Gaming Linux® From Scratch - Version #154e

Chapter 3. Shared Dependencies

Polkit-125

Introduction to Polkit

Polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to communicate with privileged processes.

Package Information

Polkit Dependencies

Required

duktape-2.7.0 and GLib-2.82.2

Recommended

Linux-PAM-1.7.0 and elogind-255.5

[Note]

Note

Since elogind uses PAM to register user sessions, it is a good idea to build Polkit with PAM support so elogind can track Polkit sessions.

Optional Runtime Dependencies

One polkit authentication agent for using polkit in the graphical environment; this will greatly depend on what desktop you are running...

Installation of Polkit

There should be a dedicated user and group to take control of the polkitd daemon after it is started. Issue the following commands as the root user: 

groupadd -fg 27 polkitd &&
useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \
        -g polkitd -s /bin/false polkitd

Install Polkit by running the following commands: 

mkdir build &&
cd    build &&

meson setup ..                     \
      --prefix=/usr                \
      --buildtype=release          \
      -D os_type=lfs               \
      -D man=false                 \
      -D session_tracking=elogind  \
      -D systemdsystemunitdir=/tmp \
      -D tests=false &&

ninja

Now, as the root user: 

ninja install

Remove some files that aren't useful on a SysV system as the root user: 

rm -v /tmp/*.service &&
rm -rf /usr/lib/{sysusers,tmpfiles}.d

Command Explanations

--buildtype=release: Specify a buildtype suitable for stable releases of the package, as the default may produce unoptimized binaries.

-D os_type=lfs: This switch ensures that even if distribution auto detection fails, the distribution/OS type will be hardcoded in Polkit.

-D authfw=shadow: This switch enables the package to use the Shadow rather than the Linux PAM Authentication framework. Use it if you have not installed Linux PAM.

-D introspection=false: This option disables GObject Introspection support if you are sure you don't need it.

-D man=false: This option disables generating and installing manual pages.

Contents

Installed Programs: pkaction, pkcheck, pkexec, pkttyagent, and polkitd
Installed Libraries: libpolkit-agent-1.so and libpolkit-gobject-1.so
Installed Directories: /etc/polkit-1, /usr/include/polkit-1, /usr/lib/polkit-1, /usr/share/gtk-doc/html/polkit-1, and /usr/share/polkit-1

Short Descriptions

pkaction

is used to obtain information about registered PolicyKit actions

pkcheck

is used to check whether a process is authorized for action

pkexec

allows an authorized user to execute a command as another user

pkttyagent

is used to start a textual authentication agent for the subject

polkitd

provides the org.freedesktop.PolicyKit1 D-Bus service on the system message bus

libpolkit-agent-1.so

contains the Polkit authentication agent API functions

libpolkit-gobject-1.so

contains the Polkit authorization API functions