PolicyKit/doc TODO,1.1.1.1,1.2

David Zeuthen david at kemper.freedesktop.org
Mon Jun 5 16:39:02 PDT 2006 

Update of /cvs/hal/PolicyKit/doc
In directory kemper:/tmp/cvs-serv24124/doc

Modified Files:
	TODO 
Log Message:
2006-06-05  David Zeuthen  <davidz at redhat.com>

	Lots of changes! Almost ready for 0.2 release.

	* Makefile.am:
	* README:
	* configure.in:
	* doc/TODO:
	* doc/api/polkit-docs.xml:
	* doc/spec/Makefile.am:
	* doc/spec/polkit-spec.html:
	* doc/spec/polkit-spec.xml.in:
	* libpolkit/Makefile.am:
	* libpolkit/libpolkit-grant.c: (have_questions_handler),
	(libpolkit_grant_provide_answers), (auth_done_handler),
	(libpolkit_grant_new_context),
	(libpolkit_grant_get_libpolkit_context),
	(libpolkit_grant_set_questions_handler),
	(libpolkit_grant_set_grant_complete_handler),
	(libpolkit_grant_initiate_temporary_grant),
	(libpolkit_grant_get_user_for_auth),
	(libpolkit_grant_get_pam_service_for_auth),
	(libpolkit_grant_close), (libpolkit_grant_free_context),
	(libpolkit_grant_get_user), (libpolkit_grant_get_privilege),
	(libpolkit_grant_get_resource):
	* libpolkit/libpolkit-grant.h:
	* libpolkit/libpolkit.c:
	(libpolkit_get_allowed_resources_for_privilege_for_uid),
	(libpolkit_is_uid_allowed_for_privilege):
	* libpolkit/libpolkit.h:
	* pam-polkit-console/Makefile.am:
	* pam-polkit-console/pam-polkit-console.c: (_pam_log),
	(_parse_module_args), (_is_local_xconsole), (_poke_polkitd),
	(pam_sm_authenticate), (pam_sm_setcred), (pam_sm_open_session),
	(pam_sm_close_session):
	* polkit-interface-manager.xml:
	* polkit-interface-session.xml:
	* polkit.pc.in:
	* polkitd/PolicyKit.in:
	* polkitd/main.c: (handle_sigusr1), (sigusr1_iochn_data), (main):
	* polkitd/policy.c: (txt_backend_read_policy),
	(txt_backend_read_list), (txt_backend_read_word),
	(policy_get_sufficient_privileges),
	(policy_get_required_privileges),
	(policy_get_auth_details_for_policy),
	(_policy_is_uid_gid_allowed_for_policy),
	(policy_is_uid_gid_allowed_for_policy),
	(policy_is_uid_allowed_for_policy):
	* polkitd/policy.h:
	* polkitd/polkit-manager.c: (_granting_temp_priv),
	(_revoking_temp_priv), (polkit_manager_error_get_type),
	(bus_name_owner_changed), (polkit_manager_get_caller_info),
	(_check_for_temp_privilege),
	(polkit_manager_initiate_temporary_privilege_grant),
	(polkit_manager_is_user_privileged),
	(polkit_manager_get_allowed_resources_for_privilege),
	(polkit_manager_revoke_temporary_privilege),
	(polkit_manager_add_temporary_privilege),
	(polkit_manager_remove_temporary_privilege),
	(polkit_manager_update_desktop_console_privileges):
	* polkitd/polkit-manager.h:
	* polkitd/polkit-session.c: (polkit_session_close),
	(polkit_session_grant_privilege_temporarily), (polkit_session_new),
	(polkit_session_initiator_disconnected):
	* polkitd/polkit-session.h:
	* privileges/desktop-console.privilege:
	* tools/Makefile.am:
	* tools/polkit-grant-privilege.c: (questions_cb),
	(grant_complete_cb), (main):
	* tools/polkit-is-privileged.c: (usage), (main):
	* tools/polkit-list-privileges.c: (main):
	* tools/polkit-revoke-privilege.c: (main):



Index: TODO
===================================================================
RCS file: /cvs/hal/PolicyKit/doc/TODO,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- TODO	8 Mar 2006 01:52:03 -0000	1.1.1.1
+++ TODO	5 Jun 2006 23:39:00 -0000	1.2
@@ -1,2 +1,37 @@
 
-TODO
+DONE
+
+ - Write up a nice spec about how all this works since it can be a bit
+   confusing
+
+ - Refine the .privilege file format so e.g. user 'foo' is always
+   allowed to grant privilege 'bar' to other users. Also other stuff.
+
+ - write polkit-revoke-privilege
+
+ - make polkit-list-privileges and polkit-is-privileged display if a
+   privilege is granted permanently or temporary. Also display if it's
+   confined to a certain D-BUS connection.
+
+ - Factor out auth code in polkit-is-privileged into a GObject and put
+   it in a libpolkit-gobject library (since the interaction is pretty
+   hairy (see interaction diagram in polkitd/polkit-session.c) I will
+   not put this in libpolkit as I want to use the glib bindings and
+   these require the glib main loop => not suitable for Qt etc.)
+
+PENDING
+
+ - Make polkitd emit signals on an interface such that privileged apps
+   can be notified when privileges are granted and revoked. Also
+   export other useful query operations.
+
+ - make D-BUS interface in general and polkit-grant-privilege in
+   particular capable of granting privs permanently
+
+ - write some man pages
+
+ - write libpolkit-gnome that GNOME apps can consume
+
+ - implement D-BUS interfaces suitable for a GUI privilege editor
+
+ - write more tests; audit code

More information about the hal-commit mailing list