* [PATCH 0/5] Add polkit distro feature
@ 2019-01-15 22:27 Stefan Agner
2019-01-15 22:27 ` [PATCH 1/5] systemd: only enable polkit if DISTRO_FEATURES asks for polkit Stefan Agner
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Stefan Agner @ 2019-01-15 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Stefan Agner
From: Stefan Agner <stefan.agner@toradex.com>
This patchset adds Polkit (formerly known as PolicyKit) as a distro feature.
Polkit is used to centrally manage system policies and allows non-privileged
processes access privileged operations.
Since various packages such as systemd, ConnMan or NetworkManager allow building
with/without Polkit support it is sensible to have a global policy by using a
distro feature to descide whether to use Polkit.
Currently there is NetworkManager and xfce4 which enable polkit if systemd is
enabled. Using Polkit as a distro feature allows to easily prevent any Polkit
use while still using systemd.
I plan to send another patch to wire this up in various packages in
meta-openembedded as well as documentation update.
--
Stefan
Stefan Agner (5):
systemd: only enable polkit if DISTRO_FEATURES asks for polkit
gconf: rename policykit to polkit
gconf: enable polkit if polkit distro feature is set
consolekit: rename policykit to polkit
consolekit: enable polkit if polkit distro feature is set
meta/recipes-core/systemd/systemd_239.bb | 3 +--
meta/recipes-gnome/gnome/gconf_3.2.6.bb | 7 +++----
meta/recipes-support/consolekit/consolekit_0.4.6.bb | 4 ++--
3 files changed, 6 insertions(+), 8 deletions(-)
--
2.13.6
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/5] systemd: only enable polkit if DISTRO_FEATURES asks for polkit
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
@ 2019-01-15 22:27 ` Stefan Agner
2019-01-15 22:27 ` [PATCH 2/5] gconf: rename policykit to polkit Stefan Agner
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Stefan Agner @ 2019-01-15 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Stefan Agner
From: Stefan Agner <stefan.agner@toradex.com>
Only add polkit to PACKAGECONFIG if polkit is in DISTRO_FEATURES.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
---
meta/recipes-core/systemd/systemd_239.bb | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/meta/recipes-core/systemd/systemd_239.bb b/meta/recipes-core/systemd/systemd_239.bb
index be836ffa42..586ef65299 100644
--- a/meta/recipes-core/systemd/systemd_239.bb
+++ b/meta/recipes-core/systemd/systemd_239.bb
@@ -76,7 +76,7 @@ PAM_PLUGINS = " \
"
PACKAGECONFIG ??= " \
- ${@bb.utils.filter('DISTRO_FEATURES', 'efi ldconfig pam selinux usrmerge', d)} \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'efi ldconfig pam selinux usrmerge polkit', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
acl \
@@ -94,7 +94,6 @@ PACKAGECONFIG ??= " \
myhostname \
networkd \
nss \
- polkit \
quotacheck \
randomseed \
resolved \
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 2/5] gconf: rename policykit to polkit
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
2019-01-15 22:27 ` [PATCH 1/5] systemd: only enable polkit if DISTRO_FEATURES asks for polkit Stefan Agner
@ 2019-01-15 22:27 ` Stefan Agner
2019-01-15 22:27 ` [PATCH 3/5] gconf: enable polkit if polkit distro feature is set Stefan Agner
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Stefan Agner @ 2019-01-15 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Stefan Agner
From: Stefan Agner <stefan.agner@toradex.com>
PolicyKit has been renamed to Polkit since quite a while. Rename
the PACKAGECONFIG accordingly.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
---
meta/recipes-gnome/gnome/gconf_3.2.6.bb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-gnome/gnome/gconf_3.2.6.bb b/meta/recipes-gnome/gnome/gconf_3.2.6.bb
index 120ae3e021..1e8ca2e5d2 100644
--- a/meta/recipes-gnome/gnome/gconf_3.2.6.bb
+++ b/meta/recipes-gnome/gnome/gconf_3.2.6.bb
