diff --git a/sysutils/polkit/Makefile b/sysutils/polkit/Makefile index 7421c1aa4b4..723da65adcd 100644 --- a/sysutils/polkit/Makefile +++ b/sysutils/polkit/Makefile @@ -1,13 +1,12 @@ -# $OpenBSD: Makefile,v 1.16 2011/04/07 11:12:12 ajacoutot Exp $ +# $OpenBSD: Makefile,v 1.17 2011/04/28 13:09:07 ajacoutot Exp $ COMMENT= framework for granting privileged operations to users -DISTNAME= polkit-0.97 -REVISION= 6 +DISTNAME= polkit-0.101 -SHARED_LIBS += polkit-gobject-1 0.0 # .0.0 -SHARED_LIBS += polkit-backend-1 0.0 # .0.0 -SHARED_LIBS += polkit-agent-1 0.0 # .0.0 +SHARED_LIBS += polkit-gobject-1 1.0 # .0.0 +SHARED_LIBS += polkit-backend-1 1.0 # .0.0 +SHARED_LIBS += polkit-agent-1 1.0 # .0.0 CATEGORIES= sysutils @@ -21,11 +20,10 @@ PERMIT_DISTFILES_FTP= Yes PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP= Yes -WANTLIB += c dbus-1 dbus-glib-1 expat gio-2.0 glib-2.0 gmodule-2.0 -WANTLIB += gobject-2.0 gthread-2.0 pcre pthread z eggdbus-1 +WANTLIB += c expat gio-2.0 glib-2.0 gmodule-2.0 gobject-2.0 gthread-2.0 +WANTLIB += pcre pthread z -#MASTER_SITES= http://hal.freedesktop.org/releases/ -MASTER_SITES= http://distfiles.bsdfrog.org/ +MASTER_SITES= http://hal.freedesktop.org/releases/ MODULES= textproc/intltool \ devel/gettext @@ -34,7 +32,7 @@ BUILD_DEPENDS= ${MODGNU_AUTOMAKE_DEPENDS} \ ${MODGNU_AUTOCONF_DEPENDS} \ devel/gobject-introspection -# needs libtoolize +# needs AM_PROG_LIBTOOL BUILD_DEPENDS+= devel/libtool # We do no want to depends on gtk-doc as it creates a dependency loop: @@ -42,23 +40,22 @@ BUILD_DEPENDS+= devel/libtool BUILD_DEPENDS+= textproc/libxslt \ textproc/docbook-xsl -LIB_DEPENDS= devel/eggdbus +LIB_DEPENDS= devel/glib2 -AUTOCONF_VERSION= 2.62 -AUTOMAKE_VERSION=1.9 +AUTOCONF_VERSION= 2.64 +AUTOMAKE_VERSION=1.10 CONFIGURE_STYLE= gnu CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \ - LDFLAGS="-L${LOCALBASE}/lib" \ - CC=${CC} CFLAGS="${CFLAGS}" + LDFLAGS="-L${LOCALBASE}/lib" CONFIGURE_ARGS= ${CONFIGURE_SHARED} \ + --disable-gtk-doc \ --localstatedir=/var \ --mandir=${PREFIX}/man \ + --enable-introspection \ --enable-man-pages \ --enable-verbose-mode \ --enable-examples \ - --disable-gtk-doc \ - --enable-introspection \ --with-os-type=openbsd \ --with-authfw=bsdauth @@ -75,11 +72,10 @@ pre-configure: ${SUBST_CMD} ${WRKSRC}/docs/man/pkexec.xml \ ${WRKSRC}/actions/org.freedesktop.policykit.policy.in \ ${WRKSRC}/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in - -do-configure: - cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \ + cd ${WRKSRC} && \ AUTOMAKE_VERSION=${AUTOMAKE_VERSION} \ - ${CONFIGURE_ENV} ./autogen.sh ${CONFIGURE_ARGS} + AUTOCONF_VERSION=${AUTOCONF_VERSION} \ + ${LOCALBASE}/bin/autoreconf post-install: ${INSTALL_DATA_DIR} \ diff --git a/sysutils/polkit/distinfo b/sysutils/polkit/distinfo index bcaa538d813..8813ff258ff 100644 --- a/sysutils/polkit/distinfo +++ b/sysutils/polkit/distinfo @@ -1,5 +1,5 @@ -MD5 (polkit-0.97.tar.gz) = 3Bdpry1AnUcAqPwvm6eunw== -RMD160 (polkit-0.97.tar.gz) = PojZiPZOvTBCQl9paViDgI4sn/o= -SHA1 (polkit-0.97.tar.gz) = QJji7cEdA5ceUiqIp0dsq9OCTvg= -SHA256 (polkit-0.97.tar.gz) = thjuv0wWOYRUB8rzAkgY3+BGA/BtqGX1bAEAIUfQpKk= -SIZE (polkit-0.97.tar.gz) = 340363 +MD5 (polkit-0.101.tar.gz) = +SWsk6ujwHKXc3DB4n/rfw== +RMD160 (polkit-0.101.tar.gz) = aS37zCdcBxGUDym4x9UAFEtrkho= +SHA1 (polkit-0.101.tar.gz) = nR9YqZ1AiJzuu94UL5PDBUcfwVE= +SHA256 (polkit-0.101.tar.gz) = kn9ldg5PziPXzerpAkXCKYbrCjkzWjRJFTAhWPc/nxs= +SIZE (polkit-0.101.tar.gz) = 1066155 diff --git a/sysutils/polkit/patches/patch-autogen_sh b/sysutils/polkit/patches/patch-autogen_sh deleted file mode 100644 index 1c7706fd1eb..00000000000 --- a/sysutils/polkit/patches/patch-autogen_sh +++ /dev/null @@ -1,30 +0,0 @@ -$OpenBSD: patch-autogen_sh,v 1.1 2010/07/08 15:20:45 ajacoutot Exp $ - -Force disabling gtk-doc. - ---- autogen.sh.orig Thu Jul 8 16:47:39 2010 -+++ autogen.sh Thu Jul 8 16:47:54 2010 -@@ -31,14 +31,6 @@ DIE=0 - } - } - --(gtkdocize --flavour no-tmpl) < /dev/null > /dev/null 2>&1 || { -- echo -- echo "You must have gtk-doc installed to compile $PROJECT." -- echo "Install the appropriate package for your distribution," -- echo "or get the source tarball at http://ftp.gnome.org/pub/GNOME/sources/gtk-doc/" -- DIE=1 --} -- - (automake --version) < /dev/null > /dev/null 2>&1 || { - echo - echo "**Error**: You must have automake installed." -@@ -93,8 +85,6 @@ esac - autoconf - - intltoolize --copy --force --automake || exit 1 -- --conf_flags="--enable-maintainer-mode --enable-gtk-doc" - - if test x$NOCONFIGURE = x; then - echo "Running $srcdir/configure $conf_flags $@ ..." diff --git a/sysutils/polkit/patches/patch-configure_ac b/sysutils/polkit/patches/patch-configure_ac index 5efc557d1a8..8f176b03862 100644 --- a/sysutils/polkit/patches/patch-configure_ac +++ b/sysutils/polkit/patches/patch-configure_ac @@ -1,10 +1,10 @@ -$OpenBSD: patch-configure_ac,v 1.2 2010/07/08 15:20:45 ajacoutot Exp $ +$OpenBSD: patch-configure_ac,v 1.3 2011/04/28 13:09:07 ajacoutot Exp $ Force disabling gtk-doc. Add bsd_auth(3) support. ---- configure.ac.orig Wed Mar 10 18:46:19 2010 -+++ configure.ac Thu Jul 8 16:49:51 2010 +--- configure.ac.orig Thu Mar 3 19:26:20 2011 ++++ configure.ac Wed Apr 27 16:07:00 2011 @@ -45,8 +45,6 @@ AC_PATH_PROG([XSLTPROC], [xsltproc]) fi AM_CONDITIONAL(MAN_PAGES_ENABLED, test x$enable_man_pages = xyes) @@ -14,7 +14,7 @@ Add bsd_auth(3) support. #### gcc warning flags if test "x$GCC" = "xyes"; then -@@ -145,7 +143,7 @@ AC_SUBST(EXPAT_LIBS) +@@ -141,7 +139,7 @@ AC_SUBST(EXPAT_LIBS) AC_CHECK_FUNCS(clearenv) if test "x$GCC" = "xyes"; then @@ -23,7 +23,7 @@ Add bsd_auth(3) support. fi dnl --------------------------------------------------------------------------- -@@ -194,6 +192,11 @@ case $POLKIT_AUTHFW in +@@ -190,6 +188,11 @@ case $POLKIT_AUTHFW in AC_DEFINE(POLKIT_AUTHFW_SHADOW, 1, [If using the Shadow authentication framework]) ;; @@ -35,7 +35,7 @@ Add bsd_auth(3) support. *) AC_MSG_ERROR([Unknown Authentication Framework: $POLKIT_AUTHFW]) ;; -@@ -202,6 +205,7 @@ esac +@@ -198,6 +201,7 @@ esac AM_CONDITIONAL(POLKIT_AUTHFW_NONE, [test x$POLKIT_AUTHFW = xnone], [Using no authfw]) AM_CONDITIONAL(POLKIT_AUTHFW_PAM, [test x$POLKIT_AUTHFW = xpam], [Using PAM authfw]) AM_CONDITIONAL(POLKIT_AUTHFW_SHADOW, [test x$POLKIT_AUTHFW = xshadow], [Using Shadow authfw]) @@ -43,7 +43,7 @@ Add bsd_auth(3) support. dnl --------------------------------------------------------------------------- -@@ -488,7 +492,7 @@ echo "NOTE: The directory ${sysconfdir}/polkit-1/local +@@ -467,7 +471,7 @@ echo "NOTE: The directory ${sysconfdir}/polkit-1/local echo " by root and have mode 700" echo diff --git a/sysutils/polkit/patches/patch-docs_man_pkexec_xml b/sysutils/polkit/patches/patch-docs_man_pkexec_xml index 05220a0ee85..0690d6b5766 100644 --- a/sysutils/polkit/patches/patch-docs_man_pkexec_xml +++ b/sysutils/polkit/patches/patch-docs_man_pkexec_xml @@ -1,7 +1,7 @@ -$OpenBSD: patch-docs_man_pkexec_xml,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $ ---- docs/man/pkexec.xml.orig Sun Jun 27 19:09:16 2010 -+++ docs/man/pkexec.xml Sun Jun 27 19:12:38 2010 -@@ -131,14 +131,14 @@ +$OpenBSD: patch-docs_man_pkexec_xml,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $ +--- docs/man/pkexec.xml.orig Thu Mar 3 18:22:50 2011 ++++ docs/man/pkexec.xml Wed Apr 27 16:10:43 2011 +@@ -146,14 +146,14 @@ EXAMPLE To specify what kind of authorization is needed to execute the @@ -12,13 +12,13 @@ $OpenBSD: patch-docs_man_pkexec_xml,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp FIXME: MISSING XINCLUDE CONTENT - and drop it in -- the /usr/share/polkit-1/actions directory -+ the ${PREFIX}/share/polkit-1/actions directory - under a suitable name (e.g. matching the namespace of the - action). Note that in addition to specifying the program, the + and drop it in the +- /usr/share/polkit-1/actions directory under ++ ${PREFIX}/share/polkit-1/actions directory under + a suitable name (e.g. matching the namespace of the action). + Note that in addition to specifying the program, the authentication message, description, icon and defaults can be -@@ -165,7 +165,7 @@ +@@ -188,7 +188,7 @@ | Password: [__________________________________] | | | | [V] Details: | @@ -27,7 +27,7 @@ $OpenBSD: patch-docs_man_pkexec_xml,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp | Run As: Super User (root) | | Action: org.fd.pk.example.pkexec.run-frobnicate | | Vendor: Examples for the PolicyKit Project | -@@ -199,7 +199,7 @@ +@@ -222,7 +222,7 @@ | | | [V] Detaljer: | | Bruger: Super User (root) | diff --git a/sysutils/polkit/patches/patch-docs_polkit_html_pklocalauthority_8_html b/sysutils/polkit/patches/patch-docs_polkit_html_pklocalauthority_8_html new file mode 100644 index 00000000000..d746dcf939e --- /dev/null +++ b/sysutils/polkit/patches/patch-docs_polkit_html_pklocalauthority_8_html @@ -0,0 +1,48 @@ +$OpenBSD: patch-docs_polkit_html_pklocalauthority_8_html,v 1.1 2011/04/28 13:09:07 ajacoutot Exp $ +--- docs/polkit/html/pklocalauthority.8.html.orig Tue Nov 30 13:30:28 2010 ++++ docs/polkit/html/pklocalauthority.8.html Tue Nov 30 13:30:53 2010 +@@ -98,7 +98,7 @@ + The Local Authority reads files with .pkla + extension from all directories located inside the + /etc/polkit-1/localauthority +- and /var/lib/polkit-1/localauthority ++ and /var/db/polkit-1/localauthority + directories. By default, the following sub-directories are installed. +

