Difference between revisions of "PolicyKit"

From CBLFS
Jump to navigationJump to search
m
Line 2: Line 2:
 
|-valign="top"
 
|-valign="top"
 
!Download Source:
 
!Download Source:
| (Not Released Yet)
+
| http://people.freedesktop.org/~david/dist/PolicyKit-{{PolicyKit-Version}}.tar.gz
 
|}
 
|}
  
Line 12: Line 12:
  
 
=== Required ===
 
=== Required ===
* [[GIT]] (To get the source)
 
 
* [[D-BUS Glib]]
 
* [[D-BUS Glib]]
 
* [[Glib2]]
 
* [[Glib2]]
Line 19: Line 18:
  
 
=== Optional ===
 
=== Optional ===
 +
* [[GIT]] (To get the latest source)
 
* [[Gtk-Doc]]
 
* [[Gtk-Doc]]
  
Line 27: Line 27:
 
         -u 26 -g polkit -s /bin/false polkit
 
         -u 26 -g polkit -s /bin/false polkit
  
== Getting the source ==
+
== Getting the latest source ==
 +
 
 +
{{Note|This section is optional. You need this command only if you want to build latest development version.}}
  
 
Check out the source from freedesktop.org:
 
Check out the source from freedesktop.org:
Line 39: Line 41:
  
 
  tar cvjf PolicyKit{-$(date +%Y%m%d).tar.bz2,}
 
  tar cvjf PolicyKit{-$(date +%Y%m%d).tar.bz2,}
 +
 +
{{Note|Replace "./configure" to "./autogen.sh" in the commands follow if you build latest development version.}}
  
 
== Non-Multilib ==
 
== Non-Multilib ==
Line 44: Line 48:
 
Compile the package:
 
Compile the package:
  
  ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var &&
+
  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var &&
 
  make
 
  make
  
Line 58: Line 62:
  
 
  CC="gcc ${BUILD32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH32}" \
 
  CC="gcc ${BUILD32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH32}" \
  ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var &&
+
  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var &&
 
  make
 
  make
  
Line 70: Line 74:
  
 
  CC="gcc ${BUILDN32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATHN32}" \
 
  CC="gcc ${BUILDN32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATHN32}" \
  ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
+
  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
 
     --libdir=/usr/lib32 --with-pam-module-dir=/lib32/security &&
 
     --libdir=/usr/lib32 --with-pam-module-dir=/lib32/security &&
 
  make
 
  make
Line 83: Line 87:
  
 
  CC="gcc ${BUILD64}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH64}" \
 
  CC="gcc ${BUILD64}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH64}" \
  ./autogen.sh --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
+
  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
 
     --libdir=/usr/lib64 --with-pam-module-dir=/lib64/security &&
 
     --libdir=/usr/lib64 --with-pam-module-dir=/lib64/security &&
 
  make
 
  make
Line 140: Line 144:
 
   ln -sfv ../init.d/polkitd $link;
 
   ln -sfv ../init.d/polkitd $link;
 
  done
 
  done
 +
 +
== InitNG Bootscript ==
 +
 +
Todo
  
 
== Privileges ==
 
== Privileges ==

Revision as of 14:07, 21 June 2007

Download Source: http://people.freedesktop.org/~david/dist/PolicyKit-0.9.tar.gz

Introduction to PolicyKit

PolicyKit is a framework for defining policy for system-wide components and for desktop pieces to configure it. It is used by HAL.

Project Homepage: Unknown

Dependencies

Required

Optional

PolKit User/Group

groupadd -g 26 polkit &&
useradd -c "Policy Kit Daemon User" -d /dev/null \
        -u 26 -g polkit -s /bin/false polkit

Getting the latest source

Caution.png

Note

This section is optional. You need this command only if you want to build latest development version.

Check out the source from freedesktop.org:

git clone git://anongit.freedesktop.org/git/PolicyKit &&
cd PolicyKit &&
git-checkout -b e97e945ee59320cb15ec81958b2fa1c08653a8f6 &&
cd ..

It couldn't hurt to make a tarball so you have an unmodified source around for the future:

tar cvjf PolicyKit{-$(date +%Y%m%d).tar.bz2,}
Caution.png

Note

Replace "./configure" to "./autogen.sh" in the commands follow if you build latest development version.

Non-Multilib

Compile the package:

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var &&
make

Install the package

make install

Multilib

32Bit

Compile the package:

CC="gcc ${BUILD32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH32}" \
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var &&
make

Install the package

make install

N32

Compile the package:

CC="gcc ${BUILDN32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATHN32}" \
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
    --libdir=/usr/lib32 --with-pam-module-dir=/lib32/security &&
make

Install the package

make install

64Bit

Compile the package:

CC="gcc ${BUILD64}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH64}" \
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
    --libdir=/usr/lib64 --with-pam-module-dir=/lib64/security &&
make

Install the package

make install

Configuration

Bootscript

Create the bootscript:

cat > /etc/rc.d/init.d/polkitd << "EOF"
#!/bin/sh
# Begin $rc_base/init.d/polkitd

. /etc/sysconfig/rc
. ${rc_functions}

case "${1}" in
        start)
                boot_mesg "Starting PolicyKit..."
                loadproc /usr/sbin/polkitd
                ;;

        stop)
                boot_mesg "Stopping PolicyKit..."
                killproc /usr/sbin/polkitd
                ;;

        restart)
                ${0} stop
                sleep 1
                ${0} start
                ;;

        status)
                statusproc /usr/sbin/polkitd
                ;;

        *)
                echo "Usage: ${0} {start|stop|restart|status}"
                exit 1
                ;;
esac

# End $rc_base/init.d/polkitd
EOF
chmod -v 754 /etc/rc.d/init.d/polkitd

Link it into the runlevels:

for link in /etc/rc.d/rc{{0,1,6}.d/K29,{2,3,4,5}.d/S20}polkitd; do
  ln -sfv ../init.d/polkitd $link;
done

InitNG Bootscript

Todo

Privileges

PolicyKit installs desktop-console.privilege in /etc/PolicyKit/privilege.d which is the file that HAL will reference to see if the user can preform a specific operation (mount, cpufreq, hibernate, poweroff, reboot, suspend, etc...). Other privileges that manipulate a local device are most likely going to require this privilege.

There are a few ways to configure a privilege. You can allow anybody by setting Allow=uid:__all__, a specific user by setting Allow=uid:username, or a specific group by setting Allow=gid:groupname. The same applies for Deny.

The following command modifies the privilege file so that anyone in the users group is allowed to manipulate a local device:

sed -i "s/^Allow=.*/Allow=gid:users/" \
    /etc/PolicyKit/privilege.d/desktop-console.privilege

Contents

Installed Programs: polkit-grant-privilege polkit-is-rivileged polkit-list-privileges polkit-revoke-privilege polkitd
Installed Libraries: libpolkit.{so,a,la} libpolkit-grant.{so,a,la} /lib/security/pam_polkit_console.{so,a,la}
Installed Directories: /etc/PolicyKit/privilege.d /var/run/polkit-console