debian/0000775000000000000000000000000012276466331007202 5ustar debian/libpolkit-backend-1-0.install0000664000000000000000000000004312227267237014440 0ustar usr/lib/*/libpolkit-backend-1.so.* debian/libpolkit-backend-1-0.symbols0000664000000000000000000000502412227267237014466 0ustar libpolkit-backend-1.so.0 libpolkit-backend-1-0 #MINVER# polkit_backend_action_lookup_get_details@Base 0.94 polkit_backend_action_lookup_get_icon_name@Base 0.94 polkit_backend_action_lookup_get_message@Base 0.94 polkit_backend_action_lookup_get_type@Base 0.94 polkit_backend_action_pool_get_action@Base 0.94 polkit_backend_action_pool_get_all_actions@Base 0.94 polkit_backend_action_pool_get_type@Base 0.94 polkit_backend_action_pool_new@Base 0.94 polkit_backend_authority_authentication_agent_response@Base 0.94 polkit_backend_authority_check_authorization@Base 0.94 polkit_backend_authority_check_authorization_finish@Base 0.94 polkit_backend_authority_enumerate_actions@Base 0.94 polkit_backend_authority_enumerate_temporary_authorizations@Base 0.94 polkit_backend_authority_get@Base 0.94 polkit_backend_authority_get_features@Base 0.95 polkit_backend_authority_get_name@Base 0.95 polkit_backend_authority_get_type@Base 0.94 polkit_backend_authority_get_version@Base 0.95 polkit_backend_authority_log@Base 0.96 polkit_backend_authority_register@Base 0.99 polkit_backend_authority_register_authentication_agent@Base 0.94 polkit_backend_authority_revoke_temporary_authorization_by_id@Base 0.94 polkit_backend_authority_revoke_temporary_authorizations@Base 0.94 polkit_backend_authority_unregister@Base 0.99 polkit_backend_authority_unregister_authentication_agent@Base 0.94 polkit_backend_config_source_get_boolean@Base 0.94 polkit_backend_config_source_get_double@Base 0.94 polkit_backend_config_source_get_integer@Base 0.94 polkit_backend_config_source_get_string@Base 0.94 polkit_backend_config_source_get_string_list@Base 0.94 polkit_backend_config_source_get_type@Base 0.94 polkit_backend_config_source_new@Base 0.94 polkit_backend_interactive_authority_check_authorization_sync@Base 0.94 polkit_backend_interactive_authority_get_admin_identities@Base 0.94 polkit_backend_interactive_authority_get_type@Base 0.94 polkit_backend_local_authority_get_type@Base 0.94 polkit_backend_local_authorization_store_get_type@Base 0.94 polkit_backend_local_authorization_store_lookup@Base 0.94 polkit_backend_local_authorization_store_new@Base 0.94 polkit_backend_session_monitor_get_session_for_subject@Base 0.94 polkit_backend_session_monitor_get_sessions@Base 0.94 polkit_backend_session_monitor_get_type@Base 0.94 polkit_backend_session_monitor_get_user_for_subject@Base 0.94 polkit_backend_session_monitor_is_session_active@Base 0.94 polkit_backend_session_monitor_is_session_local@Base 0.94 polkit_backend_session_monitor_new@Base 0.94 debian/copyright0000664000000000000000000000346012227267237011140 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: polkit Source: http://www.freedesktop.org/software/polkit/releases/ Files: * Copyright: 2008-2011 Red Hat, Inc. License: LGPL-2.0+ Files: test/* Copyright: 2011 Google Inc. License: LGPL-2.0+ Files: test/mocklibc/src/* Copyright: 2011 Google Inc. License: Apache-2.0 License: LGPL-2.0+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see . . On Debian systems, the complete text of the GNU Lesser General Public License can be found in "/usr/share/common-licenses/LGPL-2". License: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. . On Debian systems, the complete text of the Apache version 2.0 license can be found in "/usr/share/common-licenses/Apache-2.0" debian/libpolkit-agent-1-0.symbols0000664000000000000000000000133612227267237014177 0ustar libpolkit-agent-1.so.0 libpolkit-agent-1-0 #MINVER# polkit_agent_listener_get_type@Base 0.94 polkit_agent_listener_initiate_authentication@Base 0.94 polkit_agent_listener_initiate_authentication_finish@Base 0.94 polkit_agent_listener_register@Base 0.99 polkit_agent_listener_register_with_options@Base 0.105 polkit_agent_listener_unregister@Base 0.99 polkit_agent_register_flags_get_type@Base 0.99 polkit_agent_register_listener@Base 0.94 polkit_agent_session_cancel@Base 0.94 polkit_agent_session_get_type@Base 0.94 polkit_agent_session_initiate@Base 0.94 polkit_agent_session_new@Base 0.94 polkit_agent_session_response@Base 0.94 polkit_agent_text_listener_get_type@Base 0.99 polkit_agent_text_listener_new@Base 0.99 debian/changelog0000664000000000000000000005674512276465771011104 0ustar policykit-1 (0.105-4ubuntu2) trusty; urgency=medium * debian/patches/git_type_registration.patch: "Use GOnce for interface type registration. Static local variable may not be enough since it doesn't provide locking." That should fix some frequent udisks segfaults issues (lp: #1236510) -- Sebastien Bacher Tue, 11 Feb 2014 19:26:03 +0100 policykit-1 (0.105-4ubuntu1) trusty; urgency=low * Merge with Debian unstable. Remaining Ubuntu changes: - Switch to using logind for session tracking. Depend on libpam-systemd instead of consolekit, and add libsystemd-login-dev build dependency. - debian/policykit-1.postinst: Don't restart polkitd if we are upgrading from a version that uses ConsoleKit. We need to keep the old daemon running until the next reboot, as all the current user sessions still have a CK session and no logind cgroup yet. - Build using autoreconf to update config.{guess,sub} files. - Configure with --disable-silent-rules. -- Marc Deslauriers Wed, 30 Oct 2013 16:10:44 -0700 policykit-1 (0.105-4) unstable; urgency=low * Acknowledge non-maintainer upload for CVE-2013-4288. * Also cherry-pick the upstream commit which deprecates the racy APIs. * debian/patches/09_pam_environment.patch: set process environment from pam_getenvlist(). * debian/patches/01_pam_polkit.patch: adjust patch to invoke pam_env, so our global settings from /etc/environment are applied correctly. * The two changes above fix pkexec to properly export the pam environment. Thanks Steve Langasek for the patch. (Closes: #692340) -- Michael Biebl Tue, 15 Oct 2013 18:34:24 +0200 policykit-1 (0.105-3+nmu1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix cve-2013-4288: race condition in pkcheck.c (closes: #723717). -- Michael Gilbert Mon, 14 Oct 2013 00:08:43 +0000 policykit-1 (0.105-3ubuntu3) saucy; urgency=low * SECURITY UPDATE: use of pkcheck without specifying uid is racy, possibly leading to privilege escalation - debian/patches/CVE-2013-4288.patch: implement pid,start-time,uid syntax so callers have a non-racy way of using pkcheck. - CVE-2013-4288 -- Marc Deslauriers Wed, 18 Sep 2013 12:38:05 -0400 policykit-1 (0.105-3ubuntu2) saucy; urgency=low * Build using autoreconf to update config.{guess,sub} files. * Configure with --disable-silent-rules. -- Matthias Klose Fri, 26 Jul 2013 14:07:45 +0200 policykit-1 (0.105-3ubuntu1) saucy; urgency=low * Merge with Debian unstable. Remaining Ubuntu changes: - debian/patches/07_pam_environment.patch: set process environment from pam_getenvlist(). - debian/patches/01_pam_polkit.patch: adjust patch to invoke pam_env, so our global settings from /etc/environment are applied correctly. - Switch to using logind for session tracking. Depend on libpam-systemd instead of consolekit, and add libsystemd-login-dev build dependency. - debian/policykit-1.postinst: Don't restart polkitd if we are upgrading from a version that uses ConsoleKit. We need to keep the old daemon running until the next reboot, as all the current user sessions still have a CK session and no logind cgroup yet. -- Martin Pitt Wed, 01 May 2013 16:22:36 -0700 policykit-1 (0.105-3) unstable; urgency=low * 07_set-XAUTHORITY-environment-variable-if-unset.patch: Set XAUTHORITY environment variable to its default value $HOME/.Xauthority if unset. Some display managers, like KDM, do not set the XAUTHORITY variable, so starting graphical applications via pkexec was broken in those environments. (Closes: #671497) -- Michael Biebl Thu, 20 Dec 2012 18:55:14 +0100 policykit-1 (0.105-2) unstable; urgency=low * Change the permissions of /etc/polkit-1/localauthority to 700, this directory is not supposed to be readable by everyone. -- Michael Biebl Mon, 17 Dec 2012 17:02:06 +0100 policykit-1 (0.105-1ubuntu3) saucy; urgency=low * debian/policykit-1.postinst: Don't restart polkitd if