polkit-0.115 released

Hello, polkit-0.115 is now available at http://www.freedesktop.org/software/polkit/releases/polkit-0.115.tar.gz http://www.freedesktop.org/software/polkit/releases/polkit-0.115.tar.gz.sign -- polkit 0.115 -- WARNING WARNING WARNING: This is a prerelease on the road to polk

Re: Should the dtd file be there / be accessible?

Hello, 2018-01-11 14:32 GMT+01:00 Kenneth Ekman : > This might be a stupid question, but when creating a name>.policy file we put the following in the header: > > > > "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" > "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfi

Re: Replacing polkit JS backend

2018-01-03 19:47 GMT+01:00 Simon McVittie : > On Wed, 03 Jan 2018 at 17:07:03 +0100, Miloslav Trmac wrote: > > See one of the other mails, I’m worried that with the vaguely > systemd-like ”no > > programming language, but a few ‘simple’ special-cased condition > operators” &

Re: Replacing polkit JS backend

Hello, 2017-10-21 20:54 GMT+02:00 Ikey Doherty : > On 21/10/17 19:39, Michael Biebl wrote: > So to use the libvirt example: > > polkit.addRule(function(action, subject) { > if (action.id == "org.libvirt.api.connect.getattr" && > subject.user == "berrange") { > if (action.look

Re: Replacing polkit JS backend

Hello, 2017-12-18 12:10 GMT+01:00 Ikey Doherty : > > Though it'd be great to have Miloslav weigh in on some of this too; > particularly > > things like @smcv's suggestion of a pkla translator as @mtrmac also > maintains > > . > > > > So @mtrmac is the best on

Re: Replacing polkit JS backend

Hello, 2017-12-18 11:05 GMT+01:00 Colin Walters : > Based on some (long ago now) in-person discussion with the previous polkit > maintainer: > the JS backend was added for a reason from a real-world nontrivial in size > desktop deployment. > That said I don't have contact with them myself and unfo

Re: Clarification on the imply annotation

Hello, 2017-05-14 15:36 GMT+02:00 chinmoy ranjan : > I am a Google Summer of Code student working with KDE on the project > "Polkit support in KIO[1]". The goal of this project is to enable KIO (this > library provides file management functions in KDE softwares) to perform > file handling operatio

Re: [PATCH v2] Move polkit to mozjs38

Hello, 2017-04-04 21:10 GMT+02:00 Jeremy Linton : > Update polkit to use a more recent version of the mozjs library. > … > v1->v2: Switch back to using initjs.j rather than init.js > Another not-really-a-review: Mirek @@ -1209,10 +1207,13 @@ polkit_backend_js_authority_check_authorizatio

Re: [PATCH] Move polkit to mozjs38

2017-03-29 21:49 GMT+02:00 Jeremy Linton : > Update polkit to use a more recent version of the mozjs library. > Thanks. I’m afraid I haven’t had time to review in detail yet, for now just noting that polkit with this patch is immediately in Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1438

Re: Evaluating membership of an AD group for polkit authorization

Hello, 2016-11-21 0:34 GMT+01:00 zero four : > I am attempting to join Linux workstations to a relatively large domain > (150k users, 50k groups) using sssd, and I am wanting to allow members of > specific AD groups to perform elevated actions using polkit. Currently > sssd cannot handle that man

Re: [PATCH 0/4] Pull polkit forward to mozjs24

2016-08-17 22:57 GMT+02:00 Colin Walters : > I think my vote is actually for doing 24 only. Does anyone object to that? > I would prefer that to the three variants in #ifdefs. (No opinion on the substance of the patches so far I’m afraid.) Mirek __

Re: generic action to allow_gui?

Hello, 2016-08-16 3:49 GMT+02:00 cobrupre : > I previously had a file in /usr/share/polkit-1/actions which I believe > enabled allow_gui for all applications -- but I've lost this file. Am I > correct in remembering that this could be accomplished in a generic way, > and if so how? > AFAICS this

Re: Adding permissions for udiskie-mount to policykit

Hello, 2016-04-20 18:59 GMT+02:00 Faheem Mitha : > When I try to mount an external USB drive using udiskie-mount from > inside a cron job, I get an error as follows below. Using > udiskie-mount directly from the command line works fine. > > From a big picture perspective, I don't really understa

Re: Polkit on Duktape

2015-08-13 20:12 GMT+02:00 Matthew Miller : > On Thu, Aug 13, 2015 at 09:37:38AM -0700, Jasper St. Pierre wrote: > > Is that really different from standalone releases of mozjs, which have > > never been officially supported by Mozilla? > > Are people really using / area we getting a lot of value f

Re: Polkit on Duktape

Hello, 2015-08-13 5:28 GMT+02:00 Jasper St. Pierre : > Out of curiosity, what would the threat model be here? How would an > attacker put bad input into the JS engine to be exploited by a > ruleset? > (The ruleset is assumed to be trusted: usually only root can add rules. Stupid JS rules are a th