Polkit-122
Installation of Polkit
There should be a dedicated user and group to take control of the
polkitd daemon after
it is started. Issue the following commands as the root
user:
groupadd -fg 27 polkitd &&
useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \
-g polkitd -s /bin/false polkitd
Install Polkit by running the
following commands:
mkdir build &&
cd build &&
meson --prefix=/usr \
--buildtype=release \
-Dman=true \
-Dsession_tracking=libelogind \
-Dsystemdsystemunitdir=/tmp \
-Dtests=true \
-Djs_engine=duktape \
.. &&
ninja
To test the results, first ensure that the system D-Bus daemon is running, and both D-Bus Python-1.3.2 and dbusmock-0.28.7 are installed. Then run
meson test -t3.
Now, as the root
user:
ninja install &&
rm -v /tmp/*.service
Command Explanations
--buildtype=release
:
Specify a buildtype suitable for stable releases of the package, as
the default may produce unoptimized binaries.
-Dtests=true
: This switch
allows to run the test suite of this package. As Polkit is used for authorizations, its
integrity can affect system security. So it's recommended to run
the test suite building this package.
-Djs_engine=duktape
: This
switch allows using the duktape-2.7.0
JavaScript engine. Replace with -Djs_engine=mozjs
for using the JS-102.8.0
JavaScript engine.
-Dauthfw=shadow
: This switch enables
the package to use the Shadow
rather than the Linux PAM
Authentication framework. Use it if you have not installed
Linux PAM.
-Dintrospection=false
: Use this option
if you are certain that you do not need gobject-introspection files
for polkit, or do not have gobject-introspection installed.
-Dman=false
: Use this option to disable
generating and installing manual pages. This is useful if libxslt
is not installed.
-Dexamples=true
: Use this option to
build the example programs.
-Dgtk_doc=true
: Use this option to
enable building and installing the API documentation.
Configuring Polkit
PAM
Configuration
Note
If you did not build Polkit
with Linux PAM support, you
can skip this section.
If you have built Polkit with
Linux PAM support, you need to
modify the default PAM configuration file which was installed by
default to get Polkit to work
correctly with BLFS. Issue the following commands as the
root
user to create the
configuration file for Linux
PAM:
cat > /etc/pam.d/polkit-1 << "EOF"
# Begin /etc/pam.d/polkit-1
auth include system-auth
account include system-account
password include system-password
session include system-session
# End /etc/pam.d/polkit-1
EOF
Contents
Installed Programs:
pkaction, pkcheck, pkexec, pkttyagent,
and polkitd
Installed Libraries:
libpolkit-agent-1.so and
libpolkit-gobject-1.so
Installed Directories:
/etc/polkit-1, /usr/include/polkit-1,
/usr/lib/polkit-1, /usr/share/gtk-doc/html/polkit-1, and
/usr/share/polkit-1
Short Descriptions
pkaction
|
is used to obtain information about registered PolicyKit
actions
|
pkcheck
|
is used to check whether a process is authorized for
action
|
pkexec
|
allows an authorized user to execute a command as another
user
|
pkttyagent
|
is used to start a textual authentication agent for the
subject
|
polkitd
|
provides the org.freedesktop.PolicyKit1 D-Bus service on the system message
bus
|
libpolkit-agent-1.so
|
contains the Polkit
authentication agent API functions
|
libpolkit-gobject-1.so
|
contains the Polkit
authorization API functions
|