diff options
author | Colin Guthrie <colin@mageia.org> | 2013-09-29 19:23:42 +0100 |
---|---|---|
committer | Colin Guthrie <colin@mageia.org> | 2013-09-29 20:33:01 +0100 |
commit | 0e4d73a7ded23e8b5a76d58bd5b448dd9e884ef9 (patch) | |
tree | 0e1ed9f5a239645bd586f307d6ffdd4b384c4291 /polkit | |
parent | c610e1839b3903497a6f6d9009d997b7ac88eea5 (diff) | |
download | drakx-net-0e4d73a7ded23e8b5a76d58bd5b448dd9e884ef9.tar drakx-net-0e4d73a7ded23e8b5a76d58bd5b448dd9e884ef9.tar.gz drakx-net-0e4d73a7ded23e8b5a76d58bd5b448dd9e884ef9.tar.bz2 drakx-net-0e4d73a7ded23e8b5a76d58bd5b448dd9e884ef9.tar.xz drakx-net-0e4d73a7ded23e8b5a76d58bd5b448dd9e884ef9.zip |
Convert to polkit from usermode consolehelper for gaining root privileges
polkit is better integrated into various environments, both console and GUI
and offers better access rules and prevents the internal need to run
su which is prone to errors and doesn't offer an environment agnostic
prompt to the user.
In this case the current package policy (in rpm spec) has been migrated
here and is as follows:
draknetcenter requires authentication as the current user.
Everything else require authentication as an administrator.
Diffstat (limited to 'polkit')
27 files changed, 328 insertions, 0 deletions
diff --git a/polkit/policy/Makefile b/polkit/policy/Makefile new file mode 100644 index 0000000..1de7222 --- /dev/null +++ b/polkit/policy/Makefile @@ -0,0 +1,16 @@ +POLKITPOLICYDEST = $(DESTDIR)/usr/share/polkit-1/actions + +POLICY_IN := $(wildcard *.policy.in) +POLICY = $(POLICY_IN:.policy.in=.policy) + +all: $(POLICY) + +clean: + rm -f $(POLICY) + +install: all + install -d $(POLKITPOLICYDEST) + install -m644 $(POLICY) $(POLKITPOLICYDEST) + +%.policy: %.policy.in + intltool-merge --utf8 ../../po $< $@ -x -u -c ../../po/.intltool-merge-cache diff --git a/polkit/policy/org.mageia.drakconnect.policy.in b/polkit/policy/org.mageia.drakconnect.policy.in new file mode 100644 index 0000000..d7432ac --- /dev/null +++ b/polkit/policy/org.mageia.drakconnect.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakconnect.pkexec.run"> + <_description>Run Mageia Network Connection Configuration</_description> + <_message>Authentication is required to run Mageia Network Connection Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakconnect</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakfirewall.policy.in b/polkit/policy/org.mageia.drakfirewall.policy.in new file mode 100644 index 0000000..3b15fc9 --- /dev/null +++ b/polkit/policy/org.mageia.drakfirewall.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakfirewall.pkexec.run"> + <_description>Run Mageia Firewall Configuration</_description> + <_message>Authentication is required to run Mageia Firewall Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakfirewall</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakgw.policy.in b/polkit/policy/org.mageia.drakgw.policy.in new file mode 100644 index 0000000..496ad3b --- /dev/null +++ b/polkit/policy/org.mageia.drakgw.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakgw.pkexec.run"> + <_description>Run Mageia Internet Sharing Configuration</_description> + <_message>Authentication is required to run Mageia Internet Sharing Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakgw</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakhosts.policy.in b/polkit/policy/org.mageia.drakhosts.policy.in new file mode 100644 index 0000000..93cc6d5 --- /dev/null +++ b/polkit/policy/org.mageia.drakhosts.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakhosts.pkexec.run"> + <_description>Run Mageia Local Host Names Configuration</_description> + <_message>Authentication is required to run Mageia Local Host Names Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakhosts</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakids.policy.in b/polkit/policy/org.mageia.drakids.policy.in new file mode 100644 index 0000000..de0647d --- /dev/null +++ b/polkit/policy/org.mageia.drakids.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakids.pkexec.run"> + <_description>Run Mageia IDS Configuration</_description> + <_message>Authentication is required to run Mageia IDS Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakids</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakinvictus.policy.in b/polkit/policy/org.mageia.drakinvictus.policy.in new file mode 100644 index 0000000..25f6264 --- /dev/null +++ b/polkit/policy/org.mageia.drakinvictus.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakinvictus.pkexec.run"> + <_description>Run Mageia Firewall Configuration</_description> + <_message>Authentication is required to run Mageia Firewall Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakinvictus</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.draknetcenter.policy.in b/polkit/policy/org.mageia.draknetcenter.policy.in new file mode 100644 index 0000000..3848592 --- /dev/null +++ b/polkit/policy/org.mageia.draknetcenter.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.draknetcenter.pkexec.run"> + <_description>Run Mageia Network Center</_description> + <_message>Authentication is required to run Mageia Network Center</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_self_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/draknetcenter</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.draknetprofile.policy.in b/polkit/policy/org.mageia.draknetprofile.policy.in new file mode 100644 index 0000000..2ae364b --- /dev/null +++ b/polkit/policy/org.mageia.draknetprofile.