David Zeuthen [Thu, 8 Nov 2007 20:29:02 +0000 (15:29 -0500)]
forgot to add src/Makefile.am
David Zeuthen [Thu, 8 Nov 2007 20:26:43 +0000 (15:26 -0500)]
add unit tests of PolKitPolicyCache
David Zeuthen [Thu, 8 Nov 2007 19:20:58 +0000 (14:20 -0500)]
use unique action names
David Zeuthen [Thu, 8 Nov 2007 17:58:10 +0000 (12:58 -0500)]
add test case for PolKitError to get to 100%
David Zeuthen [Thu, 8 Nov 2007 17:43:23 +0000 (12:43 -0500)]
add some gtk-doc to private bits to get doc coverage to 100%
David Zeuthen [Thu, 8 Nov 2007 17:37:38 +0000 (12:37 -0500)]
fix build with all library soruce in src/
David Zeuthen [Thu, 8 Nov 2007 17:26:31 +0000 (12:26 -0500)]
move all library source to a src/ directory
This is primarily so gtk-doc can target only libraries. Needs lots of
fixing; will be done in upcoming commits.
David Zeuthen [Thu, 8 Nov 2007 17:24:17 +0000 (12:24 -0500)]
reimplement string hashing and comparison
David Zeuthen [Thu, 8 Nov 2007 00:09:40 +0000 (19:09 -0500)]
add doubly-linked lists
David Zeuthen [Tue, 6 Nov 2007 21:55:08 +0000 (16:55 -0500)]
hook up expat to use our memory handling API
Disable by default because, unfortunately, expat seems to leak on
certain OOM paths. Sigh.
David Zeuthen [Tue, 6 Nov 2007 21:01:07 +0000 (16:01 -0500)]
also dist test .policy files
David Zeuthen [Tue, 6 Nov 2007 20:55:49 +0000 (15:55 -0500)]
increase test coverage for PolKitPolicyFile
David Zeuthen [Tue, 6 Nov 2007 20:55:02 +0000 (15:55 -0500)]
fix some unaligned access bugs
David Zeuthen [Tue, 6 Nov 2007 17:03:42 +0000 (12:03 -0500)]
add unit tests for PolKitPolicyFile and add some features to PolKitHash
David Zeuthen [Mon, 5 Nov 2007 20:28:33 +0000 (15:28 -0500)]
improve coverage of PolKitPolicyFileEntry by switching to PolKitHashTable
David Zeuthen [Mon, 5 Nov 2007 19:59:31 +0000 (14:59 -0500)]
implement polkit_hash_foreach
David Zeuthen [Mon, 5 Nov 2007 18:41:03 +0000 (13:41 -0500)]
export memory mangement and hash table functions
David Zeuthen [Mon, 5 Nov 2007 18:34:45 +0000 (13:34 -0500)]
implement our own hash table with 100% test coverage
David Zeuthen [Sun, 4 Nov 2007 16:05:58 +0000 (11:05 -0500)]
add unit tests for PolKitPolicyFileEntry
We're only at 78@ coverage; need to reimplement GHashTable...
David Zeuthen [Sun, 4 Nov 2007 00:39:23 +0000 (20:39 -0400)]
add unit tests for PolKitPolicyDefault
David Zeuthen [Sat, 3 Nov 2007 23:06:22 +0000 (19:06 -0400)]
add unit tests for PolKitCaller
David Zeuthen [Sat, 3 Nov 2007 22:13:44 +0000 (18:13 -0400)]
add unit tests for PolKitSession
David Zeuthen [Sat, 3 Nov 2007 21:50:35 +0000 (17:50 -0400)]
add unit tests for PolKitSeat
David Zeuthen [Sat, 3 Nov 2007 21:34:33 +0000 (17:34 -0400)]
add unit tests for PolKitResult
David Zeuthen [Sat, 3 Nov 2007 21:21:53 +0000 (17:21 -0400)]
implement OOM testing
The glib dep removal. It has begun.
David Zeuthen [Sat, 3 Nov 2007 19:53:41 +0000 (15:53 -0400)]
add tests for PolKitError
David Zeuthen [Sat, 3 Nov 2007 19:24:36 +0000 (15:24 -0400)]
remove dead code
David Zeuthen [Sat, 3 Nov 2007 19:21:10 +0000 (15:21 -0400)]
extend test coverage for PolKitAction
It's now at 100%. Yay me.
David Zeuthen [Sat, 3 Nov 2007 18:40:13 +0000 (14:40 -0400)]
add unit test framework with gcov coverage support (make check-coverage)
This is what it looks like
==============================================================================
Test coverage for module polkit:
==============================================================================
polkit-sysdeps.c : 0% (0 of 38)
polkit-error.c : 0% (0 of 44)
polkit-result.c : 0% (0 of 16)
polkit-context.c : 0% (0 of 213)
polkit-action.c : 34% (20 of 58)
polkit-seat.c : 0% (0 of 34)
polkit-session.c : 0% (0 of 97)
polkit-caller.c : 0% (0 of 81)
polkit-policy-file-entry.c : 0% (0 of 72)
polkit-policy-file.c : 0% (0 of 220)
polkit-policy-cache.c : 0% (0 of 98)
polkit-policy-default.c : 0% (0 of 67)
polkit-debug.c : 0% (0 of 15)
polkit-utils.c : 0% (0 of 42)
polkit-config.c : 0% (0 of 263)
polkit-authorization.c : 0% (0 of 162)
polkit-authorization-constraint.c : 0% (0 of 107)
polkit-authorization-db.c : 0% (0 of 222)
Source lines : 6919
Actual statements : 1849
Executed statements : 20
Test coverage : 1%
David Zeuthen [Thu, 1 Nov 2007 05:21:47 +0000 (01:21 -0400)]
updated TODO list
David Zeuthen [Thu, 1 Nov 2007 03:23:33 +0000 (23:23 -0400)]
introduce one-shot authorizations
David Zeuthen [Wed, 31 Oct 2007 18:41:00 +0000 (14:41 -0400)]
make polkit_context_is_[caller|session]_authorized() take a PolKitError
David Zeuthen [Wed, 31 Oct 2007 17:19:24 +0000 (13:19 -0400)]
rename revoke_if_oneshot to is_mechanism and also expose this on D-Bus
David Zeuthen [Wed, 31 Oct 2007 16:48:57 +0000 (12:48 -0400)]
avoid defining the same functions in both libpolkit and libpolkit-grant
Looks like I forgot to delete those when doing the big move in
commit
d9d790870b0372162091b00e19e38a24472a306d
David Zeuthen [Wed, 31 Oct 2007 01:27:06 +0000 (21:27 -0400)]
remember to reset killtimer and fix an error message
David Zeuthen [Wed, 31 Oct 2007 01:17:08 +0000 (21:17 -0400)]
provide a polkit D-Bus service that is activated on demand
Right now we provide two methods
IsProcessAuthorized
IsSystemBusNameAuthorized
This is useful for a couple of reasons
- some mechanisms (e.g. Avahi) runs in a chroot and their only
life-line to the world is a system bus connection. If it were to
use libpolkit (and Lennart says he wants it to, yay!) it would need
to bindmount crazy stuff into the chroot.
- languages for which libpolkit bindings not yet exist can use
this interface
Going forward, this service can expose a private interface meaning we
can get rid of (almost) all of our setgid helpers.
David Zeuthen [Tue, 30 Oct 2007 22:21:04 +0000 (18:21 -0400)]
move authdb write functions to libpolkit-grant
This is primarily to keep libpolkit as minimal as possible as all that
mechanisms will ever need is the ability to read from the authdb.
David Zeuthen [Tue, 30 Oct 2007 21:46:41 +0000 (17:46 -0400)]
rearrange the docs so all API is in one section
Also specificy, per function and class, if it's not in libpolkit.
David Zeuthen [Mon, 29 Oct 2007 19:30:36 +0000 (15:30 -0400)]
use _destroy, not _unref for hash tables
The latter is only in glib 2.10.
Pointed out by Danny Kukawka <danny.kukawka@web.de>.
David Zeuthen [Mon, 29 Oct 2007 05:36:58 +0000 (01:36 -0400)]
fix uid retrival when getting auths from all users
David Zeuthen [Mon, 29 Oct 2007 04:23:45 +0000 (00:23 -0400)]
fix docs
David Zeuthen [Mon, 29 Oct 2007 03:46:54 +0000 (23:46 -0400)]
fix build with dummy backend
David Zeuthen [Mon, 29 Oct 2007 03:43:03 +0000 (23:43 -0400)]
let authdb backends synthesize policy file entries
David Zeuthen [Mon, 29 Oct 2007 03:32:11 +0000 (23:32 -0400)]
minor build system and doc fixes
David Zeuthen [Mon, 29 Oct 2007 03:13:16 +0000 (23:13 -0400)]
move Linux specific code into a single file
Haven't moved the inotify stuff yet; not sure about what abstraction
we need...
David Zeuthen [Mon, 29 Oct 2007 02:06:25 +0000 (22:06 -0400)]
move all private functions into a private header file
David Zeuthen [Mon, 29 Oct 2007 01:30:06 +0000 (21:30 -0400)]
make the authdb pluggable and add a dummy backend as an example
David Zeuthen [Sun, 28 Oct 2007 23:18:37 +0000 (19:18 -0400)]
rewrite authorization database and polkit-grant (now known as polkit-auth)
Also,
- Rename polkit-list-actions to polkit-action.
- Add a bash completion script to the polkit commandline tools.
Authorizations are no longer world-readable. So for this to work with
hal you now need to do this as root
# polkit-auth --user haldaemon --grant org.freedesktop.policykit.read
Distributions needs to do this in the %post scripts or similar.
Sorry for this huge monster patch.
David Zeuthen [Tue, 23 Oct 2007 23:38:00 +0000 (19:38 -0400)]
remember to set uid on PolKitSession
David Zeuthen [Tue, 23 Oct 2007 19:37:38 +0000 (15:37 -0400)]
move POLKIT_GNUC_DEPRECATED to a separate line so gtk-doc is happy
Also document this symbol
David Zeuthen [Tue, 23 Oct 2007 19:29:55 +0000 (15:29 -0400)]
create an API for interfacing with the Authorization Database
This is necessary to make UI like this
http://people.freedesktop.org/~david/Screenshot-Manage%20Authorizations.png
export some useful actions such as granting, revoking and displaying
authorizations.
Previously this API was internal, polkit/polkit-grant-database.[ch],
and linked into polkit-grant(1) and libpolkit-grant(3) through a
static library libpolkit-private.so.
Only polkit-grant have not been ported; libpolkit-grant(3) uses this
API natively now. Internally, right now, the new API just uses
polkit-grant-database.[ch] directly but that is about to change...
David Zeuthen [Tue, 23 Oct 2007 19:25:44 +0000 (15:25 -0400)]
add docs for POLKIT_[BEGIN|END]_DECLS and also add POLKIT_GNUC_DEPRECATED
David Zeuthen [Mon, 22 Oct 2007 16:44:25 +0000 (12:44 -0400)]
use the Since: tag so gtk-doc can print what symbols are new in 0.7
David Zeuthen [Mon, 22 Oct 2007 01:26:38 +0000 (21:26 -0400)]
work on the docs
Now we have diagrams! With happy candy colors too!
David Zeuthen [Sun, 21 Oct 2007 15:10:06 +0000 (11:10 -0400)]
don't spew debug output in libpolkit-dbus
David Zeuthen [Sun, 21 Oct 2007 03:53:16 +0000 (23:53 -0400)]
avoid including regex.h from a public header file
David Zeuthen [Sun, 21 Oct 2007 01:42:43 +0000 (21:42 -0400)]
add C++ include guards and a new method to get pfe's by annotation
David Zeuthen [Thu, 18 Oct 2007 17:44:16 +0000 (13:44 -0400)]
add support to PolKitTracker for also asking on pid
David Zeuthen [Sat, 13 Oct 2007 00:53:19 +0000 (20:53 -0400)]
post-release version bump
Better late than never!
David Zeuthen [Sat, 13 Oct 2007 00:50:57 +0000 (20:50 -0400)]
add id's so the generated HTML has stable and predictable file names
David Zeuthen [Sat, 13 Oct 2007 00:38:13 +0000 (20:38 -0400)]
add the convenience class PolKitTracker
This class allows a mechanism to greatly reduce the syscall and IPC
overhead when checking whether a caller on the system bus message is
allowed to do a specific action. In a nutshell, this class caches
PolKitCaller objects and a) updates them when ConsoleKit emits
ActivityChanged signals; and b) evicts such objects from the cache
when the caller drops off the bus.
There's also an example, in examples/tracker-example/ that shows how
to use this. This example is referenced in the API docs too.
David Zeuthen [Thu, 11 Oct 2007 21:50:30 +0000 (17:50 -0400)]
update NEWS
David Zeuthen [Thu, 27 Sep 2007 17:46:29 +0000 (13:46 -0400)]
make polkit-list-actions print information about <allow_any>
David Zeuthen [Thu, 27 Sep 2007 17:36:11 +0000 (13:36 -0400)]
don't fail on unknown XML tags, just skip them
This change will futureproof libpolkit for extensions; e.g. if there's
an OS upgrade where
a) the PolicyKit package is upgraded to a version where support for a
new tag <allow_foo> is added; and
b) another package, using PolicyKit, is upgraded dropping a .policy
file using the new <allow_foo> tag; then
existing running processes using libpolkit will not fail. They will,
however, not honor the new tags until the daemon process itself is
restarted using e.g. condrestart.
We also log to the system logger whenever we encouter unknown tags.
David Zeuthen [Thu, 27 Sep 2007 16:08:19 +0000 (12:08 -0400)]
implement <allow_any> to specify default answer for any user
This is useful in instances where the OS vendor wants to allow any
user, even remote users logging in via ssh etc., but recognize that
some sites may want to lock this down to a limited set of users.
Suggested by Daniel P. Berrange <berrange@redhat.com>:
<danpb> my specific use case is that in libvirt we don't mind any user
querying for VM status info by default
<danpb> but some admins may wish to lock that ability down
<danpb> so only designated users can query VM status
<davidz> right
<davidz> it makes sense
<davidz> without having giving it too much thought; adding another stanza to
the .policy file might make sense
<davidz> <allow_non_session>yes</allow_non_session>
<davidz> danpb: would that work?
<danpb> yeah, that'd do the trick
<davidz> cool
<davidz> I'll add it then
David Zeuthen [Wed, 26 Sep 2007 19:49:31 +0000 (15:49 -0400)]
add TODO item detailing how to handle upgrades
David Zeuthen [Tue, 25 Sep 2007 20:38:32 +0000 (16:38 -0400)]
add specifics for the Pardus distro
Patch from S.Çağlar Onur <caglar@pardus.org.tr>. Thanks.
Doug Goldstein [Fri, 7 Sep 2007 03:53:53 +0000 (23:53 -0400)]
use chgrp instead of chown with group only
Change to use chgrp instead of chown when only changing a group
Doug Goldstein [Thu, 6 Sep 2007 20:14:24 +0000 (16:14 -0400)]
install hook for setuid/setgid
Current installation uses a local rule which isn't guarenteed to be run
after the automake'd rule, as such it will not always setuid/setgid properly.
This patch switches that to a hook which is guarenteed to run afterwards.
Doug Goldstein [Thu, 6 Sep 2007 16:07:20 +0000 (12:07 -0400)]
gentoo OS type support
Adds Gentoo as a valid OS type
David Zeuthen [Fri, 31 Aug 2007 19:59:59 +0000 (15:59 -0400)]
post-release version bump
David Zeuthen [Fri, 31 Aug 2007 19:56:07 +0000 (15:56 -0400)]
update NEWS file
David Zeuthen [Fri, 31 Aug 2007 19:48:52 +0000 (15:48 -0400)]
bump so name
David Zeuthen [Fri, 31 Aug 2007 19:48:38 +0000 (15:48 -0400)]
fix 'make distcheck' by avoiding with man pages on distcheck
David Zeuthen [Fri, 31 Aug 2007 17:51:10 +0000 (13:51 -0400)]
make polkit-grant-helper-pam out of reach for normal users
Adds a little bit of more security..
David Zeuthen [Tue, 28 Aug 2007 17:33:18 +0000 (13:33 -0400)]
add an example of how define_admin_auth is used
Based on input from Ken VanDine
http://lists.freedesktop.org/archives/hal/2007-August/009402.html
David Zeuthen [Mon, 27 Aug 2007 20:41:40 +0000 (16:41 -0400)]
minor doc changes
David Zeuthen [Mon, 27 Aug 2007 20:39:59 +0000 (16:39 -0400)]
also forgot to add polkit-docs.xml
David Zeuthen [Mon, 27 Aug 2007 18:06:30 +0000 (14:06 -0400)]
also add another missing file
David Zeuthen [Mon, 27 Aug 2007 17:34:49 +0000 (13:34 -0400)]
forgot to add doc/version.xml.in
David Zeuthen [Mon, 27 Aug 2007 15:27:39 +0000 (11:27 -0400)]
make config file override grant database
Even though a caller may have an entry in the grant database (and as
such will see POLKIT_RESULT_YES), change the behavior such that this
is no longer honored unless the config file specifies the result
POLKIT_RESULT_ONLY_VIA_[SELF|ADMIN]_AUTH_{,KEEP_SESSION|KEEP_ALWAYS}.
E.g. this allows the sysadmin to specify things like POLKIT_RESULT_NO
in the config file and that will now make existing grants
useless. This behavior is a lot more natural.
David Zeuthen [Fri, 24 Aug 2007 22:44:14 +0000 (18:44 -0400)]
some more doc fixes
David Zeuthen [Fri, 24 Aug 2007 22:12:07 +0000 (18:12 -0400)]
update inline API docs
David Zeuthen [Fri, 24 Aug 2007 21:25:58 +0000 (17:25 -0400)]
fix up manual pages for some trivial errors
David Zeuthen [Fri, 24 Aug 2007 21:18:12 +0000 (17:18 -0400)]
revert "fixed code documentation issues"
This commit is wrong as the docs are not properly formatted with this
change. This reverts commit
0d69cdc59f51fda93c857171b69ac8f3fe46b745.
David Zeuthen [Fri, 24 Aug 2007 21:15:26 +0000 (17:15 -0400)]
clean up our documentation
- Put all three libraries in the same gtk-doc project
- Include the spec in the gtk-doc project
- Include the manual pages in the gtk-doc project
David Zeuthen [Fri, 24 Aug 2007 19:31:35 +0000 (15:31 -0400)]
convert manual page sources to Docbook, add polkit-config-file-validate tool
Also drop the polkit-check-caller and polkit-check-session tools;
they're not really useful in their current incarnation.
David Zeuthen [Fri, 24 Aug 2007 01:30:55 +0000 (21:30 -0400)]
delay loading the configuration until it's needed
This is especially good for saving CPU cycles as we may get a number
events from inotify and previously we kept reloading/parsing the
configuration file on every event.
David Zeuthen [Fri, 24 Aug 2007 01:08:01 +0000 (21:08 -0400)]
Merge branch 'master' of ssh://david@git.freedesktop.org/git/PolicyKit
David Zeuthen [Fri, 24 Aug 2007 01:07:46 +0000 (21:07 -0400)]
give a little love to polkit-list-actions(1) and polkit-grant(1)
In addition polkit-grant(1) gained a few new features
--list : for listing all grants
--delete <user> : for deleting all grants given to an user
Danny Kukawka [Thu, 23 Aug 2007 12:23:02 +0000 (14:23 +0200)]
fixed compiler warning about uid_t handling
This fixes the same problem with uid_t as we had with HAL some time ago
on 64bit architectures in PolicyKit. This time I removed the useless check:
uid == ((unsigned long) -1)
because this is always false on 64bit (comparison is always false due to
limited range of data type) and because the DBusError from the
dbus_bus_get_unix_user() call is set if the function returns DBUS_UID_UNSET
so we need only to check if the error is set.
Danny Kukawka [Thu, 23 Aug 2007 12:05:34 +0000 (14:05 +0200)]
fixed code documentation issues
Fixed code documentation issues:
* s/<programlisting>/@code/
* removed @void: from polkit_grant_new()
David Zeuthen [Wed, 22 Aug 2007 22:32:50 +0000 (18:32 -0400)]
add support for annotations
Richard Hughes [Wed, 22 Aug 2007 19:36:15 +0000 (15:36 -0400)]
work when SELinux is disabled
I've compiled with selinux and have it turned off. The attached patch
stops the warnings for me.
Richard.
David Zeuthen [Tue, 21 Aug 2007 03:01:19 +0000 (23:01 -0400)]
gracefully handle bad config/policy files, drop polkit-reload-config, syslog
- don't abort/malfunction if the /etc/PolicyKit/PolicyKit.conf
configuration file is malformed; simply just continue as normal
but return 'no' to every question asked. Also use syslog(3) to
report this to the system log
- if a .policy file is malformed, simply skip it and still include
other well-formed .policy files. Use syslog(3) to report if indeed
a .policy file is malformed.
- drop /var/lib/PolicyKit/reload and rely on inotify to detect changes to
- /etc/PolicyKit/PolicyKit.conf
- Policy files in /usr/share/PolicyKit/policy
- privileges in /var/lib/PolicyKit and /var/run/PolicyKit
As a result, changes made to /etc/PolicyKit/PolicyKit.conf (typically
an admin edits this file) and .policy files (typically these can
change on package upgrades) in /usr/share/PolicyKit/policy are
instantly picked up.
David Zeuthen [Tue, 21 Aug 2007 01:48:21 +0000 (21:48 -0400)]
avoid the now defunct group concept in polkit-list-actions
David Zeuthen [Tue, 21 Aug 2007 01:47:25 +0000 (21:47 -0400)]
minor doc cleanups
David Zeuthen [Tue, 21 Aug 2007 00:38:24 +0000 (20:38 -0400)]
rip out group concept from .policy files and rename <policy> element to <action>
David Zeuthen [Mon, 20 Aug 2007 23:59:49 +0000 (19:59 -0400)]
make libpolkit-grant less noisy
David Zeuthen [Mon, 20 Aug 2007 23:59:10 +0000 (19:59 -0400)]
make polkit-grant(1) work with <define_admin_user /> feature