PolicyKit: Branch 'master'
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Wed Nov 29 09:46:52 UTC 2023
data/meson.build | 14 +++++++++++++-
data/polkit.conf.in | 1 +
data/polkit.service.in | 1 -
meson.build | 8 ++++++++
meson_options.txt | 1 +
5 files changed, 23 insertions(+), 2 deletions(-)
New commits:
commit 24f1e0af3f7bd17e220cb96201f3c654e737ad34
Author: Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl>
Date: Wed Nov 29 09:46:50 2023 +0000
Add sysusers file
diff --git a/data/meson.build b/data/meson.build
index 651d2cf..74d2454 100644
--- a/data/meson.build
+++ b/data/meson.build
@@ -1,4 +1,8 @@
-service_conf = {'libprivdir': pk_prefix / pk_libprivdir, 'polkitd_user': polkitd_user}
+service_conf = {
+ 'libprivdir': pk_prefix / pk_libprivdir,
+ 'polkitd_user': polkitd_user,
+ 'polkitd_uid': polkitd_uid,
+}
configure_file(
input: 'org.freedesktop.PolicyKit1.service.in',
@@ -34,6 +38,14 @@ if session_tracking == 'libsystemd-login'
install: true,
install_dir: systemd_systemdsystemunitdir,
)
+
+ configure_file(
+ input: 'polkit.conf.in',
+ output: '@BASENAME@',
+ configuration: service_conf,
+ install: true,
+ install_dir: systemd_sysusers_dir,
+ )
endif
install_data(
diff --git a/data/polkit.conf.in b/data/polkit.conf.in
new file mode 100644
index 0000000..20535ac
--- /dev/null
+++ b/data/polkit.conf.in
@@ -0,0 +1 @@
+u @polkitd_user@ @polkitd_uid@ "User for polkitd"
diff --git a/data/polkit.service.in b/data/polkit.service.in
index 539a25d..e6db351 100644
--- a/data/polkit.service.in
+++ b/data/polkit.service.in
@@ -10,7 +10,6 @@ DeviceAllow=/dev/null rw
DevicePolicy=strict
ExecStart=@libprivdir@/polkitd --no-debug
User=@polkitd_user@
-Group=@polkitd_user@
LimitMEMLOCK=0
LockPersonality=yes
MemoryDenyWriteExecute=yes
diff --git a/meson.build b/meson.build
index e86f87e..23d5f28 100644
--- a/meson.build
+++ b/meson.build
@@ -218,6 +218,8 @@ if enable_logind
# FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
endif
+
+ systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
endif
config_h.set('HAVE_LIBSYSTEMD', enable_logind)
@@ -227,6 +229,9 @@ config_h.set('HAVE_PIDFD_OPEN', cc.get_define('SYS_pidfd_open', prefix: '#includ
polkitd_user = get_option('polkitd_user')
config_h.set_quoted('POLKITD_USER', polkitd_user)
+polkitd_uid = get_option('polkitd_uid')
+config_h.set('POLKITD_UID', polkitd_uid)
+
# Select which authentication framework to use
auth_deps = []
@@ -403,6 +408,9 @@ if enable_logind
output += ' systemdsystemunitdir: ' + systemd_systemdsystemunitdir + '\n'
endif
output += ' polkitd user: ' + polkitd_user + ' \n'
+if polkitd_uid != '-'
+ output += ' polkitd UID: ' + polkitd_uid + ' \n'
+endif
output += ' Javascript engine: ' + js_engine + '\n'
output += ' PAM support: ' + enable_pam.to_string() + '\n\n'
if libs_only
diff --git a/meson_options.txt b/meson_options.txt
index 9066bb2..71588ba 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -3,6 +3,7 @@ option('systemdsystemunitdir', type: 'string', value: '', description: 'custom d
option('libs-only', type: 'boolean', value: false, description: 'Only build libraries (skips building polkitd)')
option('polkitd_user', type: 'string', value: 'polkitd', description: 'User for running polkitd (polkitd)')
+option('polkitd_uid', type: 'string', value: '-', description: 'Fixed UID for user running polkitd (polkitd)')
option('authfw', type: 'combo', choices: ['pam', 'shadow', 'bsdauth'], value: 'pam', description: 'Authentication framework (pam/shadow)')
option('os_type', type: 'combo', choices: ['redhat', 'suse', 'gentoo', 'pardus', 'solaris', 'netbsd', 'lfs', ''], value: '', description: 'distribution or OS')
More information about the hal-commit
mailing list