summaryrefslogtreecommitdiffstats
path: root/system-config/components/1080-policykit
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2019-02-02 10:00:00 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2019-02-02 10:00:00 +0000
commit32322960234c8ec91e0d42835a3ec5ee63305070 (patch)
tree71d79574de0193778ad6cc6c96dfd4f74fa6bbbb /system-config/components/1080-policykit
parentInitial commit. (diff)
downloadopen-infrastructure-system-tools-32322960234c8ec91e0d42835a3ec5ee63305070.tar.xz
open-infrastructure-system-tools-32322960234c8ec91e0d42835a3ec5ee63305070.zip
Adding upstream version 20190202.upstream/20190202
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'system-config/components/1080-policykit')
-rwxr-xr-xsystem-config/components/1080-policykit105
1 files changed, 105 insertions, 0 deletions
diff --git a/system-config/components/1080-policykit b/system-config/components/1080-policykit
new file mode 100755
index 0000000..9a154ec
--- /dev/null
+++ b/system-config/components/1080-policykit
@@ -0,0 +1,105 @@
+#!/bin/sh
+
+## live-config(7) - System Configuration Components
+## Copyright (C) 2006-2015 Daniel Baumann <mail@daniel-baumann.ch>
+##
+## This program comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
+## This is free software, and you are welcome to redistribute it
+## under certain conditions; see COPYING for details.
+
+
+#set -e
+
+Cmdline ()
+{
+ # Reading kernel command line
+ for _PARAMETER in ${LIVE_CONFIG_CMDLINE}
+ do
+ case "${_PARAMETER}" in
+ live-config.noroot|noroot)
+ LIVE_CONFIG_NOROOT="true"
+ ;;
+
+ live-config.username=*|username=*)
+ LIVE_USERNAME="${_PARAMETER#*username=}"
+ ;;
+ esac
+ done
+}
+
+Init ()
+{
+ # Disable root access, no matter what mechanism
+ case "${LIVE_CONFIG_NOROOT}" in
+ true)
+ exit 0
+ ;;
+ esac
+
+ # Checking if package is installed
+ if [ ! -e /var/lib/dpkg/info/policykit-1.list ] || \
+ [ -e /var/lib/live/config/policykit ]
+ then
+ exit 0
+ fi
+
+ echo -n " policykit"
+}
+
+Config ()
+{
+ # Grant administrative PolicyKit pivilieges to default user
+
+ # Configure PolicyKit in live session
+ mkdir -p /etc/PolicyKit
+
+cat > /etc/PolicyKit/PolicyKit.conf << EOF
+<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
+
+<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
+"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
+
+<!-- See the manual page PolicyKit.conf(5) for file format -->
+
+<config version="0.1">
+ <match user="root">
+ <return result="yes"/>
+ </match>
+EOF
+
+ if [ -n "${LIVE_USERNAME}" ]
+ then
+
+cat >> /etc/PolicyKit/PolicyKit.conf << EOF
+ <!-- don't ask password for user in live session -->
+ <match user="${LIVE_USERNAME}">
+ <return result="yes"/>
+ </match>
+EOF
+
+ fi
+
+cat >> /etc/PolicyKit/PolicyKit.conf << EOF
+ <define_admin_auth group="adm"/>
+</config>
+EOF
+
+ mkdir -p /var/lib/polkit-1/localauthority/10-vendor.d
+
+cat > /var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla << EOF
+# Policy to allow the livecd user to bypass policykit
+[Live CD user permissions]
+Identity=unix-user:${LIVE_USERNAME}
+Action=*
+ResultAny=no
+ResultInactive=no
+ResultActive=yes
+EOF
+
+ # Creating state file
+ touch /var/lib/live/config/policykit
+}
+
+Cmdline
+Init
+Config