bump to version 0.90 and ensure we're parallel installable with 0.9

This is the first move towards 1.0; also

 - kill the config file
 - merge libpolkit and libpolkit-dbus

Now to write a system daemon that libpolkit will use for the
backend. Expect HEAD to be broken for a few weeks at least.

Also see http://ometer.com/parallel.html for what "parallel
installable" means. As a result, all the binaries, man pages, .policy
file dir and so forth have been renamed too. I expect the API to
change a bit. So some (not much though) porting to PolicyKit 1.0 will
be required by current users.

Makefile.am

 ## Process this file with automake to produce Makefile.in
 
-SUBDIRS = data src polkitd doc tools policy po test
+SUBDIRS = data src doc tools policy po test
 
 # Creating ChangeLog from git log (taken from cairo/Makefile.am):
 ChangeLog: $(srcdir)/ChangeLog

README

@@ -12,15 +12,15 @@ documentation, mailing lists, etc.
 Rationale for permissions/modes for the default backend
 -------------------------------------------------------
 
-0770 root:polkituser /var/run/PolicyKit
-0770 root:polkituser /var/lib/PolicyKit
+0770 root:polkituser /var/run/polkit-1
+0770 root:polkituser /var/lib/polkit-1
 
 We store authorizations for each user here. Since we don't want users
 to know what authorizations other users has, no one can read these
 files. However, when checking authorizations we need to be able to
 read from here; we use this helper
 
-2755 root:polkituser /usr/libexec/polkit-read-auth-helper
+2755 root:polkituser /usr/libexec/polkit-read-auth-helper-1
 
 which can read from here since it's setgid 'polkituser'. This helper
 will refuse to return authorizations for other users than the calling
@@ -29,16 +29,16 @@ user except if the calling user is authorized for org.fd.pk.read.
 We also want to be able to grant authorizations through authentication.
 That happens with this helper
 
-2755 root:polkituser /usr/libexec/polkit-grant-helper
+2755 root:polkituser /usr/libexec/polkit-grant-helper-1
 
 This program is setgid 'polkituser' so it can write files in
-/var/{run,lib}/PolicyKit. Note that these files are created with mode
+/var/{run,lib}/polkit-1. Note that these files are created with mode
 464.
 
 To do the actual authentication check when granting authorizations
-through authentication, polkit-grant-helper uses another helper
+through authentication, polkit-grant-helper-1 uses another helper
 
-4754 root:polkituser /usr/libexec/polkit-grant-helper-pam
+4754 root:polkituser /usr/libexec/polkit-grant-helper-pam-1
 
 This one is setuid root because checking authentications might need
 require that (you may be checking the root password). The reason
@@ -48,33 +48,33 @@ can do this. Which polkit-grant-helper is.
 
 On to
 
-2755 root:polkituser /libexec/polkit-revoke-helper
+2755 root:polkituser /libexec/polkit-revoke-helper-1
 
 This one is used to revoke authorizations. It will only allow uid 0 and
 users with the org.fd.pk.revoke authorization to do so. It needs to be
 setgid polkituser to be able to modify authorization files
-in /var/{run,lib}/PolicyKit.
+in /var/{run,lib}/polkit-1.
 
-2755 root:polkituser /usr/libexec/polkit-explicit-grant-helper
+2755 root:polkituser /usr/libexec/polkit-explicit-grant-helper-1
 
 Same story as for polkit-revoke-helper only this grants authorizations.
 Only allowed for uid 0 and users with the org.fd.pk.grant authorization.
 
 On to
 
-0755 polkituser:root /var/lib/PolicyKit-public
+0755 polkituser:root /var/lib/polkit-public-1
 
 This is where we store modifications to the defaults. Anyone should be
 able to read these files. They are created with mode 644. These files
 are written / modified by this helper
 
-4755 polkituser:root /usr/libexec/polkit-set-default-helper
+4755 polkituser:root /usr/libexec/polkit-set-default-helper-1
 
 which is setuid polkituser to be able to write/modify files.
 
