syslogging in policykit
David Zeuthen
david at fubar.dk
Tue Dec 15 11:00:33 PST 2009
On Fri, 2009-12-11 at 15:42 -0500, Matthew Miller wrote:
> On Fri, Dec 11, 2009 at 03:27:19PM -0500, David Zeuthen wrote:
> > I just implemented this - see
> > https://bugs.freedesktop.org/show_bug.cgi?id=25594
>
> Awesome. Thanks much. Sorry I've been swamped with other things
> recently -- didn't mean to just pop up with complaints and then
> fall off the map.
No problemo. Hmm, thinking about all this again, I'm not sure we should
log things like
Dec 15 13:50:03 localhost polkitd(authority=local): DENYING action
org.freedesktop.policykit.exec for unix-process:3600:33175877 [bash]
owned by unix-user:davidz (check requested by system-bus-name::1.619
[pkexec bash])
Dec 15 13:47:57 localhost polkitd(authority=local): ALLOWING action
org.freedesktop.policykit.example.pkexec.run-frobnicate for
unix-process:2459:33129230 [bash] owned by unix-user:davidz (check
requested by system-bus-name::1.616
[pkexec /usr/bin/pk-example-frobnicate])
Isn't it just noise? I mean, the way it's designed is that even
unprivileged users can ask if any subject (e.g. process) is authorized
(as long as the subject owned by said user). For example, the system
time mechanism does that - for example
Dec 15 13:58:47 localhost polkitd(authority=local): ALLOWING action
org.gnome.clockapplet.mechanism.settime for system-bus-name::1.620
[/usr/libexec/clock-applet
--oaf-activate-iid=OAFIID:GNOME_ClockApplet_Factory --oaf-ior-fd=22]
owned by unix-user:davidz (check requested by system-bus-name::1.622
[/usr/libexec/gnome-clock-applet-mechanism])
every time the GNOME clock applet starts. It does this so it knows
whether to use "Set" or "Set..." for the timezone buttons.
Since polkit doesn't enforce anything, the mechanisms really should be
the ones logging events. Sure, that means going through all the
mechanisms and adding logging but, hey, it should probably have been
there in the first place _anyway_.
So I'm thinking we should just kill the ALLOWING and DENYING log
messages from polkitd. We'd want to keep log messages when
authorizations are obtained through authentication though (and possibly
when temporary authorizations expire too - but that's another patch).
Thoughts?
(FWIW, I just made the pkexec(1) mechanism do that, see
http://cgit.freedesktop.org/PolicyKit/commit/?id=12e4ee339b38b8ff3742114d69154bb614c37748
for details.)
Thanks,
David
More information about the polkit-devel
mailing list