Merge lp:~roadmr/checkbox/1097816-pkexec into lp:checkbox
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Zygmunt Krynicki | ||||
Approved revision: | 2212 | ||||
Merged at revision: | 2219 | ||||
Proposed branch: | lp:~roadmr/checkbox/1097816-pkexec | ||||
Merge into: | lp:checkbox | ||||
Diff against target: |
146 lines (+52/-24) 4 files modified
checkbox-old/debian/checkbox.install (+1/-0) checkbox-old/debian/control (+12/-12) checkbox-old/examples/org.freedesktop.policykit.checkbox.policy (+31/-0) checkbox-old/plugins/backend_info.py (+8/-12) |
||||
To merge this branch: | bzr merge lp:~roadmr/checkbox/1097816-pkexec | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Zygmunt Krynicki (community) | Approve | ||
Review via email: mp+171930@code.launchpad.net |
Commit message
This removes the deprecated gksu privileged execution mechanism, and replaces it with pkexec, along with a policy file so the backend can launch graphical programs and ask for proper authorization.
Description of the change
This removes the deprecated gksu privileged execution mechanism, and replaces it with pkexec, along with a policy file so the backend can launch graphical programs and ask for proper authorization.
An instance of sudo (not gksudo) is kept as a desperate measure in case pkexec is not present.
Note that if you want to test this from a source tree, the policy file needs to be copied to /usr/share/
Then run checkbox specifying a full path for CHECKBOX_SHARE, like:
CHECKBOX_
this is because full paths are needed for things to work correctly. Optionally, just copy the policy file to the above location, and copy the updated plugins/
An important part of this set of changes is changing the policykit dependency and installing the policy file, for this a package can be built and installed in a VM. I tested this and it works, although I tested only on a raring VM. This mechanism would need to work on Precise, Quantal, Raring and Saucy, though I'm confident it will as all the underlying components are present in those.
Finally, this could potentially need a change in our preseeds for certification, to avoid asking for the password when it's run. I'm thinking this may not be so necessary anymore, since plainbox (which already has sensible policy packages for this) is used for automated (SRU) testing, and on a manual certification run inputting the password may not be such a bother. If needed, however, the preseeds can simply be modified with a s/auth_admin/yes/ on the policy file that checkbox will now install.
+1