PolicyKit/doc TODO,1.1.1.1,1.2
David Zeuthen
david at kemper.freedesktop.org
Mon Jun 5 16:39:02 PDT 2006
Update of /cvs/hal/PolicyKit/doc
In directory kemper:/tmp/cvs-serv24124/doc
Modified Files:
TODO
Log Message:
2006-06-05 David Zeuthen <davidz at redhat.com>
Lots of changes! Almost ready for 0.2 release.
* Makefile.am:
* README:
* configure.in:
* doc/TODO:
* doc/api/polkit-docs.xml:
* doc/spec/Makefile.am:
* doc/spec/polkit-spec.html:
* doc/spec/polkit-spec.xml.in:
* libpolkit/Makefile.am:
* libpolkit/libpolkit-grant.c: (have_questions_handler),
(libpolkit_grant_provide_answers), (auth_done_handler),
(libpolkit_grant_new_context),
(libpolkit_grant_get_libpolkit_context),
(libpolkit_grant_set_questions_handler),
(libpolkit_grant_set_grant_complete_handler),
(libpolkit_grant_initiate_temporary_grant),
(libpolkit_grant_get_user_for_auth),
(libpolkit_grant_get_pam_service_for_auth),
(libpolkit_grant_close), (libpolkit_grant_free_context),
(libpolkit_grant_get_user), (libpolkit_grant_get_privilege),
(libpolkit_grant_get_resource):
* libpolkit/libpolkit-grant.h:
* libpolkit/libpolkit.c:
(libpolkit_get_allowed_resources_for_privilege_for_uid),
(libpolkit_is_uid_allowed_for_privilege):
* libpolkit/libpolkit.h:
* pam-polkit-console/Makefile.am:
* pam-polkit-console/pam-polkit-console.c: (_pam_log),
(_parse_module_args), (_is_local_xconsole), (_poke_polkitd),
(pam_sm_authenticate), (pam_sm_setcred), (pam_sm_open_session),
(pam_sm_close_session):
* polkit-interface-manager.xml:
* polkit-interface-session.xml:
* polkit.pc.in:
* polkitd/PolicyKit.in:
* polkitd/main.c: (handle_sigusr1), (sigusr1_iochn_data), (main):
* polkitd/policy.c: (txt_backend_read_policy),
(txt_backend_read_list), (txt_backend_read_word),
(policy_get_sufficient_privileges),
(policy_get_required_privileges),
(policy_get_auth_details_for_policy),
(_policy_is_uid_gid_allowed_for_policy),
(policy_is_uid_gid_allowed_for_policy),
(policy_is_uid_allowed_for_policy):
* polkitd/policy.h:
* polkitd/polkit-manager.c: (_granting_temp_priv),
(_revoking_temp_priv), (polkit_manager_error_get_type),
(bus_name_owner_changed), (polkit_manager_get_caller_info),
(_check_for_temp_privilege),
(polkit_manager_initiate_temporary_privilege_grant),
(polkit_manager_is_user_privileged),
(polkit_manager_get_allowed_resources_for_privilege),
(polkit_manager_revoke_temporary_privilege),
(polkit_manager_add_temporary_privilege),
(polkit_manager_remove_temporary_privilege),
(polkit_manager_update_desktop_console_privileges):
* polkitd/polkit-manager.h:
* polkitd/polkit-session.c: (polkit_session_close),
(polkit_session_grant_privilege_temporarily), (polkit_session_new),
(polkit_session_initiator_disconnected):
* polkitd/polkit-session.h:
* privileges/desktop-console.privilege:
* tools/Makefile.am:
* tools/polkit-grant-privilege.c: (questions_cb),
(grant_complete_cb), (main):
* tools/polkit-is-privileged.c: (usage), (main):
* tools/polkit-list-privileges.c: (main):
* tools/polkit-revoke-privilege.c: (main):
Index: TODO
===================================================================
RCS file: /cvs/hal/PolicyKit/doc/TODO,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- TODO 8 Mar 2006 01:52:03 -0000 1.1.1.1
+++ TODO 5 Jun 2006 23:39:00 -0000 1.2
@@ -1,2 +1,37 @@
-TODO
+DONE
+
+ - Write up a nice spec about how all this works since it can be a bit
+ confusing
+
+ - Refine the .privilege file format so e.g. user 'foo' is always
+ allowed to grant privilege 'bar' to other users. Also other stuff.
+
+ - write polkit-revoke-privilege
+
+ - make polkit-list-privileges and polkit-is-privileged display if a
+ privilege is granted permanently or temporary. Also display if it's
+ confined to a certain D-BUS connection.
+
+ - Factor out auth code in polkit-is-privileged into a GObject and put
+ it in a libpolkit-gobject library (since the interaction is pretty
+ hairy (see interaction diagram in polkitd/polkit-session.c) I will
+ not put this in libpolkit as I want to use the glib bindings and
+ these require the glib main loop => not suitable for Qt etc.)
+
+PENDING
+
+ - Make polkitd emit signals on an interface such that privileged apps
+ can be notified when privileges are granted and revoked. Also
+ export other useful query operations.
+
+ - make D-BUS interface in general and polkit-grant-privilege in
+ particular capable of granting privs permanently
+
+ - write some man pages
+
+ - write libpolkit-gnome that GNOME apps can consume
+
+ - implement D-BUS interfaces suitable for a GUI privilege editor
+
+ - write more tests; audit code
More information about the hal-commit
mailing list