aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-extended/polkit
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-extended/polkit')
-rw-r--r--meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules24
-rw-r--r--meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb17
-rw-r--r--meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch38
-rw-r--r--meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch63
-rw-r--r--meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch250
-rw-r--r--meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch35
-rw-r--r--meta-oe/recipes-extended/polkit/polkit_0.119.bb58
-rw-r--r--meta-oe/recipes-extended/polkit/polkit_124.bb59
8 files changed, 100 insertions, 444 deletions
diff --git a/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules b/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules
new file mode 100644
index 0000000000..2ffa4087a8
--- /dev/null
+++ b/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules
@@ -0,0 +1,24 @@
+polkit.addRule(function(action, subject) {
+ var YES = polkit.Result.YES;
+ var permission = {
+ // required for udisks1:
+ "org.freedesktop.udisks.filesystem-mount": YES,
+ "org.freedesktop.udisks.luks-unlock": YES,
+ "org.freedesktop.udisks.drive-eject": YES,
+ "org.freedesktop.udisks.drive-detach": YES,
+ // required for udisks2:
+ "org.freedesktop.udisks2.filesystem-mount": YES,
+ "org.freedesktop.udisks2.encrypted-unlock": YES,
+ "org.freedesktop.udisks2.eject-media": YES,
+ "org.freedesktop.udisks2.power-off-drive": YES,
+ // required for udisks2 if using udiskie from another seat (e.g. systemd):
+ "org.freedesktop.udisks2.filesystem-mount-other-seat": YES,
+ "org.freedesktop.udisks2.filesystem-unmount-others": YES,
+ "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES,
+ "org.freedesktop.udisks2.eject-media-other-seat": YES,
+ "org.freedesktop.udisks2.power-off-drive-other-seat": YES
+ };
+ if (subject.isInGroup("plugdev")) {
+ return permission[action.id];
+ }
+});
diff --git a/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb
new file mode 100644
index 0000000000..db2ed015b4
--- /dev/null
+++ b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb
@@ -0,0 +1,17 @@
+DESCRIPTION = "Polkit rule to allow non-priviledged users mount/umount block devices via udisks2"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+
+require polkit-group-rule.inc
+
+# The file originates from https://github.com/coldfix/udiskie/wiki/Permissions
+SRC_URI = "file://50-org.freedesktop.udiskie.rules"
+
+RDEPENDS:${PN} += "udisks2"
+
+do_install() {
+ install -m 0755 ${WORKDIR}/50-org.freedesktop.udiskie.rules ${D}${sysconfdir}/polkit-1/rules.d
+}
+
+USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM:${PN} = "--system plugdev"
diff --git a/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch b/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch
deleted file mode 100644
index 5b3660da2f..0000000000
--- a/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 4ce27b66bb07b72cb96d3d43a75108a5a6e7e156 Mon Sep 17 00:00:00 2001
-From: Xi Ruoyao <xry111@mengyan1223.wang>
-Date: Tue, 10 Aug 2021 19:09:42 +0800
-Subject: [PATCH] jsauthority: port to mozjs-91
-
-Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/92]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
----
- configure.ac | 2 +-
- meson.build | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index d807086..5a7fc11 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -80,7 +80,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0])
- AC_SUBST(GLIB_CFLAGS)
- AC_SUBST(GLIB_LIBS)
-
--PKG_CHECK_MODULES(LIBJS, [mozjs-78])
-+PKG_CHECK_MODULES(LIBJS, [mozjs-91])
-
- AC_SUBST(LIBJS_CFLAGS)
- AC_SUBST(LIBJS_CXXFLAGS)
-diff --git a/meson.build b/meson.build
-index b3702be..733bbff 100644
---- a/meson.build
-+++ b/meson.build
-@@ -126,7 +126,7 @@ expat_dep = dependency('expat')
- assert(cc.has_header('expat.h', dependencies: expat_dep), 'Can\'t find expat.h. Please install expat.')
- assert(cc.has_function('XML_ParserCreate', dependencies: expat_dep), 'Can\'t find expat library. Please install expat.')
-
--mozjs_dep = dependency('mozjs-78')
-+mozjs_dep = dependency('mozjs-91')
-
- dbus_dep = dependency('dbus-1')
- dbus_confdir = dbus_dep.get_pkgconfig_variable('datadir', define_variable: ['datadir', pk_prefix / pk_datadir]) #changed from sysconfdir with respect to commit#8eada3836465838
diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch b/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch
deleted file mode 100644
index 9e9755e44f..0000000000
--- a/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 7799441b9aa55324160deefbc65f9d918b8c94c1 Mon Sep 17 00:00:00 2001
-From: Xi Ruoyao <xry111@mengyan1223.wang>
-Date: Tue, 10 Aug 2021 18:52:56 +0800
-Subject: [PATCH] jsauthority: ensure to call JS_Init() and JS_ShutDown()
- exactly once
-
-Before this commit, we were calling JS_Init() in
-polkit_backend_js_authority_class_init and never called JS_ShutDown.
