Package: policykit-1 / 0.105-8

Metadata

Package Version Patches format
policykit-1 0.105-8 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
01_pam_polkit.patch | (download)

data/polkit-1.in | 10 6 + 4 - 0 !
1 file changed, 6 insertions(+), 4 deletions(-)

---
02_gettext.patch | (download)

src/polkitbackend/polkitbackendactionpool.c | 49 49 + 0 - 0 !
1 file changed, 49 insertions(+)

 [patch] use gettext for translations in .policy files
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=29639
Bug-Ubuntu: https://launchpad.net/bugs/619632


03_complete_session.patch | (download)

src/polkitagent/polkitagentsession.c | 14 10 + 4 - 0 !
1 file changed, 10 insertions(+), 4 deletions(-)

 fix the race that leads to the password box disappearing, but the dialog remaining.
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=30515
Bug-Ubuntu: https://launchpad.net/bugs/649939
Bug-Ubuntu: https://launchpad.net/bugs/445303

04_get_cwd.patch | (download)

src/programs/pkexec.c | 5 3 + 2 - 0 !
1 file changed, 3 insertions(+), 2 deletions(-)

 [patch] fix build on gnu hurd

https://bugs.freedesktop.org/show_bug.cgi?id=35685

05_revert admin identities unix group wheel.patch | (download)

docs/man/pklocalauthority.xml | 4 2 + 2 - 0 !
src/polkitbackend/50-localauthority.conf | 2 1 + 1 - 0 !
2 files changed, 3 insertions(+), 3 deletions(-)

 [patch] revert "default to adminidentities=unix-group:wheel for
 local authority"

This reverts commit 763faf434b445c20ae9529100d3ef5290976d0c9.

06_systemd service.patch | (download)

data/org.freedesktop.PolicyKit1.service.in | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---
07_set XAUTHORITY environment variable if unset.patch | (download)

src/programs/pkexec.c | 22 22 + 0 - 0 !
1 file changed, 22 insertions(+)

 [patch] set xauthority environment variable if is unset

The way it works is that if XAUTHORITY is unset, then its default
value is $HOME/.Xauthority. But since we're changing user identity
this will not work since $HOME will now change. Therefore, if
XAUTHORITY is unset, just set its default value before changing
identity. This bug only affected login managers using X Window
Authorization but not explicitly setting the XAUTHORITY variable.

You can argue that XAUTHORITY is broken since it forces uid-changing
apps like pkexec(1) to do more work - and get involved in intimate
details of how X works and so on - but that doesn't change how things
work.

Based on a patch from Peter Wu <lekensteyn@gmail.com>.

https://bugs.freedesktop.org/show_bug.cgi?id=51623

Signed-off-by: David Zeuthen <zeuthen@gmail.com>

08_deprecate_racy_APIs.patch | (download)

src/polkit/polkitunixprocess.h | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---
cve 2013 4288.patch | (download)

data/polkit-gobject-1.pc.in | 3 3 + 0 - 0 !
docs/man/pkcheck.xml | 29 20 + 9 - 0 !
src/programs/pkcheck.c | 7 6 + 1 - 0 !
3 files changed, 29 insertions(+), 10 deletions(-)

 [patch 2/4] pkcheck: support --process=pid,start-time,uid syntax too

The uid is a new addition; this allows callers such as libvirt to
close a race condition in reading the uid of the process talking to
them.  They can read it via getsockopt(SO_PEERCRED) or equivalent,
rather than having pkcheck look at /proc later after the fact.

Programs which invoke pkcheck but need to know beforehand (i.e.  at
compile time) whether or not it supports passing the uid can
use:

pkcheck_supports_uid=$($PKG_CONFIG --variable pkcheck_supports_uid polkit-gobject-1)
test x$pkcheck_supports_uid = xyes

09_pam_environment.patch | (download)

src/programs/pkexec.c | 9 9 + 0 - 0 !
1 file changed, 9 insertions(+)

 set process environment from pam_getenvlist()
 Various pam modules provide environment variables that are intended to be
 set in the environment of the pam session.  pkexec needs to process the
 output of pam_getenvlist() to get these.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/982684