From Fedora Project Wiki
Line 51: Line 51:
* Complete PolicyKit 1.0, including documentation and porting guide
* Complete PolicyKit 1.0, including documentation and porting guide
* Port PolicyKit-using applications to the new PolicyKit:
* Port PolicyKit-using applications to the new PolicyKit:
** NetworkManager (http://bugzilla.redhat.com/show_bug.cgi?id=499965)
{|
** DeviceKit-disks
! Package !! Status !! Bug
** gnome-disk-utility
|-
** DeviceKit-power (patch http://bugzilla.redhat.com/show_bug.cgi?id=498695)
| NetworkManager || || [http://bugzilla.redhat.com/show_bug.cgi?id=499965 499965]
** gnome-power-manager (patch http://bugzilla.redhat.com/show_bug.cgi?id=498560)
|-
** PackageKit (Done)
| DeviceKit-disks || ||
** gnome-packagekit (Done)
|-
** kpackagekit (http://bugzilla.redhat.com/show_bug.cgi?id=499968)
| gnome-disk-utility || ||
** hal (http://bugzilla.redhat.com/show_bug.cgi?id=499969)
|-
** libvirt (http://bugzilla.redhat.com/show_bug.cgi?id=499970)
| DeviceKit-power || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498695 498695]
** gnome-system-monitor (patch http://bugzilla.redhat.com/show_bug.cgi?id=495730)
|-
** ConsoleKit (patch http://bugzilla.redhat.com/show_bug.cgi?id=495617)
| gnome-power-manager || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498560 498560]
** gdm (patch http://bugzilla.redhat.com/show_bug.cgi?id=498361)
|-
** pulseaudio (patch http://bugzilla.redhat.com/show_bug.cgi?id=497621)
| PackageKit || done ||
** control-center (patch http://bugzilla.redhat.com/show_bug.cgi?id=498365)
|-
** fprintd (patch http://bugzilla.redhat.com/show_bug.cgi?id=498368)
| gnome-packagekit || done ||
** gnome-panel (patch http://bugzilla.redhat.com/show_bug.cgi?id=498366)
|-
** gnome-applets (no mechanism here, should either just drop cpufreq applet or build without polkit)
| kpackagekit || || [http://bugzilla.redhat.com/show_bug.cgi?id=499968 499968]
** GConf2 (patch http://bugzilla.redhat.com/show_bug.cgi?id=498370)
|-
** gnome-session (patch http://bugzilla.redhat.com/show_bug.cgi?id=497619)
| hal || || [http://bugzilla.redhat.com/show_bug.cgi?id=499969 499969]
** system-config-services (this uses python bindings in python-slip)
|-
** cups-pk-helper
| libvirt || || [http://bugzilla.redhat.com/show_bug.cgi?id=499970 499970]
|-
| gnome-system-monitor || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=495730 495730]
|-
| ConsoleKit || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=495617 495617]
|-
| gdm || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498361 498361]
|-
| pulseaudio || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=497621 497621]
|-
| control-center || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498365 498365]
|-
| fprintd || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498368 498368]
|-
| gnome-panel || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498366 498366]
|-
| gnome-applets || no mechanism here, should either just drop cpufreq applet or build without polkit ||
|-
| GConf2 || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=498370 498370]
|-
| gnome-session || untested patch || [http://bugzilla.redhat.com/show_bug.cgi?id=497619 497619]
|-
| system-config-services || this uses python bindings in python-slip ||
|-
| cups-pk-helper || ||


== How To Test ==
== How To Test ==

Revision as of 17:15, 9 May 2009


Feature Name

PolicyKit 1.0

Summary

PolicyKit provides a flexible framework for granting users access to privileged operations. It is meant to replace the old userhelper approach, and overcome some of its shortcomings. PolicyKit 1.0 addresses architectural shortcomings of the initial PolicyKit design.

Owner

Current status

  • Targeted release: Fedora 12
  • Last updated: 2009-05-01
  • Percentage of completion: 50%

PolicyKit 0.91 is the current release of the new PolicyKit. See the announcement

David has produced src rpms too [1].

The TODO list for PolicyKit 1.0 can be found here.

