Context Navigation

polkit.xml

Visit:

trunk

Last change on this file was 6d8eeb9, checked in by Bruce Dubbs <bdubbs@…>, 5 weeks ago

Intermediate commit for kde6.

This is a large, but still intermediate commit for KDE6 (kf6 and plasma6).
These are the key changes:

Update kf6 dependencies.

Remove kuserfeedback (it is now a part of kf6).

Move libdbusmenu-qt to General Libraries. It is still needed for LXQt, but
will be remmoved when LXQt moves to Qt6 and LF6/Plasma6.

Made some changes to bluez to use &root;.

Commented out kmix, libkcddb, and k3b. These are still kf5 apps and would
require adding back most of kf5 to the book. It's easier to just wait for
these to be updated to qt6/kf6.

Removed references to the full qt5 package in LXQt packages. It mkes no sense
now that Qt6 is in the book to also build the full (deprecated) Qt5 package.
It may makes sense to just remove the full Qt5 package from th ebook now.

Renamed an internal referece from plasma5-build to just plasma-build in polkit
and mesa.

Property mode set to 100644

File size: 13.7 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY polkit-download-http "https://gitlab.freedesktop.org/polkit/polkit/-/archive/&polkit-version;/polkit-&polkit-version;.tar.gz">
8	<!ENTITY polkit-download-ftp " ">
9	<!ENTITY polkit-md5sum "97db655618e1483706fbc764787c7d6e">
10	<!ENTITY polkit-size "744 KB">
11	<!ENTITY polkit-buildsize "7.2 MB (with tests)">
12	<!ENTITY polkit-time "0.3 SBU (with tests; using parallelism=4)">
13	]>
14
15	<sect1 id="polkit" xreflabel="Polkit-&polkit-version;">
16	<?dbhtml filename="polkit.html"?>
17
18
19	<title>Polkit-&polkit-version;</title>
20
21	<indexterm zone="polkit">
22	<primary sortas="a-Polkit">Polkit</primary>
23	</indexterm>
24
25	<sect2 role="package">
26	<title>Introduction to Polkit</title>
27
28	<para>
29	<application>Polkit</application> is a toolkit for defining and handling
30	authorizations. It is used for allowing unprivileged processes to
31	communicate with privileged processes.
32	</para>
33
34	&lfs121_checked;
35
36	<bridgehead renderas="sect3">Package Information</bridgehead>
37	<itemizedlist spacing="compact">
38	<listitem>
39	<para>
40	Download (HTTP): <ulink url="&polkit-download-http;"/>
41	</para>
42	</listitem>
43	<listitem>
44	<para>
45	Download (FTP): <ulink url="&polkit-download-ftp;"/>
46	</para>
47	</listitem>
48	<listitem>
49	<para>
50	Download MD5 sum: &polkit-md5sum;
51	</para>
52	</listitem>
53	<listitem>
54	<para>
55	Download size: &polkit-size;
56	</para>
57	</listitem>
58	<listitem>
59	<para>
60	Estimated disk space required: &polkit-buildsize;
61	</para>
62	</listitem>
63	<listitem>
64	<para>
65	Estimated build time: &polkit-time;
66	</para>
67	</listitem>
68	</itemizedlist>
69
70	<!--
71	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
72	<itemizedlist spacing="compact">
73	<listitem>
74	<para>
75	Required patch:
76	<ulink url="&patch-root;/polkit-&polkit-version;-security_fixes-1.patch"/>
77	</para>
78	</listitem>
79	<listitem>
80	<para>
81	Required patch:
82	<ulink url="&patch-root;/polkit-&polkit-version;-js91-1.patch"/>
83	</para>
84	</listitem>
85	</itemizedlist>
86	-->
87
88	<bridgehead renderas="sect3">Polkit Dependencies</bridgehead>
89
90	<bridgehead renderas="sect4">Required</bridgehead>
91	<para role="required">
92	<xref linkend="glib2"/> (GObject Introspection recommended)
93	</para>
94
95	<bridgehead renderas="sect4">Recommended</bridgehead>
96	<para role="recommended">
97	<!-- For jhalfs just make it required to avoid over-complexity. -->
98	<xref role="required" linkend="duktape"/>,
99	<xref linkend="libxslt"/>,<phrase revision="systemd"> and</phrase>
100	<xref linkend="linux-pam"/><phrase revision="sysv">, and
101	<xref linkend="elogind"/>
102	</phrase>
103	</para>
104
105	<note>
106	<para>
107	Since <phrase revision="sysv"><command>elogind</command></phrase>
108	<phrase revision="systemd"><command>systemd-logind</command></phrase>
109	uses PAM to register user sessions, it is a good idea to build
110	<application>Polkit</application> with PAM support so
111	<phrase revision="sysv"><command>elogind</command></phrase>
112	<phrase revision="systemd"><command>systemd-logind</command></phrase>
113	can track <application>Polkit</application> sessions.
114	</para>
115	</note>
116
117	<bridgehead renderas="sect4">Optional</bridgehead>
118	<para role="optional">
119	<xref linkend="gtk-doc"/>,
120	<xref linkend="python-dbusmock"/>, and
121	<xref linkend="spidermonkey"/> (can be used in place of duktape)
122	</para>
123
124	<bridgehead renderas="sect4" revision="systemd">Required Runtime Dependencies</bridgehead>