we are upgrading from a version that uses ConsoleKit. We need to keep the old daemon running until the next reboot, as all the current user sessions still have a CK session and no logind cgroup yet. -- Martin Pitt Mon, 29 Apr 2013 15:21:39 -0700 policykit-1 (0.105-1ubuntu2) saucy; urgency=low * Switch to using logind for session tracking. Depend on libpam-systemd instead of consolekit, and add libsystemd-login-dev build dependency. -- Martin Pitt Sun, 28 Apr 2013 06:57:06 -0700 policykit-1 (0.105-1ubuntu1) raring; urgency=low * Merge from Debian unstable, remaining changes: - debian/patches/07_pam_environment.patch: set process environment from pam_getenvlist(). - debian/patches/01_pam_polkit.patch: adjust patch to invoke pam_env, so our global settings from /etc/environment are applied correctly. -- Steve Langasek Sun, 04 Nov 2012 23:17:59 -0800 policykit-1 (0.105-1) unstable; urgency=low * New upstream release. * debian/watch: Update URL, the tarballs are hosted on freedesktop.org now. * Update symbols file for libpolkit-gobject-1-0 and libpolkit-agent-1-0. * Update debian/copyright using the machine-readable copyright format 1.0. * Bump Standards-Version to 3.9.3. * Bump Build-Depends on debhelper to (>= 9). -- Michael Biebl Tue, 24 Apr 2012 21:06:04 +0200 policykit-1 (0.104-2ubuntu1) quantal; urgency=low * debian/patches/07_pam_environment.patch: set process environment from pam_getenvlist(). Closes LP: #982684. * debian/patches/01_pam_polkit.patch: adjust patch to invoke pam_env, so our global settings from /etc/environment are applied correctly. -- Steve Langasek Tue, 15 May 2012 15:15:52 -0700 policykit-1 (0.104-2) unstable; urgency=low * debian/control: Add Build-Depends on libglib2.0-doc and libgtk-3-doc for proper cross-references in the gtk-doc API documentation. * Install systemd service file for polkitd. -- Michael Biebl Sat, 11 Feb 2012 23:48:29 +0100 policykit-1 (0.104-1) unstable; urgency=low * New upstream release. - Add support for netgroups. (LP: #724052) * debian/rules: Disable systemd support, continue to work with ConsokeKit. * 05_revert-admin-identities-unix-group-wheel.patch: Refresh to apply cleanly. * debian/libpolkit-gobject-1-0.symbols: Add new symbols from this new release. * debian/rules: Do not let test failures fail the build. The new test suite also runs a test against the system D-BUS/ConsoleKit, which can't work on buildds. -- Martin Pitt Fri, 06 Jan 2012 12:28:54 +0100 policykit-1 (0.103-1) unstable; urgency=low * New upstream release. * debian/control: Change section of gir1.2-polkit-1.0 to introspection. * 05_revert-admin-identities-unix-group-wheel.patch: Revert upstream change to make group wheel the default admin identity since we already use group sudo resp. group admin for that. -- Michael Biebl Fri, 09 Dec 2011 00:48:17 +0100 policykit-1 (0.102-2) unstable; urgency=low * 02_gettext.patch: Explicitly #include to fix non-optimized build. Thanks Ivan Krasilnikov for pointing this out. * debian/rules: When building on Ubuntu, also consider the "sudo" group as administrator, for compatibility with Debian and sudo itself. Keep "admin" for existing systems. (LP: #893842) * Convert to Multi-Arch and dh compat 9. Thanks Daniel Schaal for the patch! (Closes: #636196) -- Martin Pitt Fri, 25 Nov 2011 07:44:09 +0100 policykit-1 (0.102-1) unstable; urgency=low * New upstream release. * debian/patches/00git_fix_proc_race.patch: Removed, merged upstream. * debian/patches/04_ignore_quilt_po.patch: Removed, merged upstream. * debian/patches/03_complete_session.patch: Refreshed. * debian/patches/04_get_cwd.patch: Use g_get_current_dir() to determine the current working directory. This fixes another PATH_MAX related FTBFS on hurd. Thanks Emilio Pozuelo Monfort for the patch. (Closes: #623017) -- Michael Biebl Tue, 02 Aug 2011 03:17:20 +0200 policykit-1 (0.101-4) unstable; urgency=high Urgency high due to security fix. * Add 00git_fix_proc_race.patch: Avoid /proc race conditions when checking privileges for pkexec. Patch taken from https://bugzilla.redhat.com/show_bug.cgi?id=692922, now also landed in upstream git. [CVE-2011-1485] * debian/libpolkit-gobject-1-0.symbols: Update for new symbols. * Add 04_ignore_quilt_po.patch: Ignore .po/ for intltool. This avoids build failures if quilt patches change files with translatable strings. Thanks to Kees Cook for the patch! -- Martin Pitt Wed, 20 Apr 2011 12:11:38 +0200 policykit-1 (0.101-3) unstable; urgency=low * debian/control - Add Depends on gir1.2-polkit-1.0 (= ${binary:Version}) to libpolkit-gobject-1-dev and libpolkit-agent-1-dev to comply with the updated GObject introspection policy. - Bump Standards-Version to 3.9.2. No further changes. -- Michael Biebl Sun, 10 Apr 2011 20:34:03 +0200 policykit-1 (0.101-2) unstable; urgency=low * Upload to unstable. -- Michael Biebl Fri, 25 Mar 2011 02:19:51 +0100 policykit-1 (0.101-1) experimental; urgency=low * New upstream release. * Update patches - Drop debian/patches/04_test_signalfd.patch, merged upstream. - Refresh other patches to apply cleanly. * debian/libpolkit-gobject-1-0.symbols - Add polkit_authorization_result_get_dismissed. * debian/control - Bump Build-Depends on libglib2.0-dev to (>= 2.28.0). * debian/rules - Don't build example programs. -- Michael Biebl Thu, 03 Mar 2011 23:50:17 +0100 policykit-1 (0.100-1) experimental; urgency=low * New upstream release. * Refresh debian/patches/03_complete_session.patch. * Replace debian/patches/04_test_signalfd.patch with a patch that was merged upstream. This also allows to drop debian/patches/99_autoreconf.patch. * Switch from cdbs to dh. * Bump debhelper compatibility level to 8. * Install documentation using debian/policykit-1.docs. * Enable gobject introspection support. - Add Build-Depends on libgirepository1.0-dev (>= 0.9.12), gobject-introspection (>= 0.9.12-4~) and gir1.2-glib-2.0. - Add package gir1.2-polkit-1.0 containing the typelib files. - Install gir files in libpolkit-agent-1-dev.install and libpolkit-gobject-1-dev.install. - Call dh_girepository in debian/rules. -- Michael Biebl Wed, 23 Feb 2011 19:51:17 +0100 policykit-1 (0.99-3) unstable; urgency=low * Upload to unstable. -- Michael Biebl Thu, 10 Feb 2011 19:21:36 +0100 policykit-1 (0.99-2) experimental; urgency=low [ Michael Biebl ] * Merge sudo group changes from unstable branch. [ Martin Pitt ] * debian/rules: Use dpkg-vendor instead of lsb_release. Drop lsb-release build dependency. * Add 04_test_signalfd.patch: Allow building on Non-Linux platforms without signalfd(). (Closes: #602476) * Add 99_autoreconf.patch: Pick up autoreconf changes from previous patch. -- Martin Pitt Mon, 06 Dec 2010 16:28:11 +0100 policykit-1 (0.99-1) experimental; urgency=low [ Michael Biebl ] * New upstream release. * debian/patches/00git-fix-error-freeing.patch - Remove, fixed upstream. * debian/patches/00git-pkexec-information-disclosure.patch - Remove, merged upstream. * debian/control - Drop Build-Depends on libeggdbus-1-dev. - Bump Build-Depends on libglib2.0-dev to (>= 2.25.12) for GDBus. * Switch to source format 3.0 (quilt). - Add debian/source/format. - Drop Build-Depends on quilt. - Remove /usr/share/cdbs/1/rules/patchsys-quilt.mk from debian/rules. - Remove debian/README.source. [ Robert Ancell ] * Add debian/patches/02_gettext.patch: Use gettext for translations in .policy files if they specify a gettext domain. [ James Westby ] * Add debian/patches/03_complete_session.patch: Fix the race that leads to the password box disappearing, but the dialog remaining. [ Martin Pitt ] * debian/rules: Set DPKG_GENSYMBOLS_CHECK_LEVEL to 4 to point out outdated .symbols files more strongly. -- Michael Biebl Thu, 04 Nov 2010 17:27:09 -0400 policykit-1 (0.96-4) unstable; urgency=low * debian/rules - When building for Debian, install a localauthority.conf.d configuration file which considers "sudo" group users as administrators. (Closes: #532499) -- Michael Biebl Tue, 16 Nov 2010 23:21:50 +0100 policykit-1 (0.96-3) unstable; urgency=low * debian/control - Use architecture wildcard linux-any for libselinux1-dev. - Bump Standards-Version to 3.9.1. * debian/policykit-1.postinst - Query D-Bus to find out the correct pid of the process claiming org.freedesktop.PolicyKit1. This way we do not accidentally kill the wrong process when being