diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | docs/PORTABILITY_AND_STABILITY.md | 2 | ||||
| -rw-r--r-- | docs/USERDB_AND_DESKTOPS.md | 3 | ||||
| -rw-r--r-- | man/org.freedesktop.hostname1.xml | 9 | ||||
| -rw-r--r-- | man/org.freedesktop.locale1.xml | 9 | ||||
| -rw-r--r-- | man/org.freedesktop.login1.xml | 15 | ||||
| -rw-r--r-- | man/org.freedesktop.systemd1.xml | 11 | ||||
| -rw-r--r-- | man/org.freedesktop.timedate1.xml | 5 |
8 files changed, 31 insertions, 25 deletions
@@ -280,7 +280,7 @@ CHANGES WITH 245: such files in version 243. * systemd-logind will now validate access to the operation of changing - the virtual terminal via a PolicyKit action. By default, only users + the virtual terminal via a polkit action. By default, only users with at least one session on a local VT are granted permission. * When systemd sets up PAM sessions that invoked service processes diff --git a/docs/PORTABILITY_AND_STABILITY.md b/docs/PORTABILITY_AND_STABILITY.md index 95bfcb98d3..064932970f 100644 --- a/docs/PORTABILITY_AND_STABILITY.md +++ b/docs/PORTABILITY_AND_STABILITY.md @@ -87,7 +87,7 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy | [Boot Loader interface](https://systemd.io/BOOT_LOADER_INTERFACE) | EFI variables | yes | yes | gummiboot | yes | - | no | | [Service bus API](https://www.freedesktop.org/wiki/Software/systemd/dbus) | D-Bus | yes | yes | system-config-services | no | - | no | | [logind](https://www.freedesktop.org/wiki/Software/systemd/logind) | D-Bus | yes | yes | GNOME | no | - | no | -| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/sd-login.html) | C Library | yes | yes | GNOME, PolicyKit, ... | no | - | no | +| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/sd-login.html) | C Library | yes | yes | GNOME, polkit, ... | no | - | no | | [sd-daemon.h API](https://www.freedesktop.org/software/systemd/man/sd-daemon.html) | C Library or Drop-in | yes | yes | numerous | yes | - | yes | | [sd-id128.h API](https://www.freedesktop.org/software/systemd/man/sd-id128.html) | C Library | yes | yes | - | yes | - | no | | [sd-journal.h API](https://www.freedesktop.org/software/systemd/man/sd-journal.html) | C Library | yes | yes | - | maybe | - | no | diff --git a/docs/USERDB_AND_DESKTOPS.md b/docs/USERDB_AND_DESKTOPS.md index 6859c59da1..a19f746a26 100644 --- a/docs/USERDB_AND_DESKTOPS.md +++ b/docs/USERDB_AND_DESKTOPS.md @@ -77,7 +77,8 @@ supports is directly available in these JSON records. Hence it makes sense for any user management UI to expose them directly. `systemd-homed` exposes APIs to add, remove and make changes to local users via -D-Bus, with full PolicyKit hook-up. On the command line this is exposed via the +D-Bus, with full [polkit](https://www.freedesktop.org/software/polkit/docs/latest/) +hook-up. On the command line this is exposed via the `homectl` command. A graphical UI that exposes similar functionality would be very useful, exposing the various new account settings, and in particular providing a stream-lined UI for enrolling new-style authentication tokens such diff --git a/man/org.freedesktop.hostname1.xml b/man/org.freedesktop.hostname1.xml index f6eb9f3545..406a6a369e 100644 --- a/man/org.freedesktop.hostname1.xml +++ b/man/org.freedesktop.hostname1.xml @@ -141,7 +141,8 @@ node /org/freedesktop/hostname1 { <para>Whenever the hostname or other metadata is changed via the daemon, <function>PropertyChanged</function> signals are sent out to subscribed clients. Changing a hostname - using this interface is authenticated via PolicyKit.</para> + using this interface is authenticated via + <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink>.</para> </refsect1> <refsect1> @@ -237,7 +238,7 @@ node /org/freedesktop/hostname1 { <para><function>GetProductUUID()</function> returns the "product uuid" as exposed by the kernel based on DMI information in <filename>/sys/class/dmi/id/product_uuid</filename>. Reading the file directly - requires root privileges, and this method allows access to unprivileged clients through the PolicyKit + requires root privileges, and this method allows access to unprivileged clients through the polkit framework.</para> <para><varname>KernelName</varname>, <varname>KernelRelease</varname>, and @@ -256,10 +257,10 @@ node /org/freedesktop/hostname1 { <refsect2> <title>Security</title> - <para>The <varname>interactive</varname> boolean parameters can be used to control whether PolicyKit + <para>The <varname>interactive</varname> boolean parameters can be used to control whether polkit should interactively ask the user for authentication credentials if required.