On Thu, 2009-08-06 at 13:39 +0100, Daniel P. Berrange wrote: > In the seriously annoying way of things, the newest PolicyKit in Fedora 12 > has been completely re-written from scratch with a totally incompatible > application facing API. Conceptually it is still pretty similar though, > with the exception that client applications no longer need to explicitly > launch an auth dialog - that's done out-of-band by policykit itself. > > This patch adjusts libvirtd to the new API, and removes the libvirt client > side code that spawned the auth helper. On the libvirtd side avoid their > APIs and instead spawn an external auth checking program 'pkcheck', which > returns 0 on success, non-0 for denial. > > In the final annoying bit, the XML format for the policy has remained with > exactly the same DTD version, except that it has quietly changed the allowed > values for some attributes in an incompatible manner. So I have to add a > new policy file too. > > NB, it may not look like we've changed the client side, but we have, since > the #ifdef for the external auth agent is no longer set. Okay, I've only given this a fairly cursory look over, but it seems fairly straightforward and correct. ACK. At least the new code is simpler ... Cheers, Mark. -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list