit.exec for unix-process:2517:
25785526 [bash] (owned by unix-user:davidz)
Dec 11 15:20:06 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.exec for unix-process:2517:
25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.913 [pkexec bash])
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 11 Dec 2009 17:42:16 +0000 (12:42 -0500)]
Fix up last comment
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 11 Dec 2009 17:29:45 +0000 (12:29 -0500)]
Run the open_session part of the PAM stack in pkexec(1)
This was pointed out in
http://lists.freedesktop.org/archives/polkit-devel/2009-December/000276.html
We already run the authentication and acct_mgmt parts in the
authentication agent.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 11 Dec 2009 16:35:01 +0000 (11:35 -0500)]
Fix logic error in pk-example-frobnicate
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Thu, 10 Dec 2009 19:45:10 +0000 (14:45 -0500)]
Bug 25367 — Also read local authority configuration data from /etc
Turns out some people would rather edit local files in /etc rather
than shipping them in a package (as e.g. Fedora does with the
polkit-desktop-policy RPM).
This also drops the hard-coded list of directory names such as
10-vendor.d, 20-org.d - we now monitor the
/var/lib/polkit-1/localauthority and /etc/polkit-1/localauthority
directories for changes - whenever we see a subdirectory in any of
these directories, we create an AuthorizationStore object that looks
for .pkla files.
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Fri, 13 Nov 2009 17:28:14 +0000 (12:28 -0500)]
Update NEWS for release
David Zeuthen [Fri, 13 Nov 2009 17:25:14 +0000 (12:25 -0500)]
Fix make distcheck
David Zeuthen [Fri, 13 Nov 2009 16:41:20 +0000 (11:41 -0500)]
Add Python example
David Zeuthen [Fri, 13 Nov 2009 16:36:53 +0000 (11:36 -0500)]
Properly validate all arguments passed via D-Bus
David Zeuthen [Thu, 12 Nov 2009 18:49:35 +0000 (13:49 -0500)]
Clarify pklocalauthority(8) man page
Suggestions from
https://bugzilla.redhat.com/show_bug.cgi?id=534140
Thanks.
David Zeuthen [Wed, 11 Nov 2009 23:00:32 +0000 (18:00 -0500)]
David Zeuthen [Wed, 11 Nov 2009 22:55:04 +0000 (17:55 -0500)]
Drop ununsed policykit actions
David Zeuthen [Wed, 11 Nov 2009 22:08:36 +0000 (17:08 -0500)]
Port lockdown from pklalockdown(1) to D-Bus methods
Also rename the action from org.freedesktop.policykit.localauthority.lockdown
to org.freedesktop.policykit.lockdown since any authority implementation
can now implement this.
This changes only ABI/API used by e.g. polkit-gnome. This is fine
since we're not at 1.0 yet.
David Zeuthen [Wed, 11 Nov 2009 15:46:50 +0000 (10:46 -0500)]
Add methods AddLockdownForAction() and RemoveLockdownForAction()
Now to implement this in the interactive authority...
Michael Biebl [Wed, 21 Oct 2009 17:13:21 +0000 (13:13 -0400)]
Bug 24176 – Current git master fails to build, GLIB_LDADD -> GLIB_LIBS
Signed-off-by: David Zeuthen <davidz@redhat.com>
Andreas Sandberg [Wed, 21 Oct 2009 17:09:51 +0000 (13:09 -0400)]
Bug 24235 – polkit-agent-helper may call pam_end with a stale pam handle
polkit-agent-helper calls pam_end on pam_h without setting pam_h to
NULL. This causes the error handler to call pam_end on the stale
handler if the send_dbus_message procedure fails, which in turn
generates a SIGSEGV.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Matthias Clasen [Wed, 21 Oct 2009 16:45:04 +0000 (12:45 -0400)]
Bug 24640 – Typos in pklocalauthority(8)
Signed-off-by: David Zeuthen <davidz@redhat.com>
Alexander Sack [Thu, 15 Oct 2009 17:16:57 +0000 (19:16 +0200)]
Bug 24566 – Properly _ref authority in singleton constructor
http://bugs.freedesktop.org/show_bug.cgi?id=24566
Signed-off-by: David Zeuthen <davidz@redhat.com>
Samuel Thibault [Thu, 15 Oct 2009 20:52:40 +0000 (16:52 -0400)]
Bug 24495 – Fails to build on platforms without PATH_MAX (like hurd)
PATH_MAX, which hurd-i386 doesn't define since it doesn't have such
arbitrary limitation. The attached patch fixes it by just using
glibc's get_current_dir_name() extension when available.
Signed-off-by: Michael Biebl <mbiebl@gmail.com>
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 29 Sep 2009 15:57:23 +0000 (11:57 -0400)]
Clarify when AllowUserInteraction should and shouldn't be used
See https://bugzilla.redhat.com/show_bug.cgi?id=526053 for more details.