aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorColin Guthrie <colin@mageia.org>2013-09-03 11:58:05 +0100
committerColin Guthrie <colin@mageia.org>2013-09-03 12:15:20 +0100
commitf7cc863196075c0f0634a115e3417370e8646acd (patch)
treed1e48cddebb32982e154c543bc69a2133a1680fa
parentce2a0726339307d5b747ac397825adf2cad396ac (diff)
downloadrpmdrake-f7cc863196075c0f0634a115e3417370e8646acd.tar
rpmdrake-f7cc863196075c0f0634a115e3417370e8646acd.tar.gz
rpmdrake-f7cc863196075c0f0634a115e3417370e8646acd.tar.bz2
rpmdrake-f7cc863196075c0f0634a115e3417370e8646acd.tar.xz
rpmdrake-f7cc863196075c0f0634a115e3417370e8646acd.zip
Convert to polkit from usermode consolehelper for gaining root privileges
polkit is better integrated into various environments, both console and GUI and offers better access rules and prevents the internal need to run su which is prone to errors and doesn't offer an environment agnostic prompt to the user. The 'auth as user' (as opposed to 'auth as root') for the 'MageiaUpdate' binary has been ported to the polkit equiv. mga#11125
-rw-r--r--Makefile22
-rw-r--r--NEWS2
-rw-r--r--data/rpmdrake-browse-only.desktop.in2
-rw-r--r--polkit/policy/org.mageia.rpmdrake-addmedia.policy22
-rw-r--r--polkit/policy/org.mageia.rpmdrake-editmedia.policy22
-rw-r--r--polkit/policy/org.mageia.rpmdrake-update.policy22
-rw-r--r--polkit/policy/org.mageia.rpmdrake.policy22
-rwxr-xr-xpolkit/wrappers/MageiaUpdate2
-rwxr-xr-xpolkit/wrappers/drakrpm-edit-media2
-rwxr-xr-xpolkit/wrappers/gurpmi.addmedia2
-rwxr-xr-xpolkit/wrappers/rpmdrake2
11 files changed, 108 insertions, 14 deletions
diff --git a/Makefile b/Makefile
index 2d3dc470..fc6b7137 100644
--- a/Makefile
+++ b/Makefile
@@ -7,7 +7,7 @@ PREFIX = /usr/local
DATADIR = $(PREFIX)/share
BINDIR = $(PREFIX)/bin
SBINDIR = $(PREFIX)/sbin
-RELATIVE_SBIN = ../sbin
+LIBEXECDIR = $(PREFIX)/libexec
RPM=$(shell rpm --eval %_topdir)
PERL_VENDORLIB=$(DESTDIR)/$(shell perl -V:installvendorlib | perl -pi -e "s/.*=//; s/[;']//g")
@@ -22,18 +22,14 @@ install: $(ALL)
find -name '*.pm' -o -name rpmdrake -o -name MageiaUpdate | xargs ./simplify-drakx-modules
./simplify-drakx-modules {gurpmi.addmedia,edit-urpm-sources.pl}
@for n in $(DIRS); do make -C $$n install; done
- install -d $(SBINDIR)
- install rpmdrake MageiaUpdate edit-urpm-sources.pl gurpmi.addmedia $(SBINDIR)
- install -d $(BINDIR)
- ln -sf $(RELATIVE_SBIN)/rpmdrake $(BINDIR)/rpmdrake
- ln -sf $(RELATIVE_SBIN)/MageiaUpdate $(BINDIR)/MageiaUpdate
- ln -sf $(RELATIVE_SBIN)/edit-urpm-sources.pl $(BINDIR)/edit-urpm-sources.pl
- ln -sf edit-urpm-sources.pl $(SBINDIR)/drakrpm-edit-media
- ln -sf $(RELATIVE_SBIN)/drakrpm-edit-media $(BINDIR)/drakrpm-edit-media
- ln -sf $(RELATIVE_SBIN)/gurpmi.addmedia $(BINDIR)/gurpmi.addmedia
- ln -sf $(RELATIVE_SBIN)/rpmdrake $(BINDIR)/drakrpm
- ln -sf $(RELATIVE_SBIN)/MageiaUpdate $(SBINDIR)/drakrpm-update
- ln -sf $(RELATIVE_SBIN)/drakrpm-update $(BINDIR)/drakrpm-update
+ install -d $(BINDIR) $(SBINDIR) $(LIBEXECDIR) $(PREFIX)/share/polkit-1/actions
+ install rpmdrake MageiaUpdate gurpmi.addmedia $(LIBEXECDIR)
+ install edit-urpm-sources.pl $(LIBEXECDIR)/drakrpm-edit-media
+ install polkit/wrappers/* $(BINDIR)
+ install polkit/policy/* $(PREFIX)/share/polkit-1/actions
+ ln -sf drakrpm-edit-media $(BINDIR)/edit-urpm-sources.pl
+ ln -sf rpmdrake $(BINDIR)/drakrpm
+ ln -sf MageiaUpdate $(BINDIR)/drakrpm-update
install -d $(DATADIR)/rpmdrake/icons
install -m644 icons/*.png $(DATADIR)/rpmdrake/icons
install -m644 gui.lst $(DATADIR)/rpmdrake
diff --git a/NEWS b/NEWS
index c2bf953c..67dc2037 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,5 @@
+- use polkit for authorisation (mga#11125)
+
Version 5.49 - 9 Mayr 2013, Thomas Backlund
- --merge-all-rpmnew mode:
diff --git a/data/rpmdrake-browse-only.desktop.in b/data/rpmdrake-browse-only.desktop.in
index 80802b05..88d18530 100644
--- a/data/rpmdrake-browse-only.desktop.in
+++ b/data/rpmdrake-browse-only.desktop.in
@@ -2,7 +2,7 @@
_Name=Browse Available Software
Icon=rpmdrake
_Comment=A graphical front end for browsing installed & available packages
-Exec=/usr/sbin/rpmdrake
