From Fedora Project Wiki

Revision as of 16:22, 29 January 2010 by Lewis41 (talk | contribs) (Created page with '<!-- The actual name of your feature page should look something like: Features/YourFeatureName. This keeps all features in the same namespace --> = PolicyKit 1.0 = == Sommario...')
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.


PolicyKit 1.0

Sommario

PolicyKit provides a flexible framework for granting users access to privileged operations. It is meant to replace the old userhelper approach, and overcome some of its shortcomings. PolicyKit 1.0 addresses architectural shortcomings of the initial PolicyKit design.

Progettista

Stato attuale

PolicyKit 0.95 is the current release of the new PolicyKit.

The polkit, polkit-gnome and polkit-desktop-policy packages are in rawhide now. The PolicyKit 0.9 packages have been obsoleted.

Detailed Description

The initial Releases/FeaturePolicyKit as introduced in Fedora 8 has some shortcomings. E.g. it is based on a library with suid helpers. The shortcoming that motivated the rewrite is that it is not possible to integrate it with directory services such as FreeIPA. The new PolicyKit is implemented as a system bus service and has pluggable backends that make it easy to integrate with directory services. It is one of the goals of the Features/SSSD feature to write such a backend. PolicyKit 1.0 itself will ship with a backend that uses the local filesystem to store action definitions and authorizations, similar to the current PolicyKit.

More details can be found in Davids announcement of the PolicyKit 0.90 release and in his plans for the local authority.

The current plan is to land the new PolicyKit early in F12 (as soon as it opens up, basically), and have most of the patches ready to port applications. The old PolicyKit 0.9 packages can remain for a while to ease the transition period and will be removed a few months into F12, when all users have been ported.

Benefit to Fedora

Making it possible to manage policies in a central directory service makes Fedora more suitable for larger, centrally managed installations.

As a secondary benefit, the new PolicyKit api is much simpler to work with than the PolicyKit 0.9 api.

Altre informazioni

Per:

  • Obbiettivi
  • Test Plan
  • Esperienza Utente
  • Dipendenze
  • Progetto corrente
  • Documentazione
  • Note di rilascio
  • Commenti e Discussioni

Documentation

PolicyKit documentation, including API documentation and manual pages, can be found here. In particular, see the architectural overview.

Release Notes

Fedora 12 includes PolicyKit 1.0.

In contrast to earlier PolicyKit releases in Fedora 10 and 11, this version of PolicyKit does not include a graphical application to manage individual authorizations. Instead, policies can be defined in simple text files and by associated with Unix groups. The polkit-desktop-policy package contains policy definitions suitable for 'Administrator' and 'Standard User' roles on a standalone desktop installation. See the PolicyKit documentation for more information about policies and how they are defined. This information is also available in the polkit(8) manual page.

PolicyKit 1.0 includes a status icon that informs about elevated privileges and provides an easy way to drop these privileges.

Retrieved from "https://fedoraproject.org/w/index.php?title=Archive:It_IT/Releases/12/Features/PolicyKitOne&oldid=148438"