Convert to polkit from usermode consolehelper for gaining root privileges

polkit is better integrated into various environments, both console and GUI
and offers better access rules and prevents the internal need to run
su which is prone to errors and doesn't offer an environment integrated
prompt to the user.

In this case the current package policy (in rpm spec) has been migrated
here and is as follows:

  drak3d requires authentication as the current user.

mga#11125

7 files changed, 62 insertions, 10 deletions

diff --git a/Makefile b/Makefile
index 832bfe1..397cc38 100644
--- a/Makefile
+++ b/Makefile
@@ -4,39 +4,41 @@ VERSION = 1.32
 DESTDIR=
 libdir=/usr/lib
 bindir=/usr/bin
-sbindir=/usr/sbin
+libexecdir=/usr/libexec
 desktopdir=/usr/share/applications
 autostartdir=/usr/share/autostart
 xinitdir=/etc/X11/xinit.d
 iconsdir=/usr/lib/libDrakX/icons
 pixmapsdir=/usr/share/libDrakX/pixmaps
 
-BIN_TOOLS= 
-SBIN_TOOLS=drak3d
+BIN_TOOLS= drak3d
 
 all:
 	(find lib -name '*.pm'; find bin -type f) | xargs perl -pi -e 's/\s*use\s+(diagnostics|vars|strict).*//g'
 	make -C po
+	make -C polkit/policy
 
 check:
 	@for p in `find lib -name *.pm`; do perl -cw -I$(libdir)/libDrakX $$p || exit 1; done
 	@for p in bin/*; do perl -cw $$p || exit 1; done
 
 install:
-	install -d $(DESTDIR){$(libdir),$(bindir),$(sbindir),$(desktopdir),$(autostartdir),$(xinitdir),$(iconsdir),$(pixmapsdir)}
+	install -d $(DESTDIR){$(libdir),$(bindir),$(libexecdir),$(desktopdir),$(autostartdir),$(xinitdir),$(iconsdir),$(pixmapsdir)}
 	cp -a lib/* $(DESTDIR)$(libdir)/libDrakX/
 	(cd bin; \
-	  [[ -n "$(BIN_TOOLS)" ]] && install -m755 $(BIN_TOOLS) $(DESTDIR)$(bindir); \
-	  install -m755 $(SBIN_TOOLS) $(DESTDIR)$(sbindir); \
+	  install -m755 $(BIN_TOOLS) $(DESTDIR)$(libexecdir); \
+	  install -m755 ../polkit/wrappers/* $(DESTDIR)$(bindir); \
 	)
 	#install -m644 $(wildcard data/*.desktop) $(DESTDIR)$(desktopdir)
 	install -m644 $(wildcard data/icons/*.png) $(DESTDIR)$(iconsdir)
 	#install -m644 $(wildcard data/pixmaps/*.png) $(DESTDIR)$(pixmapsdir)
 	#perl -pe 's/\s+--force//g' $(DESTDIR)$(desktopdir)/net_applet.desktop > $(DESTDIR)$(autostartdir)/net_applet.desktop
 	make -C po install
+	make -C polkit/policy install
 
 clean:
 	make -C po clean
+	make -C polkit/policy clean
 
 dist: dis 
 dis:
diff --git a/NEWS b/NEWS
index fba1067..af3f39f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,5 @@
+- use polkit for authorisation (mga#11125)
+
 1.32
 - fix broken translation (patch from Jaromír Cápík)
 
diff --git a/bin/drak3d b/bin/drak3d
index 14abbe0..0f2b3d4 100755
--- a/bin/drak3d
+++ b/bin/drak3d
@@ -32,10 +32,12 @@ use Xconfig::glx;
 use any;
 use Getopt::Long;
 
-my $in = eval { interactive->vnew('su') };
+my $in = eval { interactive->vnew };
 $in || $::auto or die $@;
 my $do_pkgs = $in ? $in->do_pkgs : do_pkgs_standalone->new;
 
+require_root_capability();
+
 sub exit_program { $in ? $in->exit(@_) : exit(@_) }
 
 my $glx = Xconfig::glx::detect_may_install($do_pkgs) or exit_program();
diff --git a/po/Makefile b/po/Makefile
index 8b2e62b..efcf69b 100644
--- a/po/Makefile
+++ b/po/Makefile
@@ -20,13 +20,19 @@ install: all
 	done
 
 clean:
-	rm -f *~ *.[oas] *.mo $(POTFILE) $(MOFILES) TAGS
+	rm -f *~ *.[oas] *.mo $(POTFILE) POTFILES.in $(MOFILES) TAGS
 
 %.mo: %.po
 	msgfmt -o $@ $<
 
-$(POTFILE): $(PL_FILES)
-	perl_checker -q --generate-pot $@ $(PL_FILES)
+$(POTFILE): $(PL_FILES) POTFILES.in
+	intltool-update --gettext-package non-perl --pot
+	perl_checker -q --generate-pot .$@ $(PL_FILES)
+	msgcat -w 2048 --use-first .$@ non-perl.pot > $@
+	rm -f non-perl.pot ..$@ .$@
+
+POTFILES.in:
+	(cd .. ; /bin/ls -1 polkit/policy/*.policy.in; ) > POTFILES.in
 
 update_n_merge: $(POTFILE) merge
 
diff --git a/polkit/policy/Makefile b/polkit/policy/Makefile
new file mode 100644
index 0000000..1de7222
--- /dev/null
+++ b/polkit/policy/Makefile
@@ -0,0 +1,16 @@
+POLKITPOLICYDEST = $(DESTDIR)/usr/share/polkit-1/actions
+
+POLICY_IN := $(wildcard *.policy.in)
+POLICY = $(POLICY_IN:.policy.in=.policy)
+
+all: $(POLICY)
+
+clean:
+	rm -f $(POLICY)
+
+install: all
+	install -d $(POLKITPOLICYDEST)
+	install -m644 $(POLICY) $(POLKITPOLICYDEST)
+
+%.policy:   %.policy.in
+	intltool-merge --utf8 ../../po $< $@ -x -u -c ../../po/.intltool-merge-cache
diff --git a/polkit/policy/org.mageia.drak3d.policy.in b/polkit/policy/org.mageia.drak3d.policy.in
new file mode 100644
index 0000000..ce262ec
--- /dev/null
+++ b/polkit/policy/org.mageia.drak3d.policy.in
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <vendor>Mageia</vendor>
+ <vendor_url>http://www.mageia.org/</vendor_url>
+
+ <action id="org.mageia.drak3d.pkexec.run">
+    <_description>Run Mageia 3D Desktop Configuration</_description>
+    <_message>Authentication is required to run Mageia 3D Desktop Configuration</_message>
+    <icon_name>drakconf</icon_name>
+    <defaults>
+     <allow_any>no</allow_any>
+     <allow_inactive>no</allow_inactive>
+     <allow_active>auth_self_keep</allow_active>
+    </defaults>
+    <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drak3d</annotate>
+    <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+</policyconfig>
diff --git a/polkit/wrappers/drak3d b/polkit/wrappers/drak3d
new file mode 100755
index 0000000..1f54048
--- /dev/null
+++ b/polkit/wrappers/drak3d
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/pkexec /usr/libexec/drak3d $*