Let the sun shine upon all the polkit children

So, it’s about time I wrote a post about how’s my GSoC going, isn’t it? It indeed is!

The title suits current state of things pretty well, as it’s been hot as hell here past few weeks (uh) and sun’s shining as crazy…


Well, let’s get started! Some of you may have noticed I closed some bugs with loads of duplicates after I finally managed to reproduce the “sudden” crash in polkit-qt which seemed to be related to something in the GCancellable usage.

It sure was! Scumbag cancellable was already gone when we tried to use it, resulting in getting a nice segmentation fault when it was used while one polkit request was already being processed.

I’m not giving up with bughunting, especially this leak seems really juicy, I’m sure I’ll find the source soon, I’m just spreading the work over days to not go insane from all that Valgrind.

To the less noticeable parts of the program…

Qt 5 port status

I’m constantly working on making the full Qt5 port work when you have Qt4 installed at the same time. Turns out it’s not as much fun as I thought because maintaining backwards compatibility with Qt4 makes you use some of the newer stuff like quite recent versions of CMake and creates a HORRIBLE mess in your CMakeLists, not mentioning all the ifdefs needed to be sure there’s no dependency on Qt4 when you compile only against Qt5.

That results in reading a lot of documentation and compiling and testing every slight change to see if I didn’t break anything.

Of course, my development environment isn’t really prepared to use all the flashy new stuff out of the box so I was struggling to compile some recent version of Qt5 and KF5. Not a surprise I ended up with compiling master branches of all projects in the end. What baffles me a bit is the fact I succeeded quite soon.

I’ll start my own authentication agent, with blackj… oh wait!

Also, there was some noticeable work done in direction to have an easy way how to create a fully functional polkit agent for one single process which then can handle its own requests without us having to hack our way around focus stealing prevention.

To make use of as much of existing code as possible, I split the polkit-kde-agent-1 package into a dynamically linked library (libpolkit-kde-1) which is currently being used by the global KDE agent only. The library is providing a really simplistic API, giving the user opportunity only to make the agent listen and to set different parent windows for different actions.

If you’re interested in how it looks right now, I pushed current status in the process_agent branch of my repository clone. Please note it’s still about to change. When I’m satisfied with the state and Dario approves, I’ll start pushing stable commits into a new branch in the main repository.

I’m planning to demonstrate usage of this feature in KAuth. However, I’m afraid it won’t be possible to push the change any time soon as there’s a lot of work pending, which could collide with how the things work now and I’d like to not break anything what has already been released.

By that, I’m implying I’m planning to create all the separate goals of my GSoC project as separate branches in my clone and start merging them after a thorough peer review somewhere around the end of the summer which for now leaves the testing to you (apart from me, of course), dear enthusiasts! I’d love to see you come to our channel #polkit-kde@freenode to give us (me particularly) your opinions about how it’s all standing and what should I do better!

What comes next?

As I’m already bugging around KAuth, I think rewriting the policy generator is imminent, from what I know there shouldn’t be much of a change, yet as I’ll be at it, I’ll think about adding some new features (especially if you suggest some!) to it.

After that, all while still working on the Qt5 port, there’s KAuth integration, of course! And in the meantime, I’ll have to contact some usability experts in regards of what to do next with the password dialogs. In the first place, there was an idea to implement the dialog via KRunner, but as it seems right now, its design doesn’t allow such a change.

Anyway, clearly, polkit’s concept is to show the user the dialog as a part of the DE UI, not the application’s, (not surprisingly) as GNOME does.  I have some ideas in my head currently, ranging from (yes, I really LOVE it) modifying KRunner to support this kind of input, abusing Plasma notifications or just sticking the dialog in the middle of the display… Actually, every of these three gives me a better impression than working around focus stealing protection.

So, that’s it with what I wanted to say. Sorry for the lack of images, I’ll try to make some more weird mock actions until next time.

Solid Sprint Aftermath and GSoC

Brno KDE Solid Sprint

It’s quite a bit of time since the KDE Solid Sprint that took place here in the Brno Red Hat office but I’ll try to cover for it with this post.

First, I have to say, it was a great opportunity to sit down and work with some of the big names from the KDE world, and of course to have a beer with them. 🙂

I will summarize what has happened in relation to my future work and then to move on to the future plans.I’ll try to sum up the important stuff that involved me in a few short paragraphs:


Dario and I have settled on some basic goals we need to achieve in polkit-qt and polkit-kde-agent-1.
He thought this could be pretty much doable as a GSOC project this year (since I’m still a student and will be, for a few next years), so after tinkering a bit, I finally applied a few days before the deadline.

Basically, you can read everything planned in my project page that should be publicly accessible. In conclusion, there are plans based on what I wrote in my previous post broadened to some extent with what has been planned and worked on up to date. My proposal is also publicly accessible here. If you don’t want to open the links and read the lengthy description, I’ll cover everything later in the post.

The idea was, all these things were supposed to be done one way or another, if time allows, either in GSoC or over time in the future (of course slower and a bit less “contained”).


In other news, I’ve started to tinker with the KRandr code in past few days, to realize I’ll need to somehow determine how to find out which user has which settings to allow us to do the following awesome things:

  • have an other libkrand frontend because, in my opinion, all the goodness should be available for other DEs too
  • despite my low activity with regards to SDDM in past few… uhm, well, months (I’m deeply sorry for this, I’ve been moving to a new flat and with all my laziness this resulted in a procedure taking weeks, eating all my free time), I’d be thrilled to have the functionality when the DM starts to avoid problems related to having a different screen setup in the DM and the DE.


This wasn’t entirely related to the Sprint but it has at least something to do with the previous paragraph.

Also, to the SDDM activity, I continued working on the XDMCP protocol support in the Daemon which required me to fix the local repository first, because I managed to “magically” break it on one of my bus journeys.

I have a working skeleton of XDMCP-enabled daemon which, unfortunately, can’t open remote displays, due to issues with X authorization. Seems I’m misusing the xauth tool somehow, or the infrastructure prepared by aavci. When I finally find out what I’ve done wrong, we should have a working XDMCP server supporting MIT-MAGIC-COOKIE-1 authentication.

Writing this has been quite a rewarding experience, I learned a lot about the X server stack and stuff it’s based on. Not that this knowledge will be useful in the future but I learning about the technology gives a very interesting insight.

I have borrowed a Plugable device which works great with the systemd automatic multi-seat quite a while ago to provide and test the functionality in KDE/KDM. It’s still standing on my desk so when there’s time, I’m going to use it for testing of the implementation of multi-seat in SDDM. Of course, I will have to write it first, but with the facilities and overall structure of the DM, it’ll be done fast when I finally manage to get to it.

All in all, I see the project as slowly becoming a good alternative to KDM in the new world of Plasma Workspaces 2, even with the lower activity the project experiences now. Some features are still missing, yes, but I’m sure we can make it the best DM out there.


Well, on Monday last week, I read the great news, my proposal has been accepted!

I’m planning to do the following things:

  • Introduce a “single purpose agent” to let the application that asks for permissions to act as its own agent, improving current situation with window focus
  • Port the policy generator to polkit-1 as the current one can generate only legacy PolicyKit policies.
  • Finish the Qt5 port
  • It would be great to have the password dialog integrated to KRunner. This would mean to change its functionality though so it will require a bigger discussion on level of the whole workspace.
  • KWallet integration to finally make remembering the authorizations possible
  • Debug, debug, debug and fix everything I stumble upon, mainly leaks.

So far I’m basically just reading documentation for the stuff I didn’t work with in the past, mainly stuff in the Plasma Workspace itself and KAuth and thinking about the consequences my work will have on other parts of the project.

The coding phase starts in about two weeks, so in near future you can expect first commits incoming into the repository!

Thank you all for your support!