Commits (20)
image: fedora:rawhide
image: fedora:latest
variables:
DEPENDENCIES: gcc
......@@ -18,27 +18,34 @@ variables:
pkgconfig(systemd)
pam-devel
python3-dbusmock
meson
git
dbus-devel
build_stable:
before_script:
- dnf upgrade -y --nogpgcheck fedora-release fedora-repos*
- dnf update -y && dnf install -y $DEPENDENCIES
- getent group polkitd >/dev/null || groupadd -r polkitd
- getent passwd polkitd >/dev/null || useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd
script:
- mkdir _build
- cd _build
- CPPFLAGS='-D_FORTIFY_SOURCE=2' ../autogen.sh
--disable-dependency-tracking
--enable-ansi
--enable-man-pages
--enable-test
--enable-libsystemd-login=yes
--enable-libelogind=no
- make
- make check
- make install
- meson setup
-D authfw=pam
-D examples=true
-D gtk_doc=true
-D introspection=true
-D man=true
-D session_tracking=libsystemd-login
-D tests=true
-D cpp_args="-D_FORTIFY_SOURCE=2"
builddir
- meson compile -C builddir
- meson test -C builddir
- meson install -C builddir
artifacts:
name: 'test logs'
when: 'always'
paths:
- '_build/test/*/*.log'
- 'builddir/meson-logs/*.txt'
......@@ -10,6 +10,10 @@ NULL =
EXTRA_DIST = \
HACKING \
meson.build \
meson_options.txt \
meson_post_install.py \
po/meson.build \
$(NULL)
# xsltproc barfs on 'make distcheck'; disable for now
......
--------------
polkit 0.119
--------------
WARNING WARNING WARNING: This is a prerelease on the road to polkit
1.0. Public API might change and certain parts of the code still needs
some security review. Use at your own risk.
This is polkit 0.119.
Highlights:
meson build system added
CVE-2021-3560 mitigation
Build requirements
glib, gobject, gio >= 2.32
mozjs-78
gobject-introspection >= 0.6.2 (optional)
pam (optional)
ConsoleKit OR systemd
Changes since polkit 0.118:
Inigo Martinez:
meson build system added alongside autotools (many thanks!!)
Matthias Classen:
properties in text listener
René Genz:
typos fixups
Balázs Úr:
Update Hungarian translation
Hendrik Werner:
meson post-install script mod to avoid calling external processes
Kevin Backhouse, Jan Rybar:
CVE-2021-3560 mitigation
Many thanks to all contributors!
Jan Rybar et al.,
June 3, 2021
--------------
polkit 0.118
--------------
......
......@@ -13,6 +13,9 @@ clean-local :
DISTCLEANFILES = org.freedesktop.policykit.policy
EXTRA_DIST = org.freedesktop.policykit.policy.in
EXTRA_DIST = \
org.freedesktop.policykit.policy.in \
meson.build \
$(NULL)
-include $(top_srcdir)/git.mk
policy = 'org.freedesktop.policykit.policy'
custom_target(
policy,
input: policy + '.in',
output: '@BASENAME@',
command: intltool_xml_cmd,
install: true,
install_dir: pk_pkgactiondir,
)
dnl Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59c)
AC_INIT([polkit], [0.118], [http://lists.freedesktop.org/mailman/listinfo/polkit-devel], , [http://www.freedesktop.org/wiki/Software/polkit])
AC_INIT([polkit], [0.119], [http://lists.freedesktop.org/mailman/listinfo/polkit-devel], , [http://www.freedesktop.org/wiki/Software/polkit])
AM_INIT_AUTOMAKE([])
AC_CONFIG_HEADERS(config.h)
AC_CONFIG_MACRO_DIR([buildutil])
......
......@@ -15,7 +15,7 @@ $(service_DATA): $(service_in_files) Makefile
# ----------------------------------------------------------------------------------------------------
dbusconfdir = $(sysconfdir)/dbus-1/system.d
dbusconfdir = $(datadir)/dbus-1/system.d
dbusconf_in_files = org.freedesktop.PolicyKit1.conf.in
dbusconf_DATA = $(dbusconf_in_files:.conf.in=.conf)
......@@ -57,6 +57,7 @@ CLEANFILES = $(BUILT_SOURCES)
EXTRA_DIST = \
org.freedesktop.PolicyKit1.Authority.xml \
org.freedesktop.PolicyKit1.AuthenticationAgent.xml \
meson.build \
$(service_in_files) \
$(dbusconf_in_files) \
$(systemdservice_in_files) \
......
service_conf = {'libprivdir': pk_prefix / pk_pkglibdir}
configure_file(
input: 'org.freedesktop.PolicyKit1.service.in',
output: '@BASENAME@',
configuration: service_conf,
install: true,
install_dir: dbus_system_bus_services_dir,
)
configure_file(
input: 'org.freedesktop.PolicyKit1.conf.in',
output: '@BASENAME@',
configuration: {'polkitd_user': polkitd_user},
install: true,
install_dir: dbus_policydir,
)
if enable_pam
configure_file(
input: 'polkit-1.in',
output: '@BASENAME@',
configuration: pam_conf,
install: true,
install_dir: pk_sysconfdir / 'pam.d',
)
endif
its_data = files(
'polkit.its',
'polkit.loc',
)
install_data(
its_data,
install_dir: pk_datadir / 'gettext/its',
)
if enable_logind
configure_file(
input: 'polkit.service.in',
output: '@BASENAME@',
configuration: service_conf,
install: true,
install_dir: systemd_systemdsystemunitdir,
)
endif
SUBDIRS = man polkit
EXTRA_DIST = version.xml.in
EXTRA_DIST = \
version.xml.in \
meson.build \
$(NULL)
-include $(top_srcdir)/git.mk
......@@ -24,6 +24,7 @@ EXTRA_DIST = \
pkcheck.xml \
pkaction.xml \
pkttyagent.xml \
meson.build \
$(NULL)
clean-local:
......
xsltproc = find_program('xsltproc', required: false)
assert(xsltproc.found(), 'xsltproc is required for man pages generation')
xsltproc_cmd = [
xsltproc,
'--output', '@OUTPUT@',
'--nonet',
'--stringparam', 'man.base.url.for.relative.links', pk_api_docpath + '/',
'http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl',
'@INPUT@',
]
mans = [
['polkit', '8'],
['polkitd', '8'],
['pkexec', '1'],
['pkcheck', '1'],
['pkaction', '1'],
['pkttyagent', '1'],
]
foreach man: mans
xml = files(man[0] + '.xml')
content_files += xml
output = '@0@.@1@'.format(man[0], man[1])
custom_target(
output,
input: xml,
output: output,
command: xsltproc_cmd,
install: true,
install_dir: pk_mandir / ('man' + man[1]),
)
endforeach
......@@ -6,7 +6,7 @@
<refentry id="polkit.8" xmlns:xi="http://www.w3.org/2003/XInclude">
<refentryinfo>
<title>polkit</title>
<date>January 2009</date>
<date>February 2021</date>
<productname>polkit</productname>
</refentryinfo>
......@@ -119,14 +119,14 @@ System Context | |
library wraps the polkit D-Bus API and is usable from any C/C++
program as well as higher-level languages supporting <ulink
url="https://live.gnome.org/GObjectIntrospection">GObjectIntrospection</ulink>
such as Javascript and Python. A mechanism can also use the
such as JavaScript and Python. A mechanism can also use the
D-Bus API or the <link
linkend="pkcheck.1"><citerefentry><refentrytitle>pkcheck</refentrytitle><manvolnum>1</manvolnum></citerefentry></link>
command to check authorizations. The
<literal>libpolkit-agent-1</literal> library provides an
abstraction of the native authentication system, e.g.
<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
and also facilities registration and communication with the
and also facilities for registration and communication with the
polkit D-Bus service.
</para>
......@@ -143,7 +143,7 @@ System Context | |
An authentication agent is used to make the user of a session
prove that the user of the session really is the user (by
authenticating as the user) or an administrative user (by
authenticating as a administrator). In order to integrate well
authenticating as an administrator). In order to integrate well
with the rest of the user session (e.g. match the look and
feel), authentication agents are meant to be provided by the
user session that the user uses. For example, an authentication
......@@ -173,7 +173,7 @@ System Context | |
</mediaobject>
<para>
If the system is configured without a <emphasis>root</emphasis>
account it may prompt for a specific user designated as the
account, it may prompt for a specific user designated as the
administrative user:
</para>
<mediaobject id="polkit-authentication-agent-example-wheel">
......@@ -200,9 +200,9 @@ System Context | |
</mediaobject>
<para>
Applications that do not run under a desktop environment (for
example, if launched from a
example, if launched from an
<citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry>
login) may not have have an authentication agent associated with
login) may not have an authentication agent associated with
them. Such applications may use the <link
linkend="PolkitAgentTextListener-struct">PolkitAgentTextListener</link>
type or the
......@@ -213,7 +213,7 @@ System Context | |
<refsect1 id="polkit-declaring-actions"><title>DECLARING ACTIONS</title>
<para>
A mechanism need to declare a set of <emphasis>actions</emphasis> in
A mechanism needs to declare a set of <emphasis>actions</emphasis> in
order to use polkit. Actions correspond to operations that
clients can request the mechanism to carry out and are defined
in XML files that the mechanism installs into the <filename
......@@ -223,7 +223,7 @@ System Context | |
<para>
polkit actions are namespaced and can only contain the
characters <literal>[A-Z][a-z][0-9].-</literal> e.g. ASCII,
characters "<literal>[A-Z][a-z][0-9].-</literal>", e.g. ASCII,
digits, period and hyphen. Each XML file can contain more than
one action but all actions need to be in the same namespace and
the file needs to be named after the namespace and have the
......@@ -280,8 +280,8 @@ System Context | |
<para>
Declares an action. The action name is specified using the
<literal>id</literal> attribute and can only contain the
characters <literal>[A-Z][a-z][0-9].-</literal>
e.g. ASCII, digits, period and hyphen.
characters "<literal>[A-Z][a-z][0-9].-</literal>
", e.g. ASCII, digits, period and hyphen.
