diff --git a/0001-dhcp-server-add-two-missing-OOM-checks.patch b/0001-dhcp-server-add-two-missing-OOM-checks.patch new file mode 100644 index 0000000..3a49308 --- /dev/null +++ b/0001-dhcp-server-add-two-missing-OOM-checks.patch @@ -0,0 +1,38 @@ +From 0c65886b122a26636ad049cf12b560865ffc62a6 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 9 Feb 2017 10:16:52 +0100 +Subject: [PATCH] dhcp-server: add two missing OOM checks + +(cherry picked from commit 357e1b17b901b48714fa5301c745ae5389661798) +--- + src/libsystemd-network/sd-dhcp-server.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/libsystemd-network/sd-dhcp-server.c b/src/libsystemd-network/sd-dhcp-server.c +index 2890681..315cbf1 100644 +--- a/src/libsystemd-network/sd-dhcp-server.c ++++ b/src/libsystemd-network/sd-dhcp-server.c +@@ -197,7 +197,11 @@ int sd_dhcp_server_new(sd_dhcp_server **ret, int ifindex) { + server->address = htobe32(INADDR_ANY); + server->netmask = htobe32(INADDR_ANY); + server->ifindex = ifindex; ++ + server->leases_by_client_id = hashmap_new(&client_id_hash_ops); ++ if (!server->leases_by_client_id) ++ return -ENOMEM; ++ + server->default_lease_time = DIV_ROUND_UP(DHCP_DEFAULT_LEASE_TIME_USEC, USEC_PER_SEC); + server->max_lease_time = DIV_ROUND_UP(DHCP_MAX_LEASE_TIME_USEC, USEC_PER_SEC); + +@@ -857,6 +861,8 @@ int dhcp_server_handle_message(sd_dhcp_server *server, DHCPMessage *message, + + if (!existing_lease) { + lease = new0(DHCPLease, 1); ++ if (!lease) ++ return -ENOMEM; + lease->address = address; + lease->client_id.data = memdup(req->client_id.data, + req->client_id.length); +-- +2.9.3 + diff --git a/0002-import-bump-image-size-safety-limit-for-machinectl-p.patch b/0002-import-bump-image-size-safety-limit-for-machinectl-p.patch new file mode 100644 index 0000000..54aa0e4 --- /dev/null +++ b/0002-import-bump-image-size-safety-limit-for-machinectl-p.patch @@ -0,0 +1,28 @@ +From bd9bb2324adf9e16cdf4e6c3588ddc7778530fd8 Mon Sep 17 00:00:00 2001 +From: Dax Kelson +Date: Sun, 5 Mar 2017 05:03:53 -0700 +Subject: [PATCH] import: bump image size safety limit for machinectl pull + (#5535) + +We currenly use 40GB images in our environment +(cherry picked from commit 055c521ad4e9d2f923e9373ac12e214a1e896cc7) +--- + src/import/pull-job.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/import/pull-job.c b/src/import/pull-job.c +index e550df2..70aaa5c 100644 +--- a/src/import/pull-job.c ++++ b/src/import/pull-job.c +@@ -527,7 +527,7 @@ int pull_job_new(PullJob **ret, const char *url, CurlGlue *glue, void *userdata) + j->glue = glue; + j->content_length = (uint64_t) -1; + j->start_usec = now(CLOCK_MONOTONIC); +- j->compressed_max = j->uncompressed_max = 8LLU * 1024LLU * 1024LLU * 1024LLU; /* 8GB */ ++ j->compressed_max = j->uncompressed_max = 64LLU * 1024LLU * 1024LLU * 1024LLU; /* 64GB safety limit */ + + j->url = strdup(url); + if (!j->url) +-- +2.9.3 + diff --git a/0003-coredump-fix-handling-of-premature-eof-data-for-back.patch b/0003-coredump-fix-handling-of-premature-eof-data-for-back.patch new file mode 100644 index 0000000..aecf2ff --- /dev/null +++ b/0003-coredump-fix-handling-of-premature-eof-data-for-back.patch @@ -0,0 +1,44 @@ +From 5b21af2bf21f57e9b7ae30217ed01545029256e8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sun, 5 Mar 2017 10:35:44 -0500 +Subject: [PATCH] coredump: fix handling of premature-eof data for --backtrace + +We'd fail with an assert in journal_importer_process_data(), +because that function requires the caller to handle EOF themselves. + +(cherry picked from commit d74dc4f2d00644c04ad9dc900ef43050fcadaa8b) +--- + src/basic/journal-importer.c | 2 +- + src/coredump/coredump.c | 3 ++- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/basic/journal-importer.c b/src/basic/journal-importer.c +index 4c13e46..d25fd35 100644 +--- a/src/basic/journal-importer.c ++++ b/src/basic/journal-importer.c +@@ -314,7 +314,7 @@ int journal_importer_process_data(JournalImporter *imp) { + return r; + if (r == 0) { + imp->state = IMPORTER_STATE_EOF; +- return r; ++ return 0; + } + assert(n > 0); + assert(line[n-1] == '\n'); +diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c +index 4c4f36a..5828e94 100644 +--- a/src/coredump/coredump.c ++++ b/src/coredump/coredump.c +@@ -1326,7 +1326,8 @@ static int process_backtrace(int argc, char *argv[]) { + log_error_errno(r, "Failed to parse journal entry on stdin: %m"); + goto finish; + } +- if (r == 1) ++ if (r == 1 || /* complete entry */ ++ journal_importer_eof(&importer)) /* end of data */ + break; + } + +-- +2.9.3 + diff --git a/0004-cgtop-use-PRIu64-to-print-uint64_t-5544.patch b/0004-cgtop-use-PRIu64-to-print-uint64_t-5544.patch new file mode 100644 index 0000000..77178b4 --- /dev/null +++ b/0004-cgtop-use-PRIu64-to-print-uint64_t-5544.patch @@ -0,0 +1,28 @@ +From fe9d0ba1f8e60fbea433f75319d0487e5b58c79b Mon Sep 17 00:00:00 2001 +From: "Thomas H. P. Andersen" +Date: Tue, 7 Mar 2017 07:47:18 +0100 +Subject: [PATCH] cgtop: use PRIu64 to print uint64_t (#5544) + +Commit 59f448cf replaced usage of off_t with uint64_t. Change the +format string to use PRIu64 to match it. +(cherry picked from commit 557e36934d21b08acafbe2baf6ebfde761fbae25) +--- + src/cgtop/cgtop.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c +index a1c0f48..67f3a99 100644 +--- a/src/cgtop/cgtop.c ++++ b/src/cgtop/cgtop.c +@@ -118,7 +118,7 @@ static const char *maybe_format_bytes(char *buf, size_t l, bool is_valid, uint64 + if (!is_valid) + return "-"; + if (arg_raw) { +- snprintf(buf, l, "%jd", t); ++ snprintf(buf, l, "%" PRIu64, t); + return buf; + } + return format_bytes(buf, l, t); +-- +2.9.3 + diff --git a/0005-man-fix-typo-5556.patch b/0005-man-fix-typo-5556.patch new file mode 100644 index 0000000..c90b975 --- /dev/null +++ b/0005-man-fix-typo-5556.patch @@ -0,0 +1,26 @@ +From 9283e138a2a9347d9df9bc1d0371cff74d09d43f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Torstein=20Huseb=C3=B8?= +Date: Wed, 8 Mar 2017 13:54:22 +0100 +Subject: [PATCH] man: fix typo (#5556) + +(cherry picked from commit 6cf5a9648928be1e2b8fcdbf2903761000f6e803) +--- + man/systemd.exec.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml +index 5d4986b..fb64cd6 100644 +--- a/man/systemd.exec.xml ++++ b/man/systemd.exec.xml +@@ -138,7 +138,7 @@ + + RootImage= + Takes a path to a block device node or regular file as argument. This call is similar to +- RootDirectory= however mounts a file system hierarchy from a block device node or loopack ++ RootDirectory= however mounts a file system hierarchy from a block device node or loopback + file instead of a directory. The device node or file system image file needs to contain a file system without a + partition table, or a file system within an MBR/MS-DOS or GPT partition table with only a single + Linux-compatible partition, or a set of file systems within a GPT partition table that follows the +Date: Fri, 10 Mar 2017 15:16:24 +0100 +Subject: [PATCH] Fix typo in function name (#5565) + +(cherry picked from commit 8feabc46263079cffba8a39c4082563320aeffc0) +--- + man/sd_journal_get_fd.xml | 4 ++-- + man/sd_login_monitor_new.xml | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/man/sd_journal_get_fd.xml b/man/sd_journal_get_fd.xml +index 61293f7..2e686ca 100644 +--- a/man/sd_journal_get_fd.xml ++++ b/man/sd_journal_get_fd.xml +@@ -146,7 +146,7 @@ if (t == (uint64_t) -1) + else { + struct timespec ts; + uint64_t n; +- clock_getttime(CLOCK_MONOTONIC, &ts); ++ clock_gettime(CLOCK_MONOTONIC, &ts); + n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000; + msec = t > n ? (int) ((t - n + 999) / 1000) : 0; + } +@@ -304,7 +304,7 @@ int wait_for_changes(sd_journal *j) { + else { + struct timespec ts; + uint64_t n; +- clock_getttime(CLOCK_MONOTONIC, &ts); ++ clock_gettime(CLOCK_MONOTONIC, &ts); + n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000; + msec = t > n ? (int) ((t - n + 999) / 1000) : 0; + } +diff --git a/man/sd_login_monitor_new.xml b/man/sd_login_monitor_new.xml +index 5625ab9..129c99f 100644 +--- a/man/sd_login_monitor_new.xml ++++ b/man/sd_login_monitor_new.xml +@@ -203,7 +203,7 @@ if (t == (uint64_t) -1) + else { + struct timespec ts; + uint64_t n; +- clock_getttime(CLOCK_MONOTONIC, &ts); ++ clock_gettime(CLOCK_MONOTONIC, &ts); + n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000; + msec = t > n ? (int) ((t - n + 999) / 1000) : 0; + } +-- +2.9.3 + diff --git a/0007-resolve-add-missing-space-in-output-message-5574.patch b/0007-resolve-add-missing-space-in-output-message-5574.patch new file mode 100644 index 0000000..5422303 --- /dev/null +++ b/0007-resolve-add-missing-space-in-output-message-5574.patch @@ -0,0 +1,28 @@ +From fd46fb0d1606468232c6c74aa6a02c77c8d5934c Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 13 Mar 2017 09:12:03 +0900 +Subject: [PATCH] resolve: add missing space in output message (#5574) + +(cherry picked from commit 44ccb3d72315f68d0b4b07217c99bad35b055ec3) +--- + src/resolve/resolve-tool.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/resolve/resolve-tool.c b/src/resolve/resolve-tool.c +index 32537ce..c620589 100644 +--- a/src/resolve/resolve-tool.c ++++ b/src/resolve/resolve-tool.c +@@ -114,8 +114,8 @@ static void print_source(uint64_t flags, usec_t rtt) { + flags & SD_RESOLVED_DNS ? " DNS" :"", + flags & SD_RESOLVED_LLMNR_IPV4 ? " LLMNR/IPv4" : "", + flags & SD_RESOLVED_LLMNR_IPV6 ? " LLMNR/IPv6" : "", +- flags & SD_RESOLVED_MDNS_IPV4 ? "mDNS/IPv4" : "", +- flags & SD_RESOLVED_MDNS_IPV6 ? "mDNS/IPv6" : ""); ++ flags & SD_RESOLVED_MDNS_IPV4 ? " mDNS/IPv4" : "", ++ flags & SD_RESOLVED_MDNS_IPV6 ? " mDNS/IPv6" : ""); + + assert_se(format_timespan(rtt_str, sizeof(rtt_str), rtt, 100)); + +-- +2.9.3 + diff --git a/0008-headers-check-that-__INCLUDE_LEVEL__-is-defined-befo.patch b/0008-headers-check-that-__INCLUDE_LEVEL__-is-defined-befo.patch new file mode 100644 index 0000000..d40e53d --- /dev/null +++ b/0008-headers-check-that-__INCLUDE_LEVEL__-is-defined-befo.patch @@ -0,0 +1,31 @@ +From c1e4a9e5f7839fa35661069e2aaf600a915f0c6b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 13 Mar 2017 03:11:24 -0400 +Subject: [PATCH] headers: check that __INCLUDE_LEVEL__ is defined before using + it (#5575) + +That macro is a gcc extension, and while widely supported, not ubiquitous. +In particular the coverity scanner is having trouble with it. +(cherry picked from commit 1070d271fa8fa553d57dd5f74dd1e3f60732d0b9) +--- + src/systemd/_sd-common.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/systemd/_sd-common.h b/src/systemd/_sd-common.h +index 3bb886b..97c3943 100644 +--- a/src/systemd/_sd-common.h ++++ b/src/systemd/_sd-common.h +@@ -22,8 +22,8 @@ + + /* This is a private header; never even think of including this directly! */ + +-#if __INCLUDE_LEVEL__ <= 1 +-#error "Do not include _sd-common.h directly; it is a private header." ++#if defined(__INCLUDE_LEVEL__) && __INCLUDE_LEVEL__ <= 1 ++# error "Do not include _sd-common.h directly; it is a private header." + #endif + + #ifndef _sd_printf_ +-- +2.9.3 + diff --git a/0009-journal-prevent-integer-overflow-while-validating-he.patch b/0009-journal-prevent-integer-overflow-while-validating-he.patch new file mode 100644 index 0000000..ad2cfbd --- /dev/null +++ b/0009-journal-prevent-integer-overflow-while-validating-he.patch @@ -0,0 +1,58 @@ +From 