diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-02-02 10:00:00 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-02-02 10:00:00 +0000 |
| commit | 32322960234c8ec91e0d42835a3ec5ee63305070 (patch) | |
| tree | 71d79574de0193778ad6cc6c96dfd4f74fa6bbbb /system-config/components/1080-policykit | |
| parent | Initial commit. (diff) | |
| download | open-infrastructure-system-tools-32322960234c8ec91e0d42835a3ec5ee63305070.tar.xz open-infrastructure-system-tools-32322960234c8ec91e0d42835a3ec5ee63305070.zip | |
Adding upstream version 20190202.upstream/20190202
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'system-config/components/1080-policykit')
| -rwxr-xr-x | system-config/components/1080-policykit | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/system-config/components/1080-policykit b/system-config/components/1080-policykit new file mode 100755 index 0000000..9a154ec --- /dev/null +++ b/system-config/components/1080-policykit @@ -0,0 +1,105 @@ +#!/bin/sh + +## live-config(7) - System Configuration Components +## Copyright (C) 2006-2015 Daniel Baumann <mail@daniel-baumann.ch> +## +## This program comes with ABSOLUTELY NO WARRANTY; for details see COPYING. +## This is free software, and you are welcome to redistribute it +## under certain conditions; see COPYING for details. + + +#set -e + +Cmdline () +{ + # Reading kernel command line + for _PARAMETER in ${LIVE_CONFIG_CMDLINE} + do + case "${_PARAMETER}" in + live-config.noroot|noroot) + LIVE_CONFIG_NOROOT="true" + ;; + + live-config.username=*|username=*) + LIVE_USERNAME="${_PARAMETER#*username=}" + ;; + esac + done +} + +Init () +{ + # Disable root access, no matter what mechanism + case "${LIVE_CONFIG_NOROOT}" in + true) + exit 0 + ;; + esac + + # Checking if package is installed + if [ ! -e /var/lib/dpkg/info/policykit-1.list ] || \ + [ -e /var/lib/live/config/policykit ] + then + exit 0 + fi + + echo -n " policykit" +} + +Config () +{ + # Grant administrative PolicyKit pivilieges to default user + + # Configure PolicyKit in live session + mkdir -p /etc/PolicyKit + +cat > /etc/PolicyKit/PolicyKit.conf << EOF +<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- --> + +<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN" +"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd"> + +<!-- See the manual page PolicyKit.conf(5) for file format --> + +<config version="0.1"> + <match user="root"> + <return result="yes"/> + </match> +EOF + + if [ -n "${LIVE_USERNAME}" ] + then + +cat >> /etc/PolicyKit/PolicyKit.conf << EOF + <!-- don't ask password for user in live session --> + <match user="${LIVE_USERNAME}"> + <return result="yes"/> + </match> +EOF + + fi + +cat >> /etc/PolicyKit/PolicyKit.conf << EOF + <define_admin_auth group="adm"/> +</config> +EOF + + mkdir -p /var/lib/polkit-1/localauthority/10-vendor.d + +cat > /var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla << EOF +# Policy to allow the livecd user to bypass policykit +[Live CD user permissions] +Identity=unix-user:${LIVE_USERNAME} +Action=* +ResultAny=no +ResultInactive=no +ResultActive=yes +EOF + + # Creating state file + touch /var/lib/live/config/policykit +} + +Cmdline +Init +Config |