policykit-1 123-1 source package in Ubuntu

Changelog

policykit-1 (123-1) unstable; urgency=medium

  * New upstream release
  * Update directory permissions to match upstream hardening
    - /etc/polkit-1/rules.d: was 0700 polkitd:root, now 0750 root:polkitd
      so polkitd cannot modify it
    - /var/lib/polkit-1: same as /etc/polkit-1/rules.d
    - /usr/share/polkit-1/rules.d: was 0700 polkitd:root, now 0755
      root:root since everything in that directory comes from a package
      anyway
  * d/polkitd.postinst: Clean up /var/lib/polkit-1/.cache on upgrades,
    now that polkitd will not re-create it (Closes: #855083)
  * d/tests: Depend on polkitd instead of policykit-1
  * d/tests: Rename cli test to polkitd
  * d/tests: Add a test for pkexec
  * d/p/debian/Don-t-use-PrivateNetwork-yes-for-the-systemd-unit.patch:
    Disable PrivateNetwork=yes for now. This would be good to have,
    but it causes autopkgtest failures under lxc. (Mitigates: #1042880)
  * d/control: Stop recommending polkitd-pkla in policykit-1.
    This is a step towards removing the policykit-1 transitional package
    entirely: it was included in Debian 12 and Ubuntu 22.04, so it has
    served its purpose and should be removed soon.

 -- Simon McVittie <email address hidden>  Wed, 02 Aug 2023 12:49:21 +0100

Upload details

Uploaded by:
Utopia Maintenance Team
Uploaded to:
Sid
Original maintainer:
Utopia Maintenance Team
Architectures:
any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Mantic release main admin

Downloads

File Size SHA-256 Checksum
policykit-1_123-1.dsc 3.4 KiB 1da4c8fff5b87261149bd269a9374aca881170eb5e6768f920690ff3a7013262
policykit-1_123.orig-polkit-pkla-compat.tar.bz2 368.2 KiB 28ec66928327031c9a4155a1c901fdf223d2fb7030c58fc584a96e43af9d2783
policykit-1_123.orig.tar.bz2 690.9 KiB 72d9119b0aa35da871fd0660601d812c7a3d6af7e4e53e237840b71bb43d0c63
policykit-1_123-1.debian.tar.xz 45.1 KiB 0290df89879cf5e8363a17001556f0597f5b5f6736251e9dd2dea23c8af1c086

Available diffs

No changes file available.

Binary packages built by this source

gir1.2-polkit-1.0: GObject introspection data for polkit

 polkit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package contains introspection data for polkit.
 .
 It can be used by packages using the GIRepository format to generate
 dynamic bindings.

libpolkit-agent-1-0: polkit Authentication Agent API

 polkit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package contains a library for accessing the authentication agent.

libpolkit-agent-1-0-dbgsym: debug symbols for libpolkit-agent-1-0
libpolkit-agent-1-dev: polkit Authentication Agent API - development files

 polkit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package contains the development files for the library found in
 libpolkit-agent-1-0.

libpolkit-gobject-1-0: polkit Authorization API

 polkit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package contains a library for accessing polkit.

libpolkit-gobject-1-0-dbgsym: debug symbols for libpolkit-gobject-1-0
libpolkit-gobject-1-dev: polkit Authorization API - development files

 polkit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package contains the development files for the library found in
 libpolkit-gobject-1-0.

pkexec: run commands as another user with polkit authorization

 polkit is an application-level toolkit for defining and handling the policy
 that allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 pkexec is a setuid program to allow certain users to run commands as
 root or as a different user, similar to sudo. Unlike sudo, it carries
 out authentication and authorization by sending a request to polkit,
 so it uses desktop environments' familiar prompting mechanisms for
 authentication and uses polkit policies for authorization decisions.
 .
 By default, members of the 'sudo' Unix group can use pkexec to run any
 command after authenticating. The authorization rules can be changed by
 the local system administrator.
 .
 If this functionality is not required, removing the pkexec package will
 reduce security risk by removing a setuid program.

pkexec-dbgsym: debug symbols for pkexec
policykit-1: transitional package for polkitd and pkexec

 polkit is an application-level toolkit for defining and handling the policy
 that allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This transitional package depends on polkitd, the system service used by
 polkit, and pkexec, a setuid program analogous to sudo. They were
 historically packaged together, but have been separated so that users of
 polkitd are not required to install pkexec.

policykit-1-doc: documentation for polkit

 polkit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package contains the API documentation of polkit.

polkitd: framework for managing administrative policies and privileges

 polkit is an application-level toolkit for defining and handling the policy
 that allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 It is a framework for centralizing the decision making process with respect to
 granting access to privileged operations for unprivileged (desktop)
 applications.
 .
 In a typical use of polkit, an unprivileged application such as gnome-disks
 sends requests via D-Bus or other inter-process communication mechanisms
 to a privileged system service such as udisks, which asks polkitd for
 permission to process those requests. This allows the application to carry
 out privileged tasks without making use of setuid, which avoids several
 common sources of security vulnerabilities.
 .
 This package provides the polkitd D-Bus service and supporting programs.
 The pkexec program is not included, and can be found in the pkexec package.

polkitd-dbgsym: debug symbols for polkitd
polkitd-pkla: Legacy "local authority" (.pkla) backend for polkitd

 polkit is an application-level toolkit for defining and handling the policy
 that allows unprivileged processes to speak to privileged processes.
 It was previously named PolicyKit.
 .
 This package configures the polkitd D-Bus service to read default
 authorization policies from .desktop-style files in subdirectories of
 /var/lib/polkit-1/localauthority. It is compatible with the version of
 polkitd used in Debian 11 and older releases.

polkitd-pkla-dbgsym: debug symbols for polkitd-pkla