From 997e27a4fc98763881e8c10fd8a071df7d3323ea Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Tue, 6 Jun 2006 14:48:27 +0000 Subject: Patch from Frederic Peters . jhbuild monitors files being installed and prevents them from being written out of its target directory. This means HAL now prevents jhautobuild[1] to complete since pam-polkit-console hardcodes /lib/security. Attached is a patch with a configure option (--with-pam-module-dir) so it is possible to set an other directory. [1] http://jhbuild.bxlug.be --- ChangeLog | 13 +++++++++++++ configure.in | 12 ++++++++++++ doc/spec/polkit-spec.html | 26 +++++++++++++------------- pam-polkit-console/Makefile.am | 2 +- 4 files changed, 39 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2928a6f..186b2b5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,16 @@ +2006-06-06 David Zeuthen + + Patch from Frederic Peters . jhbuild + monitors files being installed and prevents them from being + written out of its target directory. This means HAL now prevents + jhautobuild[1] to complete since pam-polkit-console hardcodes + /lib/security. Attached is a patch with a configure + option (--with-pam-module-dir) so it is possible to set an other + directory. [1] http://jhbuild.bxlug.be + + * pam-polkit-console/Makefile.am: + * configure.in: + 2006-06-06 David Zeuthen Patch from Frederic Peters . diff --git a/configure.in b/configure.in index ff053c0..ff061fd 100644 --- a/configure.in +++ b/configure.in @@ -266,6 +266,17 @@ AC_CHECK_HEADER(security/pam_modutil.h, [AC_DEFINE(HAVE_PAM_MODUTIL_H, [], "Have AC_CHECK_HEADER(security/pam_ext.h, [AC_DEFINE(HAVE_PAM_EXT_H, [], "Have pam_ext.h")]) AC_CHECK_LIB(pam, pam_vsyslog, [AC_DEFINE(HAVE_PAM_VSYSLOG, [], "Have pam_vsyslog")]) + +AC_ARG_WITH(pam-module-dir, [ --with-pam-module-dir=[dirname] directory to install PAM security module]) +if ! test -z "$with_pam_module_dir"; then + PAM_MODULE_DIR=$with_pam_module_dir +else + PAM_MODULE_DIR="/lib/security" +fi + +AC_SUBST(PAM_MODULE_DIR) + + AC_ARG_WITH(os-type, [ --with-os-type= distribution or OS (redhat)]) #### Check our operating system (distro-tweaks required) @@ -378,6 +389,7 @@ echo " localstatedir: ${LOCALSTATEDIR} docdir: ${DOCDIR} PAM prefix: ${PAM_PREFIX} + PAM module dir: ${PAM_MODULE_DIR} compiler: ${CC} cflags: ${CFLAGS} diff --git a/doc/spec/polkit-spec.html b/doc/spec/polkit-spec.html index 3646f64..51f6195 100644 --- a/doc/spec/polkit-spec.html +++ b/doc/spec/polkit-spec.html @@ -1,10 +1,10 @@ PolicyKit 0.2 Specification

PolicyKit 0.2 Specification

David Zeuthen


    
-   

Version 0.2

Table of Contents

1. Introduction
About
2. Theory of operation
Privileges
Architecture
Example
3. Resources
Resource Identifiers
4. Privileges
Privilege Descriptors
File Format
RequiredPrivileges: Required Privileges
SufficientPrivileges: Sufficient Privileges
Allow, Deny: Criteria for Possesing a Privilege
CanObtain: Obtaining Privileges
CanGrant: Granting Privileges
ObtainRequireRoot: Authentication Requirements
Privileges defined by PolicyKit
desktop-console : Users at a local console

Chapter 1. Introduction

Table of Contents

About

About

+   

Version 0.2

Table of Contents

1. Introduction
About
2. Theory of operation
Privileges
Architecture
Example
3. Resources
Resource Identifiers
4. Privileges
Privilege Descriptors
File Format
RequiredPrivileges: Required Privileges
SufficientPrivileges: Sufficient Privileges
Allow, Deny: Criteria for Possesing a Privilege
CanObtain: Obtaining Privileges
CanGrant: Granting Privileges
ObtainRequireRoot: Authentication Requirements
Privileges defined by PolicyKit
desktop-console : Users at a local console

Chapter 1. Introduction

Table of Contents

About

About

PolicyKit is a system for enabling unprivileged desktop applications to invoke privileged methods on system-wide components in a controlled manner. -

Chapter 2. Theory of operation

Table of Contents

Privileges
Architecture
Example

Privileges

+

Chapter 2. Theory of operation

Table of Contents

Privileges
Architecture
Example

Privileges

One major concept of the PolicyKit system is the notion of privileges; a PolicyKit privilege (referred to simply as @@ -17,7 +17,7 @@ allowed to invoke a method, the system level component defines a set of privileges. -

Architecture

+

Architecture

The PolicyKit system is basically client/server and is implemented as the system-wide org.freedesktop.PolicyKit D-BUS @@ -34,7 +34,7 @@ In addition, the PolicyKit system includes client side libraries and command-line utilities wrapping the D-BUS API of the org.freedesktop.PolicyKit service. -

Example

+

Example

As an example, HAL exports the method Mount on the org.freedesktop.Hal.Device.Volume interface @@ -96,20 +96,20 @@

The whole example is outlined in the diagram above. -

Chapter 3. Resources

Table of Contents

Resource Identifiers

+

Chapter 3. Resources

Table of Contents

Resource Identifiers

PolicyKit allows granting privileges only on certain resources. For example, for HAL, it is possible to grant the privilege hal-storage-fixed-mount to the user with uid 500 but only for the HAL device object representing e.g. the /dev/hda3 partition. -

Resource Identifiers

Resource identifers are prefixed with a name identifying +

Resource Identifiers

Resource identifers are prefixed with a name identifying what service they belong to. The following resource identifiers are defined

  • hal:// HAL Unique Device Identifiers also known as HAL UID's. Example: hal:///org/freedesktop/Hal/devices/volume_uuid_1a28b356_9955_44f9_b268_6ed6639978f5 -

Chapter 4. Privileges

Table of Contents

Privilege Descriptors
File Format
RequiredPrivileges: Required Privileges
SufficientPrivileges: Sufficient Privileges
Allow, Deny: Criteria for Possesing a Privilege
CanObtain: Obtaining Privileges
CanGrant: Granting Privileges
ObtainRequireRoot: Authentication Requirements
Privileges defined by PolicyKit
desktop-console : Users at a local console

Privilege Descriptors

+

Chapter 4. Privileges

Table of Contents

Privilege Descriptors
File Format
RequiredPrivileges: Required Privileges
SufficientPrivileges: Sufficient Privileges
Allow, Deny: Criteria for Possesing a Privilege
CanObtain: Obtaining Privileges
CanGrant: Granting Privileges
ObtainRequireRoot: Authentication Requirements
Privileges defined by PolicyKit
desktop-console : Users at a local console

Privilege Descriptors

Applications, such as HAL, installs privilege descriptors into the /etc/PolicyKit/privilege.d directory @@ -128,7 +128,7 @@ Information on whether the user can obtain the privilege, and if he can, whether only temporarily or permanently.

  • Whether a user with the privilege may permanently grant it to other users. -

    • File Format

    +

    File Format

    A developer of a system-wide application wanting to define a privilege must create a privilege descriptor. This is a a simple .ini-like config file. Here is what @@ -142,7 +142,7 @@ CanObtain= CanGrant= ObtainRequireRoot= -

    RequiredPrivileges: Required Privileges

    +

    RequiredPrivileges: Required Privileges

    This is a list of privileges the user must possess in order to possess the given privilege. If the user doesn't possess all of these privileges he is not considered to possess the @@ -151,7 +151,7 @@ for one or more resources. E.g., if foo is a required privilege then just having this privilege on one resource is sufficient. -

    SufficientPrivileges: Sufficient Privileges

    +

    SufficientPrivileges: Sufficient Privileges

    This is a list of privileges that, if a user possess any of these, he is consider to possess the given privilege. The list may be empty. A privilege in this list is considered @@ -159,7 +159,7 @@ resources. As with RequiredPrivileges, if foo is a sufficient privilege then just having this privilege on one resource is sufficient. -

    Allow, Deny: Criteria for Possesing a Privilege

    +

    Allow, Deny: Criteria for Possesing a Privilege

    Both Allow and Deny contains lists describing what users are allowed respectively denied the privilege. The elements of in each @@ -258,7 +258,7 @@ has CanObtain set to False, the user will always have to authenticate as the super user. -

    CanGrant: Granting Privileges

    +

    CanGrant: Granting Privileges

    This property (it can assume the values True and False) describes whether an user with the given privilege can @@ -289,7 +289,7 @@ the value True if this property assumes the value True. Otherwise this property effectively assumes the value False. -

    ObtainRequireRoot: Authentication Requirements

    +

    ObtainRequireRoot: Authentication Requirements

    If the property CanObtain assumes the value True or Temporary it means the user can diff --git a/pam-polkit-console/Makefile.am b/pam-polkit-console/Makefile.am index c0592f9..c72ac29 100644 --- a/pam-polkit-console/Makefile.am +++ b/pam-polkit-console/Makefile.am @@ -2,7 +2,7 @@ LOCKDIR = $(localstatedir)/run/polkit-console LOCKDIRMODE = 0700 -securelibdir = /lib/security +securelibdir = $(PAM_MODULE_DIR) securelib_LTLIBRARIES = pam_polkit_console.la pam_polkit_console_la_LDFLAGS = -no-undefined -avoid-version -module -- cgit v1.2.1