Commit 997e27a4 authored by David Zeuthen's avatar David Zeuthen

Patch from Frederic Peters <fpeters@entrouvert.com>. jhbuild monitors files

    being installed and prevents them from being written out of its target
    directory. This means HAL now prevents jhautobuild[1] to complete since
    pam-polkit-console hardcodes /lib/security. Attached is a patch with a
    configure option (--with-pam-module-dir) so it is possible to set an
    other directory. [1] http://jhbuild.bxlug.be
parent 8be672ff
2006-06-06 David Zeuthen <davidz@redhat.com>
Patch from Frederic Peters <fpeters@entrouvert.com>. jhbuild
monitors files being installed and prevents them from being
written out of its target directory. This means HAL now prevents
jhautobuild[1] to complete since pam-polkit-console hardcodes
/lib/security. Attached is a patch with a configure
option (--with-pam-module-dir) so it is possible to set an other
directory. [1] http://jhbuild.bxlug.be
* pam-polkit-console/Makefile.am:
* configure.in:
2006-06-06 David Zeuthen <davidz@redhat.com>
Patch from Frederic Peters <fpeters@entrouvert.com>.
......
......@@ -266,6 +266,17 @@ AC_CHECK_HEADER(security/pam_modutil.h, [AC_DEFINE(HAVE_PAM_MODUTIL_H, [], "Have
AC_CHECK_HEADER(security/pam_ext.h, [AC_DEFINE(HAVE_PAM_EXT_H, [], "Have pam_ext.h")])
AC_CHECK_LIB(pam, pam_vsyslog, [AC_DEFINE(HAVE_PAM_VSYSLOG, [], "Have pam_vsyslog")])
AC_ARG_WITH(pam-module-dir, [ --with-pam-module-dir=[dirname] directory to install PAM security module])
if ! test -z "$with_pam_module_dir"; then
PAM_MODULE_DIR=$with_pam_module_dir
else
PAM_MODULE_DIR="/lib/security"
fi
AC_SUBST(PAM_MODULE_DIR)
AC_ARG_WITH(os-type, [ --with-os-type=<os> distribution or OS (redhat)])
#### Check our operating system (distro-tweaks required)
......@@ -378,6 +389,7 @@ echo "
localstatedir: ${LOCALSTATEDIR}
docdir: ${DOCDIR}
PAM prefix: ${PAM_PREFIX}
PAM module dir: ${PAM_MODULE_DIR}
compiler: ${CC}
cflags: ${CFLAGS}
......
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>PolicyKit 0.2 Specification</title><meta name="generator" content="DocBook XSL Stylesheets V1.69.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="index"></a>PolicyKit 0.2 Specification</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">David</span> <span class="surname">Zeuthen</span></h3><div class="affiliation"><div class="address"><p><br>
    <code class="email">&lt;<a href="mailto:david@fubar.dk">david@fubar.dk</a>&gt;</code><br>
  </p></div></div></div></div></div><div><p class="releaseinfo">Version 0.2</p></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="chapter"><a href="#introduction">1. Introduction</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2484164">About</a></span></dt></dl></dd><dt><span class="chapter"><a href="#operation">2. Theory of operation</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2484188">Privileges</a></span></dt><dt><span class="sect1"><a href="#id2514878">Architecture</a></span></dt><dt><span class="sect1"><a href="#id2479395">Example</a></span></dt></dl></dd><dt><span class="chapter"><a href="#resources">3. Resources</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2479620">Resource Identifiers</a></span></dt></dl></dd><dt><span class="chapter"><a href="#privileges">4. Privileges</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2483424">Privilege Descriptors</a></span></dt><dt><span class="sect1"><a href="#id2483501">File Format</a></span></dt><dd><dl><dt><span class="sect2"><a href="#id2483526"><code class="literal">RequiredPrivileges</code>: Required Privileges</a></span></dt><dt><span class="sect2"><a href="#id2483555"><code class="literal">SufficientPrivileges</code>: Sufficient Privileges</a></span></dt><dt><span class="sect2"><a href="#id2483588"><code class="literal">Allow, Deny</code>: Criteria for Possesing a Privilege</a></span></dt><dt><span class="sect2"><a href="#can-obtain"><code class="literal">CanObtain</code>: Obtaining Privileges</a></span></dt><dt><span class="sect2"><a href="#id2479219"><code class="literal">CanGrant</code>: Granting Privileges</a></span></dt><dt><span class="sect2"><a href="#id2523872"><code class="literal">ObtainRequireRoot</code>: Authentication Requirements</a></span></dt></dl></dd><dt><span class="sect1"><a href="#privs-by-polkit">Privileges defined by PolicyKit</a></span></dt><dd><dl><dt><span class="sect2"><a href="#priv-desktop-console"><code class="literal">desktop-console</code> : Users at a local console</a></span></dt></dl></dd></dl></dd></dl></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="introduction"></a>Chapter 1. Introduction</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2484164">About</a></span></dt></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2484164"></a>About</h2></div></div></div><p>
