PolicyKit changes in F12
David Zeuthen
davidz at redhat.com
Mon May 18 12:57:07 UTC 2009
On Mon, 2009-05-18 at 10:57 +0100, Daniel P. Berrange wrote:
> On Sun, May 17, 2009 at 09:14:03AM +0100, Richard Hughes wrote:
> > On Sat, May 16, 2009 at 8:56 AM, Daniel Veillard <veillard at redhat.com> wrote:
> > > ? No kit_* OOM handling in the new library
> > > means ?
> >
> > The old kit_* functions used to handle OOM (out of memory conditions)
> > and report back the correct error. The new library is more GLib like,
> > and doesn't handle OOM very well at all. It's likely you didn't care
> > about OOM before, so this change won't affect you.
>
> Well there are two ends to this. The client app side (eg virt-manager)
> we don't care about OOM, since we're using GTK and that just aborts all
> the time. For the service end, eg libvirtd, we do care about OOM handling
> and we test for it, so this change is an unfortunate regression :-(
No, there is no regression here. As I tried to explain in the reply to
Veillard:
1. In libvirtd, simply check for authorization by speaking to the
polkitd-1 using either the D-Bus API (via e.g. libdbus-1 which
handles OOM) or a through helper.
2. virt-manager will not have to know _anything_ about PolicyKit
And if either polkitd-1 or the helper aborts() due to OOM, then you will
get a D-Bus error back (or if using a helper, WIFEXITED(status) != 0)
and you can check the authorization again - this works because the bus
daemon (which handles OOM) will then reactivate polkitd-1.
David
More information about the fedora-devel-list
mailing list