 On to
 
-4755 root:root /usr/libexec/polkit-resolve-exe-helper
+4755 root:root /usr/libexec/polkit-resolve-exe-helper-1
 
 This is used to find the executable name for a process. On Linux this is
 the /proc/<pid>/exe symlink and you can only do this for processes you
@@ -83,7 +83,7 @@ you but only if you have the org.fd.pk.read authorization. This is
 important to let e.g. user 'haldaemon' check authorizations for a user
 requesting service.
 
-0664 polkituser:polkituser /var/lib/misc/PolicyKit.reload
+0664 polkituser:polkituser /var/lib/misc/polkit-1.reload
 
 This file is used by libpolkit to detect when something has changed
 (authorizations granted/revoked, defaults changed etc.). It is

configure.in

 dnl Process this file with autoconf to produce a configure script.
 
 AC_PREREQ(2.59c)
-AC_INIT(PolicyKit, 0.9, http://lists.freedesktop.org/mailman/listinfo/polkit-devel)
-AM_INIT_AUTOMAKE(PolicyKit, 0.9)
+AC_INIT(PolicyKit, 0.90, http://lists.freedesktop.org/mailman/listinfo/polkit-devel)
+AM_INIT_AUTOMAKE(PolicyKit, 0.90)
 AM_CONFIG_HEADER(config.h)
 AM_MAINTAINER_MODE
 
@@ -10,7 +10,7 @@ AM_MAINTAINER_MODE
 #
 # See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details
 #
-LT_CURRENT=2
+LT_CURRENT=1
 LT_REVISION=0
 LT_AGE=0
 AC_SUBST(LT_CURRENT)
@@ -560,16 +560,13 @@ AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE],["$GETTEXT_PACKAGE"],[gettext domain])
 AC_OUTPUT([
 Makefile
 data/Makefile
-data/polkit
-data/polkit.pc
-data/polkit-dbus.pc
-data/polkit-grant.pc
+data/polkit-grant-1
+data/polkit-1.pc
+data/polkit-grant-1.pc
 src/Makefile
 src/kit/Makefile
 src/polkit/Makefile
-src/polkit-dbus/Makefile
 src/polkit-grant/Makefile
-polkitd/Makefile
 tools/Makefile
 doc/Makefile
 doc/version.xml
@@ -641,36 +638,36 @@ if test "${POLKIT_AUTHDB}" = default ; then
   echo "NOTE: Remember to create user ${POLKIT_USER} and group ${POLKIT_GROUP}"
   echo "      before 'make install'"
   echo
-  echo "NOTE: The directories ${localstatedir}/run/PolicyKit and ${localstatedir}/lib/PolicyKit will be"
+  echo "NOTE: The directories ${localstatedir}/run/polkit-1 and ${localstatedir}/lib/polkit-1 will be"
   echo "      owned by group ${POLKIT_GROUP} and will be mode 770."
   echo
-  echo "NOTE: The directory ${localstatedir}/lib/PolicyKit-public will be"
+  echo "NOTE: The directory ${localstatedir}/lib/polkit-public-1 will be"
   echo "      owned by user ${POLKIT_USER} and will be mode 755."
   echo
-  echo "NOTE: The file ${localstatedir}/lib/misc/PolicyKit.reload will be"
+  echo "NOTE: The file ${localstatedir}/lib/misc/polkit-1.reload will be"
   echo "      owned by user ${POLKIT_USER} and group ${POLKIT_GROUP} and will be mode 664."
   echo
-  echo "NOTE: ${libexecdir}/polkit-set-default-helper will be owned by"
+  echo "NOTE: ${libexecdir}/polkit-set-default-helper-1 will be owned by"
   echo "      user ${POLKIT_USER} and installed with mode 4755 (setuid binary)."
   echo
-  echo "NOTE: ${libexecdir}/polkit-read-auth-helper will be owned by"
+  echo "NOTE: ${libexecdir}/polkit-read-auth-helper-1 will be owned by"
   echo "      group ${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
   echo
-  echo "NOTE: ${libexecdir}/polkit-revoke-helper will be owned by"
+  echo "NOTE: ${libexecdir}/polkit-revoke-helper-1 will be owned by"
   echo "      group '${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
   echo
-  echo "NOTE: ${libexecdir}/polkit-grant-helper will be owned by"
+  echo "NOTE: ${libexecdir}/polkit-grant-helper-1 will be owned by"
   echo "      group ${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
   echo
-  echo "NOTE: ${libexecdir}/polkit-explicit-grant-helper will be owned by"
+  echo "NOTE: ${libexecdir}/polkit-explicit-grant-helper-1 will be owned by"
   echo "      group ${POLKIT_GROUP} and installed with mode 2755 (setgid binary)."
   echo
-  echo "NOTE: ${libexecdir}/polkit-grant-helper-pam will be owned by group"
+  echo "NOTE: ${libexecdir}/polkit-grant-helper-pam-1 will be owned by group"
   echo "      ${POLKIT_GROUP} and installed with mode 4754 (setuid root binary)."
 fi
 
