D-Bus 1.3.0 released
David Zeuthen
david at fubar.dk
Mon Aug 10 08:02:09 PDT 2009
Hey Thiago,
On Thu, 2009-08-06 at 14:56 +0200, Thiago Macieira wrote:
> Em Quinta-feira 06 Agosto 2009, às 08:37:50, Marcel Holtmann escreveu:
> > Together with the at_console stuff mentioned by Lennart this could
> > become 1.3.2 and then we should be focusing on stabilizing it for the
> > final 1.4 release.
>
> I'm a bit more skeptical about the at_console stuff. Some more input from the
> distros on whether they use it or not would be nice.
>
> I'm skeptical because I've just had a bad experience with PolKit [*]. I'm not
> sure distros are using it as they should, so we could be breaking stuff.
>
>
> [*] I found out yesterday that I can't mount my external HD anymore because
> HAL denies me permissions and I couldn't get PolKit to tell it to let me (and
> that was after reading PolicyKit's manpage talking about "Override the active
> stanza for the given action with the supplied value" when I have no clue what
> an active stanza is)
Yeah, the whole polkit stuff is in a bit of a flux right now - mainly
due to a complete rewrite of the codebase. Anyway, access control
frameworks are tricky to deal with - polkit is no exception. So
configuration is going to be tricky as well. Just FWIW, with the new
version, the relevant man page for configuring authorizations is this
one
http://hal.freedesktop.org/docs/polkit/pklocalauthority.8.html
and I hope it does a better job at explaining things
Anyway, the way the new polkit version works is described here (or at
least this page is supposed to describe how it works)
http://hal.freedesktop.org/docs/polkit/polkit.8.html
(also see http://hal.freedesktop.org/docs/polkit/ for all the
polkit documentation - might be useful to help get a picture
of what it is about)
So, in a nutshell, all that polkit does is to offer this single D-Bus
method to mechanisms (e.g. privileged applications that renders service
to unprivileged applications - typically via the system message bus)
http://hal.freedesktop.org/docs/polkit/eggdbus-interface-org.freedesktop.PolicyKit1.Authority.html#eggdbus-method-org.freedesktop.PolicyKit1.Authority.CheckAuthorization
and that's basically it from the access control point of view of the
mechanism. E.g. mechanisms simply offload all the decision-making to a
trusted component.
One thing we could do is to introduce support in the system bus daemon
for PolicyKit, e.g. allow people to write
<policy polkit_action="com.acme.product.action1">
<!-- allow statements here -->
</policy>
That way it is easy for OS vendors / org / sites / etc. to add polkit
support to system services that for one reason or another don't want to
use polkit.
This is extremely useful because polkit in itself is just an _interface_
- the OS vendor / org / site can replace the actual decision-making
component (the socalled Authority Implementation) by whatever they want
through a loadable polkit module. For example, here at Red Hat we are
planning to write an Authority Implementation that reads the
authorizations from a centralized directory server (as part of the
FreeIPA project).
Anyway, while I think adding this kind of support to the bus daemon,
maybe it is better to wait six months until polkit 1.0 is released and
has landed in all the major distros (the 0.9x pre-release series leading
up to 1.0 is already in most distros).
Hope this clarifies.
David
More information about the dbus
mailing list