Commit 2713dd28 authored by Raine Makelainen's avatar Raine Makelainen

Merge branch 'jb42415' into 'master'

[udisks2] Loosen up polkit rules to work from another seat. Contributes to JB#42415

See merge request !15
parents aabf7d97 7c3a440c
From eed3d5281b6dec96c8d9ca137b21a0c7fe7bb99a Mon Sep 17 00:00:00 2001
From d80468db70396c4bf9046d3b6c0842376df98476 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Tue, 5 Dec 2017 11:17:50 +0200
Subject: [PATCH 01/10] Disable libblockdev-mdraid and part support from source
Subject: [PATCH 1/8] Disable libblockdev-mdraid and part support from source
tree
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
......
From a74354efa70a5e5578e581e1e3a6df5d4fa1b2d2 Mon Sep 17 00:00:00 2001
From fce6c2b7904eec9fbb4be5151178bc923d509ed3 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Thu, 7 Dec 2017 13:15:34 +0200
Subject: [PATCH 02/10] Drop smartata dependencies
Subject: [PATCH 2/8] Drop smartata dependencies
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
......
From 760d8ddfd816c8c62038792373a27531e23ff458 Mon Sep 17 00:00:00 2001
From 43e2067c1e2df252e44b795a06773992c42be82d Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Tue, 6 Feb 2018 14:01:16 +0200
Subject: [PATCH 03/10] Loosen up mount/unmount rights
Subject: [PATCH 3/8] Loosen up polkit policies to work from another seat
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
data/org.freedesktop.UDisks2.policy.in | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
data/org.freedesktop.UDisks2.policy.in | 36 +++++++++++++-------------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/data/org.freedesktop.UDisks2.policy.in b/data/org.freedesktop.UDisks2.policy.in
index d97528d4..7b42f7e0 100644
index d97528d4..eaf13908 100644
--- a/data/org.freedesktop.UDisks2.policy.in
+++ b/data/org.freedesktop.UDisks2.policy.in
@@ -16,8 +16,8 @@
......@@ -23,6 +23,15 @@ index d97528d4..7b42f7e0 100644
<allow_active>yes</allow_active>
</defaults>
</action>
@@ -29,7 +29,7 @@
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
@@ -38,9 +38,9 @@
<_description>Mount a filesystem from a device plugged into another seat</_description>
<_message>Authentication is required to mount the filesystem</_message>
......@@ -49,6 +58,59 @@ index d97528d4..7b42f7e0 100644
</defaults>
</action>
@@ -102,7 +102,7 @@
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
@@ -111,9 +111,9 @@
<_description>Unlock an encrypted device plugged into another seat</_description>
<_message>Authentication is required to unlock an encrypted device</_message>
<defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_any>auth_self</allow_any>
+ <allow_inactive>auth_self</allow_inactive>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
@@ -319,7 +319,7 @@
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
@@ -328,9 +328,9 @@
<_description>Modify a device</_description>
<_message>Authentication is required to modify a device plugged into another seat</_message>
<defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_any>auth_self</allow_any>
+ <allow_inactive>auth_self</allow_inactive>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
@@ -384,7 +384,7 @@
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin</allow_active>
+ <allow_active>auth_self</allow_active>
</defaults>
</action>
--
2.17.1
From 25b0331b27801f54e24aba4b21738309ebf05062 Mon Sep 17 00:00:00 2001
From 238885252bcc61b33b04e7b2f35386cd1654216e Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Tue, 6 Feb 2018 14:08:59 +0200
Subject: [PATCH 04/10] Introduce mount-sd service that is executed as nemo
Subject: [PATCH 4/8] Introduce mount-sd service that is executed as nemo
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
......
From d6088c3ab42931929dbd0bb6fa6cf3e6706d8499 Mon Sep 17 00:00:00 2001
From 1d81016ef437b5d46f460b896570aecbb7cdc283 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Mon, 12 Mar 2018 10:18:03 +0200
Subject: [PATCH 05/10] Add udev rule for the sda drives
Subject: [PATCH 5/8] Add udev rule for the sda drives
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
......
From 1020693fef82bb586fbcc4c85356cf6d832564d8 Mon Sep 17 00:00:00 2001
From a47bdb65dce36e359fd160a6b2612f650464d501 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Wed, 11 Apr 2018 11:11:53 +0300
Subject: [PATCH 06/10] Disable zram rule for now
Subject: [PATCH 6/8] Disable zram rule for now
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
......
From c7b6cc4dda761baf5d7ba1c9657c9728dc75ec97 Mon Sep 17 00:00:00 2001
From 25d40682c8393178112ca1f3e8630f90184ce84a Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Wed, 18 Apr 2018 18:00:00 +0300
Subject: [PATCH 07/10] Create mount path with 755 rights
Subject: [PATCH 7/8] Create mount path with 755 rights
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
......
From 18963bbaf1422255f24f3d71bc96733083d60e5c Mon Sep 17 00:00:00 2001
From 6f14b8f50eb50a20e8cd20e8fc07f7e3a03fd0b4 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Tue, 18 Sep 2018 17:04:36 +0300
Subject: [PATCH 10/10] Make it possible to encrypt mmcblk* (format with
Subject: [PATCH 8/8] Make it possible to encrypt mmcblk* (format with
encryption)
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
......
From 7d909d3f15d4398edc976733f8c3dc56b564a109 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Mon, 16 Jul 2018 15:40:23 +0300
Subject: [PATCH 08/10] Make it possible to format from another seat. Fixes
JB#42414
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
data/org.freedesktop.UDisks2.policy.in | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/data/org.freedesktop.UDisks2.policy.in b/data/org.freedesktop.UDisks2.policy.in
index 7b42f7e0..fedab426 100644
--- a/data/org.freedesktop.UDisks2.policy.in
+++ b/data/org.freedesktop.UDisks2.policy.in
@@ -328,9 +328,9 @@
<_description>Modify a device</_description>
<_message>Authentication is required to modify a device plugged into another seat</_message>
<defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_any>auth_self</allow_any>
+ <allow_inactive>auth_self</allow_inactive>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
--
2.17.1
From 3191d582ff350950036895aec8e521dee25b7c53 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Fri, 3 Aug 2018 09:39:20 +0300
Subject: [PATCH 09/10] Make it possible to unlock from another seat
Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
data/org.freedesktop.UDisks2.policy.in | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/data/org.freedesktop.UDisks2.policy.in b/data/org.freedesktop.UDisks2.policy.in
index fedab426..acc15f48 100644
--- a/data/org.freedesktop.UDisks2.policy.in
+++ b/data/org.freedesktop.UDisks2.policy.in
@@ -111,9 +111,9 @@
<_description>Unlock an encrypted device plugged into another seat</_description>
<_message>Authentication is required to unlock an encrypted device</_message>
<defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
+ <allow_any>auth_self</allow_any>
+ <allow_inactive>auth_self</allow_inactive>
+ <allow_active>auth_self_keep</allow_active>
</defaults>
</action>
--
2.17.1
......@@ -16,14 +16,12 @@ Source0: %{name}-%{version}.tar.bz2
Source1: udisks2-symlink-mount-path
Patch1: 0001-Disable-libblockdev-mdraid-and-part-support-from-sou.patch
Patch2: 0002-Drop-smartata-dependencies.patch
Patch3: 0003-Loosen-up-mount-unmount-rights.patch
Patch3: 0003-Loosen-up-polkit-policies-to-work-from-another-seat.patch
Patch4: 0004-Introduce-mount-sd-service-that-is-executed-as-nemo.patch
Patch5: 0005-Add-udev-rule-for-the-sda-drives.patch
Patch6: 0006-Disable-zram-rule-for-now.patch
Patch7: 0007-Create-mount-path-with-755-rights.patch
Patch8: 0008-Make-it-possible-to-format-from-another-seat.-Fixes-.patch
Patch9: 0009-Make-it-possible-to-unlock-from-another-seat.patch
Patch10: 0010-Make-it-possible-to-encrypt-mmcblk-format-with-encry.patch
Patch8: 0008-Make-it-possible-to-encrypt-mmcblk-format-with-encry.patch
BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version}
BuildRequires: pkgconfig(gobject-introspection-1.0)
......@@ -114,9 +112,7 @@ dynamic library, which provides access to the udisksd daemon.
%patch5 -p1 -b .udev-rules-for-sda
%patch6 -p1 -b .udev-disable-zram
%patch7 -p1 -b .mount-path-rights
%patch8 -p1 -b .format-another-seat
%patch9 -p1 -b .unlock-another-seat
%patch10 -p1 -b .mmcblk-encryption
%patch8 -p1 -b .mmcblk-encryption
%build
# Disable gtk-doc
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment