summaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* unixgroup: Fix return annotation, so that is really nullableHEADmasterMarco Trevisan2023-04-251-1/+1
|
* Add out param GI annotation to polkit_implicit_authorization_from_stringVal Packett2023-04-251-0/+5
|
* polkitagentsession: Fix the tautological check for add_newlineVincent Mihalkovic2023-04-051-1/+1
|
* systemd: set User/Group and don't change uid/gid if already setLuca Boccassi2023-04-051-2/+9
|
* pkexec: improve pkexec authentication messageVincent Mihalkovic2023-03-151-2/+11
|
* if LANGUAGE have been set in /etc/default, set LANG is invalid, gettext ↵liudun2023-02-281-2/+3
| | | | cannot be used normally
* pkexec: avoid access to a NULL pointerVincent Mihalkovic2023-02-011-1/+1
|
* fix core dump problembboy_vi2023-01-181-1/+1
|
* pkttyagent: Fix small memory leakMartin Kletzander2022-10-251-0/+6
|
* pkttyagent: Only restore tty flags if they were changedMartin Kletzander2022-10-252-1/+21
|
* build: add option to skip building polkitdPeter Eisenmann2022-09-071-3/+5
|
* jsauthority: port to mozjs-102Xi Ruoyao2022-08-121-2/+0
|
* polkitbackendduktapeauthority.c: Print the error string we get back from duktapeJordan Petridis2022-08-041-1/+1
| | | | Looks like it was a typo.
* Install 50-default.rules in /usr/shareLuca Boccassi2022-07-141-1/+1
| | | | | | Same rationale as https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/11 and https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/72 /etc is for local admin changes, upstream/vendor config files should go in /usr/share
* Make netgroup support optionalA. Wilcox2022-07-145-8/+32
| | | | | | | | | | | | | | | | | On at least Linux/musl and Linux/uclibc, netgroup support is not available. PolKit fails to compile on these systems for that reason. This change makes netgroup support conditional on the presence of the setnetgrent(3) function which is required for the support to work. If that function is not available on the system, an error will be returned to the administrator if unix-netgroup: is specified in configuration. (sam: rebased for Meson and Duktape.) Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/14 Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/163 Closes: https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/52 Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com>
* fixup! backend: Dedup some code for temporary auth subjectsVincent Mihalkovic2022-05-131-1/+3
| | | | | | | See https://bugs.freedesktop.org/show_bug.cgi?id=23867 which turned up from `git annotate` here. I was reading this code and noticed it was duplicated.
* backend: Dedup some code for temporary auth subjectsColin Walters2022-05-101-42/+32
| | | | | | | See https://bugs.freedesktop.org/show_bug.cgi?id=23867 which turned up from `git annotate` here. I was reading this code and noticed it was duplicated.
* Remove autotools build systemJan Rybar2022-05-096-630/+0
|
* pkexec: Allow --version and --help even if not setuid rootMatt Turner2022-05-031-21/+21
|
* Fix a typo of gid_t in a commentMatthew Leeds2022-05-021-1/+1
|
* pkexec: Don't chdir(~)Adrian Vovk2022-05-021-5/+14
|
* backend: Check for subject's primary group when expanding admin groupDan Nicholson2022-04-271-1/+16
|
* polkitagent: Add g_autoptr() support for GObject-derived typesBenedikt Ames2022-04-261-0/+6
|
* jsauthority: use JS::CompileUtf8Path instead of custom code reading fileXi Ruoyao2022-04-071-28/+3
|
* polkitd: consider connection to the system bus in return valueVincent Mihalkovic2022-04-061-6/+5
|
* fix build without C++Fabrice Fontaine2022-04-021-0/+1
| | | | | | | | | | | | | | | Fix the following build failure without C++ raised since https://gitlab.freedesktop.org/polkit/polkit/-/commit/957a015157fd359d9679540f664183e4b9492896: The following exception(s) were encountered: Running "/home/autobuild/autobuild/instance-14/output-1/host/bin/or1k-buildroot-linux-musl-g++ --version" gave "[Errno 2] No such file or directory: '/home/autobuild/autobuild/instance-14/output-1/host/bin/or1k-buildroot-linux-musl-g++'" Indeed, C++ is only required with mozjs engine Fixes: - http://autobuild.buildroot.org/results/1d52c8100414aa384572b23006a13f9b806d2d5a Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* Don't pass positional parameters to i18n.merge_fileSimon McVittie2022-03-221-1/+0
|
* error message grammar improvementJan Schaumann2022-03-211-2/+2
|
* CVE-2021-4115 (GHSL-2021-077) fixJan Rybar2022-02-211-4/+34
|
* jsauthority: port to mozjs-91Xi Ruoyao2022-01-271-2/+7
|
* pkexec: local privilege escalation (CVE-2021-4034)Jan Rybar2022-01-252-3/+25
|
* Added support for duktape as JS engineGustavo Lima Chaves2022-01-256-668/+1823
| | | | | Original author: Wu Xiaotian (@yetist) Resurrection author, runaway-killer author: Gustavo Lima Chaves (@limachaves)
* build: Migrate from Intltool to GettextIñigo Martínez2021-07-293-7/+9
| | | | | | | | Recent versions of Gettext are able to translate several formats that are used in GNOME applications. This migrates from Intltool to Gettext both autotools and meson build systems.