@@ -22,12 +22,12 @@ S = "${WORKDIR}/GConf-${PV}"
EXTRA_OECONF = "--enable-shared --disable-static \
--disable-orbit --with-openldap=no --disable-gtk"
-# Disable PolicyKit by default
+# Disable Polkit by default
PACKAGECONFIG ??= ""
-# We really don't want PolicyKit for native
+# We really don't want Polkit for native
PACKAGECONFIG_class-native = ""
-PACKAGECONFIG[policykit] = "--enable-defaults-service,--disable-defaults-service,polkit"
+PACKAGECONFIG[polkit] = "--enable-defaults-service,--disable-defaults-service,polkit"
PACKAGECONFIG[debug] = "--enable-debug=yes, --enable-debug=minimum"
do_install_append() {
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 3/5] gconf: enable polkit if polkit distro feature is set
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
2019-01-15 22:27 ` [PATCH 1/5] systemd: only enable polkit if DISTRO_FEATURES asks for polkit Stefan Agner
2019-01-15 22:27 ` [PATCH 2/5] gconf: rename policykit to polkit Stefan Agner
@ 2019-01-15 22:27 ` Stefan Agner
2019-01-15 22:27 ` [PATCH 4/5] consolekit: rename policykit to polkit Stefan Agner
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Stefan Agner @ 2019-01-15 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Stefan Agner
From: Stefan Agner <stefan.agner@toradex.com>
Enable polkit depending on whether polkit distro feature is set.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
---
meta/recipes-gnome/gnome/gconf_3.2.6.bb | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/meta/recipes-gnome/gnome/gconf_3.2.6.bb b/meta/recipes-gnome/gnome/gconf_3.2.6.bb
index 1e8ca2e5d2..e6742f37d8 100644
--- a/meta/recipes-gnome/gnome/gconf_3.2.6.bb
+++ b/meta/recipes-gnome/gnome/gconf_3.2.6.bb
@@ -22,8 +22,7 @@ S = "${WORKDIR}/GConf-${PV}"
EXTRA_OECONF = "--enable-shared --disable-static \
--disable-orbit --with-openldap=no --disable-gtk"
-# Disable Polkit by default
-PACKAGECONFIG ??= ""
+PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'polkit', d)}"
# We really don't want Polkit for native
PACKAGECONFIG_class-native = ""
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 4/5] consolekit: rename policykit to polkit
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
` (2 preceding siblings ...)
2019-01-15 22:27 ` [PATCH 3/5] gconf: enable polkit if polkit distro feature is set Stefan Agner
@ 2019-01-15 22:27 ` Stefan Agner
2019-01-15 22:27 ` [PATCH 5/5] consolekit: enable polkit if polkit distro feature is set Stefan Agner
2019-01-15 22:39 ` [PATCH 0/5] Add polkit distro feature Randy MacLeod
5 siblings, 0 replies; 7+ messages in thread
From: Stefan Agner @ 2019-01-15 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Stefan Agner
From: Stefan Agner <stefan.agner@toradex.com>
PolicyKit has been renamed to Polkit since quite a while. Rename
the PACKAGECONFIG accordingly.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
---
meta/recipes-support/consolekit/consolekit_0.4.6.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-support/consolekit/consolekit_0.4.6.bb b/meta/recipes-support/consolekit/consolekit_0.4.6.bb
index 80d48bf84f..15b39046e3 100644
--- a/meta/recipes-support/consolekit/consolekit_0.4.6.bb
+++ b/meta/recipes-support/consolekit/consolekit_0.4.6.bb
@@ -26,7 +26,7 @@ S = "${WORKDIR}/ConsoleKit-${PV}"
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam systemd', d)}"
PACKAGECONFIG[pam] = "--enable-pam-module --with-pam-module-dir=${base_libdir}/security,--disable-pam-module,libpam"
-PACKAGECONFIG[policykit] = "--with-polkit,--without-polkit,polkit"
+PACKAGECONFIG[polkit] = "--with-polkit,--without-polkit,polkit"
PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--with-systemdsystemunitdir="
FILES_${PN} += "${exec_prefix}/lib/ConsoleKit \
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 5/5] consolekit: enable polkit if polkit distro feature is set
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
` (3 preceding siblings ...)
