PolicyKit: Branch 'master' - 2 commits
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Thu Feb 25 18:34:32 UTC 2021
configure.ac | 11 -
docs/man/polkit.xml | 23 +-
docs/polkit-1-diagrams.svg | 108 ++++++------
docs/polkit-architecture.png |binary
meson_post_install.py | 3
src/polkitbackend/Makefile.am | 4
src/polkitbackend/meson.build | 1
src/polkitbackend/polkitbackendjsauthority.cpp | 5
test/data/etc/polkit-1/rules.d/15-testing.rules | 6
test/data/usr/local/share/polkit-1/rules.d/10-testing.rules | 24 ++
test/data/usr/local/share/polkit-1/rules.d/25-testing.rules | 39 ++++
test/data/usr/share/polkit-1/rules.d/10-testing.rules | 6
test/data/usr/share/polkit-1/rules.d/20-testing.rules | 12 +
test/polkitbackend/test-polkitbackendjsauthority.c | 43 +++-
14 files changed, 208 insertions(+), 77 deletions(-)
New commits:
commit 2c8287fbd55c5d092370428a1bdbbf0a9fd7d537
Merge: 6e8b226 f1979ce
Author: Jan Rybar <jrybar at redhat.com>
Date: Thu Feb 25 18:34:30 2021 +0000
Merge branch 'pwithnall/polkit-51-usr-local-share-is-my-homeboy' into 'master'
Pwithnall/polkit 51 usr local share is my homeboy
See merge request polkit/polkit!75
commit f1979ce4ceb34d1140e759ec920d0cd2532993d3
Author: Jan Rybar <jrybar at redhat.com>
Date: Thu Feb 25 18:34:30 2021 +0000
test: Fix a typo in a comment
Signed-off-by: Philip Withnall <withnall at endlessm.com>
diff --git a/configure.ac b/configure.ac
index 4ac2219..e22bf86 100644
--- a/configure.ac
+++ b/configure.ac
@@ -605,10 +605,9 @@ echo "NOTE: The file ${bindir}/pkexec must be owned by root and"
echo " have mode 4755 (setuid root binary)"
echo
-echo "NOTE: The directory ${sysconfdir}/polkit-1/rules.d must be owned"
-echo " by user '$POLKITD_USER' and have mode 700"
-echo
-
-echo "NOTE: The directory ${datadir}/polkit-1/rules.d must be owned"
-echo " by user '$POLKITD_USER' and have mode 700"
+echo "NOTE: The directories:"
+echo " - ${sysconfdir}/polkit-1/rules.d"
+echo " - ${prefix}/local/share/polkit-1/rules.d"
+echo " - ${datadir}/polkit-1/rules.d"
+echo " must be owned by user '$POLKITD_USER' and have mode 700"
echo
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml
index 99aa474..8f6a26f 100644
--- a/docs/man/polkit.xml
+++ b/docs/man/polkit.xml
@@ -107,10 +107,11 @@ System Context | |
| | /usr/share/polkit-1/actions/*.policy |
| +--------------------------------------+
|
- +--------------------------------------+
- | /etc/polkit-1/rules.d/*.rules |
- | /usr/share/polkit-1/rules.d/*.rules |
- +--------------------------------------+
+ +--------------------------------------------+
+ | /etc/polkit-1/rules.d/*.rules |
+ | /usr/local/share/polkit-1/rules.d/*.rules |
+ | /usr/share/polkit-1/rules.d/*.rules |
+ +--------------------------------------------+
]]></programlisting>
</textobject>
</mediaobject>
@@ -473,24 +474,28 @@ System Context | |
<para>
<command>polkitd</command> reads
<filename class='extension'>.rules</filename> files from the
- <filename class='directory'>/etc/polkit-1/rules.d</filename> and
- <filename class='directory'>/usr/share/polkit-1/rules.d</filename>
+ <filename class='directory'>/etc/polkit-1/rules.d</filename>,
+ <filename class='directory'>/usr/local/share/polkit-1/rules.d</filename>
+ and <filename class='directory'>/usr/share/polkit-1/rules.d</filename>
directories by sorting the files in lexical order based on the
basename on each file (if there's a tie, files in
<filename class='directory'>/etc</filename>
are processed before files in
- <filename class='directory'>/usr</filename>).