125	<para role="required" revision="systemd">
126	<xref role="runtime" linkend="systemd"/>
127	</para>
128
129	<bridgehead renderas="sect4" id="polkit-agent" xreflabel="Polkit Authentication Agent">
130	Optional Runtime Dependencies
131	</bridgehead>
132	<para role="optional">
133	One polkit authentication agent for using polkit in the graphical
134	environment:
135	<application>polkit-kde-agent</application> in
136	<xref role="runtime" linkend="plasma-build"/> for KDE,
137	the agent built in
138	<xref role="runtime" linkend="gnome-shell"/> for GNOME3,
139	<xref role="runtime" linkend="polkit-gnome"/> for XFCE, and
140	<xref role="runtime" linkend="lxqt-policykit"/> for LXQt
141	</para>
142
143	<note>
144	<para>
145	If <xref linkend="libxslt"/> is installed,
146	then <xref linkend="DocBook"/> and <xref linkend="docbook-xsl"/> are
147	required. If you have installed <xref linkend="libxslt"/>, but you do
148	not want to install any of the DocBook packages mentioned, you will
149	need to use <option>-Dman=false</option> in the instructions
150	below.
151	</para>
152	</note>
153
154	</sect2>
155
156	<sect2 role="installation">
157	<title>Installation of Polkit</title>
158
159	<para>
160	There should be a dedicated user and group to take control
161	of the <command>polkitd</command> daemon after it is
162	started. Issue the following commands as the
163	<systemitem class="username">root</systemitem> user:
164	</para>
165
166	<screen role="root"><userinput>groupadd -fg 27 polkitd &&
167	useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \
168	-g polkitd -s /bin/false polkitd</userinput></screen>
169
170	<para revision='sysv'>
171	First fix a build problem for sysV based systems:
172	</para>
173
174	<screen revision="sysv"><userinput>sed -i '/systemd_sysusers_dir/s/^/#/' meson.build</userinput></screen>
175
176	<para>
177	Install <application>Polkit</application> by running the following
178	commands:
179	</para>
180
181	<screen revision="systemd"><userinput>mkdir build &&
182	cd build &&
183
184	meson setup .. \
185	--prefix=/usr \
186	--buildtype=release \
187	-Dman=true \
188	-Dsession_tracking=libsystemd-login \
189	-Dtests=true &&
190	ninja</userinput></screen>
191
192	<screen revision="sysv"><userinput>mkdir build &&
193	cd build &&
194
195	meson setup .. \
196	--prefix=/usr \
197	--buildtype=release \
198	-Dman=true \
199	-Dsession_tracking=libelogind \
200	-Dtests=true &&
201	ninja</userinput></screen>
202
203	<para>
204	To test the results, first ensure that the system
205	<application>D-Bus</application> daemon is running,
206	and both <xref linkend='dbus-python'/> and
207	<xref linkend='python-dbusmock'/> are installed.
208	Then run <command>ninja test</command>.
209	</para>
210
211	<para>
212	Now, as the <systemitem class="username">root</systemitem> user:
213	</para>
214
215	<screen role="root"><userinput>ninja install</userinput></screen>
216
217	</sect2>
218
219	<sect2 role="commands">
220	<title>Command Explanations</title>
221
222	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
223	href="../../xincludes/meson-buildtype-release.xml"/>
224
225	<para>
226	<parameter>-Dtests=true</parameter>: This switch allows to run the
227	test suite of this package. As <application>Polkit</application> is
228	used for authorizations, its integrity can affect system security.
229	So it's recommended to run the test suite building this package.
230	</para>
231
232	<para>
233	<option>-Djs_engine=mozjs</option>: This switch allows using the
234	<xref linkend="spidermonkey"/> JavaScript engine instead of the
235	<xref linkend='duktape'/> JavaScript engine.
236	</para>
237
238	<!--
239	<para revision="sysv">
240	<parameter>- -disable-libsystemd-login</parameter>: This switch forces
241	polkit to build with elogind support (if available) rather than
242	systemd-logind.
243	</para>
244
245
246	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
247	href="../../xincludes/static-libraries.xml"/>
248	-->
249
250	<para>
251	<option>-Dos_type=lfs</option>: Use this switch if you did not create
252	the <filename>/etc/lfs-release</filename> file or distribution auto
253	detection will fail and you will be unable to use
254	<application>Polkit</application>.
255	</para>
256
257	<para>
258	<option>-Dauthfw=shadow</option>: This switch enables the
259	package to use the <application>Shadow</application> rather than the
260	<application>Linux PAM</application> Authentication framework. Use it
261	if you have not installed <application>Linux PAM</application>.
262	</para>
263
264	<!--
265	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
266	href="../../xincludes/gtk-doc-rebuild.xml"/>