2019-01-15 22:27 ` [PATCH 4/5] consolekit: rename policykit to polkit Stefan Agner
@ 2019-01-15 22:27 ` Stefan Agner
2019-01-15 22:39 ` [PATCH 0/5] Add polkit distro feature Randy MacLeod
5 siblings, 0 replies; 7+ messages in thread
From: Stefan Agner @ 2019-01-15 22:27 UTC (permalink / raw)
To: openembedded-core; +Cc: Stefan Agner
From: Stefan Agner <stefan.agner@toradex.com>
Enable polkit depending on whether polkit distro feature is set.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
---
meta/recipes-support/consolekit/consolekit_0.4.6.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-support/consolekit/consolekit_0.4.6.bb b/meta/recipes-support/consolekit/consolekit_0.4.6.bb
index 15b39046e3..a17f739d4d 100644
--- a/meta/recipes-support/consolekit/consolekit_0.4.6.bb
+++ b/meta/recipes-support/consolekit/consolekit_0.4.6.bb
@@ -23,7 +23,7 @@ SRC_URI[sha256sum] = "b41d17e06f80059589fbeefe96ad07bcc564c49e65516da1caf9751464
S = "${WORKDIR}/ConsoleKit-${PV}"
-PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam systemd', d)}"
+PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam systemd polkit', d)}"
PACKAGECONFIG[pam] = "--enable-pam-module --with-pam-module-dir=${base_libdir}/security,--disable-pam-module,libpam"
PACKAGECONFIG[polkit] = "--with-polkit,--without-polkit,polkit"
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 0/5] Add polkit distro feature
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
` (4 preceding siblings ...)
2019-01-15 22:27 ` [PATCH 5/5] consolekit: enable polkit if polkit distro feature is set Stefan Agner
@ 2019-01-15 22:39 ` Randy MacLeod
5 siblings, 0 replies; 7+ messages in thread
From: Randy MacLeod @ 2019-01-15 22:39 UTC (permalink / raw)
To: Stefan Agner, openembedded-core; +Cc: Stefan Agner
On 1/15/19 5:27 PM, Stefan Agner wrote:
> From: Stefan Agner <stefan.agner@toradex.com>
>
> This patchset adds Polkit (formerly known as PolicyKit) as a distro feature.
> Polkit is used to centrally manage system policies and allows non-privileged
> processes access privileged operations.
>
> Since various packages such as systemd, ConnMan or NetworkManager allow building
> with/without Polkit support it is sensible to have a global policy by using a
> distro feature to descide whether to use Polkit.
>
> Currently there is NetworkManager and xfce4 which enable polkit if systemd is
> enabled. Using Polkit as a distro feature allows to easily prevent any Polkit
> use while still using systemd.
>
> I plan to send another patch to wire this up in various packages in
> meta-openembedded as well as documentation update.
Thanks.
The patches are pretty straight-forward.
LGTM.
../Randy
>
> --
> Stefan
>
> Stefan Agner (5):
> systemd: only enable polkit if DISTRO_FEATURES asks for polkit
> gconf: rename policykit to polkit
> gconf: enable polkit if polkit distro feature is set
> consolekit: rename policykit to polkit
> consolekit: enable polkit if polkit distro feature is set
>
> meta/recipes-core/systemd/systemd_239.bb | 3 +--
> meta/recipes-gnome/gnome/gconf_3.2.6.bb | 7 +++----
> meta/recipes-support/consolekit/consolekit_0.4.6.bb | 4 ++--
> 3 files changed, 6 insertions(+), 8 deletions(-)
>
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2019-01-15 22:40 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-15 22:27 [PATCH 0/5] Add polkit distro feature Stefan Agner
2019-01-15 22:27 ` [PATCH 1/5] systemd: only enable polkit if DISTRO_FEATURES asks for polkit Stefan Agner
2019-01-15 22:27 ` [PATCH 2/5] gconf: rename policykit to polkit Stefan Agner
2019-01-15 22:27 ` [PATCH 3/5] gconf: enable polkit if polkit distro feature is set Stefan Agner
2019-01-15 22:27 ` [PATCH 4/5] consolekit: rename policykit to polkit Stefan Agner
2019-01-15 22:27 ` [PATCH 5/5] consolekit: enable polkit if polkit distro feature is set Stefan Agner
2019-01-15 22:39 ` [PATCH 0/5] Add polkit distro feature Randy MacLeod
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.