Your message dated Tue, 30 May 2023 21:25:29 +0200 with message-id <e8ea6cb5-ed75-31d0-a746-ec9c2a550f1c@debian.org> and subject line Re: Bug#1033511: release-notes: mention the switch from old polkit .pkla files to JavaScript .rules has caused the Debian Bug report #1033511, regarding release-notes: mention the switch from old polkit .pkla files to JavaScript .rules to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1033511: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033511 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: release-notes: mention the switch from old polkit .pkla files to JavaScript .rules
- From: Simon McVittie <smcv@debian.org>
- Date: Sun, 26 Mar 2023 14:48:12 +0100
- Message-id: <ZCBNHNGQOYdDwXDA@tautology.pseudorandom.co.uk>
Package: release-notes Severity: normal Control: affects -1 src:policykit-1 X-Debbugs-Cc: policykit-1@packages.debian.org I think the transition mentioned in /usr/share/doc/polkitd/NEWS.Debian.gz deserves to be included in the bookworm release notes. I attach some possible wording. I'm not entirely sure which section this should go in, so the location suggested below is only a guess: please move it as necessary. Note that I've included a link to the bookworm polkit(8) man page, but the version displayed on manpages.debian.org is currently wrong (it seems to be a cached version of the man page as it appeared in bullseye). I've reported a separate bug. If the manpages.d.o bug is not fixed by the time this is ready for merge, then a workaround would be to link to the unstable version of polkit(8), which has the correct content. smcv diff --git a/en/issues.dbk b/en/issues.dbk index 4b7b9dda..38e79ce9 100644 --- a/en/issues.dbk +++ b/en/issues.dbk @@ -55,6 +55,54 @@ </section> + <section id="polkitd-pkla"> + <!-- bullseye to bookworm --> + <title>polkit .pkla files deprecated</title> + <para> + polkit (formerly PolicyKit) has been upgraded from version 0.105 to + version 122. + This version changes the syntax used for local policy rules: + it is now the same JavaScript-based format used by the upstream polkit + project and by other Linux distributions. + </para> + <para> + System administrators can override the default security policy by + installing local policy overrides into + <filename>/etc/polkit-1/rules.d/*.rules</filename>, + which can either make the policy more restrictive or more + permissive. + Some sample policy rules can be found in the + <filename>/usr/share/doc/polkitd/examples</filename> directory. + Please see the <ulink + url="&url-man;/&releasename;/polkitd/polkit.8.html#AUTHORIZATION_RULES">polkit(8) + manual page</ulink> for more details. + </para> + <para> + Older Debian releases used the "local authority" rules format from + upstream version 0.105, consisting of <literal>.pkla</literal> + files with a <literal>.desktop</literal>-like syntax, + installed into subdirectories of + <filename>/etc/polkit-1/localauthority</filename> + or <filename>/var/lib/polkit-1/localauthority</filename>. + The <systemitem role="package">polkitd-pkla</systemitem> package + provides compatibility with these files, and will usually be + installed during upgrades. + If it is installed, then <literal>.pkla</literal> files will be + processed at a higher priority than most <literal>.rules</literal> + files. + If the <systemitem role="package">polkitd-pkla</systemitem> + package is removed, <literal>.pkla</literal> files will no longer + be used. + </para> + <para> + The <literal>.pkla</literal> files should be considered deprecated, + and <systemitem role="package">polkitd-pkla</systemitem> is likely + to be removed in a future Debian release. + Please migrate any local policy overrides to the JavaScript format + after upgrading. + </para> + </section> + <section id="puppetserver"> <!-- bullseye to bookworm --> <title>Puppet configuration management system upgraded to 7</title>
--- End Message ---
--- Begin Message ---
- To: Simon McVittie <smcv@debian.org>, 1033511-done@bugs.debian.org
- Subject: Re: Bug#1033511: release-notes: mention the switch from old polkit .pkla files to JavaScript .rules
- From: Paul Gevers <elbrus@debian.org>
- Date: Tue, 30 May 2023 21:25:29 +0200
- Message-id: <e8ea6cb5-ed75-31d0-a746-ec9c2a550f1c@debian.org>
- In-reply-to: <ZCBNHNGQOYdDwXDA@tautology.pseudorandom.co.uk>
- References: <ZCBNHNGQOYdDwXDA@tautology.pseudorandom.co.uk>
Hi, On 26-03-2023 15:48, Simon McVittie wrote:I think the transition mentioned in /usr/share/doc/polkitd/NEWS.Debian.gz deserves to be included in the bookworm release notes.I have just hit the merge button on Salsa for https://salsa.debian.org/ddp-team/release-notes/-/merge_requests/170Thanks for your attention. PaulAttachment: OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---