Polkit rule added to permit a couple of actions

This commit is contained in:
Bruce Leidl 2018-03-27 16:03:01 -04:00
parent 29f5dba4fd
commit b115862e5a
2 changed files with 11 additions and 0 deletions

View File

@ -13,6 +13,7 @@ SRC_URI += "\
file://NetworkManager.conf \ file://NetworkManager.conf \
file://zram-swap.service \ file://zram-swap.service \
file://share/dot.vimrc \ file://share/dot.vimrc \
file://polkit/citadel.rules \
" "
dirs1777_remove = "${localstatedir}/volatile/tmp" dirs1777_remove = "${localstatedir}/volatile/tmp"
@ -35,6 +36,7 @@ do_install_append () {
install -m 0755 -d ${D}${sysconfdir}/tmpfiles.d install -m 0755 -d ${D}${sysconfdir}/tmpfiles.d
install -m 0755 -d ${D}${sysconfdir}/udev/rules.d install -m 0755 -d ${D}${sysconfdir}/udev/rules.d
install -m 0755 -d ${D}${sysconfdir}/NetworkManager install -m 0755 -d ${D}${sysconfdir}/NetworkManager
install -m 0755 -d ${D}${sysconfdir}/polkit-1/rules.d
install -m 0700 -d ${D}${localstatedir}/lib/NetworkManager install -m 0700 -d ${D}${localstatedir}/lib/NetworkManager
install -m 0700 -d ${D}${localstatedir}/lib/NetworkManager/system-connections install -m 0700 -d ${D}${localstatedir}/lib/NetworkManager/system-connections
@ -58,6 +60,8 @@ do_install_append () {
install -m 0755 ${WORKDIR}/share/dot.vimrc ${D}${sysconfdir}/skel/.vimrc install -m 0755 ${WORKDIR}/share/dot.vimrc ${D}${sysconfdir}/skel/.vimrc
install -m 0755 ${WORKDIR}/polkit/citadel.rules ${D}${sysconfdir}/polkit-1/rules.d/
ln -s /storage/citadel-state/resolv.conf ${D}${sysconfdir}/resolv.conf ln -s /storage/citadel-state/resolv.conf ${D}${sysconfdir}/resolv.conf
ln -s /dev/null ${D}${sysconfdir}/tmpfiles.d/etc.conf ln -s /dev/null ${D}${sysconfdir}/tmpfiles.d/etc.conf
ln -s /dev/null ${D}${sysconfdir}/tmpfiles.d/home.conf ln -s /dev/null ${D}${sysconfdir}/tmpfiles.d/home.conf

View File

@ -0,0 +1,7 @@
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.NetworkManager.settings.modify.system" ||
action.id == "org.freedesktop.machine1.host-open-pty") &&
subject.local && subject.isInGroup("citadel")) {
return polkit.Result.YES;
}
});