-This is actually a misusage of SpiderMonkey API. Quote from a comment
-in js/Initialization.h (both mozjs-78 and mozjs-91):
-
- It is currently not possible to initialize SpiderMonkey multiple
- times (that is, calling JS_Init/JSAPI methods/JS_ShutDown in that
- order, then doing so again).
-
-This misusage does not cause severe issues with mozjs-78. However, when
-we eventually port jsauthority to use mozjs-91, bad thing will happen:
-see the test failure mentioned in #150.
-
-This commit is tested with both mozjs-78 and mozjs-91, all tests pass
-with it.
-
-Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/91]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
----
- src/polkitbackend/polkitbackendjsauthority.cpp | 10 +++++++---
- 1 file changed, 7 insertions(+), 3 deletions(-)
-
-diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
-index 41d8d5c..38dc001 100644
---- a/src/polkitbackend/polkitbackendjsauthority.cpp
-+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
-@@ -75,6 +75,13 @@
-
- /* ---------------------------------------------------------------------------------------------------- */
-
-+static class JsInitHelperType
-+{
-+public:
-+ JsInitHelperType() { JS_Init(); }
-+ ~JsInitHelperType() { JS_ShutDown(); }
-+} JsInitHelper;
-+
- struct _PolkitBackendJsAuthorityPrivate
- {
- gchar **rules_dirs;
-@@ -589,7 +596,6 @@ polkit_backend_js_authority_finalize (GObject *object)
- delete authority->priv->js_polkit;
-
- JS_DestroyContext (authority->priv->cx);
-- /* JS_ShutDown (); */
-
- G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->finalize (object);
- }
-@@ -665,8 +671,6 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass)
-
-
- g_type_class_add_private (klass, sizeof (PolkitBackendJsAuthorityPrivate));
--
-- JS_Init ();
- }
-
- /* ---------------------------------------------------------------------------------------------------- */
diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch b/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch
deleted file mode 100644
index 1a268f2d0d..0000000000
--- a/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch
+++ /dev/null
@@ -1,250 +0,0 @@
-From 0c1debb380fee7f5b2bc62406e45856dc9c9e1a1 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Wed, 22 May 2019 13:18:55 -0700
-Subject: [PATCH] make netgroup support optional
-
-On at least Linux/musl and Linux/uclibc, netgroup
-support is not available. PolKit fails to compile on these systems
-for that reason.
-
-This change makes netgroup support conditional on the presence of the
-setnetgrent(3) function which is required for the support to work. If
-that function is not available on the system, an error will be returned
-to the administrator if unix-netgroup: is specified in configuration.
-
-Fixes bug 50145.
-
-Closes polkit/polkit#14.
-Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com>
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
----
- configure.ac | 2 +-
- src/polkit/polkitidentity.c | 16 ++++++++++++++++
- src/polkit/polkitunixnetgroup.c | 3 +++
- .../polkitbackendinteractiveauthority.c | 14 ++++++++------
- src/polkitbackend/polkitbackendjsauthority.cpp | 3 +++
- test/polkit/polkitidentitytest.c | 9 ++++++++-
- test/polkit/polkitunixnetgrouptest.c | 3 +++
- .../test-polkitbackendjsauthority.c | 2 ++
- 8 files changed, 44 insertions(+), 8 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index b625743..d807086 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"],
- [AC_MSG_ERROR([Can't find expat library. Please install expat.])])
- AC_SUBST(EXPAT_LIBS)
-
--AC_CHECK_FUNCS(clearenv fdatasync)
-+AC_CHECK_FUNCS(clearenv fdatasync setnetgrent)
-
- if test "x$GCC" = "xyes"; then
- LDFLAGS="-Wl,--as-needed $LDFLAGS"
-diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c
-index 3aa1f7f..10e9c17 100644
---- a/src/polkit/polkitidentity.c
-+++ b/src/polkit/polkitidentity.c
-@@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str,
- }
- else if (g_str_has_prefix (str, "unix-netgroup:"))
- {
-+#ifndef HAVE_SETNETGRENT
-+ g_set_error (error,
-+ POLKIT_ERROR,
-+ POLKIT_ERROR_FAILED,
-+ "Netgroups are not available on this machine ('%s')",
-+ str);
-+#else
- identity = polkit_unix_netgroup_new (str + sizeof "unix-netgroup:" - 1);
-+#endif
- }
-
- if (identity == NULL && (error != NULL && *error == NULL))
-@@ -344,6 +352,13 @@ polkit_identity_new_for_gvariant (GVariant *variant,
- GVariant *v;
- const char *name;
-
-+#ifndef HAVE_SETNETGRENT
-+ g_set_error (error,
-+ POLKIT_ERROR,
-+ POLKIT_ERROR_FAILED,
-+ "Netgroups are not available on this machine");
-+ goto out;
-+#else
- v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error);
- if (v == NULL)
- {
-@@ -353,6 +368,7 @@ polkit_identity_new_for_gvariant (GVariant *variant,
- name = g_variant_get_string (v, NULL);
- ret = polkit_unix_netgroup_new (name);
- g_variant_unref (v);
-+#endif
- }
- else
- {
-diff --git a/src/polkit/polkitunixnetgroup.c b/src/polkit/polkitunixnetgroup.c
-index 8a2b369..83f8d4a 100644
---- a/src/polkit/polkitunixnetgroup.c
-+++ b/src/polkit/polkitunixnetgroup.c
-@@ -194,6 +194,9 @@ polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group,
- PolkitIdentity *
- polkit_unix_netgroup_new (const gchar *name)
- {
-+#ifndef HAVE_SETNETGRENT
-+ g_assert_not_reached();
-+#endif
- g_return_val_if_fail (name != NULL, NULL);
- return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_NETGROUP,
- "name", name,
-diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
-index 056d9a8..36c2f3d 100644
---- a/src/polkitbackend/polkitbackendinteractiveauthority.c
-+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
-@@ -2233,25 +2233,26 @@ get_users_in_net_group (PolkitIdentity *group,
- GList *ret;
-
- ret = NULL;
-+#ifdef HAVE_SETNETGRENT
- name = polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (group));
-
--#ifdef HAVE_SETNETGRENT_RETURN
-+# ifdef HAVE_SETNETGRENT_RETURN
- if (setnetgrent (name) == 0)
- {
- g_warning ("Error looking up net group with name %s: %s", name, g_strerror (errno));
- goto out;
- }
--#else
-+# else
- setnetgrent (name);
--#endif
-+# endif /* HAVE_SETNETGRENT_RETURN */
-
- for (;;)
- {
--#if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD)
-+# if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD)
- const char *hostname, *username, *domainname;
--#else
-+# else
- char *hostname, *username, *domainname;
--#endif
-+# endif /* defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) */
- PolkitIdentity *user;
- GError *error = NULL;
-
-@@ -2282,6 +2283,7 @@ get_users_in_net_group (PolkitIdentity *group,
-
- out:
- endnetgrent ();
-+#endif /* HAVE_SETNETGRENT */
- return ret;
- }
-
-diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
-index ca17108..41d8d5c 100644
---- a/src/polkitbackend/polkitbackendjsauthority.cpp
-+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
-@@ -1520,6 +1520,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
-
- JS::CallArgs args = JS::CallArgsFromVp (argc, vp);
-
-+#ifdef HAVE_SETNETGRENT
- JS::RootedString usrstr (authority->priv->cx);
- usrstr = args[0].toString();
- user = JS_EncodeStringToUTF8 (cx, usrstr);
-@@ -1535,6 +1536,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
- is_in_netgroup = true;
- }
-
-+#endif
-+
- ret = true;
-
- args.rval ().setBoolean (is_in_netgroup);
-diff --git a/test/polkit/polkitidentitytest.c b/test/polkit/polkitidentitytest.c
-index e91967b..e829aaa 100644
---- a/test/polkit/polkitidentitytest.c
-+++ b/test/polkit/polkitidentitytest.c
-@@ -19,6 +19,7 @@
