PolicyKit 0.3

David Zeuthen david at fubar.dk
Tue Jun 19 23:15:49 PDT 2007 

Hi,

Here's (finally!) a release of PolicyKit! See [1] for details.

 http://people.freedesktop.org/~david/dist/PolicyKit-0.3.tar.gz
 http://people.freedesktop.org/~david/dist/PolicyKit-gnome-0.3.tar.bz2

At least it works for me, but expect some build issues; no-one but me
really built this code yet. If you're running Fedora Rawhide, here are
some SRPM's

 http://people.freedesktop.org/~david/PolicyKit-0.3-1.fc8.src.rpm
 http://people.freedesktop.org/~david/PolicyKit-gnome-0.3-1.fc8.src.rpm

They might be useful for others too - such as to get the packaging
details right since PolicyKit contains a setgid binary etc. These SRPM's
will probably hit Fedora Rawhide soon.

Right now it doesn't do a lot; it's a library after all. There is
however, a small demo in the GNOME tarball; here's a screenshot

 http://people.freedesktop.org/~david/PolicyKit-0.3.png

and the source is in examples/ in the tarball. I've also written down
the why+how document and there's a copy here

 http://people.freedesktop.org/~david/polkit-spec.html

Later this week I'll release HAL 0.5.10rc1 (there's a few patches on the
list I want to commit; sorry for being slow to respond) + an updated
gnome-mount that will take advantage of this new library.

As noted in the NEWS files I cannot recommend including this yet in a
stable distro; it's security sensitive code and there's still a few
things that need to be properly audited. The plan is to release PK 0.4
within a month or so and then HAL 0.5.10 right after that. It should be
feasible, here's a list of TODO items:

 - Have someone review the external API

 - Verify the security model

 - Audit all code; especially the setgid helper

 - Completely rework the lower layer that reads machine-local
   configuration; right now we have the notion of PolicyKit modules;
   am almost certain that needs to go. Especially in the light of the
   fact that we no longer care about Objects/PolKitResource. Probably
   some simple XML will do; no need to load .so files I think. Keep
   It Simple.

 - Granted privileges are currently world-visible; see
   https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244941
   for details. This may just be a Fedora-ism. Alternatively, depending
   on what the FHS says, punt it to the distros and ask them to clean
   up the directories during boot?

 - Add missing details to the spec document
   - provide some real world examples e.g. how the example from
     the PolicyKit-gnome app works. Preferably in tutorial form.
   - more detailed description of the internals, e.g. the dirs
     /var/lib/PolicyKit and /var/run/PolicyKit

 - Clean up all man pages

 - Polish the commandline tools (especially polkit-list-actions could
   be nicer)

 - Make sure API coverage is 100%

 - Have support for systems that don't use the root account; e.g.
   instead of authenticating as root, authenticate any user in
   e.g. the 'wheel' group. Probably means we need a combobox in the UI
   bits (e.g. PolicyKit-gnome + friends) for selecting the user to
   auth as.

 - Go to 1.0 soon

 - Potentially drop the glib dependency (it's not visible in the
   external API)

and not all of them applies to 0.4. For PolicyKit-gnome, here's the list

 - Extend the D-Bus interface to take an XID so the dialog can be
   managed accordingly by the Window Manager

 - Would it make sense to have a convience library libpolkit-gnome
   that calls into the D-Bus service?

 - HIGgy stuff

 - Clean up the code; parts of it is somewhat a mess right now; do
   we really need to link to libgnome and libgnome-ui?

 - Support for systems that don't use the root account; e.g.  instead
   of authenticating as root, authenticate any user in e.g. the
   'wheel' group. Probably means we need a combobox for selecting the
   user to auth as.

 - Move the GNOME SVN (ticket ID [gnome.org #2863])

 - Make the daemon exit after 30 seconds of no service requests

 - Make the example use the new D-Bus system bus activation for the
   helper as well as the (to be) setuid binary we've got now

Thoughts and feedback is very welcome. Thanks.

      David

[1] : From the NEWS file

==========
PolicyKit 0.3 "No Man's Land"
==========

Released on June 20th 2007.

This is the first release of PolicyKit. 

WARNING WARNING WARNING: do not use this software in a stable
distribution; there are still security sensitive things that needs to
be audited.

Requirements for PolicyKit 0.3 "No Man's Land"

 - dbus             >= 0.90
 - glib             >= 2.6.0
 - ConsoleKit       >= 0.2.1
 - expat            >= 1.95.8

More information about the hal mailing list