Fix the passwordless install for users in wheel group only bug

2013-06-18 12:05:24 +01:00 · 2013-06-18 12:05:24 +01:00 · f84e052215
commit f84e052215
parent c1b32df01c
2 changed files with 67 additions and 2 deletions
--- a/PackageKit-git-fixes.patch
+++ b/PackageKit-git-fixes.patch
@ -121,3 +121,62 @@ index 289f10f..49a0f7b 100755
             self.percentage(100)
             return
 
+From b78af414daf2176aac74540039b341a3e4e49412 Mon Sep 17 00:00:00 2001
+From: Richard Hughes <richard@hughsie.com>
+Date: Tue, 28 May 2013 14:34:59 +0100
+Subject: [PATCH] Allow local active users in the wheel group to install signed
+ packages without a password
+
+---
+ contrib/PackageKit.spec.in                  | 1 +
+ policy/Makefile.am                          | 5 +++++
+ policy/org.freedesktop.packagekit.policy.in | 2 +-
+ policy/org.freedesktop.packagekit.rules     | 7 +++++++
+ 4 files changed, 14 insertions(+), 1 deletion(-)
+ create mode 100644 policy/org.freedesktop.packagekit.rules
+
+diff --git a/policy/Makefile.am b/policy/Makefile.am
+index ebb7808..6babe33 100644
+--- a/policy/Makefile.am
+++ b/policy/Makefile.am
+@@ -2,6 +2,11 @@
+ NULL =
+ 
+ if SECURITY_TYPE_POLKIT
+polkit_rulesdir = $(datadir)/polkit-1/rules.d
+dist_polkit_rules_DATA =					\
+	org.freedesktop.packagekit.rules			\
+	$(NULL)
+
+ polkit_policydir = $(datadir)/polkit-1/actions
+ dist_polkit_policy_DATA =					\
+ 	org.freedesktop.packagekit.policy			\
+diff --git a/policy/org.freedesktop.packagekit.policy.in b/policy/org.freedesktop.packagekit.policy.in
+index 28ab3b1..19cdd20 100644
+--- a/policy/org.freedesktop.packagekit.policy.in
+++ b/policy/org.freedesktop.packagekit.policy.in
+@@ -42,7 +42,7 @@
+     <defaults>
+       <allow_any>no</allow_any>
+       <allow_inactive>no</allow_inactive>
+-      <allow_active>yes</allow_active>
+      <allow_active>auth_admin_keep</allow_active>
+     </defaults>
+   </action>
+ 
+diff --git a/policy/org.freedesktop.packagekit.rules b/policy/org.freedesktop.packagekit.rules
+new file mode 100644
+index 0000000..6a1c8a7
+--- /dev/null
+++ b/policy/org.freedesktop.packagekit.rules
+@@ -0,0 +1,7 @@
+polkit.addRule(function(action, subject) {
+    if (action.id == "org.freedesktop.packagekit.package-install" &&
+        subject.active == true && subject.local == true &&
+        subject.isInGroup("wheel")) {
+            return polkit.Result.YES;
+    }
+});
+-- 
+1.8.2.1
+
--- a/PackageKit.spec
+++ b/PackageKit.spec
@ -6,7 +6,7 @@
 Summary:   Package management service
 Name:      PackageKit
 Version:   0.8.9
-Release:   5%{?dist}
+Release:   6%{?dist}
 License:   GPLv2+ and LGPLv2+
 URL:       http://www.packagekit.org
 Source0:   http://www.packagekit.org/releases/%{name}-%{version}.tar.xz
@ -335,6 +335,7 @@ update-mime-database %{_datadir}/mime &> /dev/null || :
 %{_datadir}/man/man1/pkmon.1.gz
 %{_datadir}/man/man1/pkgenpack.1.gz
 %{_datadir}/polkit-1/actions/*.policy
+%{_datadir}/polkit-1/rules.d/*
 %{_datadir}/mime/packages/packagekit-*.xml
 %{_datadir}/PackageKit/pk-upgrade-distro.sh
 %{_libexecdir}/packagekitd
@ -445,9 +446,14 @@ update-mime-database %{_datadir}/mime &> /dev/null || :
 %{_libdir}/pkgconfig/packagekit-plugin.pc

 %changelog
-* Sat Jun 22 2013 Matthias Clasen <mclasen@redhat.com> - 0.8.9-5
+* Sat Jun 22 2013 Matthias Clasen <mclasen@redhat.com> - 0.8.9-6
 - Trim %%changelog

+* Thu Jun 13 2013 Richard Hughes <rhughes@redhat.com> - 0.8.9-5
+- Backport another fix from master to fix the passwordless install for users
+  in wheel group only bug.
+- Resolves: #975214
+
 * Thu Jun 13 2013 Richard Hughes <rhughes@redhat.com> - 0.8.9-4
 - Backport another fix from master to fix the offline updates feature.
 - Resolves: #968936