I believe I have fixed these - the only temporary files still used in
/tmp are never used as executables (made by voice_list.sh). For the
sketchy creation of the root playfile, I now have a separate script to
create and write to the file which is run as root so that the file is
created with root permissions before writing to.
In fixing these, however, I noticed that gksudo/sudo has been giving
recent problems. In particular, calls to sudo fail even after calls to
gksudo IF wakeup-settings is not run through a terminal. I decided to
try to migrate to using pkexec, since this seems the more up-to-date
approach anyway, but it is poorly documented. I tried creating a .policy
file which would allow only the commands needed (crontab, setalarm,
setnextalarm.py, createRootPlayfile.py) with an allow_active default as
auth_admin_keep for a "meta-action" defined using annotation
org.freedesktop.policykit.imply, but every action defined using this
method needs to be separately authenticated.
I've attached the .policy file. Do you have suggestions on how to fix this? The
behavior I get is:
1. authenticate com.ubuntu.wakeup.exec using (prompts for password for
com.ubuntu.wakeup.exec, is_auth returns True):
pid=os.getpid()
action_id='com.ubuntu.wakeup.exec'
service = dbus.SystemBus().get_object('org.freedesktop.PolicyKit1',
'/org/freedesktop/PolicyKit1/Authority')
policy_kit=dbus.Interface(service, 'org.freedesktop.PolicyKit1.Authority')
(granted, _, details) = policy_kit.CheckAuthorization(('unix-process',
{'pid':dbus.UInt32(pid, variant_level=1),
'start-time':dbus.UInt64(0,variant_level=1)}),action_id,{},dbus.UInt32(1),'',timeout=600)
(is_auth, _, details) = policy_kit.CheckAuthorization(('unix-process',
{'pid':dbus.UInt32(pid, variant_level=1),
'start-time':dbus.UInt64(0,variant_level=1)}),action_id,{},dbus.UInt32(0),'',timeout=600)
2. try calling subprocess.call(['pkexec', 'setnextalarm.py'])
---> get pkexec popup asking for authentication for
com.ubuntu.wakeup.exec.setnextalarm
** Attachment added: "com.ubuntu.wakeup.policy"
https://bugs.launchpad.net/ubuntu/+source/wakeup/+bug/909189/+attachment/2687884/+files/com.ubuntu.wakeup.policy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/909189
Title:
Request for new upstream version 1.2 upgrade.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wakeup/+bug/909189/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