</para> - <para>The PolicyKit action for <function>SetHostname()</function> is + <para>The polkit action for <function>SetHostname()</function> is <interfacename>org.freedesktop.hostname1.set-hostname</interfacename>. For <function>SetStaticHostname()</function> and <function>SetPrettyHostname()</function> it is <interfacename>org.freedesktop.hostname1.set-static-hostname</interfacename>. For diff --git a/man/org.freedesktop.locale1.xml b/man/org.freedesktop.locale1.xml index 52f9abcf9d..f15945e766 100644 --- a/man/org.freedesktop.locale1.xml +++ b/man/org.freedesktop.locale1.xml @@ -126,7 +126,8 @@ node /org/freedesktop/locale1 { <para>Use the empty string for the keymap parameters you wish not to set.</para> - <para>The <varname>interactive</varname> boolean parameters can be used to control whether PolicyKit + <para>The <varname>interactive</varname> boolean parameters can be used to control whether + <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink> should interactively ask the user for authentication credentials if required.</para> </refsect2> @@ -160,9 +161,9 @@ node /org/freedesktop/locale1 { <refsect2> <title>Security</title> - <para>Changing the system locale or keymap using this interface is authenticated via PolicyKit. The - PolicyKit action for <function>SetLocale()</function> is - <constant>org.freedesktop.locale1.set-locale</constant>. The PolicyKit action for + <para>Changing the system locale or keymap using this interface is authenticated via polkit. The + polkit action for <function>SetLocale()</function> is + <constant>org.freedesktop.locale1.set-locale</constant>. The polkit action for <function>SetX11Keyboard()</function> and <function>SetVConsoleKeyboard()</function> is <constant>org.freedesktop.locale1.set-keyboard</constant>.</para> </refsect2> diff --git a/man/org.freedesktop.login1.xml b/man/org.freedesktop.login1.xml index 0d686d65a1..e5521e155a 100644 --- a/man/org.freedesktop.login1.xml +++ b/man/org.freedesktop.login1.xml @@ -499,19 +499,20 @@ node /org/freedesktop/login1 { directory of a user is kept around and he may continue to run processes while he is logged out. If disabled, the runtime directory goes away as soon as they log out. <function>SetUserLinger()</function> expects three arguments: the UID, a boolean whether to enable/disable and a boolean controlling the - PolicyKit authorization interactivity (see below). Note that the user linger state is persistently + <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink> + authorization interactivity (see below). Note that the user linger state is persistently stored on disk.</para> <para><function>AttachDevice()</function> may be used to assign a specific device to a specific seat. The device is identified by its /sys path and must be eligible for seat assignments. <function>AttachDevice()</function> takes three - arguments: the seat id, the sysfs path, and a boolean for controlling PolicyKit interactivity (see + arguments: the seat id, the sysfs path, and a boolean for controlling polkit interactivity (see below). Device assignments are persistently stored on disk. To create a new seat, simply specify a previously unused seat id. For more information about the seat assignment logic see <ulink url="https://www.freedesktop.org/wiki/Software/systemd/multiseat">Multi-Seat for Linux</ulink>. </para> <para><function>FlushDevices()</function> removes all explicit seat assignments for devices, resetting - all assignments to the automatic defaults. The only argument it takes is the PolicyKit interactivity + all assignments to the automatic defaults. The only argument it takes is the polkit interactivity boolean (see below).</para> <para><function>PowerOff()</function>, <function>Reboot()</function>, <function>Halt()</function>, @@ -521,9 +522,9 @@ node /org/freedesktop/login1 { the machine is powered down). <function>HybridSleep()</function> results in the system entering a hybrid-sleep mode, i.e. the system is both hibernated and suspended. <function>SuspendThenHibernate()</function> results in the system being suspended, then later woken - using an RTC timer and hibernated. The only argument is the PolicyKit interactivity boolean + using an RTC timer and hibernated. The only argument is the polkit interactivity boolean <varname>interactive</varname> (see below). The main purpose of these calls is that they enforce - PolicyKit policy and hence allow powering off/rebooting/suspending/hibernating even by unprivileged + polkit policy and hence allow powering off/rebooting/suspending/hibernating even by unprivileged users. They also enforce inhibition locks. UIs should expose these calls as the primary mechanism to poweroff/reboot/suspend/hibernate the machine.</para> @@ -678,7 +679,7 @@ node /org/freedesktop/login1 { <refsect2> <title>Security</title> - <para>A number of operations are protected via the PolicyKit privilege + <para>A number of operations are protected via the polkit privilege system. <function>SetUserLinger()</function> requires the <interfacename>org.freedesktop.login1.set-user-linger</interfacename> privilege. <function>AttachDevice()</function> requires @@ -731,7 +732,7 @@ node /org/freedesktop/login1 { <interfacename>org.freedesktop.login1.inhibit-handle-lid-switch</interfacename> depending on the lock type and mode taken.</para> - <para>The <varname>interactive</varname> boolean parameters can be used to control whether PolicyKit + <para>The <varname>interactive</varname> boolean parameters can be used to control whether polkit should interactively ask the user for authentication credentials if required.</para> </refsect2> </refsect1> diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml index 996c717904..da5541be90 100644 --- a/man/org.freedesktop.systemd1.xml +++ b/man/org.freedesktop.systemd1.xml @@ -40,9 +40,10 @@ <para>Properties exposing time values are usually encoded in microseconds (usec) on the bus, even if their corresponding settings in the unit files are in seconds.</para> - <para>In contrast to most of the other services of the systemd suite, PID 1 does not use PolicyKit for - controlling access to privileged operations, but relies exclusively on the low-level D-Bus policy - language. (This is done in order to avoid a cyclic dependency between PolicyKit and systemd/PID 1.) This + <para>In contrast to most of the other services of the systemd suite, PID 1 does not use + <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink> + for controlling access to privileged operations, but relies exclusively on the low-level D-Bus policy + language. (This is done in order to avoid a cyclic dependency between polkit and systemd/PID 1.) This means that sensitive operations exposed by PID 1 on the bus are generally not available to unprivileged processes directly. However, some operations (such as shutdown/reboot/suspend) are made available through the D-Bus API of logind, see @@ -1463,7 +1464,7 @@ node /org/freedesktop/systemd1 { <title>Security</title> <para>Read access is generally granted to all clients. Additionally, for unprivileged clients, some - operations are allowed through the PolicyKit privilege system. Operations which modify unit state + operations are allowed through the polkit privilege system. Operations which modify unit state (<function>StartUnit()</function>, <function>StopUnit()</function>, <function>KillUnit()</function>, <function>RestartUnit()</function> and similar, <function>SetProperty</function>) require <interfacename>org.freedesktop.systemd1.manage-units</interfacename>. Operations which modify unit file @@ -2127,7 +2128,7 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { allowed for everyone. All operations are allowed for clients with the <constant>CAP_SYS_ADMIN</constant> capability or when the <interfacename>org.freedesktop.systemd1.manage-units</interfacename> privilege is granted by - PolicyKit.</para> + polkit.</para> </refsect2> </refsect1> diff --git a/man/org.freedesktop.timedate1.xml b/man/org.freedesktop.timedate1.xml index 73bd9dfedd..3111ebbc42 100644 --- a/man/org.freedesktop.timedate1.xml +++ b/man/org.freedesktop.timedate1.xml @@ -165,9 +165,10 @@ node /org/freedesktop/timedate1 { <title>Security</title> <para>The <varname>interactive</varname> boolean parameters can be used to control whether - PolicyKit should interactively ask the user for authentication credentials if required.</para> + <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink> + should interactively ask the user for authentication credentials if required.</para> - <para>The PolicyKit action for <function>SetTimezone()</function> is + <para>The polkit action for <function>SetTimezone()</function> is <interfacename>org.freedesktop.timedate1.set-timezone</interfacename>. For <function>SetLocalRTC()</function> it is <interfacename>org.freedesktop.timedate1.set-local-rtc</interfacename>, for |