[Xfce4-commits] [xfce/thunar] 01/01: Add pkexec policy (Bug #11122)

noreply at xfce.org noreply at xfce.org
Sat Nov 1 20:23:27 CET 2014


This is an automated email from the git hooks/post-receive script.

ochosi pushed a commit to branch master
in repository xfce/thunar.

commit 8eeed6ba6ed0b1efa2b2b05c0b108da816763069
Author: Eric Koegel <eric.koegel at gmail.com>
Date:   Sat Nov 1 22:13:18 2014 +0300

    Add pkexec policy (Bug #11122)
    
    This adds a pkexec policy file to Thunar. This way if the user
    of a desktop system wants to use thunar to modify files as root
    and has the proper credentials they can.
    pkexec comes from polkit which does about the same thing as
    sudo/gksu except also supports authentication methods like
    fingerprint or smart card readers.
    
    Signed-off-by: Simon Steinbeiss <simon.steinbeiss at elfenbeinturm.at>
---
 Makefile.am                  |   16 ++++++++++++++--
 org.xfce.thunar.policy.in.in |   37 +++++++++++++++++++++++++++++++++++++
 po/POTFILES.in               |    1 +
 3 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 0cb69b4..13b991e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -82,6 +82,15 @@ service_DATA = $(service_in_files:.service.in=.service)
 	$(AM_V_GEN) $(SED) -e "s,\@bindir\@,$(bindir),g" < $< > $@
 endif
 
+polkit_policydir = $(datadir)/polkit-1/actions
+polkit_in_in_files =			\
+	org.xfce.thunar.policy.in.in
+polkit_in_files = $(polkit_in_in_files:.policy.in.in=.policy.in)
+%.policy.in: %.policy.in.in
+	sed -e "s,\@bindir\@,$(bindir),g" < $< > $@
+polkit_policy_DATA = $(polkit_in_files:.policy.in=.policy)
+ at INTLTOOL_POLICY_RULE@
+
 EXTRA_DIST =								\
 	FAQ								\
 	HACKING								\
@@ -91,7 +100,8 @@ EXTRA_DIST =								\
 	intltool-update.in						\
 	$(desktop_in_in_files)						\
 	$(service_in_files)						\
-	$(appdata_in_files)
+	$(appdata_in_files)						\
+	$(polkit_in_in_files)
 
 CLEANFILES		= $(appdata_DATA)
 
@@ -102,7 +112,9 @@ DISTCLEANFILES =							\
 	intltool-update							\
 	$(desktop_in_files)						\
 	$(desktop_DATA)							\
-	$(service_DATA)
+	$(service_DATA)							\
+	$(polkit_in_files)						\
+	$(polkit_policy_DATA)
 
 DISTCHECK_CONFIGURE_FLAGS =						\
 	--enable-gtk-doc						\
diff --git a/org.xfce.thunar.policy.in.in b/org.xfce.thunar.policy.in.in
new file mode 100644
index 0000000..d64113e
--- /dev/null
+++ b/org.xfce.thunar.policy.in.in
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+  <!--
+ Policy definitions for Thunar.
+ Copyright (c) 2014 Benedikt Meurer <benny at xfce.org>
+                    Jannis Pohlmann <jannis at xfce.org>
+                    Jeffs Franks    <jcfranks at xfce.org>
+                    Nick Schermer   <nick at xfce.org>
+ -->
+
+ <vendor>Thunar</vendor>
+ <vendor_url>http://xfce.org/</vendor_url>
+ <icon_name>system-file-manager</icon_name>
+
+
+ <action id="org.xfce.thunar">
+ <!-- SECURITY:
+ - A normal active user can run thunar without elevated rights. They
+   may wish to modify files they normally do not have read/write access
+   to. This isn't a good idea, but is common on single user systems.
+ -->
+ <_description>Run Thunar as root</_description>
+ <_message>Authentication is required to run Thunar as root.</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">@bindir@/thunar</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+
+</policyconfig>
diff --git a/po/POTFILES.in b/po/POTFILES.in
index c47182a..1c487a9 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -130,3 +130,4 @@ Thunar-bulk-rename.desktop.in.in
 Thunar-folder-handler.desktop.in.in
 thunar/thunar-settings.desktop.in
 thunar.appdata.xml.in
+org.xfce.thunar.policy.in.in

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Xfce4-commits mailing list