1. 12 Aug, 2009 1 commit
  2. 18 Jan, 2009 1 commit
  3. 06 Jan, 2009 1 commit
  4. 07 Dec, 2008 1 commit
  5. 03 Dec, 2008 1 commit
  6. 06 Nov, 2008 1 commit
  7. 15 Aug, 2008 1 commit
  8. 31 Jul, 2008 1 commit
    • David Zeuthen's avatar
      bump to version 0.90 and ensure we're parallel installable with 0.9 · 2a356677
      David Zeuthen authored
      This is the first move towards 1.0; also
       - kill the config file
       - merge libpolkit and libpolkit-dbus
      Now to write a system daemon that libpolkit will use for the
      backend. Expect HEAD to be broken for a few weeks at least.
      Also see http://ometer.com/parallel.html for what "parallel
      installable" means. As a result, all the binaries, man pages, .policy
      file dir and so forth have been renamed too. I expect the API to
      change a bit. So some (not much though) porting to PolicyKit 1.0 will
      be required by current users.
  9. 28 Nov, 2007 1 commit
  10. 10 Nov, 2007 1 commit
    • David Zeuthen's avatar
      split utility bits into a private statically linked library · cd68aa0a
      David Zeuthen authored
      getting closer...
      $ grep glib *.c
      polkit-authorization.c:#include <glib.h>
      polkit-authorization-db.c:#include <glib.h>
      polkit-authorization-db-dummy.c:#include <glib.h>
      polkit-config.c:#include <glib.h>
      polkit-context.c:#include <glib.h>
      polkit-sysdeps.c:#include <glib.h>
  11. 08 Nov, 2007 1 commit
  12. 05 Nov, 2007 1 commit
  13. 29 Oct, 2007 1 commit
  14. 23 Oct, 2007 1 commit
  15. 21 Oct, 2007 1 commit
  16. 12 Jul, 2007 1 commit
  17. 19 Jun, 2007 1 commit
    • David Zeuthen's avatar
      rip out the notion of Resources · 169c130d
      David Zeuthen authored
      It makes things a _lot more_ complicated having to deal with resources
      and there's a much nicer way to deal with it: Punt it to the apps:
      It's much more natural for the application to have a notion about
      about what resources are "trusted" (and e.g. requires lesser
      privileges) and what resources aren't.
      Consider dial-up networking; here the privileged application that
      performs the dial-up operation consults a list (maintained by the
      system administrator) of allowed numbers to dial. If the unprivileged
      networking UI applet that requests a number to be dialed is on the
      list it uses the PolicyKit action 'nm-dialup-trusted-location', if it
      isn't then it uses the PolicyKit action 'nm-dialup-untrusted-location'.
  18. 17 Apr, 2007 1 commit
  19. 15 Apr, 2007 1 commit
    • David Zeuthen's avatar
      add grant functionality + lots of other changes · a0570c50
      David Zeuthen authored
       - Split libpolkit into three libraries
         - libpolkit : to be used only by mechanisms and modules
         - libpolkit-dbus : utility library for libpolkit to get caller, session
                            etc. info from the bus and ConsoleKit
         - libpolkit-grant : client side library for obtaining privileges; uses
                             a setgid helper internally
       - grant functionality
         - a helper library, libpolkit-grant, to gain privileges
           - includes a setgid $POLKIT_GROUP helper to write granted privileges
         - a PK module, to read and interpret granted privileges
         - a cmdline app, polkit-grant, using said library
       - Other changes
         - so it turns out that sizeof(bool) != sizeof(gboolean), sizeof(dbus_bool_t)
           This blows so define our own polkit_bool_t type
         - add some validation routines
      The grant functionality, especially the setgid helper needs thorough
      security review before we can release it.
  20. 08 Apr, 2007 1 commit
    • David Zeuthen's avatar
      add module loading to PolicyKit · 3638c6c1
      David Zeuthen authored
      This paves the way for writing
       1. A module that tracks temporary (look in /var/run) and permanent (look
          in /var/lib) privilege grants
       2. A D-Bus service to authenticate a client to obtain to a privilege
          grant and then writing the grant in temporary or permanent storage
      Also, this feature lets people very easily lock down the system; just
      edit /etc/PolicyKit/PolicyKit.conf; add pam-module-deny-all / -allow-all
      stanzas with various privilege=<regexp> and user=<username> options.
  21. 04 Apr, 2007 2 commits
  22. 29 Mar, 2007 1 commit
  23. 28 Mar, 2007 3 commits
  24. 05 Jun, 2006 1 commit
  25. 22 Apr, 2006 1 commit
    • David Zeuthen's avatar
      Update to new D-BUS API; print " (temporary)" for privilege if appropriate. · 12d20fc8
      David Zeuthen authored
      Update to new D-BUS API
      Update to new D-BUS API (main): --do--
      New file
      Add build rules for polkit-revoke-privilege
      Fix up prototypes
      Update to new D-BUS API
          (polkit_manager_get_allowed_resources_for_privilege): --do--
          (polkit_manager_revoke_temporary_privilege): New function
          (polkit_manager_remove_temporary_privilege): Fix up resource handling
          (polkit_manager_add_temporary_privilege): --do--
      Update to new D-BUS API and export libpolkit_revoke_temporary_privilege()
      Update to new D-BUS API
          (libpolkit_get_allowed_resources_for_privilege_for_uid): --do--
          (libpolkit_revoke_temporary_privilege): New function
      Rename InitiatePrivilegeGrant() to InitiateTemporaryPrivilegeGrant(). Add
          new function RevokeTemporaryPrivilege(). Make IsUserPrivileged() output
          a boolean is_temporary. GetAllowedResourcesForPrivilege() now also
          outputs an integer num_non_temp.
  26. 14 Mar, 2006 1 commit
  27. 08 Mar, 2006 1 commit