David Zeuthen [Thu, 29 Jan 2009 17:17:30 +0000 (12:17 -0500)]
clean up trailing whitespace in TODO file
Matthias Clasen [Wed, 28 Jan 2009 22:58:02 +0000 (17:58 -0500)]
update docs/TODO with TODOs from the source code
Matthias Clasen [Thu, 29 Jan 2009 04:25:31 +0000 (23:25 -0500)]
trivial cleanup
Remove a leftover TODO and assignment.
David Zeuthen [Wed, 28 Jan 2009 15:35:10 +0000 (10:35 -0500)]
write HACKING file
Matthias Clasen [Wed, 28 Jan 2009 03:18:37 +0000 (22:18 -0500)]
fill out sections about subject/identity in the man page
Signed-off-by: David Zeuthen <davidz@redhat.com>
David Zeuthen [Tue, 27 Jan 2009 22:24:41 +0000 (17:24 -0500)]
limit Change() signal storm by looking at the file monitor event
David Zeuthen [Tue, 27 Jan 2009 20:09:32 +0000 (15:09 -0500)]
add Changed() signal that is fired when actions/authorizations change
David Zeuthen [Tue, 27 Jan 2009 19:23:23 +0000 (14:23 -0500)]
remove debug spew for 'run' command in polkit-1
David Zeuthen [Tue, 27 Jan 2009 19:09:15 +0000 (14:09 -0500)]
make authentication agents reconnect if polkitd-1 is restarted
David Zeuthen [Tue, 27 Jan 2009 18:40:54 +0000 (13:40 -0500)]
add TODO item about having the authentication agent reconnect
David Zeuthen [Tue, 27 Jan 2009 18:16:54 +0000 (13:16 -0500)]
add a TODO item about the need for file monitors
David Zeuthen [Tue, 27 Jan 2009 17:57:10 +0000 (12:57 -0500)]
implement 'run' command for polkit-1
David Zeuthen [Tue, 27 Jan 2009 16:44:18 +0000 (11:44 -0500)]
add TODO item about being able to cancel a CheckAuthorization() call
David Zeuthen [Tue, 27 Jan 2009 16:06:06 +0000 (11:06 -0500)]
update TODO list
David Zeuthen [Tue, 27 Jan 2009 15:59:10 +0000 (10:59 -0500)]
remove TODO item about moving commits to main repo as this is done
David Zeuthen [Tue, 27 Jan 2009 15:52:09 +0000 (10:52 -0500)]
Merge branch 'master' of /home/davidz/Hacking/polkit
David Zeuthen [Tue, 27 Jan 2009 15:51:10 +0000 (10:51 -0500)]
prepare for merge of rewritten PolicyKit
David Zeuthen [Mon, 26 Jan 2009 21:40:43 +0000 (16:40 -0500)]
split core TODO items into separate groups for core and backend
David Zeuthen [Mon, 26 Jan 2009 21:33:27 +0000 (16:33 -0500)]
update TODO list
David Zeuthen [Mon, 26 Jan 2009 17:20:54 +0000 (12:20 -0500)]
start writing a TODO list
Richard Hughes [Mon, 26 Jan 2009 17:06:50 +0000 (12:06 -0500)]
also dist org.freedesktop.ConsoleKit.xml
David Zeuthen [Wed, 21 Jan 2009 06:31:34 +0000 (01:31 -0500)]
fix 'make distcheck'
David Zeuthen [Wed, 21 Jan 2009 06:01:58 +0000 (01:01 -0500)]
fix up docs
David Zeuthen [Wed, 21 Jan 2009 05:27:13 +0000 (00:27 -0500)]
finish authentication agent integration
Yay, it works!
David Zeuthen [Tue, 20 Jan 2009 23:29:29 +0000 (18:29 -0500)]
add more infrastructure for authentication agent integration
David Zeuthen [Tue, 20 Jan 2009 23:04:49 +0000 (18:04 -0500)]
honor implicit authorizations
Yay, only major bit remaining now is to call out to the authentication
agent on CHALLENGE...
David Zeuthen [Tue, 20 Jan 2009 21:18:18 +0000 (16:18 -0500)]
add enumeration and handling of implicit authorizations
Now to actually use them...