267	-->
268
269	<para>
270	<option>-Dintrospection=false</option>: Use this option if you are certain
271	that you do not need gobject-introspection files for polkit, or do not have
272	installed <xref linkend='glib2'/> with GObject Introspection.
273	</para>
274
275	<para>
276	<option>-Dman=false</option>: Use this option to disable generating and
277	installing manual pages. This is useful if libxslt is not installed.
278	</para>
279
280	<para>
281	<option>-Dexamples=true</option>: Use this option to build the example
282	programs.
283	</para>
284
285	<para>
286	<option>-Dgtk_doc=true</option>: Use this option to enable building and
287	installing the API documentation.
288	</para>
289
290	</sect2>
291
292	<sect2 role="content">
293	<title>Contents</title>
294
295	<segmentedlist>
296	<segtitle>Installed Programs</segtitle>
297	<segtitle>Installed Libraries</segtitle>
298	<segtitle>Installed Directories</segtitle>
299
300	<seglistitem>
301	<seg>
302	pkaction, pkcheck, <!--pk-example-frobnicate,--> pkexec,
303	pkttyagent, and polkitd
304	</seg>
305	<seg>
306	libpolkit-agent-1.so and
307	libpolkit-gobject-1.so
308	</seg>
309	<seg>
310	/etc/polkit-1,
311	/usr/include/polkit-1,
312	/usr/lib/polkit-1,
313	/usr/share/gtk-doc/html/polkit-1, and
314	/usr/share/polkit-1
315	</seg>
316	</seglistitem>
317	</segmentedlist>
318
319	<variablelist>
320	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
321	<?dbfo list-presentation="list"?>
322	<?dbhtml list-presentation="table"?>
323
324	<varlistentry id="pkaction">
325	<term><command>pkaction</command></term>
326	<listitem>
327	<para>
328	is used to obtain information about registered PolicyKit actions
329	</para>
330	<indexterm zone="polkit pkaction">
331	<primary sortas="b-pkaction">pkaction</primary>
332	</indexterm>
333	</listitem>
334	</varlistentry>
335
336	<varlistentry id="pkcheck">
337	<term><command>pkcheck</command></term>
338	<listitem>
339	<para>
340	is used to check whether a process is authorized for action
341	</para>
342	<indexterm zone="polkit pkcheck">
343	<primary sortas="b-pkcheck">pkcheck</primary>
344	</indexterm>
345	</listitem>
346	</varlistentry>
347
348	<!--
349	<varlistentry id="pk-example-frobnicate">
350	<term><command>pk-example-frobnicate</command></term>
351	<listitem>
352	<para>
353	is an example program to test the <command>pkexec</command>
354	command
355	</para>
356	<indexterm zone="polkit pk-example-frobnicate">
357	<primary sortas="b-pk-example-frobnicate">pk-example-frobnicate</primary>
358	</indexterm>
359	</listitem>
360	</varlistentry>
361	-->
362
363	<varlistentry id="pkexec">
364	<term><command>pkexec</command></term>
365	<listitem>
366	<para>
367	allows an authorized user to execute a command as another user
368	</para>
369	<indexterm zone="polkit pkexec">
370	<primary sortas="b-pkexec">pkexec</primary>
371	</indexterm>
372	</listitem>
373	</varlistentry>
374
375	<varlistentry id="pkttyagent">
376	<term><command>pkttyagent</command></term>
377	<listitem>
378	<para>
379	is used to start a textual authentication agent for the subject
380	</para>
381	<indexterm zone="polkit pkttyagent">
382	<primary sortas="b-pkttyagent">pkttyagent</primary>
383	</indexterm>
384	</listitem>
385	</varlistentry>
386
387	<varlistentry id="polkitd">
388	<term><command>polkitd</command></term>
389	<listitem>
390	<para>
391	provides the org.freedesktop.PolicyKit1 <application>D-Bus</application>
392	service on the system message bus
393	</para>
394	<indexterm zone="polkit polkitd">
395	<primary sortas="b-polkitd">polkitd</primary>
396	</indexterm>
397	</listitem>
398	</varlistentry>
399
400	<varlistentry id="libpolkit-agent-1">
401	<term><filename class="libraryfile">libpolkit-agent-1.so</filename></term>
402	<listitem>
403	<para>
404	contains the <application>Polkit</application> authentication
405	agent API functions
406	</para>
407	<indexterm zone="polkit libpolkit-agent-1">
408	<primary sortas="c-libpolkit-agent-1">libpolkit-agent-1.so</primary>
409	</indexterm>
410	</listitem>
411	</varlistentry>
412
413	<varlistentry id="libpolkit-gobject-1">
414	<term><filename class="libraryfile">libpolkit-gobject-1.so</filename></term>
415	<listitem>
416	<para>
417	contains the <application>Polkit</application> authorization API functions
418	</para>
419	<indexterm zone="polkit libpolkit-gobject-1">
420	<primary sortas="c-libpolkit-gobject-1">libpolkit-gobject-1.so</primary>
421	</indexterm>
422	</listitem>
423	</varlistentry>
424
425	</variablelist>
426
427	</sect2>
428
429	</sect1>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: postlfs/security/polkit.xml

Download in other formats: