On Fri, 2009-12-11 at 15:42 -0500, Matthew Miller wrote: > On Fri, Dec 11, 2009 at 03:27:19PM -0500, David Zeuthen wrote: > > I just implemented this - see > > https://bugs.freedesktop.org/show_bug.cgi?id=25594 > > Awesome. Thanks much. Sorry I've been swamped with other things > recently -- didn't mean to just pop up with complaints and then > fall off the map.
No problemo. Hmm, thinking about all this again, I'm not sure we should log things like Dec 15 13:50:03 localhost polkitd(authority=local): DENYING action org.freedesktop.policykit.exec for unix-process:3600:33175877 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.619 [pkexec bash]) Dec 15 13:47:57 localhost polkitd(authority=local): ALLOWING action org.freedesktop.policykit.example.pkexec.run-frobnicate for unix-process:2459:33129230 [bash] owned by unix-user:davidz (check requested by system-bus-name::1.616 [pkexec /usr/bin/pk-example-frobnicate]) Isn't it just noise? I mean, the way it's designed is that even unprivileged users can ask if any subject (e.g. process) is authorized (as long as the subject owned by said user). For example, the system time mechanism does that - for example Dec 15 13:58:47 localhost polkitd(authority=local): ALLOWING action org.gnome.clockapplet.mechanism.settime for system-bus-name::1.620 [/usr/libexec/clock-applet --oaf-activate-iid=OAFIID:GNOME_ClockApplet_Factory --oaf-ior-fd=22] owned by unix-user:davidz (check requested by system-bus-name::1.622 [/usr/libexec/gnome-clock-applet-mechanism]) every time the GNOME clock applet starts. It does this so it knows whether to use "Set" or "Set..." for the timezone buttons. Since polkit doesn't enforce anything, the mechanisms really should be the ones logging events. Sure, that means going through all the mechanisms and adding logging but, hey, it should probably have been there in the first place _anyway_. So I'm thinking we should just kill the ALLOWING and DENYING log messages from polkitd. We'd want to keep log messages when authorizations are obtained through authentication though (and possibly when temporary authorizations expire too - but that's another patch). Thoughts? (FWIW, I just made the pkexec(1) mechanism do that, see http://cgit.freedesktop.org/PolicyKit/commit/?id=12e4ee339b38b8ff3742114d69154bb614c37748 for details.) Thanks, David _______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/polkit-devel