David Zeuthen [Tue, 20 Jan 2009 20:05:59 +0000 (15:05 -0500)]
implement UnregisterAuthenticationAgent()
David Zeuthen [Tue, 20 Jan 2009 19:56:28 +0000 (14:56 -0500)]
add infrastructure for registering/unregistering authentication agents
David Zeuthen [Tue, 20 Jan 2009 18:31:41 +0000 (13:31 -0500)]
add a hash() method to the Subject interface
David Zeuthen [Tue, 20 Jan 2009 18:30:50 +0000 (13:30 -0500)]
remember to install polkittypes.h
David Zeuthen [Tue, 20 Jan 2009 05:36:25 +0000 (00:36 -0500)]
first cut at authentication helper library
Not finished yet...
David Zeuthen [Tue, 20 Jan 2009 05:35:43 +0000 (00:35 -0500)]
add pkgconfig files
David Zeuthen [Tue, 20 Jan 2009 00:40:34 +0000 (19:40 -0500)]
add buildsys stuff for authentication library support
David Zeuthen [Tue, 20 Jan 2009 00:08:10 +0000 (19:08 -0500)]
restrict add/remove of temporary authorizations to users
David Zeuthen [Tue, 20 Jan 2009 00:03:07 +0000 (19:03 -0500)]
rename check_temporary_authorization_for_subject() to something more logical
David Zeuthen [Tue, 20 Jan 2009 00:00:08 +0000 (19:00 -0500)]
make it possible to grant/revoke/use authorizations from groups
David Zeuthen [Mon, 19 Jan 2009 23:34:40 +0000 (18:34 -0500)]
implement adding/removing temporary authorizations
David Zeuthen [Mon, 19 Jan 2009 22:48:09 +0000 (17:48 -0500)]
implement grant and revoke for permanent authorizations
David Zeuthen [Mon, 19 Jan 2009 21:45:49 +0000 (16:45 -0500)]
make CheckAuthorization() use permanent authorizations on disk
David Zeuthen [Mon, 19 Jan 2009 21:29:35 +0000 (16:29 -0500)]
begin writing the implementation of the local authorization backend
David Zeuthen [Mon, 19 Jan 2009 21:28:59 +0000 (16:28 -0500)]
add a hash() method to PolkitIdentity
David Zeuthen [Mon, 19 Jan 2009 19:53:48 +0000 (14:53 -0500)]
forgot to add new PolkitIdentity interface
David Zeuthen [Mon, 19 Jan 2009 19:52:46 +0000 (14:52 -0500)]
split Subject into Subject and Identity and revise API
... also remove EnumerateSessions
David Zeuthen [Mon, 19 Jan 2009 01:37:02 +0000 (20:37 -0500)]
add remaining glue for {Add,Remove,Enumerate}Authorization
Now to finish implementing the local files backend....
David Zeuthen [Sun, 18 Jan 2009 21:14:39 +0000 (16:14 -0500)]
rename CheckClaim() to CheckAuthorization()
Also get rid of AuthorizationClaim type and add D-Bus prototypes for a
couple of other methods.
David Zeuthen [Sun, 18 Jan 2009 19:39:05 +0000 (14:39 -0500)]
slighty fix up docs
David Zeuthen [Sun, 18 Jan 2009 19:20:51 +0000 (14:20 -0500)]
add checks for whether someone is authorized to check authorizations
David Zeuthen [Fri, 16 Jan 2009 19:41:48 +0000 (14:41 -0500)]
add PolkitUnixSession and associcated functions
David Zeuthen [Fri, 16 Jan 2009 17:54:11 +0000 (12:54 -0500)]
remove attributes from AuthorizationClaim and CheckClaim()
David Zeuthen [Fri, 16 Jan 2009 17:25:09 +0000 (12:25 -0500)]
implement 'polkit-1 list authorizations'
David Zeuthen [Thu, 15 Jan 2009 17:13:59 +0000 (12:13 -0500)]
add async versions of PolkitAuthority methods
David Zeuthen [Tue, 13 Jan 2009 23:37:59 +0000 (18:37 -0500)]
rudimentary monitoring of seats and sessions
Will add public API a'la
gboolean polkit_session_monitor_is_subject_active ();
as needed.
David Zeuthen [Tue, 13 Jan 2009 21:27:54 +0000 (16:27 -0500)]
start writing a SessionMonitor class
David Zeuthen [Mon, 12 Jan 2009 22:41:18 +0000 (17:41 -0500)]
add debug for each CheckClaim() call
David Zeuthen [Mon, 12 Jan 2009 21:54:54 +0000 (16:54 -0500)]
add infrastructure for CheckClaim() method
David Zeuthen [Mon, 12 Jan 2009 21:06:24 +0000 (16:06 -0500)]
introduce a PendingCall type to make all backend operations async
David Zeuthen [Mon, 12 Jan 2009 18:00:35 +0000 (13:00 -0500)]
add polkit_unix_user_new_for_name()
David Zeuthen [Mon, 12 Jan 2009 16:35:03 +0000 (11:35 -0500)]
improve output when enumerating actions using --verbose
David Zeuthen [Sun, 11 Jan 2009 22:06:25 +0000 (17:06 -0500)]
add polkit-1 man page and rework cmd/options handling
David Zeuthen [Wed, 7 Jan 2009 17:33:55 +0000 (12:33 -0500)]
add serialization for subjects and implement Enumerate{Users,Groups}
David Zeuthen [Wed, 7 Jan 2009 00:15:26 +0000 (19:15 -0500)]
add subject interface and some classes implementing this interface
David Zeuthen [Tue, 6 Jan 2009 21:41:21 +0000 (16:41 -0500)]
return NULL for GIcon if there is no icon
David Zeuthen [Tue, 6 Jan 2009 21:39:58 +0000 (16:39 -0500)]
add --version option
David Zeuthen [Tue, 6 Jan 2009 21:35:00 +0000 (16:35 -0500)]
bring back annotations
David Zeuthen [Tue, 6 Jan 2009 19:14:12 +0000 (14:14 -0500)]
slightly rework commandline tool
David Zeuthen [Tue, 6 Jan 2009 18:42:42 +0000 (13:42 -0500)]
forgot to add polkitprivate.h
David Zeuthen [Tue, 6 Jan 2009 18:42:16 +0000 (13:42 -0500)]
forgot to add polkittypes.h
David Zeuthen [Tue, 6 Jan 2009 18:35:24 +0000 (13:35 -0500)]
update to latest EggDBus and rework how things are done
David Zeuthen [Mon, 8 Dec 2008 06:33:00 +0000 (01:33 -0500)]
keep up with EggDBus HEAD, in the removal of _async() and addition of sync()
http://cgit.freedesktop.org/~david/eggdbus/commit/?id=
27afdc7a49ee49290e048364500d5c549f8ac614
David Zeuthen [Sun, 7 Dec 2008 22:55:36 +0000 (17:55 -0500)]
rework AuthorizationClaim to be a GInterface so we can pass it over D-Bus
David Zeuthen [Sun, 7 Dec 2008 21:59:50 +0000 (16:59 -0500)]
fix up namespacing for backend
the namespace is PolkitBackend so use POLKIT_BACKEND_TYPE rather than
POLKIT_TYPE_BACKEND.
David Zeuthen [Sun, 7 Dec 2008 21:44:11 +0000 (16:44 -0500)]
port the .policy file parser and implement EnumerateActions
Also added Danish translations to test that translations work
$ dbus-send --system --print-reply --dest=org.freedesktop.PolicyKit1 /org/freedesktop/PolicyKit1/Authority org.freedesktop.PolicyKit1.Authority.EnumerateActions string:da
method return sender=:1.4481 -> dest=:1.4483 reply_serial=2
array [
struct {
string "org.freedesktop.policykit.modify-defaults"
string "Konfigurer implicit autorisering"
string "Autentificering er påkrævet for ændre implicit autorisering"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.read"
string "Læs andre brugers autoriseringer"
string "Autentificering er påkrævet for at læse andre brugers autoriseringer"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
dict entry(
string "org.freedesktop.PolicyKit.run-as-superuser.path"
string "/usr/bin/BlahBlaster"
)
]
}
struct {
string "org.freedesktop.policykit.grant"
string "Autoriser en anden bruger"
string "Autentificering er påkrævet for at autorisere andre brugere"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.revoke"
string "Fjern autorisering fra en anden bruger"
string "Autentificering er påkrævet for at fjerne en autosering fra en anden bruger"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
]
$ dbus-send --system --print-reply --dest=org.freedesktop.PolicyKit1 /org/freedesktop/PolicyKit1/Authority org.freedesktop.PolicyKit1.Authority.EnumerateActions string:
method return sender=:1.4481 -> dest=:1.4484 reply_serial=2
array [
struct {
string "org.freedesktop.policykit.modify-defaults"
string "Modify defaults for implicit authorizations"
string "Authentication is required to modify the defaults for implicit authorizations"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.read"
string "Read authorizations of other users"
string "Authentication is required to read authorizations of other users"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
dict entry(
string "org.freedesktop.PolicyKit.run-as-superuser.path"
string "/usr/bin/BlahBlaster"
)
]
}
struct {
string "org.freedesktop.policykit.grant"
string "Grant authorizations to other users"
string "Authentication is required to grant authorizations to other users"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
struct {
string "org.freedesktop.policykit.revoke"
string "Revoke authorizations from other users"
string "Authentication is required to revoke authorizations other users"
string "The PolicyKit Project"
string "http://hal.freedesktop.org/docs/PolicyKit/"
string ""
array [
]
}
]
David Zeuthen [Sun, 7 Dec 2008 19:14:19 +0000 (14:14 -0500)]
add core polkit actions
David Zeuthen [Sun, 7 Dec 2008 19:01:50 +0000 (14:01 -0500)]
add a ActionPool class and rename BackendLocal to BackendLocalAuthority
David Zeuthen [Sun, 7 Dec 2008 18:14:08 +0000 (13:14 -0500)]
turn PolkitActionDescription into an user defined struct
Now to port the XML parser and land it in polkitbackend so backends
can easily implement EnumerateActions().
David Zeuthen [Sun, 7 Dec 2008 17:38:40 +0000 (12:38 -0500)]
use eggdbus to generate the AuthorizationResult enumeration
David Zeuthen [Sun, 7 Dec 2008 17:32:35 +0000 (12:32 -0500)]
fix up gtkdoc cleaning
David Zeuthen [Sun, 7 Dec 2008 17:26:19 +0000 (12:26 -0500)]
change code style to be like GLib and generate error domain
Also port to use non-reffing structs in EggDBus HEAD.
David Zeuthen [Thu, 4 Dec 2008 01:46:17 +0000 (20:46 -0500)]
update for arg shuffling in EggDBus HEAD
David Zeuthen [Thu, 4 Dec 2008 00:01:07 +0000 (19:01 -0500)]
implement EnumerateUsers()
David Zeuthen [Wed, 3 Dec 2008 19:01:12 +0000 (14:01 -0500)]
forgot to add local backend impl
David Zeuthen [Wed, 3 Dec 2008 18:59:12 +0000 (13:59 -0500)]
start using EggDBus
David Zeuthen [Thu, 6 Nov 2008 15:45:31 +0000 (10:45 -0500)]
fix up autogen.sh
David Zeuthen [Thu, 6 Nov 2008 15:43:38 +0000 (10:43 -0500)]
initial commit
David Zeuthen [Fri, 15 Aug 2008 21:47:06 +0000 (17:47 -0400)]
api cleanup (part 1)
David Zeuthen [Thu, 31 Jul 2008 21:40:12 +0000 (17:40 -0400)]
add backend daemon
It's not right useful right now; it only says Hello() like a parrot
$ dbus-send --print-reply --system --dest=org.freedesktop.PolicyKit.Backend / org.freedesktop.PolicyKit.Backend.Hello string:Hi!
method return sender=:1.5180 -> dest=:1.5188 reply_serial=2
string "You said 'Hi!'"
David Zeuthen [Thu, 31 Jul 2008 21:27:12 +0000 (17:27 -0400)]
also remove polkitd for now
(it may return later on)
David Zeuthen [Thu, 31 Jul 2008 21:14:55 +0000 (17:14 -0400)]
bump to version 0.90 and ensure we're parallel installable with 0.9
This is the first move towards 1.0; also
- kill the config file
- merge libpolkit and libpolkit-dbus
Now to write a system daemon that libpolkit will use for the
backend. Expect HEAD to be broken for a few weeks at least.
