update notifier

Merge lp:~mterry/update-notifier/pkexec into lp:update-notifier/ubuntu

  1. pkexec
  2. Merge into ubuntu
Proposed by Michael Terry
Status: Merged
Approved by: Colin Watson
Approved revision: 770
Merged at revision: 780
Proposed branch: lp:~mterry/update-notifier/pkexec
Merge into: lp:update-notifier/ubuntu
Diff against target: 223 lines (+58/-28)
9 files modified
data/Makefile.am (+6/-1)
data/backend_helper.py (+16/-20)
data/cddistupgrader (+1/-1)
data/com.ubuntu.update-notifier.policy.in (+19/-0)
debian/changelog (+8/-0)
debian/control (+2/-3)
debian/update-notifier-common.install (+1/-0)
po/POTFILES.in (+1/-0)
src/cdroms.c (+4/-3)
To merge this branch: bzr merge lp:~mterry/update-notifier/pkexec
Reviewer Review Type Date Requested Status
Colin Watson Approve
Review via email: mp+146003@code.launchpad.net

Description of the change

Finally drops gksu from the default install. Last holdout was backend_helper.py which used it for synaptic. But synaptic ships synaptic-pkexec which is a good replacement.

The last user of gksu is in cddistupgrader. But that only pulls gksu in as a Suggests on update-notifier-common. So if that Suggests is really the appropriate level, that means update-notifier won't be responsible for pulling it onto the image anyway.

To post a comment you must log in.
Revision history for this message
Colin Watson (cjwatson) wrote :

> -GKSU = ["/usr/bin/gksu"]
> -SYNPATIC_DESKTOP = ["--desktop",
> - "/usr/share/applications/synaptic.desktop",
> - "--"]
> +SUDO = ["/usr/bin/pkexec"]

If you're renaming the variable, call it PKEXEC, please, or at least
something that isn't the name of another tool. It's rather confusing
otherwise.

> === modified file 'data/cddistupgrader'
> --- data/cddistupgrader 2013-01-31 14:13:55 +0000
> +++ data/cddistupgrader 2013-01-31 23:13:25 +0000
> @@ -28,4 +28,4 @@
> done
>
> # run it
> -gksu -- "$TMPDIR"/"$CODENAME" --cdrom "$CDROM_MOUNT"
> +pkexec "$TMPDIR"/"$CODENAME" --cdrom "$CDROM_MOUNT"

I don't think this works for cddistupgrader, because the upgrader is
going to want to talk to the X server and pkexec doesn't allow that by
default.

I was considering shipping a polkit action file for cddistupgrader
itself and executing the whole lot under pkexec, which might be simpler
to arrange ...

Revision history for this message
Michael Terry (mterry) wrote :

Sorry, Colin. I uploaded a bad version, which you reviewed. Try the new one (I bzr --overwrote). It should address your concerns.

Revision history for this message
Colin Watson (cjwatson) wrote :

While you're right that the Depends is technically in the wrong place, in practice lots of the relevant images have update-notifier installed as well as update-notifier-common, thereby causing cddistupgrader to work. Do you think you could allay any regression concerns by implementing my suggestion for cddistupgrader?

The backend_helper change indeed looks better now.

Revision history for this message
Michael Terry (mterry) wrote :

Yeah, sure.

Revision history for this message
Michael Terry (mterry) wrote :

Updated!

lp:~mterry/update-notifier/pkexec updated
770. By Michael Terry

merge from trunk

Revision history for this message
Colin Watson (cjwatson) wrote :

Looks good to me now. Thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'data/Makefile.am'
2--- data/Makefile.am 2012-05-14 22:31:36 +0000
3+++ data/Makefile.am 2013-02-01 15:19:27 +0000
4@@ -8,6 +8,10 @@
5 @GSETTINGS_RULES@
6 gsettings_SCHEMAS = com.ubuntu.update-notifier.gschema.xml
7
8+@INTLTOOL_POLICY_RULE@
9+policydir = $(datadir)/polkit-1/actions
10+policy_DATA = com.ubuntu.update-notifier.policy
11+
12 convertdir = $(datadir)/GConf/gsettings
13 dist_convert_DATA = update-notifier.convert
14
15@@ -22,7 +26,8 @@
16 EXTRA_DIST= $(helper_SCRIPTS) \
17 $(desktop_in_files) \
18 $(notify_in_files) \
19- $(gsettings_SCHEMAS:.xml=.xml.in)
20+ $(gsettings_SCHEMAS:.xml=.xml.in) \
21+ $(policy_DATA:.policy=.policy.in)
22
23 CLEANFILES = \
24 $(gsettings_SCHEMAS) \
25
26=== modified file 'data/backend_helper.py'
27--- data/backend_helper.py 2012-09-06 18:54:58 +0000
28+++ data/backend_helper.py 2013-02-01 15:19:27 +0000
29@@ -7,10 +7,6 @@
30 import subprocess
31 import sys
32
33-GKSU = ["/usr/bin/gksu"]
34-SYNPATIC_DESKTOP = ["--desktop",
35- "/usr/share/applications/synaptic.desktop",
36- "--"]
37 HAVE_APTDAEMON = False
38 try:
39 import aptdaemon.gtk3widgets
40@@ -39,13 +35,13 @@
41 Gtk.main()
42 return trans.exit == enums.EXIT_SUCCESS
43
44-def _install_all_updates_gksu():
45- cmd = GKSU + SYNPATIC_DESKTOP + [ "/usr/sbin/synaptic ",
46- "--dist-upgrade-mode",
47- "--non-interactive",
48- "--hide-main-window",
49- "-o", "Synaptic::AskRelated=true",
50- ]
51+def _install_all_updates_synaptic():
52+ cmd = [ "/usr/bin/synaptic-pkexec",
53+ "--dist-upgrade-mode",
54+ "--non-interactive",
55+ "--hide-main-window",
56+ "-o", "Synaptic::AskRelated=true",
57+ ]
58 return subprocess.call(cmd)
59
60 def install_all_updates():
61@@ -53,7 +49,7 @@
62 if HAVE_APTDAEMON:
63 return _install_all_updates_aptdaemon()
64 else:
65- return _install_all_updates_gksu()
66+ return _install_all_updates_synaptic()
67
68
69 # check updates
70@@ -70,11 +66,11 @@
71 return trans.exit == enums.EXIT_SUCCESS
72
73 def _check_updates_gtk():
74- cmd = GKSU + SYNPATIC_DESKTOP + ["/usr/sbin/synaptic",
75- "--update-at-startup",
76- "--non-interactive",
77- "--hide-main-window",
78- ]
79+ cmd = ["/usr/bin/synaptic-pkexec",
80+ "--update-at-startup",
81+ "--non-interactive",
82+ "--hide-main-window",
83+ ]
84 subprocess.call(cmd)
85
86 def check_updates():
87@@ -87,8 +83,8 @@
88
89 # start packagemanager
90 def start_packagemanager():
91- if os.path.exists("/usr/sbin/synaptic"):
92- cmd = GKSU + SYNPATIC_DESKTOP + ["/usr/sbin/synaptic"]
93+ if os.path.exists("/usr/bin/synaptic-pkexec"):
94+ cmd = ["/usr/bin/synaptic-pkexec"]
95 return subprocess.call(cmd)
96 elif os.path.exists("/usr/bin/software-center"):
97 return subprocess.call(["/usr/bin/software-center"])
98@@ -117,7 +113,7 @@
99 return subprocess.call(cmd)
100
101 def add_cdrom(mount_path):
102- if os.path.exists("/usr/sbin/synaptic"):
103+ if os.path.exists("/usr/bin/synaptic-pkexec"):
104 _add_cdrom_synaptic(mount_path)
105 else:
106 _add_cdrom_sp(mount_path)
107
108=== modified file 'data/cddistupgrader'
109--- data/cddistupgrader 2013-01-31 14:13:55 +0000
110+++ data/cddistupgrader 2013-02-01 15:19:27 +0000
111@@ -28,4 +28,4 @@
112 done
113
114 # run it
115-gksu -- "$TMPDIR"/"$CODENAME" --cdrom "$CDROM_MOUNT"
116+"$TMPDIR"/"$CODENAME" --cdrom "$CDROM_MOUNT"
117
118=== added file 'data/com.ubuntu.update-notifier.policy.in'
119--- data/com.ubuntu.update-notifier.policy.in 1970-01-01 00:00:00 +0000
120+++ data/com.ubuntu.update-notifier.policy.in 2013-02-01 15:19:27 +0000
121@@ -0,0 +1,19 @@
122+<?xml version="1.0" encoding="UTF-8"?>
123+<!DOCTYPE policyconfig PUBLIC
124+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
125+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
126+<policyconfig>
127+
128+ <action id="com.ubuntu.update-notifier.pkexec.cddistupgrader">