Richard has ported PackageKit to the new API (in a branch).

Matthias has produced patches for a number of PolicyKit clients (see below)

Next steps:

  • finish DeviceKit-disks port
  • write a notification icon
  • support for negative authorizations
  • port/rewrite the policy editor

Detailed Description

The initial Releases/FeaturePolicyKit as introduced in Fedora 8 has some shortcomings. E.g. it is based on a library with suid helpers. The shortcoming that motivated the rewrite is that it is not possible to integrate it with directory services such as FreeIPA. The new PolicyKit is implemented as a system bus service and has pluggable backends that make it easy to integrate with directory services. It is one of the goals of the Features/SSSD feature to write such a backend. PolicyKit 1.0 itself will ship with a backend that uses the local filesystem to store action definitions and authorizations, similar to the current PolicyKit.

More details can be found in Davids announcement of the PolicyKit 0.90 release.

The current plan is to land the new PolicyKit early in F12 (as soon as it opens up, basically), and have most of the patches ready to port applications. The old PolicyKit 0.9 packages can remain for a while to ease the transition period and will be removed a few months into F12, when all users have been ported.

Benefit to Fedora

Making it possible to manage policies in a central directory service makes Fedora more suitable for larger, centrally managed installations.

As a secondary benefit, the new PolicyKit api is much simpler to work with than the PolicyKit 0.9 api.

Scope

  • Package EggDbus, which is a depencency of the new PolicyKit
  • Package the new PolicyKit, making it parallel-installable with the current PolicyKit
  • Port supporting libraries such as PolicyKit-gnome and PolicyKit-kde to the new PolicyKit or obsolete them
  • Complete PolicyKit 1.0, including documentation and porting guide
  • Port PolicyKit-using applications to the new PolicyKit:
Package Status Bug
NetworkManager 499965
DeviceKit-disks
gnome-disk-utility
DeviceKit-power untested patch 498695
gnome-power-manager untested patch 498560
PackageKit done
gnome-packagekit done
kpackagekit 499968
hal 499969
libvirt 499970
gnome-system-monitor untested patch 495730
ConsoleKit untested patch 495617
gdm untested patch 498361
pulseaudio untested patch 497621
control-center untested patch 498365
fprintd untested patch 498368
gnome-panel untested patch 498366
gnome-applets no mechanism here, should either just drop cpufreq applet or build without polkit
GConf2 untested patch 498370
gnome-session untested patch 497619
system-config-services this uses python bindings in python-slip
cups-pk-helper

How To Test

  1. Make sure you have polkit and polkit-gnome 0.91 or newer installed.
  2. Make sure /usr/libexec/polkit-gnome-authentication-agent-1 is automatically started when you log in
  3. Choose a operation that require authorization and are using PolicyKit, e.g. setting the system timezone in the clock applet
  4. Try the operation and verify that you get a PolicyKit password dialog according to the policy
  5. Test that entering the wrong password does not let you execute the operation
  6. Test that entering the correct password lets you execute the operation
  7. Verify that the authorization is remembered according to the policy for this operation, and that a statusicon informs you about currently remembered authorizations
  8. Verify that you can drop the authorizations from the status icon
  9. Try changing the policy for the operation using the policy configuration utility
  10. Check that the policy changes are effective immediately
  11. Verify that logging out and back in removes all remembered authorizations

Repeat these tests with other operations that require authorization, such as storing system connections in nm-applet or changing the default desktop background.

User Experience

The authentication dialogs that are shown by PolicyKit will change in some aspects. The 'retain authorization' checkboxes will likely go away and be replaced with a status icon in the style of consolehelper-gtk, that lets you inspect and drop your retained authorizations.


Dependencies

  • Features/SSSD not a hard dependency, but these two features will benefit from each other


Contingency Plan

Stay with PolicyKit 0.9

Documentation

API documentation can be found here.

A porting guide is being assembled here.

No user documentation yet.

Release Notes

Fedora 12 includes PolicyKit 1.0. (Not sure anything else needs to be said here. If anything, might mention the new status icon)

Comments and Discussion
Retrieved from "https://fedoraproject.org/w/index.php?title=Features/PolicyKitOne&oldid=100865"