</para>
</listitem>
</varlistentry>
......@@ -385,7 +385,7 @@ System Context | |
<listitem>
<para>
Used for annotating an action with a key/value pair. The
key is specified using the the <literal>key</literal>
key is specified using the <literal>key</literal>
attribute and the value is specified using the
<literal>value</literal> attribute. This element may
appear zero or more times. See below for known
......@@ -443,7 +443,7 @@ System Context | |
</para>
<para>
The <literal>org.freedesktop.policykit.imply</literal>
annotation (its value is a string containing a space separated
annotation (its value is a string containing a space-separated
list of action identifiers) can be used to define
<emphasis>meta actions</emphasis>. The way it works is that if
a subject is authorized for an action with this annotation,
......@@ -456,10 +456,10 @@ System Context | |
The <literal>org.freedesktop.policykit.owner</literal>
annotation can be used to define a set of users who can query
whether a client is authorized to perform this action. If
this annotation is not specified then only root can query
this annotation is not specified, then only root can query
whether a client running as a different user is authorized for
an action. The value of this annotation is a string
containing a space separated list of <link
containing a space-separated list of <link
linkend="PolkitIdentity-struct">PolkitIdentity</link> entries,
for example <literal>"unix-user:42
unix-user:colord"</literal>. A typical use of this annotation
......@@ -604,15 +604,15 @@ polkit.Result = {
<constant>"*_KEEP"</constant> constants (if similar functionality
is required, the authorization rule can easily implement
temporary authorizations using the
<ulink url="https://developer.mozilla.org/en/JavaScript/Reference/Global_Objects/Date"><type>Date</type></ulink>
<ulink url="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date"><type>Date</type></ulink>
type for timestamps).
</para>
<para>
The <function>addAdminRule()</function> method is used for
adding a function may be called whenever administrator
adding a function that may be called whenever administrator
authentication is required. The function is used to specify what
identies may be used for administrator authentication for the
identities may be used for administrator authentication for the
authorization check identified by <parameter>action</parameter>
and <parameter>subject</parameter>. Functions added are called in
the order they have been added until one of the functions
......@@ -630,13 +630,13 @@ polkit.Result = {
There is no guarantee that a function registered with
<function>addRule()</function> or
<function>addAdminRule()</function> is ever called - for example
an early rules file could register a function that always return
an early rules file could register a function that always returns
a value, hence ensuring that functions added later are never
called.
</para>
<para>
If user-provided code takes a long time to execute an exception
If user-provided code takes a long time to execute, an exception
will be thrown which normally results in the function being
terminated (the current limit is 15 seconds). This is used to
catch runaway scripts.
......@@ -648,7 +648,7 @@ polkit.Result = {
<parameter>argv</parameter> and waits for it to terminate. If an
error occurs or the helper doesn't exit normally with exit code
0, an exception is thrown. If the helper does not exit within 10
seconds it is killed. Otherwise, the program's
seconds, it is killed. Otherwise, the program's
<emphasis>standard output</emphasis> is returned as a string.
The <function>spawn()</function> method should be used sparingly
as helpers may take a very long or indeterminate amount of time
......@@ -728,7 +728,7 @@ May 24 14:28:50 thinkpad polkitd[32217]: /etc/polkit-1/rules.d/10-test.rules:4:
polkit variables passed from the mechanism. For example, the
<link linkend="pkexec.1"><citerefentry><refentrytitle>pkexec</refentrytitle><manvolnum>1</manvolnum></citerefentry></link>
mechanism sets the variable <parameter>program</parameter>
which can be obtained in Javascript using the expression
which can be obtained in JavaScript using the expression
<literal>action.lookup("program")</literal>. If there is
no value for the given <parameter>key</parameter>,
then <constant>undefined</constant> is returned.
......
pk_api_docpath = pk_prefix / gnome.gtkdoc_html_dir(pk_api_name)
enable_man = get_option('man')
if enable_man
subdir('man')
endif
enable_gtk_doc = get_option('gtk_doc')
if enable_gtk_doc
content_files += configure_file(
input: 'extensiondir.xml.in',
output: '@BASENAME@',
configuration: {'libdir': pk_prefix / pk_libdir},
)
content_files += configure_file(
input: 'version.xml.in',
output: '@BASENAME@',
configuration: {'VERSION': pk_version},
)
html_images = files(
'polkit-architecture.png',
'polkit-authentication-agent-example.png',
'polkit-authentication-agent-example-wheel.png',
)
subdir('polkit')
endif
......@@ -86,6 +86,8 @@ else
CLEANFILES =
endif
EXTRA_DIST = meson.build
CLEANFILES += *~ \
polkit-1-scan.* \
polkit-1.args \
......
doc_module = pk_api_name
src_dirs = [
source_root / 'src/polkit',
source_root / 'src/polkitagent',
]
private_headers = [
'polkitagenthelperprivate.h',
'polkitprivate.h',
]
content_files += files(
'docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml',
'docbook-interface-org.freedesktop.PolicyKit1.Authority.xml',
)
gnome.gtkdoc(
doc_module,
main_xml: doc_module + '-docs.xml',
src_dir: src_dirs,
ignore_headers: private_headers,
dependencies: libpolkit_agent_dep,
namespace: meson.project_name(),
html_assets: html_images,
fixxref_args: '--html-dir=' + pk_api_docpath,
gobject_typesfile: files(doc_module + '.types'),
content_files: content_files,
install: true,
)
project(
'polkit', ['c', 'cpp'],
version: '0.119',
license: 'LGPL2+',
default_options: [
'buildtype=debugoptimized',
'prefix=/usr',
'cpp_std=c++17',
],
meson_version: '>= 0.50.0',
)
pk_version = meson.project_version()
pk_api_version = '1'
pk_api_name = '@0@-@1@'.format(meson.project_name(), pk_api_version)
pk_gir_ns = 'Polkit'
pk_gir_version = '1.0'
pk_prefix = get_option('prefix')
pk_datadir = get_option('datadir')
pk_includedir = get_option('includedir')
pk_libdir = get_option('libdir')
pk_mandir = get_option('mandir')
pk_sysconfdir = get_option('sysconfdir')
pk_pkgdatadir = pk_datadir / pk_api_name
pk_pkgincludedir = pk_includedir / pk_api_name
pk_pkglibdir = pk_libdir / pk_api_name
pk_pkgsysconfdir = pk_sysconfdir / pk_api_name
pk_actiondir = pk_api_name / 'actions'
pk_pkgactiondir = pk_datadir / pk_actiondir
soversion = 0
current = 0
revision = 0
libversion = '@0@.@1@.@2@'.format(soversion, current, revision)
gnome = import('gnome')
i18n = import('i18n')
pkg = import('pkgconfig')
source_root = meson.current_source_dir()
build_root = meson.current_build_dir()
data_dir = source_root / 'data'
po_dir = source_root / 'po'
intltool_merge = find_program('intltool-merge')
intltool_cache = po_dir / '.intltool-merge-cache'
intltool_desktop_cmd = [intltool_merge, '-d', '-u', '-c', intltool_cache, po_dir, '@INPUT@', '@OUTPUT@']
intltool_xml_cmd = [intltool_merge, '-x', '-u', '-c', intltool_cache, po_dir, '@INPUT@', '@OUTPUT@']
top_inc = include_directories('.')
cc = meson.get_compiler('c')
config_h = configuration_data()
# defines
set_defines = [
# package
['PACKAGE_BUGREPORT', 'http://lists.freedesktop.org/mailman/listinfo/polkit-devel'],
['PACKAGE_NAME', meson.project_name()],
['PACKAGE_URL', 'http://www.freedesktop.org/wiki/Software/polkit'],
['PACKAGE_VERSION', pk_version],
['VERSION', pk_version],
# i18n
['GETTEXT_PACKAGE', pk_api_name],
]
foreach define: set_defines
config_h.set_quoted(define[0], define[1])
endforeach
# Globally define_GNU_SOURCE and therefore enable the GNU extensions
config_h.set('_GNU_SOURCE', true)
# functions
check_functions = [
'clearenv',
'fdatasync',
]
foreach func: check_functions
config_h.set('HAVE_' + func.to_upper(), cc.has_function(func))
endforeach
# compiler flags
common_c_flags = [
# FIXME: this should go as 'c_std=c99' in project's default_options.
# https://github.com/mesonbuild/meson/issues/1889
# https://github.com/mesonbuild/meson/pull/6729
'-std=c99',
'-DHAVE_CONFIG_H',
]
compiler_flags = []
compiler_c_flags = []
if get_option('buildtype').contains('debug')
compiler_c_flags += cc.get_supported_arguments([
'-Waggregate-return',
'-Wdeclaration-after-statement',
'-Wformat=2',
'-Wimplicit-function-declaration',
'-Winit-self',
'-Wmissing-declarations',
'-Wmissing-include-dirs',
'-Wmissing-prototypes',
'-Wstrict-prototypes',
])
endif
add_project_arguments(common_c_flags + compiler_c_flags, language: 'c')
glib_req_version = '>= 2.30.0'
gio_dep = dependency('gio-2.0', version: glib_req_version)
gio_unix_dep = dependency('gio-unix-2.0', version: glib_req_version)
glib_dep = dependency('glib-2.0', version: glib_req_version)
gobject_dep = dependency('gobject-2.0', version: glib_req_version)
expat_dep = dependency('expat')
assert(cc.has_header('expat.h', dependencies: expat_dep), 'Can\'t find expat.h. Please install expat.')
assert(cc.has_function('XML_ParserCreate', dependencies: expat_dep), 'Can\'t find expat library. Please install expat.')
