| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When launching from a read-only disk image, if no installed copy exists in
/Applications, and the user chooses to install from the disk image:
If it appears that there isn't permission to write to /Applications, prompt
the user to authenticate as an administrator. If authentication is
successful, copy the application as root, set its permissions, and promote
Keystone to use a system ticket.
BUG=40265
TEST=Remove the application from /Applications and test, as both an admin
user and a normal user, installation directly from the disk image. When
installation occurs after authentication, Chrome should be on a system
ticket.
Also, make sure that normal in-app Keystone promotion continues to work
as expected.
Review URL: http://codereview.chromium.org/1792013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@46091 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- During keystone registration pull in the brand file at user to system level.
- Clean up old user level brand files after moving to a system ticket.
- During keystone ticket promotion, use the pref flight script to copy the brand information out to the system level.
- When updating check to see if the user had manually updated the app and gotten a new brand code, if so, migrate that code into the right location.
BUG=39131
TEST=email from tvl to QA with details.
Review URL: http://codereview.chromium.org/1687012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@45687 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
The concept of "ticket promotion" is added to the application when Keystone is
in use. Ticket promotion is used to turn a user Keystone ticket, which Chrome
normally establishes when it launches, into a system Keystone ticket, after
successful user authentication and authorization. Having a system Keystone
with a system ticket means that updates are applied with root privileges
instead of user privileges, essentially eliminating the possibility that a
user will fall off of the auto-update train because they can read and execute
but not write the application.
Two principles of promotion apply:
- An application on a user ticket NEEDS promotion if it determines that it
doesn't have permission to write to itself. Being on a user ticket, an
update attempt would fail.
- An application on a user ticket WANTS promotion if it already NEEDS
promotion. Additionally, if it is installed in a system-wide location
such as /Applications, it will WANT promotion, even if it does not NEED it.
If promotion is needed, an info bar will show up on launch requesting it.
This info bar works similarly to the default browser info bar: it has a "don't
bother me again" button, it will only show up after the first launch, it won't
disappear on navigation if the navigation happens very quickly, and it won't
show itself if another info bar is up. This means that if both the default
browser info bar and the promotion info bar have a shot at showing, only one
will win. In my experience, each wins about half of the time.
If promotion is needed, the update UI in the About window will be hidden.
Checking for updates and offering to apply them doesn't make much sense when
the update won't be able to install successfully. All of the auto-update
machinery is still working in the background, but the About window UI is
hidden.
If promotion is wanted, the About window will contain a new button allowing
the user to enter promotion. This gives access to the same promotion routine
as the promotion info bar. It can be used even from an administrative account
that is able to update the application without promotion. It's intended to be
used by the system administrator of the family without requiring them to
switch to one of the kids' accounts.
BUG=16360
TEST=Exhaustively, please.
Review URL: http://codereview.chromium.org/437053
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33241 0039d316-1c4b-4281-b951-d872f2087c98
|