- For example, for the following four
+ <filename class='directory'>/usr/local</filename>, which is in turn
+ processed before <filename class='directory'>/usr</filename>).
+ For example, for the following six
files, the order is
</para>
<itemizedlist mark='opencircle' spacing='compact'>
<listitem><para><filename>/etc/polkit-1/rules.d/10-auth.rules</filename></para></listitem>
+ <listitem><para><filename>/usr/local/share/polkit-1/rules.d/10-auth.rules</filename></para></listitem>
<listitem><para><filename>/usr/share/polkit-1/rules.d/10-auth.rules</filename></para></listitem>
<listitem><para><filename>/etc/polkit-1/rules.d/15-auth.rules</filename></para></listitem>
<listitem><para><filename>/usr/share/polkit-1/rules.d/20-auth.rules</filename></para></listitem>
+ <listitem><para><filename>/usr/local/share/polkit-1/rules.d/25-others.rules</filename></para></listitem>
</itemizedlist>
<para>
- Both directories are monitored so if a rules file is changed,
+ All three directories are monitored so if a rules file is changed,
added or removed, existing rules are purged and all files are
read and processed again. Rules files are written in the
<ulink url="http://en.wikipedia.org/wiki/JavaScript">JavaScript</ulink>
diff --git a/docs/polkit-1-diagrams.svg b/docs/polkit-1-diagrams.svg
index d595ce8..235e22e 100644
--- a/docs/polkit-1-diagrams.svg
+++ b/docs/polkit-1-diagrams.svg
@@ -14,7 +14,7 @@
height="1052.3622047"
id="svg270"
sodipodi:version="0.32"
- inkscape:version="0.48.2 r9819"
+ inkscape:version="0.92.3 (2405546, 2018-03-11)"
sodipodi:docname="polkit-1-diagrams.svg"
inkscape:output_extension="org.inkscape.output.svg.inkscape"
version="1.1">
@@ -562,7 +562,7 @@
x2="196.4196"
y1="89.181732"
x1="52.07793"
- gradientTransform="matrix(1.5328769,0,0,0.51700825,173.82749,458.25449)"
+ gradientTransform="matrix(1.7257205,0,0,0.71046269,163.79547,451.35903)"
gradientUnits="userSpaceOnUse"
id="linearGradient4001"
xlink:href="#linearGradient3144-1-7-5"
@@ -677,13 +677,13 @@
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.4"
- inkscape:cx="347.45975"
- inkscape:cy="686.70778"
+ inkscape:cx="251.03118"
+ inkscape:cy="629.56492"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
- inkscape:window-width="1600"
- inkscape:window-height="841"
+ inkscape:window-width="1920"
+ inkscape:window-height="1016"
inkscape:window-x="0"
inkscape:window-y="27"
inkscape:window-maximized="1" />
@@ -695,7 +695,7 @@
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
- <dc:title></dc:title>
+ <dc:title />
</cc:Work>
</rdf:RDF>
</metadata>
@@ -745,7 +745,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="481.04681"
y="90.185196"
id="text7646"
@@ -756,10 +756,10 @@
x="481.04681"
y="90.185196"
id="tspan7654"
- style="text-align:center;text-anchor:middle">Subject</tspan></text>
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle">Subject</tspan></text>
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="243.28027"
y="77.398422"
id="text7678"
@@ -769,12 +769,12 @@
sodipodi:role="line"
x="243.28027"
y="77.398422"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan7688">Authentication</tspan><tspan
sodipodi:role="line"
x="243.28027"
y="92.398422"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan887">Agent</tspan></text>
<rect
style="fill:url(#linearGradient13600);fill-opacity:1;stroke:#030000;stroke-width:0.55500662;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
@@ -788,7 +788,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="286.21173"
y="332.54059"
id="text13586"
@@ -798,16 +798,16 @@
sodipodi:role="line"
x="286.21173"
y="332.54059"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan13590">org.freedesktop.</tspan><tspan
sodipodi:role="line"
x="286.21173"
y="347.54059"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan13606">PolicyKit1</tspan></text>
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="489.5925"
y="283.14468"
id="text13594"
@@ -817,7 +817,7 @@
sodipodi:role="line"
x="489.5925"
y="283.14468"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan740">Mechanism</tspan></text>
<path
sodipodi:type="arc"
@@ -834,7 +834,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="349.52975"
y="210.38663"
id="text16841"
@@ -844,21 +844,21 @@
sodipodi:role="line"
x="349.52975"
y="210.38663"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan16845">System</tspan><tspan
sodipodi:role="line"
x="349.52975"
y="225.38663"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan16849">Message</tspan><tspan
sodipodi:role="line"
x="349.52975"
y="240.38663"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan16851">Bus</tspan></text>
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="93.62104"
y="143.63353"
id="text22909"
@@ -868,11 +868,11 @@
sodipodi:role="line"
x="93.62104"
y="143.63353"
- style="font-size:18px;text-align:center;text-anchor:middle"
+ style="font-size:18px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan22917">User Session</tspan></text>
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="108.55364"
y="202.5914"
id="text22919"
@@ -882,7 +882,7 @@
sodipodi:role="line"
x="108.55364"
y="202.5914"
- style="font-size:18px;text-align:center;text-anchor:middle"
+ style="font-size:18px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan22927">System Context</tspan></text>
<rect
style="fill:url(#linearGradient709);fill-opacity:1;stroke:#030000;stroke-width:0.42205292;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
@@ -896,7 +896,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="487.01651"
y="325.36105"
id="text28990-4"
@@ -906,7 +906,7 @@
sodipodi:role="line"
x="487.01651"
y="325.36105"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan649-8">libpolkit-gobject-1</tspan></text>
<rect
style="fill:url(#linearGradient860);fill-opacity:1;stroke:#030000;stroke-width:0.35916778;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
@@ -920,7 +920,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="244.12958"
y="122.78507"
id="text28990-4-5"
@@ -930,7 +930,7 @@
sodipodi:role="line"
x="244.12958"
y="122.78507"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan649-8-8">libpolkit-agent-1</tspan></text>
<path
style="fill:none;stroke:#000000;stroke-width:1px;stroke-opacity:1;marker-start:url(#Arrow2Lstart);marker-mid:none;marker-end:url(#Arrow2Lend)"
@@ -968,7 +968,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="445.0928"
y="434.35934"
id="text13594-3"
@@ -978,35 +978,35 @@
sodipodi:role="line"
x="445.0928"
y="434.35934"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan740-0">/usr/share/polkit-1/actions/*.policy</tspan></text>
<rect
- style="fill:url(#linearGradient4001);fill-opacity:1;stroke:#030000;stroke-width:0.80120724;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:19"
+ style="fill:url(#linearGradient4001);fill-opacity:1;stroke:#030000;stroke-width:0.99654835;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:19;stroke-opacity:1"
id="rect7676-4-5-7"
- width="219.8784"
- height="54.837009"
- x="254.34653"
- y="476.94366"
+ width="247.54021"
+ height="75.355957"
+ x="254.4442"
+ y="477.04132"
inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
- x="362.57547"
- y="513.7879"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
+ x="378.04199"
+ y="514.10132"
id="text13594-3-0"
inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
inkscape:export-xdpi="96.720001"
inkscape:export-ydpi="96.720001"><tspan
sodipodi:role="line"
- x="362.57547"
- y="513.7879"
- style="text-align:center;text-anchor:middle"
- id="tspan740-0-5">/usr/share/polkit-1/rules.d/*.rules</tspan></text>
+ x="378.04199"
+ y="514.10132"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
+ id="tspan740-0-5">/usr/local/share/polkit-1/rules.d/*.rules</tspan></text>
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="343.2959"
y="494.95844"
id="text13594-3-0-8"
@@ -1016,7 +1016,7 @@
sodipodi:role="line"
x="343.2959"
y="494.95844"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan740-0-5-4">/etc/polkit-1/rules.d/*.rules</tspan></text>
<path
inkscape:connector-curvature="0"
@@ -1048,7 +1048,7 @@
inkscape:export-ydpi="96.720001" />
<text
xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
x="283.71991"
y="300.79523"
id="text28990-4-5-6"
@@ -1058,7 +1058,21 @@
sodipodi:role="line"
x="283.71991"
y="300.79523"
- style="text-align:center;text-anchor:middle"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
id="tspan649-8-8-7">polkitd(8)</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-style:normal;font-weight:normal;line-height:0%;font-family:'Bitstream Vera Sans';fill:#000000;fill-opacity:1;stroke:none"
+ x="362.57547"
+ y="533.24414"
+ id="text13594-3-0-3"
+ inkscape:export-filename="/home/davidz/Hacking/polkit/docs/polkit-architecture.png"
+ inkscape:export-xdpi="96.720001"
+ inkscape:export-ydpi="96.720001"><tspan
+ sodipodi:role="line"
+ x="362.57547"
+ y="533.24414"
+ style="font-size:12px;line-height:1.25;text-align:center;text-anchor:middle"
+ id="tspan740-0-5-6">/usr/share/polkit-1/rules.d/*.rules</tspan></text>
</g>
</svg>
diff --git a/docs/polkit-architecture.png b/docs/polkit-architecture.png
index 57e1ba2..c107922 100644
Binary files a/docs/polkit-architecture.png and b/docs/polkit-architecture.png differ
diff --git a/meson_post_install.py b/meson_post_install.py
index 784d491..698d1a5 100644
--- a/meson_post_install.py
+++ b/meson_post_install.py
@@ -18,7 +18,8 @@ subprocess.check_call(['chmod', '4755', os.path.join(bindir, 'pkexec')])
dst_dirs = [
os.path.join(pkgsysconfdir, 'rules.d'),
- os.path.join(pkgdatadir, 'rules.d')
+ os.path.join(pkgdatadir, 'rules.d'),
+ os.path.join(prefix, 'local', sys.argv[2], 'rules.d')
]
for dst in dst_dirs:
diff --git a/src/polkitbackend/Makefile.am b/src/polkitbackend/Makefile.am
index 7e3c080..ae01965 100644
--- a/src/polkitbackend/Makefile.am
+++ b/src/polkitbackend/Makefile.am
@@ -15,6 +15,7 @@ AM_CPPFLAGS = \
-DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
-DPACKAGE_LIB_DIR=\""$(libdir)"\" \
+ -DPACKAGE_PREFIX=\""$(prefix)"\" \
-D_POSIX_PTHREAD_SEMANTICS \
-D_REENTRANT \
$(NULL)
@@ -113,6 +114,9 @@ install-data-hook:
mkdir -p $(DESTDIR)$(sysconfdir)/polkit-1/rules.d
-chmod 700 $(DESTDIR)$(sysconfdir)/polkit-1/rules.d
-chown $(POLKITD_USER) $(DESTDIR)$(sysconfdir)/polkit-1/rules.d
+ mkdir -p $(DESTDIR)$(prefix)/local/share/polkit-1/rules.d
+ -chmod 700 $(DESTDIR)$(prefix)/local/share/polkit-1/rules.d
+ -chown $(POLKITD_USER) $(DESTDIR)$(prefix)/local/share/polkit-1/rules.d
mkdir -p $(DESTDIR)$(datadir)/polkit-1/rules.d
-chmod 700 $(DESTDIR)$(datadir)/polkit-1/rules.d
-chown $(POLKITD_USER) $(DESTDIR)$(datadir)/polkit-1/rules.d
diff --git a/src/polkitbackend/meson.build b/src/polkitbackend/meson.build
index 93c3c34..65f1910 100644
--- a/src/polkitbackend/meson.build
+++ b/src/polkitbackend/meson.build
@@ -29,6 +29,7 @@ c_flags = [
'-D_POLKIT_BACKEND_COMPILATION',
'-DPACKAGE_DATA_DIR="@0@"'.format(pk_prefix / pk_datadir),
'-DPACKAGE_SYSCONF_DIR="@0@"'.format(pk_prefix / pk_sysconfdir),
+ '-DPACKAGE_PREFIX="@0@"'.format(pk_prefix),
]
if enable_logind
diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
index ca17108..ba3983d 100644
--- a/src/polkitbackend/polkitbackendjsauthority.cpp
+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
@@ -535,9 +535,10 @@ polkit_backend_js_authority_constructed (GObject *object)
if (authority->priv->rules_dirs == NULL)
{
- authority->priv->rules_dirs = g_new0 (gchar *, 3);
+ authority->priv->rules_dirs = g_new0 (gchar *, 4);
authority->priv->rules_dirs[0] = g_strdup (PACKAGE_SYSCONF_DIR "/polkit-1/rules.d");
- authority->priv->rules_dirs[1] = g_strdup (PACKAGE_DATA_DIR "/polkit-1/rules.d");
+ authority->priv->rules_dirs[1] = g_strdup (PACKAGE_PREFIX "/local/share/polkit-1/rules.d");
+ authority->priv->rules_dirs[2] = g_strdup (PACKAGE_DATA_DIR "/polkit-1/rules.d");
}
authority->priv->rkt_context = g_main_context_new ();
diff --git a/test/data/etc/polkit-1/rules.d/15-testing.rules b/test/data/etc/polkit-1/rules.d/15-testing.rules
index 00e214b..b1ae6dd 100644
--- a/test/data/etc/polkit-1/rules.d/15-testing.rules
+++ b/test/data/etc/polkit-1/rules.d/15-testing.rules
@@ -16,6 +16,12 @@ polkit.addRule(function(action, subject) {
polkit.addRule(function(action, subject) {
if (action.id == "net.company.order2") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order3") {
return polkit.Result.YES;
}
});
diff --git a/test/data/usr/local/share/polkit-1/rules.d/10-testing.rules b/test/data/usr/local/share/polkit-1/rules.d/10-testing.rules
new file mode 100644
index 0000000..cf3cf26
--- /dev/null
+++ b/test/data/usr/local/share/polkit-1/rules.d/10-testing.rules
@@ -0,0 +1,24 @@
+/* -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- */
+
+/* see test/polkitbackend/test-polkitbackendjsauthority.c */
+
+/* NOTE: this is the /usr/local/share/polkit-1/rules.d version of 10-testing.rules */
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order0") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order1") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order2") {
+ return polkit.Result.YES;
+ }
+});
+
diff --git a/test/data/usr/local/share/polkit-1/rules.d/25-testing.rules b/test/data/usr/local/share/polkit-1/rules.d/25-testing.rules
new file mode 100644
index 0000000..df373b6
--- /dev/null
+++ b/test/data/usr/local/share/polkit-1/rules.d/25-testing.rules
@@ -0,0 +1,39 @@
+/* -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- */
+
+/* see test/polkitbackend/test-polkitbackendjsauthority.c */
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order0") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order1") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order2") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order3") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order4") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order5") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
diff --git a/test/data/usr/share/polkit-1/rules.d/10-testing.rules b/test/data/usr/share/polkit-1/rules.d/10-testing.rules
index 1d553f6..5650945 100644
--- a/test/data/usr/share/polkit-1/rules.d/10-testing.rules
+++ b/test/data/usr/share/polkit-1/rules.d/10-testing.rules
@@ -12,6 +12,12 @@ polkit.addRule(function(action, subject) {
polkit.addRule(function(action, subject) {
if (action.id == "net.company.order1") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order2") {
return polkit.Result.YES;
}
});
diff --git a/test/data/usr/share/polkit-1/rules.d/20-testing.rules b/test/data/usr/share/polkit-1/rules.d/20-testing.rules
index 071f135..802577f 100644
--- a/test/data/usr/share/polkit-1/rules.d/20-testing.rules
+++ b/test/data/usr/share/polkit-1/rules.d/20-testing.rules
@@ -19,3 +19,15 @@ polkit.addRule(function(action, subject) {
return polkit.Result.NO; // earlier rule should win
}
});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order3") {
+ return polkit.Result.NO; // earlier rule should win
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (action.id == "net.company.order4") {
+ return polkit.Result.YES;
+ }
+});
diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
index f97e0e0..240c69c 100644
--- a/test/polkitbackend/test-polkitbackendjsauthority.c
+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
@@ -40,12 +40,13 @@ static PolkitBackendJsAuthority *get_authority (void);
static PolkitBackendJsAuthority *
get_authority (void)
{
- gchar *rules_dirs[3] = {0};
+ gchar *rules_dirs[4] = {0};
PolkitBackendJsAuthority *authority;
rules_dirs[0] = polkit_test_get_data_path ("etc/polkit-1/rules.d");
- rules_dirs[1] = polkit_test_get_data_path ("usr/share/polkit-1/rules.d");
- rules_dirs[2] = NULL;
+ rules_dirs[1] = polkit_test_get_data_path ("usr/local/share/polkit-1/rules.d");
+ rules_dirs[2] = polkit_test_get_data_path ("usr/share/polkit-1/rules.d");
+ rules_dirs[3] = NULL;
g_assert (rules_dirs[0] != NULL);
g_assert (rules_dirs[1] != NULL);
@@ -182,7 +183,7 @@ static const RulesTestCase rules_test_cases[] = {
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED,
},
- /* actions without explict rules aren't automatically NOT_AUTHORIZED */
+ /* actions without explicit rules aren't automatically NOT_AUTHORIZED */
{
"basic2",
"net.company.productA.action2",
@@ -191,18 +192,20 @@ static const RulesTestCase rules_test_cases[] = {
POLKIT_IMPLICIT_AUTHORIZATION_UNKNOWN,
},
- /* Ordering tests ... we have four rules files, check they are
+ /* Ordering tests ... we have six rules files, check they are
* evaluated in order by checking the detail set by each rules
*
- * - etc/polkit-1/rules.d/10-testing.rules (file a)
- * - usr/share/polkit-1/rules.d/10-testing.rules (file b)
- * - etc/polkit-1/rules.d/15-testing.rules (file c)
- * - usr/share/polkit-1/rules.d/20-testing.rules (file d)
+ * - etc/polkit-1/rules.d/10-testing.rules (file a)
+ * - usr/local/share/polkit-1/rules.d/10-testing.rules (file b)
+ * - usr/share/polkit-1/rules.d/10-testing.rules (file c)
+ * - etc/polkit-1/rules.d/15-testing.rules (file d)
+ * - usr/share/polkit-1/rules.d/20-testing.rules (file e)
+ * - usr/local/share/polkit-1/rules.d/25-testing.rules (file f)
*
* file.
*/
{
- /* defined in file a, b, c, d - should pick file a */
+ /* defined in file a, b, c, d, e, f - should pick file a */
"order0",
"net.company.order0",
"unix-user:root",
@@ -210,7 +213,7 @@ static const RulesTestCase rules_test_cases[] = {
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
},
{
- /* defined in file b, c, d - should pick file b */
+ /* defined in file b, c, d, e, f - should pick file b */
"order1",
"net.company.order1",
"unix-user:root",
@@ -218,13 +221,29 @@ static const RulesTestCase rules_test_cases[] = {
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
},
{
- /* defined in file c, d - should pick file c */
+ /* defined in file c, d, e, f - should pick file c */
"order2",
"net.company.order2",
"unix-user:root",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
},
+ {
+ /* defined in file d, e, f - should pick file d */
+ "order3",
+ "net.company.order3",
+ "unix-user:root",
+ NULL,
+ POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
+ },
+ {
+ /* defined in file e, f - should pick file e */
+ "order4",
+ "net.company.order4",
+ "unix-user:root",
+ NULL,
+ POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
+ },
/* variables */
{
More information about the hal-commit
mailing list