mozjs_dep = dependency('mozjs-78')
dbus_dep = dependency('dbus-1')
dbus_confdir = dbus_dep.get_pkgconfig_variable('datadir', define_variable: ['datadir', pk_prefix / pk_datadir]) #changed from sysconfdir with respect to commit#8eada3836465838
dbus_policydir = dbus_confdir / 'dbus-1/system.d'
dbus_system_bus_services_dir = dbus_dep.get_pkgconfig_variable('system_bus_services_dir', define_variable: ['datadir', pk_prefix / pk_datadir])
# check OS
host_system = host_machine.system()
config_h.set('HAVE_' + host_system.to_upper(), true)
# Check whether setnetgrent has a return value
config_h.set('HAVE_NETGROUP_H', cc.has_header('netgroup.h'))
setnetgrent_return_src = '''
#include <stddef.h>
#ifdef HAVE_NETGROUP_H
#include <netgroup.h>
#else
#include <netdb.h>
#endif
int main() {
int r = setnetgrent (NULL);
};
'''
config_h.set('HAVE_SETNETGRENT_RETURN', cc.compiles(setnetgrent_return_src, name: 'setnetgrent return support'))
# Select wether to use libsystemd-login, libelogind or ConsoleKit for session tracking
session_tracking = get_option('session_tracking')
enable_logind = (session_tracking != 'ConsoleKit')
if enable_logind
if session_tracking == 'libsystemd-login'
logind_dep = dependency('libsystemd', required: false)
if not logind_dep.found()
logind_dep = dependency('libsystemd-login', not_found_message: 'libsystemd support requested but libsystemd or libsystemd-login library not found')
endif
else
logind_dep = dependency('libelogind', not_found_message: 'libelogind support requested but libelogind library not found')
endif
func = 'sd_uid_get_display'
config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
# systemd unit / service files
systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
if systemd_systemdsystemunitdir == ''
systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
# FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
endif
endif
config_h.set('HAVE_LIBSYSTEMD', enable_logind)
# User for running polkitd
polkitd_user = get_option('polkitd_user')
config_h.set_quoted('POLKITD_USER', polkitd_user)
# Select which authentication framework to use
auth_deps = []
auth_fw = get_option('authfw')
enable_pam = (auth_fw == 'pam')
if enable_pam
# Check for PAM
pam_dep = cc.find_library('pam')
assert(pam_dep.found() and cc.has_function('pam_start', dependencies: pam_dep), 'Could not find pam/pam-devel, please install the needed packages.')
# how to call pam_strerror
pam_strerror_src = '''
#include <stdio.h>
#include <stdlib.h>
#include <security/pam_appl.h>
#endif
int main() {
@0@
};
'''
# FIXME: Not necessary anymore?
if cc.compiles(pam_strerror_src.format('pam_handle_t *pamh = 0; char *s = pam_strerror(pamh, PAM_SUCCESS);'))
# FIXME: unused?
config_h.set('PAM_STRERROR_TWO_ARGS', true)
else
message('how to call pam_strerror: ' + cc.compiles(pam_strerror_src.format('char *s = pam_strerror(PAM_SUCCESS);')).to_string('1', 'unknown'))
endif
pam_prefix = get_option('pam_prefix')
if pam_prefix == ''
pam_prefix = pk_sysconfdir
else
message('PAM files will be installed in prefix ' + pam_prefix)
endif
pam_module_dir = get_option('pam_module_dir')
if pam_module_dir == ''
pam_module_dir = pk_libdir / 'security'
endif
auth_deps += pam_dep
elif auth_fw == 'shadow'
auth_deps += cc.find_library('crypt')
endif
config_h.set('POLKIT_AUTHFW_' + auth_fw.to_upper(), true)
# FIXME: sigtimedwait is not used anywhere?
'''
if host_system == 'solaris'
rt_dep = cc.find_library('rt')
cc.has_function('sigtimedwait', dependencies: rt_dep)
else
cc.has_function('sigtimedwait')
endif
'''
os_type = get_option('os_type')
if os_type == ''
os_paths = [
['redhat', '/etc/sysconfig/network-scripts'],
['suse', '/etc/SuSE-release'],
['debian', '/etc/debian_version'],
['gentoo', '/etc/gentoo-release'],
['pardus', '/etc/pardus-release'],
]
foreach os_path: os_paths
if run_command('test', '-e', os_path[1]).returncode() == 0
os_type = os_path[0]
break
endif
endforeach
if os_type == ''
message('Linux distribution autodetection failed, specify the distribution to target using -Dos_type=')
endif
endif
pam_include = get_option('pam_include')
if pam_include == ''
if ['suse', 'solaris'].contains(os_type)
pam_conf = {
'PAM_FILE_INCLUDE_AUTH': 'common-auth',
'PAM_FILE_INCLUDE_ACCOUNT': 'common-account',
'PAM_FILE_INCLUDE_PASSWORD': 'common-password',
'PAM_FILE_INCLUDE_SESSION': 'common-session',
}
elif os_type.contains('bsd')
pam_conf = {
'PAM_FILE_INCLUDE_AUTH': 'system',
'PAM_FILE_INCLUDE_ACCOUNT': 'system',
'PAM_FILE_INCLUDE_PASSWORD': 'system',
'PAM_FILE_INCLUDE_SESSION': 'system',
}
#if ['redhat', 'gentoo', 'pardus'].contains(os_type)
else
pam_conf = {
'PAM_FILE_INCLUDE_AUTH': 'system-auth',
'PAM_FILE_INCLUDE_ACCOUNT': 'system-auth',
'PAM_FILE_INCLUDE_PASSWORD': 'system-auth',
'PAM_FILE_INCLUDE_SESSION': 'system-auth',
}
endif
else
pam_conf = {
'PAM_FILE_INCLUDE_AUTH': pam_include,
'PAM_FILE_INCLUDE_ACCOUNT': pam_include,
'PAM_FILE_INCLUDE_PASSWORD': pam_include,
'PAM_FILE_INCLUDE_SESSION': pam_include,
}
endif
enable_introspection = get_option('introspection')
if enable_introspection
dependency('gobject-introspection-1.0', version: '>= 0.6.2')
endif
content_files = files('COPYING')
subdir('actions')
subdir('data')
subdir('src')
subdir('docs')
subdir('po')
enable_tests = get_option('tests')
if enable_tests
subdir('test')
endif
configure_file(
output: 'config.h',
configuration: config_h,
)
meson.add_install_script(
'meson_post_install.py',
get_option('bindir'),
pk_pkgdatadir,
pk_pkglibdir,
pk_pkgsysconfdir,
polkitd_user,
)
output = '\n ' + meson.project_name() + ' ' + meson.project_version() + '\n'
output += ' ============\n\n'
output += ' prefix: ' + pk_prefix + '\n'
output += ' datadir: ' + pk_datadir + '\n\n'
output += ' includedir: ' + pk_includedir + '\n'
output += ' libdir: ' + pk_libdir + '\n'
output += ' sysconfdir: ' + pk_sysconfdir + '\n'
output += ' source code location: ' + source_root + '\n'
output += ' compiler: ' + cc.get_id() + '\n'
output += ' c_flags: ' + ' '.join(compiler_c_flags) + '\n\n'
if enable_man
output += ' xsltproc: ' + xsltproc.path() + '\n'
endif
output += ' introspection: ' + enable_introspection.to_string() + '\n'
output += ' Distribution/OS: ' + os_type + '\n'
output += ' Authentication framework: ' + auth_fw + '\n'
output += ' Session tracking: ' + session_tracking + '\n'
if enable_logind
output += ' systemdsystemunitdir: ' + systemd_systemdsystemunitdir + '\n'
endif
output += ' polkitd user: ' + polkitd_user + ' \n'
output += ' PAM support: ' + enable_pam.to_string() + '\n\n'
if enable_pam
output += ' PAM file auth: ' + pam_conf['PAM_FILE_INCLUDE_AUTH'] + '\n'
output += ' PAM file acount: ' + pam_conf['PAM_FILE_INCLUDE_ACCOUNT'] + '\n'
output += ' PAM file password: ' + pam_conf['PAM_FILE_INCLUDE_PASSWORD'] + '\n'
output += ' PAM file session: ' + pam_conf['PAM_FILE_INCLUDE_SESSION'] + '\n\n'
endif
output += ' Building api docs: ' + enable_gtk_doc.to_string() + '\n'
output += ' Building man pages: ' + enable_man.to_string() + '\n'
output += ' Building examples: ' + enable_examples.to_string() + '\n'
output += ' Building tests: ' + enable_tests.to_string()
message(output)
option('session_tracking', type: 'combo', choices: ['libsystemd-login', 'libelogind', 'ConsoleKit'], value: 'ConsoleKit', description: 'session tracking (libsystemd-login/libelogind/ConsoleKit)')
option('systemdsystemunitdir', type: 'string', value: '', description: 'custom directory for systemd system units')
option('polkitd_user', type: 'string', value: 'polkitd', description: 'User for running polkitd (polkitd)')
option('authfw', type: 'combo', choices: ['pam', 'shadow', 'bsdauth'], value: 'pam', description: 'Authentication framework (pam/shadow)')
option('os_type', type: 'combo', choices: ['redhat', 'suse', 'gentoo', 'pardus', 'solaris', 'netbsd', ''], value: '', description: 'distribution or OS')
option('pam_include', type: 'string', value: '', description: 'pam file to include')
option('pam_module_dir', type: 'string', value: '', description: 'directory to install PAM security module')
option('pam_prefix', type: 'string', value: '', description: 'specify where pam files go')
option('examples', type: 'boolean', value: false, description: 'Build example programs')
option('tests', type: 'boolean', value: false, description: 'Build tests')
option('introspection', type: 'boolean', value: true, description: 'Enable introspection for this build')
option('gtk_doc', type: 'boolean', value: false, description: 'use gtk-doc to build documentation')
option('man', type: 'boolean', value: false, description: 'build manual pages')
#!/usr/bin/env python3
import getpass
import os
import pwd
import sys
prefix = os.environ['MESON_INSTALL_DESTDIR_PREFIX']
bindir = os.path.join(prefix, sys.argv[1])
pkgdatadir = os.path.join(prefix, sys.argv[2])
pkglibdir = os.path.join(prefix, sys.argv[3])
pkgsysconfdir = os.path.join(prefix, sys.argv[4])
polkitd_uid = pwd.getpwnam(sys.argv[5]).pw_uid
os.chmod(os.path.join(bindir, 'pkexec'), 0o4775)
dst_dirs = [
os.path.join(pkgsysconfdir, 'rules.d'),
os.path.join(pkgdatadir, 'rules.d')
]
for dst in dst_dirs:
if not os.path.exists(dst):
os.makedirs(dst, mode=0o700)
if getpass.getuser() == "root":
os.chown(dst, polkitd_uid, -1)
# polkit-agent-helper-1 need to be setuid root because it's used to
# authenticate not only the invoking user, but possibly also root
# and/or other users.
dst = os.path.join(pkglibdir, 'polkit-agent-helper-1')
os.chmod(dst, 0o4755)
if getpass.getuser() == "root":
os.chown(dst, 0, -1)
# Hungarian translation for polkit
# Copyright (C) 2016. Free Software Foundation, Inc.
# Hungarian translation for polkit.
# Copyright (C) 2016, 2021. Free Software Foundation, Inc.
# This file is distributed under the same license as the polkit package.
#
# Gabor Kelemen <kelemeng at ubuntu dot com>, 2016.
# Balázs Úr <ur.balazs at fsf dot hu>, 2021.
msgid ""
msgstr ""
"Project-Id-Version: polkit\n"
"Report-Msgid-Bugs-To: https://bugs.freedesktop.org/enter_bug.cgi?"
"product=PolicyKit&keywords=I18N+L10N&component=libpolkit\n"
"POT-Creation-Date: 2016-01-23 02:19+0000\n"
"PO-Revision-Date: 2016-01-23 14:43+0100\n"
"Last-Translator: Gabor Kelemen <kelemeng at ubuntu dot com>\n"
"Language-Team: Hungarian <translation-team-hu@lists.sourceforge.net>\n"
"Report-Msgid-Bugs-To: https://gitlab.freedesktop.org/polkit/polkit/issues\n"
"POT-Creation-Date: 2020-05-26 15:36+0000\n"
"PO-Revision-Date: 2021-03-18 01:19+0100\n"
"Last-Translator: Balázs Úr <ur.balazs at fsf dot hu>\n"
"Language-Team: Hungarian <gnome-hu-list at gnome dot org>\n"
"Language: hu\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Lokalize 1.5\n"
"X-Generator: Lokalize 19.12.3\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ../actions/org.freedesktop.policykit.policy.in.h:1
......@@ -37,31 +37,31 @@ msgid ""
"(user=$(user), user.gecos=$(user.gecos), user.display=$(user.display), "
"program=$(program), command_line=$(command_line))"
msgstr ""
"Hitelesítés szükséges a Frobnicate polkit példaprogram futtatásához "
"(user=$(user), user.gecos=$(user.gecos), user.display=$(user.display), "
"program=$(program), command_line=$(command_line))"
"Hitelesítés szükséges a Frobnicate polkit példaprogram futtatásához (user="
"$(user), user.gecos=$(user.gecos), user.display=$(user.display), program="
"$(program), command_line=$(command_line))"
#: ../src/programs/pkaction.c:100
#: ../src/programs/pkaction.c:101
msgid "Only output information about ACTION"
msgstr "Csak a MŰVELETRŐL írjon ki információkat"
#: ../src/programs/pkaction.c:100
#: ../src/programs/pkaction.c:101
msgid "ACTION"
msgstr "MŰVELET"
#: ../src/programs/pkaction.c:104
#: ../src/programs/pkaction.c:105
msgid "Output detailed action information"
msgstr "Részletes műveletinformációk megjelenítése"
#: ../src/programs/pkaction.c:108 ../src/programs/pkttyagent.c:61
#: ../src/programs/pkaction.c:109 ../src/programs/pkttyagent.c:95
msgid "Show version"
msgstr "Verziószám megjelenítése"
#: ../src/programs/pkaction.c:130
#: ../src/programs/pkaction.c:132
msgid "[--action-id ACTION]"
msgstr "[--action-id MŰVELET]"
#: ../src/programs/pkaction.c:131 ../src/programs/pkttyagent.c:81
#: ../src/programs/pkaction.c:133 ../src/programs/pkttyagent.c:118
#, c-format
msgid ""
"Report bugs to: %s\n"
......@@ -70,13 +70,13 @@ msgstr ""
"A hibák itt jelenthetők: %s\n"
"A %s honlapja: <%s>"
#: ../src/programs/pkaction.c:145 ../src/programs/pkcheck.c:491
#: ../src/programs/pkttyagent.c:95
#: ../src/programs/pkaction.c:147 ../src/programs/pkcheck.c:493
#: ../src/programs/pkttyagent.c:132
#, c-format
msgid "%s: Unexpected argument `%s'\n"
msgstr "%s: váratlan argumentum: „%s”\n"
#: ../src/programs/pkcheck.c:35
