Commit Graph

13 Commits

Author SHA1 Message Date
Mario Limonciello
df430376fc policy: fix compilation on a variety of configurations
* Meson >=0.41.0, (unreleased) polkit 0.114+ don't use data_dirs argument
* Meson >=0.41.0, older polkit, use local ITS rules with data_dirs argument
* Meson <0.41.0, any polkit, use custom policy building rules

Later on when meson 0.41.0+ and polkit 0.114+ is in many stable distros
this commit can be reverted and dependencies updated.

Fixes: #107
2017-07-10 16:30:24 -05:00
Richard Hughes
ed34991bd8 Do not unlock devices when doing VerifyUpdate
We used to do this dance to avoid reading the Option ROM on hardware by default
(some faulty hardware would crash...) but now we're doing the verify update in
the daemon there's no need to split this into two steps.

Fixes: https://github.com/hughsie/fwupd/issues/149
2017-06-22 10:37:10 +01:00
Richard Hughes
1fdb335025 Remove the automake build system 2017-04-13 18:42:08 +01:00
Richard Hughes
57746cb839 Add the Meson build system as an alternate to autotools
Automake and autoconf are impossible to fully understand and Meson now provides
everything we need for a much smaller, faster, and more understandable build.

See http://mesonbuild.com/ for more information.
2017-04-12 16:35:18 +01:00
Richard Hughes
c232db23df Port away from intltool 2017-04-12 14:31:18 +01:00
Richard Hughes
29c220db9f Add VerifyUpdate to update the device checksums server-side 2016-12-15 17:09:37 +00:00
Richard Hughes
0f5867e850 trivial: Use a suitable icon when doing polkit authentications 2016-12-15 12:55:21 +00:00
Richard Hughes
9a410ce459 Add an unlock method for devices
This is based on an idea from Mario Limonciello which can be used to enable a
PCI OptionROM read, or possibly enable ESRT functionality.
2016-03-02 10:17:02 +00:00
Richard Hughes
63bbbf544f Only allow signed firmware to be upgraded without a password
This does not affect UEFI capsule updates as the signing is checked by the
machine itself. We don't know anything about the trust level at all because
NIST SP800-147 pretty much says we're not allowed to.

For BIOS or ColorHug updates however we really do need to request authentication
before downgrading or installing non-signed code.

At the moment only the Hughski Limited key is trusted for firmware, although I
hope in the future we can also include Red Hat, Microsoft, Intel, AMD and other
hardware vendors in that list too.

Fixes: https://github.com/hughsie/fwupd/issues/5
2015-04-14 16:19:39 +01:00
Richard Hughes
8ded6ca0f1 trivial: Mark some more strings as translatable
Also fix up some translator comments.
2015-03-16 12:51:43 +00:00
Richard Hughes
d08dca72f6 Allow any admin users to install system firmware without a password
From a security point of view, this is no more scary than allowing admin users
to install a new kernel or glibc package.
2015-03-11 19:55:47 +00:00
Richard Hughes
a8e8394b70 Do not require the root password to update removable devices 2015-03-09 22:43:25 +00:00
Richard Hughes
8dbfb1c478 Add initial build files and enough code to launch a simple D-Bus daemon 2015-02-26 18:16:40 +00:00