1. 11 Apr, 2008 1 commit
  2. 08 Apr, 2008 1 commit
  3. 17 Mar, 2008 3 commits
  4. 07 Dec, 2007 1 commit
  5. 06 Dec, 2007 1 commit
  6. 30 Nov, 2007 3 commits
  7. 29 Nov, 2007 1 commit
  8. 28 Nov, 2007 1 commit
  9. 25 Nov, 2007 1 commit
  10. 20 Nov, 2007 2 commits
    • David Zeuthen's avatar
      define abstract Authentication Agent interface and make polkit-auth(1) use it · ff9f8745
      David Zeuthen authored
      Also provide a convenience function to access it: polkit_auth_obtain().
      ff9f8745
    • David Zeuthen's avatar
      add support for negative authorizations · 45f52acb
      David Zeuthen authored
      Negative authorizations is a way to block an entity; previously the
      algorithm was something like (ignoring the config file for now)
      
        Result is_authorized() {
          res = has_implicit_auth();
          if (res == YES) {
            return YES;
          } else if (has_explicit_auth()) {
            return YES;
          }
          return res;
        }
      
      Now it's
      
        Result is_authorized() {
          res = has_implicit_auth();
          expl = has_explicit_auth();
          is_blocked = has_negative_explicit_auth();
      
          if (is_blocked)
            return NO;
      
          if (res == YES) {
            return YES;
          } else if (has_explicit_auth()) {
            return YES;
          }
          return res;
        }
      
      E.g. just a single negative auth will force NO to be returned. I
      really, really need to write into the spec how this works; my mental
      L1 cache can't contain it anymore. Once it's formally defined we need
      to craft a test suite to verify that the code works according to
      spec...
      45f52acb
  11. 17 Nov, 2007 1 commit
  12. 12 Nov, 2007 1 commit
  13. 11 Nov, 2007 2 commits
  14. 10 Nov, 2007 1 commit
    • David Zeuthen's avatar
      split utility bits into a private statically linked library · cd68aa0a
      David Zeuthen authored
      getting closer...
      
      $ grep glib *.c
      polkit-authorization.c:#include <glib.h>
      polkit-authorization-db.c:#include <glib.h>
      polkit-authorization-db-dummy.c:#include <glib.h>
      polkit-config.c:#include <glib.h>
      polkit-context.c:#include <glib.h>
      polkit-sysdeps.c:#include <glib.h>
      cd68aa0a
  15. 08 Nov, 2007 2 commits
  16. 01 Nov, 2007 1 commit
  17. 31 Oct, 2007 1 commit
  18. 30 Oct, 2007 1 commit
  19. 29 Oct, 2007 5 commits
  20. 28 Oct, 2007 1 commit
    • David Zeuthen's avatar
      rewrite authorization database and polkit-grant (now known as polkit-auth) · bed2fe1c
      David Zeuthen authored
      Also,
      
       - Rename polkit-list-actions to polkit-action.
       - Add a bash completion script to the polkit commandline tools.
      
      Authorizations are no longer world-readable. So for this to work with
      hal you now need to do this as root
      
       # polkit-auth --user haldaemon --grant org.freedesktop.policykit.read
      
      Distributions needs to do this in the %post scripts or similar.
      
      Sorry for this huge monster patch.
      bed2fe1c
  21. 23 Oct, 2007 1 commit