  </p></div></div></div></div></div><div><p class="releaseinfo">Version 0.2</p></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="chapter"><a href="#introduction">1. Introduction</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2867132">About</a></span></dt></dl></dd><dt><span class="chapter"><a href="#operation">2. Theory of operation</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2867155">Privileges</a></span></dt><dt><span class="sect1"><a href="#id2897848">Architecture</a></span></dt><dt><span class="sect1"><a href="#id2862356">Example</a></span></dt></dl></dd><dt><span class="chapter"><a href="#resources">3. Resources</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2862581">Resource Identifiers</a></span></dt></dl></dd><dt><span class="chapter"><a href="#privileges">4. Privileges</a></span></dt><dd><dl><dt><span class="sect1"><a href="#id2866392">Privilege Descriptors</a></span></dt><dt><span class="sect1"><a href="#id2866469">File Format</a></span></dt><dd><dl><dt><span class="sect2"><a href="#id2866494"><code class="literal">RequiredPrivileges</code>: Required Privileges</a></span></dt><dt><span class="sect2"><a href="#id2866523"><code class="literal">SufficientPrivileges</code>: Sufficient Privileges</a></span></dt><dt><span class="sect2"><a href="#id2866556"><code class="literal">Allow, Deny</code>: Criteria for Possesing a Privilege</a></span></dt><dt><span class="sect2"><a href="#can-obtain"><code class="literal">CanObtain</code>: Obtaining Privileges</a></span></dt><dt><span class="sect2"><a href="#id2862178"><code class="literal">CanGrant</code>: Granting Privileges</a></span></dt><dt><span class="sect2"><a href="#id2906842"><code class="literal">ObtainRequireRoot</code>: Authentication Requirements</a></span></dt></dl></dd><dt><span class="sect1"><a href="#privs-by-polkit">Privileges defined by PolicyKit</a></span></dt><dd><dl><dt><span class="sect2"><a href="#priv-desktop-console"><code class="literal">desktop-console</code> : Users at a local console</a></span></dt></dl></dd></dl></dd></dl></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="introduction"></a>Chapter 1. Introduction</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2867132">About</a></span></dt></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2867132"></a>About</h2></div></div></div><p>
PolicyKit is a system for enabling unprivileged desktop
applications to invoke privileged methods on system-wide
components in a controlled manner.
</p></div></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="operation"></a>Chapter 2. Theory of operation</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2484188">Privileges</a></span></dt><dt><span class="sect1"><a href="#id2514878">Architecture</a></span></dt><dt><span class="sect1"><a href="#id2479395">Example</a></span></dt></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2484188"></a>Privileges</h2></div></div></div><p>
</p></div></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="operation"></a>Chapter 2. Theory of operation</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2867155">Privileges</a></span></dt><dt><span class="sect1"><a href="#id2897848">Architecture</a></span></dt><dt><span class="sect1"><a href="#id2862356">Example</a></span></dt></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2867155"></a>Privileges</h2></div></div></div><p>
One major concept of the PolicyKit system is the notion of
privileges; a <span class="emphasis"><em>PolicyKit privilege</em></span>
(referred to simply as
......@@ -17,7 +17,7 @@
allowed to invoke a method, the system level component defines
a set of
<span class="emphasis"><em>privileges</em></span>.
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2514878"></a>Architecture</h2></div></div></div><p>
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2897848"></a>Architecture</h2></div></div></div><p>
The PolicyKit system is basically client/server and is
implemented as the
system-wide <code class="literal">org.freedesktop.PolicyKit</code> D-BUS
......@@ -34,7 +34,7 @@
In addition, the PolicyKit system includes client side
libraries and command-line utilities wrapping the D-BUS API of
the <code class="literal">org.freedesktop.PolicyKit</code> service.
