TileOS/tileos-system-adjustments
TileOS/tileos-system-adjustments
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update polkit rules

Browse source
This commit is contained in:
Aleksey Samoilov 2024-04-09 15:49:22 +04:00
parent b48540690c
commit a8d42aad57
Signed by: Sunderland93
GPG key ID: D3E730685C28F1FB
4 changed files with 119 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
debian/changelog vendored
View file

@ -1,3 +1,9 @@
tileos-system-adjustments (1.6.0~tileos) unstable; urgency=medium
* Update polkit rules
-- Aleksey Samoilov <samoilov.lex@gmail.com> Tue, 09 Apr 2024 15:48:39 +0400
tileos-system-adjustments (1.5.1~tileos) unstable; urgency=medium
* Fix comments

1
debian/tileos-system-adjustments.install vendored
View file

@ -1,2 +1,3 @@
/etc
/var
/usr

76
usr/share/polkit-1/rules.d/com.tileos.desktop.rules Normal file
View file

@ -0,0 +1,76 @@
// Mounting, checking, etc. of internal drives
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
action.id == "org.freedesktop.udisks2.encrypted-unlock-system" ||
action.id == "org.freedesktop.udisks2.filesystem-fstab") &&
subject.active == true && subject.local == true &&
subject.isInGroup("sudo")) {
return polkit.Result.YES;
}
});
// Change CPU Frequency scaling
polkit.addRule(function(action, subject) {
if ((action.id == "org.gnome.cpufreqselector" ||
action.id == "org.mate.cpufreqselector" ) &&
subject.active == true && subject.local == true &&
subject.isInGroup("sudo")) {
return polkit.Result.YES;
}
});
// Setting the clock
polkit.addRule(function(action, subject) {
if ((action.id == "org.gnome.controlcenter.datetime.configure" ||
action.id == "org.kde.kcontrol.kcmclock.save" ||
action.id == "org.freedesktop.timedate1.set-time" ||
action.id == "org.freedesktop.timedate1.set-timezone" ||
action.id == "org.freedesktop.timedate1.set-local-rtc" ||
action.id == "org.freedesktop.timedate1.set-ntp" ||
action.id == "com.canonical.controlcenter.datetime.configure" ||
action.id == "org.mate.settingsdaemon.datetimemechanism.settime") &&
subject.active == true && subject.local == true &&
subject.isInGroup("sudo")) {
return polkit.Result.YES;
}
});
// Update already installed software
polkit.addRule(function(action, subject) {
if (action.id == "org.debian.apt.upgrade-packages" &&
subject.active == true && subject.local == true &&
subject.isInGroup("sudo")) {
return polkit.Result.YES;
}
});
// Printer administration
polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.opensuse.cupspkhelper.mechanism.") == 0 &&
subject.active == true && subject.local == true &&
(subject.isInGroup("sudo") || subject.isInGroup("lpadmin"))) {
return polkit.Result.YES;
}
});
// Disable hibernate by default in Ubuntu
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.upower.hibernate" ||
action.id == "org.freedesktop.login1.hibernate" ||
action.id == "org.freedesktop.login1.handle-hibernate-key" ||
action.id == "org.freedesktop.login1.hibernate-multiple-sessions") {
return polkit.Result.NO;
}
});
// Allow admins to set the hostname,locale,keyboard,date/time without prompting
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.locale1.set-locale" ||
action.id == "org.freedesktop.locale1.set-keyboard" ||
action.id == "org.freedesktop.hostname1.set-static-hostname" ||
action.id == "org.freedesktop.hostname1.set-hostname") &&
subject.active == true && subject.local == true &&
subject.isInGroup("sudo")) {
return polkit.Result.YES;
}
});

39
var/lib/polkit-1/localauthority/10-vendor.d/com.tileos.desktop.pkla
View file

@ -1,6 +1,39 @@
[Mounting, checking, etc. of internal drives]
Identity=unix-group:admin;unix-group:sudo
Action=org.freedesktop.udisks.filesystem-*;org.freedesktop.udisks.drive-ata-smart*;org.freedesktop.udisks2.filesystem-mount-system;org.freedesktop.udisks2.encrypted-unlock-system;org.freedesktop.udisks2.filesystem-fstab;
ResultAny=auth_admin
ResultInactive=auth_admin
Action=org.freedesktop.udisks2.filesystem-mount-system;org.freedesktop.udisks2.encrypted-unlock-system;org.freedesktop.udisks2.filesystem-fstab;
ResultActive=yes
[Change CPU Frequency scaling]
Identity=unix-group:admin;unix-group:sudo
Action=org.gnome.cpufreqselector;org.mate.cpufreqselector
ResultActive=yes
[Setting the clock]
Identity=unix-group:admin;unix-group:sudo
Action=org.gnome.clockapplet.mechanism.*;org.gnome.controlcenter.datetime.configure;org.kde.kcontrol.kcmclock.save;org.freedesktop.timedate1.set-time;org.freedesktop.timedate1.set-timezone;org.freedesktop.timedate1.set-local-rtc;org.freedesktop.timedate1.set-ntp;com.canonical.controlcenter.datetime.configure;org.mate.settingsdaemon.datetimemechanism.settime
ResultActive=yes
[Update already installed software]
Identity=unix-group:admin;unix-group:sudo
Action=org.debian.apt.upgrade-packages
ResultActive=yes
[Printer administration]
Identity=unix-group:lpadmin;unix-group:admin;unix-group:sudo
Action=org.opensuse.cupspkhelper.mechanism.*
ResultActive=yes
[Disable hibernate by default in upower]
Identity=unix-user:*
Action=org.freedesktop.upower.hibernate
ResultActive=no
[Disable hibernate by default in logind]
Identity=unix-user:*
Action=org.freedesktop.login1.hibernate;org.freedesktop.login1.handle-hibernate-key;org.freedesktop.login1;org.freedesktop.login1.hibernate-multiple-sessions;org.freedesktop.login1.hibernate-ignore-inhibit
ResultActive=no
[Allow admins to set the hostname,locale,keyboard,date/time without prompting]
Identity=unix-group:admin;unix-group:sudo
Action=org.freedesktop.locale1.set-locale;org.freedesktop.locale1.set-keyboard;org.freedesktop.hostname1.set-static-hostname;org.freedesktop.hostname1.set-hostname
ResultActive=yes