- * Author: Nikki VonHollen <vonhollen@google.com>
- */
-
-+#include "config.h"
- #include "glib.h"
- #include <polkit/polkit.h>
- #include <polkit/polkitprivate.h>
-@@ -145,11 +146,15 @@ struct ComparisonTestData comparison_test_data [] = {
- {"unix-group:root", "unix-group:jane", FALSE},
- {"unix-group:jane", "unix-group:jane", TRUE},
-
-+#ifdef HAVE_SETNETGRENT
- {"unix-netgroup:foo", "unix-netgroup:foo", TRUE},
- {"unix-netgroup:foo", "unix-netgroup:bar", FALSE},
-+#endif
-
- {"unix-user:root", "unix-group:root", FALSE},
-+#ifdef HAVE_SETNETGRENT
- {"unix-user:jane", "unix-netgroup:foo", FALSE},
-+#endif
-
- {NULL},
- };
-@@ -181,11 +186,13 @@ main (int argc, char *argv[])
- g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string);
- g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string);
-
-+#ifdef HAVE_SETNETGRENT
- g_test_add_data_func ("/PolkitIdentity/netgroup_string", "unix-netgroup:foo", test_string);
-+ g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant);
-+#endif
-
- g_test_add_data_func ("/PolkitIdentity/user_gvariant", "unix-user:root", test_gvariant);
- g_test_add_data_func ("/PolkitIdentity/group_gvariant", "unix-group:root", test_gvariant);
-- g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant);
-
- add_comparison_tests ();
-
-diff --git a/test/polkit/polkitunixnetgrouptest.c b/test/polkit/polkitunixnetgrouptest.c
-index 3701ba1..e3352eb 100644
---- a/test/polkit/polkitunixnetgrouptest.c
-+++ b/test/polkit/polkitunixnetgrouptest.c
-@@ -19,6 +19,7 @@
- * Author: Nikki VonHollen <vonhollen@google.com>
- */
-
-+#include "config.h"
- #include "glib.h"
- #include <polkit/polkit.h>
- #include <string.h>
-@@ -69,7 +70,9 @@ int
- main (int argc, char *argv[])
- {
- g_test_init (&argc, &argv, NULL);
-+#ifdef HAVE_SETNETGRENT
- g_test_add_func ("/PolkitUnixNetgroup/new", test_new);
- g_test_add_func ("/PolkitUnixNetgroup/set_name", test_set_name);
-+#endif
- return g_test_run ();
- }
-diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
-index f97e0e0..fc52149 100644
---- a/test/polkitbackend/test-polkitbackendjsauthority.c
-+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
-@@ -137,12 +137,14 @@ test_get_admin_identities (void)
- "unix-group:users"
- }
- },
-+#ifdef HAVE_SETNETGRENT
- {
- "net.company.action3",
- {
- "unix-netgroup:foo"
- }
- },
-+#endif
- };
- guint n;
-
diff --git a/meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch b/meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch
deleted file mode 100644
index c491abf4ac..0000000000
--- a/meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-polkit: No system-auth in OE-Core, we can use common-* in place of it.
-
-Upstream-Status:Inappropriate [configuration]
-
-Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
-
-Upstream-Status: Inappropriate [oe specific]
-Rebase to 0.115
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- configure.ac | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 36df239..8b3e1b1 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -471,10 +471,10 @@ elif test x$with_os_type = xfreebsd -o x$with_os_type = xnetbsd; then
- PAM_FILE_INCLUDE_PASSWORD=system
- PAM_FILE_INCLUDE_SESSION=system
- else
-- PAM_FILE_INCLUDE_AUTH=system-auth
-- PAM_FILE_INCLUDE_ACCOUNT=system-auth
-- PAM_FILE_INCLUDE_PASSWORD=system-auth
-- PAM_FILE_INCLUDE_SESSION=system-auth
-+ PAM_FILE_INCLUDE_AUTH=common-auth
-+ PAM_FILE_INCLUDE_ACCOUNT=common-account
-+ PAM_FILE_INCLUDE_PASSWORD=common-password
-+ PAM_FILE_INCLUDE_SESSION=common-session
- fi
-
- AC_SUBST(PAM_FILE_INCLUDE_AUTH)
---
-2.7.4
-
diff --git a/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-oe/recipes-extended/polkit/polkit_0.119.bb
deleted file mode 100644
index d76361732a..0000000000
--- a/meta-oe/recipes-extended/polkit/polkit_0.119.bb
+++ /dev/null
@@ -1,58 +0,0 @@
-SUMMARY = "PolicyKit Authorization Framework"
-DESCRIPTION = "The polkit package is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes."
-HOMEPAGE = "http://www.freedesktop.org/wiki/Software/polkit"
-LICENSE = "LGPLv2+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb \
- file://src/polkit/polkit.h;beginline=1;endline=20;md5=0a8630b0133176d0504c87a0ded39db4"
-
-DEPENDS = "expat glib-2.0 intltool-native mozjs-91"
-
-inherit autotools gtk-doc pkgconfig useradd systemd gobject-introspection features_check
-
-REQUIRED_DISTRO_FEATURES = "polkit"
-
-PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', \
- bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d), d)} \
- "
-
-PACKAGECONFIG[pam] = "--with-authfw=pam,--with-authfw=shadow,libpam,libpam"
-PACKAGECONFIG[systemd] = "--enable-libsystemd-login=yes --with-systemdsystemunitdir=${systemd_unitdir}/system/,--enable-libsystemd-login=no --with-systemdsystemunitdir=,systemd"
-# there is no --enable/--disable option for consolekit and it's not picked by shlibs, so add it to RDEPENDS
-PACKAGECONFIG[consolekit] = ",,,consolekit"
-
-PAM_SRC_URI = "file://polkit-1_pam.patch"
-SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \
- ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
- file://0003-make-netgroup-support-optional.patch \
- file://0002-jsauthority-port-to-mozjs-91.patch \
- file://0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch \
- "
-SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c"
-
-EXTRA_OECONF = "--with-os-type=moblin \
- --disable-man-pages \
- --disable-libelogind \
- "
-
-do_compile:prepend () {
- export GIR_EXTRA_LIBS_PATH="${B}/src/polkit/.libs"
-}
-
-PACKAGES =+ "${PN}-examples"
-
-FILES:${PN}:append = " \
- ${libdir}/${BPN}-1 \
- ${nonarch_libdir}/${BPN}-1 \
- ${datadir}/dbus-1 \
- ${datadir}/${BPN}-1 \
- ${datadir}/gettext \
-"
-
-FILES:${PN}-examples = "${bindir}/*example*"
-
-USERADD_PACKAGES = "${PN}"
-USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 polkitd"
-
-SYSTEMD_SERVICE:${PN} = "${BPN}.service"
-SYSTEMD_AUTO_ENABLE = "disable"
diff --git a/meta-oe/recipes-extended/polkit/polkit_124.bb b/meta-oe/recipes-extended/polkit/polkit_124.bb
new file mode 100644
index 0000000000..9e2eb05c62
--- /dev/null
+++ b/meta-oe/recipes-extended/polkit/polkit_124.bb
@@ -0,0 +1,59 @@
+SUMMARY = "PolicyKit Authorization Framework"
+DESCRIPTION = "The polkit package is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes."
+HOMEPAGE = "http://www.freedesktop.org/wiki/Software/polkit"
+LICENSE = "LGPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb"
+
+SRC_URI = "git://gitlab.freedesktop.org/polkit/polkit.git;protocol=https;branch=master"
+
+S = "${WORKDIR}/git"
+SRCREV = "82f0924dc0eb23b9df68e88dbaf9e07c81940a5a"
+
+DEPENDS = "expat glib-2.0"
+
+inherit meson pkgconfig useradd systemd gettext gobject-introspection features_check
+
+REQUIRED_DISTRO_FEATURES = "polkit"
+
+PACKAGECONFIG = " \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', 'consolekit', d)} \
+ dbus \
+ mozjs \
+"
+PACKAGECONFIG[dbus] = ",,dbus"
+PACKAGECONFIG[gtk-doc] = "-Dgtk_doc=true,-Dgtk_doc=false,gtk-doc-native"
+PACKAGECONFIG[pam] = "-Dauthfw=pam,-Dauthfw=shadow,libpam,libpam"
+PACKAGECONFIG[systemd] = "-Dsession_tracking=libsystemd-login,-Dsession_tracking=ConsoleKit,systemd"
+PACKAGECONFIG[consolekit] = ",,,consolekit"
+
+# Default to mozjs javascript library
+PACKAGECONFIG[mozjs] = "-Djs_engine=mozjs,,mozjs-115,,,duktape"
+# duktape javascript engine is much smaller and faster but is not compatible with
+# same javascript standards as mozjs. For example array.includes() function is not
+# supported. Test rule compatibility when switching to duktape.
+PACKAGECONFIG[duktape] = "-Djs_engine=duktape,,duktape,,,mozjs"
+
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 --shell /bin/nologin polkitd"
+
+SYSTEMD_SERVICE:${PN} = "${BPN}.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
+do_install:append() {
+ #Fix up permissions on polkit rules.d to work with rpm4 constraints
+ chmod 700 ${D}/${datadir}/polkit-1/rules.d
+ chmod 700 ${D}/${sysconfdir}/polkit-1/rules.d
+ chown polkitd:root ${D}/${datadir}/polkit-1/rules.d
+ chown polkitd:root ${D}/${sysconfdir}/polkit-1/rules.d
+}
+
+FILES:${PN} += " \
+ ${libdir}/pam.d/polkit-1 \
+ ${libdir}/sysusers.d \
+ ${libdir}/polkit-1 \
+ ${nonarch_libdir}/pam.d/polkit-1 \
+ ${nonarch_libdir}/sysusers.d \
+ ${nonarch_libdir}/polkit-1 \
+ ${datadir} \
+"