[devassistant/f20] Backported custom polkit policy (bz#1156292)

Tomas Radej tradej at fedoraproject.org
Mon Oct 27 09:00:59 UTC 2014 

commit 5a38cb10fa5d0cbca14adc5e03affdc35a053a20
Author: Tomas Radej <tradej at redhat.com>
Date:   Fri Oct 24 19:46:21 2014 +0200

    Backported custom polkit policy (bz#1156292)

 devassistant-polkit.patch |   73 +++++++++++++++++++++++++++++++++++++++++++++
 devassistant.spec         |   18 ++++++++++-
 2 files changed, 90 insertions(+), 1 deletions(-)
---
diff --git a/devassistant-polkit.patch b/devassistant-polkit.patch
new file mode 100644
index 0000000..b760606
--- /dev/null
+++ b/devassistant-polkit.patch
@@ -0,0 +1,73 @@
+diff --git a/devassistant/command_helpers.py b/devassistant/command_helpers.py
+index b83b1dc..107e36b 100644
+--- a/devassistant/command_helpers.py
++++ b/devassistant/command_helpers.py
+@@ -13,6 +13,7 @@ import six
+ 
+ from devassistant import exceptions
+ from devassistant.logger import logger
++from devassistant.settings import ROOT_EXECUTABLE
+ 
+ 
+ class ClHelper(object):
+@@ -123,7 +124,11 @@ class ClHelper(object):
+         heredoc_firstline = ['pkexec']
+         if as_user != 'root':
+             heredoc_firstline.extend(['--user',  as_user])
+-        heredoc_firstline.append('bash << {delim}'.format(delim=delimiter))
++        if os.path.isfile(ROOT_EXECUTABLE) and os.access(ROOT_EXECUTABLE, os.X_OK):
++            executable = ROOT_EXECUTABLE
++        else:
++            executable = 'bash'
++        heredoc_firstline.append('{exe} << {delim}'.format(exe=executable, delim=delimiter))
+         cmd = '\n'.join([' '.join(heredoc_firstline),
+                          cmd_str,
+                          delimiter
+diff --git a/devassistant/settings.py b/devassistant/settings.py
+index 292ab75..1da47b6 100644
+--- a/devassistant/settings.py
++++ b/devassistant/settings.py
+@@ -22,6 +22,8 @@ for level_short, level_name in LOG_LEVELS_MAP.items():
+ LAST_LR_VAR = 'LAST_LRES'
+ LAST_R_VAR = 'LAST_RES'
+ 
++ROOT_EXECUTABLE = '/usr/libexec/da_auth'
++
+ SUBASSISTANT_PREFIX = 'subassistant'
+ SUBASSISTANT_N_STRING = 'subassistant_{0}'
+ 
+diff --git a/polkit/da_auth b/polkit/da_auth
+new file mode 100755
+index 0000000..2b7623b
+--- /dev/null
++++ b/polkit/da_auth
+@@ -0,0 +1,3 @@
++#!/usr/bin/bash
++
++$*
+diff --git a/polkit/devassistant_auth.policy b/polkit/devassistant_auth.policy
+new file mode 100644
+index 0000000..2819e0b
+--- /dev/null
++++ b/polkit/devassistant_auth.policy
+@@ -0,0 +1,20 @@
++<?xml version="1.0" encoding="UTF-8"?>
++<!DOCTYPE policyconfig PUBLIC
++ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
++ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
++<policyconfig>
++  <vendor>DevAssistant</vendor>
++
++  <action id="devassistant_auth">
++    <description>Perform authenticated operation with DevAssistant</description>
++    <message>DevAssistant needs to perform an authenticated operation as '$(user)'.</message>
++    <defaults>
++      <allow_any>auth_admin</allow_any>
++      <allow_inactive>auth_admin</allow_inactive>
++      <allow_active>auth_admin</allow_active>
++    </defaults>
++    <annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/da_auth</annotate>
++    <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
++  </action>
++
++</policyconfig>
diff --git a/devassistant.spec b/devassistant.spec
index 81d9256..6f0f071 100644
--- a/devassistant.spec
+++ b/devassistant.spec
@@ -2,7 +2,7 @@
 
 Name:           devassistant
 Version:        0.9.2
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        DevAssistant - Making life easier for developers
 
 License:        GPLv2+ and CC-BY-SA
@@ -14,7 +14,10 @@ Source0:        https://pypi.python.org/packages/source/d/%{name}/%{name}-%{vers
 # # devassistant.desktop, appdata/devassistant.appdata.xml
 Source1:        %{name}.desktop
 Source2:        %{name}.appdata.xml
+
 Patch0:         devassistant-0.6.0-alter-paths-for-fedora.patch
+# Backport of upstream polkit policy + message (bz #1156292)
+Patch1:         %{name}-polkit.patch
 
 BuildArch:      noarch
 
@@ -58,6 +61,8 @@ rm -rf %{name}.egg-info
 cp %{SOURCE1} .
 sed -i '/Version/d' %{name}.desktop
 
+%patch1 -p1 -F1
+
 %build
 %{__python} setup.py build
 
@@ -98,6 +103,12 @@ desktop-file-install --dir %{buildroot}%{_datadir}/applications %{name}.desktop
 mkdir -p %{buildroot}/%{_datadir}/appdata
 cp -a %{SOURCE2} %{buildroot}/%{_datadir}/appdata
 
+# polkit
+mkdir -p %{buildroot}%{_datadir}/polkit-1/actions/
+install -p -m 644 polkit/%{name}_auth.policy %{buildroot}%{_datadir}/polkit-1/actions/
+mkdir -p %{buildroot}%{_libexecdir}
+install -p -m 755 polkit/da_auth %{buildroot}%{_libexecdir}
+
 %check
 %{__python} setup.py test -t py.test
 
@@ -131,11 +142,16 @@ fi
 %{_datadir}/appdata/%{name}.appdata.xml
 %{_datadir}/icons/hicolor/*/apps/%{name}.png
 %{_datadir}/icons/HighContrast/*/apps/%{name}.png
+%{_datadir}/polkit-1/actions/%{name}_auth.policy
+%{_libexecdir}/da_auth
 %{_sysconfdir}/bash_completion.d/
 %{python_sitelib}/%{name}
 %{python_sitelib}/%{name}-%{version}-py?.?.egg-info
 
 %changelog
+* Fri Oct 24 2014 Tomas Radej <tradej at redhat.com> - 0.9.2-3
+- Backported custom polkit policy (bz#1156292)
+
 * Thu Oct 02 2014 Slavek Kabrda <bkabrda at redhat.com> - 0.9.2-2
 - Add openssh-askpass dependency.

More information about the scm-commits mailing list