------------------------------------------------------------------- Mon Jan 9 09:33:30 UTC 2012 - vuntz@opensuse.org - Split typelib file into typelib-1_0-Polkit-1_0 subpackage. - Add typelib-1_0-Polkit-1_0 Requires to devel subpackage. - Add explicit libpolkit0 Requires to devel subpackage: it was missing before. - Remove explicit glib2-devel Requires from devel subpackage: it will automatically be added the pkgconfig() way. - Improve summary of libpolkit0 subpackage. ------------------------------------------------------------------- Wed Jan 4 22:03:54 UTC 2012 - crrodriguez@opensuse.org - A quick test reveals that the systemd backend does not integrate very well with packages yet, revert. ------------------------------------------------------------------- Wed Jan 4 21:02:38 UTC 2012 - crrodriguez@opensuse.org - Previous update missed systemd-devel in buildrequires without it no systemd support is built ------------------------------------------------------------------- Wed Jan 4 13:52:09 UTC 2012 - vuntz@opensuse.org - Update to version 0.104: + Add optional systemd support + Add netgroup support (fdo#43610) + Add unit tests (fdo#43608) - Changes from version 0.103: + Mistype in DBus object: PoliycKit1 -> PolicyKit1 + Add support for the org.freedesktop.policykit.imply annotation + Add --no-debug option and use this for D-Bus activation + Add org.freedesktop.policykit.owner annotation (fdo#41025) + Default to AdminIdentities=unix-group:wheel for local authority - Drop patches that were taken from upstream: + 0001-Add-support-for-the-org.freedesktop.policykit.imply-a.diff + 0002-Add-no-debug-option-and-use-this-for-D-Bus-activation.diff + 0003-Bug-41025-Add-org.freedesktop.policykit.owner-annotat.diff - Add polkit-no-wheel-group.patch: do not allow the wheel group as admin identity, and revert to only accept the root user for this. ------------------------------------------------------------------- Wed Nov 2 10:30:03 UTC 2011 - lnussel@suse.de - pick some patches from git to add support for org.freedesktop.policykit.imply, disable debug spam and allow unprivileged users to query authorizations (bnc#698250) ------------------------------------------------------------------- Fri Sep 2 10:42:54 UTC 2011 - vuntz@opensuse.org - Update to version 0.102: + pkexec: - fdo#38769: Support running X11 apps - Avoid time-of-check-to-time-of-use problems with parent process + Fix backend crash if a .policy file does not specify + Fix multi-line pam prompt handling + Don't show diagnostic messages intended for the administrator to the end user + PolkitUnixProcess: - Clarify that the real uid is returned, not the effective one - Record the uid of the process + Backend: Use polkit_unix_process_get_uid() to get the owner of a process + Introspection fixes: - Add --c-include to the gir files - Specify exported pkg-config files in GIRs + Build fix. - Drop polkit-CVE-2011-1485-1.patch, polkit-CVE-2011-1485-2.patch, polkit-CVE-2011-1485-3.patch, polkit-CVE-2011-1485-4.patch: fixed upstream. - Remove service usage, following the new consensus on Factory packaging. ------------------------------------------------------------------- Wed Aug 10 12:20:39 UTC 2011 - dimstar@opensuse.org - BuildIgnore ruby, which is being dragged in via indirect dependencies by gtk-doc for one of the helpers, which we do not need during the build of polkit. Not dragging ruby in resolves a build-cycle. ------------------------------------------------------------------- Thu May 5 19:35:05 CEST 2011 - vuntz@opensuse.org - Use %set_permissions instead of deprecated %run_permissions in %post. - Add permissions PreReq, which was missing before. ------------------------------------------------------------------- Tue Apr 26 21:19:32 CEST 2011 - kay.sievers@novell.com - use LGPLv2.1+ in spec file ------------------------------------------------------------------- Tue Apr 26 18:24:01 CEST 2011 - kay.sievers@novell.com - stat race condition (CVE-2011-1485) (bnc#688788) ------------------------------------------------------------------- Wed Apr 6 15:40:51 UTC 2011 - fcrozat@novell.com - Remove PolkitAgent-1.0.typelib from main package, it is in library package. ------------------------------------------------------------------- Wed Mar 9 13:54:11 UTC 2011 - coolo@novell.com - update to 0.101: * tons of bug fixes, see NEWS ------------------------------------------------------------------- Wed Nov 10 15:04:36 UTC 2010 - coolo@novell.com - fix file list ------------------------------------------------------------------- Thu Sep 16 09:34:50 CEST 2010 - vuntz@opensuse.org - Update to version 0.99: + Remove duplicate definitions of enumeration types + Fix (correct) GCC warning about possibly-uninitialized variable + Fix another GCC uninitialized variable warning + fdo#29816: Install polkitagentenumtypes.h - Drop polkit-install-missing-header.patch: fixed upstream. ------------------------------------------------------------------- Thu Aug 26 10:04:44 CEST 2010 - vuntz@opensuse.org - Update to version 0.98: + Fix scanning of unix-process subjects + Add textual authentication agent and use it in pkexec(1) + Fix ConsoleKit interaction bug + pkexec: add --disable-internal-agent option + pkcheck: add --enable-internal-agent option + Fix wording in pkexec(1) man page + Various doc cleanups - Changes from version 0.97: + Port to GDBus + Add shadow authentication support + Remove Lock Down functionality + fdo#26982: pkexec information disclosure vulnerability + Make polkitd accept --replace and gracefully handle SIGINT + Implement polkit_temporary_authorization_new_for_gvariant() + Make NameOwnerChanged a private impl detail of the interactive authority + Add a GPermission implementation + PolkitAuthority: Implement failable initialization + PolkitAuthority: Add g_return_if_fail() checks + Add g_return_if_fail() to all public API entry points + Use polkit_authority_get_sync() instead of deprecated polkit_authority_get + PolkitBackend: Don't export unneeded convenience API + Update GI annotations + Don't dist org.freedesktop.ConsoleKit.xml. + Properly reference headers + fdo#29051: Configuration reload on every query - Drop pkexec-information-disclosure.patch: fixed upstream. - Add polkit-install-missing-header.patch to install a header that should get installed. - Remove eggdbus-devel BuildRequires. - Build with introspection support: add gobject-introspection BuildRequires and pass --enable-introspection to configure. - Fix groups of all packages to be valid groups. ------------------------------------------------------------------- Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de - use %_smp_mflags ------------------------------------------------------------------- Fri Apr 9 19:14:09 CEST 2010 - kay.sievers@novell.com - fix pkexec information disclosure (fdo#26982, CVE-2010-0750, bnc#593959) ------------------------------------------------------------------- Mon Jan 18 14:20:11 CET 2010 - dmueller@suse.de - add baselibs.conf ------------------------------------------------------------------- Mon Jan 18 12:56:02 CET 2010 - kay.sievers@novell.com - new upstream release 0.96 - Bug 25367 — Also read local authority configuration data from /etc - Run the open_session part of the PAM stack in pkexec(1) - Bug 25594 – System logging - Properly handle return value from getpwnam_r() - Fix error message when no authentication agent is available - Make pkexec(1) validate environment variables - Make pkexec(1) use the syslogging facilities - Save original cwd in pkexec(1) since it will change during the life-time - Complain on stderr, not stdout - Don't log authorization checks ------------------------------------------------------------------- Wed Jan 6 18:22:23 CET 2010 - dmueller@suse.de - update to 0.95: The major change this release is that the lockdown feature has been cleaned up in a way so it isn't specific to the local authority. See the NEWS files for more details. ------------------------------------------------------------------- Wed Dec 16 10:44:34 CET 2009 - jengelh@medozas.de - Package documentation as noarch ------------------------------------------------------------------- Wed Aug 19 23:22:44 CEST 2009 - vuntz@novell.com - Add Requires on polkit to libpolkit0: all applications using libpolkit0 will really need polkit to be installed to work properly. ------------------------------------------------------------------- Thu Aug 13 04:31:38 CEST 2009 - kay.sievers@novell.com - new upstream release 0.94 - Allow unprivileged callers to check authorizations - Don't spawn man(1) from a setuid program - Add polkit.retains_authorization_after_challenge to authz result - Ensure all fds except stdin/stdout/stderr are closed after exec(2) - Be more careful when determining process start time - Remove temporary authorization when the subject it applies to vanishes - Generate GI gir and typelibs for libpolkit-gobject-1 - drop patches which are in the release now - disable introspection ------------------------------------------------------------------- Tue Aug 11 21:23:49 CEST 2009 - kay.sievers@novell.com - add upstream patches: polkit-close-stdfds.patch polkit-no-man-spawn.patch polkit-proc-stat-parse-fix.patch - drop rpmlint patch ------------------------------------------------------------------- Thu Aug 6 17:36:16 CEST 2009 - meissner@suse.de - check for the right binary in verify_permisisons ------------------------------------------------------------------- Thu Jul 30 17:32:41 CEST 2009 - coolo@novell.com - disable suid bit for now to get software build on top - split out libraries to follow shared library policy ------------------------------------------------------------------- Tue Jul 21 03:20:55 CEST 2009 - kay.sievers@novell.com - update to version 0.93 ------------------------------------------------------------------- Sun Jul 19 15:31:44 CEST 2009 - kay.sievers@novell.com - initial import of polkit 0.92