Created
May 3, 2020 13:26
-
-
Save WhyNotHugo/d5c4877fab35a67d77dc1e202cc1262b to your computer and use it in GitHub Desktop.
systemd-polkit-rules
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- */ | |
| // DO NOT EDIT THIS FILE, it will be overwritten on update | |
| // | |
| // Default rules for polkit | |
| // | |
| // See the polkit(8) man page for more information | |
| // about configuring polkit. | |
| polkit.addAdminRule(function(action, subject) { | |
| return ["unix-group:wheel"]; | |
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Allow users in wheel group to use blueman feature requiring root without authentication */ | |
| polkit.addRule(function(action, subject) { | |
| if ((action.id == "org.blueman.network.setup" || | |
| action.id == "org.blueman.dhcp.client" || | |
| action.id == "org.blueman.rfkill.setstate" || | |
| action.id == "org.blueman.pppd.pppconnect") && | |
| subject.isInGroup("wheel")) { | |
| return polkit.Result.YES; | |
| } | |
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| polkit.addRule(function(action, subject) { | |
| if ((action.id == "org.freedesktop.Flatpak.app-install" || | |
| action.id == "org.freedesktop.Flatpak.runtime-install"|| | |
| action.id == "org.freedesktop.Flatpak.app-uninstall" || | |
| action.id == "org.freedesktop.Flatpak.runtime-uninstall" || | |
| action.id == "org.freedesktop.Flatpak.modify-repo") && | |
| subject.active == true && subject.local == true && | |
| subject.isInGroup("wheel")) { | |
| return polkit.Result.YES; | |
| } | |
| return polkit.Result.NOT_HANDLED; | |
| }); | |
| polkit.addRule(function(action, subject) { | |
| if (action.id == "org.freedesktop.Flatpak.override-parental-controls") { | |
| return polkit.Result.AUTH_ADMIN; | |
| } | |
| return polkit.Result.NOT_HANDLED; | |
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Allows users belonging to wheel group to start gvfsd-admin without | |
| // authorization. This prevents redundant password prompt when starting | |
| // gvfsd-admin. The gvfsd-admin causes another password prompts to be shown | |
| // for each client process using the different action id and for the subject | |
| // based on the client process. | |
| polkit.addRule(function(action, subject) { | |
| if ((action.id == "org.gtk.vfs.file-operations-helper") && | |
| subject.local && | |
| subject.active && | |
| subject.isInGroup ("wheel")) { | |
| return polkit.Result.YES; | |
| } | |
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Allow systemd-networkd to set timezone, get product UUID, | |
| // and transient hostname | |
| polkit.addRule(function(action, subject) { | |
| if ((action.id == "org.freedesktop.hostname1.set-hostname" || | |
| action.id == "org.freedesktop.hostname1.get-product-uuid" || | |
| action.id == "org.freedesktop.timedate1.set-timezone") && | |
| subject.user == "systemd-network") { | |
| return polkit.Result.YES; | |
| } | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment