docs: use "polkit" to refer to PolicyKit

See d35f51ea84 for justification. First use in each file is turned into a link to the documentation page.
2020-04-18 17:47:51 +02:00 · 2020-04-18 17:47:51 +02:00 · 98ab0daeeb
parent 10d5ce0aa5
commit 98ab0daeeb
8 changed files with 31 additions and 25 deletions
--- a/2
+++ b/2
@ -280,7 +280,7 @@ CHANGES WITH 245:
          such files in version 243.

        * systemd-logind will now validate access to the operation of changing
-          the virtual terminal via a PolicyKit action. By default, only users
+          the virtual terminal via a polkit action. By default, only users
          with at least one session on a local VT are granted permission.

        * When systemd sets up PAM sessions that invoked service processes
--- a/docs/PORTABILITY_AND_STABILITY.md
+++ b/docs/PORTABILITY_AND_STABILITY.md
@ -87,7 +87,7 @@ And now, here's the list of (hopefully) all APIs that we have introduced with sy
 | [Boot Loader interface](https://systemd.io/BOOT_LOADER_INTERFACE) | EFI variables | yes | yes | gummiboot | yes | - | no |
 | [Service bus API](https://www.freedesktop.org/wiki/Software/systemd/dbus) | D-Bus | yes | yes | system-config-services | no | - | no |
 | [logind](https://www.freedesktop.org/wiki/Software/systemd/logind) | D-Bus | yes | yes | GNOME | no | - | no |
-| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/sd-login.html) | C Library | yes | yes | GNOME, PolicyKit, ... | no | - | no |
+| [sd-login.h API](https://www.freedesktop.org/software/systemd/man/sd-login.html) | C Library | yes | yes | GNOME, polkit, ... | no | - | no |
 | [sd-daemon.h API](https://www.freedesktop.org/software/systemd/man/sd-daemon.html) | C Library or Drop-in | yes | yes | numerous | yes | - | yes |
 | [sd-id128.h API](https://www.freedesktop.org/software/systemd/man/sd-id128.html) | C Library | yes | yes | - | yes | - | no |
 | [sd-journal.h API](https://www.freedesktop.org/software/systemd/man/sd-journal.html) | C Library | yes | yes | - | maybe | - | no |
--- a/docs/USERDB_AND_DESKTOPS.md
+++ b/docs/USERDB_AND_DESKTOPS.md
@ -77,7 +77,8 @@ supports is directly available in these JSON records. Hence it makes sense for
 any user management UI to expose them directly.

 `systemd-homed` exposes APIs to add, remove and make changes to local users via
-D-Bus, with full PolicyKit hook-up. On the command line this is exposed via the
+D-Bus, with full [polkit](https://www.freedesktop.org/software/polkit/docs/latest/)
+hook-up. On the command line this is exposed via the
 `homectl` command. A graphical UI that exposes similar functionality would be
 very useful, exposing the various new account settings, and in particular
 providing a stream-lined UI for enrolling new-style authentication tokens such
--- a/man/org.freedesktop.hostname1.xml
+++ b/man/org.freedesktop.hostname1.xml
@ -141,7 +141,8 @@ node /org/freedesktop/hostname1 {

    <para>Whenever the hostname or other metadata is changed via the daemon,
    <function>PropertyChanged</function> signals are sent out to subscribed clients. Changing a hostname
-    using this interface is authenticated via PolicyKit.</para>
+    using this interface is authenticated via
+    <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink>.</para>
  </refsect1>

  <refsect1>
@ -237,7 +238,7 @@ node /org/freedesktop/hostname1 {

      <para><function>GetProductUUID()</function> returns the "product uuid" as exposed by the kernel based
      on DMI information in <filename>/sys/class/dmi/id/product_uuid</filename>. Reading the file directly
-      requires root privileges, and this method allows access to unprivileged clients through the PolicyKit
+      requires root privileges, and this method allows access to unprivileged clients through the polkit
      framework.</para>

      <para><varname>KernelName</varname>, <varname>KernelRelease</varname>, and
@ -256,10 +257,10 @@ node /org/freedesktop/hostname1 {
    <refsect2>
      <title>Security</title>

-      <para>The <varname>interactive</varname> boolean parameters can be used to control whether PolicyKit
+      <para>The <varname>interactive</varname> boolean parameters can be used to control whether polkit
      should interactively ask the user for authentication credentials if required.</para>

-      <para>The PolicyKit action for <function>SetHostname()</function> is
+      <para>The polkit action for <function>SetHostname()</function> is
      <interfacename>org.freedesktop.hostname1.set-hostname</interfacename>. For
      <function>SetStaticHostname()</function> and <function>SetPrettyHostname()</function> it is
      <interfacename>org.freedesktop.hostname1.set-static-hostname</interfacename>. For
--- a/man/org.freedesktop.locale1.xml
+++ b/man/org.freedesktop.locale1.xml
@ -126,7 +126,8 @@ node /org/freedesktop/locale1 {

      <para>Use the empty string for the keymap parameters you wish not to set.</para>

-      <para>The <varname>interactive</varname> boolean parameters can be used to control whether PolicyKit
+      <para>The <varname>interactive</varname> boolean parameters can be used to control whether
+      <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink>
      should interactively ask the user for authentication credentials if required.</para>
    </refsect2>

@ -160,9 +161,9 @@ node /org/freedesktop/locale1 {
    <refsect2>
      <title>Security</title>

-      <para>Changing the system locale or keymap using this interface is authenticated via PolicyKit. The
-      PolicyKit action for <function>SetLocale()</function> is
-      <constant>org.freedesktop.locale1.set-locale</constant>. The PolicyKit action for
+      <para>Changing the system locale or keymap using this interface is authenticated via polkit. The
+      polkit action for <function>SetLocale()</function> is
+      <constant>org.freedesktop.locale1.set-locale</constant>. The polkit action for
      <function>SetX11Keyboard()</function> and <function>SetVConsoleKeyboard()</function> is
      <constant>org.freedesktop.locale1.set-keyboard</constant>.</para>
    </refsect2>
--- a/man/org.freedesktop.login1.xml
+++ b/man/org.freedesktop.login1.xml
@ -499,19 +499,20 @@ node /org/freedesktop/login1 {
      directory of a user is kept around and he may continue to run processes while he is logged out. If
      disabled, the runtime directory goes away as soon as they log out. <function>SetUserLinger()</function>
      expects three arguments: the UID, a boolean whether to enable/disable and a boolean controlling the
-      PolicyKit authorization interactivity (see below). Note that the user linger state is persistently
+      <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink>
+      authorization interactivity (see below). Note that the user linger state is persistently
      stored on disk.</para>

      <para><function>AttachDevice()</function> may be used to assign a specific device to a specific
      seat. The device is identified by its /sys path and must be eligible for seat assignments. <function>AttachDevice()</function> takes three
-      arguments: the seat id, the sysfs path, and a boolean for controlling PolicyKit interactivity (see
+      arguments: the seat id, the sysfs path, and a boolean for controlling polkit interactivity (see
      below). Device assignments are persistently stored on disk. To create a new seat, simply specify a
      previously unused seat id. For more information about the seat assignment logic see
      <ulink url="https://www.freedesktop.org/wiki/Software/systemd/multiseat">Multi-Seat for Linux</ulink>.
      </para>

      <para><function>FlushDevices()</function> removes all explicit seat assignments for devices, resetting
-      all assignments to the automatic defaults. The only argument it takes is the PolicyKit interactivity
+      all assignments to the automatic defaults. The only argument it takes is the polkit interactivity
      boolean (see below).</para>

      <para><function>PowerOff()</function>, <function>Reboot()</function>, <function>Halt()</function>,
@ -521,9 +522,9 @@ node /org/freedesktop/login1 {
      the machine is powered down). <function>HybridSleep()</function> results in the system entering a
      hybrid-sleep mode, i.e. the system is both hibernated and suspended.
      <function>SuspendThenHibernate()</function> results in the system being suspended, then later woken
-      using an RTC timer and hibernated. The only argument is the PolicyKit interactivity boolean
+      using an RTC timer and hibernated. The only argument is the polkit interactivity boolean
      <varname>interactive</varname> (see below). The main purpose of these calls is that they enforce
-      PolicyKit policy and hence allow powering off/rebooting/suspending/hibernating even by unprivileged
+      polkit policy and hence allow powering off/rebooting/suspending/hibernating even by unprivileged
      users. They also enforce inhibition locks. UIs should expose these calls as the primary mechanism to
      poweroff/reboot/suspend/hibernate the machine.</para>