+Exec=/usr/bin/rpmdrake
Terminal=false
Type=Application
Categories=X-MandrivaLinux-CrossDesktop;GTK;System;PackageManager;
diff --git a/polkit/policy/org.mageia.rpmdrake-addmedia.policy b/polkit/policy/org.mageia.rpmdrake-addmedia.policy
new file mode 100644
index 00000000..4f4435f5
--- /dev/null
+++ b/polkit/policy/org.mageia.rpmdrake-addmedia.policy
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <vendor>Mageia</vendor>
+ <vendor_url>http://www.mageia.org/</vendor_url>
+
+ <action id="org.mageia.rpmdrake-addmedia.pkexec.run">
+ <description>Run Mageia Package Media Adder</description>
+ <message>Authentication is required to run Mageia Package Media Adder</message>
+ <icon_name>rpmdrake</icon_name>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/gurpmi.addmedia</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+</policyconfig>
diff --git a/polkit/policy/org.mageia.rpmdrake-editmedia.policy b/polkit/policy/org.mageia.rpmdrake-editmedia.policy
new file mode 100644
index 00000000..d5a56cd4
--- /dev/null
+++ b/polkit/policy/org.mageia.rpmdrake-editmedia.policy
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <vendor>Mageia</vendor>
+ <vendor_url>http://www.mageia.org/</vendor_url>
+
+ <action id="org.mageia.rpmdrake-editmedia.pkexec.run">
+ <description>Run Mageia Package Media Editor</description>
+ <message>Authentication is required to run Mageia Package Media Editor</message>
+ <icon_name>rpmdrake</icon_name>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/drakrpm-edit-media</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+</policyconfig>
diff --git a/polkit/policy/org.mageia.rpmdrake-update.policy b/polkit/policy/org.mageia.rpmdrake-update.policy
new file mode 100644
index 00000000..c9437bfb
--- /dev/null
+++ b/polkit/policy/org.mageia.rpmdrake-update.policy
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <vendor>Mageia</vendor>
+ <vendor_url>http://www.mageia.org/</vendor_url>
+
+ <action id="org.mageia.rpmdrake-update.pkexec.run">
+ <description>Run Mageia Updater</description>
+ <message>Authentication is required to run Mageia Updater</message>
+ <icon_name>rpmdrake</icon_name>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_self_keep</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/MageiaUpdate</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+</policyconfig>
diff --git a/polkit/policy/org.mageia.rpmdrake.policy b/polkit/policy/org.mageia.rpmdrake.policy
new file mode 100644
index 00000000..5b7b3ee8
--- /dev/null
+++ b/polkit/policy/org.mageia.rpmdrake.policy
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <vendor>Mageia</vendor>
+ <vendor_url>http://www.mageia.org/</vendor_url>
+
+ <action id="org.mageia.rpmdrake.pkexec.run">
+ <description>Run Mageia Package Manager</description>
+ <message>Authentication is required to run Mageia Package Manager</message>
+ <icon_name>rpmdrake</icon_name>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/rpmdrake</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+</policyconfig>
diff --git a/polkit/wrappers/MageiaUpdate b/polkit/wrappers/MageiaUpdate
new file mode 100755
index 00000000..f732b981
--- /dev/null
+++ b/polkit/wrappers/MageiaUpdate
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/pkexec /usr/libexec/MageiaUpdate $*
diff --git a/polkit/wrappers/drakrpm-edit-media b/polkit/wrappers/drakrpm-edit-media
new file mode 100755
index 00000000..30fb48d3
--- /dev/null
+++ b/polkit/wrappers/drakrpm-edit-media
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/pkexec /usr/libexec/drakrpm-edit-media $*
diff --git a/polkit/wrappers/gurpmi.addmedia b/polkit/wrappers/gurpmi.addmedia
new file mode 100755
index 00000000..2e029258
--- /dev/null
+++ b/polkit/wrappers/gurpmi.addmedia
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/pkexec /usr/libexec/gurpmi.addmedia $*
diff --git a/polkit/wrappers/rpmdrake b/polkit/wrappers/rpmdrake
new file mode 100755
index 00000000..60a00841
--- /dev/null
+++ b/polkit/wrappers/rpmdrake
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec /usr/bin/pkexec /usr/libexec/rpmdrake $*