----- Original Message ----- > On Wed, Nov 14, 2012 at 1:24 PM, Matthew Miller
> > If David is unwilling to just resurrect the old .pkla parser, one > option for "solving" the problem might be writing a piece of code > that > would provide compatibility with the .pkla files. > > This could be (the only) JS config snippet parsing the files directly > if the JS environment allowed file system access, or alternatively a > generator run before starting polkit to generate a large JS config > representing the contents of .pkla files. > > Anyone interested in implementing it? The .pkla syntax wasn't particularly appealing or expressive, and there was only a handful of packages using it. I don't really think it is particularly worth reviving. If a declarative syntax is needed, I suggest that the security team simply picks their favourite language, and then implements a single js rule that calls out to a commandline utility implementing that language. Checking compliance should be very simple then - just check that the single single rule is the one you put in place. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
