Bug#1041228: policykit-1: Polkit fails if more than one rule is defined in /usr/local/share/polkit-1

2024-03-24 Thread Stepan Novotny 

Hello, the bug is no longer present on Debian Trixie.
The same code which triggered it on Bookworm, works fine on Trixie.
I no longer have Bookworm so I am no longer able to replicate the problem.

Stepan

Bug#1041228: policykit-1: Polkit fails if more than one rule is defined in /usr/local/share/polkit-1

2023-07-15 Thread Stepan Novotny 
Package: polkitd
Version: 122-3
Severity: important
X-Debbugs-Cc: snovot...@gmail.com

Dear Maintainer,

   * What led up to the situation?
I created /etc/polkit-1/rules.d/99-shutdown.rules and this worked fine:
polkit.addRule(function(action, subject) {
   if (action.id == 'org.freedesktop.login1.power-off-multiple-sessions' &&  
subject.isInGroup('Debian-gdm'))
   return polkit.Result.YES; else return polkit.Result.NOT_HANDLED;
});

Then I added a second file /etc/polkit-1/rules.d/99-power-off.rules and both 
failed to work:
polkit.addRule(function(action, subject) {
   if (action.id == 'org.freedesktop.login1.reboot-multiple-sessions' &&  
subject.isInGroup('Debian-gdm'))
   return polkit.Result.YES; else return polkit.Result.NOT_HANDLED;
});

I found that either one of the above files by itself works fine, but it fails 
if both files are present.

   * What exactly did you do (or not do) that was effective (or ineffective)?
I also found that combining my two files into a single file as shown below, 
does not work either, but that the syntax of my files is acceptable in 
accordance with other example found by Google.
polkit.addRule(function(action, subject) {
if ((action.id == 'org.freedesktop.login1.reboot-multiple-sessions' ||
   action.id == 'org.freedesktop.login1.power-off-multiple-sessions' ||
   action.id == 'org.freedesktop.login1.hibernate-multiple-sessions' ||
   action.id == 'org.freedesktop.login1.suspend-multiple-sessions') &&
   subject.isInGroup('Debian-gdm'))
   return polkit.Result.NO; else return polkit.Result.NOT_HANDLED;
});


   * What was the outcome of this action?
I am currently running only one of my two files, and await a fix.

   * What outcome did you expect instead?
I await a fixed policykit-1 package, and will try again when available.

-- System Information:
Debian Release: 12.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages policykit-1 depends on:
ii  pkexec   122-3
ii  polkitd  122-3

Versions of packages policykit-1 recommends:
ii  polkitd-pkla  122-3

policykit-1 suggests no packages.

Versions of packages polkitd depends on:
ii  adduser 3.134
ii  dbus [default-dbus-system-bus]  1.14.6-1
ii  libc6   2.36-9
ii  libduktape207   2.7.0-2
ii  libexpat1   2.5.0-1
ii  libglib2.0-02.74.6-2
ii  libpam-systemd [logind] 252.6-1
ii  libpam0g1.5.2-6
ii  libpolkit-agent-1-0 122-3
ii  libpolkit-gobject-1-0   122-3
ii  libsystemd0 252.6-1
ii  systemd [systemd-sysusers]  252.6-1
ii  xml-core0.18+nmu1

Versions of packages polkitd suggests:
ii  polkitd-pkla  122-3

-- no debconf information