http://bugzilla.novell.com/show_bug.cgi?id=541258 User bphilips@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=541258#c2 Brandon Philips <bphilips@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|bphilips@novell.com | --- Comment #2 from Brandon Philips <bphilips@novell.com> 2009-09-23 07:05:42 MDT --- (In reply to comment #1)
(In reply to comment #0)
These files seem to be generated by /sbin/chkstat-polkit in the polkit-default-privs. How did I get such a restrictive set of policies out of this tool by using a default Factory install?
I don't know. AFAIK yast/the product definition file is responsible for setting the default privilege setting. Check PERMISSION_SECURITY and POLKIT_DEFAULT_PRIVS in /etc/sysconfig/security. Default normally is 'easy' resp 'standard' which allows org.freedesktop.devicekit.power.suspend on the active console.
I have never touched /etc/sysconfig/security before. But, here are the settings I have: PERMISSION_SECURITY="secure" POLKIT_DEFAULT_PRIVS="" After using the yast security tool to set the "Predefined Security Configuration" I get when I use "Home Workstation": PERMISSION_SECURITY="easy local" However, the radio button stays at "Custom Settings" when I relaunch Yast Security.
If your setting isn't easy/standard attach yast logs and reassign to yast. If the setting is correct, check wheter you are on the active console (ck-list-session).
active = TRUE
- This policy of locking the screen and then asking for a password would never make sense and makes screen locking on suspend pointless
That's a separate bug that needs to be filed for whatever program is responsible for that behavior.
Aren't the policies in /var/lib/polkit-1/localauthority/10-vendor.d creating this behavior? Any clue who this bug should be filed against?
- None of these files in /var/lib/polkit-1/localauthority/10-vendor.d are owned by a package so it was a bit unclear where they were coming from
They are created on the fly so adding the files to the spec file probably doesn't make too much sense. The directories should actually be provided by polkit itself but I could add it to polkit-default-privs as well.
Since the policies are created and managed by polkit-default-privs it should be added to that package. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.