- Updated to version 127:
- socket-activated polkit-agent-helper can now run without SETUID (Luca Boccassi)
- user id (UID) now accessible to JavaScript rules via subject.uid (Rosentti, Jan Rybar)
- INI config file support for polkitd with configurable auth expiration timer (Luca Boccassi)
- auth_keep: skip re-authentication if new process shares same UID/parent/cgroup/tty (Luca Boccassi)
- CheckAuthorization now returns 'polkit.result' in the details dict (Luca Boccassi)
- pkexec: set $SUDO_UID/$SUDO_GID for compatibility with sudo (Lennart Poettering)
- pkexec: use realpath when comparing org.freedesktop.policykit.exec.path (Walter Doekes)
- memory limits added to systemd unit to mitigate memory leaks (Alexander Meshcheryakov)
- new translations: Bulgarian (twlvnn kraftwerk), Occitan (Mejans)
- systemd-socket-activation.patch: upstream, removed
- auth_keep.patch: upstream, removed
- sudo_uid.patch: upstream, removed
- added polkitd.conf.5 manpage, added polkitd.conf
OBS-URL: https://build.opensuse.org/request/show/1326294
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/polkit?expand=0&rev=97
- Updated to version 127:
- socket-activated polkit-agent-helper can now run without SETUID (Luca Boccassi)
- user id (UID) now accessible to JavaScript rules via subject.uid (Rosentti, Jan Rybar)
- INI config file support for polkitd with configurable auth expiration timer (Luca Boccassi)
- auth_keep: skip re-authentication if new process shares same UID/parent/cgroup/tty (Luca Boccassi)
- CheckAuthorization now returns 'polkit.result' in the details dict (Luca Boccassi)
- pkexec: set $SUDO_UID/$SUDO_GID for compatibility with sudo (Lennart Poettering)
- pkexec: use realpath when comparing org.freedesktop.policykit.exec.path (Walter Doekes)
- memory limits added to systemd unit to mitigate memory leaks (Alexander Meshcheryakov)
- new translations: Bulgarian (twlvnn kraftwerk), Occitan (Mejans)
- systemd-socket-activation.patch: upstream, removed
- auth_keep.patch: upstream, removed
- sudo_uid.patch: upstream, removed
- added polkitd.conf.5 manpage, added polkitd.conf
OBS-URL: https://build.opensuse.org/request/show/1325956
OBS-URL: https://build.opensuse.org/package/show/Base:System/polkit?expand=0&rev=207
- Updated to version 126:
+ Highlights:
- many code fixes detected either by CI or the author himself (Frantisek Sumsal)
- shellcheck and dependabot integration (Jan Macku)
- search for rules in /usr/local/share rather than /usr/local/lib (Luca Boccassi)
- Implement LogControl1 protocol for dynamic log level changes (Luca Boccassi)
- read actions also from /etc/, /run/ and /usr/local/share/ (Luca Boccassi)
- mozjs dropped in favor of duktape (Xi Ruoyao)
- many other fixes in build system and polkit code (Many thanks to all the authors.)
- Updated to version 125:
+ Highlights:
- introduction of CodeQL and a new integration test suite (Frantisek Sumsal)
- dropped mocklibc (Frantisek Sumsal)
- syslog-style log-levels introduction (Jan Rybar)
- LogControl integration (Luca Boccassi)
- pkexec: "No session for cookie" finally fixed (huxiaodong)
- resources optimizations: only instances affected by sessions-change recalculate authorizations (Jan Rybar, thanks to Michal Sekletar and Milan Crha)
- meson tweaks (Alyssa Ross, Luca Boccassi, Michael Biebl, Michael Olbrich)
- build warnings cleanup (peelz)
- Packit service configuration for the new upstream platform (Vincent Mihalkovic)
- systemd-tmpfiles.d integration (Vincent Mihalkovic)
- other fixes and changes (Gleb Popov, heather7283, Tianyu Chen, Tobias Stoeckmann)
- internationalization: Slovenian (filmsi), Hindi (Scrambled777)
- Updated to version 124:
+ Highlights:
- PIDFDs are used if available to track processes
- pidfd parameter available for CheckAuthorization()
- systemd-sysuser enabled for polkit
- polkit-actions-in-etc.patch: done upstream in commit 9958c259f82b066f613d171d2934c1bd829e31a4
- polkit-fix-implicit.patch: not needed anymore
OBS-URL: https://build.opensuse.org/request/show/1302945
OBS-URL: https://build.opensuse.org/package/show/Base:System/polkit?expand=0&rev=197
- Update to version 123:
+ Highlights:
- better safety with deeper restriction of the configuration
files
- better safety with restricting the daemon's owner under
systemd
- better safety with the systemd unit sandboxing
- less thread races during upload of the configuration
- Changes from version 122:
+ Highlights:
- new Georgian translation
- port to mozjs-102
- daemon-less build (support for e.g. flatpak deps)
- re-enable of (API) documentation build
- See more detailed changes in the included NEWS.md file.
- Change URL and Source to new home, and drop polkit.keyring and
tar.gz.sign tarball signature, no longer available.
- Drop polkit-fix-pam-prefix.patch: Fixed upstream.
- Add /usr/bin/dbus-daemon BuildRequires, needed for tests. Replace
the dbus-1 with /usr/bin/dbus-daemon Requires.
- change /usr/share/polkit-1/rules.d to 555,root:root. /usr content
isn't secret anyway so this avoids non-root owned files in /usr
(boo#1215482)
- update 50-default.rules to allow adding more admin rules
(jsc#PED-260, drop polkit-no-wheel-group.patch)
OBS-URL: https://build.opensuse.org/request/show/1127651
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/polkit?expand=0&rev=89
- Switch from mozjs to duktape:
* Add duktape-support.patch
Provides the same features as with mozjs, but is *much* smaller both during
build and runtime. Before, installing polkit needed 62.0 MiB, with this it's
just 16.3 MiB. (Tested in an opensuse/tumbleweed container).
I didn't encounter any errors while playing around with it in a Live CD. (forwarded request 949263 from favogt)
OBS-URL: https://build.opensuse.org/request/show/949264
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/polkit?expand=0&rev=80
- Switch from mozjs to duktape:
* Add duktape-support.patch
Provides the same features as with mozjs, but is *much* smaller both during
build and runtime. Before, installing polkit needed 62.0 MiB, with this it's
just 16.3 MiB. (Tested in an opensuse/tumbleweed container).
I didn't encounter any errors while playing around with it in a Live CD.
OBS-URL: https://build.opensuse.org/request/show/949263
OBS-URL: https://build.opensuse.org/package/show/Base:System/polkit?expand=0&rev=168