installed in a chroot. (Closes: #595030) * debian/policykit-1.prerm - Stop polkitd on remove. (Closes: #595031) -- Michael Biebl Thu, 16 Sep 2010 23:27:56 +0200 policykit-1 (0.96-2) unstable; urgency=medium * Urgency medium, just two small, but important bug fixes. * Add 00git-pkexec-information-disclosure.patch: Fix information disclosure vulnerability that allows an attacker to verify whether or not arbitrary files exist, violating directory permissions. * 00git-fix-error-freeing.patch: Fix crash when calling CheckAuthorization() with an invalid PID. (LP: #540464) -- Martin Pitt Fri, 09 Apr 2010 12:09:53 +0200 policykit-1 (0.96-1) unstable; urgency=low * New upstream release. * debian/libpolkit-backend-1-0.symbols - Update for new API addition. -- Michael Biebl Sat, 16 Jan 2010 00:05:48 +0100 policykit-1 (0.95-1) unstable; urgency=low * New upstream release. * Remove patches - debian/patches/02_dont_export_private_symbols.patch (merged upstream) - debian/patches/03_path_max.patch (merged upstream) - debian/patches/04-ref-authority.patch (merged upstream) - debian/patches/05-pkexec-env.patch (merged upstream) - debian/patches/99_autoreconf.patch (obsolete) * debian/control - Bump Build-Depends on libeggbus-1-dev to (>= 0.6). * debian/rules - The example application is no longer built by default so we don't need to manually remove it anymore. * debian/libpolkit-{backend,gobject}-1-0.symbols - Update for new API additions. -- Michael Biebl Sat, 14 Nov 2009 05:33:34 +0100 policykit-1 (0.94-6) unstable; urgency=low * debian/policykit-1.postinst - Use start-stop-daemon instead of kill+pidof to stop the running polkitd daemon on upgrades. * Remove our workaround for kfreebsd again now that eglibc 2.10 has entered unstable. (Closes: #552605) -- Michael Biebl Mon, 09 Nov 2009 01:09:07 +0100 policykit-1 (0.94-5) unstable; urgency=low * Add debian/patches/04-ref-authority.patch: Ref the instance returned by polkit_authority_get(), since the documentation says that it needs to be unref'ed after usage. This fixes crashes in NetworkManager and probably other programs, too. (LP: #438574, #432452, fd.o #24566) * Add debian/patches/05-pkexec-env.patch: Add missing comma so that pkexec saves both LANG and LANGUAGE, not LANGLANGUAGE. (Cherrypicked from trunk) * Add myself to Uploaders: with Michael's consent. -- Martin Pitt Tue, 03 Nov 2009 12:28:09 +0100 policykit-1 (0.94-4) unstable; urgency=low * debian/patches/03_path_max.patch - Update patch to fix implicit pointer conversion for get_current_dir_name. (Closes: #550901) -- Michael Biebl Wed, 14 Oct 2009 14:00:40 +0200 policykit-1 (0.94-3) unstable; urgency=low * debian/patches/03_path_max.patch - Fix FTBFS on hurd-i386 where PATH_MAX is not defined. (Closes:#550800) Thanks to Samuel Thibault for the patch. * debian/policykit-1.postinst: - Kill the old polkitd daemon on upgrade, to ensure that the new version will be used at the next occasion. -- Michael Biebl Tue, 13 Oct 2009 14:32:25 +0200 policykit-1 (0.94-2) unstable; urgency=low * Fix build failures on kfreebsd. Add Build-Depends on libfreebsd-dev and link against -lfreebsd for sysctlnametomib. When glibc 2.10 enters unstable this workaround can be removed again. -- Michael Biebl Tue, 13 Oct 2009 00:29:47 +0200 policykit-1 (0.94-1) unstable; urgency=low * Rename package to policykit-1. Upstream (at least temporarily) forked the project to make it installable in parallel with policykit 0.9, until all programs are ported to the new API. * Drop all patches except 01_pam_polkit.patch. * Refresh debian/patches/01_pam_polkit.patch. * debian/control - Update Build-Depends + Drop libdbus-1-dev, libdbus-glib-1-dev. + Add libeggdbus-1-dev (>= 0.5) and lsb-release. + Bump libglib2-dev dependency to (>= 2.21.4). - Update list of binary packages and their package descriptions. - Drop dependency on adduser. - Bump Standards-Version to 3.8.3. + Add README.source which refers to the quilt documentation. - Update Vcs-* fields. Package is now managed using Git and hosted on git.debian.org. * Update shared library structure: libpolkit-{dbus,grant} → libpolkit-{agent,backend,gobject}-1. * Rename policykit, policykit-doc → policykit-1, policykit-1-doc. * Update and revise all *.install files. * debian/rules, debian/policykit.init: Drop init script, package doesn't use /var/run any more. * debian/policykit-1.postinst: Don't create "polkituser" system user, it's not used any more. * Update watch file. * debian/patches/02_dont_export_private_symbols.patch - Don't export private symbols in the libraries. * debian/patches/99_autoreconf.patch - Update the autotools files as the previous patch also touches the build system. * Add symbols files for libpolkit-{agent,backend,gobject}-1 for improved shlibs dependencies. * debian/rules - Disable introspection support. - When building for Ubuntu, install a localauthority.conf.d configuration file which considers "admin" group users as administrators. - Don't install example application. * debian/copyright - Update copyright holder. - License was changed to LGPL 2.1+. -- Michael Biebl Sun, 27 Sep 2009 21:35:18 +0200 policykit (0.9-4) unstable; urgency=low * Add support for /var/run being a tmpfs. (Closes: #532101) - Create /var/run/PolicyKit dynamically on boot by using an init script. Original patch by Martin Pitt, thanks. Updated patch to only run the init script in runlevel S at priority 75. - Do no longer ship /var/run/PolicyKit in the package itself. * debian/control - Bump Standards-Version to 3.8.1. * debian/patches/04_entry_leak.patch - Plug a memory leak. Patch pulled from Fedora. * debian/patches/05_manpage_typo_fix.patch - Fix a small typo in the polkit-auth man page. (Closes: #523565) * debian/patches/06_no_inotify_or_path_max.patch - Add support for systems which don't support inotify (like hurd) and don't use PATH_MAX unconditionally, instead use dynamically growing buffers. (Closes: #521756) Patch by Samuel Thibault, thanks. -- Michael Biebl Thu, 18 Jun 2009 09:55:34 +0200 policykit (0.9-3) unstable; urgency=low * Switch patch management system to quilt. * debian/control - Wrap Build-Depends. - Demote Recommends: policykit-gnome to Suggests. (Closes: #513758) - Bump Build-Depends on debhelper to (>= 7). * debian/compat - Bump debhelper compat level to 7. * debian/rules - Include debhelper.mk before any other files as recommended by the cdbs documentation. * debian/patches/03_consolekit0.3-api.patch - Try both the ConsoleKit 0.3 and the older 0.2 API, to work with either. Patch pulled from Ubuntu. -- Michael Biebl Wed, 18 Feb 2009 17:25:52 +0100 policykit (0.9-2) unstable; urgency=high [ Simon McVittie ] * Add patch committed in Fedora (although not upstream) by the upstream maintainer, to allow PolicyKit to be used when CVE-2008-4311 has been fixed in dbus-daemon. (Closes: #510646) [ Michael Biebl ] * debian/control - Add ${misc:Depends} to all binary packages. -- Michael Biebl Wed, 07 Jan 2009 18:18:56 +0100 policykit (0.9-1) unstable; urgency=low * New upstream release. * debian/control - Bump Standards-Version to 3.8.0. No further changes. -- Michael Biebl Sun, 03 Aug 2008 10:53:11 +0200 policykit (0.8-2) unstable; urgency=low * Add symbols files for libpolkit2, libpolkit-grant2 and libpolkit-dbus2. * debian/policykit.postinst - Set correct permissions for all files. (Closes: #482064) - Define a small helper function to apply the permissions. This makes it more concise and readable. -- Michael Biebl Fri, 23 May 2008 04:33:48 +0200 policykit (0.8-1) unstable; urgency=medium * New upstream release. - SECURITY - CVE-2008-1658: Fixes format string vulnerability in the grant helper. (Closes: #476615) * debian/control - Add Build-Depends on pkg-config. -- Michael Biebl Fri, 18 Apr 2008 01:39:08 +0200 policykit (0.7-2) unstable; urgency=low * Upload to unstable. -- Michael Biebl Fri, 11 Jan 2008 01:02:59 +0100 policykit (0.7-1) experimental; urgency=low * New upstream release. (Closes: #455874) * debian/control - Bump Standards-Version to 3.7.3. No further changes required. - Add Build-Depends on libdbus-glib-1-dev (>= 0.73). - Change Homepage URL to http://hal.freedesktop.org/docs/PolicyKit/. (Closes: #446504) - Improve package description. (Closes: #446554) * debian/copyright - All code is now licensed under the MIT/X11 license. Update the copyright notice accordingly. * debian/policykit.dirs - Add the directory /var/lib/PolicyKit-public. * debian/policykit.install - Install the D-Bus config and service files for the PolicyKit system service. - Install /var/lib/misc/PolicyKit.reload. * debian/rules - Fix the permissions of /var/lib/misc/PolicyKit.reload. * debian/policykit.postinst - Use dpkg-statoverride to check for local modifications before setting the SUID/SGID bits. -- Michael Biebl Thu, 20 Dec 2007 18:01:38 +0100 policykit (0.6-1) experimental; urgency=low * New upstream release. * debian/control - Use new "Homepage:" field to specify the upstream URL. - The Vcs-* fields are now officially supported, so remove the XS- prefix. - Add a Recommends: policykit-gnome to the policykit package. - Enable SELinux support by adding a Build-Depends on libselinux1-dev for all supported platforms. * debian/policykit.postinst - Install polkit-grant-helper-pam with the correct permissions. -- Michael Biebl Sat, 03 Nov 2007 00:02:33 +0100 policykit (0.5-1) experimental; urgency=low * Initial release. (Closes: #397087) -- Michael Biebl Tue, 02 Oct 2007 22:38:04 +0200 debian/rules0000775000000000000000000000233012234310757010252 0ustar #!