PolicyKit: Branch 'wip/js-rule-files' - 2 commits

David Zeuthen david at kemper.freedesktop.org
Wed May 23 12:54:55 PDT 2012 

 configure.ac                  |   34 +++++++++++++++++-----------------
 docs/man/polkit.xml           |   26 +++++++++++++++++++++++++-
 src/polkit/Makefile.am        |    6 +++---
 src/polkitbackend/Makefile.am |    6 +++---
 4 files changed, 48 insertions(+), 24 deletions(-)

New commits:
commit b8f326194efab5feac819079ca9abb0b9f477103
Author: David Zeuthen <davidz at redhat.com>
Date:   Wed May 23 15:53:35 2012 -0400

    Rename --enable-systemd to --enable-libsystemd-login
    
    It's useful to be more specific because we also want an option to
    install a systemd .service file which you may not want even if you are
    using libsystemd-login...
    
    Signed-off-by: David Zeuthen <davidz at redhat.com>

diff --git a/configure.ac b/configure.ac
index 7b7f3eb..2712e19 100644
--- a/configure.ac
+++ b/configure.ac
@@ -152,33 +152,33 @@ if test "x$GCC" = "xyes"; then
 fi
 
 dnl ---------------------------------------------------------------------------
-dnl - Select wether to use systemd or ConsoleKit for session tracking
+dnl - Select wether to use libsystemd-login or ConsoleKit for session tracking
 dnl ---------------------------------------------------------------------------
 
-have_systemd=no
+have_libsystemd_login=no
 SESSION_TRACKING=ConsoleKit
 
-AC_ARG_ENABLE([systemd],
-              AS_HELP_STRING([--enable-systemd[=@<:@auto/yes/no@:>@]], [Use systemd (auto/yes/no)]),
-              [enable_systemd=$enableval],
-              [enable_systemd=auto])
-if test "$enable_systemd" != "no"; then
-  PKG_CHECK_MODULES(SYSTEMD,
+AC_ARG_ENABLE([libsystemd-login],
+              AS_HELP_STRING([--enable-libsystemd-login[=@<:@auto/yes/no@:>@]], [Use libsystemd-login (auto/yes/no)]),
+              [enable_libsystemd_login=$enableval],
+              [enable_libsystemd_login=auto])
+if test "$enable_libsystemd_login" != "no"; then
+  PKG_CHECK_MODULES(LIBSYSTEMD_LOGIN,
                     [libsystemd-login],
-                    have_systemd=yes,
-                    have_systemd=no)
-  if test "$have_systemd" = "yes"; then
-    SESSION_TRACKING=systemd
+                    have_libsystemd_login=yes,
+                    have_libsystemd_login=no)
+  if test "$have_libsystemd_login" = "yes"; then
+    SESSION_TRACKING=libsystemd-login
   else
-    if test "$enable_systemd" = "yes"; then
-      AC_MSG_ERROR([systemd support requested but libsystemd-login1 library not found])
+    if test "$enable_libsystemd_login" = "yes"; then
+      AC_MSG_ERROR([libsystemd-login support requested but libsystemd-login library not found])
     fi
   fi
 fi
 
-AC_SUBST(SYSTEMD_CFLAGS)
-AC_SUBST(SYSTEMD_LIBS)
-AM_CONDITIONAL(HAVE_SYSTEMD, [test "$have_systemd" = "yes"], [Using systemd])
+AC_SUBST(LIBSYSTEMD_LOGIN_CFLAGS)
+AC_SUBST(LIBSYSTEMD_LOGIN_LIBS)
+AM_CONDITIONAL(HAVE_LIBSYSTEMD_LOGIN, [test "$have_libsystemd_login" = "yes"], [Using libsystemd-login])
 
 dnl ---------------------------------------------------------------------------
 dnl - Select which authentication framework to use
diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am
index 1068ea1..39d6d84 100644
--- a/src/polkit/Makefile.am
+++ b/src/polkit/Makefile.am
@@ -81,7 +81,7 @@ libpolkit_gobject_1_la_SOURCES =                                   			\
 	polkitpermission.c			polkitpermission.h			\
         $(NULL)
 
-if HAVE_SYSTEMD
+if HAVE_LIBSYSTEMD_LOGIN
 libpolkit_gobject_1_la_SOURCES += \
 	polkitunixsession-systemd.c		polkitunixsession.h
 else
@@ -92,12 +92,12 @@ endif
 libpolkit_gobject_1_la_CFLAGS =                                        	\
         -D_POLKIT_COMPILATION                                  		\
         $(GLIB_CFLAGS)							\
-	$(SYSTEMD_CFLAGS)						\
+	$(LIBSYSTEMD_LOGIN_CFLAGS)					\
         $(NULL)
 
 libpolkit_gobject_1_la_LIBADD =                               		\
         $(GLIB_LIBS)							\
-	$(SYSTEMD_LIBS)							\
+	$(LIBSYSTEMD_LOGIN_LIBS)					\
         $(NULL)
 
 libpolkit_gobject_1_la_LDFLAGS = -export-symbols-regex '(^polkit_.*)'
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index b1a70c0..4fae20a 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -52,7 +52,7 @@ libpolkit_backend_1_la_SOURCES =                                   			\
 	polkitbackendlocalauthorizationstore.h	polkitbackendlocalauthorizationstore.c	\
         $(NULL)
 
-if HAVE_SYSTEMD
+if HAVE_LIBSYSTEMD_LOGIN
 libpolkit_backend_1_la_SOURCES += \
 	polkitbackendsessionmonitor.h		polkitbackendsessionmonitor-systemd.c
 else
@@ -64,13 +64,13 @@ libpolkit_backend_1_la_CFLAGS =                                        	\
         -D_POLKIT_COMPILATION                                  		\
         -D_POLKIT_BACKEND_COMPILATION                                  	\
         $(GLIB_CFLAGS)							\
-	$(SYSTEMD_CFLAGS)						\
+	$(LIBSYSTEMD_LOGIN_CFLAGS)					\
 	$(LIBJS_CFLAGS)							\
         $(NULL)
 
 libpolkit_backend_1_la_LIBADD =                               		\
         $(GLIB_LIBS)							\
-	$(SYSTEMD_LIBS)							\
+	$(LIBSYSTEMD_LOGIN_LIBS)					\
 	$(top_builddir)/src/polkit/libpolkit-gobject-1.la		\
 	$(EXPAT_LIBS)							\
 	$(LIBJS_LIBS)							\
commit 1724ece5c7b5a9f70969fd88e1a2dede8936e768
Author: David Zeuthen <davidz at redhat.com>
Date:   Wed May 23 14:12:38 2012 -0400

    Add real-world example featuring udisks2 and the drive.* variables it passes
    
    Signed-off-by: David Zeuthen <davidz at redhat.com>

diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index 0632c95..e822d79 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -809,7 +809,7 @@ polkit.addRule(function(action, subject, details) {
         The following example showcases two things
       </para>
       <itemizedlist mark='opencircle' spacing='compact'>
-        <listitem><para>how the authorization decision can depend on data passed by the mechanism</para></listitem>
+        <listitem><para>how the authorization decision can depend on variables passed by the mechanism</para></listitem>
         <listitem><para>how to override the message shown in the authentication dialog</para></listitem>
       </itemizedlist>
       <programlisting><![CDATA[
@@ -822,6 +822,30 @@ polkit.addRule(function(action, subject, details) {
 });
 ]]></programlisting>
 
+      <para>
+        The following example shows another use of variables passed from the
+        mechanism. In this case, the mechanism is
+        <ulink url="http://udisks.freedesktop.org/docs/latest/udisks.8.html">UDisks</ulink>
+        which defines a set of
+        <ulink url="http://udisks.freedesktop.org/docs/latest/udisks-polkit-actions.html">actions</ulink>
+        and also documents the set of possible
+        <ulink url="http://udisks.freedesktop.org/docs/latest/udisks2-Utilities.html#udisks-polkit-details">variables</ulink>
+        passed along with each request.
+      </para>
+      <programlisting><![CDATA[
+// Allow users in group 'engineers' to perform any operation on
+// some drives without having to authenticate
+//
+polkit.addRule(function(action, subject, details) {
+    if (action.indexOf("org.freedesktop.udisks2.") == 0 &&
+        details["drive.vendor"] == "SEAGATE" &&
+        details["drive.model"] == "ST3300657SS" &&
+        subject.isInGroup("engineers")) {
+            return "yes";
+        }
+    }
+});
+]]></programlisting>
     </refsect2>
   </refsect1>

More information about the hal-commit mailing list