1. 15 Dec, 2009 5 commits
  2. 11 Dec, 2009 4 commits
    • David Zeuthen's avatar
      Bug 25594 – System logging · c93407fa
      David Zeuthen authored
      For now we log the following events
      
      1. Daemon startup -> /var/log/messages
      --------------------------------------
      
      Dec 11 15:12:56 localhost polkitd[3035]: started daemon version 0.95 using authority implementation `local' version `0.95'
      
      2. Authentication agent -> /var/log/secure
      ------------------------------------------
      
      Dec 11 15:14:00 localhost polkitd(authority=local): Registered Authentication Agent for session /org/freedesktop/ConsoleKit/Session1 (system bus name :1.903 [./polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
      
      Dec 11 15:16:18 localhost polkitd(authority=local): Unregistered Authentication Agent for session /org/freedesktop/ConsoleKit/Session1 (system bus name :1.903, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
      
      3. Authorization checks
      -----------------------
      
      Dec 11 15:17:57 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2517:25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.905 [pkexec /usr/bin/pk-example-frobnicate])
      
      Dec 11 15:18:10 localhost polkitd(authority=local): ALLOWING action org.freedesktop.udisks.filesystem-mount-system-internal for system-bus-name::1.902 [palimpsest] owned by unix-user:davidz (check requested by system-bus-name::1.380 [/usr/libexec/udisks-daemon])
      
      4. Authorizations through authentication (both success and
         failures) -> /var/log/secure
      ----------------------------------------------------------
      
      Dec 11 15:19:01 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 successfully authenticated as unix-user:davidz to gain TEMPORARY authorization for action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2517:25785526 [bash] (owned by unix-user:davidz)
      Dec 11 15:19:01 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2517:25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.906 [pkexec /usr/bin/pk-example-frobnicate])
      
      Dec 11 15:19:10 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 successfully authenticated as unix-user:davidz to gain ONE-SHOT authorization for action org.freedesktop.policykit.exec for unix-process:2517:25785526 [bash] (owned by unix-user:davidz)
      Dec 11 15:19:10 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.exec for unix-process:2517:25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.908 [pkexec bash])
      
      Dec 11 15:19:10 localhost pkexec: pam_unix(polkit-1:session): session opened for user root by davidz(uid=500)
      Dec 11 15:19:22 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 FAILED to authenticate to gain authorization for action org.freedesktop.policykit.exec for unix-process:2517:25785526 [bash] (owned by unix-user:davidz)
      Dec 11 15:19:22 localhost polkitd(authority=local): DENYING action org.freedesktop.policykit.exec for unix-process:2517:25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.910 [pkexec bash])
      
      Dec 11 15:20:06 localhost polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session1 successfully authenticated as unix-user:bateman to gain ONE-SHOT authorization for action org.freedesktop.policykit.exec for unix-process:2517:25785526 [bash] (owned by unix-user:davidz)
      Dec 11 15:20:06 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.exec for unix-process:2517:25785526 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.913 [pkexec bash])
      Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
      c93407fa
    • David Zeuthen's avatar
      Fix up last comment · 8b6bd9c6
      David Zeuthen authored
      Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
      8b6bd9c6
    • David Zeuthen's avatar
      Run the open_session part of the PAM stack in pkexec(1) · 84958d37
      David Zeuthen authored
      This was pointed out in
      
      http://lists.freedesktop.org/archives/polkit-devel/2009-December/000276.html
      
      We already run the authentication and acct_mgmt parts in the
      authentication agent.
      Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
      84958d37
    • David Zeuthen's avatar
      Fix logic error in pk-example-frobnicate · 3e82e172
      David Zeuthen authored
      Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
      3e82e172
  3. 10 Dec, 2009 1 commit
    • David Zeuthen's avatar
      Bug 25367 — Also read local authority configuration data from /etc · 8e0b9b47
      David Zeuthen authored
      Turns out some people would rather edit local files in /etc rather
      than shipping them in a package (as e.g. Fedora does with the
      polkit-desktop-policy RPM).
      
      This also drops the hard-coded list of directory names such as
      10-vendor.d, 20-org.d - we now monitor the
      /var/lib/polkit-1/localauthority and /etc/polkit-1/localauthority
      directories for changes - whenever we see a subdirectory in any of
      these directories, we create an AuthorizationStore object that looks
      for .pkla files.
      Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
      8e0b9b47
  4. 13 Nov, 2009 4 commits
  5. 12 Nov, 2009 1 commit
  6. 11 Nov, 2009 4 commits
  7. 21 Oct, 2009 3 commits
  8. 16 Oct, 2009 1 commit
  9. 15 Oct, 2009 1 commit
  10. 29 Sep, 2009 1 commit
  11. 16 Sep, 2009 1 commit
  12. 14 Sep, 2009 2 commits
  13. 13 Sep, 2009 10 commits
  14. 12 Sep, 2009 1 commit
  15. 11 Sep, 2009 1 commit