| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
See discussion in https://bugs.freedesktop.org/show_bug.cgi?id=63573 .
|
|
... to silence warnings when g-ir-scanner warnings are enabled.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
Fold PolkitImplicitAuthorization and PolkitCheckAuthorizationFlags
into the relevant classes in the section list; polkit-1-docs.xml is
already not including the enum documents.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
All of these are a part of public API with some external users. Do the
minimum to avoid a warning; ideally we should also add a
*_DISABLE_DEPRECATED macro etc.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
The related new_for_gvariant() is private already, this seems also
intended to be private. searchco.de doesn't show any external users.
https://bugs.freedesktop.org/show_bug.cgi?id=63573
|
|
As per the intructions in the introspection Makefile, we should have a
line declaring a dependency between the .gir and .la files.
https://bugs.freedesktop.org/show_bug.cgi?id=57077
Signed-off-by: David Zeuthen <zeuthen@gmail.com>
|
|
It's useful to be more specific because we also want an option to
install a systemd .service file which you may not want even if you are
using libsystemd-login...
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Additionally, add a "fallback" option. Also add support in this in the
pkttyagent(1) program.
This slightly breaks libpolkit-backend API by adding a GVariant* param
to one of the class vfuncs... but that API is already declared
unstable so that's fine.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Also, don't treat the integer returned by sd_session_get_uid() as a
boolean because that's just confusing.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Also, don't treat the integer returned by sd_pid_get_session() as a
boolean because that's just confusing. Also, don't confuse memory
supposed to be freed by g_free() and free(3) with each other. See
https://bugzilla.redhat.com/show_bug.cgi?id=787222
for more details.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Fix autogen.sh to work when run from the builddir.
Also: switch over to using the gobject-introspection Makefile (which is
out-of-tree safe) instead of hardcoding our own version.
https://bugs.freedesktop.org/show_bug.cgi?id=44599
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
When configured with --enable-systemd, this patch makes
polkit use systemd for session tracking instead of ConsoleKit.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=43610
Added netgroup support and additional unit tests with MockLibc support.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=39315
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
This is needed to avoid possible TOCTTOU issues since a process can
change both its real uid and effective uid.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
On Linux, also switch to parsing /proc/<pid>/status instead of relying
on the st_uid returned by stat(2) to be the uid we want.
This was pointed out by Neel Mehta <nmehta@google.com>. Thanks!
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Instead, pass the untranslated message as polkit.message and set the
gettext domain on polkit.gettext_domain. For printf()-style messages,
occurences of the form $(name_of_key) in the translated version of
polkit.message are expanded with the value of the property
name_of_key. See the pkexec(1) mechanism for an example of how to use
this.
Additionally, the property polkit.icon_name can be set to the
icon. Note that not all authentication agents use this - in
particular, gnome-shell does not.
It is no longer possible to set the details to be shown in the
authentication dialog. It was never a good idea to hide information
there anyway. Instead, the mechanism should format a meaningful
message.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
This is much easier than writing a PolkitBackendActionLookup class and
installing an extension. On the downside it requires the caller to be
uid 0.
Example: http://people.freedesktop.org/~david/polkit-pass-messages.png
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=29712
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=27253
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=30653
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
These are defined in polkitenumtypes.h, don't re-define them.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
In particular accept both "unix-process:<pid>,<starttime>" and
"unix-process:<pid>". For the latter, return an error if we cannot
lookup the starttime (for example if the given pid references a
non-existing process).
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Also fix a locking bug.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
... and deprecate polkit_authority_get(). Also fix up locking in
PolkitAuthority.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Based on code from Matthias Clasen <mclasen@redhat.com>.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
This is better implemented as a separate set of extension to the local
authority. The only current known user, PolkitLockButton, will be
ported away from using these interfaces.
Since polkit still hasn't reached 1.0 this removal of functionality is
OK especially since the NEWS file has already wanred something like
this may happen.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
This is hit by the authentication agent in order to display a padlock
when temporary authorizations exist.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
E.g. actually clean up everything before exiting. This makes it much
easier to chase memory leaks.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Also simplify the code it by using the on-disk database. Makes
everything a lot simpler.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
|
|
Also rename the action from org.freedesktop.policykit.localauthority.lockdown
to org.freedesktop.policykit.lockdown since any authority implementation
can now implement this.
This changes only ABI/API used by e.g. polkit-gnome. This is fine
since we're not at 1.0 yet.
|
|
Now to implement this in the interactive authority...
|
|
http://bugs.freedesktop.org/show_bug.cgi?id=24566
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
|
See https://bugzilla.redhat.com/show_bug.cgi?id=526053 for more details.
|
|
Also bump requirement on EggDBus to 0.6 (to be released later) for a
bug-fix with flag properties.
|
|
When using polkit_unix_process_new_full() the start-time
wasn't being set from the process' PID if it wasn't
passed to the function.
Signed-off-by: David Zeuthen <davidz@redhat.com>
|
