remove polkit from core?

[Matthias Clasen]

----- Original Message -----
> On Wed, Nov 14, 2012 at 1:24 PM, Matthew Miller

> 
> If David is unwilling to just resurrect the old .pkla parser, one
> option for "solving" the problem might be writing a piece of code
> that
> would provide compatibility with the .pkla files.
> 
> This could be (the only) JS config snippet parsing the files directly
> if the JS environment allowed file system access, or alternatively a
> generator run before starting polkit to generate a large JS config
> representing the contents of .pkla files.
> 
> Anyone interested in implementing it?

The .pkla syntax wasn't particularly appealing or expressive, and there was only a handful of packages using it. I don't really think it is particularly worth reviving. If a declarative syntax is needed, I suggest that the security team simply picks their favourite language, and then implements a single js rule that calls out to a commandline utility implementing that language. Checking compliance should be very simple then - just check that the single single rule is the one you put in place.