Only keep one polkit rules file

Just tweak it at build time depending on what polkit version we are
building for.

.gitignore

@@ -54,6 +54,7 @@
 /daemon/libvirtd.8.in
 /daemon/libvirtd.init
 /daemon/libvirtd.pod
+/daemon/libvirtd.policy
 /daemon/libvirtd.service
 /daemon/test_libvirtd.aug
 /docs/apibuild.py.stamp

daemon/Makefile.am

@@ -35,8 +35,7 @@ EXTRA_DIST =						\
 	libvirtd.conf					\
 	libvirtd.init.in				\
 	libvirtd.upstart				\
-	libvirtd.policy-0				\
-	libvirtd.policy-1				\
+	libvirtd.policy.in				\
 	libvirtd.sasl					\
 	libvirtd.sysconf				\
 	libvirtd.sysctl					\
@@ -173,13 +172,20 @@ libvirtd_LDADD += ../src/libvirt.la
 if HAVE_POLKIT
 if HAVE_POLKIT0
 policydir = $(datadir)/PolicyKit/policy
-policyfile = libvirtd.policy-0
+policyauth = auth_admin_keep_session
 else
 policydir = $(datadir)/polkit-1/actions
-policyfile = libvirtd.policy-1
+policyauth = auth_admin_keep
 endif
 endif
 
+libvirtd.policy: libvirtd.policy.in $(top_builddir)/config.status
+	$(AM_V_GEN) sed \
+	    -e 's![@]authaction[@]!$(policyauth)!g' \
+	    < $< > $@-t && \
+	mv $@-t $@
+BUILT_SOURCES += libvirtd.policy
+
 install-data-local: install-init-redhat install-init-systemd install-init-upstart \
 		install-data-sasl install-data-polkit \
 		install-logrotate install-sysctl
@@ -197,7 +203,7 @@ uninstall-local:: uninstall-init-redhat uninstall-init-systemd uninstall-init-up
 if HAVE_POLKIT
 install-data-polkit::
 	$(MKDIR_P) $(DESTDIR)$(policydir)
-	$(INSTALL_DATA) $(srcdir)/$(policyfile) $(DESTDIR)$(policydir)/org.libvirt.unix.policy
+	$(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
 uninstall-data-polkit::
 	rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
 	rmdir $(DESTDIR)$(policydir) || :

daemon/libvirtd.policy-0

-<!DOCTYPE policyconfig PUBLIC
- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-
-<!--
-Policy definitions for libvirt daemon
-
-Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
-
-libvirt is licensed to you under the GNU Lesser General Public License
-version 2. See COPYING for details.
-
-NOTE: If you make changes to this file, make sure to validate the file
-using the polkit-policy-file-validate(1) tool. Changes made to this
-file are instantly applied.
--->
-
-<policyconfig>
-    <action id="org.libvirt.unix.monitor">
-      <description>Monitor local virtualized systems</description>
-      <message>System policy prevents monitoring of local virtualized systems</message>
-      <defaults>
-        <!-- Any program can use libvirt in read-only mode for monitoring,
-             even if not part of a session -->
-        <allow_any>yes</allow_any>
-        <allow_inactive>yes</allow_inactive>
-        <allow_active>yes</allow_active>
-      </defaults>
-    </action>
-
-    <action id="org.libvirt.unix.manage">
-      <description>Manage local virtualized systems</description>
-      <message>System policy prevents management of local virtualized systems</message>
-      <defaults>
-        <!-- Only a program in the active host session can use libvirt in
-             read-write mode for management, and we require user password -->
-        <allow_any>auth_admin</allow_any>
-        <allow_inactive>auth_admin</allow_inactive>
-        <allow_active>auth_admin_keep_session</allow_active>
-      </defaults>
-    </action>
-</policyconfig>

daemon/libvirtd.policy-1 → daemon/libvirtd.policy.in

@@ -36,7 +36,7 @@ file are instantly applied.
              read-write mode for management, and we require user password -->
         <allow_any>auth_admin</allow_any>
         <allow_inactive>auth_admin</allow_inactive>
-        <allow_active>auth_admin_keep</allow_active>
+        <allow_active>@authaction@</allow_active>
       </defaults>
     </action>
 </policyconfig>