 echo
-echo "NOTE: ${libexecdir}/polkit-resolve-exe-helper will be installed with"
+echo "NOTE: ${libexecdir}/polkit-resolve-exe-helper-1 will be installed with"
 echo "      mode 4755 (setuid root binary)."
 echo
 echo "NOTE: For packaging, remember to retain the modes and ownership."

data/Makefile.am

@@ -4,33 +4,18 @@
 #
 if POLKIT_AUTHFW_PAM
 pamdir = $(sysconfdir)/pam.d
-pam_DATA = polkit
+pam_DATA = polkit-grant-1
 endif
 
 pkgconfigdir = $(libdir)/pkgconfig
-pkgconfig_DATA = polkit.pc polkit-dbus.pc polkit-grant.pc
-
-confdir = $(sysconfdir)/PolicyKit
-conf_DATA = PolicyKit.conf
-
-dtddir = $(datadir)/PolicyKit
-dtd_DATA = config.dtd
+pkgconfig_DATA = polkit-1.pc polkit-grant-1.pc
 
 dbusifdir = $(datadir)/dbus-1/interfaces
-dbusif_DATA = org.freedesktop.PolicyKit.AuthenticationAgent.xml
+dbusif_DATA = org.freedesktop.PolicyKit.AuthenticationAgent1.xml
 
-DISTCLEANFILES = polkit.pc polkit-dbus.pc polkit-grant.pc PolicyKit.conf
+DISTCLEANFILES = polkit-1.pc polkit-grant-1.pc
 
-EXTRA_DIST = polkit.in polkit.pc.in polkit-dbus.pc.in polkit-grant.pc.in PolicyKit.conf.in config.dtd org.freedesktop.PolicyKit.AuthenticationAgent.xml
+EXTRA_DIST = polkit-grant-1.in polkit-1.pc.in polkit-grant-1.pc.in org.freedesktop.PolicyKit.AuthenticationAgent1.xml
 
 clean-local :
 	rm -f *~
-
-PolicyKit.conf: PolicyKit.conf.in Makefile
-	$(edit) $< >$@
-
-edit = sed \
-	-e 's|@docdir[@]|$(docdir)|g' \
-	-e 's|@sbindir[@]|$(sbindir)|g' \
-	-e 's|@sysconfdir[@]|$(sysconfdir)|g' \
-	-e 's|@datadir[@]|$(datadir)|g'

data/PolicyKit.conf.in

-<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
-
-<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
-"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
-
-<!-- See the manual page PolicyKit.conf(5) for file format -->
-
-<config version="0.1">
-</config>

data/config.dtd

-<!-- Document Type for PolicyKit configuration file -->
-
-<!-- <config> is the top-level element of the config file. -->
-<!ELEMENT config (match|return)* >
-<!ATTLIST config 
-    version (0.1) #REQUIRED
->
-
-<!ELEMENT match (match|return)* >
-<!ATTLIST match 
-          action     CDATA #IMPLIED
-          user       CDATA #IMPLIED
->
-
-<!ELEMENT return (#PCDATA) >
-<!ATTLIST return
-          result    (no|auth_root|auth_root_keep_session|auth_root_keep_always|auth_self|auth_self_keep_session|auth_self_keep_always|yes) #REQUIRED
->

data/org.freedesktop.PolicyKit.AuthenticationAgent.xml → data/org.freedesktop.PolicyKit.AuthenticationAgent1.xml

