diff options
author | Colin Guthrie <colin@mageia.org> | 2013-10-12 16:47:43 +0100 |
---|---|---|
committer | Colin Guthrie <colin@mageia.org> | 2013-10-12 17:44:09 +0100 |
commit | eb8f6e900feccc2b7667289135f821438717ec8c (patch) | |
tree | 8f55d31bb65192ca7d56190aaf61f29eec6bed4f | |
parent | 6c4ae17acfb5159eeac92b92fdca112ca2ede4ec (diff) | |
download | urpmi-eb8f6e900feccc2b7667289135f821438717ec8c.tar urpmi-eb8f6e900feccc2b7667289135f821438717ec8c.tar.gz urpmi-eb8f6e900feccc2b7667289135f821438717ec8c.tar.bz2 urpmi-eb8f6e900feccc2b7667289135f821438717ec8c.tar.xz urpmi-eb8f6e900feccc2b7667289135f821438717ec8c.zip |
Use polkit for authorisation (mga#11125)
-rw-r--r-- | MANIFEST | 3 | ||||
-rwxr-xr-x | Makefile.PL | 32 | ||||
-rw-r--r-- | NEWS | 2 | ||||
-rwxr-xr-x | gurpmi | 4 | ||||
-rw-r--r-- | po/.gitignore | 1 | ||||
-rw-r--r-- | po/Makefile | 15 | ||||
-rw-r--r-- | po/POTFILES.in | 1 | ||||
-rw-r--r-- | polkit/Makefile | 24 | ||||
-rw-r--r-- | polkit/org.mageia.gurpmi2.policy.in | 22 | ||||
-rw-r--r-- | polkit/org.mageia.urpmi.update.policy.in | 22 |
10 files changed, 104 insertions, 22 deletions
@@ -94,6 +94,9 @@ pod/8/urpmi.removemedia.pod pod/8/urpmi.update.pod pod/8/urpmihowto.pod pod/8/urpmq.pod +polkit/org.mageia.urpmi.update.policy.in +polkit/org.mageia.gurpmi2.policy.in +polkit/Makefile rpm-find-leaves rurpme rurpmi diff --git a/Makefile.PL b/Makefile.PL index 44fba5d3..ed39b155 100755 --- a/Makefile.PL +++ b/Makefile.PL @@ -13,14 +13,16 @@ use ExtUtils::MakeMaker; # --install-gui : install gurpmi my $with_rpm = 1; $with_rpm = 0 if grep $_ eq '--without-rpm', @ARGV; my $with_po = 0; $with_po = 1 if grep $_ eq '--install-po', @ARGV; +my $with_polkit = 0; $with_polkit = 1 if grep $_ eq '--install-polkit', @ARGV; my $with_gui = 0; $with_gui = 1 if grep $_ eq '--install-gui', @ARGV; # All scripts, some of them go in /usr/sbin (see DESTINSTALLSBIN below) our @bin_scripts = qw(urpmq urpmf rpm-find-leaves); -our @sbin_scripts = qw(urpmi urpme urpmi.addmedia urpmi.update urpmi.removemedia rurpmi rurpme); +our @sbin_scripts = qw(urpmi urpme urpmi.addmedia urpmi.removemedia rurpmi rurpme); +our @libexec_scripts = qw(urpmi.update); if ($with_gui) { push @bin_scripts, qw(gurpmi); - push @sbin_scripts, qw(gurpmi2); + push @libexec_scripts, qw(gurpmi2); } # And now, add some functionality to MakeMaker. @@ -32,10 +34,10 @@ sub libscan { return !$with_gui && $path =~ /gurpmi/ ? '' : $path; } -# Make proper sbin/man5/man8 dirs in blib +# Make proper sbin/libexec/man5/man8 dirs in blib sub top_targets { my $inherited = shift->SUPER::top_targets(@_); - $inherited =~ s/^config ::/$& \$(INST_MAN5DIR)\$(DIRFILESEP).exists \$(INST_MAN8DIR)\$(DIRFILESEP).exists \$(INST_SBIN)\$(DIRFILESEP).exists/m; + $inherited =~ s/^config ::/$& \$(INST_MAN5DIR)\$(DIRFILESEP).exists \$(INST_MAN8DIR)\$(DIRFILESEP).exists \$(INST_SBIN)\$(DIRFILESEP).exists \$(INST_LIBEXEC)\$(DIRFILESEP).exists/m; $inherited; } @@ -45,8 +47,10 @@ sub installbin { my $inherited = $self->SUPER::installbin(@_); my $s = join '|', map quotemeta, @sbin_scripts; $inherited =~ s{\$\(INST_SCRIPT\)/($s)}{\$(INST_SBIN)/$1}g; + $s = join '|', map quotemeta, @libexec_scripts; + $inherited =~ s{\$\(INST_SCRIPT\)/($s)}{\$(INST_LIBEXEC)/$1}g; # how to create needed directories under blib - $inherited .