-
policykit (0.9-1ubuntu3) intrepid; urgency=low
[ James Westby ]
* Don't chown /var/run/PolicyKit in the postinst, as /var/run is on a tmpfs,
and it should be the job of the init script to do this. (LP: #275355)
* Use root:polkituser for /var/run/PolicyKit in the init script, as this
is what the postinst uses. Thanks to Chris Coulson for spotting this.
[ Steve Langasek ]
* Don't ship /var/run/PolicyKit in the package either, since the init
script should always handle it per the above.
-- Steve Langasek <email address hidden> Wed, 08 Oct 2008 06:42:17 +0000
-
policykit (0.9-1ubuntu2) intrepid; urgency=low
* Add debian/patches/03_consolekit0.3-api.patch: Try both the ConsoleKit 0.3
and the older 0.2 API, to work with either. (LP: #273711)
-- Martin Pitt <email address hidden> Wed, 24 Sep 2008 13:41:28 +0200
-
policykit (0.9-1ubuntu1) intrepid; urgency=low
* Merge from debian unstable. Remaining Ubuntu changes:
- debian/patches/ubuntu-admin-group.patch: Change PolicyKit.conf to use
'admin' as administrator group, instead of the 'root' user. Also
grant all permissions to root, since root is not in the admin group and
is already almighty anyway. This unbreaks running tools like g-s-t as
root.
- debian/policykit.init: Create /var/run/PolicyKit if it does not exist.
This happens if /var/run is on a tmpfs. Install it in debian/rules.
- debian/control: Drop policykit-gnome from Recommends: to Suggests: to
match the Suggests semantics and to avoid pulling in -gnome in
non-GNOMEish installations.
- 02_noptrace.patch.disabled: Disable ptrace() and core dumping for
programs using libpolkit for security reasons; not enabled during
development.
policykit (0.9-1) unstable; urgency=low
* New upstream release.
* debian/control
- Bump Standards-Version to 3.8.0. No further changes.
policykit (0.8-2) unstable; urgency=low
* Add symbols files for libpolkit2, libpolkit-grant2 and libpolkit-dbus2.
* debian/policykit.postinst
- Set correct permissions for all files. (Closes: #482064)
- Define a small helper function to apply the permissions. This makes it
more concise and readable.
-- Martin Pitt <email address hidden> Wed, 06 Aug 2008 09:59:16 +0200
-
policykit (0.8-1ubuntu2) intrepid; urgency=low
* Changed policykit Recommends policykit-gnome to a Suggests to
which causes packages like landscape-client to install a lot of
unneeded packages (LP: #250619)
-- Michael Casadevall <email address hidden> Tue, 22 Jul 2008 05:34:34 +0000
-
policykit (0.8-1ubuntu1) intrepid; urgency=low
* Merge from debian unstable (LP: #232227), remaining changes:
- debian/patches/ubuntu-admin-group.patch: Change PolicyKit.conf to use
'admin' as administrator group, instead of the 'root' user. Also
grant all permissions to root, since root is not in the admin group and
is already almighty anyway. This unbreaks running tools like g-s-t as
root.
- debian/policykit.init: Create /var/run/PolicyKit if it does not exist.
This happens if /var/run is on a tmpfs. Install it in debian/rules.
- Add Breaks: policykit (<< 0.7) to libpolkit2.
- debian/policykit.postinst: Drop the dpkg-statoverride and chown
operations for /var/run/PolicyKit. /var/run is a tmpfs and thus
volatile, stat overrides do not make sense on it, and it's the init
script's job to properly set up the directory.
* Disable debian/patches/02_noptrace.patch for now, since it prevents us
from collecting crash reports for gnome-panel and other PK-using
applications. This will be re-enabled again just before the intrepid
release.
* Drop debian/patches/03_readdir_filetype_unknown.patch as it is
now fixed upstream.
* Drop debian/patches/10_format-string-security.patch as it is now
fixed upstream.
* debian/policykit.postinst: change the permissions applied to some
files to match what is now required upstream:
- /var/lib/PolicyKit - Now owned by polkituser:polkituser and mode 770
- /var/lib/PolicyKit-public - Now owned by polkituser and mode 755
- /var/lib/misc/PolicyKit.reload - Now owned by polkituser and mode 755
- /usr/lib/policykit/polkit-set-default-helper - Now owned by polkituser
and mode 4755.
- /usr/lib/policykit/polkit-resolve-exe-helper - Now in group polkituser
and mode 4755
policykit (0.8-1) unstable; urgency=medium
* New upstream release.
- SECURITY - CVE-2008-1658:
Fixes format string vulnerability in the grant helper. (Closes: #476615)
* debian/control
- Add Build-Depends on pkg-config.
-- James Westby <email address hidden> Tue, 13 May 2008 10:29:24 +0100
-
policykit (0.7-2ubuntu7) hardy; urgency=low
* Re-enable 02_noptrace.patch again for the final release, where security
matters more than getting core dumps (apport is disabled by default in the
final release anyway). (LP: #207151)
-- Martin Pitt <email address hidden> Wed, 16 Apr 2008 12:48:03 +0200
