policykit-1 (122-3) unstable; urgency=medium * d/polkitd.postinst: Stop polkitd before changing home directory. usermod will refuse to change the home directory if a polkitd process is running as the polkitd uid, so stop polkitd if necessary, and also don't fail if usermod can't change the home directory in an existing installation (which is non-critical anyway). (Closes: #1030154) -- Simon McVittie <smcv@debian.org> Tue, 31 Jan 2023 22:05:24 +0000 policykit-1 (122-2) unstable; urgency=medium [ Debian Janitor ] * d/changelog: Trim trailing whitespace * d/upstream/metadata: Update URLs for Bug-Database, Bug-Submit [ Simon McVittie ] * Update how we assign root-equivalent groups - d/p/debian/50-default.rules-Replace-wheel-group-with-sudo-group.patch, d/rules: Set up Debian's default root-equivalent group 'sudo' in 50-default.rules rather than in 40-debian-sudo.rules. This ensures that users of polkitd-pkla can override it by configuring admin identities the old way. Previously, because 40-debian-sudo.rules was earlier in the sequence than 49-polkit-pkla-compat.rules, it would take precedence and the admin identities from polkitd-pkla were ignored. (Closes: #1023393) By default, polkitd-pkla does not provide any admin identities, which means we behave as though polkitd-pkla was not installed at all, and fall back to the sudo group defined in 50-default.rules. - d/p/debian/05_revert-admin-identities-unix-group-wheel.patch: Drop patch, superseded by the one described above - d/rules: When built for Ubuntu, also install an Ubuntu-specific file sequenced after 49-polkit-pkla-compat.rules but before 50-default.rules, which treats both the 'sudo' group and the legacy 'admin' group as root-equivalent. * Replace /etc/pam.d/polkit-1 with /usr/lib/pam.d/polkit-1. /usr/lib/pam.d has been supported since at least 1.4.0 (Debian 11), so we can make this an ordinary packaged file instead of a conffile. Local sysadmin overrides can still be done via /etc/pam.d/polkit-1 as before. This sidesteps dpkg's inability to keep track of a conffile when it is moved from one package to another (#399829, #645849, #163657, #595112). (Closes: #1006203) * postinst: Only clean up config directories if not owned. If we only have polkitd installed, then we want to clean up the obsolete directory /etc/polkit-1/localauthority.conf.d on upgrade, but if we have polkitd-pkla installed, then it owns that directory and we should not remove it. (Closes: #1026425) * d/policykit-1.dirs: Continue to own some legacy directory names. Having the transitional package continue to own these directories until it has had a chance to clean up obsolete conffiles will silence warnings from dpkg about inability to remove them. (Closes: #1027420) * d/polkitd.postrm: Clean up /var/lib/polkit-1 on purge. If /var/lib/polkit-1 was the polkitd user's home directory, then it might contain a .cache subdirectory; clean that up too. * Create polkitd user with home directory /nonexistent in new installations. This will prevent it from creating detritus in /var/lib/polkit-1. * polkitd.postinst: Change polkitd home directory to /nonexistent on upgrade * Remove version constraints unnecessary since buster (oldstable) * Update standards version to 4.6.2 (no changes needed) -- Simon McVittie <smcv@debian.org> Fri, 20 Jan 2023 13:22:24 +0000 policykit-1 (122-1) unstable; urgency=medium * d/watch: Fix handling of polkit-pkla-compat * d/watch: Monitor Gitlab releases instead of fd.o web server * New upstream release * Drop patches that were included in the new upstream release -- Simon McVittie <smcv@debian.org> Fri, 28 Oct 2022 18:36:30 +0100 policykit-1 (121+compat0.1-6) unstable; urgency=medium * d/polkitd.examples: Really install the example rules mentioned in NEWS * d/control: Explicitly build-depend on docbook-xsl. polkit-pkla-compat needs this for the man pages, which cannot currently be disabled, so it is not marked as <!nodoc> (and neither is xsltproc). * Only build API documentation if policykit-1-doc is built. It doesn't need to be built when we're doing an architecture-specific build, and we can also mark it with the <!nodoc> build-profile (although that's not particularly useful in this case because it's the only arch-indep binary package). -- Simon McVittie <smcv@debian.org> Thu, 13 Oct 2022 21:05:11 +0100 policykit-1 (121+compat0.1-5) unstable; urgency=medium * Release to unstable (Closes: #946231, #1018897) -- Simon McVittie <smcv@debian.org> Thu, 13 Oct 2022 10:46:03 +0100 policykit-1 (121+compat0.1-4) experimental; urgency=medium * d/polkitd.postinst: Consistently indent with spaces * d/polkitd.postinst: Quote defensively * d/polkitd.postinst: Don't explicitly restart the systemd service. dh_installsystemd does this for us anyway. * d/polkitd.postinst: Make sure message bus policy is reloaded if needed. If we created or modified the polkitd user, then we need to refresh dbus-daemon's cached policy to take that user into account, otherwise polkitd will fail to start. This fixes an autopkgtest failure. * d/polkitd.postinst: Stop polkitd when not using systemd. On non-systemd systems, polkitd is a traditional D-Bus service and is not managed by a service manager, so the way to ensure we are running the upgraded version is to stop it and let the D-Bus system bus activate a new copy next time it is used. * Install a sysusers.d(5) fragment to set up the system user. This allows use of polkit without adduser on systems that have either systemd or systemd-standalone-sysusers. * d/polkitd.tmpfiles: Provide a tmpfiles.d(5) fragment for our directories * Add another override for man pages not matching Lintian expectations * d/rules: Build with hardening=+bindnow * Add doc-base metadata for the reference manual -- Simon McVittie <smcv@debian.org> Mon, 10 Oct 2022 15:00:55 +0100 policykit-1 (121+compat0.1-3) experimental; urgency=medium * Merge content of polkitd-javascript into polkitd. Keep the polkitd-javascript package as a transitional package. -- Simon McVittie <smcv@debian.org> Wed, 28 Sep 2022 12:19:38 +0100 policykit-1 (121+compat0.1-2) experimental; urgency=medium * Add a NEWS file describing the change of security policy format * d/control: policykit-1 Recommends polkitd-pkla. This arranges for upgrades from Debian 11 to install polkitd-pkla by default, preserving previous functionality, while also allowing it to be removed for legacy-free systems. * d/pkla/: Remove, no longer installed or used * d/example-rules: Add some examples of the JavaScript rules format * d/changelog: Merge changelog entries from testing/unstable, in preparation for uploading this branch to unstable -- Simon McVittie <smcv@debian.org> Wed, 14 Sep 2022 21:33:22 +0100 policykit-1 (121+compat0.1-1) experimental; urgency=medium * Restructure the package to use upstream project polkit-pkla-compat for compatibility with 0.105 and older versions. - polkitd-javascript is now the only implementation of polkitd. The packages will probably be merged in a future upload, but keep them separate for now as a contingency plan. - polkitd-pkla now Depends on polkitd-javascript instead of having Breaks/Replaces on it. It's now an addon for polkitd-javascript, which calls out to an external helper program to check authorization against the old pklocalauthority(8) configuration files. - polkitd-javascript: Ensure that the polkitd user has a primary group. The polkit-pkla-compat package wants its directories to be owned by root:polkitd, which will only work if the polkitd user has a corresponding polkitd group. - Add polkit-pkla-compat as a secondary upstream tarball - Build polkit-pkla-compat instead of a PKLA build of polkitd - Drop patches that reinstated the ability to do a PKLA build of polkitd * d/p/polkitbackendduktapeauthority.c-Print-the-error-string-we.patch: Add patch from upstream to display error string as intended * d/control: Explicitly build-depend on xml-core, for its dh addon * d/copyright: Update * Update Lintian overrides * Standards-Version: 4.6.1 (no changes required) * d/tests: Skip if dbus-daemon is not running and cannot be started * Try harder to clean up obsolete conffiles -- Simon McVittie <smcv@debian.org> Thu, 01 Sep 2022 15:59:38 +0100 policykit-1 (121-2) experimental; urgency=medium [ Michael Biebl ] * Use dh-sequence-gir Build-Depends to enable the gir addon * Remove no longer needed dh option. Upstream has removed the autotools based build system so we no longer need to tell dh which build system to use. * Remove workaround for missing mocklibc [ Simon McVittie ] * d/copyright: Reinstate entry for test/mocklibc * d/polkitd.install: Really install the XML catalog entry * d/rules: Enable xml-core dh sequence * d/catalog.xml: Fix basename of DTD -- Simon McVittie <smcv@debian.org> Sat, 23 Jul 2022 16:04:32 +0100 policykit-1 (121-1) experimental; urgency=medium * New upstream release * d/copyright: Update * Drop patches that were applied upstream * Refresh remaining patches * d/control: Build-depend on duktape instead of mozjs * Install policyconfig-1.dtd in polkitd package, with an XML catalog entry (Closes: #872615) * d/watch: Use Gitlab tags to watch for new releases for now. Subsequent releases will be done via the Gitlab releases feature, but it's not immediately obvious what form that will take. * Add patch from upstream to install rules.d defaults in /usr/share. This brings us one step closer to the "empty /etc is valid" model. * d/rules: Install sudo and Ubuntu admin rules into /usr/share, too. This avoids these files having to be conffiles that vary between distros. * d/upstream/metadata: Add * d/polkitd.docs: Update -- Simon McVittie <smcv@debian.org> Sat, 16 Jul 2022 20:17:46 +0100 policykit-1 (0.120-6) experimental; urgency=medium * Add patch from Fedora to fix denial of service via fd exhaustion (CVE-2021-4115; Closes: #1005784) -- Simon McVittie <smcv@debian.org> Fri, 18 Feb 2022 10:04:56 +0000 policykit-1 (0.120-5) experimental; urgency=medium * d/*.postinst: Correct package names in initial comments * d/policykit-1.bug-control: Correct name of Submit-As field -- Simon McVittie <smcv@debian.org> Wed, 09 Feb 2022 11:42:38 +0000 policykit-1 (0.120-4) experimental; urgency=medium * d/control: Change descriptions to refer to polkit. According to NEWS, the official name of the project has been polkit since 2012, and perhaps earlier. * d/patches: Use upstream's finalized patch for CVE-2021-4034. The patch that was provided to distributors under embargo was not the final version: it used a different exit status, and made an attempt to show help. The version that was actually committed after the embargo period ended interprets argc == 0 as an attack rather than a mistake, and does not attempt to show the help message. * d/patches: Move Debian-specific patches to d/p/debian/. This makes it clearer that these are not intended to go upstream. * Split policykit-1 into polkitd and pkexec packages. pkexec is a setuid program, which makes it a higher security risk than the more typical IPC-based uses of polkit. If we separate out pkexec into its own package, then only packages that rely on being able to run pkexec will have to depend on it, reducing attack surface for users who are able to remove the pkexec package. * Reinstate the .pkla backend as a separate binary package. Upstream polkit switched its authorization rule syntax from .ini-style .pkla files to JavaScript in version 0.106. Debian has historically used a fork of the last .pkla-based version, but this was becoming unsustainable: bug fixes from subsequent upstream versions were either applied as patches, or missing from the Debian package. The "local authority" code that implements .pkla files is not actually all that large, so patching it into a modern upstream version is a much smaller task than patching modern upstream bug fixes into an old upstream version. For this upload to experimental, keep both the JavaScript backend and the .pkla backend intact, by compiling polkitd twice with different options. This lets us preserve existing functionality of upstream and experimental polkit (with the more powerful JavaScript-based rules, which can base their authorization decisions on service-specific information like the name of a systemd unit), while also having the opportunity to evaluate polkitd-pkla as a more direct replacement for what's in bookworm. * Adjust Lintian override syntax * Add Debian-specific man pages for polkitd-pkla * d/copyright: Update * Always configure the sudo group as root-equivalent. This avoids Debian derivatives getting an unexpected change in behaviour when they switch from inheriting Debian's policykit-1 package to building their own policykit-1 package, perhaps as a result of wanting to apply an unrelated patch. The sudo group is defined to be root-equivalent in base-passwd, so this should be equally true for all Debian derivatives. (Closes: utopia-team/polkit!3; thanks to Arnaud Rebillout) -- Simon McVittie <smcv@debian.org> Sat, 05 Feb 2022 10:49:54 +0000 policykit-1 (0.120-3) experimental; urgency=high * d/p/Avoid-local-privilege-escalation-in-polkit-s-pkexec.patch: Apply embargoed patch for local privilege escalation (CVE-2021-4034) -- Simon McVittie <smcv@debian.org> Mon, 24 Jan 2022 14:09:42 +0000 policykit-1 (0.120-2) experimental; urgency=medium * d/rules: Extend timeout for unit tests. Meson's default 30 second timeout is uncomfortably short even on x86, and too short on e.g. mips. -- Simon McVittie <smcv@debian.org> Thu, 28 Oct 2021 12:52:02 +0100 policykit-1 (0.120-1) experimental; urgency=medium * New upstream release * Drop patches that were applied upstream * Depend on default-dbus-system-bus | dbus-system-bus instead of dbus. We need the system bus: let's be specific about that. This will allow dbus-broker to be substituted for dbus, if desired. * Build-depend on dbus-daemon instead of dbus. We only