Default to admin auth for polkit. Rename policy file

2025-02-01 01:15:19 +00:00 · 2008-07-11 09:51:25 +00:00 · 2008-07-11 09:51:25 +00:00 · d4f6e9b5bb
commit d4f6e9b5bb
parent 5e239b00d6
4 changed files with 26 additions and 8 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
 Fri Jul 11 10:50:59 BST 2008 Daniel P. Berrange <berrange@redhat.com>
 	* libvirt.spec.in, qemud/Makefile.am: Rename installed polkit
 	policy file to org.libvirt.unix.policy
 	* qemud/libvirtd.policy: Default to admin auth instead of
 	user auth.
 Fri Jul 11 10:48:59 BST 2008 Daniel P. Berrange <berrange@redhat.com>
 	* qemud/qemud.c: Don't default to polkit auth when running
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@ -240,7 +240,7 @@ fi
 %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/images/
 %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/boot/
 %if %{with_polkit}
-%{_datadir}/PolicyKit/policy/libvirtd.policy
+%{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
 %endif
 %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
 %if %{with_xen_proxy}
--- a/qemud/Makefile.am
+++ b/qemud/Makefile.am
@ -13,7 +13,8 @@ EXTRA_DIST = libvirtd.init.in libvirtd.sysconf default-network.xml \
 	remote_dispatch_proc_switch.h \
 	mdns.c mdns.h \
        libvirtd.sasl \
-        libvirtd.conf
+        libvirtd.conf \
        libvirtd.policy
 if RPCGEN
 SUFFIXES = .x
@ -75,9 +76,7 @@ libvirtd_LDADD = ../src/libvirt.la ../gnulib/lib/libgnu.la
 if HAVE_POLKIT
 policydir = $(datadir)/PolicyKit/policy
 policy_DATA = libvirtd.policy
 endif
 EXTRA_DIST += libvirtd.policy
 if HAVE_AVAHI
 libvirtd_SOURCES += mdns.c mdns.h
@ -86,7 +85,7 @@ libvirtd_LDADD += $(AVAHI_LIBS)
 endif
 default_xml_dest = libvirt/qemu/networks/default.xml
-install-data-local: install-init install-data-sasl
+install-data-local: install-init install-data-sasl install-data-polkit
 	mkdir -p $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart
 	$(INSTALL_DATA) $(srcdir)/default-network.xml \
 	  $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
@ -99,7 +98,7 @@ install-data-local: install-init install-data-sasl
 	mkdir -p $(DESTDIR)$(localstatedir)/run/libvirt
 	mkdir -p $(DESTDIR)$(localstatedir)/lib/libvirt
-uninstall-local:: uninstall-init uninstall-data-sasl
+uninstall-local:: uninstall-init uninstall-data-sasl install-data-polkit
 	rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
 	rm -f $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
 	rmdir $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart || :
@ -120,6 +119,18 @@ install-data-sasl:
 uninstall-data-sasl:
 endif
 if HAVE_POLKIT
 install-data-polkit:: install-init
 	mkdir -p $(DESTDIR)$(policydir)
 	$(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
 uninstall-data-polkit:: install-init
 	rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
 else
 install-data-polkit::
 uninstall-data-polkit::
 endif
 remote.c: remote_dispatch_prototypes.h \
 	  remote_dispatch_localvars.h \
 	  remote_dispatch_proc_switch.h
--- a/qemud/libvirtd.policy
+++ b/qemud/libvirtd.policy
@ -36,7 +36,7 @@ file are instantly applied.
             read-write mode for management, and we require user password -->
        <allow_any>no</allow_any>
        <allow_inactive>no</allow_inactive>
-        <allow_active>auth_self_keep_session</allow_active>
+        <allow_active>auth_admin_keep_session</allow_active>
      </defaults>
    </action>
-</policyconfig>
+</policyconfig>