Ubuntu
checkbox package

Please port to polkit-1 or drop policykit usage

Bug #435714 reported by Martin Pitt on 2009-09-24

8

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	checkbox (Ubuntu)	Fix Released	High	Marc Tardif	Ubuntu ubuntu-9.10
	Karmic	Fix Released	High	Marc Tardif	Ubuntu ubuntu-9.10

Bug Description

Binary package hint: checkbox

checkbox is one of two remaining packages in the Ubuntu default install which still uses the deprecated policykit 0.9 API. Please port to the new polkit-1 API.

This generally means to change the backend code to the new API, completely throw away everything PolicyKit related from the frontends (polkit daemon invokes authorization dialogs on its own now), and moving around the .policy file.

Please see https://wiki.ubuntu.com/DesktopTeam/PolicyKitOneMigration for the current status and links to API docs and migration guide.

Please see http://bazaar.launchpad.net/%7Ejockey-hackers/jockey/trunk/revision/562 for an example of another Python project (Jockey).

Also, I noticed that the current PolicyKit usage does not make real sense:

      <allow_any>yes</allow_any>
      <allow_inactive>yes</allow_inactive>
      <allow_active>yes</allow_active>

in other words, there is no restriction at all. So if you don't need fine-grained permissions, then you could just drop all the PK stuff and restrict the D-BUS policy from

  <policy context="default">
    <allow send_destination="com.ubuntu.checkbox"
           send_interface="com.ubuntu.checkbox"/>
    <allow send_destination="com.ubuntu.checkbox"
           send_interface="org.freedesktop.DBus.Introspectable"/>
    <allow send_destination="com.ubuntu.checkbox"
           send_interface="org.freedesktop.DBus.Properties"/>
  </policy>

to

  <policy context="default">
    <allow send_destination="com.ubuntu.checkbox"
           send_interface="org.freedesktop.DBus.Introspectable"/>
    <allow send_destination="com.ubuntu.checkbox"
           send_interface="org.freedesktop.DBus.Properties"/>
  </policy>

  <policy at_console="true">
    <allow send_destination="com.ubuntu.checkbox"
           send_interface="com.ubuntu.checkbox"/>
  </policy>

so that users on a local foreground console users can run the tests, but nobody else.

at_console is deprecated as well, but at least still works (while the old policykit gnome agent is not even installed by default any more).

Related branches

lp:ubuntu/karmic/checkbox

Revision history for this message

Martin Pitt (pitti) wrote on 2009-09-24:

#1

I can probably help out with this, but would like to get Marc's opinion first.

Revision history for this message

Martin Pitt (pitti) wrote on 2009-10-08:

#2

Bumping this, since right now it's pretty much completely broken. Without "policykit" installed it isn't able to run most tests.

policykit isn't installed by default, and checkbox does not depend on it. IMHO it would be easiest for karmic to just rip out the old PK checks and restrict the D-BUS policy to "at_console". Marc, what do you think? (I'm happy to help out with this)

Changed in checkbox (Ubuntu Karmic):
assignee:	nobody → Marc Tardif (cr3)
importance:	Undecided → High
milestone:	none → ubuntu-9.10
status:	New → Triaged

Revision history for this message

Marc Tardif (cr3) wrote on 2009-10-08:

#3

Thanks for the suggestions, I will be implementing the proposed change by dropping all the PK stuff.

Marc Tardif (cr3) on 2009-10-12

Changed in checkbox (Ubuntu Karmic):
status:	Triaged → Fix Committed

Revision history for this message

Martin Pitt (pitti) wrote on 2009-10-12:

#4

Thanks Marc! I obviously can't judge the test->job changes, but the PK changes look fine.

Revision history for this message

Martin Pitt (pitti) wrote on 2009-10-12:

#5

This will finally fix the remaining package in the default install which uses the old polkit. \o/

Revision history for this message

Launchpad Janitor (janitor) wrote on 2009-10-14:

#6

This bug was fixed in the package checkbox - 0.8.4

---------------
checkbox (0.8.4) karmic; urgency=low

  * Fixed failing dependencies when not available (LP: #430051)
  * Fixed supporting udevadm not providing DEVPATH variable (LP: #430084)
  * Fixed supporting audio devices without a /proc/asound entry (LP: #430086)
  * Fixed running when python-apport package is not installed (LP: #430103)
  * Fixed X error when exiting after reporting a bug (LP: #430776)
  * Fixed prompting to report a bug according to GNOME HIG (LP: #429701)
  * Fixed prompting for answer in checkbox-cli (LP: #429764)
  * Fixed resolution_test message for fglrx driver (LP: #346816)
  * Fixed adding of manpage symlinks for gtk and cli (LP: #426641)
  * Fixed recovering from connecting to the backend (LP: #446693)
  * Fixed backend to use dbus instead of policykit (LP: #435714)
  * Fixed interpolation of output variable in cli (LP: #450673)
  * Fixed selection of suites in cli (LP: #450713)
  * Fixed parsing of virtio-pci devices (LP: #450774)

-- Marc Tardif <email address hidden> Wed, 14 Oct 2009 11:22:06 -0400

Changed in checkbox (Ubuntu Karmic):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.