/usr/bin/make -f # -*- makefile -*- DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) %: dh $@ --with autoreconf DPKG_GENSYMBOLS_CHECK_LEVEL=4 export DPKG_GENSYMBOLS_CHECK_LEVEL override_dh_auto_configure: dh_auto_configure -- \ --disable-silent-rules \ --enable-gtk-doc \ --enable-man-pages \ --enable-introspection \ --enable-systemd \ --disable-examples \ --libexecdir=\$${prefix}/lib/policykit-1 override_dh_auto_test: # the system D-BUS tests can't work on the buildds, so don't let a # failed test fail the build make check || true override_dh_makeshlibs: dh_makeshlibs -Xusr/lib/$(DEB_HOST_MULTIARCH)/polkit-1/ override_dh_shlibdeps: dh_shlibdeps dh_girepository override_dh_install: dh_install # on Debian use sudo group; on Ubuntu, also allow the admin group for # historical reasons if dpkg-vendor --is ubuntu; then \ /bin/echo -e "[Configuration]\nAdminIdentities=unix-group:sudo;unix-group:admin" > debian/policykit-1/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf; \ elif dpkg-vendor --is debian; then \ /bin/echo -e "[Configuration]\nAdminIdentities=unix-group:sudo" > debian/policykit-1/etc/polkit-1/localauthority.conf.d/51-debian-sudo.conf; \ fi debian/libpolkit-agent-1-dev.install0000664000000000000000000000025012227267237014566 0ustar usr/lib/*/libpolkit-agent*.so usr/lib/*/libpolkit-agent*.a usr/lib/*/pkgconfig/polkit-agent*.pc usr/include/polkit-1/polkitagent/ usr/share/gir-1.0/PolkitAgent-1.0.gir debian/libpolkit-gobject-1-0.symbols0000664000000000000000000001540312227267237014516 0ustar libpolkit-gobject-1.so.0 libpolkit-gobject-1-0 #MINVER# polkit_action_description_get_action_id@Base 0.94 polkit_action_description_get_annotation@Base 0.94 polkit_action_description_get_annotation_keys@Base 0.94 polkit_action_description_get_description@Base 0.94 polkit_action_description_get_icon_name@Base 0.94 polkit_action_description_get_implicit_active@Base 0.94 polkit_action_description_get_implicit_any@Base 0.94 polkit_action_description_get_implicit_inactive@Base 0.94 polkit_action_description_get_message@Base 0.94 polkit_action_description_get_type@Base 0.94 polkit_action_description_get_vendor_name@Base 0.94 polkit_action_description_get_vendor_url@Base 0.94 polkit_action_description_new@Base 0.99 polkit_action_description_new_for_gvariant@Base 0.99 polkit_action_description_to_gvariant@Base 0.99 polkit_authority_authentication_agent_response@Base 0.94 polkit_authority_authentication_agent_response_finish@Base 0.94 polkit_authority_authentication_agent_response_sync@Base 0.94 polkit_authority_check_authorization@Base 0.94 polkit_authority_check_authorization_finish@Base 0.94 polkit_authority_check_authorization_sync@Base 0.94 polkit_authority_enumerate_actions@Base 0.94 polkit_authority_enumerate_actions_finish@Base 0.94 polkit_authority_enumerate_actions_sync@Base 0.94 polkit_authority_enumerate_temporary_authorizations@Base 0.94 polkit_authority_enumerate_temporary_authorizations_finish@Base 0.94 polkit_authority_enumerate_temporary_authorizations_sync@Base 0.94 polkit_authority_features_get_type@Base 0.95 polkit_authority_get@Base 0.94 polkit_authority_get_async@Base 0.99 polkit_authority_get_backend_features@Base 0.95 polkit_authority_get_backend_name@Base 0.95 polkit_authority_get_backend_version@Base 0.95 polkit_authority_get_finish@Base 0.99 polkit_authority_get_owner@Base 0.99 polkit_authority_get_sync@Base 0.99 polkit_authority_get_type@Base 0.94 polkit_authority_register_authentication_agent@Base 0.94 polkit_authority_register_authentication_agent_finish@Base 0.94 polkit_authority_register_authentication_agent_sync@Base 0.94 polkit_authority_register_authentication_agent_with_options@Base 0.105 polkit_authority_register_authentication_agent_with_options_finish@Base 0.105 polkit_authority_register_authentication_agent_with_options_sync@Base 0.105 polkit_authority_revoke_temporary_authorization_by_id@Base 0.94 polkit_authority_revoke_temporary_authorization_by_id_finish@Base 0.94 polkit_authority_revoke_temporary_authorization_by_id_sync@Base 0.94 polkit_authority_revoke_temporary_authorizations@Base 0.94 polkit_authority_revoke_temporary_authorizations_finish@Base 0.94 polkit_authority_revoke_temporary_authorizations_sync@Base 0.94 polkit_authority_unregister_authentication_agent@Base 0.94 polkit_authority_unregister_authentication_agent_finish@Base 0.94 polkit_authority_unregister_authentication_agent_sync@Base 0.94 polkit_authorization_result_get_details@Base 0.94 polkit_authorization_result_get_dismissed@Base 0.101 polkit_authorization_result_get_is_authorized@Base 0.94 polkit_authorization_result_get_is_challenge@Base 0.94 polkit_authorization_result_get_retains_authorization@Base 0.94 polkit_authorization_result_get_temporary_authorization_id@Base 0.94 polkit_authorization_result_get_type@Base 0.94 polkit_authorization_result_new@Base 0.94 polkit_authorization_result_new_for_gvariant@Base 0.99 polkit_authorization_result_to_gvariant@Base 0.99 polkit_check_authorization_flags_get_type@Base 0.94 polkit_details_get_keys@Base 0.94 polkit_details_get_type@Base 0.94 polkit_details_insert@Base 0.94 polkit_details_lookup@Base 0.94 polkit_details_new@Base 0.94 polkit_details_new_for_gvariant@Base 0.99 polkit_details_to_gvariant@Base 0.99 polkit_error_get_type@Base 0.94 polkit_error_quark@Base 0.94 polkit_identity_equal@Base 0.94 polkit_identity_from_string@Base 0.94 polkit_identity_get_type@Base 0.94 polkit_identity_hash@Base 0.94 polkit_identity_new_for_gvariant@Base 0.99 polkit_identity_to_gvariant@Base 0.99 polkit_identity_to_string@Base 0.94 polkit_implicit_authorization_from_string@Base 0.94 polkit_implicit_authorization_get_type@Base 0.94 polkit_implicit_authorization_to_string@Base 0.94 polkit_permission_get_action_id@Base 0.99 polkit_permission_get_subject@Base 0.99 polkit_permission_get_type@Base 0.99 polkit_permission_new@Base 0.99 polkit_permission_new_finish@Base 0.99 polkit_permission_new_sync@Base 0.99 polkit_subject_equal@Base 0.94 polkit_subject_exists@Base 0.94 polkit_subject_exists_finish@Base 0.94 polkit_subject_exists_sync@Base 0.94 polkit_subject_from_string@Base 0.94 polkit_subject_get_type@Base 0.94 polkit_subject_hash@Base 0.94 polkit_subject_new_for_gvariant@Base 0.99 polkit_subject_to_gvariant@Base 0.99 polkit_subject_to_string@Base 0.94 polkit_system_bus_name_get_name@Base 0.94 polkit_system_bus_name_get_process_sync@Base 0.95 polkit_system_bus_name_get_type@Base 0.94 polkit_system_bus_name_new@Base 0.94 polkit_system_bus_name_set_name@Base 0.94 polkit_temporary_authorization_get_action_id@Base 0.94 polkit_temporary_authorization_get_id@Base 0.94 polkit_temporary_authorization_get_subject@Base 0.94 polkit_temporary_authorization_get_time_expires@Base 0.94 polkit_temporary_authorization_get_time_obtained@Base 0.94 polkit_temporary_authorization_get_type@Base 0.94 polkit_temporary_authorization_new@Base 0.94 polkit_temporary_authorization_new_for_gvariant@Base 0.99 polkit_temporary_authorization_to_gvariant@Base 0.99 polkit_unix_group_get_gid@Base 0.94 polkit_unix_group_get_type@Base 0.94 polkit_unix_group_new@Base 