1. 15 Apr, 2007 1 commit
    • David Zeuthen's avatar
      add grant functionality + lots of other changes · a0570c50
      David Zeuthen authored
       - Split libpolkit into three libraries
         - libpolkit : to be used only by mechanisms and modules
         - libpolkit-dbus : utility library for libpolkit to get caller, session
                            etc. info from the bus and ConsoleKit
         - libpolkit-grant : client side library for obtaining privileges; uses
                             a setgid helper internally
       - grant functionality
         - a helper library, libpolkit-grant, to gain privileges
           - includes a setgid $POLKIT_GROUP helper to write granted privileges
         - a PK module, to read and interpret granted privileges
         - a cmdline app, polkit-grant, using said library
       - Other changes
         - so it turns out that sizeof(bool) != sizeof(gboolean), sizeof(dbus_bool_t)
           This blows so define our own polkit_bool_t type
         - add some validation routines
      The grant functionality, especially the setgid helper needs thorough
      security review before we can release it.
  2. 08 Apr, 2007 1 commit
    • David Zeuthen's avatar
      add module loading to PolicyKit · 3638c6c1
      David Zeuthen authored
      This paves the way for writing
       1. A module that tracks temporary (look in /var/run) and permanent (look
          in /var/lib) privilege grants
       2. A D-Bus service to authenticate a client to obtain to a privilege
          grant and then writing the grant in temporary or permanent storage
      Also, this feature lets people very easily lock down the system; just
      edit /etc/PolicyKit/PolicyKit.conf; add pam-module-deny-all / -allow-all
      stanzas with various privilege=<regexp> and user=<username> options.