* build: Make the directory for helper executables consistent with AutotoolsSimon McVittie2021-07-192-2/+2
| | | | | | | | | | | | | | | | | | The Autotools build system has been using /usr/lib/polkit-1 for several releases, even on distributions where the library directory is /usr/lib64 or /usr/lib/x86_64-linux-gnu, so it makes sense for Meson to do the same. This lets 32- and 64-bit polkit agents share a single helper executable. This might be superseded by polkit!63, which requests going back to using the libexecdir for these (like polkit 0.105 did), which would also make sense; but until that's decided, let's at least be consistent between our two build systems. Every time we change this, all programs that have already loaded libpolkit-agent into their address space need to be restarted, unless distributions provide compatibility symlinks. Signed-off-by: Simon McVittie <smcv@debian.org>
* GHSL-2021-074: authentication bypass vulnerability in polkitJan Rybar2021-06-021-0/+3
| | | | initial values returned if error caught
* Revert "Merge branch 'pwithnall/polkit-51-usr-local-share-is-my-homeboy' ↵revert-2c8287fbJan Rybar2021-04-133-8/+2
| | | | | into 'master'" This reverts merge request !75
* test: Fix a typo in a commentJan Rybar2021-02-253-2/+8
| | | | Signed-off-by: Philip Withnall <withnall@endlessm.com>
* text listener: Add propertiesMatthias Clasen2020-11-031-6/+103
| | | | | | | | | | Add properties to turn off the use of color, to enable the use of the alternate screen buffer, and to add a delay before switching back from the alernate screen buffer. This makes the text listener usable in situations where just printing the text would disturb formatting on the screen.
* build: Port to meson build systemJan Rybar2020-10-2613-3/+414
| | | | | | meson is a build system focused on speed an ease of use, which helps speeding up the software development. This patch adds meson support along autotools.
* Port polkit to mozjs78Jan Rybar2020-08-251-9/+6
|
* Port JavaScript authority to mozjs-68Xi Ruoyao2020-06-161-64/+79
|
* ci: Add a CIBastien Nocera2020-02-211-2/+3
| | | | Just compiles and installs polkit
* Restoring terminal setting erases unread inputJan Rybar2020-01-271-1/+1
|
* Freeing uninitialized memoryJan Rybar2020-01-271-1/+1
|
* jsauthority: Fix two minor memory leaksJan Rybar2019-10-081-0/+2
|
* pkttyagent: process stopped by SIGTTOU if run in background jobJan Rybar2019-08-011-0/+6
|
* Use JS_EncodeStringToUTF8 consistently with JavaScriptJan Rybar2019-04-021-7/+15
| | | | | | | | | | | | | | | | | | | | When strings handled by the jsbackendauthority contain non-ASCII, the code will fail. For example, on a system having a user with a non-ASCII name, the following message will appear when a USB stick is plugged in. mar 04 21:47:31 mimmi polkitd[17163]: Error evaluating authorization rules The user will not be allowed to do the mount. The problem is that strings were variously encoded back to C strings with JS_EncodeString and JS_EncodeStringToUTF8. According to the documentation (https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_EncodeString#Description) the former will simply drop the high byte from each character. If that happens to a username, it will no longer be found as a valid user name on the system. Explicitly encoding to UTF-8 will at least work in UTF-8 locales, which is the increasingly dominant encoding.
* Code polish and removal of unused var reported by lintJan Rybar2019-03-261-3/+1
|
* pkttyagent: PolkitAgentTextListener leaves echo tty disabled if SIGINT/SIGTERMJan Rybar2019-03-151-0/+56
| | | | If no password is typed into terminal during authentication raised by PolkitAgentTextListener, pkttyagent sends kill (it receives from systemctl/hostnamectl e.g.) without chance to restore echoing back on. This cannot be done in on_request() since it's run in a thread without guarantee the signal is distributed there.
* Port the JS authority to mozjs-60Emmanuele Bassi2019-03-121-33/+32
| | | | | | | | | | | | | | API changes in mozjs that need to be reflected in the JS authority: - the JS::CompileOptions constructor and the JS::CompartmentOptions do not allow setting a JS version any more - do not use NULL comparisons for C++ objects - the resize() method for a vector has a return value that needs to be handled - JSClassOps has different fields
View Lorry Controller Status