Talk:Polkit

From Gentoo Wiki
Jump to:navigation Jump to:search
Note
This is a Talk page - please see the documentation about using talk pages. Add newer comments below older ones, sign comments using four tildes (~~~~), and indent successive comments with colons (:). Add new sections at the bottom of the page, under a heading (== ==). Please remember to mark sections as "open for discussion" using {{talk|open}}, so they will show up in the list of open discussions.

subject.user

Talk status
This discussion is done.

The second example in the section rules seems to be wrong. I think it should be

FILE /etc/polkit-1/rules.d/99-udisks.rules
polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.udisks.filesystem-mount-system-internal" &&
        subject.user == "larry" {
        return "yes";
    }
});

I tried to add a rule on my system and it didn't work with subject == "myusername", but subject.user == "myusername" did work.

Fixed. Thanks.

Rules ordering

Talk status
This discussion is done.

From what I understand from the polkit man page, functions registered through addRule() and addAdminRule() in files from /etc/polkit-1/rules.d/ are run in the order in which the files are sourced, and the first valid return value is used. Thus adding 99-admin.rules as suggested in the wiki shouldn't have any effect since there seems to be a 50-default.rules file already stating that admin is UID 0 only (or at least, there is such a file as per polkit-0.107-r1).

Furthermore, being the fussy kind, shouldn't the let-wheel-group-be-an-admin function's return value be along the lines of ["unix-user:0","unix-group:wheel"] (table with 2 single-statement elements instead of a single 2-statements element)? That's what the man page seems to state.

Please correct me if I'm wrong, I need to get this sudo-only policy thing working myself. ;-)

LaomaiWeng 11:04, 7 December 2012 (UTC)

Ad 1) You're right. I was coping it from old PolicyKit, which was different. Please change it.
Ad 2) Don't know. Try it. But we can also drop "unix-user:0", because root is part of the wheel group. Please change is also.
Thanks. Astaecker 13:36, 7 December 2012 (UTC)
Done. Astaecker (talk) 11:04, 18 January 2013 (UTC)