GitLab

This includes changing from POSIX types (uid_t, gid_t, pid_t) to
gint. Won't affect much since the size is the same. And we want this
anyway since it is needed to build the library on non-POSIX platforms.

Also get rid of AuthorizationClaim type and add D-Bus prototypes for a
couple of other methods.

Also port to use non-reffing structs in EggDBus HEAD.

This is the first move towards 1.0; also

 - kill the config file
 - merge libpolkit and libpolkit-dbus

Now to write a system daemon that libpolkit will use for the
backend. Expect HEAD to be broken for a few weeks at least.

Also see http://ometer.com/parallel.html for what "parallel
installable" means. As a result, all the binaries, man pages, .policy
file dir and so forth have been renamed too. I expect the API to
change a bit. So some (not much though) porting to PolicyKit 1.0 will
be required by current users.

getting closer...

$ grep glib *.c
polkit-authorization.c:#include <glib.h>
polkit-authorization-db.c:#include <glib.h>
polkit-authorization-db-dummy.c:#include <glib.h>
polkit-config.c:#include <glib.h>
polkit-context.c:#include <glib.h>
polkit-sysdeps.c:#include <glib.h>

This is primarily so gtk-doc can target only libraries. Needs lots of
fixing; will be done in upcoming commits.

Haven't moved the inotify stuff yet; not sure about what abstraction
we need...

This is necessary to make UI like this

 http://people.freedesktop.org/~david/Screenshot-Manage%20Authorizations.png

export some useful actions such as granting, revoking and displaying
authorizations.

Previously this API was internal, polkit/polkit-grant-database.[ch],
and linked into polkit-grant(1) and libpolkit-grant(3) through a
static library libpolkit-private.so.

Only polkit-grant have not been ported; libpolkit-grant(3) uses this
API natively now. Internally, right now, the new API just uses
polkit-grant-database.[ch] directly but that is about to change...

It makes things a _lot more_ complicated having to deal with resources
and there's a much nicer way to deal with it: Punt it to the apps:

It's much more natural for the application to have a notion about
about what resources are "trusted" (and e.g. requires lesser
privileges) and what resources aren't.

Consider dial-up networking; here the privileged application that
performs the dial-up operation consults a list (maintained by the
system administrator) of allowed numbers to dial. If the unprivileged
networking UI applet that requests a number to be dialed is on the
list it uses the PolicyKit action 'nm-dialup-trusted-location', if it
isn't then it uses the PolicyKit action 'nm-dialup-untrusted-location'.

It's more consistent and, uhm, easier to type.

 - Split libpolkit into three libraries
   - libpolkit : to be used only by mechanisms and modules
   - libpolkit-dbus : utility library for libpolkit to get caller, session
                      etc. info from the bus and ConsoleKit
   - libpolkit-grant : client side library for obtaining privileges; uses
                       a setgid helper internally

 - grant functionality
   - a helper library, libpolkit-grant, to gain privileges
     - includes a setgid $POLKIT_GROUP helper to write granted privileges
   - a PK module, to read and interpret granted privileges
   - a cmdline app, polkit-grant, using said library

 - Other changes
   - so it turns out that sizeof(bool) != sizeof(gboolean), sizeof(dbus_bool_t)
     This blows so define our own polkit_bool_t type
   - add some validation routines

The grant functionality, especially the setgid helper needs thorough
security review before we can release it.

This paves the way for writing

 1. A module that tracks temporary (look in /var/run) and permanent (look
    in /var/lib) privilege grants
 2. A D-Bus service to authenticate a client to obtain to a privilege
    grant and then writing the grant in temporary or permanent storage

Also, this feature lets people very easily lock down the system; just
edit /etc/PolicyKit/PolicyKit.conf; add pam-module-deny-all / -allow-all
stanzas with various privilege=<regexp> and user=<username> options.

Some of the code, e.g. the daemon, will be brought back in other forms.

Update to new D-BUS API
Update to new D-BUS API (main): --do--
New file
Add build rules for polkit-revoke-privilege
Fix up prototypes
Update to new D-BUS API
    (polkit_manager_get_allowed_resources_for_privilege): --do--
    (polkit_manager_revoke_temporary_privilege): New function
    (polkit_manager_remove_temporary_privilege): Fix up resource handling
    (polkit_manager_add_temporary_privilege): --do--
Update to new D-BUS API and export libpolkit_revoke_temporary_privilege()
Update to new D-BUS API
    (libpolkit_get_allowed_resources_for_privilege_for_uid): --do--
    (libpolkit_revoke_temporary_privilege): New function
Rename InitiatePrivilegeGrant() to InitiateTemporaryPrivilegeGrant(). Add
    new function RevokeTemporaryPrivilege(). Make IsUserPrivileged() output
    a boolean is_temporary. GetAllowedResourcesForPrivilege() now also
    outputs an integer num_non_temp.

    daemon.