Also see http://ometer.com/parallel.html for what "parallel
installable" means. As a result, all the binaries, man pages, .policy
file dir and so forth have been renamed too. I expect the API to
change a bit. So some (not much though) porting to PolicyKit 1.0 will
be required by current users.
David Zeuthen [Tue, 22 Jul 2008 16:43:28 +0000 (12:43 -0400)]
update NEWS again
David Zeuthen [Tue, 22 Jul 2008 16:42:35 +0000 (12:42 -0400)]
fix 'make distcheck'
David Zeuthen [Tue, 22 Jul 2008 16:32:37 +0000 (12:32 -0400)]
update NEWS for release
David Zeuthen [Tue, 22 Jul 2008 16:29:13 +0000 (12:29 -0400)]
update README (for the right wiki page) and COPYING (for my email address)
David Zeuthen [Mon, 30 Jun 2008 19:44:02 +0000 (15:44 -0400)]
fix up permissions / docs for certain helpers and files/directories
Also document in README why the various permissions/modes are
used. Thanks to Michael Biebl <biebl@debian.org> for pointing this
out.
David Zeuthen [Tue, 6 May 2008 16:45:28 +0000 (12:45 -0400)]
always allow uid 0 to ask about authorizations for anyone
Joe Marcus Clarke [Thu, 1 May 2008 21:02:56 +0000 (17:02 -0400)]
remove watch on fd when reaching EOF
On Wed, 2008-04-30 at 16:30 -0400, David Zeuthen wrote:
> On Wed, 2008-04-30 at 16:21 -0400, Joe Marcus Clarke wrote:
> > David Zeuthen wrote:
> > > On Wed, 2008-04-30 at 13:52 -0400, Joe Marcus Clarke wrote:
> > >> David Zeuthen wrote:
> > >>> On Wed, 2008-04-30 at 13:44 -0400, Joe Marcus Clarke wrote:
> > >>>> Correct. I think it does read all the data, then the stream puts out
> > >>>> EOF which causes the helper to be called ad infinitum.
> > >>> I see. Mmm.. In that case, polkit_grant_io_func() can detect EOF
> > >>> (getline() returning -1) and then call the remove_watch() method
> > >>> supplied by polkit-gnome-manager.c right?
> > >> It could, but what's the difference between that and returning FALSE in
> > >> the caller? Both would result in the watch being removed. And since
> > >> the io_func reads the entire amount of data (until EOF) that shouldn't
> > >> be a problem.
> > >
> > > The PAM conversation happens over that fd and for some cases I don't
> > > think we read all the data at once. So there may be multiple calls to
> > > polkit_grant_io_func(). As such, returning FALSE won't work for all
> > > cases.
> >
> > It looks like it will (read all data). The polkit_grant_io_func() runs
> > in a while loop waiting for readline to return -1. I don't see that
> > this function ever returns to the caller until readline returns -1
> > (signifying EOF or some other error). Am I misunderstanding something?
>
> No, you're right, that's how it works right now. But in the future this
> function might return control back to the application and then it needs
> to be called again by the watch when the application goes to process the
> main loop.
>
> Anyway, the other main reason I'd like polkit_grant_io_func() to call
> remove_watch() as opposed to making io_watch_have_data() in
> polkit-gnome-manager.c return FALSE is because of the fact that
> PolicyKit-gnome is just one of many users of libpolkit-grant (others
> right now are: polkit-auth(1), the PolicyKit-kde project that some
> people are working on)
That works. Adding this hunk to polkit-grant.c fixes the problem:
@@ -419,6 +420,8 @@ polkit_grant_io_func (PolKitGrant *polki
if (line != NULL)
free (line);
+
+ polkit_grant->func_remove_watch (polkit_grant, polkit_grant->io_watch_id);
}
/**
Joe
David Zeuthen [Wed, 30 Apr 2008 17:23:05 +0000 (13:23 -0400)]
fix typo
David Zeuthen [Wed, 30 Apr 2008 17:21:04 +0000 (13:21 -0400)]
fix autotools screwup
I hate autotools.
David Zeuthen [Wed, 30 Apr 2008 17:11:25 +0000 (13:11 -0400)]
fix some build stuff to so the test suites run
David Zeuthen [Wed, 30 Apr 2008 16:54:08 +0000 (12:54 -0400)]
need to link with libkit.la for some helpers
projects / platform / upstream / polkit.git / log