diff options
author | Sebastian Silva <sebastian@somosazucar.org> | 2013-04-21 20:36:21 (GMT) |
---|---|---|
committer | Sebastian Silva <sebastian@somosazucar.org> | 2013-04-21 20:36:21 (GMT) |
commit | ff86cd90183c9b5d2e52e385f6e70f2aea046840 (patch) | |
tree | c9d2275ec3f1ae57ee67b90536791acb41f2ca95 | |
parent | 804c9b6a2ec3823c2309cdfc03a3d56f6c448760 (diff) |
missed files for 0.9
-rw-r--r-- | etc/polkit-1/localauthority/50-local.d/deployment.pkla | 13 | ||||
-rw-r--r-- | etc/sweets.d/etc/PackageKit/PackageKit.conf | 301 |
2 files changed, 314 insertions, 0 deletions
diff --git a/etc/polkit-1/localauthority/50-local.d/deployment.pkla b/etc/polkit-1/localauthority/50-local.d/deployment.pkla new file mode 100644 index 0000000..283e1be --- /dev/null +++ b/etc/polkit-1/localauthority/50-local.d/deployment.pkla @@ -0,0 +1,13 @@ +[AllowSignedUpdates] +Identity=* +Action=org.freedesktop.packagekit.package-install +ResultAny=no +ResultInactive=no +ResultActive=yes + +[AllowNotSignedUpdates] +Identity=* +Action=org.freedesktop.packagekit.package-install-untrusted +ResultAny=no +ResultInactive=no +ResultActive=yes diff --git a/etc/sweets.d/etc/PackageKit/PackageKit.conf b/etc/sweets.d/etc/PackageKit/PackageKit.conf new file mode 100644 index 0000000..f85fa74 --- /dev/null +++ b/etc/sweets.d/etc/PackageKit/PackageKit.conf @@ -0,0 +1,301 @@ +# Only the system administrator should modify this file, ordinary users +# should not have to change anything. + +[Daemon] + +# Should we log transactions to the database. +# +# default=true +TransactionLogging=true + +# Use NetworkManager where available. If disabled, then NM state will be ignored. +# +# default=true +UseNetworkManager=true + +# Use Connman where available. If disabled, then Connman state will be ignored. +# +# default=false +UseNetworkConnman=false + +# If neither NetworkManager nor ConnMan is not available, then use the presence +# of default route to indicate a viable network connection. +# If disabled, and no NM or CM, then the network is assumed to be always online. +# +# default=true +UseNetworkHeuristic=true + +# If we should use the estimated time value. +# This will be inaccurate where backends do not send proportional percentage +# changed signals, or when updates are not frequent enough. +# Estimated time will then only be used when the prediction accuracy is high +# enough and will not be set at the very start or end of a transaction. +# +# default=true +UseRemainingTimeEstimation=false + +# Shut down the daemon after this many seconds idle. 0 means don't shutdown. +# +# default=300 +ShutdownTimeout=300 + +# Unlock the backend after this many seconds idle. +# +# default=5 +BackendShutdownTimeout=5 + +# Set the priority of the spawned backend to this priority. +# This ensures the process does not hog the system when performing actions. +# +# Values range from -20 (most favorable) to 19 (least favorable) +# A niceness value of 0 will not attempt to set any priority. +# +# default=0 +BackendSpawnNiceValue=0 + +# Set the priority of the spawned backend to this priority for low priority tasks. +# This ensures the process does not hog the system when performing actions. +# +# Values range from -20 (most favorable) to 19 (least favorable) +# A niceness value of 0 will not attempt to set any priority. +# +# default=10 +BackendSpawnNiceValueBackground=10 + +# Set the iopriority class of the spawned backend to idle. +# This ensures the process does not hog the disk when performing actions. +# +# default=true +BackendSpawnIdleIO=true + +# Set the iopriority class of the spawned backend to idle for low priority tasks. +# This ensures the process does not hog the disk when performing actions. +# +# default=true +BackendSpawnIdleIOBackground=true + +# Set whether the spawned backends are allowed to be SIGKILLed if they do not +# respond to SIGQUIT. This ensures that Cancel() works as expected, but +# somtimes can corrupt databases if they are open. +# +# Only change this to FALSE if your backend can not be SIGKILLed without +# database corruption. +# +# Even if this is set TRUE, the backend can still enforce this FALSE if it it +# explicitly set in the compiled backend. You can think of this as a fallback +# value that is used when backends do not enforce policy, or as a way to disable +# SIGKILL even for backends that calim to support it. +# +# default=true +BackendSpawnAllowSIGKILL=true + +# Default backends, as chosen in the configure script. This will be used +# where no --backend="foo" option is given to the daemon. +# +# The order they are specified is the order they are tried, so for the +# value "foo,bar" first "foo" will be attempted and then "bar" if the +# libpk_backend_foo.so module load failed. +# +# default=yum +DefaultBackend=presolve + +# Use syslog to audit and log actions where available. +# +# default=false +UseSyslog=false + +# Proxy settings, uncomment as required +# +# NOTE: PackageKit does not use these settings, they are passed to backends. +# Backends may ignore these values. If either of ProxyHTTP or ProxyFTP +# are set then the users proxy settings are ignored. +# +# They are in the format username:password@server:port +# +# ProxyHTTP=username:password@server.lan:8080 +# ProxyFTP=server.lan:21 + +# Scan installed desktop files when we update or install packages +# +# NOTE: Don't enable this for backends that are slow doing SearchFile() +# +# default=true +ScanDesktopFiles=true + +# Update the package list when we refresh the cache +# +# NOTE: Don't enable this for backends that are slow doing GetPackages() +# +# default=true +UpdatePackageList=true + +# Check for running processes when we update packages +# +# NOTE: Don't enable this for backends that are slow doing GetFiles() on +# installed files. +# +# default=true +UpdateCheckProcesses=true + +# Check for shared libraries that are in use, that are replaced by packages +# that are marked as security updates. +# +# NOTE: Don't enable this for backends that are slow doing GetFiles() on +# installed files. +# +# default=true +CheckSharedLibrariesInUse=true + +# Check for updates in testing repositories when we check for updates +# +# NOTE: Don't enable this if you do not want testing updates to be checked +# as this will increase the network bandwidth used. +# +# default=true +CheckTestingRepos=true + +# Use update cache when possible to avoid using the backend +# +# NOTE: Enabling this reduces calls to the backend, although using the +# SetHints(cache-age) parameter will return unpredicable results for +# transactions. +# +# default=false +UseUpdateCache=false + +# Use strict developer checking in the daemon +# +# This should be set to TRUE if the backend should be run in strict compliance +# mode, which is useful when developing a backend. Normal sane users should not +# have to use this mode. +# +# If this is set to FALSE, then the daemon will try to 'fix' any craziness in +# the backend without notifying the end user. +# +# default=false +DeveloperMode=false + +# The time in seconds to wait when we get the StateHasChanged method +# +# This should be used when a native tool has been used, and the update UIs +# should be updated to reflect reality. +# +# default=30 +StateChangedTimeoutPriority=30 + +# The time in seconds to wait after the computer has been resumed or any non +# package related system event +# +# We don't want to be doing an update check at the busy time after a resume +# +# default=600 +StateChangedTimeoutNormal=600 + +# The maximum number of requests a given user is able to request and queue +# +# Setting this lower decreases the risk of a local denial of service, but may +# cause errors if the desktop client is doing many requests to the daemon in a +# short period of time. +# +# default=500 +SimultaneousTransactionsForUid=500 + +# The maximum number of items that can be resolved in one method +# +# Setting this lower decreases the risk of a local denial of service, but may +# cause errors if the desktop client is trying to resolve a large number of +# packages in one method. +# +# default=100 +MaximumItemsToResolve=100 + +# The maximum number of packages that can be processed in one method +# +# Setting this lower decreases the risk of a local denial of service, but may +# cause errors if the desktop client is trying to do a large transaction. +# +# default=2500 +MaximumPackagesToProcess=2500 + +# How long the transaction is valid before it's destroyed, in seconds +# +# The client only has a finite amount of time to use the object, else it is +# destroyed. Setting this longer will allow malicious clients to queue up large +# number of authentication requests, but setting this shorter will reduce the +# amount of time the user has to authenticate. +# +# default=300 +TransactionCreateCommitTimeout=300 + +# How long the transaction should be queriable after it is finished, in seconds +# +# Give the client a few seconds to still query the transaction after it has +# finished by keeping it on the bus. Setting this larger allows clients to query +# the transaction without accessing the database, but increases memory usage. +# +# default=5 +TransactionKeepFinishedTimeout=5 + +# If certain operations should be done using IDLE bandwidth +# +# TCP Low Priority is a congestion control algorithm included in the kernel. +# Connections using this algorithm will use only idle bandwidth. In other words, +# it is a self-tuning TCP stack. Setting this to FALSE will mean that the check +# for updates happens more quickly, at the expense of other network applications +# such as firefox and other file downloaders. +# +# If the user is running the network at 100% for extended periods of time, then +# the update check may be starved and take a very long time to complete. In this +# rare case, this setting should be set to FALSE. +# +# By also setting this setting to TRUE makes the possibility of a environment +# mismatch much higher for a spawned backend. This will make switching from idle +# operations (such as GetUpdates) and full speed operations (such as +# InstallPackages) take longer. If this is a concern, then set this to FALSE. +# +# default=true +UseIdleBandwidth=true + +# Processes that cannot be updated when they are running +# +# Some processes do not cope well when they are upgraded when the binary is +# running. These include things like firefox, where updating causes the original +# instance to misbehave as some components are not locked in memory. +# +# Applications can be added here that do not cope well with being updated. +# +# NOTE: you should not list applications here that the user has no permission +# or cannot shutdown without the session exploding. For instance, listing +# /sbin/dbus-daemon or /usr/sbin/haldaemon would be a really bad idea. +# +# Seporate entries can be seporated with the ';' character. +# +# default=/usr/lib/*/firefox +NoUpdateProcessList=/usr/lib/*/firefox + +# If the backend should use threads to avoid blocking the daemon for other users +# +# The daemon, packagekitd, is shared by multiple users. Users are allowed to +# create and send transactions when other transactions are being processed. +# To do this, the backend action is created in a thread, but some libraries +# notably libdbus and dbus-glib, are less threadsafe then they probably should +# be. +# +# Only developers need to change this value, normally for debugging purposes. +# +# default=true +UseThreadsInBackend=true + +# If a custom root should be used when installing packages +# +# A custom route can be used to install to a LTSP instance or a virtual machine +# image, typically using chroot or by mounting an image using virt-inspector. +# +# Additional authentication is required to change the root from the default. +# +# Most users do not need to change this value, as you need to have setup a +# native package database (e.g. the rpmdb) on the new root. +# +# default=/ +UseRoot=/ + |