PolicyKit 0.90 (pre-)release
david at fubar.dk
Tue Jan 20 23:23:02 PST 2009
As mentioned earlier I've been working on a rewrite of PolicyKit here
To recap, the main motivation for this rewrite is to make it easier to
write backends that reads authorizations from a networked resource (such
as a LDAP server). In addition, I (and others) have identified a couple
shortcomings in the current PolicyKit that we can fix at the same time.
The new version 0.90 series of PolicyKit (0.90 because it's leading up
to 1.0) is parallel-installable with the current PolicyKit 0.9.x series.
Here's a brief list of differences
- Everything now goes through a central system daemon as opposed to
a library with a bunch of setuid/setgid helpers. The daemon is
accessible via D-Bus, see
for the D-Bus interface.
- GLib is used throughout so the porting issues (for BSD and Solaris)
with libkit etc. should be a thing of the past
- The authorization backend to use can be chosen at run-time (not
yet implemented but easy) using the GIO extension point system
- There's a GObject based library to access the PolicyKit daemon, see
with both synchronous and asynchronous functions.
Desktop environments etc. that doesn't use GObject are encouraged to
write their own client libraries that fit better into their object
- Authentications agents now have to register with the PolicyKit
daemon and requests to obtain an authorization through authentication
is now passed through the main system daemon (as opposed to a
session bus service).
- When checking authorizations, applications can pass a flag to allow
user interaction. This should make it much simpler to use PolicyKit;
instead of the having to go through this painful model here
where a lot of work is put on the user of the application to poke
the authentication agent, everything can now happen out of band.
- The "retain authorizations" check boxes have been removed. A lot
of people didn't like them and I admit they didn't add much value.
- It's now possible to grant authorizations to Unix groups
Now, a few words about this (pre-)release. Don't put it in any stable
distros! In particular the code hasn't seen any security audit at all,
there's still a lot of TODO's left in the code and I'm pretty sure that
it isn't secure. Also there's very little documentation nor is there any
guide for how to port applications from PolicyKit 0.9 to the new
I'm doing this release today mostly because I've gotten to a point where
most operations work with the limited examples I've tried.. and I think
the high-level architecture is more or less in place.
There's no TODO list yet. I'll be posting that tomorrow along with a
roadmap for getting to PolicyKit 1.0.
Tarballs can be found here
More information about the polkit-devel