Hello! While recently rummaging around in polkit policies in our SUSE distributions I've noticed that there are a couple of packages existing that define pkexec annotations like this:
<annotate key="org.freedesktop.policykit.exec.argv2">install</annotate> It took we a while to find out that polkit actually only supports an annotation for 'argv1' and not for further command line arguments. Thinking that there can be multiple 'argv<N>' annotations seems to be natural for a number of people ([1], [2], [3], [4]). I would like to suggest to be more explicit in the documentation about this limitation to 'argv1'. Also maybe polkit should fail if annotations containing anything different than 'argv1' are encountered. Or, even better, actually implement this feature. Cheers Matthias [1]: https://github.com/mesonbuild/meson/issues/4758 [2]: https://github.com/julio641742/fedora-update/issues/5 [3]: https://github.com/felix-lang/fbuild/issues/38 [4]: https://01.org/linuxgraphics/forum/graphics-update-tool-discussions/polkit-actions-installed-update-tool-break-other-calls-dnf -- Matthias Gerstner <matthias.gerst...@suse.de> Dipl.-Wirtsch.-Inf. (FH), Security Engineer https://www.suse.com/security Telefon: +49 911 740 53 290 GPG Key ID: 0x14C405C971923553 SUSE Linux GmbH GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nuernberg)
signature.asc
Description: PGP signature
_______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/polkit-devel