#: ../src/programs/pkcheck.c:36
#, c-format
msgid ""
"Usage:\n"
......@@ -140,23 +140,23 @@ msgstr ""
"A hibák itt jelenthetők: %s\n"
"A %s honlapja: <%s>\n"
#: ../src/programs/pkcheck.c:391 ../src/programs/pkcheck.c:424
#: ../src/programs/pkcheck.c:436
#: ../src/programs/pkcheck.c:393 ../src/programs/pkcheck.c:426
#: ../src/programs/pkcheck.c:438
#, c-format
msgid "%s: Argument expected after `%s'\n"
msgstr "%s: argumentum szükséges a következő után: „%s”\n"
#: ../src/programs/pkcheck.c:414
#: ../src/programs/pkcheck.c:416
#, c-format
msgid "%s: Invalid --process value `%s'\n"
msgstr "%s: Érvénytelen --process érték: „%s”\n"
#: ../src/programs/pkcheck.c:451 ../src/programs/pkcheck.c:460
#: ../src/programs/pkcheck.c:453 ../src/programs/pkcheck.c:462
#, c-format
msgid "%s: Two arguments expected after `--detail'\n"
msgstr "%s: Két argumentum szükséges a „--detail” után\n"
#: ../src/programs/pkcheck.c:521
#: ../src/programs/pkcheck.c:523
#, c-format
msgid "%s: Subject not specified\n"
msgstr "%s: Nincs megadva az alany\n"
......@@ -165,7 +165,7 @@ msgstr "%s: Nincs megadva az alany\n"
#. * translate the $(program) fragment - it will be expanded to the path
#. * of the program e.g. /bin/bash.
#.
#: ../src/programs/pkexec.c:794
#: ../src/programs/pkexec.c:790
msgid "Authentication is needed to run `$(program)' as the super user"
msgstr "Hitelesítés szükséges a(z) „$(program)” futtatásához rendszergazdaként"
......@@ -174,47 +174,41 @@ msgstr "Hitelesítés szükséges a(z) „$(program)” futtatásához rendszerg
#. * be expanded to the path of the program e.g. "/bin/bash" and the latter
#. * to the user e.g. "John Doe (johndoe)" or "johndoe".
#.
#: ../src/programs/pkexec.c:804
#: ../src/programs/pkexec.c:800
msgid "Authentication is needed to run `$(program)' as user $(user.display)"
msgstr ""
"Hitelesítés szükséges a(z) „$(program)” futtatásához $(user.display) "
"felhasználóként"
#: ../src/programs/pkttyagent.c:44
#: ../src/programs/pkttyagent.c:78
msgid "Don't replace existing agent if any"
msgstr "Ne cserélje a meglévő ügynököt, ha van"
#: ../src/programs/pkttyagent.c:48
#: ../src/programs/pkttyagent.c:82
msgid "Close FD when the agent is registered"
msgstr "Fájlleíró lezárása az ügynök regisztrálásakor"
#: ../src/programs/pkttyagent.c:48
#: ../src/programs/pkttyagent.c:82
msgid "FD"
msgstr "FD"
#: ../src/programs/pkttyagent.c:52
#: ../src/programs/pkttyagent.c:86
msgid "Register the agent for the specified process"
msgstr "Az ügynök regisztrálása a megadott folyamathoz"
#: ../src/programs/pkttyagent.c:53
#: ../src/programs/pkttyagent.c:87
msgid "PID[,START_TIME]"
msgstr "PID[,INDÍTÁSI_IDŐ]"
#: ../src/programs/pkttyagent.c:57
msgid "Register the agent owner of BUS_NAME"
msgstr "Az ügynök regisztrálása a BUSZNÉV tulajdonosaként"
#: ../src/programs/pkttyagent.c:91
msgid "Register the agent for the owner of BUS_NAME"
msgstr "Az ügynök regisztrálása a BUSZNÉV tulajdonosánál"
#: ../src/programs/pkttyagent.c:57
#: ../src/programs/pkttyagent.c:91
msgid "BUS_NAME"
msgstr "BUSZNÉV"
#: ../src/programs/pkttyagent.c:127
#: ../src/programs/pkttyagent.c:164
#, c-format
msgid "%s: Invalid process specifier `%s'\n"
msgstr "%s: Érvénytelen folyamatmegadás: „%s”\n"
#~ msgid "Configure lock down for an action"
#~ msgstr "Művelet zárolásának beállítása"
#~ msgid "Authentication is required to configure lock down policy"
#~ msgstr "Hitelesítés szükséges a zárolási házirend beállításáhozv"
i18n.gettext(pk_api_name, preset: 'glib')