need dbus-run-session at build time; we don't need a fully-working system bus. * debian/missing/docs: Remove extra copy of documentation. This is in the new upstream release. - d/source/include-binaries: Remove, no longer needed * d/p/Don-t-pass-positional-parameters-to-i18n.merge_file.patch: Add patch to fix FTBFS with Meson 0.60.0 * Standards-Version: 4.6.0 (no changes required) * Use d/watch format version 4 -- Simon McVittie <smcv@debian.org> Tue, 26 Oct 2021 12:11:24 +0100 policykit-1 (0.119-1) experimental; urgency=medium * New upstream release - Fixes local privilege escalation involving polkit_system_bus_name_get_creds_sync() (CVE-2021-3560) (Closes: #989429) * d/missing, d/rules: Work around missing docs/polkit/overview.xml etc. in 0.119 tarball * Build using Meson * d/p/build-Remove-redundant-computation-of-dbus-data-directory.patch, d/p/build-Don-t-require-dbus-development-files.patch, d/p/meson_post_install-Use-geteuid-instead-of-getpass.patch, d/p/meson_post_install-Don-t-fail-if-the-polkitd-user-doesn-t.patch, d/p/meson_post_install-If-installation-steps-are-skipped-say-.patch, d/p/meson_post_install-Don-t-install-pkexec-group-writable.patch, d/p/meson_post_install-Don-t-make-programs-setuid-if-we-are-n.patch, d/p/meson_post_install-Respect-DESTDIR-for-absolute-paths.patch, d/p/build-Make-the-directory-for-helper-executables-consisten.patch: Add some patches to improve the Meson build system * d/missing, d/rules: Get mocklibc into the right layout for the build * Stop providing static libraries. The Meson build infrastructure only supports shared libraries, and the static libraries built by Autotools were already not particularly useful, because they indirectly depend on the libmount shared library. -- Simon McVittie <smcv@debian.org> Fri, 04 Jun 2021 19:49:26 +0100 policykit-1 (0.118-2) experimental; urgency=medium [ Helmut Grohne ] * Annotate Build-Depends: dbus <!nocheck> (Closes: #980998) [ Michael Biebl ] * Remove old maintscript migration code from pre-oldstable * Use --restart-after-upgrade. With debhelper 13.1, --no-start will disable --restart-after-upgrade. Since we want the service to be restarted on upgrades, request that explicitly. See #959678 [ Simon McVittie ] * d/rules: Remove --libexecdir override. This has no practical effect: the upstream build system no longer uses the libexec directory. * d/rules: Remove redundant dh_missing --fail-missing override. This is the default in dh compat level 13. -- Simon McVittie <smcv@debian.org> Fri, 16 Apr 2021 11:34:06 +0100 policykit-1 (0.118-1) experimental; urgency=medium * New upstream release - Drop patch that was applied upstream * d/control: Update build-dependency to mozjs78 -- Simon McVittie <smcv@debian.org> Sun, 27 Sep 2020 21:06:09 +0100 policykit-1 (0.117-1) experimental; urgency=medium * New upstream release * Rebase patches * Bump Standards-Version to 4.5.0 * Add polkitbackendjsauthoritytest-wrapper.py to release tarball * Add python3-dbusmock to Build-Depends and mark it <!nocheck>. Required by test/polkitbackend/polkitbackendjsauthoritytest-wrapper.py * Bump debhelper-compat to 13 * Add symlink for polkit-agent-helper-1 after the move to /usr/libexec. Support upgrades from 0.105-27 (and later versions in unstable), which moved the private binaries from /usr/lib/policykit-1 to /usr/libexec. (Closes: #965210) -- Michael Biebl <biebl@debian.org> Mon, 03 Aug 2020 15:42:56 +0200 policykit-1 (0.116-3) experimental; urgency=medium * Team upload. * Port to mozjs-68 (Closes: #961279) -- Laurent Bigonville <bigon@debian.org> Wed, 22 Jul 2020 11:59:43 +0200 policykit-1 (0.116-2) experimental; urgency=medium [ Mark Hindley ] * Depend on new virtual packages default-logind and logind (Closes: #923240) [ Simon McVittie ] * d/*.symbols: Add Build-Depends-Package metadata * d/policykit-1.lintian-overrides: Override systemd unit false positives. The systemd unit is only for on-demand D-Bus activation, and is not intended to be started during boot, so an [Install] section and a parallel LSB init script are not necessary. * d/policykit-1.bug-control: Add systemd, elogind versions to bug reports. reportbug doesn't currently seem to interpret "Depends: default-logind | logind" as implying that it should include the version number of the package that Provides logind in bug reports. Workaround for #934472. * Standards-Version: 4.4.0 (no changes required) * Switch to debhelper-compat 12 -- Simon McVittie <smcv@debian.org> Sun, 11 Aug 2019 18:56:22 +0100 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog policykit-1`.
Generated by dwww version 1.15 on Sat May 18 14:05:42 CEST 2024.