= $self->dir_target("\$(INST_$_)") for qw(SBIN MAN5DIR MAN8DIR); + $inherited .= $self->dir_target("\$(INST_$_)") for qw(SBIN LIBEXEC MAN5DIR MAN8DIR); $inherited; } @@ -54,11 +58,12 @@ sub install { my $inherited = shift->SUPER::install(@_); # Take into account scripts in sbin under blib # and new manpage sections - $inherited =~ s/\$\(INST_BIN\) \$\(DESTINSTALL(\w*)BIN\)/$& \$(INST_SBIN) \$(DESTINSTALL$1SBIN) \$(INST_MAN5DIR) \$(DESTINSTALLMAN5DIR) \$(INST_MAN8DIR) \$(DESTINSTALLMAN8DIR)/g; + $inherited =~ s/\$\(INST_BIN\) \$\(DESTINSTALL(\w*)BIN\)/$& \$(INST_SBIN) \$(DESTINSTALL$1SBIN) \$(INST_LIBEXEC) \$(DESTINSTALLLIBEXECDIR) \$(INST_MAN5DIR) \$(DESTINSTALLMAN5DIR) \$(INST_MAN8DIR) \$(DESTINSTALLMAN8DIR)/g; # install files under /etc and /var my $po = $with_po ? ' installpo' : ''; + my $polkit = $with_polkit ? ' installpolkit' : ''; my $gui = $with_gui ? ' installgurpmi2' : ''; - $inherited =~ s/^install ::/$& installconfigfiles installstatedir$po$gui/gm; + $inherited =~ s/^install ::/$& installconfigfiles installstatedir$po$polkit$gui/gm; $inherited; } @@ -97,6 +102,9 @@ sub postamble { installpo: \$(MAKE) -C po install +installpolkit: + \$(MAKE) -C polkit install + installconfigfiles: install -d \$(SYSCONFDIR)/urpmi install -m 644 inst.list skip.list \$(SYSCONFDIR)/urpmi @@ -108,11 +116,6 @@ installstatedir: install -d \$(DESTDIR)/var/cache/urpmi/rpms installgurpmi2: pure_install gurpmi.desktop - ln -s -f consolehelper \$(DESTINSTALLSCRIPT)/gurpmi2 - -ChangeLog: - svn2cl --accum --authors ${commonusername}username.xml - rm -f *.bak TAGS: etags *.pm */*.pm @@ -143,18 +146,21 @@ WriteMakefile( DESTINSTALLSBIN => '$(DESTINSTALLBIN)/../sbin', DESTINSTALLSITESBIN => '$(DESTINSTALLSITEBIN)/../sbin', DESTINSTALLVENDORSBIN => '$(DESTINSTALLVENDORBIN)/../sbin', + INSTALLLIBEXECDIR => '$(PERLPREFIX)/libexec', + DESTINSTALLLIBEXECDIR => '$(DESTDIR)$(INSTALLLIBEXECDIR)', INSTALLMAN5DIR => '$(PERLPREFIX)/share/man/man5', DESTINSTALLMAN5DIR => '$(DESTDIR)$(INSTALLMAN5DIR)', INSTALLMAN8DIR => '$(PERLPREFIX)/share/man/man8', DESTINSTALLMAN8DIR => '$(DESTDIR)$(INSTALLMAN8DIR)', INST_SBIN => 'blib/sbin', + INST_LIBEXEC => 'blib/libexec', INST_MAN5DIR => 'blib/man5', INST_MAN8DIR => 'blib/man8', # We could read those values from rpm macros. SYSCONFDIR => '$(DESTDIR)/etc', LOCALSTATEDIR => '$(DESTDIR)/var/lib', }, - EXE_FILES => [ @bin_scripts, @sbin_scripts ], + EXE_FILES => [ @bin_scripts, @sbin_scripts, @libexec_scripts ], PMLIBDIRS => [ qw(gurpm urpm) ], $with_po ? (DIR => [ 'po' ]) : (), MAN1PODS => { @@ -1,3 +1,5 @@ +- use polkit for authorisation (mga#11125) + Version 7.27.4 - 4 October 2013, by Thierry Vignaud - library: @@ -60,9 +60,9 @@ foreach (@all_rpms) { } sub proceed() { - #- we need to switch to root if we're not already (via consolehelper) + #- we need to switch to root if we're not already (via polkit) #- yes. hardcoded paths. safe. - exec $> ? '/usr/bin/gurpmi2' : '/usr/sbin/gurpmi2', @ARGV; + exec $> ? '/usr/bin/gurpmi2' : '/usr/libexec/gurpmi2', @ARGV; } #- Ask question: save or install ? diff --git a/po/.gitignore b/po/.gitignore new file mode 100644 index 00000000..0d91a622 --- /dev/null +++ b/po/.gitignore @@ -0,0 +1 @@ +POTFILES.in diff --git a/po/Makefile b/po/Makefile index facf804a..ac5fc0f8 100644 --- a/po/Makefile +++ b/po/Makefile @@ -30,11 +30,14 @@ merge: mv -f "$$n"t "$$n"; \ done -$(PGOAL).pot: $(PL_FILES) - intltool-update --gettext-package desktopstuff --pot - perl_checker -q --generate-pot $(PGOAL)_tmp.pot $(PL_FILES) - [ ! -e $(PGOAL)_tmp.pot ] || msgcat --use-first $(PGOAL)_tmp.pot desktopstuff.pot > $@ - rm -f desktopstuff.pot $(PGOAL)_tmp.pot +$(PGOAL).pot: $(PL_FILES) POTFILES.in + intltool-update --gettext-package non-perl --pot + perl_checker -q --generate-pot .$@ $(PL_FILES) + msgcat -w 2048 --use-first .$@ non-perl.pot > $@ + rm -f non-perl.pot .$@ + +POTFILES.in: + (cd .. ; /bin/ls -1 *.desktop.in polkit/*.policy.in; ) > POTFILES.in install: all for l in $(LANGS); do \ @@ -43,7 +46,7 @@ install: all done clean: - @rm -rf *~ *.mo $(GOALS) $(PGOAL)_tmp.pot + @rm -rf *~ *.mo $(GOALS) $(PGOAL)_tmp.pot POTFILES.in test: diff --git a/po/POTFILES.in b/po/POTFILES.in deleted file mode 100644 index 13ff90f9..00000000 --- a/po/POTFILES.in +++ /dev/null @@ -1 +0,0 @@ -gurpmi.desktop.in diff --git a/polkit/Makefile b/polkit/Makefile new file mode 100644 index 00000000..34e81069 --- /dev/null +++ b/polkit/Makefile @@ -0,0 +1,24 @@ +BINDIR = /usr/bin +LIBEXECDIR = /usr/libexec +BINDEST = $(DESTDIR)$(BINDIR) +POLKITPOLICYDEST = $(DESTDIR)/usr/share/polkit-1/actions + +POLICY_IN := $(wildcard *.policy.in) +POLICY = $(POLICY_IN:.policy.in=.policy) +WRAPPERS = $(patsubst org.mageia.%.policy,%,$(POLICY)) + +all: $(WRAPPERS) $(POLICY) + +clean: + rm -f $(WRAPPERS) $(POLICY) + +%: org.mageia.%.policy.in + @echo -e "#!/bin/sh\nexec $(BINDIR)/pkexec $(LIBEXECDIR)/$@ $$""*" > $@ + +%.policy: %.policy.in + intltool-merge --utf8 ../po $< $@ -x -u -c ../po/.intltool-merge-cache + +install: all + install -d $(BINDEST) $(POLKITPOLICYDEST) + install -m755 $(WRAPPERS) $(BINDEST) + install -m644 $(POLICY) $(POLKITPOLICYDEST) diff --git a/polkit/org.mageia.gurpmi2.policy.in b/polkit/org.mageia.gurpmi2.policy.in new file mode 100644 index 00000000..4768e142 --- /dev/null +++ b/polkit/org.mageia.gurpmi2.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.gurpmi2.pkexec.run"> + <_description>Run Mageia Package Installer</_description> + <_message>Authentication is required to run Mageia Package Installer</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/gurpmi2</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> diff --git a/polkit/org.mageia.urpmi.update.policy.in b/polkit/org.mageia.urpmi.update.policy.in new file mode 100644 index 00000000..dabef903 --- /dev/null +++ b/polkit/org.mageia.urpmi.update.policy.in @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>Mageia</vendor> + <vendor_url>http://www.mageia.org/</vendor_url> + + <action id="org.mageia.urpmi.update.pkexec.run"> + <_description>Run Mageia Package Media Updater</_description> + <_message>Authentication is required to run Mageia Package Media Updater</_message> + <icon_name>drakconf</icon_name> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/urpmi.update</annotate> + <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate> + </action> +</policyconfig> |