summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* State that authorization rules must not rely on SpiderMonkey featureswip/js-rule-filesDavid Zeuthen2012-06-041-5/+13
| | | | | | ... e.g. we reserve the right to switch out the JS engine. Signed-off-by: David Zeuthen <zeuthen@gmail.com>
* Small updates to the "Writing polkit applications" chapterDavid Zeuthen2012-06-041-74/+161
| | | | Signed-off-by: David Zeuthen <zeuthen@gmail.com>
* Update pkexec(1) man page with exampleDavid Zeuthen2012-06-041-0/+1
| | | | Signed-off-by: David Zeuthen <zeuthen@gmail.com>
* Update links to udisks docsDavid Zeuthen2012-06-041-4/+2
| | | | Signed-off-by: David Zeuthen <zeuthen@gmail.com>
* Rewrite the "Writing polkit applications" chapterDavid Zeuthen2012-05-251-38/+142
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Log when the name org.fd.PolicyKit1 has been acquiredDavid Zeuthen2012-05-251-6/+6
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Run polkitd as an unprivileged userDavid Zeuthen2012-05-257-14/+136
| | | | | | There's really no reason to run all this code as uid 0. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Remove unused DBUS_GLIB_* and GIO_* variablesDavid Zeuthen2012-05-252-5/+0
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Ensure polkitd is rebuilt if libpolkit-backend-1.la changesDavid Zeuthen2012-05-251-1/+1
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Move polkitd into src/polkitbackendDavid Zeuthen2012-05-255-43/+27
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Use g_unix_signal_add() from GLib 2.30David Zeuthen2012-05-255-199/+4
| | | | | | ... instead of the one I wrote myself. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Clarify pkexec(1) variablesDavid Zeuthen2012-05-245-38/+42
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Combine action and details parametersDavid Zeuthen2012-05-249-352/+382
| | | | | | | | | | This also removes the ability to change detail parameters which is actually a good thing. If we later need a way to change the authentication message, we can always add something like polkit.addAuthenticationMessageRule() so the user can register a function returning a string. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Use a condition variable to signal that runaway killer thread is readyDavid Zeuthen2012-05-241-5/+16
| | | | | | ... instead of the unsafe g_thread_yield() busy-wait loop. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Terminate runaway scriptsDavid Zeuthen2012-05-244-25/+205
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Use "rules", not "scripts" to refer to files in rules.dDavid Zeuthen2012-05-231-3/+3
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Pass expanded identity list to the AuthenticationSessionDavid Zeuthen2012-05-231-24/+24
| | | | | | | ... otherwise it things like admin-identities being set to ["unix-group:session"] won't work. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Add default rulesDavid Zeuthen2012-05-233-10/+16
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Store private binaries in /usr/lib/polkit-1 instead of /usr/libexecDavid Zeuthen2012-05-237-19/+16
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Mention systemd(1) in the polkitd(8) man pageDavid Zeuthen2012-05-231-3/+11
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Nuke polkitbackend library, localauthority backend and extension systemDavid Zeuthen2012-05-2327-2751/+16
| | | | | | | | | | | Any backend can now be implemented in JavaScript (if so desired) so we don't need any of this any more. Note that the libpolkitbackend library was never declared stable (the preprocessor symbol POLKIT_BACKEND_I_KNOW_API_IS_SUBJECT_TO_CHANGE had to be defined) so removing it is not an API/ABI break. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Add a systemd .service fileDavid Zeuthen2012-05-235-3/+42
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Fix distcheckDavid Zeuthen2012-05-231-1/+2
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Rename --enable-systemd to --enable-libsystemd-loginDavid Zeuthen2012-05-233-23/+23
| | | | | | | | It's useful to be more specific because we also want an option to install a systemd .service file which you may not want even if you are using libsystemd-login... Signed-off-by: David Zeuthen <davidz@redhat.com>
* Add real-world example featuring udisks2 and the drive.* variables it passesDavid Zeuthen2012-05-231-1/+25
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Make polkit_details_insert() remove the key if passed value is NULLDavid Zeuthen2012-05-231-1/+6
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Use <variablelist> instead of <informaltable> for Subject attributesDavid Zeuthen2012-05-231-48/+64
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Mention details["polkit.message"] and add an example using detailsDavid Zeuthen2012-05-231-5/+48
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Fix a couple typos in the docsDavid Zeuthen2012-05-233-5/+5
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Fix spelingDavid Zeuthen2012-05-221-1/+1
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* polkitd: add reference to polkit(8) from its man pageDavid Zeuthen2012-05-221-1/+4
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Clarify docs a bitDavid Zeuthen2012-05-221-8/+6
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* docs: update SEE ALSO to make each man page point to all other man pagesDavid Zeuthen2012-05-225-8/+16
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* docs: enclose local <citerefentry> in <link> to make links workDavid Zeuthen2012-05-226-78/+29
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Update docsDavid Zeuthen2012-05-2217-872/+569
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Create rules.d directoriesDavid Zeuthen2012-05-222-0/+11
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Add test-cases and 10 second timeout for polkit.spawn()David Zeuthen2012-05-213-11/+538
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Mention unix-netgroup:xyz as a valid return value in addAdminRule() functionsDavid Zeuthen2012-05-211-1/+2
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Minor doc fixesDavid Zeuthen2012-05-211-7/+4
| | | | | | Nuke the has_prefix() helper, it's just confusing. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Add netgroup supportDavid Zeuthen2012-05-216-2/+103
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Test that subject.isInGroup() worksDavid Zeuthen2012-05-212-1/+37
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Add test cases for evaluation orderDavid Zeuthen2012-05-217-11/+201
| | | | | | | In fact, this test uncovered that we were evaluating the rules in the wrong order. Fix this. Signed-off-by: David Zeuthen <davidz@redhat.com>
* docs: emphasize that registered functions may actually never be calledDavid Zeuthen2012-05-211-2/+11
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Use addRule() and addAdminRule()David Zeuthen2012-05-213-27/+28
| | | | | | ... as the man page already says. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Also load rules from /usr/share/polkit/rules.dDavid Zeuthen2012-05-214-68/+139
| | | | | | ... in addition to /etc/polkit/rules.d. Signed-off-by: David Zeuthen <davidz@redhat.com>
* docs: clarify how rules files workDavid Zeuthen2012-05-211-20/+51
| | | | | | After feedback from Matthias Clasen <mclasen@redhat.com>. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Also add an example of polkit.spawn() to polkit(8) man pageDavid Zeuthen2012-05-201-0/+20
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* docs: add AUTHORIZATION RULES section to the polkit(8) man pageDavid Zeuthen2012-05-201-0/+238
| | | | Signed-off-by: David Zeuthen <davidz@redhat.com>
* Don't include command-line in spawning error messagesDavid Zeuthen2012-05-181-8/+3
| | | | | | We don't even know it and it's not worth reconstructing it. Signed-off-by: David Zeuthen <davidz@redhat.com>
* Make polkit.spawn() take an array of arguments instead of a command-lineDavid Zeuthen2012-05-182-17/+40
| | | | | | Much safer and easier this way. Signed-off-by: David Zeuthen <davidz@redhat.com>
View Lorry Controller Status