1. 17 Apr, 2008 1 commit
  2. 16 Apr, 2008 1 commit
  3. 11 Apr, 2008 1 commit
  4. 10 Apr, 2008 1 commit
  5. 08 Apr, 2008 7 commits
  6. 04 Apr, 2008 1 commit
  7. 17 Mar, 2008 3 commits
  8. 04 Mar, 2008 7 commits
  9. 29 Feb, 2008 1 commit
  10. 28 Feb, 2008 2 commits
  11. 26 Feb, 2008 4 commits
    • David Zeuthen's avatar
      make polkit-policy-file-validate require that actions are properly packaged · 2b1a2a69
      David Zeuthen authored
      Meaning this bit was added to the spec:
      
         The name of the XML file is significant. Each XML file can only
         declare actions from the namespace of it's own name; for example
         actions org.foobar.action-a, org.foobar.action-b and
         org.foobar.action-c would all go into the file org.foobar.policy
         while actions com.my-company.product-awesome.action-a,
         com.mycompany.product-awesome.action-b would go into the file
         com.mycompany.product-awesome.policy.
      
      This is the output of the validator on a broken .policy file
      
        $ polkit-policy-file-validate /usr/share/PolicyKit/policy/gnome-clock-applet-mechanism.policy
        WARNING: The action org.gnome.clockapplet.mechanism.configurehwclock does not
                 belong in a policy file named gnome-clock-applet-mechanism.policy.
                 A future version of PolicyKit will ignore this action.
      
        WARNING: The action org.gnome.clockapplet.mechanism.settime does not
                 belong in a policy file named gnome-clock-applet-mechanism.policy.
                 A future version of PolicyKit will ignore this action.
      
        WARNING: The action org.gnome.clockapplet.mechanism.settimezone does not
                 belong in a policy file named gnome-clock-applet-mechanism.policy.
                 A future version of PolicyKit will ignore this action.
      
        ERROR: /usr/share/PolicyKit/policy/gnome-clock-applet-mechanism.policy did not validate
      
      We currently don't enforce this but will in a future version. The
      rationale is that we can avoid loading all .policy files at startup
      which would be a performance win.
      2b1a2a69
    • David Zeuthen's avatar
      fix doc in bugs for PolKitContextAddIOWatch · b3930e8b
      David Zeuthen authored
      pointed out by Dan Winship.
      b3930e8b
    • Holger Macht's avatar
      avoid reliance on DT_REG so we work on reiserfs as well · 0b59d3e7
      Holger Macht authored
      
      
      (with minor fixes from davidz for avoiding memory leaks)
      
      Recently I wondered why PolicyKit (especially polkit-auth) does not work
      on my system. While debugging, I noticed that the corresponding code works
      in my home directory, but not in the root filesystem.
      
      readdir() and its d_type are the culprits. Quoting the readdir manpage:
      
      [...]
      Other than Linux, the d_type field is available mainly only on BSD
      systems.  This field makes it possible to avoid the expense of calling
      stat() if further actions depend on the type of the file.
      [...]
      
      Filesystems may fill DT_UNKNOWN into this field, which reiserfs does, so
      call stat instead, which always does the right thing.
      Signed-off-by: Holger Macht's avatarHolger Macht <hmacht@suse.de>
      0b59d3e7
    • David Zeuthen's avatar
      avoid use normal timeout when showing auth dialog; use INT_MAX instead · fd51264a
      David Zeuthen authored
      Reported by Dan P. Berrange.
      fd51264a
  12. 18 Dec, 2007 1 commit
  13. 17 Dec, 2007 5 commits
    • Carlos Corbacho's avatar
      0d716714
    • Carlos Corbacho's avatar
      add Shadow authentication framework · ba2003a9
      Carlos Corbacho authored
      Add Piter PUNK's polkit-grant-helper-shadow, and link against the
      appropriate libraries.
      
      For now, the Shadow framework must be explictily called - in future,
      this could also be added as a fallback if PAM is not available.
      ba2003a9
    • David Zeuthen's avatar
      make polkit-grant-helper-pam world readable · 59081d0a
      David Zeuthen authored
      This is to avoid breaking various backup and IDS software - proposed
      by Michael Biebl <mbiebl@gmail.com>.
      59081d0a
    • Carlos Corbacho's avatar
      split out authentication framework from authorisation database · b5e019d7
      Carlos Corbacho authored
      As per discussions with David Zeuthen, alter the build system so that we
      can have different authentication frameworks for the authorisation
      databases.
      
      For now, the dummy database will only accept 'none' for the authentication
      framework (this will be autoselected if not specified, and configure will
      throw an error if any other framework than 'none' is specified is passed
      in).
      
      For the default database, the only available framework for now is 'pam'
      (as with 'none' and dummy, 'pam' will be autoselected if specified as the
      framework. If 'none' is passed as a framework, configure will reject this
      and fail).
      
      PAM specific code is now also marked with POLKIT_AUTHFW_PAM, so that it
      can be easily compiled out if other frameworks are added in future.
      b5e019d7
    • Carlos Corbacho's avatar
      remove unncessary PAM header inclusions · 28dc3169
      Carlos Corbacho authored
      Many files are needlessly including PAM headers, when the code in question
      has no PAM dependency - remove the PAM includes from these.
      28dc3169
  14. 07 Dec, 2007 5 commits