Talk:Polkit
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using
~~~~
:
A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC) : A reply [[User:Sally|Sally]] 07:51, 5 December 2024 (UTC) :: Your reply ~~~~
subject.user
The second example in the section rules seems to be wrong. I think it should be
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.udisks.filesystem-mount-system-internal" &&
subject.user == "larry" {
return "yes";
}
});
I tried to add a rule on my system and it didn't work with subject == "myusername", but subject.user == "myusername" did work.
- Fixed. Thanks.
Rules ordering
From what I understand from the polkit man page, functions registered through addRule() and addAdminRule() in files from /etc/polkit-1/rules.d/ are run in the order in which the files are sourced, and the first valid return value is used. Thus adding 99-admin.rules as suggested in the wiki shouldn't have any effect since there seems to be a 50-default.rules file already stating that admin is UID 0 only (or at least, there is such a file as per polkit-0.107-r1).
Furthermore, being the fussy kind, shouldn't the let-wheel-group-be-an-admin function's return value be along the lines of ["unix-user:0","unix-group:wheel"] (table with 2 single-statement elements instead of a single 2-statements element)? That's what the man page seems to state.
Please correct me if I'm wrong, I need to get this sudo-only policy thing working myself. ;-)
LaomaiWeng 11:04, 7 December 2012 (UTC)
- Ad 1) You're right. I was coping it from old PolicyKit, which was different. Please change it.
- Ad 2) Don't know. Try it. But we can also drop "unix-user:0", because root is part of the wheel group. Please change is also.
- Thanks. Astaecker 13:36, 7 December 2012 (UTC)