[gparted] Add required polkit action file (#776437)
- From: Curtis Gedak <gedakc src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gparted] Add required polkit action file (#776437)
- Date: Fri, 1 Sep 2017 16:33:40 +0000 (UTC)
commit f35e734a0c21869c5cdff61ffb2b5724e6ae431b
Author: Mike Fleetwood <mike fleetwood googlemail com>
Date: Sat Jun 24 10:39:37 2017 +0100
Add required polkit action file (#776437)
An action file is always needed with polkit to describe the privileged
actions that are available to the subject (client program). For GParted
the only available action is to run the gparted shell script as root.
Note that the polkit action file will be installed into location
$(prefix)/share/polkit-1/actions. This is required by the GNU Coding
Standards [1] and to prevent 'make distcheck' from failing [2]. However
polkit only uses /usr/share/polkit-1/actions for it's action files [3].
This dilemma was discussed in this Bugzilla bug 776437 and on the
general Automake discussion email list [4]. The solution is to simply
document in the README file that a manual additional installation step
may be required.
The action file is marked as translatable with the underscore (_) of the
_description and _message tags identifying the string to be translated.
Use of INTLTOOL_POLICY_RULE in Makefile.am to merge translations into
the polkit action file necessitates increasing the minimum version of
intltool to 0.36.0 where it was first introduced in intltool.m4. This
will prevent GParted building on RedHat/CentOS 5 which only has intltool
0.35.0. But that doesn't matter because RedHat/CentOS 5 reached end of
life on 31st March 2017.
[1] GNU Coding Standards, 7.2.5 Variables for Installation Directories
https://www.gnu.org/prep/standards/standards.html#Directory-Variables
[2] Automake Manual, 27.10 Installing to Hard-Coded Locations
https://www.gnu.org/software/automake/manual/automake.html#Hard_002dCoded-Install-Paths
"My package needs to populate the installation directory of another
package at install-time. I can easily compute that installation
directory in configure, but if I install files therein,
'make distcheck' fails. How else should I do?"
[3] polkit(8), Declaring Actions
https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html#polkit-declaring-actions
"A mechanism need to declare a set of actions in order to use
polkit. Actions correspond to operations that clients can request
the mechanism to carry out and are defined in XML files that the
mechanism installs into the /usr/share/polkit-1/actions directory."
[4] Not installing to hard-coded locations vs polkit's fixed location
http://lists.gnu.org/archive/html/automake/2017-08/msg00015.html
Bug 776437 - GParted fails to run as root under Wayland
.gitignore | 2 +
Makefile.am | 14 ++++++++++-
README | 48 +++++++++++++++++++++++++++++++++++++--
configure.ac | 2 +-
org.gnome.gparted.policy.in.in | 23 +++++++++++++++++++
po/POTFILES.in | 1 +
po/POTFILES.skip | 2 +
7 files changed, 87 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a8e339b..a2db572 100644
--- a/.gitignore
+++ b/.gitignore
@@ -43,6 +43,8 @@ m4/*.m4
missing
mkinstalldirs
omf.make
+org.gnome.gparted.policy
+org.gnome.gparted.policy.in
stamp-*
test-driver
testbuild.log
diff --git a/Makefile.am b/Makefile.am
index 5a562eb..03d5163 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -20,8 +20,15 @@ APPDATA_FILES =$(APPDATA_IN_FILES:.xml.in=.xml)
appdatadir = $(datadir)/appdata
appdata_DATA = $(APPDATA_FILES)
+@INTLTOOL_POLICY_RULE@
+polkit_action_in_in_FILES = org.gnome.gparted.policy.in.in
+polkit_action_in_FILES = org.gnome.gparted.policy.in
+polkit_action_FILES = $(polkit_action_in_FILES:.policy.in=.policy)
+polkit_actiondir = $(datadir)/polkit-1/actions
+polkit_action_DATA = $(polkit_action_FILES)
+
bin_SCRIPTS = gparted
-CLEANFILES = $(bin_SCRIPTS) $(DESKTOP_IN_FILES)
+CLEANFILES = $(bin_SCRIPTS) $(DESKTOP_IN_FILES) $(polkit_action_in_FILES)
do_subst = sed -e 's,[@]sbindir[@],$(sbindir),g' \
-e 's,[@]bindir[@],$(bindir),g' \
@@ -34,6 +41,9 @@ gparted: gparted.in Makefile
$(do_subst) < $(srcdir)/gparted.in > gparted
chmod +x gparted
+org.gnome.gparted.policy.in: org.gnome.gparted.policy.in.in Makefile
+ $(do_subst) < $(srcdir)/org.gnome.gparted.policy.in.in > org.gnome.gparted.policy.in
+
dist-hook:
@if test -d "$(srcdir)/.git"; \
then \
@@ -62,6 +72,7 @@ EXTRA_DIST = \
$(APPDATA_FILES) \
$(DESKTOP_IN_IN_FILES) \
$(DESKTOP_FILES) \
+ $(polkit_action_in_in_FILES) \
intltool-extract.in \
intltool-merge.in \
intltool-update.in \
@@ -71,6 +82,7 @@ EXTRA_DIST = \
DISTCLEANFILES = \
$(appdata_DATA) \
$(desktop_DATA) \
+ $(polkit_action_DATA) \
intltool-extract \
intltool-merge \
intltool-update \
diff --git a/README b/README
index 6a123f9..46eb244 100644
--- a/README
+++ b/README
@@ -75,8 +75,11 @@ b. Building from Source
./configure
make
sudo make install
- This assumes all the dependencies are already installed and builds
- the default configuration.
+ sudo install -m 644 org.gnome.gparted.policy \
+ /usr/share/polkit-1/actions/org.gnome.gparted.local.policy
+ This assumes all the dependencies are already installed, builds the
+ default configuration and polkit is being used as the graphical su
+ program.
The following dependencies are required to build GParted from source:
g++
@@ -147,7 +150,46 @@ b. Building from Source
The INSTALL file contains further GNU installation instructions.
-c. Building using a Specific (lib)parted Version
+c. Installing polkit's Action File
+
+ GParted needs to run as root therefore it needs a graphical switch
+ user program to allow normal users to run it. Most desktops now use
+ polkit as their preferred authorisation mechanism. Therefore
+ ./configure looks for polkit's pkexec as the first choice with
+ fallbacks in order being: gksudo, gksu, kdesudo and finally xdg-su.
+ Also polkit reads action files only from directory
+ /usr/share/polkit-1/actions. Therefore it is likely that a polkit
+ action file will need to be installed into this directory.
+
+ To determine if polkit's pkexec program is being used as the
+ graphical privilege escalation program examine the output from
+ ./configure. These lines report that pkexec is being used:
+
+ checking for pkexec... pkexec
+ checking how to run pkexec... pkexec --disable-internal-agent
+
+ Where as this line of ./configure output reports that pkexec is not
+ being used:
+
+ checking for pkexec... no
+
+ When GParted is configured with prefix /usr (using command
+ ./configure --prefix=/usr) then make install will automatically
+ install the polkit action file into the correct directory and no
+ further steps need to be taken. This is typically the case for
+ distribution builds of GParted.
+
+ However when GParted is configured with the default prefix of
+ /usr/local, or any prefix other than /usr, then the polkit action
+ file has to be manually installed into the correct directory. Also
+ it should have a unique file name to avoid overwriting the action
+ file from the distribution's package. Install the polkit action file
+ with a unique name including an extra ".local" in the name:
+
+ sudo install -m 644 org.gnome.gparted.policy \
+ /usr/share/polkit-1/actions/org.gnome.gparted.local.policy
+
+d. Building using a Specific (lib)parted Version
1) Download the parted version you wish to use (e.g., 3.2) from:
diff --git a/configure.ac b/configure.ac
index 0b4f74d..f2969d8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -42,7 +42,7 @@ AC_SUBST([GETTEXT_PACKAGE])
AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE], "$GETTEXT_PACKAGE", [description])
AM_GLIB_GNU_GETTEXT
-IT_PROG_INTLTOOL([0.35.5])
+IT_PROG_INTLTOOL([0.36.0])
dnl======================
diff --git a/org.gnome.gparted.policy.in.in b/org.gnome.gparted.policy.in.in
new file mode 100644
index 0000000..6ff5e6c
--- /dev/null
+++ b/org.gnome.gparted.policy.in.in
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd";>
+<policyconfig>
+
+ <vendor>The GParted Project</vendor>
+ <vendor_url>http://gparted.org/</vendor_url>
+ <icon_name>gparted</icon_name>
+ <action id="org.gnome.gparted">
+
+ <_description>Run GParted as root</_description>
+ <_message>Authentication is required to run the GParted Partition Editor as root</_message>
+ <defaults>
+ <allow_any>auth_admin</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">@bindir@/gparted</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+
+ </action>
+
+</policyconfig>
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 9e3cba2..76a82a1 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -2,6 +2,7 @@
# Please keep this file sorted alphabetically.
gparted.appdata.xml.in
gparted.desktop.in.in
+org.gnome.gparted.policy.in.in
include/Utils.h
src/BlockSpecial.cc
src/CopyBlocks.cc
diff --git a/po/POTFILES.skip b/po/POTFILES.skip
index bc77ac9..3f7f666 100644
--- a/po/POTFILES.skip
+++ b/po/POTFILES.skip
@@ -1,7 +1,9 @@
# List of source files containing translatable strings, but should be skipped.
# Please keep this file sorted alphabetically.
gparted.desktop.in
+org.gnome.gparted.policy.in
lib/gtest/include/gtest/internal/gtest-filepath.h
lib/gtest/src/gtest.cc
# https://bugs.launchpad.net/intltool/+bug/1117944
sub/gparted.desktop.in
+sub/org.gnome.gparted.policy.in
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