+ 
+@@ -114,7 +114,7 @@
+       and
+     

+ 
+-/var/lib/polkit-1/
++/var/db/polkit-1/
+ `-- localauthority
+     |-- 10-vendor.d
+     |-- 20-org.d
+@@ -125,7 +125,7 @@
+ 

+       The /etc/polkit-1/localauthority hierarchy
+       is inteded for local configuration and
+-      the /var/lib/polkit-1/localauthority is
++      the /var/db/polkit-1/localauthority is
+       intended for 3rd party packages.
+     

+ 

+@@ -277,7 +277,7 @@
+       the following rules. First all the basename of all
+       sub-directories (e.g. 30-site.d) from both
+       the /etc/polkit-1/localauthority
+-      and /var/lib/polkit-1/localauthority
++      and /var/db/polkit-1/localauthority
+       directories are enumerated and sorted (using the C locale). If a
+       name exists in both /etc
+       and /var, the one
+@@ -291,7 +291,7 @@
+       For example, given the following files
+     

+ 
+-/var/lib/polkit-1
++/var/db/polkit-1
+ └── localauthority
+     ├── 10-vendor.d
+     │   └── 10-desktop-policy.pkla
diff --git a/sysutils/polkit/patches/patch-docs_polkit_polkit-1-sections_txt b/sysutils/polkit/patches/patch-docs_polkit_polkit-1-sections_txt
new file mode 100644
index 00000000000..a1dfe6a2cbc
--- /dev/null
+++ b/sysutils/polkit/patches/patch-docs_polkit_polkit-1-sections_txt
@@ -0,0 +1,25 @@
+$OpenBSD: patch-docs_polkit_polkit-1-sections_txt,v 1.1 2011/04/28 13:09:07 ajacoutot Exp $
+
+From 129b6223a19e7fb2753f8cad7957ac5402394076 Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Fri, 01 Apr 2011 16:09:45 +0000
+Subject: Make PolkitUnixProcess also record the uid of the process
+
+--- docs/polkit/polkit-1-sections.txt.orig	Thu Mar  3 19:47:45 2011
++++ docs/polkit/polkit-1-sections.txt	Wed Apr 27 19:19:15 2011
+@@ -145,10 +145,13 @@ POLKIT_UNIX_SESSION_GET_CLASS
+ PolkitUnixProcess
+ polkit_unix_process_new
+ polkit_unix_process_new_full
++polkit_unix_process_new_for_owner
++polkit_unix_process_set_pid
+ polkit_unix_process_get_pid
++polkit_unix_process_set_start_time
+ polkit_unix_process_get_start_time
+-polkit_unix_process_set_pid
+-polkit_unix_process_get_owner
++polkit_unix_process_set_uid
++polkit_unix_process_get_uid
+ 
+ PolkitUnixProcessClass
+ POLKIT_UNIX_PROCESS
diff --git a/sysutils/polkit/patches/patch-src_nullbackend_50-nullbackend_conf b/sysutils/polkit/patches/patch-src_nullbackend_50-nullbackend_conf
index 27d19a1f410..d496ce7c71a 100644
--- a/sysutils/polkit/patches/patch-src_nullbackend_50-nullbackend_conf
+++ b/sysutils/polkit/patches/patch-src_nullbackend_50-nullbackend_conf
@@ -1,4 +1,4 @@
-$OpenBSD: patch-src_nullbackend_50-nullbackend_conf,v 1.1 2010/07/05 15:22:16 ajacoutot Exp $
+$OpenBSD: patch-src_nullbackend_50-nullbackend_conf,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
 --- src/nullbackend/50-nullbackend.conf.orig	Mon Jul  5 16:51:53 2010
 +++ src/nullbackend/50-nullbackend.conf	Mon Jul  5 16:52:17 2010
 @@ -1,10 +1,10 @@
@@ -6,7 +6,7 @@ $OpenBSD: patch-src_nullbackend_50-nullbackend_conf,v 1.1 2010/07/05 15:22:16 aj
  # Configuration file for the PolicyKit null backend.
  #
 -# DO NOT EDIT THIS FILE, it will be overwritten on update.
-+# DO NOT EDIT THIS FILE
++# DO NOT EDIT THIS FILE.
  #
  # To change configuration, create another file in this directory with
 -# a filename that is sorted after the 50-nullback.conf and make
diff --git a/sysutils/polkit/patches/patch-src_polkit_Makefile_am b/sysutils/polkit/patches/patch-src_polkit_Makefile_am
index ae8f27b1ab8..5bcc3403468 100644
--- a/sysutils/polkit/patches/patch-src_polkit_Makefile_am
+++ b/sysutils/polkit/patches/patch-src_polkit_Makefile_am
@@ -1,12 +1,21 @@
-$OpenBSD: patch-src_polkit_Makefile_am,v 1.1 2011/04/07 11:12:12 ajacoutot Exp $
---- src/polkit/Makefile.am.orig	Thu Apr  7 11:42:24 2011
-+++ src/polkit/Makefile.am	Thu Apr  7 11:42:52 2011
-@@ -154,7 +154,7 @@ Polkit-1.0.gir: libpolkit-gobject-1.la $(G_IR_SCANNER)
- 		$(srcdir)/polkitauthorizationresult.h 		\
- 		$(srcdir)/polkitcheckauthorizationflags.h 	\
- 		$(srcdir)/polkitdetails.h 			\
--		$(builddir)/polkitenumtypes.h 			\
-+		$(srcdir)/polkitenumtypes.h 			\
- 		$(srcdir)/polkiterror.h 			\
- 		$(srcdir)/polkitidentity.h 			\
- 		$(srcdir)/polkitimplicitauthorization.h 	\
+$OpenBSD: patch-src_polkit_Makefile_am,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
+
+src/polkit/tmp-introspect6TgxO1/.libs/Polkit-1.0: can't load library 'libpolkit-gobject-1.so.X.X'
+
+From c29a6fd701df08e10e384cce65356af9a5a559f3 Mon Sep 17 00:00:00 2001
+From: Benjamin Otte 
+Date: Fri, 11 Mar 2011 13:01:27 +0000
+Subject: introspection: Add --c-include to the gir files
+
+--- src/polkit/Makefile.am.orig	Sat Feb 26 23:23:53 2011
++++ src/polkit/Makefile.am	Wed Apr 27 20:29:34 2011
+@@ -110,7 +110,9 @@ Polkit-1.0.gir: libpolkit-gobject-1.la $(INTROSPECTION
+ 		--pkg=gobject-2.0 				\
+ 		--pkg=gio-2.0 					\
+ 		--libtool=$(top_builddir)/libtool		\
++		--c-include='polkit/polkit.h'			\
+                 -I$(top_srcdir)/src	 			\
++		-L$(top_srcdir)/src/polkit/.libs		\
+ 	        -D_POLKIT_COMPILATION                   	\
+ 		$(libpolkit_gobject_1_la_SOURCES)		\
+ 		$(NULL)
diff --git a/sysutils/polkit/patches/patch-src_polkit_polkitcheckauthorizationflags_h b/sysutils/polkit/patches/patch-src_polkit_polkitcheckauthorizationflags_h
deleted file mode 100644
index 1db6e765252..00000000000
--- a/sysutils/polkit/patches/patch-src_polkit_polkitcheckauthorizationflags_h
+++ /dev/null
@@ -1,20 +0,0 @@
-$OpenBSD: patch-src_polkit_polkitcheckauthorizationflags_h,v 1.1 2011/04/07 11:12:12 ajacoutot Exp $
-
-From 920c40ef079fd2907f6c08d965d6d87eaf58f52a Mon Sep 17 00:00:00 2001
-From: Colin Walters 
-Date: Fri, 10 Sep 2010 18:42:51 +0000
-Subject: Remove duplicate definitions of enumeration types
-
---- src/polkit/polkitcheckauthorizationflags.h.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkit/polkitcheckauthorizationflags.h	Thu Apr  7 12:21:48 2011
-@@ -30,10 +30,6 @@
- 
- G_BEGIN_DECLS
- 
--GType polkit_check_authorization_flags_get_type (void) G_GNUC_CONST;
--
--#define POLKIT_TYPE_CHECK_AUTHORIZATION_FLAGS (polkit_check_authorization_flags_get_type ())
--
- /**
-  * PolkitCheckAuthorizationFlags:
-  * @POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE: No flags set.
diff --git a/sysutils/polkit/patches/patch-src_polkit_polkiterror_h b/sysutils/polkit/patches/patch-src_polkit_polkiterror_h
deleted file mode 100644
index 6ce001f2b30..00000000000
--- a/sysutils/polkit/patches/patch-src_polkit_polkiterror_h
+++ /dev/null
@@ -1,20 +0,0 @@
-$OpenBSD: patch-src_polkit_polkiterror_h,v 1.1 2011/04/07 11:12:12 ajacoutot Exp $
-
-From 920c40ef079fd2907f6c08d965d6d87eaf58f52a Mon Sep 17 00:00:00 2001
-From: Colin Walters 
-Date: Fri, 10 Sep 2010 18:42:51 +0000
-Subject: Remove duplicate definitions of enumeration types
-
---- src/polkit/polkiterror.h.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkit/polkiterror.h	Thu Apr  7 12:21:48 2011
-@@ -40,10 +40,6 @@ G_BEGIN_DECLS
- 
- GQuark polkit_error_quark (void);
- 
--GType polkit_error_get_type (void) G_GNUC_CONST;
--
--#define POLKIT_TYPE_ERROR (polkit_error_get_type ())
--
- /**
-  * PolkitError:
-  * @POLKIT_ERROR_FAILED: The operation failed.
diff --git a/sysutils/polkit/patches/patch-src_polkit_polkitimplicitauthorization_h b/sysutils/polkit/patches/patch-src_polkit_polkitimplicitauthorization_h
deleted file mode 100644
index 8fef8b3ab0c..00000000000
--- a/sysutils/polkit/patches/patch-src_polkit_polkitimplicitauthorization_h
+++ /dev/null
@@ -1,20 +0,0 @@
-$OpenBSD: patch-src_polkit_polkitimplicitauthorization_h,v 1.1 2011/04/07 11:12:12 ajacoutot Exp $
-
-From 920c40ef079fd2907f6c08d965d6d87eaf58f52a Mon Sep 17 00:00:00 2001
-From: Colin Walters 
-Date: Fri, 10 Sep 2010 18:42:51 +0000
-Subject: Remove duplicate definitions of enumeration types
-
---- src/polkit/polkitimplicitauthorization.h.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkit/polkitimplicitauthorization.h	Thu Apr  7 12:21:48 2011
-@@ -30,10 +30,6 @@
- 
- G_BEGIN_DECLS
- 
--GType polkit_implicit_authorization_get_type (void) G_GNUC_CONST;
--
--#define POLKIT_TYPE_IMPLICIT_AUTHORIZATION (polkit_implicit_authorization_get_type ())
--
- /**
-  * PolkitImplicitAuthorization:
-  * @POLKIT_IMPLICIT_AUTHORIZATION_UNKNOWN: Unknown whether the subject is authorized, never returned in any public API.
diff --git a/sysutils/polkit/patches/patch-src_polkit_polkitsubject_c b/sysutils/polkit/patches/patch-src_polkit_polkitsubject_c
new file mode 100644
index 00000000000..eed98fbba2c
--- /dev/null
+++ b/sysutils/polkit/patches/patch-src_polkit_polkitsubject_c
@@ -0,0 +1,67 @@
+$OpenBSD: patch-src_polkit_polkitsubject_c,v 1.1 2011/04/28 13:09:07 ajacoutot Exp $
+
+From 129b6223a19e7fb2753f8cad7957ac5402394076 Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Fri, 01 Apr 2011 16:09:45 +0000
+Subject: Make PolkitUnixProcess also record the uid of the process
+
+--- src/polkit/polkitsubject.c.orig	Sat Feb 26 23:23:53 2011
++++ src/polkit/polkitsubject.c	Wed Apr 27 19:19:15 2011
+@@ -238,13 +238,18 @@ polkit_subject_from_string  (const gchar   *str,
+     {
+       gint scanned_pid;
+       guint64 scanned_starttime;
+-      if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2)
++      gint scanned_uid;
++      if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT ":%d", &scanned_pid, &scanned_starttime, &scanned_uid) == 3)
+         {
++          subject = polkit_unix_process_new_for_owner (scanned_pid, scanned_starttime, scanned_uid);
++        }
++      else if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2)
++        {
+           subject = polkit_unix_process_new_full (scanned_pid, scanned_starttime);
+         }
+       else if (sscanf (str, "unix-process:%d", &scanned_pid) == 1)
+         {
+-          subject = polkit_unix_process_new_full (scanned_pid, 0);
++          subject = polkit_unix_process_new (scanned_pid);
+           if (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) == 0)
+             {
+               g_object_unref (subject);
+@@ -297,6 +302,8 @@ polkit_subject_to_gvariant (PolkitSubject *subject)
+                              g_variant_new_uint32 (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject))));
+       g_variant_builder_add (&builder, "{sv}", "start-time",
+                              g_variant_new_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject))));
++      g_variant_builder_add (&builder, "{sv}", "uid",
++                             g_variant_new_int32 (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject))));
+     }
+   else if (POLKIT_IS_UNIX_SESSION (subject))
+     {
+@@ -395,6 +402,7 @@ polkit_subject_new_for_gvariant (GVariant  *variant,
+       GVariant *v;
+       guint32 pid;
+       guint64 start_time;
++      gint32 uid;
+ 
+       v = lookup_asv (details_gvariant, "pid", G_VARIANT_TYPE_UINT32, error);
+       if (v == NULL)
+@@ -414,7 +422,18 @@ polkit_subject_new_for_gvariant (GVariant  *variant,
+       start_time = g_variant_get_uint64 (v);
+       g_variant_unref (v);
+ 
+-      ret = polkit_unix_process_new_full (pid, start_time);
++      v = lookup_asv (details_gvariant, "uid", G_VARIANT_TYPE_INT32, error);
++      if (v != NULL)
++        {
++          uid = g_variant_get_int32 (v);
++          g_variant_unref (v);
++        }
++      else
++        {
++          uid = -1;
++        }
++
++      ret = polkit_unix_process_new_for_owner (pid, start_time, uid);
+     }
+   else if (g_strcmp0 (kind, "unix-session") == 0)
+     {
diff --git a/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_c b/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_c
index df8930b45db..01f7da3dd22 100644
--- a/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_c
+++ b/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_c
@@ -1,73 +1,405 @@
-$OpenBSD: patch-src_polkit_polkitunixprocess_c,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkit/polkitunixprocess.c.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkit/polkitunixprocess.c	Thu Jul  1 09:19:56 2010
-@@ -24,8 +24,13 @@
+$OpenBSD: patch-src_polkit_polkitunixprocess_c,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
+
+From 129b6223a19e7fb2753f8cad7957ac5402394076 Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Fri, 01 Apr 2011 16:09:45 +0000
+Subject: Make PolkitUnixProcess also record the uid of the process
+
+From dd848a42a64a3b22a0cc60f6657b56ce9b6010ae Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Thu, 31 Mar 2011 16:59:09 +0000
+Subject: PolkitUnixProcess: Clarify that the real uid is returned, not the effective one
+
+--- src/polkit/polkitunixprocess.c.orig	Sat Feb 26 23:23:53 2011
++++ src/polkit/polkitunixprocess.c	Wed Apr 27 19:37:21 2011
+@@ -24,16 +24,21 @@
  #endif
  
  #include 
 -#ifndef HAVE_FREEBSD
-+#if !defined(HAVE_FREEBSD) && !defined(__OpenBSD__)
- #include 
-+#elif defined(__OpenBSD__)
+-#include 
+-#else
++#ifdef HAVE_FREEBSD
+ #include 
+ #include 
+ #include 
+ #endif
++#ifdef __OpenBSD__
 +#include 
 +#include 
 +#include 
 +#include 
- #else
- #include 
- #include 
-@@ -86,6 +91,10 @@ static guint64 get_start_time_for_pid (gint    pid,
++#endif
+ #include 
+ #include 
+ #include 
++#include 
+ 
+ #include "polkitunixprocess.h"
+ #include "polkitsubject.h"
+@@ -63,6 +68,7 @@ struct _PolkitUnixProcess
+ 
+   gint pid;
+   guint64 start_time;
++  gint uid;
+ };
+ 
+ struct _PolkitUnixProcessClass
+@@ -75,6 +81,7 @@ enum
+   PROP_0,
+   PROP_PID,
+   PROP_START_TIME,
++  PROP_UID
+ };
+ 
+ static void subject_iface_init (PolkitSubjectIface *subject_iface);
+@@ -82,7 +89,10 @@ static void subject_iface_init (PolkitSubjectIface *su
+ static guint64 get_start_time_for_pid (gint    pid,
+                                        GError **error);
+ 
+-#ifdef HAVE_FREEBSD
++static gint _polkit_unix_process_get_owner (PolkitUnixProcess  *process,
++                                            GError            **error);
++
++#if defined(HAVE_FREEBSD) || defined(__OpenBSD__)
  static gboolean get_kinfo_proc (gint pid, struct kinfo_proc *p);
  #endif
  
-+#ifdef __OpenBSD__
-+static gboolean get_kinfo_proc (pid_t pid, struct kinfo_proc2 *p);
-+#endif
-+
- G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_unix_process, G_TYPE_OBJECT,
-                          G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init)
-                          );
-@@ -214,8 +223,10 @@ polkit_unix_process_get_owner (PolkitUnixProcess  *pro
-                                GError            **error)
+@@ -93,6 +103,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_uni
+ static void
+ polkit_unix_process_init (PolkitUnixProcess *unix_process)
  {
-   gint result;
++  unix_process->uid = -1;
+ }
+ 
+ static void
+@@ -109,6 +120,10 @@ polkit_unix_process_get_property (GObject    *object,
+       g_value_set_int (value, unix_process->pid);
+       break;
+ 
++    case PROP_UID:
++      g_value_set_int (value, unix_process->uid);
++      break;
++
+     case PROP_START_TIME:
+       g_value_set_uint64 (value, unix_process->start_time);
+       break;
+@@ -133,6 +148,14 @@ polkit_unix_process_set_property (GObject      *object
+       polkit_unix_process_set_pid (unix_process, g_value_get_int (value));
+       break;
+ 
++    case PROP_UID:
++      polkit_unix_process_set_uid (unix_process, g_value_get_int (value));
++      break;
++
++    case PROP_START_TIME:
++      polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value));
++      break;
++
+     default:
+       G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
+       break;
+@@ -140,12 +163,39 @@ polkit_unix_process_set_property (GObject      *object
+ }
+ 
+ static void
++polkit_unix_process_constructed (GObject *object)
++{
++  PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (object);
++
++  /* sets start_time and uid in case they are unset */
++
++  if (process->start_time == 0)
++    process->start_time = get_start_time_for_pid (process->pid, NULL);
++
++  if (process->uid == -1)
++    {
++      GError *error;
++      error = NULL;
++      process->uid = _polkit_unix_process_get_owner (process, &error);
++      if (error != NULL)
++        {
++          process->uid = -1;
++          g_error_free (error);
++        }
++    }
++
++  if (G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed != NULL)
++    G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed (object);
++}
++
++static void
+ polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
+ {
+   GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
+ 
+   gobject_class->get_property = polkit_unix_process_get_property;
+   gobject_class->set_property = polkit_unix_process_set_property;
++  gobject_class->constructed =  polkit_unix_process_constructed;
+ 
+   /**
+    * PolkitUnixProcess:pid:
+@@ -157,7 +207,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass
+                                    g_param_spec_int ("pid",
+                                                      "Process ID",
+                                                      "The UNIX process ID",
+-                                                     -1,
++                                                     0,
+                                                      G_MAXINT,
+                                                      0,
+                                                      G_PARAM_CONSTRUCT |
+@@ -167,6 +217,27 @@ polkit_unix_process_class_init (PolkitUnixProcessClass
+                                                      G_PARAM_STATIC_NICK));
+ 
+   /**
++   * PolkitUnixProcess:uid:
++   *
++   * The UNIX user id of the process or -1 if unknown.
++   *
++   * Note that this is the real user-id, not the effective user-id.
++   */
++  g_object_class_install_property (gobject_class,
++                                   PROP_UID,
++                                   g_param_spec_int ("uid",
++                                                     "User ID",
++                                                     "The UNIX user ID",
++                                                     -1,
++                                                     G_MAXINT,
++                                                     -1,
++                                                     G_PARAM_CONSTRUCT |
++                                                     G_PARAM_READWRITE |
++                                                     G_PARAM_STATIC_NAME |
++                                                     G_PARAM_STATIC_BLURB |
++                                                     G_PARAM_STATIC_NICK));
++
++  /**
+    * PolkitUnixProcess:start-time:
+    *
+    * The start time of the process.
+@@ -179,7 +250,8 @@ polkit_unix_process_class_init (PolkitUnixProcessClass
+                                                         0,
+                                                         G_MAXUINT64,
+                                                         0,
+-                                                        G_PARAM_READABLE |
++                                                        G_PARAM_CONSTRUCT |
++                                                        G_PARAM_READWRITE |
+                                                         G_PARAM_STATIC_NAME |
+                                                         G_PARAM_STATIC_BLURB |
+                                                         G_PARAM_STATIC_NICK));
+@@ -187,78 +259,50 @@ polkit_unix_process_class_init (PolkitUnixProcessClass
+ }
+ 
+ /**
+- * polkit_unix_process_get_pid:
++ * polkit_unix_process_get_uid:
+  * @process: A #PolkitUnixProcess.
+  *
+- * Gets the process id for @process.
++ * Gets the user id for @process. Note that this is the real user-id,
++ * not the effective user-id.
+  *
+- * Returns: The process id for @process.
++ * Returns: The user id for @process or -1 if unknown.
+  */
+ gint
+-polkit_unix_process_get_pid (PolkitUnixProcess *process)
++polkit_unix_process_get_uid (PolkitUnixProcess *process)
+ {
+-  g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
+-  return process->pid;
++  g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), -1);
++  return process->uid;
+ }
+ 
+ /**
+- * polkit_unix_process_get_owner:
++ * polkit_unix_process_set_uid:
+  * @process: A #PolkitUnixProcess.
+- * @error: (allow-none): Return location for error or %NULL.
++ * @uid: The user id to set for @process or -1 to unset it.
+  *
+- * Gets the uid of the owner of @process.
++ * Sets the (real, not effective) user id for @process.
++ */
++void
++polkit_unix_process_set_uid (PolkitUnixProcess *process,
++                             gint               uid)
++{
++  g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
++  g_return_if_fail (uid >= -1);
++  process->uid = uid;
++}
++
++/**
++ * polkit_unix_process_get_pid:
++ * @process: A #PolkitUnixProcess.
+  *
+- * Returns: The UNIX user id of the owner for @process or 0 if @error is set.
+- **/
++ * Gets the process id for @process.
++ *
++ * Returns: The process id for @process.
++ */
+ gint
+-polkit_unix_process_get_owner (PolkitUnixProcess  *process,
+-                               GError            **error)
++polkit_unix_process_get_pid (PolkitUnixProcess *process)
+ {
+-  gint result;
 -#ifdef HAVE_FREEBSD
-+#if defined(HAVE_FREEBSD)
-   struct kinfo_proc p;
-+#elif defined(__OpenBSD__)
-+  struct kinfo_proc2 p;
- #else
-   struct stat statbuf;
-   char procbuf[32];
-@@ -223,7 +234,7 @@ polkit_unix_process_get_owner (PolkitUnixProcess  *pro
- 
-   result = 0;
- 
+-  struct kinfo_proc p;
+-#else
+-  struct stat statbuf;
+-  char procbuf[32];
+-#endif
+-
+   g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
+-  g_return_val_if_fail (error == NULL || *error == NULL, 0);
+-
+-  result = 0;
+-
 -#ifdef HAVE_FREEBSD
-+#if defined(HAVE_FREEBSD) || defined(__OpenBSD__)
-   if (get_kinfo_proc (process->pid, &p) == 0)
-     {
-       g_set_error (error,
-@@ -235,8 +246,12 @@ polkit_unix_process_get_owner (PolkitUnixProcess  *pro
-       goto out;
-     }
+-  if (get_kinfo_proc (process->pid, &p) == 0)
+-    {
+-      g_set_error (error,
+-                   POLKIT_ERROR,
+-                   POLKIT_ERROR_FAILED,
+-                   "get_kinfo_proc() failed for pid %d: %s",
+-                   process->pid,
+-                   g_strerror (errno));
+-      goto out;
+-    }
+-
+-  result = p.ki_uid;
+-#else
+-  g_snprintf (procbuf, sizeof procbuf, "/proc/%d", process->pid);
+-  if (stat (procbuf, &statbuf) != 0)
+-    {
+-      g_set_error (error,
+-                   POLKIT_ERROR,
+-                   POLKIT_ERROR_FAILED,
+-                   "stat() failed for /proc/%d: %s",
+-                   process->pid,
+-                   g_strerror (errno));
+-      goto out;
+-    }
+-
+-  result = statbuf.st_uid;
+-#endif
+-
+- out:
+-
+-  return result;
++  return process->pid;
+ }
  
-+#if defined(HAVE_FREEBSD)
-   result = p.ki_uid;
- #else
-+  result = p.p_uid;
-+#endif
-+#else
-   g_snprintf (procbuf, sizeof procbuf, "/proc/%d", process->pid);
-   if (stat (procbuf, &statbuf) != 0)
-     {
-@@ -476,12 +491,38 @@ get_kinfo_proc (pid_t pid, struct kinfo_proc *p)
+ /**
+@@ -277,6 +321,21 @@ polkit_unix_process_get_start_time (PolkitUnixProcess 
+ }
+ 
+ /**
++ * polkit_unix_process_set_start_time:
++ * @process: A #PolkitUnixProcess.
++ * @start_time: The start time for @pid.
++ *
++ * Set the start time of @process.
++ */
++void
++polkit_unix_process_set_start_time (PolkitUnixProcess *process,
++                                    guint64            start_time)
++{
++  g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
++  process->start_time = start_time;
++}
++
++/**
+  * polkit_unix_process_set_pid:
+  * @process: A #PolkitUnixProcess.
+  * @pid: A process id.
+@@ -289,19 +348,18 @@ polkit_unix_process_set_pid (PolkitUnixProcess *proces
+ {
+   g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
+   process->pid = pid;
+-  if (pid != (gint) -1)
+-    process->start_time = get_start_time_for_pid (pid, NULL);
+ }
+ 
+ /**
+  * polkit_unix_process_new:
+  * @pid: The process id.
+  *
+- * Creates a new #PolkitUnixProcess for @pid. The start time of the
+- * process will be looked up in using e.g. the
+- * /proc filesystem depending on the platform in
+- * use.
++ * Creates a new #PolkitUnixProcess for @pid.
+  *
++ * The uid and start time of the process will be looked up in using
++ * e.g. the /proc filesystem depending on the
++ * platform in use.
++ *
+  * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref().
+  */
+ PolkitSubject *
+@@ -319,22 +377,42 @@ polkit_unix_process_new (gint pid)
+  *
+  * Creates a new #PolkitUnixProcess object for @pid and @start_time.
+  *
++ * The uid of the process will be looked up in using e.g. the
++ * /proc filesystem depending on the platform in
++ * use.
++ *
+  * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref().
+  */
+ PolkitSubject *
+ polkit_unix_process_new_full (gint pid,
+                               guint64 start_time)
+ {
+-  PolkitUnixProcess *process;
++  return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS,
++                                       "pid", pid,
++                                       "start_time", start_time,
++                                       NULL));
++}
+ 
+-  process = POLKIT_UNIX_PROCESS (polkit_unix_process_new ((gint) -1));
+-  process->pid = pid;
+-  if (start_time != 0)
+-    process->start_time = start_time;
+-  else
+-    process->start_time = get_start_time_for_pid (pid, NULL);
+-
+-  return POLKIT_SUBJECT (process);
++/**
++ * polkit_unix_process_new_for_owner:
++ * @pid: The process id.
++ * @start_time: The start time for @pid or 0 to look it up in e.g. /proc.
++ * @uid: The (real, not effective) uid of the owner of @pid or -1 to look it up in e.g. /proc.
++ *
++ * Creates a new #PolkitUnixProcess object for @pid, @start_time and @uid.
++ *
++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref().
++ */
++PolkitSubject *
++polkit_unix_process_new_for_owner (gint    pid,
++                                   guint64 start_time,
++                                   gint    uid)
++{
++  return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS,
++                                       "pid", pid,
++                                       "start_time", start_time,
++                                       "uid", uid,
++                                       NULL));
+ }
+ 
+ static guint
+@@ -482,12 +560,38 @@ get_kinfo_proc (pid_t pid, struct kinfo_proc *p)
  }
  #endif
  
 +#ifdef __OpenBSD__
 +get_kinfo_proc (pid_t pid,
-+		struct kinfo_proc2 *p)
++		struct kinfo_proc *p)
 +{
 +	int name[6];
 +	u_int namelen;
@@ -76,14 +408,14 @@ $OpenBSD: patch-src_polkit_polkitunixprocess_c,v 1.1.1.1 2010/07/01 07:46:21 aja
 +	sz = sizeof(*p);
 +	namelen = 0;
 +	name[namelen++] = CTL_KERN;
-+	name[namelen++] = KERN_PROC2;
++	name[namelen++] = KERN_PROC;
 +	name[namelen++] = KERN_PROC_PID;
 +	name[namelen++] = pid;
 +	name[namelen++] = sz;
 +	name[namelen++] = 1;
 +
 +	if (sysctl (name, namelen, p, &sz, NULL, 0) == -1) {
-+		perror("sysctl kern.proc2.pid");
++		perror("sysctl kern.proc.pid");
 +		return FALSE;
 +	}
 +
@@ -101,19 +433,7 @@ $OpenBSD: patch-src_polkit_polkitunixprocess_c,v 1.1.1.1 2010/07/01 07:46:21 aja
    gchar *filename;
    gchar *contents;
    size_t length;
-@@ -554,7 +595,11 @@ get_start_time_for_pid (pid_t    pid,
-   g_free (filename);
-   g_free (contents);
- #else
-+#if defined(HAVE_FREEBSD)
-   struct kinfo_proc p;
-+#else
-+  struct kinfo_proc2 p;
-+#endif
- 
-   start_time = 0;
- 
-@@ -569,7 +614,11 @@ get_start_time_for_pid (pid_t    pid,
+@@ -575,10 +679,110 @@ get_start_time_for_pid (pid_t    pid,
        goto out;
      }
  
@@ -125,3 +445,102 @@ $OpenBSD: patch-src_polkit_polkitunixprocess_c,v 1.1.1.1 2010/07/01 07:46:21 aja
  
  out:
  #endif
+ 
+   return start_time;
++}
++
++static gint
++_polkit_unix_process_get_owner (PolkitUnixProcess  *process,
++                                GError            **error)
++{
++  gint result;
++  gchar *contents;
++  gchar **lines;
++#if defined(HAVE_FREEBSD) || defined(__OpenBSD__)
++  struct kinfo_proc p;
++#else
++  gchar filename[64];
++  guint n;
++#endif
++
++  g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
++  g_return_val_if_fail (error == NULL || *error == NULL, 0);
++
++  result = 0;
++  lines = NULL;
++  contents = NULL;
++
++#if defined(HAVE_FREEBSD) || defined(__OpenBSD__)
++  if (get_kinfo_proc (process->pid, &p) == 0)
++    {
++      g_set_error (error,
++                   POLKIT_ERROR,
++                   POLKIT_ERROR_FAILED,
++                   "get_kinfo_proc() failed for pid %d: %s",
++                   process->pid,
++                   g_strerror (errno));
++      goto out;
++    }
++
++#if defined(HAVE_FREEBSD)
++  result = p.ki_uid;
++#else
++  result = p.p_uid;
++#endif
++#else
++
++  /* see 'man proc' for layout of the status file
++   *
++   * Uid, Gid: Real, effective, saved set,  and  file  system  UIDs (GIDs).
++   */
++  g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid);
++  if (!g_file_get_contents (filename,
++                            &contents,
++                            NULL,
++                            error))
++    {
++      goto out;
++    }
++  lines = g_strsplit (contents, "\n", -1);
++  for (n = 0; lines != NULL && lines[n] != NULL; n++)
++    {
++      gint real_uid, effective_uid;
++      if (!g_str_has_prefix (lines[n], "Uid:"))
++        continue;
++      if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2)
++        {
++          g_set_error (error,
++                       POLKIT_ERROR,
++                       POLKIT_ERROR_FAILED,
++                       "Unexpected line `%s' in file %s",
++                       lines[n],
++                       filename);
++          goto out;
++        }
++      else
++        {
++          result = real_uid;
++          goto out;
++        }
++    }
++
++  g_set_error (error,
++               POLKIT_ERROR,
++               POLKIT_ERROR_FAILED,
++               "Didn't find any line starting with `Uid:' in file %s",
++               filename);
++#endif
++
++out:
++  g_strfreev (lines);
++  g_free (contents);
++  return result;
++}
++
++/* deprecated public method */
++gint
++polkit_unix_process_get_owner (PolkitUnixProcess  *process,
++                               GError            **error)
++{
++  return _polkit_unix_process_get_owner (process, error);
+ }
diff --git a/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_h b/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_h
new file mode 100644
index 00000000000..0ca1f99be77
--- /dev/null
+++ b/sysutils/polkit/patches/patch-src_polkit_polkitunixprocess_h
@@ -0,0 +1,39 @@
+$OpenBSD: patch-src_polkit_polkitunixprocess_h,v 1.1 2011/04/28 13:09:07 ajacoutot Exp $
+
+From 129b6223a19e7fb2753f8cad7957ac5402394076 Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Fri, 01 Apr 2011 16:09:45 +0000
+Subject: Make PolkitUnixProcess also record the uid of the process
+
+--- src/polkit/polkitunixprocess.h.orig	Sat Feb 26 23:23:53 2011
++++ src/polkit/polkitunixprocess.h	Wed Apr 27 19:19:15 2011
+@@ -47,16 +47,24 @@ typedef struct _PolkitUnixProcess PolkitUnixProcess;
+ typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass;
+ 
+ GType           polkit_unix_process_get_type       (void) G_GNUC_CONST;
+-PolkitSubject  *polkit_unix_process_new            (gint pid);
+-PolkitSubject  *polkit_unix_process_new_full       (gint pid,
+-                                                    guint64 start_time);
+-
++PolkitSubject  *polkit_unix_process_new            (gint               pid);
++PolkitSubject  *polkit_unix_process_new_full       (gint               pid,
++                                                    guint64            start_time);
++PolkitSubject  *polkit_unix_process_new_for_owner  (gint               pid,
++                                                    guint64            start_time,
++                                                    gint               uid);
+ gint            polkit_unix_process_get_pid        (PolkitUnixProcess *process);
+ guint64         polkit_unix_process_get_start_time (PolkitUnixProcess *process);
++gint            polkit_unix_process_get_uid        (PolkitUnixProcess *process);
+ void            polkit_unix_process_set_pid        (PolkitUnixProcess *process,
+                                                     gint               pid);
++void            polkit_unix_process_set_uid        (PolkitUnixProcess *process,
++                                                    gint               uid);
++void            polkit_unix_process_set_start_time (PolkitUnixProcess *process,
++                                                    guint64            start_time);
++
+ gint            polkit_unix_process_get_owner      (PolkitUnixProcess  *process,
+-                                                    GError            **error);
++                                                    GError            **error) G_GNUC_DEPRECATED_FOR (polkit_unix_process_get_uid);
+ 
+ G_END_DECLS
+ 
diff --git a/sysutils/polkit/patches/patch-src_polkitagent_Makefile_am b/sysutils/polkit/patches/patch-src_polkitagent_Makefile_am
index 63bf28f44b8..ab5bc8ec62a 100644
--- a/sysutils/polkit/patches/patch-src_polkitagent_Makefile_am
+++ b/sysutils/polkit/patches/patch-src_polkitagent_Makefile_am
@@ -1,24 +1,27 @@
-$OpenBSD: patch-src_polkitagent_Makefile_am,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkitagent/Makefile.am.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkitagent/Makefile.am	Sun Jun 27 17:49:46 2010
-@@ -68,8 +68,18 @@ libpolkit_agent_1_la_LDFLAGS = -export-symbols-regex '
- libexec_PROGRAMS = polkit-agent-helper-1
- 
- polkit_agent_helper_1_SOURCES = 					\
--	polkitagenthelper.c						\
--	$(NULL)
-+	polkitagenthelperprivate.c polkitagenthelperprivate.h		
-+
-+if POLKIT_AUTHFW_PAM
-+polkit_agent_helper_1_SOURCES += polkitagenthelper-pam.c
-+endif
-+if POLKIT_AUTHFW_SHADOW
-+polkit_agent_helper_1_SOURCES += polkitagenthelper-shadow.c
-+endif
+$OpenBSD: patch-src_polkitagent_Makefile_am,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
+
+From c29a6fd701df08e10e384cce65356af9a5a559f3 Mon Sep 17 00:00:00 2001
+From: Benjamin Otte 
+Date: Fri, 11 Mar 2011 13:01:27 +0000
+Subject: introspection: Add --c-include to the gir files
+
+--- src/polkitagent/Makefile.am.orig	Sat Feb 26 23:23:53 2011
++++ src/polkitagent/Makefile.am	Wed Apr 27 19:10:36 2011
+@@ -89,6 +89,9 @@ endif
+ if POLKIT_AUTHFW_SHADOW
+ polkit_agent_helper_1_SOURCES += polkitagenthelper-shadow.c
+ endif
 +if POLKIT_AUTHFW_BSDAUTH
 +polkit_agent_helper_1_SOURCES += polkitagenthelper-bsdauth.c
 +endif
-+polkit_agent_helper_1_SOURCES += $(NULL)
  
  polkit_agent_helper_1_CFLAGS  = 					\
          -D_POLKIT_COMPILATION                                  		\
+@@ -120,6 +123,7 @@ PolkitAgent-1.0.gir: libpolkit-agent-1.la $(INTROSPECT
+ 		--pkg=glib-2.0 					\
+ 		--pkg=gobject-2.0 				\
+ 		--pkg=gio-2.0 					\
++		--c-include='polkitagent/polkitagent.h'		\
+ 		--libtool=$(top_builddir)/libtool		\
+                 -I$(top_srcdir)/src	 			\
+ 	        -D_POLKIT_COMPILATION                   	\
diff --git a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-bsdauth_c b/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-bsdauth_c
index 8768749ad24..f7dd0edd52b 100644
--- a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-bsdauth_c
+++ b/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-bsdauth_c
@@ -1,10 +1,11 @@
-$OpenBSD: patch-src_polkitagent_polkitagenthelper-bsdauth_c,v 1.3 2010/07/16 10:04:10 ajacoutot Exp $
---- src/polkitagent/polkitagenthelper-bsdauth.c.orig	Fri Jul 16 11:22:22 2010
-+++ src/polkitagent/polkitagenthelper-bsdauth.c	Fri Jul 16 11:22:10 2010
-@@ -0,0 +1,204 @@
+$OpenBSD: patch-src_polkitagent_polkitagenthelper-bsdauth_c,v 1.4 2011/04/28 13:09:07 ajacoutot Exp $
+--- src/polkitagent/polkitagenthelper-bsdauth.c.orig	Sat Dec  4 09:39:18 2010
++++ src/polkitagent/polkitagenthelper-bsdauth.c	Sat Dec  4 09:40:52 2010
+@@ -0,0 +1,190 @@
 +/*
 + * Copyright (C) 2008 Red Hat, Inc.
 + * Copyright (C) 2009-2010 Andrew Psaltis 
++ * Copyright (C) 2010 Antoine Jacoutot 
 + *
 + * This library is free software; you can redistribute it and/or
 + * modify it under the terms of the GNU Lesser General Public
@@ -27,6 +28,8 @@ $OpenBSD: patch-src_polkitagent_polkitagenthelper-bsdauth_c,v 1.3 2010/07/16 10:
 + */
 +
 +#include "config.h"
++#include "polkitagenthelperprivate.h"
++
 +#include 
 +#include 
 +#include 
@@ -40,34 +43,20 @@ $OpenBSD: patch-src_polkitagent_polkitagenthelper-bsdauth_c,v 1.3 2010/07/16 10:
 +#include 
 +
 +#include 
-+#include "polkitagenthelperprivate.h"
 +
-+
-+static int bsdauth_authenticate(const char *user_to_auth);
-+
-+#ifndef HAVE_CLEARENV
-+extern char **environ;
-+
-+static int
-+clearenv (void)
-+{
-+	if (environ != NULL)
-+		environ[0] = NULL;
-+	return 0;
-+}
-+#endif
++static gboolean bsdauth_authenticate (const char *user_to_auth);
 +
 +int
 +main (int argc, char *argv[])
 +{
-+  struct passwd *shadow;
++  struct passwd *pw;
 +  const char *user_to_auth;
 +  const char *cookie;
 +//  time_t tm;
 +
 +  /* clear the entire environment to avoid attacks with
 +     libraries honoring environment variables */
-+  if (clearenv () != 0)
++  if (_polkit_clearenv () != 0)
 +    goto error;
 +
 +  /* set a minimal environment */
@@ -108,54 +97,50 @@ $OpenBSD: patch-src_polkitagent_polkitagenthelper-bsdauth_c,v 1.3 2010/07/16 10:
 +  fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth);
 +#endif /* PAH_DEBUG */
 +
-+  /* Ask shadow about the user requesting authentication */
-+  if ((shadow = getpwnam (user_to_auth)) == NULL)
++  /* Search the password database for the user requesting authentication */
++  if ((pw = getpwnam (user_to_auth)) == NULL)
 +    {
 +      syslog (LOG_NOTICE, "password database information request for user %s [uid=%d] failed", user_to_auth, getuid());
-+      fprintf(stderr, "polkit-agent-helper-1: could not get shadow information for%.100s", user_to_auth);
++      fprintf(stderr, "polkit-agent-helper-1: could not get user information for '%s'", user_to_auth);
 +      goto error;
 +    }
-+  
++
 +  /* Check the user's identity */
-+  if(!bsdauth_authenticate (user_to_auth))
++  if (!bsdauth_authenticate (user_to_auth))
 +    {
 +      syslog (LOG_NOTICE, "authentication failure [uid=%d] trying to authenticate '%s'", getuid (), user_to_auth);
 +      fprintf (stderr, "polkit-agent-helper-1: authentication failure. This incident has been logged.\n");
 +      goto error;
 +    }
 +
++#if 0
 +  /* Check whether the user's password has expired */
-+/*
-+  time(&tm);
-+  if( shadow->sp_max >= 0 && (shadow->sp_lstchg + shadow->sp_max) * 60 * 60 * 24 <= tm)
++  now = time (NULL);
++  if (shadow->sp_max >= 0 && (shadow->sp_lstchg + shadow->sp_max) * 60 * 60 * 24 <= now)
 +    {
-+      syslog (LOG_NOTICE, "password expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () );
++      syslog (LOG_NOTICE, "password expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid ());
 +      fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n");
 +      goto error;
 +    }
-+*/
 +
 +  /* Check whether the user's password has aged (and account expired along
 +   * with it)
 +   */
-+/*
-+  if( shadow->sp_inact >= 0 && (shadow->sp_lstchg + shadow->sp_max + shadow->sp_inact) * 60 * 60 * 24           <= tm) 
++  if (shadow->sp_inact >= 0 && (shadow->sp_lstchg + shadow->sp_max + shadow->sp_inact) * 60 * 60 * 24 <= now)
 +    {
-+      syslog (LOG_NOTICE, "password aged for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () );
++      syslog (LOG_NOTICE, "password aged for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid ());
 +      fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n");
 +      goto error;
 +    }
-+*/
 +
 +  /* Check whether the user's account has expired */
-+/*
-+  if(shadow->sp_expire >= 0 && shadow->sp_expire * 60 * 60 * 24 <= tm) 
++  if (shadow->sp_expire >= 0 && shadow->sp_expire * 60 * 60 * 24 <= now)
 +    {
-+      syslog (LOG_NOTICE, "account expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () );
++      syslog (LOG_NOTICE, "account expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid ());
 +      fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n");
 +      goto error;
 +    }
-+*/
++#endif
 +
 +#ifdef PAH_DEBUG
 +  fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n");
@@ -177,29 +162,30 @@ $OpenBSD: patch-src_polkitagent_polkitagenthelper-bsdauth_c,v 1.3 2010/07/16 10:
 +#endif /* PAH_DEBUG */
 +
 +  fprintf (stdout, "SUCCESS\n");
-+  flush_and_wait();
++  flush_and_wait ();
 +  return 0;
 +
 +error:
 +  fprintf (stdout, "FAILURE\n");
-+  flush_and_wait();
++  flush_and_wait ();
 +  return 1;
 +}
 +
-+static int
-+bsdauth_authenticate(const char *user_to_auth)
++static gboolean
++bsdauth_authenticate (const char *user_to_auth)
 +{
-+  /* Speak PAM to the daemon, thanks to David Zeuthen for the idea. */
 +  char passwd[512];
-+  fprintf(stdout, "PAM_PROMPT_ECHO_OFF password:\n");
-+  flush_and_wait();
++
++  fprintf (stdout, "PAM_PROMPT_ECHO_OFF password:\n");
++  fflush (stdout);
++  usleep (10 * 1000); /* since fflush(3) seems buggy */
 +
 +  if (fgets (passwd, sizeof (passwd), stdin) == NULL)
 +    goto error;
 +
 +  if (strlen (passwd) > 0 && passwd[strlen (passwd) - 1] == '\n')
 +    passwd[strlen (passwd) - 1] = '\0';
-+  
++
 +  if (auth_userokay((char *)user_to_auth, NULL, "auth-polkit", passwd) == 0)
 +    goto error;
 +  return 1;
diff --git a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-pam_c b/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-pam_c
deleted file mode 100644
index 776ddb95084..00000000000
--- a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelper-pam_c
+++ /dev/null
@@ -1,268 +0,0 @@
-$OpenBSD: patch-src_polkitagent_polkitagenthelper-pam_c,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkitagent/polkitagenthelper-pam.c.orig	Sun Jun 27 17:34:45 2010
-+++ src/polkitagent/polkitagenthelper-pam.c	Sun Jun 27 17:34:45 2010
-@@ -0,0 +1,264 @@
-+/*
-+ * Copyright (C) 2008, 2010 Red Hat, Inc.
-+ *
-+ * This library is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public
-+ * License as published by the Free Software Foundation; either
-+ * version 2 of the License, or (at your option) any later version.
-+ *
-+ * This library is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General
-+ * Public License along with this library; if not, write to the
-+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
-+ * Boston, MA 02111-1307, USA.
-+ *
-+ * Author: David Zeuthen 
-+ */
-+
-+#include "config.h"
-+#include 
-+#include 
-+#include 
-+#include 
-+#include 
-+#include 
-+#include 
-+#include 
-+
-+#include 
-+#include "polkitagenthelperprivate.h"
-+
-+static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data);
-+
-+int
-+main (int argc, char *argv[])
-+{
-+  int rc;
-+  const char *user_to_auth;
-+  const char *cookie;
-+  struct pam_conv pam_conversation;
-+  pam_handle_t *pam_h;
-+  const void *authed_user;
-+
-+  rc = 0;
-+  pam_h = NULL;
-+
-+  /* clear the entire environment to avoid attacks using with libraries honoring environment variables */
-+  if (clearenv () != 0)
-+    goto error;
-+
-+  /* set a minimal environment */
-+  setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1);
-+
-+  /* check that we are setuid root */
-+  if (geteuid () != 0)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n");
-+      goto error;
-+    }
-+
-+  openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
-+
-+  /* check for correct invocation */
-+  if (argc != 3)
-+    {
-+      syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ());
-+      fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n");
-+      goto error;
-+    }
-+
-+  user_to_auth = argv[1];
-+  cookie = argv[2];
-+
-+  if (getuid () != 0)
-+    {
-+      /* check we're running with a non-tty stdin */
-+      if (isatty (STDIN_FILENO) != 0)
-+        {
-+          syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ());
-+          fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n");
-+          goto error;
-+        }
-+    }
-+
-+#ifdef PAH_DEBUG
-+  fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth);
-+#endif /* PAH_DEBUG */
-+
-+  pam_conversation.conv        = conversation_function;
-+  pam_conversation.appdata_ptr = NULL;
-+
-+  /* start the pam stack */
-+  rc = pam_start ("polkit-1",
-+                  user_to_auth,
-+                  &pam_conversation,
-+                  &pam_h);
-+  if (rc != PAM_SUCCESS)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: pam_start failed: %s\n", pam_strerror (pam_h, rc));
-+      goto error;
-+    }
-+
-+  /* set the requesting user */
-+  rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth);
-+  if (rc != PAM_SUCCESS)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: pam_set_item failed: %s\n", pam_strerror (pam_h, rc));
-+      goto error;
-+    }
-+
-+  /* is user really user? */
-+  rc = pam_authenticate (pam_h, 0);
-+  if (rc != PAM_SUCCESS)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc));
-+      goto error;
-+    }
-+
-+  /* permitted access? */
-+  rc = pam_acct_mgmt (pam_h, 0);
-+  if (rc != PAM_SUCCESS)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc));
-+      goto error;
-+    }
-+
-+  /* did we auth the right user? */
-+  rc = pam_get_item (pam_h, PAM_USER, &authed_user);
-+  if (rc != PAM_SUCCESS)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: pam_get_item failed: %s\n", pam_strerror (pam_h, rc));
-+      goto error;
-+    }
-+
-+  if (strcmp (authed_user, user_to_auth) != 0)
-+    {
-+      fprintf (stderr, "polkit-agent-helper-1: Tried to auth user '%s' but we got auth for user '%s' instead",
-+               user_to_auth, (const char *) authed_user);
-+      goto error;
-+    }
-+
-+#ifdef PAH_DEBUG
-+  fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth);
-+#endif /* PAH_DEBUG */
-+
-+  pam_end (pam_h, rc);
-+  pam_h = NULL;
-+
-+#ifdef PAH_DEBUG
-+  fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n");
-+#endif /* PAH_DEBUG */
-+
-+  /* now send a D-Bus message to the PolicyKit daemon that
-+   * includes a) the cookie; and b) the user we authenticated
-+   */
-+  if (!send_dbus_message (cookie, user_to_auth))
-+    {
-+#ifdef PAH_DEBUG
-+      fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n");
-+#endif /* PAH_DEBUG */
-+      goto error;
-+    }
-+
-+#ifdef PAH_DEBUG
-+  fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n");
-+#endif /* PAH_DEBUG */
-+
-+  fprintf (stdout, "SUCCESS\n");
-+  flush_and_wait();
-+  return 0;
-+
-+error:
-+  if (pam_h != NULL)
-+    pam_end (pam_h, rc);
-+
-+  fprintf (stdout, "FAILURE\n");
-+  flush_and_wait();
-+  return 1;
-+}
-+
-+static int
-+conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data)
-+{
-+  struct pam_response *aresp;
-+  char buf[PAM_MAX_RESP_SIZE];
-+  int i;
-+
-+  data = data;
-+  if (n <= 0 || n > PAM_MAX_NUM_MSG)
-+    return PAM_CONV_ERR;
-+
-+  if ((aresp = calloc(n, sizeof *aresp)) == NULL)
-+    return PAM_BUF_ERR;
-+
-+  for (i = 0; i < n; ++i)
-+    {
-+      aresp[i].resp_retcode = 0;
-+      aresp[i].resp = NULL;
-+      switch (msg[i]->msg_style)
-+        {
-+
-+        case PAM_PROMPT_ECHO_OFF:
-+          fprintf (stdout, "PAM_PROMPT_ECHO_OFF ");
-+          goto conv1;
-+
-+        case PAM_PROMPT_ECHO_ON:
-+          fprintf (stdout, "PAM_PROMPT_ECHO_ON ");
-+        conv1:
-+          fputs (msg[i]->msg, stdout);
-+          if (strlen (msg[i]->msg) > 0 && msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n')
-+            fputc ('\n', stdout);
-+          fflush (stdout);
-+
-+          if (fgets (buf, sizeof buf, stdin) == NULL)
-+            goto error;
-+
-+          if (strlen (buf) > 0 &&
-+              buf[strlen (buf) - 1] == '\n')
-+            buf[strlen (buf) - 1] = '\0';
-+
-+          aresp[i].resp = strdup (buf);
-+          if (aresp[i].resp == NULL)
-+            goto error;
-+          break;
-+
-+        case PAM_ERROR_MSG:
-+          fprintf (stdout, "PAM_ERROR_MSG ");
-+          goto conv2;
-+
-+        case PAM_TEXT_INFO:
-+          fprintf (stdout, "PAM_TEXT_INFO ");
-+        conv2:
-+          fputs (msg[i]->msg, stdout);
-+          if (strlen (msg[i]->msg) > 0 &&
-+              msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n')
-+            fputc ('\n', stdout);
-+          fflush (stdout);
-+          break;
-+
-+        default:
-+          goto error;
-+        }
-+    }
-+
-+  *resp = aresp;
-+  return PAM_SUCCESS;
-+
-+error:
-+
-+  for (i = 0; i < n; ++i)
-+    {
-+      if (aresp[i].resp != NULL) {
-+        memset (aresp[i].resp, 0, strlen(aresp[i].resp));
-+        free (aresp[i].resp);
-+      }
-+    }
-+  memset (aresp, 0, n * sizeof *aresp);
-+  *resp = NULL;
-+  return PAM_CONV_ERR;
-+}
-+
diff --git a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_c b/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_c
index 55f269e7ce1..827b8b5beeb 100644
--- a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_c
+++ b/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_c
@@ -1,101 +1,13 @@
-$OpenBSD: patch-src_polkitagent_polkitagenthelperprivate_c,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkitagent/polkitagenthelperprivate.c.orig	Sun Jun 27 17:34:45 2010
-+++ src/polkitagent/polkitagenthelperprivate.c	Sun Jun 27 17:34:45 2010
-@@ -0,0 +1,97 @@
-+/*
-+ * Copyright (C) 2009-2010 Red Hat, Inc.
-+ *
-+ * This library is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public
-+ * License as published by the Free Software Foundation; either
-+ * version 2 of the License, or (at your option) any later version.
-+ *
-+ * This library is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General
-+ * Public License along with this library; if not, write to the
-+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
-+ * Boston, MA 02110-1301, USA.
-+ *
-+ * Authors: David Zeuthen ,
-+ *          Andrew Psaltis 
-+ */
-+
-+#include "polkitagenthelperprivate.h"
-+#include 
-+
-+#ifndef HAVE_CLEARENV
-+extern char **environ;
-+
-+static int
-+clearenv (void)
-+{
-+	if (environ != NULL)
-+		environ[0] = NULL;
-+	return 0;
-+}
-+#endif
-+
-+
-+gboolean
-+send_dbus_message (const char *cookie, const char *user)
-+{
-+  PolkitAuthority *authority;
-+  PolkitIdentity *identity;
-+  GError *error;
-+  gboolean ret;
-+
-+  ret = FALSE;
-+
-+  error = NULL;
-+
-+  g_type_init ();
-+
-+  authority = polkit_authority_get ();
-+
-+  identity = polkit_unix_user_new_for_name (user, &error);
-+  if (identity == NULL)
-+    {
-+      g_printerr ("Error constructing identity: %s\n", error->message);
-+      g_error_free (error);
-+      goto out;
-+    }
-+
-+  if (!polkit_authority_authentication_agent_response_sync (authority,
-+                                                            cookie,
-+                                                            identity,
-+                                                            NULL,
-+                                                            &error))
-+    {
-+      g_printerr ("polkit-agent-helper-1: error response to PolicyKit daemon: %s\n", error->message);
-+      g_error_free (error);
-+      goto out;
-+    }
-+
-+  ret = TRUE;
-+
-+ out:
-+
-+  if (identity != NULL)
-+    g_object_unref (identity);
-+
-+  if (authority != NULL)
-+    g_object_unref (authority);
-+
-+  return ret;
-+}
-+
-+/* fflush(3) stdin and stdout and wait a little bit.
-+ * This replaces the three-line commands at the bottom of
-+ * polkit-agent-helper-1's main() function.
-+ */
-+void
-+flush_and_wait ()
-+{
-+  fflush (stdout);
-+  fflush (stderr);
-+  usleep (10 * 1000); /* since fflush(3) seems buggy */
-+}
+$OpenBSD: patch-src_polkitagent_polkitagenthelperprivate_c,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
+--- src/polkitagent/polkitagenthelperprivate.c.orig	Wed Apr 27 16:58:05 2011
++++ src/polkitagent/polkitagenthelperprivate.c	Wed Apr 27 16:58:18 2011
+@@ -103,7 +103,7 @@ flush_and_wait ()
+ {
+   fflush (stdout);
+   fflush (stderr);
+-  fdatasync (fileno(stdout));
+-  fdatasync (fileno(stderr));
++  fsync (fileno(stdout));
++  fsync (fileno(stderr));
+   usleep (100 * 1000);
+ }
diff --git a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_h b/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_h
deleted file mode 100644
index 588e9a28379..00000000000
--- a/sysutils/polkit/patches/patch-src_polkitagent_polkitagenthelperprivate_h
+++ /dev/null
@@ -1,46 +0,0 @@
-$OpenBSD: patch-src_polkitagent_polkitagenthelperprivate_h,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkitagent/polkitagenthelperprivate.h.orig	Sun Jun 27 17:34:45 2010
-+++ src/polkitagent/polkitagenthelperprivate.h	Sun Jun 27 17:34:45 2010
-@@ -0,0 +1,42 @@
-+/*
-+ * Copyright (C) 2009-2010 Red Hat, Inc.
-+ *
-+ * This library is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public
-+ * License as published by the Free Software Foundation; either
-+ * version 2 of the License, or (at your option) any later version.
-+ *
-+ * This library is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General
-+ * Public License along with this library; if not, write to the
-+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
-+ * Boston, MA 02110-1301, USA.
-+ *
-+ * Authors: David Zeuthen ,
-+ *          Andrew Psaltis 
-+ */
-+#ifndef __POLKIT_AGENT_HELPER_PRIVATE_H
-+#define __POLKIT_AGENT_HELPER_PRIVATE_H
-+
-+#include 
-+ 
-+/* Development aid: define PAH_DEBUG to get debugging output. Do _NOT_
-+ * enable this in production builds; it may leak passwords and other
-+ * sensitive information.
-+ */
-+#undef PAH_DEBUG
-+// #define PAH_DEBUG
-+
-+#ifdef HAVE_SOLARIS
-+#  define LOG_AUTHPRIV    (10<<3)
-+#endif
-+
-+gboolean send_dbus_message (const char *cookie, const char *user);
-+
-+void flush_and_wait ();
-+
-+#endif /* __POLKIT_AGENT_HELPER_PRIVATE_H */
diff --git a/sysutils/polkit/patches/patch-src_polkitbackend_50-localauthority_conf b/sysutils/polkit/patches/patch-src_polkitbackend_50-localauthority_conf
index d4d029e4825..fbec4d866db 100644
--- a/sysutils/polkit/patches/patch-src_polkitbackend_50-localauthority_conf
+++ b/sysutils/polkit/patches/patch-src_polkitbackend_50-localauthority_conf
@@ -1,11 +1,11 @@
-$OpenBSD: patch-src_polkitbackend_50-localauthority_conf,v 1.1 2010/07/05 15:22:16 ajacoutot Exp $
+$OpenBSD: patch-src_polkitbackend_50-localauthority_conf,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
 --- src/polkitbackend/50-localauthority.conf.orig	Mon Jul  5 16:52:24 2010
 +++ src/polkitbackend/50-localauthority.conf	Mon Jul  5 16:52:30 2010
 @@ -1,6 +1,6 @@
  # Configuration file for the PolicyKit Local Authority.
  #
 -# DO NOT EDIT THIS FILE, it will be overwritten on update.
-+# DO NOT EDIT THIS FILE
++# DO NOT EDIT THIS FILE.
  #
  # See the pklocalauthority(8) man page for more information
  # about configuring the Local Authority.
diff --git a/sysutils/polkit/patches/patch-src_polkitbackend_Makefile_am b/sysutils/polkit/patches/patch-src_polkitbackend_Makefile_am
index 0c791790bd3..b833cded79f 100644
--- a/sysutils/polkit/patches/patch-src_polkitbackend_Makefile_am
+++ b/sysutils/polkit/patches/patch-src_polkitbackend_Makefile_am
@@ -1,8 +1,8 @@
-$OpenBSD: patch-src_polkitbackend_Makefile_am,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkitbackend/Makefile.am.orig	Sun Jun 27 18:26:49 2010
-+++ src/polkitbackend/Makefile.am	Sun Jun 27 18:27:49 2010
-@@ -100,10 +100,4 @@ clean-local :
- 	rm -f *~ $(ck_built_sources) $(BUILT_SOURCES)
+$OpenBSD: patch-src_polkitbackend_Makefile_am,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
+--- src/polkitbackend/Makefile.am.orig	Mon Aug  9 20:49:57 2010
++++ src/polkitbackend/Makefile.am	Tue Nov 30 12:31:18 2010
+@@ -74,10 +74,4 @@ clean-local :
+ 	rm -f *~ $(BUILT_SOURCES)
  
  install-exec-hook:
 -	mkdir -p $(DESTDIR)$(localstatedir)/lib/polkit-1
diff --git a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendconfigsource_c b/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendconfigsource_c
deleted file mode 100644
index cf85454c2a6..00000000000
--- a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendconfigsource_c
+++ /dev/null
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_polkitbackend_polkitbackendconfigsource_c,v 1.1 2010/07/18 15:41:22 ajacoutot Exp $
-
-- Configuration reload on every query
-779c0153fc0bd3c2e302dac1979d17638f054229
-Set has_data to true after the data is loaded to prevent excessive
-reloading of config files.
-
---- src/polkitbackend/polkitbackendconfigsource.c.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkitbackend/polkitbackendconfigsource.c	Sun Jul 18 17:28:52 2010
-@@ -386,6 +386,7 @@ polkit_backend_config_source_ensure (PolkitBackendConf
-     }
- 
-   source->priv->key_files = g_list_reverse (source->priv->key_files);
-+  source->priv->has_data = TRUE;
- 
-  out:
-   g_list_foreach (files, (GFunc) g_object_unref, NULL);
diff --git a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendlocalauthority_c b/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendlocalauthority_c
deleted file mode 100644
index c6c6ce0ef87..00000000000
--- a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendlocalauthority_c
+++ /dev/null
@@ -1,30 +0,0 @@
-$OpenBSD: patch-src_polkitbackend_polkitbackendlocalauthority_c,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/polkitbackend/polkitbackendlocalauthority.c.orig	Sun Jun 27 18:27:56 2010
-+++ src/polkitbackend/polkitbackendlocalauthority.c	Sun Jun 27 18:28:13 2010
-@@ -211,7 +211,7 @@ add_all_authorization_stores (PolkitBackendLocalAuthor
-       error = NULL;
- 
-       if (n == 0)
--        toplevel_path = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1/localauthority";
-+        toplevel_path = PACKAGE_LOCALSTATE_DIR "/db/polkit-1/localauthority";
-       else
-         toplevel_path = PACKAGE_SYSCONF_DIR "/polkit-1/localauthority";
- 
-@@ -321,7 +321,7 @@ polkit_backend_local_authority_init (PolkitBackendLoca
-       GError *error;
- 
-       if (n == 0)
--        toplevel_path = PACKAGE_LOCALSTATE_DIR "/lib/polkit-1/localauthority";
-+        toplevel_path = PACKAGE_LOCALSTATE_DIR "/db/polkit-1/localauthority";
-       else
-         toplevel_path = PACKAGE_SYSCONF_DIR "/polkit-1/localauthority";
- 
-@@ -698,7 +698,7 @@ static gchar *
- lockdown_get_filename (const gchar *action_id)
- {
-   return g_strdup_printf (PACKAGE_LOCALSTATE_DIR
--                          "/lib/polkit-1/localauthority/90-mandatory.d/"
-+                          "/db/polkit-1/localauthority/90-mandatory.d/"
-                           "org.freedesktop.policykit.localauthority.lockdown.action-%s.pkla",
-                           action_id);
- }
diff --git a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendlocalauthorizationstore_c b/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendlocalauthorizationstore_c
deleted file mode 100644
index fa4878a7f33..00000000000
--- a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendlocalauthorizationstore_c
+++ /dev/null
@@ -1,18 +0,0 @@
-$OpenBSD: patch-src_polkitbackend_polkitbackendlocalauthorizationstore_c,v 1.1 2010/07/18 15:41:22 ajacoutot Exp $
-
-- Configuration reload on every query
-779c0153fc0bd3c2e302dac1979d17638f054229
-Set has_data to true after the data is loaded to prevent excessive
-reloading of config files.
-
---- src/polkitbackend/polkitbackendlocalauthorizationstore.c.orig	Wed Mar 10 18:46:19 2010
-+++ src/polkitbackend/polkitbackendlocalauthorizationstore.c	Sun Jul 18 17:28:52 2010
-@@ -641,6 +641,8 @@ polkit_backend_local_authorization_store_ensure (Polki
-       g_free (filename);
-     }
- 
-+  store->priv->has_data = TRUE;
-+
-  out:
-   g_list_foreach (files, (GFunc) g_object_unref, NULL);
-   g_list_free (files);
diff --git a/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendsessionmonitor_c b/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendsessionmonitor_c
new file mode 100644
index 00000000000..9d9af5aae94
--- /dev/null
+++ b/sysutils/polkit/patches/patch-src_polkitbackend_polkitbackendsessionmonitor_c
@@ -0,0 +1,30 @@
+$OpenBSD: patch-src_polkitbackend_polkitbackendsessionmonitor_c,v 1.1 2011/04/28 13:09:07 ajacoutot Exp $
+
+From c23d74447c7615dc74dae259f0fc3688ec988867 Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Fri, 01 Apr 2011 16:12:27 +0000
+Subject: Use polkit_unix_process_get_uid() to get the owner of a process
+
+--- src/polkitbackend/polkitbackendsessionmonitor.c.orig	Sat Feb 26 23:23:53 2011
++++ src/polkitbackend/polkitbackendsessionmonitor.c	Wed Apr 27 19:07:36 2011
+@@ -293,14 +293,15 @@ polkit_backend_session_monitor_get_user_for_subject (P
+ 
+   if (POLKIT_IS_UNIX_PROCESS (subject))
+     {
+-      local_error = NULL;
+-      uid = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject), &local_error);
+-      if (local_error != NULL)
++      uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject));
++      if ((gint) uid == -1)
+         {
+-          g_propagate_prefixed_error (error, local_error, "Error getting user for process: ");
++          g_set_error (error,
++                       POLKIT_ERROR,
++                       POLKIT_ERROR_FAILED,
++                       "Unix process subject does not have uid set");
+           goto out;
+         }
+-
+       ret = polkit_unix_user_new (uid);
+     }
+   else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
diff --git a/sysutils/polkit/patches/patch-src_polkitd_gposixsignal_c b/sysutils/polkit/patches/patch-src_polkitd_gposixsignal_c
new file mode 100644
index 00000000000..0a289436ce6
--- /dev/null
+++ b/sysutils/polkit/patches/patch-src_polkitd_gposixsignal_c
@@ -0,0 +1,41 @@
+$OpenBSD: patch-src_polkitd_gposixsignal_c,v 1.1 2011/04/28 13:09:07 ajacoutot Exp $
+--- src/polkitd/gposixsignal.c.orig	Sat Feb 26 23:23:53 2011
++++ src/polkitd/gposixsignal.c	Wed Apr 27 16:07:00 2011
+@@ -26,7 +26,13 @@
+ 
+ #if defined(__linux__)
+ #include 
++#if defined(__FreeBSD__) || defined(__OpenBSD__)
++#include 
++#include 
++#include 
++#else
+ #include 
++#endif
+ #include 
+ 
+ typedef struct
+@@ -84,6 +90,9 @@ _g_posix_signal_source_new (gint signum)
+   gint fd;
+   GSource *_source;
+   _GPosixSignalSource *source;
++#if defined(__FreeBSD__) || defined(__OpenBSD__)
++  struct kevent ev;
++#endif
+ 
+   _source = NULL;
+ 
+@@ -93,7 +102,13 @@ _g_posix_signal_source_new (gint signum)
+   if (sigprocmask (SIG_BLOCK, &sigset, NULL) == -1)
+     g_assert_not_reached ();
+ 
++#if defined(__FreeBSD__) || defined(__OpenBSD__)
++  fd = kqueue ();
++  EV_SET (&ev, signum, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL);
++  kevent (fd, &ev, 1, NULL, 0, NULL);
++#else
+   fd = signalfd (-1, &sigset, SFD_NONBLOCK | SFD_CLOEXEC);
++#endif
+ 
+   _source = g_source_new (&_g_posix_signal_source_funcs, sizeof (_GPosixSignalSource));
+   source = (_GPosixSignalSource *) _source;
diff --git a/sysutils/polkit/patches/patch-src_programs_pkexec_c b/sysutils/polkit/patches/patch-src_programs_pkexec_c
index 42666e4aea0..49db29c53b5 100644
--- a/sysutils/polkit/patches/patch-src_programs_pkexec_c
+++ b/sysutils/polkit/patches/patch-src_programs_pkexec_c
@@ -1,55 +1,104 @@
-$OpenBSD: patch-src_programs_pkexec_c,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
---- src/programs/pkexec.c.orig	Wed Mar 10 18:46:19 2010
-+++ src/programs/pkexec.c	Thu Jul  1 07:31:27 2010
-@@ -34,7 +34,11 @@
- #include 
+$OpenBSD: patch-src_programs_pkexec_c,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
+
+From 3b12cfac29dddd27f1f166a7574d8374cc1dccf2 Mon Sep 17 00:00:00 2001
+From: David Zeuthen 
+Date: Fri, 01 Apr 2011 16:13:15 +0000
+Subject: pkexec: Avoid TOCTTOU problems with parent process
+
+--- src/programs/pkexec.c.orig	Thu Mar  3 18:04:19 2011
++++ src/programs/pkexec.c	Wed Apr 27 19:09:18 2011
+@@ -35,6 +35,10 @@
  #include 
  #include 
+ 
++#ifdef __linux__
++#include 
++#endif
 +
-+#ifdef POLKIT_AUTHFW_PAM
- #include 
-+#endif /* POLKIT_AUTHFW_PAM */
-+
- #include 
- #include 
+ #include 
  
-@@ -115,6 +119,7 @@ log_message (gint     level,
+ #ifdef POLKIT_AUTHFW_PAM
+@@ -423,7 +427,6 @@ main (int argc, char *argv[])
+   GPtrArray *saved_env;
+   gchar *opt_user;
+   pid_t pid_of_caller;
+-  uid_t uid_of_caller;
+   gpointer local_agent_handle;
  
- /* ---------------------------------------------------------------------------------------------------- */
- 
-+#ifdef POLKIT_AUTHFW_PAM
- static int
- pam_conversation_function (int n,
-                            const struct pam_message **msg,
-@@ -167,6 +172,7 @@ out:
-     pam_end (pam_h, rc);
-   return ret;
- }
-+#endif /* POLKIT_AUTHFW_PAM */
- 
- /* ---------------------------------------------------------------------------------------------------- */
- 
-@@ -437,7 +443,7 @@ main (int argc, char *argv[])
-       goto out;
-     }
- 
--  original_cwd = g_strdup (get_current_dir_name ());
-+  original_cwd = g_strdup (getcwd (NULL, 0));
-   if (original_cwd == NULL)
-     {
-       g_printerr ("Error getting cwd.\n");
-@@ -741,11 +747,13 @@ main (int argc, char *argv[])
-    * TODO: The question here is whether we should clear the limits before applying them?
-    * As evident above, neither su(1) (and, for that matter, nor sudo(8)) does this.
+   ret = 127;
+@@ -598,40 +601,49 @@ main (int argc, char *argv[])
     */
-+#ifdef POLKIT_AUTHW_PAM
-   if (!open_session (pw->pw_name))
+   g_type_init ();
+ 
+-  /* now check if the program that invoked us is authorized */
++  /* make sure we are nuked if the parent process dies */
++#ifdef __linux__
++  if (prctl (PR_SET_PDEATHSIG, SIGTERM) != 0)
++    {
++      g_printerr ("prctl(PR_SET_PDEATHSIG, SIGTERM) failed: %s\n", g_strerror (errno));
++      goto out;
++    }
++#else
++#warning "Please add OS specific code to catch when the parent dies"
++#endif
++
++  /* Figure out the parent process */
+   pid_of_caller = getppid ();
+   if (pid_of_caller == 1)
      {
+       /* getppid() can return 1 if the parent died (meaning that we are reaped
+-       * by /sbin/init); get process group leader instead - for example, this
+-       * happens when launching via gnome-panel (alt+f2, then 'pkexec gedit').
++       * by /sbin/init); In that case we simpy bail.
+        */
+-      pid_of_caller = getpgrp ();
+-    }
+-
+-  subject = polkit_unix_process_new (pid_of_caller);
+-  if (subject == NULL)
+-    {
+-      g_printerr ("No such process for pid %d: %s\n", (gint) pid_of_caller, error->message);
+-      g_error_free (error);
++      g_printerr ("Refusing to render service to dead parents.\n");
        goto out;
      }
--
-+#endif /* POLKIT_AUTHFW_PAM */
-+  
-   /* become the user */
-   if (setgroups (0, NULL) != 0)
-     {
+ 
+-  /* paranoia: check that the uid of pid_of_caller matches getuid() */
+-  error = NULL;
+-  uid_of_caller = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject),
+-                                                 &error);
+-  if (error != NULL)
+-    {
+-      g_printerr ("Error determing pid of caller (pid %d): %s\n", (gint) pid_of_caller, error->message);
+-      g_error_free (error);
+-      goto out;
+-    }
+-  if (uid_of_caller != getuid ())
+-    {
+-      g_printerr ("User of caller (%d) does not match our uid (%d)\n", uid_of_caller, getuid ());
+-      goto out;
+-    }
++  /* This process we want to check an authorization for is the process
++   * that launched us - our parent process.
++   *
++   * At the time the parent process fork()'ed and exec()'ed us, the
++   * process had the same real-uid that we have now. So we use this
++   * real-uid instead of of looking it up to avoid TOCTTOU issues
++   * (consider the parent process exec()'ing a setuid helper).
++   *
++   * On the other hand, the monotonic process start-time is guaranteed
++   * to never change so it's safe to look that up given only the PID
++   * since we are guaranteed to be nuked if the parent goes away
++   * (cf. the prctl(2) call above).
++   */
++  subject = polkit_unix_process_new_for_owner (pid_of_caller,
++                                               0, /* 0 means "look up start-time in /proc" */
++                                               getuid ());
++  /* really double-check the invariants guaranteed by the PolkitUnixProcess class */
++  g_assert (subject != NULL);
++  g_assert (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)) == pid_of_caller);
++  g_assert (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)) >= 0);
++  g_assert (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) > 0);
+ 
+   error = NULL;
+   authority = polkit_authority_get_sync (NULL /* GCancellable* */, &error);
diff --git a/sysutils/polkit/pkg/PFRAG.shared b/sysutils/polkit/pkg/PFRAG.shared
index cfa2e467b1a..a5b6f4b4b66 100644
--- a/sysutils/polkit/pkg/PFRAG.shared
+++ b/sysutils/polkit/pkg/PFRAG.shared
@@ -1,6 +1,5 @@
-@comment $OpenBSD: PFRAG.shared,v 1.1.1.1 2010/07/01 07:46:21 ajacoutot Exp $
+@comment $OpenBSD: PFRAG.shared,v 1.2 2011/04/28 13:09:07 ajacoutot Exp $
 @lib lib/libpolkit-agent-1.so.${LIBpolkit-agent-1_VERSION}
 @lib lib/libpolkit-backend-1.so.${LIBpolkit-backend-1_VERSION}
 @lib lib/libpolkit-gobject-1.so.${LIBpolkit-gobject-1_VERSION}
 lib/polkit-1/extensions/libnullbackend.so
-lib/polkit-1/extensions/libpkexec-action-lookup.so
diff --git a/sysutils/polkit/pkg/PLIST b/sysutils/polkit/pkg/PLIST
index 5264cf48d96..9c5b7a55bbc 100644
--- a/sysutils/polkit/pkg/PLIST
+++ b/sysutils/polkit/pkg/PLIST
@@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.5 2011/04/07 11:12:12 ajacoutot Exp $
+@comment $OpenBSD: PLIST,v 1.6 2011/04/28 13:09:07 ajacoutot Exp $
 %%SHARED%%
 @bin bin/pk-example-frobnicate
 @bin bin/pkaction
@@ -21,6 +21,7 @@ include/polkit-1/polkit/polkitenumtypes.h
 include/polkit-1/polkit/polkiterror.h
 include/polkit-1/polkit/polkitidentity.h
 include/polkit-1/polkit/polkitimplicitauthorization.h
+include/polkit-1/polkit/polkitpermission.h
 include/polkit-1/polkit/polkitprivate.h
 include/polkit-1/polkit/polkitsubject.h
 include/polkit-1/polkit/polkitsystembusname.h
@@ -32,22 +33,21 @@ include/polkit-1/polkit/polkitunixsession.h
 include/polkit-1/polkit/polkitunixuser.h
 include/polkit-1/polkitagent/
 include/polkit-1/polkitagent/polkitagent.h
+include/polkit-1/polkitagent/polkitagentenumtypes.h
 include/polkit-1/polkitagent/polkitagentlistener.h
 include/polkit-1/polkitagent/polkitagentsession.h
+include/polkit-1/polkitagent/polkitagenttextlistener.h
 include/polkit-1/polkitagent/polkitagenttypes.h
 include/polkit-1/polkitbackend/
 include/polkit-1/polkitbackend/polkitbackend.h
 include/polkit-1/polkitbackend/polkitbackendactionlookup.h
-include/polkit-1/polkitbackend/polkitbackendactionpool.h
 include/polkit-1/polkitbackend/polkitbackendauthority.h
-include/polkit-1/polkitbackend/polkitbackendconfigsource.h
 include/polkit-1/polkitbackend/polkitbackendinteractiveauthority.h
 include/polkit-1/polkitbackend/polkitbackendlocalauthority.h
-include/polkit-1/polkitbackend/polkitbackendlocalauthorizationstore.h
-include/polkit-1/polkitbackend/polkitbackendsessionmonitor.h
 include/polkit-1/polkitbackend/polkitbackendtypes.h
 lib/girepository-1.0/
 lib/girepository-1.0/Polkit-1.0.typelib
+lib/girepository-1.0/PolkitAgent-1.0.typelib
 lib/libpolkit-agent-1.a
 lib/libpolkit-agent-1.la
 lib/libpolkit-backend-1.a
@@ -62,8 +62,6 @@ lib/polkit-1/
 lib/polkit-1/extensions/
 @comment lib/polkit-1/extensions/libnullbackend.a
 @comment lib/polkit-1/extensions/libnullbackend.la
-@comment lib/polkit-1/extensions/libpkexec-action-lookup.a
-@comment lib/polkit-1/extensions/libpkexec-action-lookup.la
 @mode 4755
 @owner root
 @bin libexec/polkit-agent-helper-1
@@ -88,8 +86,8 @@ share/examples/polkit/polkit-1/
 @mode 0700
 @sample ${SYSCONFDIR}/polkit-1/
 @sample /var/db/polkit-1/
-@mode
 @sample ${SYSCONFDIR}/polkit-1/localauthority/
+@mode
 share/examples/polkit/polkit-1/localauthority.conf.d/
 @sample ${SYSCONFDIR}/polkit-1/localauthority.conf.d/
 share/examples/polkit/polkit-1/localauthority.conf.d/50-localauthority.conf
@@ -108,6 +106,7 @@ share/examples/polkit/var/db/polkit-1/localauthority/10-vendor.d/
 share/examples/polkit/var/db/polkit-1/localauthority/10-vendor.d/10-desktop-policy.pkla
 share/gir-1.0/
 share/gir-1.0/Polkit-1.0.gir
+share/gir-1.0/PolkitAgent-1.0.gir
 share/locale/da/LC_MESSAGES/polkit-1.mo
 share/polkit-1/
 share/polkit-1/actions/