[Pkg-utopia-maintainers] Bug#566596: policykit-1: ResultAny only applies to non-local sessions

Josh Triplett josh at joshtriplett.org
Sun Jan 24 00:12:08 UTC 2010 

Package: policykit-1
Version: 0.96-1
Severity: normal

The pklocalauthority manpage describes the Result* keys as follows:

 ResultActive
     The result to return for subjects in an active local session that
     matches one or more of the given identities. Allowed values are
     similar to what can be used in the defaults section of .policy
     files used to define actions, e.g.  yes, no, auth_self,
     auth_self_keep, auth_admin and auth_admin_keep.

 ResultInactive
     Like ResultActive but instead applies to subjects in inactive local
     sessions.

 ResultAny
     Like ResultActive but instead applies to any subject.

I interpreted this to mean that ResultAny supersedes the others, since
it "applies to any subject".  However, after much configuration
difficulty, a look at the policykit-1 source showed that ResultAny
only applies if not local.

I think it makes the most sense for policykit-1 to let ResultAny really
mean "any": local or non-local.  It doesn't make sense to allow a
certain action only if *not* at the console.

(Similarly, it would probably make sense to have ResultInactive apply to
any local session, since it doesn't make sense to allow a certain action
only if *not* active.)

However, if this will not change, then the manpage needs improvement to
make it clear that "ResultAny" applies only if not local.

- Josh Triplett

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages policykit-1 depends on:
ii  consolekit                    0.4.1-3    framework for defining and trackin
ii  dbus                          1.2.16-2   simple interprocess messaging syst
ii  libc6                         2.10.2-5   Embedded GNU C Library: Shared lib
ii  libeggdbus-1-0                0.6-1      D-Bus bindings for GObject
ii  libexpat1                     2.0.1-7    XML parsing C library - runtime li
ii  libglib2.0-0                  2.22.4-1   The GLib library of C routines
ii  libpam0g                      1.1.0-4    Pluggable Authentication Modules l
ii  libpolkit-backend-1-0         0.96-1     PolicyKit backend API
ii  libpolkit-gobject-1-0         0.96-1     PolicyKit Authorization API

policykit-1 recommends no packages.

policykit-1 suggests no packages.

-- no debconf information

More information about the Pkg-utopia-maintainers mailing list