polkit-gnome-authorization missing
Christoph Wickert
christoph.wickert at googlemail.com
Sun Oct 18 10:31:00 UTC 2009
Am Samstag, den 17.10.2009, 21:40 -0400 schrieb Matthias Clasen:
> On Sun, 2009-10-18 at 03:14 +0200, Christoph Wickert wrote:
>
> A couple of good questions, even if presented in a somewhat
> passive-aggressive tone.
Sorry about that, it wasn't meant to be aggressive in any way.
Nevertheless I have to admit that I found David's "come up with a patch"
attitude somewhat arrogant. I sure the manpage will not get better if
people who don't understand the concept completely start adding
"corrections".
> > So what is the relationship between the .conf files
> > in /etc/polkit-1/localauthority.conf.d and the .pkla files
> > in /var/lib/polkit-1/? Do they coexist, does one overwrite the other or
> > are they generated from the conf files? If so, by what program?
>
> The man page could certainly be clearer on this point. My understanding
> is that files in /etc/polkit-1/localauthority.conf.d _can_ overwrite
> each other (according to their ordering), but there is no overwriting
> between configuration in /etc/polkit-1 and /var/lib/polkit-1.
The first is clear, the latter IMHO not.
> The files in /etc/polkit-1/localauthority.conf.d can only configure a
> single aspect: which identities count as 'administrator'. This is done
> with the key 'AdminIdentities'.
Thanks for the clarification, I think this should be in the manapge
somehow.
> The .pkla files in the various /var/lib/polkit-1/localauthority/
> subdirectories can override each other (according to the ordering of the
> directories). The contain authorization entries that modify the policy
> for individual actions. As shown in the example in the man page.
Yes, this is understandable from the current manpage.
> > This is the first time .policy files are mentioned. Where are they and
> > what is their purpose?
>
> .policy files live in /usr/share/polkit-1/actions. They are installed by
> mechanisms that are using PolicyKit, to define the actions that they
> want to be controlled by PolicyKit. See the section 'Declaring Actions'
> in polkit(8).
Maybe a reference to polkit(8) should be added here and not only at the
bottom.
> > We just learned that .pkla files live in /var/lib. So people are
> > supposed to edit files in /var/lib that get overwritten on the next
> > update?
>
> If you study the contents of the polkit package, you will find that all
> the subdirectories below /var/lib/polkit-1/localauthority are empty. If
> you create files there, they will not be overwritten by updates.
I think the man page understandable by itself without looking at the
filesystem or rpm database.
> The /var/lib/polkit-1/localauthority/10-vendor.d directory is meant for
> default policies provided by the vendor, and the polkit-desktop-policy
> package installs its .pkla files there. Those will of course be
> overwritten by updates. But they are not meant for editing, anyway. If
> you need to tweak the policy, create your own .pkla file and put it e.g.
> in /var/lib/polkit-1/localauthority/30-site.d.
Understood, but this is not really following the fhs. .pkla files are
config files, so shouldn't they be in /etc?
Regards,
Christoph
More information about the Fedora-desktop-list
mailing list