Gaming Linux® From Scratch - Version a299

Chapter 3. Shared Dependencies

Polkit-125

Introduction to Polkit

Polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to communicate with privileged processes.

[Note]

Note

Development versions of GLFS may not build or run some packages properly if LFS or dependencies have been updated since the most recent stable versions of the books.

Package Information

Polkit Dependencies

Required

duktape-2.7.0 and GLib-2.82.0

Recommended

Linux-PAM-1.6.1 and elogind-255.5

[Note]

Note

Since elogind uses PAM to register user sessions, it is a good idea to build Polkit with PAM support so elogind can track Polkit sessions.

Optional Runtime Dependencies

One polkit authentication agent for using polkit in the graphical environment; this will greatly depend on what desktop you are running...

Installation of Polkit

There should be a dedicated user and group to take control of the polkitd daemon after it is started. Issue the following commands as the root user: 

groupadd -fg 27 polkitd &&
useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \
        -g polkitd -s /bin/false polkitd

First fix a build problem for sysV based systems: 

sed -i '/systemd_sysusers_dir/s/^/#/' meson.build

Install Polkit by running the following commands: 

mkdir build &&
cd    build &&

meson setup ..                    \
      --prefix=/usr               \
      --buildtype=release         \
      -D man=false                \
      -D session_tracking=elogind \
      -D introspection=false      \
      -D tests=false

Build the package: 

ninja

Now, as the root user: 

ninja install

Command Explanations

--buildtype=release: Specify a buildtype suitable for stable releases of the package, as the default may produce unoptimized binaries.

-D os_type=lfs: Use this switch if you did not create the /etc/lfs-release file or distribution auto detection will fail and you will be unable to use Polkit.

-D authfw=shadow: This switch enables the package to use the Shadow rather than the Linux PAM Authentication framework. Use it if you have not installed Linux PAM.

-D introspection=false: This option disables GObject Introspection support as it was not enabled in GLib-2.82.0.

-D man=false: This option disables generating and installing manual pages.

Contents

Installed Programs: pkaction, pkcheck, pkexec, pkttyagent, and polkitd
Installed Libraries: libpolkit-agent-1.so and libpolkit-gobject-1.so
Installed Directories: /etc/polkit-1, /usr/include/polkit-1, /usr/lib/polkit-1, /usr/share/gtk-doc/html/polkit-1, and /usr/share/polkit-1

Short Descriptions

pkaction

is used to obtain information about registered PolicyKit actions

pkcheck

is used to check whether a process is authorized for action

pkexec

allows an authorized user to execute a command as another user

pkttyagent

is used to start a textual authentication agent for the subject

polkitd

provides the org.freedesktop.PolicyKit1 D-Bus service on the system message bus

libpolkit-agent-1.so

contains the Polkit authentication agent API functions

libpolkit-gobject-1.so

contains the Polkit authorization API functions