129+ <_message>Authentication is needed to upgrade</_message>
130+ <icon_name>update-notifier</icon_name>
131+ <defaults>
132+ <allow_any>auth_admin</allow_any>
133+ <allow_inactive>auth_admin</allow_inactive>
134+ <allow_active>auth_admin</allow_active>
135+ </defaults>
136+ <annotate key="org.freedesktop.policykit.exec.path">/usr/lib/update-notifier/cddistupgrader</annotate>
137+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
138+ </action>
139+
140+</policyconfig>
141
142=== modified file 'debian/changelog'
143--- debian/changelog 2013-02-01 15:12:08 +0000
144+++ debian/changelog 2013-02-01 15:19:27 +0000
145@@ -1,3 +1,11 @@
146+update-notifier (0.132) UNRELEASED; urgency=low
147+
148+ * Use synaptic-pkexec instead of gksu in backend_helper.py
149+ * Install a policykit policy file to replace last gksu use for
150+ cddistupgrader.
151+
152+ -- Michael Terry <mterry@ubuntu.com> Fri, 01 Feb 2013 10:17:35 -0500
153+
154 update-notifier (0.131) raring; urgency=low
155
156 * Remove obsolete and unused data/dbus-helper.
157
158=== modified file 'debian/control'
159--- debian/control 2013-02-01 00:51:16 +0000
160+++ debian/control 2013-02-01 15:19:27 +0000
161@@ -30,10 +30,9 @@
162 update-manager-gnome | update-manager (>= 1:0.165),
163 ubuntu-release-upgrader-gtk,
164 notification-daemon,
165- gksu,
166 policykit-1
167 Recommends: apport-gtk (>=2.8-0ubuntu3),
168- python-aptdaemon.gtk3widgets | synaptic,
169+ python-aptdaemon.gtk3widgets | synaptic (>= 0.75.12),
170 software-properties-gtk,
171 anacron,
172 python-aptdaemon
173@@ -51,7 +50,7 @@
174 python,
175 python-apt (>= 0.6.12), python-debian, debconf, patch
176 Recommends: libpam-modules (>= 1.0.1-9ubuntu3)
177-Suggests: gksu, policykit-1
178+Suggests: policykit-1
179 Description: Files shared between update-notifier and other packages
180 Apt setup files and reboot notification scripts shared between
181 update-notifier and other packages, notably for server use cases.
182
183=== modified file 'debian/update-notifier-common.install'
184--- debian/update-notifier-common.install 2012-03-22 18:51:22 +0000
185+++ debian/update-notifier-common.install 2013-02-01 15:19:27 +0000
186@@ -5,6 +5,7 @@
187 debian/90-updates-available etc/update-motd.d
188 debian/98-reboot-required etc/update-motd.d
189 debian/98-fsck-at-reboot etc/update-motd.d
190+usr/share/polkit-1/actions/com.ubuntu.update-notifier.policy
191 usr/share/update-notifier/notify-reboot-required
192 usr/share/update-notifier/package-data-downloads-failed
193 usr/share/update-notifier/package-data-downloads-failed-permanently
194
195=== modified file 'po/POTFILES.in'
196--- po/POTFILES.in 2012-07-23 17:35:22 +0000
197+++ po/POTFILES.in 2013-02-01 15:19:27 +0000
198@@ -16,6 +16,7 @@
199 [type: gettext/glade]ui/hooks-dialog.ui
200 [type: gettext/glade]ui/reboot-dialog.ui
201 data/com.ubuntu.update-notifier.gschema.xml.in
202+data/com.ubuntu.update-notifier.policy.in
203 data/update-notifier.desktop.in
204 [type: gettext/rfc822deb] data/package-data-downloads-failed.in
205 [type: gettext/rfc822deb] data/package-data-downloads-failed-permanently.in
206
207=== modified file 'src/cdroms.c'
208--- src/cdroms.c 2013-01-31 00:46:48 +0000
209+++ src/cdroms.c 2013-02-01 15:19:27 +0000
210@@ -111,9 +111,10 @@
211 g_spawn_async (NULL, argv, NULL, 0, NULL, NULL, NULL, NULL);
212 break;
213 case RES_DIST_UPGRADER:
214- argv[0] = "/usr/lib/update-notifier/cddistupgrader";
215- argv[1] = (gchar *)mount_point;
216- argv[2] = NULL;
217+ argv[0] = "/usr/bin/pkexec";
218+ argv[1] = "/usr/lib/update-notifier/cddistupgrader";
219+ argv[2] = (gchar *)mount_point;
220+ argv[3] = NULL;
221 g_spawn_async (NULL, argv, NULL, 0, NULL, NULL, NULL, NULL);
222 break;
223 default:

Subscribers

People subscribed via source and target branches

to all changes: