[systemd-devel] Work on adding polkit support to systemd1
David Herrmann
dh.herrmann at gmail.com
Mon Sep 1 02:47:24 PDT 2014
Hi
On Mon, Sep 1, 2014 at 9:51 AM, Stef Walter <stefw at redhat.com> wrote:
> On 18.08.2014 18:22, Lennart Poettering wrote:
>> I have now pushed this, after reworking this on top some major changes
>> to bus_verify_polkit(), which avoids having to pass the original
>> callbacks through to the function that ultimately does the verification.
>>
>> While merging I also made another change, you are probably not going to
>> like: I turned of the interactivity for the polkit checks. Interactivity
>> needs to be optional, and it currently is for all out polkit-enabled bus
>> methods. And we should do the same for the PID 1 offered methods.
>
> Ugh.
>
>> Now, of course, we should open this up for inetractive (after all,
>> that's what polkit is good for), but we probably need a new set of
>> methods for that, which take the original arguments but also take a
>> boolean argument to enable ineractivity. Hence, we probably should have
>> StartUnit2() in addition to StartUnit().
>
> That seems ugly. I think we should either:
>
> * Have a method which we can invoke to make a client opt into
> interactive polkit prompting for any invoked method.
>
> * Version all the org.freedesktop.systemd1.Manager to
> org.freedesktop.systemd1.Manager2 or something like that and support
> both interfaces.
We had the idea to reserve a single bit in the dbus message header for
that. See the discussion on the dbus-ML:
http://lists.freedesktop.org/archives/dbus/2014-August/016294.html
It looks like the most sane way to resolve this issue, imho.
Thanks
David
More information about the systemd-devel
mailing list