%general-entities; ]> $LastChangedBy$ $Date$ Polkit Polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to communicate with privileged processes. &lfs84_checked; Package Information Download (HTTP): Download (FTP): Download MD5 sum: &polkit-md5sum; Download size: &polkit-size; Estimated disk space required: &polkit-buildsize; Estimated build time: &polkit-time; Additional Downloads Required patch: Polkit Dependencies Required and Recommended Since systemd-logind uses PAM to register user sessions, it is a good idea to build Polkit with PAM support so systemd-logind can track Polkit sessions. Optional (Required if building GNOME) Optional , , , and , and Required Runtime Dependencies If is installed, then and are required. If you have installed , but you do not want to install any of the DocBook packages mentioned, you will need to use --disable-man-pages in the instructions below. User Notes: There should be a dedicated user and group to take control of the polkitd daemon after it is started. Issue the following commands as the root user: groupadd -fg 27 polkitd && useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \ -g polkitd -s /bin/false polkitd When building Polkit with systemd logind support, the configure script explicitly checks if system is booted using systemd. This can cause problems if building the package in chroot, where the configure would fail to detect systemd. To workaround the problem, simply run the following command: sed -i "s:/sys/fs/cgroup/systemd/:/sys:g" configure Apply a security patch from upstream: patch -Np1 -i ../polkit-&polkit-version;-security_patch-3.patch Install Polkit by running the following commands: ./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --disable-static \ --enable-libsystemd-login=no \ --enable-libelogind=no \ --with-authfw=shadow && make ./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --disable-static && make To test the results, issue: make check. Note that system D-Bus daemon must be running for the testsuite to complete. One tests fails due to the security patch. Now, as the root user: make install --enable-libsystemd-login=no: This parameter fixes building without systemd, which is not part of LFS/BLFS. If you use systemd, replace "no" by "yes". --with-authfw=shadow: This parameter configures the package to use the Shadow rather than the Linux-PAM Authentication framework. Change the argument to 'pam' if you would like to use Linux-PAM. --with-authfw=shadow: This switch enables the package to use the Shadow rather than the Linux PAM Authentication framework. Use it if you have not installed Linux PAM. If you did not build Polkit with Linux PAM support, you can skip this section. If you have built Polkit with Linux PAM support, you need to modify the default PAM configuration file which was installed by default to get Polkit to work correctly with BLFS. Issue the following commands as the root user to create the configuration file for Linux PAM: cat > /etc/pam.d/polkit-1 << "EOF" # Begin /etc/pam.d/polkit-1 auth include system-auth account include system-account password include system-password session include system-session # End /etc/pam.d/polkit-1 EOF Installed Programs Installed Libraries Installed Directories pkaction, pkcheck, pk-example-frobnicate, pkexec, pkttyagent and polkitd libpolkit-agent-1.so and libpolkit-gobject-1.so /etc/polkit-1, /usr/include/polkit-1, /usr/lib/polkit-1, /usr/share/gtk-doc/html/polkit-1 and /usr/share/polkit-1 Short Descriptions pkaction is used to obtain information about registered PolicyKit actions. pkaction pkcheck is used to check whether a process is authorized for action. pkcheck pk-example-frobnicate is an example program to test the pkexec command. pk-example-frobnicate pkexec allows an authorized user to execute a command as another user. pkexec pkttyagent is used to start a textual authentication agent for the subject. pkttyagent polkitd provides the org.freedesktop.PolicyKit1 D-Bus service on the system message bus. polkitd libpolkit-agent-1.so contains the Polkit authentication agent API functions. libpolkit-agent-1.so libpolkit-gobject-1.so contains the Polkit authorization API functions. libpolkit-gobject-1.so