On Fri, Mar 26, 2010 at 12:58 PM, David Zeuthen <da...@fubar.dk> wrote: > On Wed, 2010-03-24 at 18:22 -0400, Yclept Nemo wrote: >> Polkit contains the >> "/usr/share/polkit-1/actions/org.freedesktop.policykit.policy" actions >> file. Is any accompanying mechanism provided as well? >> >> I am hoping along the lines of: >> >> /usr/share/dbus-1/system-services/* >> - a service file that automatically launches the polickit.exec mechanism >> /usr/share/dbus-1/interfaces/* >> - a set of methods the client can request over dbus from the mechanism >> /etc/dbus-1/system.d >> - any user is allowed to make a request >> >> The client, started as root user, simply listens for dbus requests, >> calls polkitd over dbus requesting "pk_authority.CheckAuthorization", >> and if authorized, swaps the euid of the client-requested pids. > > Hmm, I'm not sure what all this means - but the action described in the > file /usr/share/polkit-1/actions/org.freedesktop.policykit.policy is for > the pkexec(1) mechanism, see > > http://hal.freedesktop.org/docs/polkit/pkexec.1.html
Typo: "The *mechanism*, started as root..." Simply, I was referring to a separated client-mechanism architecture described in the polkit(8) man page. pkexec rolls everything together, and works because it is setuid. > >> Well, probably this mechanism doesn't exist, which is why gksu-polkit >> was created... > > What's gksu-polkit? Do you have a link to a description of it? > According to the gksu website, gksu is being replaced by gksu-polkit at http://live.gnome.org/gksu. _______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/polkit-devel