0.94 polkit_unix_group_new_for_name@Base 0.94 polkit_unix_group_set_gid@Base 0.94 polkit_unix_netgroup_get_name@Base 0.104 polkit_unix_netgroup_get_type@Base 0.104 polkit_unix_netgroup_new@Base 0.104 polkit_unix_netgroup_set_name@Base 0.104 polkit_unix_process_get_owner@Base 0.94 polkit_unix_process_get_pid@Base 0.94 polkit_unix_process_get_start_time@Base 0.94 polkit_unix_process_get_type@Base 0.94 polkit_unix_process_get_uid@Base 0.101 polkit_unix_process_new@Base 0.94 polkit_unix_process_new_for_owner@Base 0.101 polkit_unix_process_new_full@Base 0.94 polkit_unix_process_set_pid@Base 0.94 polkit_unix_process_set_start_time@Base 0.101 polkit_unix_process_set_uid@Base 0.101 polkit_unix_session_get_session_id@Base 0.94 polkit_unix_session_get_type@Base 0.94 polkit_unix_session_new@Base 0.94 polkit_unix_session_new_for_process@Base 0.94 polkit_unix_session_new_for_process_finish@Base 0.94 polkit_unix_session_new_for_process_sync@Base 0.94 polkit_unix_session_set_session_id@Base 0.94 polkit_unix_user_get_name@Base 0.104 polkit_unix_user_get_type@Base 0.94 polkit_unix_user_get_uid@Base 0.94 polkit_unix_user_new@Base 0.94 polkit_unix_user_new_for_name@Base 0.94 polkit_unix_user_set_uid@Base 0.94 debian/policykit-1.install0000664000000000000000000000035212227267237012737 0ustar etc/pam.d/ etc/dbus-1/ etc/polkit-1/ usr/bin/ usr/lib/*/polkit-1/extensions/*.so usr/lib/policykit-1/ usr/share/man/ usr/share/polkit-1/ usr/share/dbus-1/ usr/share/locale/ var/lib/polkit-1/ debian/polkitd.service lib/systemd/system/ debian/source/0000775000000000000000000000000012227267237010502 5ustar debian/source/format0000664000000000000000000000001412227267237011710 0ustar 3.0 (quilt) debian/libpolkit-gobject-1-dev.install0000664000000000000000000000024412227267237015110 0ustar usr/lib/*/libpolkit-gobject*.so usr/lib/*/libpolkit-gobject*.a usr/lib/*/pkgconfig/polkit-gobject*.pc usr/include/polkit-1/polkit/ usr/share/gir-1.0/Polkit-1.0.gir debian/policykit-1.prerm0000664000000000000000000000235712227267237012425 0ustar #!/bin/sh # prerm script for policykit-1 # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `upgrade' # * `failed-upgrade' # * `remove' `in-favour' # * `deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package get_pid() { [ -n "$1" ] || return [ -S /var/run/dbus/system_bus_socket ] || return dbus-send --system --dest=org.freedesktop.DBus --print-reply \ /org/freedesktop/DBus org.freedesktop.DBus.GetConnectionUnixProcessID \ string:$1 2>/dev/null | awk '/uint32/ {print $2}' } case "$1" in remove) kill $(get_pid org.freedesktop.PolicyKit1) 2>/dev/null || true ;; upgrade|deconfigure|failed-upgrade) ;; *) echo "prerm called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/policykit-1.docs0000664000000000000000000000001412227267237012214 0ustar NEWS README debian/gbp.conf0000664000000000000000000000006512227267237010622 0ustar [DEFAULT] pristine-tar = True debian-branch = master debian/policykit-1-doc.install0000664000000000000000000000010712227267237013500 0ustar usr/share/gtk-doc/html/polkit-1/* /usr/share/doc/policykit-1-doc/html/ debian/control0000664000000000000000000001153712234310747010605 0ustar Source: policykit-1 Section: admin Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Utopia Maintenance Team Uploaders: Michael Biebl , Martin Pitt Build-Depends: debhelper (>= 9), autotools-dev, dh-autoreconf, pkg-config, libglib2.0-dev (>= 2.28.0), libexpat1-dev, libpam0g-dev, libselinux1-dev [linux-any], libsystemd-login-dev, gtk-doc-tools, xsltproc, libgirepository1.0-dev (>= 0.9.12), gobject-introspection (>= 0.9.12-4~), gir1.2-glib-2.0, libglib2.0-doc, libgtk-3-doc Standards-Version: 3.9.3 Vcs-Git: git://git.debian.org/git/pkg-utopia/policykit.git Vcs-Browser: http://git.debian.org/?p=pkg-utopia/policykit.git;a=summary Homepage: http://hal.freedesktop.org/docs/PolicyKit/ Package: policykit-1 Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-systemd, dbus Multi-Arch: foreign Description: framework for managing administrative policies and privileges PolicyKit is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . It is a framework for centralizing the decision making process with respect to granting access to privileged operations for unprivileged (desktop) applications. Package: policykit-1-doc Architecture: all Section: doc Depends: ${misc:Depends} Suggests: devhelp Description: documentation for PolicyKit-1 PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains the API documentation of PolicyKit. Package: libpolkit-gobject-1-0 Architecture: any Section: libs Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} Multi-Arch: same Breaks: policykit-1 (<< 0.99), libpolkit-gtk-1-0 (<< 0.99), libpolkit-agent-1-0 (<< 0.99), libpolkit-backend-1-0 (<< 0.99) Description: PolicyKit Authorization API PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains a library for accessing PolicyKit. Package: libpolkit-gobject-1-dev Architecture: any Section: libdevel Depends: libpolkit-gobject-1-0 (= ${binary:Version}), ${misc:Depends}, libglib2.0-dev, gir1.2-polkit-1.0 (= ${binary:Version}) Description: PolicyKit Authorization API - development files PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains the development files for the library found in libpolkit-gobject-1-0. Package: libpolkit-agent-1-0 Architecture: any Section: libs Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} Multi-Arch: same Description: PolicyKit Authentication Agent API PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains a library for accessing the authentication agent. Package: libpolkit-agent-1-dev Architecture: any Section: libdevel Depends: libpolkit-agent-1-0 (= ${binary:Version}), ${misc:Depends}, libpolkit-gobject-1-dev, gir1.2-polkit-1.0 (= ${binary:Version}) Description: PolicyKit Authentication Agent API - development files PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains the development files for the library found in libpolkit-agent-1-0. Package: libpolkit-backend-1-0 Architecture: any Section: libs Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} Multi-Arch: same Breaks: policykit-1 (<< 0.99) Description: PolicyKit backend API PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains a library for implementing authentication backends. Package: libpolkit-backend-1-dev Architecture: any Section: libdevel Depends: libpolkit-backend-1-0 (= ${binary:Version}), ${misc:Depends}, libpolkit-gobject-1-dev Description: PolicyKit backend API - development files PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains the development files for the library found in libpolkit-backend-1-0. Package: gir1.2-polkit-1.0 Section: introspection Architecture: any Depends: ${gir:Depends}, ${shlibs:Depends}, ${misc:Depends} Description: GObject introspection data for PolicyKit PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. . This package contains introspection data for PolicyKit. . It can be used by packages using the GIRepository format to generate dynamic bindings. debian/libpolkit-agent-1-0.install0000664000000000000000000000004112227267237014145 0ustar usr/lib/*/libpolkit-agent-1.so.* debian/gir1.2-polkit-1.0.install0000664000000000000000000000003212227267237013363 0ustar usr/lib/girepository-1.0/ debian/compat0000664000000000000000000000000212227267237010400 0ustar 9 debian/watch0000664000000000000000000000012412227267237010230 0ustar version=3 http://www.freedesktop.org/software/polkit/releases/polkit-(.*)\.tar\.gz debian/policykit-1.postinst0000664000000000000000000000374112234310757013153 0ustar #!/bin/sh # postinst script for policykit-1 # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package set_perms() { USER=$1 GROUP=$2 MODE=$3 FILE=$4 if ! dpkg-statoverride --list $FILE > /dev/null 2>&1; then chown $USER:$GROUP $FILE chmod $MODE $FILE fi } get_pid() { [ -n "$1" ] || return [ -S /var/run/dbus/system_bus_socket ] || return dbus-send --system --dest=org.freedesktop.DBus --print-reply \ /org/freedesktop/DBus org.freedesktop.DBus.GetConnectionUnixProcessID \ string:$1 2>/dev/null | awk '/uint32/ {print $2}' } case "$1" in configure) set_perms root root 700 /var/lib/polkit-1 set_perms root root 700 /etc/polkit-1/localauthority set_perms root root 4755 /usr/lib/policykit-1/polkit-agent-helper-1 set_perms root root 4755 /usr/bin/pkexec # Kill the old polkitd daemon on upgrade, to ensure that the new # version will be used at the next occasion; but don't do this across # the ConsoleKit -> logind transition, as we need to keep the old CK # polkit running until reboot if dpkg --compare-versions "$2" ge "0.105-1ubuntu2"; then kill $(get_pid org.freedesktop.PolicyKit1) 2>/dev/null || true fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/libpolkit-backend-1-dev.install0000664000000000000000000000021212227267237015055 0ustar usr/lib/*/libpolkit-backend*.so usr/lib/*/libpolkit-backend*.a usr/lib/*/pkgconfig/polkit-backend*.pc usr/include/polkit-1/polkitbackend/ debian/polkitd.service0000664000000000000000000000026612227267237012236 0ustar [Unit] Description=Authenticate and Authorize Users to Run Privileged Tasks [Service] Type=dbus BusName=org.freedesktop.PolicyKit1 ExecStart=/usr/lib/policykit-1/polkitd --no-debug debian/patches/0000775000000000000000000000000012276465450010632 5ustar debian/patches/05_revert-admin-identities-unix-group-wheel.patch0000664000000000000000000000322512227267237022131 0ustar From 1892aeb9c13841335a4ac383e8a787a3c2728c45 Mon Sep 17 00:00:00 2001 From: Michael Biebl Date: Fri, 9 Dec 2011 00:31:21 +0100 Subject: [PATCH] Revert "Default to AdminIdentities=unix-group:wheel for local authority" This reverts commit 763faf434b445c20ae9529100d3ef5290976d0c9. --- docs/man/pklocalauthority.xml | 4 ++-- src/polkitbackend/50-localauthority.conf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) Index: policykit/docs/man/pklocalauthority.xml =================================================================== --- policykit.orig/docs/man/pklocalauthority.xml 2012-01-06 10:34:01.830221577 +0100 +++ policykit/docs/man/pklocalauthority.xml 2012-01-06 10:39:24.206237179 +0100 @@ -385,10 +385,10 @@ [Configuration] -AdminIdentities=unix-group:staff +AdminIdentities=unix-group:desktop_admin_r - specifies that any user in the staff UNIX + that any user in the desktop_admin_r UNIX group can be used for authentication when administrator authentication is needed. This file would typically be installed in the /etc/polkit-1/localauthority.conf.d Index: policykit/src/polkitbackend/50-localauthority.conf =================================================================== --- policykit.orig/src/polkitbackend/50-localauthority.conf 2012-01-06 10:33:58.254221404 +0100 +++ policykit/src/polkitbackend/50-localauthority.conf 2012-01-06 10:39:24.210237180 +0100 @@ -7,4 +7,4 @@ # [Configuration] -AdminIdentities=unix-group:wheel +AdminIdentities=unix-user:0 debian/patches/01_pam_polkit.patch0000664000000000000000000000120212227267237014304 0ustar Index: trunk/data/polkit-1.in =================================================================== --- trunk.orig/data/polkit-1.in +++ trunk/data/polkit-1.in @@ -1,6 +1,8 @@ #%PAM-1.0 -auth include @PAM_FILE_INCLUDE_AUTH@ -account include @PAM_FILE_INCLUDE_ACCOUNT@ -password include @PAM_FILE_INCLUDE_PASSWORD@ -session include @PAM_FILE_INCLUDE_SESSION@ +@include common-auth +@include common-account +@include common-password +session required pam_env.so readenv=1 user_readenv=0 +session required pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0 +@include common-session debian/patches/04_get_cwd.patch0000664000000000000000000000234412227267237013574 0ustar From cd184d77f57d45ffce34f0210bbff72f6fd3116f Mon Sep 17 00:00:00 2001 From: Emilio Pozuelo Monfort Date: Sat, 26 Mar 2011 07:28:14 +0000 Subject: [PATCH] Fix build on GNU Hurd https://bugs.freedesktop.org/show_bug.cgi?id=35685 --- src/programs/pkexec.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) Index: policykit-1/src/programs/pkexec.c =================================================================== --- policykit-1.orig/src/programs/pkexec.c 2011-08-02 03:16:07.070394919 +0200 +++ policykit-1/src/programs/pkexec.c 2011-08-02 03:16:43.241940179 +0200 @@ -53,7 +53,7 @@ #include static gchar *original_user_name = NULL; -static gchar original_cwd[PATH_MAX]; +static gchar *original_cwd; static gchar *command_line = NULL; static struct passwd *pw; @@ -465,7 +465,7 @@ goto out; } - if (getcwd (original_cwd, sizeof (original_cwd)) == NULL) + if ((original_cwd = g_get_current_dir ()) == NULL) { g_printerr ("Error getting cwd: %s\n", g_strerror (errno)); @@ -931,6 +931,7 @@ g_ptr_array_free (saved_env, TRUE); } + g_free (original_cwd); g_free (path); g_free (command_line); g_free (opt_user); debian/patches/03_complete_session.patch0000664000000000000000000000446612227267237015541 0ustar From: James Westby Date: Thu, 28 Oct 2010 09:14:26 -0400 Subject: Fix the race that leads to the password box disappearing, but the dialog remaining. Bug: http://bugs.freedesktop.org/show_bug.cgi?id=30515 Bug-Ubuntu: https://launchpad.net/bugs/649939 Bug-Ubuntu: https://launchpad.net/bugs/445303 Index: policykit-1/src/polkitagent/polkitagentsession.c =================================================================== --- policykit-1.orig/src/polkitagent/polkitagentsession.c 2012-04-24 19:44:21.195751945 +0200 +++ policykit-1/src/polkitagent/polkitagentsession.c 2012-04-24 21:03:20.487887522 +0200 @@ -435,6 +435,7 @@ gpointer user_data) { PolkitAgentSession *session = POLKIT_AGENT_SESSION (user_data); + GMainContext *context = g_main_context_default(); if (G_UNLIKELY (_show_debug ())) { @@ -446,6 +447,11 @@ /* kill all the watches we have set up, except for the child since it has exited already */ session->child_pid = 0; + /* Allow the stdout of the child to be processed if we haven't finished yet */ + while (g_main_context_pending(context)) + { + g_main_context_iteration(context, FALSE); + } complete_session (session, FALSE); } @@ -650,15 +656,15 @@ if (G_UNLIKELY (_show_debug ())) g_print ("PolkitAgentSession: spawned helper with pid %d\n", (gint) session->child_pid); - session->child_watch_source = g_child_watch_source_new (session->child_pid); - g_source_set_callback (session->child_watch_source, (GSourceFunc) child_watch_func, session, NULL); - g_source_attach (session->child_watch_source, g_main_context_get_thread_default ()); - session->child_stdout_channel = g_io_channel_unix_new (session->child_stdout); session->child_stdout_watch_source = g_io_create_watch (session->child_stdout_channel, G_IO_IN); g_source_set_callback (session->child_stdout_watch_source, (GSourceFunc) io_watch_have_data, session, NULL); g_source_attach (session->child_stdout_watch_source, g_main_context_get_thread_default ()); + session->child_watch_source = g_child_watch_source_new (session->child_pid); + g_source_set_callback (session->child_watch_source, (GSourceFunc) child_watch_func, session, NULL); + g_source_attach (session->child_watch_source, g_main_context_get_thread_default ()); + session->success = FALSE; debian/patches/06_systemd-service.patch0000664000000000000000000000070712227267237015311 0ustar Index: policykit-1/data/org.freedesktop.PolicyKit1.service.in =================================================================== --- policykit-1.orig/data/org.freedesktop.PolicyKit1.service.in 2012-02-01 01:54:58.291191682 +0100 +++ policykit-1/data/org.freedesktop.PolicyKit1.service.in 2012-02-11 23:45:15.946856853 +0100 @@ -2,3 +2,4 @@ Name=org.freedesktop.PolicyKit1 Exec=@libexecdir@/polkitd --no-debug User=root +SystemdService=polkitd.service debian/patches/08_deprecate_racy_APIs.patch0000664000000000000000000000227012227267237016010 0ustar commit 08291789a1f99d4ab29c74c39344304bcca43023 Author: Colin Walters Date: Tue Aug 20 15:15:31 2013 -0400 polkitunixprocess: Deprecate racy APIs It's only safe for processes to be created with their owning uid, (without kernel support, which we don't have). Anything else is subject to clients exec()ing setuid binaries after the fact. diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h index 531a57d..f5ed1a7 100644 --- a/src/polkit/polkitunixprocess.h +++ b/src/polkit/polkitunixprocess.h @@ -47,7 +47,9 @@ typedef struct _PolkitUnixProcess PolkitUnixProcess; typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass; GType polkit_unix_process_get_type (void) G_GNUC_CONST; +G_GNUC_DEPRECATED_FOR(polkit_unix_process_new_for_owner) PolkitSubject *polkit_unix_process_new (gint pid); +G_GNUC_DEPRECATED_FOR(polkit_unix_process_new_for_owner) PolkitSubject *polkit_unix_process_new_full (gint pid, guint64 start_time); PolkitSubject *polkit_unix_process_new_for_owner (gint pid, debian/patches/series0000664000000000000000000000046712276465462012061 0ustar 01_pam_polkit.patch 02_gettext.patch 03_complete_session.patch 04_get_cwd.patch 05_revert-admin-identities-unix-group-wheel.patch 06_systemd-service.patch 07_set-XAUTHORITY-environment-variable-if-unset.patch 08_deprecate_racy_APIs.patch cve-2013-4288.patch 09_pam_environment.patch git_type_registration.patch debian/patches/02_gettext.patch0000664000000000000000000001421012227267237013635 0ustar From c28ef44e1ba82e1a3419c740ac0bbb8aaa591bcd Mon Sep 17 00:00:00 2001 From: Robert Ancell Date: Wed, 18 Aug 2010 16:26:15 +1000 Subject: [PATCH] Use gettext for translations in .policy files Bug: http://bugs.freedesktop.org/show_bug.cgi?id=29639 Bug-Ubuntu: https://launchpad.net/bugs/619632 --- src/polkitbackend/polkitbackendactionpool.c | 48 +++++++++++++++++++++++++++ 1 files changed, 48 insertions(+), 0 deletions(-) Index: policykit/src/polkitbackend/polkitbackendactionpool.c =================================================================== --- policykit.orig/src/polkitbackend/polkitbackendactionpool.c 2011-04-20 12:02:27.366174916 +0200 +++ policykit/src/polkitbackend/polkitbackendactionpool.c 2011-08-08 14:14:31.713738052 +0200 @@ -24,6 +24,8 @@ #include #include #include +#include +#include #include #include @@ -45,7 +47,9 @@ gchar *vendor_url; gchar *icon_name; gchar *description; + gchar *description_domain; gchar *message; + gchar *message_domain; PolkitImplicitAuthorization implicit_authorization_any; PolkitImplicitAuthorization implicit_authorization_inactive; @@ -67,7 +71,9 @@ g_free (action->vendor_url); g_free (action->icon_name); g_free (action->description); + g_free (action->description_domain); g_free (action->message); + g_free (action->message_domain); g_hash_table_unref (action->localized_description); g_hash_table_unref (action->localized_message); @@ -87,6 +93,7 @@ static const gchar *_localize (GHashTable *translations, const gchar *untranslated, + const gchar *domain, const gchar *lang); typedef struct @@ -387,9 +394,11 @@ description = _localize (parsed_action->localized_description, parsed_action->description, + parsed_action->description_domain, locale); message = _localize (parsed_action->localized_message, parsed_action->message, + parsed_action->message_domain, locale); ret = polkit_action_description_new (action_id, @@ -605,11 +614,16 @@ GHashTable *policy_messages; char *policy_description_nolang; + char *policy_description_domain; char *policy_message_nolang; + char *policy_message_domain; /* the value of xml:lang for the thing we're reading in _cdata() */ char *elem_lang; + /* the value of gettext-domain for the thing we're reading in _cdata() */ + char *elem_domain; + char *annotate_key; GHashTable *annotations; @@ -631,8 +645,12 @@ g_free (pd->policy_description_nolang); pd->policy_description_nolang = NULL; + g_free (pd->policy_description_domain); + pd->policy_description_domain = NULL; g_free (pd->policy_message_nolang); pd->policy_message_nolang = NULL; + g_free (pd->policy_message_domain); + pd->policy_message_domain = NULL; if (pd->policy_descriptions != NULL) { g_hash_table_unref (pd->policy_descriptions); @@ -652,6 +670,8 @@ } g_free (pd->elem_lang); pd->elem_lang = NULL; + g_free (pd->elem_domain); + pd->elem_domain = NULL; } static void @@ -739,6 +759,10 @@ { pd->elem_lang = g_strdup (attr[1]); } + if (num_attr == 2 && strcmp (attr[0], "gettext-domain") == 0) + { + pd->elem_domain = g_strdup (attr[1]); + } state = STATE_IN_ACTION_DESCRIPTION; } else if (strcmp (el, "message") == 0) @@ -747,6 +771,10 @@ { pd->elem_lang = g_strdup (attr[1]); } + if (num_attr == 2 && strcmp (attr[0], "gettext-domain") == 0) + { + pd->elem_domain = g_strdup (attr[1]); + } state = STATE_IN_ACTION_MESSAGE; } else if (strcmp (el, "vendor") == 0 && num_attr == 0) @@ -849,6 +877,7 @@ { g_free (pd->policy_description_nolang); pd->policy_description_nolang = str; + pd->policy_description_domain = g_strdup (pd->elem_domain); str = NULL; } else @@ -865,6 +894,7 @@ { g_free (pd->policy_message_nolang); pd->policy_message_nolang = str; + pd->policy_message_domain = g_strdup (pd->elem_domain); str = NULL; } else @@ -962,6 +992,8 @@ g_free (pd->elem_lang); pd->elem_lang = NULL; + g_free (pd->elem_domain); + pd->elem_domain = NULL; switch (pd->state) { @@ -993,7 +1025,9 @@ action->vendor_url = g_strdup (vendor_url); action->icon_name = g_strdup (icon_name); action->description = g_strdup (pd->policy_description_nolang); + action->description_domain = g_strdup (pd->policy_description_domain); action->message = g_strdup (pd->policy_message_nolang); + action->message_domain = g_strdup (pd->policy_message_domain); action->localized_description = pd->policy_descriptions; action->localized_message = pd->policy_messages; @@ -1095,6 +1129,7 @@ * _localize: * @translations: a mapping from xml:lang to the value, e.g. 'da' -> 'Smadre', 'en_CA' -> 'Punch, Aye!' * @untranslated: the untranslated value, e.g. 'Punch' + * @domain: the gettext domain for this string. Make be NULL. * @lang: the locale we're interested in, e.g. 'da_DK', 'da', 'en_CA', 'en_US'; basically just $LANG * with the encoding cut off. Maybe be NULL. * @@ -1105,11 +1140,25 @@ static const gchar * _localize (GHashTable *translations, const gchar *untranslated, + const gchar *domain, const gchar *lang) { const gchar *result; gchar lang2[256]; guint n; + + if (domain != NULL) + { + gchar *old_locale; + + old_locale = g_strdup (setlocale (LC_ALL, NULL)); + setlocale (LC_ALL, lang); + result = dgettext (domain, untranslated); + setlocale (LC_ALL, old_locale); + g_free (old_locale); + + goto out; + } if (lang == NULL) { debian/patches/cve-2013-4288.patch0000664000000000000000000001254712227267237013426 0ustar From 52c927893a2ab135462b616c2e00fec377da9885 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Mon, 19 Aug 2013 12:16:11 -0400 Subject: [PATCH 2/4] pkcheck: Support --process=pid,start-time,uid syntax too The uid is a new addition; this allows callers such as libvirt to close a race condition in reading the uid of the process talking to them. They can read it via getsockopt(SO_PEERCRED) or equivalent, rather than having pkcheck look at /proc later after the fact. Programs which invoke pkcheck but need to know beforehand (i.e. at compile time) whether or not it supports passing the uid can use: pkcheck_supports_uid=$($PKG_CONFIG --variable pkcheck_supports_uid polkit-gobject-1) test x$pkcheck_supports_uid = xyes --- data/polkit-gobject-1.pc.in | 3 +++ docs/man/pkcheck.xml | 29 ++++++++++++++++++++--------- src/programs/pkcheck.c | 9 +++++++-- 3 files changed, 30 insertions(+), 11 deletions(-) Index: policykit-1-0.105/data/polkit-gobject-1.pc.in =================================================================== --- policykit-1-0.105.orig/data/polkit-gobject-1.pc.in 2013-09-11 09:40:56.604225567 -0400 +++ policykit-1-0.105/data/polkit-gobject-1.pc.in 2013-09-11 09:40:56.596225567 -0400 @@ -11,3 +11,6 @@ Libs: -L${libdir} -lpolkit-gobject-1 Cflags: -I${includedir}/polkit-1 Requires: gio-2.0 >= 2.18 glib-2.0 >= 2.18 +# Programs using pkcheck can use this to determine +# whether or not it can be passed a uid. +pkcheck_supports_uid=true Index: policykit-1-0.105/docs/man/pkcheck.xml =================================================================== --- policykit-1-0.105.orig/docs/man/pkcheck.xml 2013-09-11 09:40:56.604225567 -0400 +++ policykit-1-0.105/docs/man/pkcheck.xml 2013-09-11 09:42:28.272223569 -0400 @@ -55,6 +55,9 @@ pid,pid-start-time + + pid,pid-start-time,uid + @@ -90,7 +93,7 @@ DESCRIPTION pkcheck is used to check whether a process, specified by - either or , + either (see below) or , is authorized for action. The option can be used zero or more times to pass details about action. If is passed, pkcheck blocks @@ -160,17 +163,25 @@ NOTES - Since process identifiers can be recycled, the caller should always use - pid,pid-start-time to specify the process - to check for authorization when using the option. - The value of pid-start-time - can be determined by consulting e.g. the + Do not use either the bare pid or + pid,start-time syntax forms for + . There are race conditions in both. + New code should always use + pid,pid-start-time,uid. The value of + start-time can be determined by + consulting e.g. the proc5 - file system depending on the operating system. If only pid - is passed to the option, then pkcheck - will look up the start time itself but note that this may be racy. + file system depending on the operating system. If fewer than 3 + arguments are passed, pkcheck will attempt to + look up them up internally, but note that this may be racy. + + + If your program is a daemon with e.g. a custom Unix domain + socket, you should determine the uid + parameter via operating system mechanisms such as + PEERCRED. Index: policykit-1-0.105/src/programs/pkcheck.c =================================================================== --- policykit-1-0.105.orig/src/programs/pkcheck.c 2013-09-11 09:40:56.604225567 -0400 +++ policykit-1-0.105/src/programs/pkcheck.c 2013-09-11 09:40:56.600225567 -0400 @@ -372,6 +372,7 @@ else if (g_strcmp0 (argv[n], "--process") == 0 || g_strcmp0 (argv[n], "-p") == 0) { gint pid; + guint uid; guint64 pid_start_time; n++; @@ -381,7 +382,11 @@ goto out; } - if (sscanf (argv[n], "%i,%" G_GUINT64_FORMAT, &pid, &pid_start_time) == 2) + if (sscanf (argv[n], "%i,%" G_GUINT64_FORMAT ",%u", &pid, &pid_start_time, &uid) == 3) + { + subject = polkit_unix_process_new_for_owner (pid, pid_start_time, uid); + } + else if (sscanf (argv[n], "%i,%" G_GUINT64_FORMAT, &pid, &pid_start_time) == 2) { subject = polkit_unix_process_new_full (pid, pid_start_time); } debian/patches/07_set-XAUTHORITY-environment-variable-if-unset.patch0000664000000000000000000000434712227267237022356 0ustar From d6acecdd0ebb42e28ff28e04e0207cb01fa20910 Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Wed, 19 Dec 2012 14:28:29 -0500 Subject: [PATCH] Set XAUTHORITY environment variable if is unset The way it works is that if XAUTHORITY is unset, then its default value is $HOME/.Xauthority. But since we're changing user identity this will not work since $HOME will now change. Therefore, if XAUTHORITY is unset, just set its default value before changing identity. This bug only affected login managers using X Window Authorization but not explicitly setting the XAUTHORITY variable. You can argue that XAUTHORITY is broken since it forces uid-changing apps like pkexec(1) to do more work - and get involved in intimate details of how X works and so on - but that doesn't change how things work. Based on a patch from Peter Wu . https://bugs.freedesktop.org/show_bug.cgi?id=51623 Signed-off-by: David Zeuthen --- src/programs/pkexec.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) Index: policykit-1/src/programs/pkexec.c =================================================================== --- policykit-1.orig/src/programs/pkexec.c 2012-12-20 18:41:37.714807215 +0100 +++ policykit-1/src/programs/pkexec.c 2012-12-20 18:41:37.790805274 +0100 @@ -597,6 +597,28 @@ g_ptr_array_add (saved_env, g_strdup (value)); } + /* $XAUTHORITY is "special" - if unset, we need to set it to ~/.Xauthority. Yes, + * this is broken but it's unfortunately how things work (see fdo #51623 for + * details) + */ + if (g_getenv ("XAUTHORITY") == NULL) + { + const gchar *home; + + /* pre-2.36 GLib does not examine $HOME (it always looks in /etc/passwd) and + * this is not what we want + */ + home = g_getenv ("HOME"); + if (home == NULL) + home = g_get_home_dir (); + + if (home != NULL) + { + g_ptr_array_add (saved_env, g_strdup ("XAUTHORITY")); + g_ptr_array_add (saved_env, g_build_filename (home, ".Xauthority", NULL)); + } + } + /* Nuke the environment to get a well-known and sanitized environment to avoid attacks * via e.g. the DBUS_SYSTEM_BUS_ADDRESS environment variable and similar. */ debian/patches/09_pam_environment.patch0000664000000000000000000000163712227267237015372 0ustar Author: Steve Langasek Description: set process environment from pam_getenvlist() Various pam modules provide environment variables that are intended to be set in the environment of the pam session. pkexec needs to process the output of pam_getenvlist() to get these. Bug-Ubuntu: https://bugs.launchpad.net/bugs/982684 Index: trunk/src/programs/pkexec.c =================================================================== --- trunk.orig/src/programs/pkexec.c +++ trunk/src/programs/pkexec.c @@ -145,6 +145,7 @@ gboolean ret; gint rc; pam_handle_t *pam_h; + char **envlist; struct pam_conv conversation; ret = FALSE; @@ -176,6 +177,14 @@ ret = TRUE; + envlist = pam_getenvlist (pam_h); + if (envlist != NULL) { + int i; + for (i = 0; envlist[i]; i++) + putenv(envlist[i]); + free (envlist); + } + out: if (pam_h != NULL) pam_end (pam_h, rc); debian/patches/git_type_registration.patch0000664000000000000000000000713112276462576016301 0ustar From 20ad116a6582e57d20f9d8197758947918753a4c Mon Sep 17 00:00:00 2001 From: Tomas Bzatek Date: Wed, 29 May 2013 13:45:31 +0000 Subject: Use GOnce for interface type registration Static local variable may not be enough since it doesn't provide locking. Related to these udisksd warnings: GLib-GObject-WARNING **: cannot register existing type `PolkitSubject' Thanks to Hans de Goede for spotting this! https://bugs.freedesktop.org/show_bug.cgi?id=65130 --- diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c index dd15b2f..7813c2c 100644 --- a/src/polkit/polkitidentity.c +++ b/src/polkit/polkitidentity.c @@ -49,9 +49,9 @@ base_init (gpointer g_iface) GType polkit_identity_get_type (void) { - static GType iface_type = 0; + static volatile gsize g_define_type_id__volatile = 0; - if (iface_type == 0) + if (g_once_init_enter (&g_define_type_id__volatile)) { static const GTypeInfo info = { @@ -67,12 +67,14 @@ polkit_identity_get_type (void) NULL /* value_table */ }; - iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitIdentity", &info, 0); + GType iface_type = + g_type_register_static (G_TYPE_INTERFACE, "PolkitIdentity", &info, 0); g_type_interface_add_prerequisite (iface_type, G_TYPE_OBJECT); + g_once_init_leave (&g_define_type_id__volatile, iface_type); } - return iface_type; + return g_define_type_id__volatile; } /** diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c index d2c4c20..aed5795 100644 --- a/src/polkit/polkitsubject.c +++ b/src/polkit/polkitsubject.c @@ -50,9 +50,9 @@ base_init (gpointer g_iface) GType polkit_subject_get_type (void) { - static GType iface_type = 0; + static volatile gsize g_define_type_id__volatile = 0; - if (iface_type == 0) + if (g_once_init_enter (&g_define_type_id__volatile)) { static const GTypeInfo info = { @@ -68,12 +68,14 @@ polkit_subject_get_type (void) NULL /* value_table */ }; - iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitSubject", &info, 0); + GType iface_type = + g_type_register_static (G_TYPE_INTERFACE, "PolkitSubject", &info, 0); g_type_interface_add_prerequisite (iface_type, G_TYPE_OBJECT); + g_once_init_leave (&g_define_type_id__volatile, iface_type); } - return iface_type; + return g_define_type_id__volatile; } /** diff --git a/src/polkitbackend/polkitbackendactionlookup.c b/src/polkitbackend/polkitbackendactionlookup.c index 5a1a228..20747e7 100644 --- a/src/polkitbackend/polkitbackendactionlookup.c +++ b/src/polkitbackend/polkitbackendactionlookup.c @@ -74,9 +74,9 @@ base_init (gpointer g_iface) GType polkit_backend_action_lookup_get_type (void) { - static GType iface_type = 0; + static volatile gsize g_define_type_id__volatile = 0; - if (iface_type == 0) + if (g_once_init_enter (&g_define_type_id__volatile)) { static const GTypeInfo info = { @@ -92,12 +92,14 @@ polkit_backend_action_lookup_get_type (void) NULL /* value_table */ }; - iface_type = g_type_register_static (G_TYPE_INTERFACE, "PolkitBackendActionLookup", &info, 0); + GType iface_type = + g_type_register_static (G_TYPE_INTERFACE, "PolkitBackendActionLookup", &info, 0); g_type_interface_add_prerequisite (iface_type, G_TYPE_OBJECT); + g_once_init_leave (&g_define_type_id__volatile, iface_type); } - return iface_type; + return g_define_type_id__volatile; } /** -- cgit v0.9.0.2-2-gbebe debian/libpolkit-gobject-1-0.install0000664000000000000000000000004312227267237014466 0ustar usr/lib/*/libpolkit-gobject-1.so.* debian/policykit-1-doc.links0000664000000000000000000000010412227267237013147 0ustar usr/share/doc/policykit-1-doc/html/ usr/share/gtk-doc/html/polkit-1