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.draknetprofile.pkexec.run"> + <_description>Run Mageia Network Profile Configuration</_description> + <_message>Authentication is required to run Mageia Network Profile Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/draknetprofile</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.draknfs.policy.in b/polkit/policy/org.mageia.draknfs.policy.in new file mode 100644 index 0000000..cec39f6 --- /dev/null +++ b/polkit/policy/org.mageia.draknfs.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.draknfs.pkexec.run"> + <_description>Run Mageia NFS Shares Configuration</_description> + <_message>Authentication is required to run Mageia NFS Shares Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/draknfs</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakproxy.policy.in b/polkit/policy/org.mageia.drakproxy.policy.in new file mode 100644 index 0000000..46e9860 --- /dev/null +++ b/polkit/policy/org.mageia.drakproxy.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakproxy.pkexec.run"> + <_description>Run Mageia Proxy Configuration</_description> + <_message>Authentication is required to run Mageia Proxy Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakproxy</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakroam.policy.in b/polkit/policy/org.mageia.drakroam.policy.in new file mode 100644 index 0000000..060a4a3 --- /dev/null +++ b/polkit/policy/org.mageia.drakroam.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakroam.pkexec.run"> + <_description>Run Mageia WiFi Configuration</_description> + <_message>Authentication is required to run Mageia WiFi Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakroam</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.draksambashare.policy.in b/polkit/policy/org.mageia.draksambashare.policy.in new file mode 100644 index 0000000..1836316 --- /dev/null +++ b/polkit/policy/org.mageia.draksambashare.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.draksambashare.pkexec.run"> + <_description>Run Mageia Samba Shares Configuration</_description> + <_message>Authentication is required to run Mageia Samba Shares Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/draksambashare</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/policy/org.mageia.drakvpn.policy.in b/polkit/policy/org.mageia.drakvpn.policy.in new file mode 100644 index 0000000..f026f39 --- /dev/null +++ b/polkit/policy/org.mageia.drakvpn.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.drakvpn.pkexec.run"> + <_description>Run Mageia VPN Configuration</_description> + <_message>Authentication is required to run Mageia VPN Configuration</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakvpn</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/wrappers/drakconnect b/polkit/wrappers/drakconnect new file mode 100755 index 0000000..7f2ee3f --- /dev/null +++ b/polkit/wrappers/drakconnect @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakconnect $* diff --git a/polkit/wrappers/drakfirewall b/polkit/wrappers/drakfirewall new file mode 100755 index 0000000..9cf24ca --- /dev/null +++ b/polkit/wrappers/drakfirewall @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakfirewall $* diff --git a/polkit/wrappers/drakgw b/polkit/wrappers/drakgw new file mode 100755 index 0000000..240f80f --- /dev/null +++ b/polkit/wrappers/drakgw @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakgw $* diff --git a/polkit/wrappers/drakhosts b/polkit/wrappers/drakhosts new file mode 100755 index 0000000..d028be8 --- /dev/null +++ b/polkit/wrappers/drakhosts @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakhosts $* diff --git a/polkit/wrappers/drakids b/polkit/wrappers/drakids new file mode 100755 index 0000000..8a5b73f --- /dev/null +++ b/polkit/wrappers/drakids @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakids $* diff --git a/polkit/wrappers/drakinvictus b/polkit/wrappers/drakinvictus new file mode 100755 index 0000000..d7f0a62 --- /dev/null +++ b/polkit/wrappers/drakinvictus @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakinvictus $* diff --git a/polkit/wrappers/draknetcenter b/polkit/wrappers/draknetcenter new file mode 100755 index 0000000..47c6f55 --- /dev/null +++ b/polkit/wrappers/draknetcenter @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/draknetcenter $* diff --git a/polkit/wrappers/draknetprofile b/polkit/wrappers/draknetprofile new file mode 100755 index 0000000..e1e5bd7 --- /dev/null +++ b/polkit/wrappers/draknetprofile @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/draknetprofile $* diff --git a/polkit/wrappers/draknfs b/polkit/wrappers/draknfs new file mode 100755 index 0000000..2e90f23 --- /dev/null +++ b/polkit/wrappers/draknfs @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/draknfs $* diff --git a/polkit/wrappers/drakproxy b/polkit/wrappers/drakproxy new file mode 100755 index 0000000..3bb43c8 --- /dev/null +++ b/polkit/wrappers/drakproxy @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakproxy $* diff --git a/polkit/wrappers/drakroam b/polkit/wrappers/drakroam new file mode 100755 index 0000000..9b5747e --- /dev/null +++ b/polkit/wrappers/drakroam @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakroam $* diff --git a/polkit/wrappers/draksambashare b/polkit/wrappers/draksambashare new file mode 100755 index 0000000..13e4c91 --- /dev/null +++ b/polkit/wrappers/draksambashare @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/draksambashare $* diff --git a/polkit/wrappers/drakvpn b/polkit/wrappers/drakvpn new file mode 100755 index 0000000..17d091f --- /dev/null +++ b/polkit/wrappers/drakvpn @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/bin/pkexec /usr/libexec/drakvpn $* |