Difference between revisions of "PolicyKit"
From CBLFS
Jump to navigationJump to search| Line 11: | Line 11: | ||
== Getting the latest source == | == Getting the latest source == | ||
| − | {{Note|This section is optional but recommended. You need this command only if you want to build the latest development version.}} | + | {{Note|This section is optional but recommended. You need this command only if you want to build the latest development version. If you install the latest development version of PolicyKit you'll also need to use the latest development version of [[HAL]].}} |
Check out the source from freedesktop.org: | Check out the source from freedesktop.org: | ||
git clone git://anongit.freedesktop.org/git/PolicyKit && | git clone git://anongit.freedesktop.org/git/PolicyKit && | ||
| − | |||
| − | |||
| − | |||
It couldn't hurt to make a tarball so you have an unmodified source around for the future: | It couldn't hurt to make a tarball so you have an unmodified source around for the future: | ||
| Line 106: | Line 103: | ||
=== Bootscript === | === Bootscript === | ||
| + | |||
| + | {{Note|If you're installing the GIT Version of PolicyKit and [[HAL]] you do not need to install a bootscript for PolicyKit}} | ||
Create the bootscript: | Create the bootscript: | ||
| Line 153: | Line 152: | ||
done | done | ||
| − | == | + | == Privileges == |
| − | |||
| − | |||
| − | + | {{Note|The follow change is not needed if you're using the development version.}} | |
PolicyKit installs '''desktop-console.privilege''' in /etc/PolicyKit/privilege.d which is the file that [[HAL]] will reference to see if the user can preform a specific operation (mount, cpufreq, hibernate, poweroff, reboot, suspend, etc...). Other privileges that manipulate a local device are most likely going to require this privilege. | PolicyKit installs '''desktop-console.privilege''' in /etc/PolicyKit/privilege.d which is the file that [[HAL]] will reference to see if the user can preform a specific operation (mount, cpufreq, hibernate, poweroff, reboot, suspend, etc...). Other privileges that manipulate a local device are most likely going to require this privilege. | ||
Revision as of 08:25, 18 August 2007
| Download Source: | http://people.freedesktop.org/~david/dist/PolicyKit-0.9.tar.gz |
|---|
Contents
Introduction to PolicyKit
PolicyKit is a framework for defining policy for system-wide components and for desktop pieces to configure it. It is used by HAL.
Project Homepage: Unknown
Getting the latest source
Note
This section is optional but recommended. You need this command only if you want to build the latest development version. If you install the latest development version of PolicyKit you'll also need to use the latest development version of HAL.
Check out the source from freedesktop.org:
git clone git://anongit.freedesktop.org/git/PolicyKit &&
It couldn't hurt to make a tarball so you have an unmodified source around for the future:
tar cvjf PolicyKit{-$(date +%Y%m%d).tar.bz2,}
Note
Replace "./configure" with "./autogen.sh" to build the latest development version.
Dependencies
Required
Optional
PolKit User/Group
groupadd -g 26 polkit &&
useradd -c "Policy Kit Daemon User" -d /dev/null \
-u 26 -g polkit -s /bin/false polkit
Non-Multilib
Compile the package:
./configure --prefix=/usr --sysconfdir=/etc \
--libexecdir=/usr/lib/PolicyKit --localstatedir=/var \
--with-polkit-user=polkit --with-polkit-group=polkit &&
make
Install the package
make install
Multilib
32Bit
Compile the package:
CC="gcc ${BUILD32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH32}" \
./configure --prefix=/usr --sysconfdir=/etc \
--libexecdir=/usr/lib/PolicyKit --localstatedir=/var \
--with-polkit-user=polkit --with-polkit-group=polkit &&
make
Install the package
make install
N32
Compile the package:
CC="gcc ${BUILDN32}" PKG_CONFIG_PATH="${PKG_CONFIG_PATHN32}" \
./configure --prefix=/usr --sysconfdir=/etc \
--libexecdir=/usr/lib32/PolicyKit --localstatedir=/var \
--libdir=/usr/lib32 --with-pam-module-dir=/lib32/security \
--with-polkit-user=polkit --with-polkit-group=polkit &&
make
Install the package
make install
64Bit
Compile the package:
CC="gcc ${BUILD64}" PKG_CONFIG_PATH="${PKG_CONFIG_PATH64}" \
./configure --prefix=/usr --sysconfdir=/etc \
--libexecdir=/usr/lib64/PolicyKit --localstatedir=/var \
--libdir=/usr/lib64 --with-pam-module-dir=/lib64/security \
--with-polkit-user=polkit --with-polkit-group=polkit &&
make
Install the package
make install
Configuration
Bootscript
Note
If you're installing the GIT Version of PolicyKit and HAL you do not need to install a bootscript for PolicyKit
Create the bootscript:
cat > /etc/rc.d/init.d/polkitd << "EOF"
#!/bin/sh
# Begin $rc_base/init.d/polkitd
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Starting PolicyKit..."
loadproc /usr/sbin/polkitd
;;
stop)
boot_mesg "Stopping PolicyKit..."
killproc /usr/sbin/polkitd
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc /usr/sbin/polkitd
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/polkitd
EOF
chmod -v 754 /etc/rc.d/init.d/polkitd
Link it into the runlevels:
for link in /etc/rc.d/rc{{0,1,6}.d/K29,{2,3,4,5}.d/S20}polkitd; do
ln -sfv ../init.d/polkitd $link;
done
Privileges
Note
The follow change is not needed if you're using the development version.
PolicyKit installs desktop-console.privilege in /etc/PolicyKit/privilege.d which is the file that HAL will reference to see if the user can preform a specific operation (mount, cpufreq, hibernate, poweroff, reboot, suspend, etc...). Other privileges that manipulate a local device are most likely going to require this privilege.
There are a few ways to configure a privilege. You can allow anybody by setting Allow=uid:__all__, a specific user by setting Allow=uid:username, or a specific group by setting Allow=gid:groupname. The same applies for Deny.
The following command modifies the privilege file so that anyone in the users group is allowed to manipulate a local device:
sed -i "s/^Allow=.*/Allow=gid:users/" \
/etc/PolicyKit/privilege.d/desktop-console.privilege
Contents
| Installed Programs: | polkit-grant-privilege polkit-is-rivileged polkit-list-privileges polkit-revoke-privilege polkitd |
|---|---|
| Installed Libraries: | libpolkit.{so,a,la} libpolkit-grant.{so,a,la} /lib/security/pam_polkit_console.{so,a,la} |
| Installed Directories: | /etc/PolicyKit/privilege.d /var/run/polkit-console |
