Hi all,
I have some policykit-1 updates for review.
https://git.devuan.org/LeePen/policykit-1/commits/suites/ascii-security
This is a backport of 0.105-25+devuan1 (currently in beowulf/ceres) for
ascii. The only requirement for the backport was to reduce debhelper compat to
10. This makes the latest security fixes available in ascii, notably CVE-2019-6133.
https://git.devuan.org/LeePen/policykit-1/commits/suites/unstable-proposed
0.105-25+devuan2 that I propose for ceres. I have
* Removed the ascii transitional packages that are no longer required.
* Configured dh_shlibdeps to generate direct depends on the relevant
backend. This is simpler and allows refinement of the dependency handling.
* gir1.2-polkit-1.0 Provides: gir1.2-polkitagent-1.0 as required by lintian.
* Recommend polkit-1-auth-agent to work around broken pkttyagent.
This last item maybe requires some clarification. The default auth agent,
pkttyagent, is difficult to use, requiring two terminals or a slightly obscure
command-line invocation. See
https://github.com/NixOS/nixpkgs/issues/18012 and
https://gitlab.freedesktop.org/polkit/polkit/issues/17. We have had a number of
people bump into this same issue on Devuan. It can be avoided by installing a
graphical auth agent (usually policykit-1-gnome). If we recommend the virtual
package polkit-1-auth-agent, this will pull in the necessary package on most
installations without creating a hard and unnecessary dependency.
If anybody can think of an alternative or better work around for this I would
be grateful to hear.
Cheers!
Mark