lp:~sylvain-pineau/checkbox/trusted-launcher-standalone

Branch merges

Propose for merging

No branches dependent on this one.

Merged into lp:checkbox at revision 2107

Sylvain Pineau (community): Approve on 2013-05-08

Zygmunt Krynicki (community): Approve on 2013-05-07

Diff: 1208 lines (+814/-111)

11 files modified

plainbox/.coveragerc (+2/-0)
plainbox/MANIFEST.in (+1/-0)
plainbox/plainbox/data/org.freedesktop.policykit.pkexec.policy (+30/-0)
plainbox/plainbox/impl/job.py (+10/-59)
plainbox/plainbox/impl/rfc822.py (+4/-19)
plainbox/plainbox/impl/runner.py (+39/-16)
plainbox/plainbox/impl/secure/__init__.py (+27/-0)
plainbox/plainbox/impl/secure/checkbox_trusted_launcher.py (+402/-0)
plainbox/plainbox/impl/secure/test_checkbox_trusted_launcher.py (+268/-0)
plainbox/plainbox/impl/test_rfc822.py (+23/-16)
plainbox/setup.py (+8/-1)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

2107. By Sylvain Pineau on 2013-05-08

coverage: .coveragerc update

To filter tests files for plainbox/transports and plainbox/scripts

2106. By Sylvain Pineau on 2013-05-08

setup.py: MANIFEST.in: Added the policy file to list of data files

2105. By Sylvain Pineau on 2013-05-08

data: Added the polkit policy file

To test it, just copy the file to: /usr/share/polkit-1/actions

2104. By Sylvain Pineau on 2013-05-08

runner: Change the runner behaviour when we run commands as another user

In order to apply the policy file to the trusted launcher, I had to remove
the call to env(1) to let the plainbox-cmd be argv[0] for pkexec.

The list of environment settings are passed a separate argument to the
trusted launcher.

The previous method is still in use to run the root commands when
checkbox "src" mode is detected

2103. By Sylvain Pineau on 2013-05-08

secure: trusted-launcher: Added new tests

To ensure 100% coverage!

2102. By Sylvain Pineau on 2013-05-08

test_rfc822: Create a base class for parsing tests

RFC822ParserTests tests moved to a RFC822ParserTestsMixIn class which
does not inherit from TestCase, avoiding subclasses to run the tests
twice.

Subclasses define the RFC822 loader in their setUpClass() methods.

The RFC822ParserTestsMixIn does not need it anymore

2101. By Sylvain Pineau on 2013-05-08

rfc822: inherit classes from the secure module

RFC822SyntaxError and BaseRFC822Record

2100. By Sylvain Pineau on 2013-05-08

job: Added the via property and inherit the secure job definition base class

To cut duplicated code between the trusted launcher and the core

2099. By Sylvain Pineau on 2013-05-08

secure: trusted-launcher: Added the code to run checkbox job commands as root

The trusted launcher is the minimal code needed to be able to ask the root
password only once.
This launcher has to be started using pkexec so that the related policy file
works as expected. The goal is to match a given job hash to a system-wide
available job and execute its command.

For jobs generated from local jobs the trusted launcher in started
with --via meaning that we have to eval a local job to find a hash match

Once a match is found, the job command is executed using os.execve.
The environment mapping replaces the previous implementation where we had to
call the env(1) command. Key/value pairs are optional positional arguments.
But only variables defined in the job environ property are allowed to avoid
compromising the root environment.
Needed modifications like adding CHECKBOX_SHARE and new paths to scripts are
managed by the trusted launcher.

2098. By Jeff Lane  on 2013-05-01

"[r=roadmr][bug=1111878][author=bladernr] automatic merge by tarmac"