112d963a0542b1280667e2eb2727a8946d9bcf8d Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Mon, 13 Mar 2017 08:14:42 +0100 +Subject: [PATCH] journal: prevent integer overflow while validating header + (#5569) + +It is possible to overflow uint64_t while validating the header of +a journal file. To prevent this, the addition itself is checked to +be within the limits of UINT64_MAX first. + +To keep this readable, I have introduced two stack variables which +hold the converted values during validation. +(cherry picked from commit 6f94e420e8355421fc31713a0df760d6b20473ac) +--- + src/journal/journal-file.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c +index a6ccb67..14cb01a 100644 +--- a/src/journal/journal-file.c ++++ b/src/journal/journal-file.c +@@ -546,6 +546,8 @@ static bool warn_wrong_flags(const JournalFile *f, bool compatible) { + } + + static int journal_file_verify_header(JournalFile *f) { ++ uint64_t arena_size, header_size; ++ + assert(f); + assert(f->header); + +@@ -564,17 +566,21 @@ static int journal_file_verify_header(JournalFile *f) { + if (f->header->state >= _STATE_MAX) + return -EBADMSG; + ++ header_size = le64toh(f->header->header_size); ++ + /* The first addition was n_data, so check that we are at least this large */ +- if (le64toh(f->header->header_size) < HEADER_SIZE_MIN) ++ if (header_size < HEADER_SIZE_MIN) + return -EBADMSG; + + if (JOURNAL_HEADER_SEALED(f->header) && !JOURNAL_HEADER_CONTAINS(f->header, n_entry_arrays)) + return -EBADMSG; + +- if ((le64toh(f->header->header_size) + le64toh(f->header->arena_size)) > (uint64_t) f->last_stat.st_size) ++ arena_size = le64toh(f->header->arena_size); ++ ++ if (UINT64_MAX - header_size < arena_size || header_size + arena_size > (uint64_t) f->last_stat.st_size) + return -ENODATA; + +- if (le64toh(f->header->tail_object_offset) > (le64toh(f->header->header_size) + le64toh(f->header->arena_size))) ++ if (le64toh(f->header->tail_object_offset) > header_size + arena_size) + return -ENODATA; + + if (!VALID64(le64toh(f->header->data_hash_table_offset)) || +-- +2.9.3 + diff --git a/0010-machinectl-don-t-return-1-in-case-we-couldn-t-figure.patch b/0010-machinectl-don-t-return-1-in-case-we-couldn-t-figure.patch new file mode 100644 index 0000000..238af60 --- /dev/null +++ b/0010-machinectl-don-t-return-1-in-case-we-couldn-t-figure.patch @@ -0,0 +1,30 @@ +From 51ad3c9829dfee2051fc97bd904d9ac6b191970c Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Tue, 14 Mar 2017 22:38:19 +0100 +Subject: [PATCH] machinectl: don't return 1 in case we couldn't figure out + container IP addresses (#5587) + +This is in spirit very similar to commit +4b2419165ce409ee55ce96a926302f89685f2293. + +Fixes: #5581 +(cherry picked from commit 3c302cddfb2e921578d1238ebcc0cb5ff34fbebe) +--- + src/machine/machinectl.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c +index 2838428..3031ed5 100644 +--- a/src/machine/machinectl.c ++++ b/src/machine/machinectl.c +@@ -340,6 +340,7 @@ static int list_machines(int argc, char *argv[], void *userdata) { + printf("No machines.\n"); + } + ++ r = 0; + out: + clean_machine_info(machines, n_machines); + return r; +-- +2.9.3 + diff --git a/0011-man-Document-when-pam_systemd-sets-XDG_RUNTIME_DIR-5.patch b/0011-man-Document-when-pam_systemd-sets-XDG_RUNTIME_DIR-5.patch new file mode 100644 index 0000000..225f52c --- /dev/null +++ b/0011-man-Document-when-pam_systemd-sets-XDG_RUNTIME_DIR-5.patch @@ -0,0 +1,37 @@ +From 6c03191c817094b67352a8553b5df9850eaecd88 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Adrian=20Heine=20n=C3=A9=20Lang?= +Date: Tue, 14 Mar 2017 22:42:18 +0100 +Subject: [PATCH] man: Document when pam_systemd sets XDG_RUNTIME_DIR (#5570) + +https://github.com/systemd/systemd/blob/f97b34a6/src/login/pam_systemd.c#L439 +(cherry picked from commit 5c50321ca9c660dac39976ab29ed2f28f872628d) +--- + man/pam_systemd.xml | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml +index 6e1aa0d..cef5445c 100644 +--- a/man/pam_systemd.xml ++++ b/man/pam_systemd.xml +@@ -88,7 +88,7 @@ + and so will the user's slice unit. + + If the last concurrent session of a user ends, +- the $XDG_RUNTIME_DIR directory and all its ++ the user runtime directory /run/user/$UID and all its + contents are removed, too. + + +@@ -192,7 +192,8 @@ + offers the greatest possible file system feature set the + operating system provides. For further details, see the XDG +- Base Directory Specification. ++ Base Directory Specification. $XDG_RUNTIME_DIR ++ is not set if the current user is not the original user of the session. + + + +-- +2.9.3 + diff --git a/0012-man-Fix-a-simple-grammar-error-in-systemd.service.xm.patch b/0012-man-Fix-a-simple-grammar-error-in-systemd.service.xm.patch new file mode 100644 index 0000000..363a574 --- /dev/null +++ b/0012-man-Fix-a-simple-grammar-error-in-systemd.service.xm.patch @@ -0,0 +1,27 @@ +From dd8b6fa3f53ff9912f3ffdfeaedf79612e5f8395 Mon Sep 17 00:00:00 2001 +From: AlexanderKurtz +Date: Thu, 16 Mar 2017 01:33:56 +0100 +Subject: [PATCH] man: Fix a simple grammar error in systemd.service.xml + (#5594) + +(cherry picked from commit bda99fab3104095420d3ee03593d07469153f6c4) +--- + man/systemd.service.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/man/systemd.service.xml b/man/systemd.service.xml +index 52eb2bb..a452e3a 100644 +--- a/man/systemd.service.xml ++++ b/man/systemd.service.xml +@@ -184,7 +184,7 @@ + process has to exit before systemd starts follow-up units. + RemainAfterExit= is particularly useful for + this type of service. This is the implied default if neither +- Type= or ExecStart= are ++ Type= nor ExecStart= are + specified. + + Behavior of is similar to +-- +2.9.3 + diff --git a/systemd.spec b/systemd.spec index c5f86aa..9b344f7 100644 --- a/systemd.spec +++ b/systemd.spec @@ -13,7 +13,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 233 -Release: 2%{?gitcommit:.git%{gitcommitshort}}%{?dist} +Release: 3%{?gitcommit:.git%{gitcommitshort}}%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -45,6 +45,19 @@ Source12: https://raw.githubusercontent.com/systemd/systemd/1000522a60cead # GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-01-30} hwdb/[67]* > hwdb.patch +Patch0001: 0001-dhcp-server-add-two-missing-OOM-checks.patch +Patch0002: 0002-import-bump-image-size-safety-limit-for-machinectl-p.patch +Patch0003: 0003-coredump-fix-handling-of-premature-eof-data-for-back.patch +Patch0004: 0004-cgtop-use-PRIu64-to-print-uint64_t-5544.patch +Patch0005: 0005-man-fix-typo-5556.patch +Patch0006: 0006-Fix-typo-in-function-name-5565.patch +Patch0007: 0007-resolve-add-missing-space-in-output-message-5574.patch +Patch0008: 0008-headers-check-that-__INCLUDE_LEVEL__-is-defined-befo.patch +Patch0009: 0009-journal-prevent-integer-overflow-while-validating-he.patch +Patch0010: 0010-machinectl-don-t-return-1-in-case-we-couldn-t-figure.patch +Patch0011: 0011-man-Document-when-pam_systemd-sets-XDG_RUNTIME_DIR-5.patch +Patch0012: 0012-man-Fix-a-simple-grammar-error-in-systemd.service.xm.patch + Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch %global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);} @@ -1037,6 +1050,10 @@ getent passwd systemd-journal-upload &>/dev/null || useradd -r -l -g systemd-jou %{pkgdir}/tests %changelog +* Thu Mar 16 2017 Michal Sekletar - 233-3 +- Backport bugfixes from upstream +- Don't return error when machinectl couldn't figure out container IP addresses (#1419501) + * Thu Mar 2 2017 Zbigniew Jędrzejewski-Szmek - 233-2 - Fix installation conflict with polkit