@ -678,7 +679,7 @@ node /org/freedesktop/login1 {
    <refsect2>
      <title>Security</title>

-      <para>A number of operations are protected via the PolicyKit privilege
+      <para>A number of operations are protected via the polkit privilege
      system. <function>SetUserLinger()</function> requires the
      <interfacename>org.freedesktop.login1.set-user-linger</interfacename>
      privilege. <function>AttachDevice()</function> requires
@ -731,7 +732,7 @@ node /org/freedesktop/login1 {
      <interfacename>org.freedesktop.login1.inhibit-handle-lid-switch</interfacename> depending on the lock
      type and mode taken.</para>

-      <para>The <varname>interactive</varname> boolean parameters can be used to control whether PolicyKit
+      <para>The <varname>interactive</varname> boolean parameters can be used to control whether polkit
      should interactively ask the user for authentication credentials if required.</para>
    </refsect2>
  </refsect1>
--- a/man/org.freedesktop.systemd1.xml
+++ b/man/org.freedesktop.systemd1.xml
@ -40,9 +40,10 @@
    <para>Properties exposing time values are usually encoded in microseconds (usec) on the bus, even if
    their corresponding settings in the unit files are in seconds.</para>

-    <para>In contrast to most of the other services of the systemd suite, PID 1 does not use PolicyKit for
-    controlling access to privileged operations, but relies exclusively on the low-level D-Bus policy
-    language. (This is done in order to avoid a cyclic dependency between PolicyKit and systemd/PID 1.) This
+    <para>In contrast to most of the other services of the systemd suite, PID 1 does not use
+    <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink>
+    for controlling access to privileged operations, but relies exclusively on the low-level D-Bus policy
+    language. (This is done in order to avoid a cyclic dependency between polkit and systemd/PID 1.) This
    means that sensitive operations exposed by PID 1 on the bus are generally not available to unprivileged
    processes directly. However, some operations (such as shutdown/reboot/suspend) are made available through the D-Bus
    API of logind, see
@ -1463,7 +1464,7 @@ node /org/freedesktop/systemd1 {
      <title>Security</title>

      <para>Read access is generally granted to all clients. Additionally, for unprivileged clients, some
-      operations are allowed through the PolicyKit privilege system. Operations which modify unit state
+      operations are allowed through the polkit privilege system. Operations which modify unit state
      (<function>StartUnit()</function>, <function>StopUnit()</function>, <function>KillUnit()</function>,
      <function>RestartUnit()</function> and similar, <function>SetProperty</function>) require
      <interfacename>org.freedesktop.systemd1.manage-units</interfacename>. Operations which modify unit file
@ -2127,7 +2128,7 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice {
      allowed for everyone. All operations are allowed for clients with the
      <constant>CAP_SYS_ADMIN</constant> capability or when the
      <interfacename>org.freedesktop.systemd1.manage-units</interfacename> privilege is granted by
-      PolicyKit.</para>
+      polkit.</para>
    </refsect2>
  </refsect1>

--- a/man/org.freedesktop.timedate1.xml
+++ b/man/org.freedesktop.timedate1.xml
@ -165,9 +165,10 @@ node /org/freedesktop/timedate1 {
      <title>Security</title>

      <para>The <varname>interactive</varname> boolean parameters can be used to control whether
-      PolicyKit should interactively ask the user for authentication credentials if required.</para>
+      <ulink url="https://www.freedesktop.org/software/polkit/docs/latest/">polkit</ulink>
+      should interactively ask the user for authentication credentials if required.</para>

-      <para>The PolicyKit action for <function>SetTimezone()</function> is
+      <para>The polkit action for <function>SetTimezone()</function> is
      <interfacename>org.freedesktop.timedate1.set-timezone</interfacename>. For
      <function>SetLocalRTC()</function> it is
      <interfacename>org.freedesktop.timedate1.set-local-rtc</interfacename>, for