Package: policykit-1 / 0.105-15~deb8u2

05_revert-admin-identities-unix-group-wheel.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
From: Michael Biebl <biebl@debian.org>
Date: Fri, 9 Dec 2011 00:31:21 +0100
Subject: Revert "Default to AdminIdentities=unix-group:wheel for local
 authority"

This reverts commit 763faf434b445c20ae9529100d3ef5290976d0c9.

On Red Hat derivatives, every member of group 'wheel' is necessarily
privileged. On Debian derivatives, there is no wheel group, and gid 0
(root) is not used in this way. Change the default rule to consider
uid 0 to be privileged, instead.

On Red Hat derivatives, 50-default.rules is not preserved by upgrades;
on dpkg-based systems, it is a proper conffile and may be edited
(at the sysadmin's own risk), so the comment about not editing it is
misleading.

[smcv: added longer explanation of why we make this change;
remove unrelated cosmetic change to a man page]

Forwarded: no, Debian-specific
---
 src/polkitbackend/50-localauthority.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/polkitbackend/50-localauthority.conf b/src/polkitbackend/50-localauthority.conf
index 5e44bde..20e0ba3 100644
--- a/src/polkitbackend/50-localauthority.conf
+++ b/src/polkitbackend/50-localauthority.conf
@@ -7,4 +7,4 @@
 #
 
 [Configuration]
-AdminIdentities=unix-group:wheel
+AdminIdentities=unix-user:0