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2479395"></a>Example</h2></div></div></div><p>
</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2862356"></a>Example</h2></div></div></div><p>
As an example, HAL exports the method <code class="literal">Mount</code>
on the
<code class="literal">org.freedesktop.Hal.Device.Volume</code> interface
......@@ -96,20 +96,20 @@
<img src="polkit-arch.png">
</p><p>
The whole example is outlined in the diagram above.
</p></div></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="resources"></a>Chapter 3. Resources</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2479620">Resource Identifiers</a></span></dt></dl></div><p>
</p></div></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="resources"></a>Chapter 3. Resources</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2862581">Resource Identifiers</a></span></dt></dl></div><p>
PolicyKit allows granting privileges only on
certain <span class="emphasis"><em>resources</em></span>. For example, for HAL, it
is possible to grant the
privilege <span class="emphasis"><em>hal-storage-fixed-mount</em></span> to the
user with uid 500 but only for the HAL device object
representing e.g. the <code class="literal">/dev/hda3</code> partition.
</p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2479620"></a>Resource Identifiers</h2></div></div></div><p> Resource identifers are prefixed with a name identifying
</p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2862581"></a>Resource Identifiers</h2></div></div></div><p> Resource identifers are prefixed with a name identifying
what service they belong to. The following resource
identifiers are defined
</p><div class="itemizedlist"><ul type="disc"><li><p>
<code class="literal">hal://</code>
HAL Unique Device Identifiers also known as HAL UID's. Example: <code class="literal">hal:///org/freedesktop/Hal/devices/volume_uuid_1a28b356_9955_44f9_b268_6ed6639978f5</code>
</p></li></ul></div></div></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="privileges"></a>Chapter 4. Privileges</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2483424">Privilege Descriptors</a></span></dt><dt><span class="sect1"><a href="#id2483501">File Format</a></span></dt><dd><dl><dt><span class="sect2"><a href="#id2483526"><code class="literal">RequiredPrivileges</code>: Required Privileges</a></span></dt><dt><span class="sect2"><a href="#id2483555"><code class="literal">SufficientPrivileges</code>: Sufficient Privileges</a></span></dt><dt><span class="sect2"><a href="#id2483588"><code class="literal">Allow, Deny</code>: Criteria for Possesing a Privilege</a></span></dt><dt><span class="sect2"><a href="#can-obtain"><code class="literal">CanObtain</code>: Obtaining Privileges</a></span></dt><dt><span class="sect2"><a href="#id2479219"><code class="literal">CanGrant</code>: Granting Privileges</a></span></dt><dt><span class="sect2"><a href="#id2523872"><code class="literal">ObtainRequireRoot</code>: Authentication Requirements</a></span></dt></dl></dd><dt><span class="sect1"><a href="#privs-by-polkit">Privileges defined by PolicyKit</a></span></dt><dd><dl><dt><span class="sect2"><a href="#priv-desktop-console"><code class="literal">desktop-console</code> : Users at a local console</a></span></dt></dl></dd></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2483424"></a>Privilege Descriptors</h2></div></div></div><p>
</p></li></ul></div></div></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="privileges"></a>Chapter 4. Privileges</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="#id2866392">Privilege Descriptors</a></span></dt><dt><span class="sect1"><a href="#id2866469">File Format</a></span></dt><dd><dl><dt><span class="sect2"><a href="#id2866494"><code class="literal">RequiredPrivileges</code>: Required Privileges</a></span></dt><dt><span class="sect2"><a href="#id2866523"><code class="literal">SufficientPrivileges</code>: Sufficient Privileges</a></span></dt><dt><span class="sect2"><a href="#id2866556"><code class="literal">Allow, Deny</code>: Criteria for Possesing a Privilege</a></span></dt><dt><span class="sect2"><a href="#can-obtain"><code class="literal">CanObtain</code>: Obtaining Privileges</a></span></dt><dt><span class="sect2"><a href="#id2862178"><code class="literal">CanGrant</code>: Granting Privileges</a></span></dt><dt><span class="sect2"><a href="#id2906842"><code class="literal">ObtainRequireRoot</code>: Authentication Requirements</a></span></dt></dl></dd><dt><span class="sect1"><a href="#privs-by-polkit">Privileges defined by PolicyKit</a></span></dt><dd><dl><dt><span class="sect2"><a href="#priv-desktop-console"><code class="literal">desktop-console</code> : Users at a local console</a></span></dt></dl></dd></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2866392"></a>Privilege Descriptors</h2></div></div></div><p>
Applications, such as HAL, installs <span class="emphasis"><em>privilege
descriptors</em></span> into
the <code class="literal">/etc/PolicyKit/privilege.d</code> directory
......@@ -128,7 +128,7 @@
Information on whether the user can obtain the privilege, and if he can, whether only temporarily or permanently.
</p></li><li><p>
Whether a user with the privilege may permanently grant it to other users.
</p></li></ul></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2483501"></a>File Format</h2></div></div></div><p>
</p></li></ul></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2866469"></a>File Format</h2></div></div></div><p>
A developer of a system-wide application wanting to define a
privilege must create a privilege descriptor. This is a a
simple <code class="literal">.ini</code>-like config file. Here is what
......@@ -142,7 +142,7 @@
CanObtain=
CanGrant=
ObtainRequireRoot=
</pre><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2483526"></a><code class="literal">RequiredPrivileges</code>: Required Privileges</h3></div></div></div><p>
</pre><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2866494"></a><code class="literal">RequiredPrivileges</code>: Required Privileges</h3></div></div></div><p>
This is a list of privileges the user must possess in order
to possess the given privilege. If the user doesn't possess
all of these privileges he is not considered to possess the
......@@ -151,7 +151,7 @@
for one or more resources. E.g., if <code class="literal">foo</code>
is a required privilege then just having this privilege on
one resource is sufficient.
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2483555"></a><code class="literal">SufficientPrivileges</code>: Sufficient Privileges</h3></div></div></div><p>
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2866523"></a><code class="literal">SufficientPrivileges</code>: Sufficient Privileges</h3></div></div></div><p>
This is a list of privileges that, if a user possess any of
these, he is consider to possess the given privilege. The
list may be empty. A privilege in this list is considered
......@@ -159,7 +159,7 @@
resources. As with <code class="literal">RequiredPrivileges</code>,
if <code class="literal">foo</code> is a sufficient privilege then
just having this privilege on one resource is sufficient.
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2483588"></a><code class="literal">Allow, Deny</code>: Criteria for Possesing a Privilege</h3></div></div></div><p>
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2866556"></a><code class="literal">Allow, Deny</code>: Criteria for Possesing a Privilege</h3></div></div></div><p>
Both <code class="literal">Allow</code> and <code class="literal">Deny</code>
contains lists describing what users are allowed
respectively denied the privilege. The elements of in each
......@@ -258,7 +258,7 @@
has <code class="literal">CanObtain</code> set
to <code class="literal">False</code>, the user will always have to
authenticate as the super user.
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2479219"></a><code class="literal">CanGrant</code>: Granting Privileges</h3></div></div></div><p>
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2862178"></a><code class="literal">CanGrant</code>: Granting Privileges</h3></div></div></div><p>
This property (it can assume the
values <code class="literal">True</code> and <code class="literal">False</code>)
describes whether an user with the given privilege can
......@@ -289,7 +289,7 @@
the value <code class="literal">True</code> if this property assumes
the value <code class="literal">True</code>. Otherwise this property
effectively assumes the value <code class="literal">False</code>.
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2523872"></a><code class="literal">ObtainRequireRoot</code>: Authentication Requirements</h3></div></div></div><p>
</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2906842"></a><code class="literal">ObtainRequireRoot</code>: Authentication Requirements</h3></div></div></div><p>
If the property <code class="literal">CanObtain</code> assumes the
value <code class="literal">True</code>
or <code class="literal">Temporary</code> it means the user can
......
......@@ -2,7 +2,7 @@
LOCKDIR = $(localstatedir)/run/polkit-console
LOCKDIRMODE = 0700
securelibdir = /lib/security
securelibdir = $(PAM_MODULE_DIR)
securelib_LTLIBRARIES = pam_polkit_console.la
pam_polkit_console_la_LDFLAGS = -no-undefined -avoid-version -module
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment