garcard Public

Watch 0 Fork 0 Star 0

markdown · 3165 bytes Raw Blame History

garcard 0.1.0-rc1

Highlights

Polkit authentication agent backend with queue-aware auth state tracking.
Built-in gartk prompt path with timeout/cancel behavior and ask-password fallback.
Daemon health/reconnect loop with forced reconnect support (SIGHUP + maintenance pass).
Lifecycle controls in garcardctl: ping, status, diagnose, version, auth-summary, temp-list, temp-revoke, temp-revoke-all, quit.
Session helper child lifecycle handling and improved helper-protocol fallback behavior.
Auth lifecycle metadata and retention mapping exposed via auth-summary.
Status health surface now includes authority connectivity and subject-kind fields for control-surface consumers.

Hardening Included In Sprint 04

Same-UID enforcement for local IPC control clients.
Reduced panic surface in prompt color setup paths.
Best-effort scrubbing of helper prompt response buffers after use.
Reduced prompt credential lifetime by moving submitted input without cloning and scrubbing prompt output buffers.
Added built-in prompt feedback tones for auth success/error visual feedback.
Reused the same built-in prompt window across helper callbacks so failed auth can flash and reprompt without tearing down the modal.
Removed daemon-level same-cookie retry loop; retries now follow helper/PAM flow to avoid stale-cookie false failures.
Backend maintenance now uses ping-only health checks instead of periodic re-registration to avoid invalidating in-flight auth cookies.

Validation Coverage

Sprint 02 live callback and reconnect validation:
- examples/sprint-02-validation-report-2026-02-18.md
Sprint 03 ecosystem + runtime probes:
- examples/sprint-03-validation-report-2026-02-18.md
Sprint 04 reliability harness/checklist:
- examples/validate-sprint-04.sh
- examples/validate-sprint-04-runtime.sh
- examples/sprint-04-validation.md
Sprint 07 authorization lifecycle coverage:
- examples/validate-sprint-07.sh
- examples/sprint-07-validation.md
Sprint 08 parity matrix scaffolding:
- examples/sprint-08-parity-matrix.md
- examples/validate-sprint-08-parity.sh
Sprint 08 parity certification and targeted captures:
- examples/sprint-08-validation-report-2026-02-26.md
- examples/sprint-08-parity-matrix.md (PASS, blockers: none)
- target/sprint-08-parity-evidence.md

GA Gate Summary (2026-02-26)

Release-candidate gate checklist completed: docs/release/ga-checklist.md.
Interactive and targeted parity scenarios pass (success/failure/cancel/timeout, multi-identity, retention, temp auth lifecycle).
Integration certification and post-polkit-restart recovery validated in Sprint 08 report.

Explicit Out-Of-Scope For 0.1.0

Challenge prompting depends on host polkit policy; some actions may auto-authorize.
Scope is logged-in user sessions (X11), not greeter/session-manager flows.
gargears integration is limited to command/control-surface parity contracts; native UI parity is tracked separately.
Multi-seat/remote-session policy nuances are not fully certified in this release cycle.

View source

  
        1
        # garcard 0.1.0-rc1
      
        2
        
        3
        ## Highlights
      
        4
        1. Polkit authentication agent backend with queue-aware auth state tracking.
      
        5
        2. Built-in gartk prompt path with timeout/cancel behavior and ask-password fallback.
      
        6
        3. Daemon health/reconnect loop with forced reconnect support (`SIGHUP` + maintenance pass).
      
        7
        4. Lifecycle controls in `garcardctl`: `ping`, `status`, `diagnose`, `version`, `auth-summary`, `temp-list`, `temp-revoke`, `temp-revoke-all`, `quit`.
      
        8
        5. Session helper child lifecycle handling and improved helper-protocol fallback behavior.
      
        9
        6. Auth lifecycle metadata and retention mapping exposed via `auth-summary`.
      
        10
        7. Status health surface now includes authority connectivity and subject-kind fields for control-surface consumers.
      
        11
        
        12
        ## Hardening Included In Sprint 04
      
        13
        1. Same-UID enforcement for local IPC control clients.
      
        14
        2. Reduced panic surface in prompt color setup paths.
      
        15
        3. Best-effort scrubbing of helper prompt response buffers after use.
      
        16
        4. Reduced prompt credential lifetime by moving submitted input without cloning and scrubbing prompt output buffers.
      
        17
        5. Added built-in prompt feedback tones for auth success/error visual feedback.
      
        18
        6. Reused the same built-in prompt window across helper callbacks so failed auth can flash and reprompt without tearing down the modal.
      
        19
        7. Removed daemon-level same-cookie retry loop; retries now follow helper/PAM flow to avoid stale-cookie false failures.
      
        20
        8. Backend maintenance now uses ping-only health checks instead of periodic re-registration to avoid invalidating in-flight auth cookies.
      
        21
        
        22
        ## Validation Coverage
      
        23
        1. Sprint 02 live callback and reconnect validation:
      
        24
           - `examples/sprint-02-validation-report-2026-02-18.md`
      
        25
        2. Sprint 03 ecosystem + runtime probes:
      
        26
           - `examples/sprint-03-validation-report-2026-02-18.md`
      
        27
        3. Sprint 04 reliability harness/checklist:
      
        28
           - `examples/validate-sprint-04.sh`
      
        29
           - `examples/validate-sprint-04-runtime.sh`
      
        30
           - `examples/sprint-04-validation.md`
      
        31
        4. Sprint 07 authorization lifecycle coverage:
      
        32
           - `examples/validate-sprint-07.sh`
      
        33
           - `examples/sprint-07-validation.md`
      
        34
        5. Sprint 08 parity matrix scaffolding:
      
        35
           - `examples/sprint-08-parity-matrix.md`
      
        36
           - `examples/validate-sprint-08-parity.sh`
      
        37
        6. Sprint 08 parity certification and targeted captures:
      
        38
           - `examples/sprint-08-validation-report-2026-02-26.md`
      
        39
           - `examples/sprint-08-parity-matrix.md` (`PASS`, blockers: none)
      
        40
           - `target/sprint-08-parity-evidence.md`
      
        41
        
        42
        ## GA Gate Summary (2026-02-26)
      
        43
        1. Release-candidate gate checklist completed: `docs/release/ga-checklist.md`.
      
        44
        2. Interactive and targeted parity scenarios pass (success/failure/cancel/timeout, multi-identity, retention, temp auth lifecycle).
      
        45
        3. Integration certification and post-polkit-restart recovery validated in Sprint 08 report.
      
        46
        
        47
        ## Explicit Out-Of-Scope For 0.1.0
      
        48
        1. Challenge prompting depends on host polkit policy; some actions may auto-authorize.
      
        49
        2. Scope is logged-in user sessions (X11), not greeter/session-manager flows.
      
        50
        3. `gargears` integration is limited to command/control-surface parity contracts; native UI parity is tracked separately.
      
        51
        4. Multi-seat/remote-session policy nuances are not fully certified in this release cycle.

1	# garcard 0.1.0-rc1
2
3	## Highlights
4	1. Polkit authentication agent backend with queue-aware auth state tracking.
5	2. Built-in gartk prompt path with timeout/cancel behavior and ask-password fallback.
6	3. Daemon health/reconnect loop with forced reconnect support (`SIGHUP` + maintenance pass).
7	4. Lifecycle controls in `garcardctl`: `ping`, `status`, `diagnose`, `version`, `auth-summary`, `temp-list`, `temp-revoke`, `temp-revoke-all`, `quit`.
8	5. Session helper child lifecycle handling and improved helper-protocol fallback behavior.
9	6. Auth lifecycle metadata and retention mapping exposed via `auth-summary`.
10	7. Status health surface now includes authority connectivity and subject-kind fields for control-surface consumers.
11
12	## Hardening Included In Sprint 04
13	1. Same-UID enforcement for local IPC control clients.
14	2. Reduced panic surface in prompt color setup paths.
15	3. Best-effort scrubbing of helper prompt response buffers after use.
16	4. Reduced prompt credential lifetime by moving submitted input without cloning and scrubbing prompt output buffers.
17	5. Added built-in prompt feedback tones for auth success/error visual feedback.
18	6. Reused the same built-in prompt window across helper callbacks so failed auth can flash and reprompt without tearing down the modal.
19	7. Removed daemon-level same-cookie retry loop; retries now follow helper/PAM flow to avoid stale-cookie false failures.
20	8. Backend maintenance now uses ping-only health checks instead of periodic re-registration to avoid invalidating in-flight auth cookies.
21
22	## Validation Coverage
23	1. Sprint 02 live callback and reconnect validation:
24	- `examples/sprint-02-validation-report-2026-02-18.md`
25	2. Sprint 03 ecosystem + runtime probes:
26	- `examples/sprint-03-validation-report-2026-02-18.md`
27	3. Sprint 04 reliability harness/checklist:
28	- `examples/validate-sprint-04.sh`
29	- `examples/validate-sprint-04-runtime.sh`
30	- `examples/sprint-04-validation.md`
31	4. Sprint 07 authorization lifecycle coverage:
32	- `examples/validate-sprint-07.sh`
33	- `examples/sprint-07-validation.md`
34	5. Sprint 08 parity matrix scaffolding:
35	- `examples/sprint-08-parity-matrix.md`
36	- `examples/validate-sprint-08-parity.sh`
37	6. Sprint 08 parity certification and targeted captures:
38	- `examples/sprint-08-validation-report-2026-02-26.md`
39	- `examples/sprint-08-parity-matrix.md` (`PASS`, blockers: none)
40	- `target/sprint-08-parity-evidence.md`
41
42	## GA Gate Summary (2026-02-26)
43	1. Release-candidate gate checklist completed: `docs/release/ga-checklist.md`.
44	2. Interactive and targeted parity scenarios pass (success/failure/cancel/timeout, multi-identity, retention, temp auth lifecycle).
45	3. Integration certification and post-polkit-restart recovery validated in Sprint 08 report.
46
47	## Explicit Out-Of-Scope For 0.1.0
48	1. Challenge prompting depends on host polkit policy; some actions may auto-authorize.
49	2. Scope is logged-in user sessions (X11), not greeter/session-manager flows.
50	3. `gargears` integration is limited to command/control-surface parity contracts; native UI parity is tracked separately.
51	4. Multi-seat/remote-session policy nuances are not fully certified in this release cycle.