@@ -4,7 +4,7 @@
 <!-- This file is provided by the PolicyKit project -->
 
 <node>
-  <interface name="org.freedesktop.PolicyKit.AuthenticationAgent">
+  <interface name="org.freedesktop.PolicyKit.AuthenticationAgent1">
 
     <method name="ObtainAuthorization">
       <!-- IN: PolicyKit action identifier; see PolKitAction -->

data/polkit.pc.in → data/polkit-1.pc.in

@@ -2,10 +2,11 @@ prefix=@prefix@
 exec_prefix=@exec_prefix@
 libdir=@libdir@
 includedir=@includedir@
-policydir=@datarootdir@/PolicyKit/policy/
+policydir=@datarootdir@/polkit-1/policy/
+actiondir=@datarootdir@/polkit-1/policy/
 
 Name: polkit
-Description: library for querying system-wide policy
+Description: Authorization API
 Version: @VERSION@
-Libs: -L${libdir} -lpolkit
-Cflags: -I${includedir}/PolicyKit
+Libs: -L${libdir} -lpolkit-1
+Cflags: -I${includedir}/polkit-1

data/polkit-dbus.pc.in

-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@libdir@
-includedir=@includedir@
-
-Name: polkit-dbus
-Description: helper library for obtaining seat, session and caller information via D-Bus and ConsoleKit
-Version: @VERSION@
-Requires: polkit dbus-1
-Libs: -L${libdir} -lpolkit-dbus
-Cflags: -I${includedir}/PolicyKit

data/polkit-grant.pc.in → data/polkit-grant-1.pc.in

@@ -3,9 +3,9 @@ exec_prefix=@exec_prefix@
 libdir=@libdir@
 includedir=@includedir@
 
-Name: polkit-grant
-Description: library for obtaining privileges via PolicyKit
+Name: polkit-grant-1
+Description: Library for obtaining authorizations through authentication
 Version: @VERSION@
-Requires: glib-2.0 polkit
-Libs: -L${libdir} -lpolkit-grant
-Cflags: -I${includedir}/PolicyKit
+Requires: polkit-1
+Libs: -L${libdir} -lpolkit-grant-1
+Cflags: -I${includedir}/polkit-1

doc/Makefile.am

@@ -7,7 +7,7 @@ NULL =
 AUTOMAKE_OPTIONS = 1.7
 
 # The name of the module.
-DOC_MODULE=polkit
+DOC_MODULE=polkit-1
 
 # The top-level SGML file.
 DOC_MAIN_SGML_FILE=polkit-docs.xml
@@ -51,17 +51,15 @@ MKDB_OPTIONS=--sgml-mode --output-format=xml
 MKTMPL_OPTIONS=
 
 # Non-autogenerated SGML files to be included in $(DOC_MAIN_SGML_FILE)
-content_files =  			    \
-	version.xml			    \
-	man/PolicyKit.xml		    \
-	man/PolicyKit.conf.xml		    \
-	man/polkit-auth.xml		    \
-	man/polkit-action.xml		    \
-	man/polkit-policy-file-validate.xml \
-	man/polkit-config-file-validate.xml \
-	spec/polkit-spec-configuration.xml  \
-	spec/polkit-spec-introduction.xml   \
-	spec/polkit-spec-model.xml	    \
+content_files =  			    	\
+	version.xml			    	\
+	man/PolicyKit.xml		    	\
+	man/polkit-auth.xml		    	\
+	man/polkit-action.xml		    	\
+	man/polkit-policy-file-validate.xml 	\
+	spec/polkit-spec-configuration.xml  	\
+	spec/polkit-spec-introduction.xml   	\
+	spec/polkit-spec-model.xml	    	\
 	$(NULL)
 
 # Images to copy into HTML directory

doc/man/Makefile.am

 
 if MAN_PAGES_ENABLED
 
-man_MANS = polkit-auth.1 	         \
-	   polkit-action.1 		 \
-	   polkit-config-file-validate.1 \
-	   polkit-policy-file-validate.1 \
-	   PolicyKit.conf.5		 \
-	   PolicyKit.8
+man_MANS = polkit-auth-1.1 	           \
+	   polkit-action-1.1 		   \
+	   polkit-policy-file-validate-1.1 \
+	   PolicyKit-1.8
 
-%.1 %.5 %.8 : %.xml
+%-1.1 %-1.8 : %.xml
 	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
 
 endif # MAN_PAGES_ENABLED
 
-EXTRA_DIST= PolicyKit.conf.xml              \
-	    PolicyKit.xml                   \
-	    polkit-config-file-validate.xml \
-	    polkit-auth.xml	            \
-	    polkit-action.xml               \
+EXTRA_DIST= PolicyKit.xml                   	\
+	    polkit-auth.xml	            	\
+	    polkit-action.xml             	\
 	    polkit-policy-file-validate.xml
 
 clean-local:

doc/man/PolicyKit.conf.xml

-<refentry id="PolicyKit.conf.5">
-  <refentryinfo>
-    <title>PolicyKit.conf</title>
-    <date>August 2007</date>
-    <productname>PolicyKit</productname>
-  </refentryinfo>
-  
-  <refmeta>
-    <refentrytitle>PolicyKit.conf</refentrytitle>
-    <manvolnum>5</manvolnum>
-    <refmiscinfo class="version"></refmiscinfo>
-  </refmeta>
-  
-  <refnamediv>
-    <refname>PolicyKit.conf</refname>
-    <refpurpose>PolicyKit configuration file</refpurpose>
-  </refnamediv>
-  
-  <refsect1><title>DESCRIPTION</title> 
-    <para>
-      The <filename>/etc/PolicyKit/PolicyKit.conf</filename>
-      configuration file provides a way for system administrators to
-      override policy for mechanisms that use the PolicyKit library to
-      determine whether a caller is allowed to use the mechanism.
-    </para>
-    
-    <para>
-      Changes to this configuration file are immediately propagated to
-      running processes using the PolicyKit library. If the
-      configuration file is invalid, processes using this library will
-      log this fact to the system logger and the library will only
-      only return <emphasis>no</emphasis> as the answer to processes
-      using it.
-    </para>
-    
-    <para>
-      The <citerefentry><refentrytitle>polkit-config-file-validate</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-      tool can be used to verify that the configuration file is
-      valid.
-    </para>
-  </refsect1>
-  
-  <refsect1>
-    <title>FILE FORMAT</title> 
-    <para>
-      The configuration file is an XML document. It must have the
-      following doctype declaration:
-    </para>
-    
-    <programlisting>
-      <![CDATA[
-<!DOCTYPE pkconfig PUBLIC 
- "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
- "http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
-]]>
-    </programlisting>
-    
-    <para>
-      The following elements may be present in the configuration file:
-    </para>
-    
-    <refsect2>
-      <title>config</title>
-      <para>
-        This is the root element. A single
-        attribute <emphasis>version</emphasis> must be present and
-        must be set to "0.1" at this point. There can only be one
-        <emphasis>config</emphasis> element in the configuration file.
-      </para>
-    </refsect2>
-    
-    <refsect2>
-      <title>match</title>
-      <para>
-        This element is for matching information related to the
-        decision making process and includes values describing both
-        the caller and the action. This element can be embedded in
-        both <emphasis>config</emphasis> and
-        other <emphasis>match</emphasis> elements (hence allowing for
-        nested matching).
-      </para>
-      <para>
-        There can only be a single attribute in
-        each <emphasis>match</emphasis> element and POSIX Extended
-        Regular Expression syntax are supported in the value part. The
-        following attributes are supported:
-      </para>
-      
-      <variablelist>
-        <varlistentry>
-          <term><emphasis>user</emphasis></term>
-          <listitem>
-            <para>
-              This matches on the users login name.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>action</emphasis></term>
-          <listitem>
-            <para>
-              For matching on the given action being queried for, for
-              example
-              <emphasis>action="org.foo.*"</emphasis> will match
-              on all actions whose action identifier begins with
-              the string "org.foo.".
-            </para>
-          </listitem>
-        </varlistentry>
-      </variablelist>
-      
-    </refsect2>
-    
-    <refsect2>
-      <title>return</title>
-      <para>
-        This element is for used to specify what result the PolicyKit
-        library will return. It can only be embedded in
-        <emphasis>config</emphasis> and <emphasis>match</emphasis>
-        elements and can embed no elements
-        itself. The <emphasis>return</emphasis> element is
-        typically used deeply inside a number
-        of <emphasis>match</emphasis> elements. A single attribute,
-        <emphasis>result</emphasis> is supported and it can assume
-        the following values:
-      </para>
-      
-      <variablelist>
-        <varlistentry>
-          <term><emphasis>no</emphasis></term>
-          <listitem>
-            <para>
-              Access denied.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>auth_self</emphasis></term>
-          <listitem>
-            <para>
-              Access denied, but authentication of the caller as
-              himself will grant access to only that caller.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>auth_self_keep_session</emphasis></term>
-          <listitem>
-            <para>
-              Access denied, but authentication of the caller as
-              himself will grant access to any caller in the
-              session of the caller belongs to.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>auth_self_keep_always</emphasis></term>
-          <listitem>
-            <para>
-              Access denied, but authentication of the caller as
-              himself will grant access any caller with the given
-              uid in the future.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>auth_admin</emphasis></term>
-          <listitem>
-            <para>
-              Access denied, but authentication of the caller as
-              an administrative user will grant access to only
-              that caller.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>auth_admin_keep_session</emphasis></term>
-          <listitem>
-            <para>
-              Access denied, but authentication of the caller as
-              an administrative user will grant access to any caller
-              in the session of the caller belongs to.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>auth_admin_keep_always</emphasis></term>
-          <listitem>
-            <para>
-              Access denied, but authentication of the caller as
-              an administrative user will grant access any caller
-              with the given uid in the future.
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>yes</emphasis></term>
-          <listitem>
-            <para>
-              Access granted.
-            </para>
-          </listitem>
-        </varlistentry>
-      </variablelist>
-      
-    </refsect2>
-    
-    <refsect2>
-      <title>define_admin_auth</title>
-      <para>
-        This element is used to specify the meaning of
-        <emphasis>"authenticate as administrator"</emphasis>. It
-        is normally used at the top-level but can also be used
-        deep inside a number of
-        <emphasis>match</emphasis> elements for conditional
-        behavior.
-      </para>
-      
-      <para>
-        There can only be a single attribute in
-        each <emphasis>define_admin_auth</emphasis> element. POSIX
-        Extended Regular Expression syntax
-        is <emphasis>not</emphasis> supported in the value part,
-        however multiple values to match on can be separated with
-        the bar (|) character. The following attributes are
-        supported:
-      </para>
-      
-      <variablelist>
-        <varlistentry>
-          <term><emphasis>user</emphasis></term>
-          <listitem>
-            <para>
-              Administrator authentication means authenticate as
-              the given user(s). If
-              no <emphasis>define_admin_auth</emphasis> element is
-              given, the default is to
-              use <emphasis>user="root"</emphasis>
-              e.g. administrator authentication mean authenticate
-              as the super user.                  
-            </para>
-          </listitem>
-        </varlistentry>
-        
-        <varlistentry>
-          <term><emphasis>group</emphasis></term>