blob: 9a154ecd84a0e298318d6b9892c2bb2af0c69548 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
#!/bin/sh
## live-config(7) - System Configuration Components
## Copyright (C) 2006-2015 Daniel Baumann <mail@daniel-baumann.ch>
##
## This program comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
## This is free software, and you are welcome to redistribute it
## under certain conditions; see COPYING for details.
#set -e
Cmdline ()
{
# Reading kernel command line
for _PARAMETER in ${LIVE_CONFIG_CMDLINE}
do
case "${_PARAMETER}" in
live-config.noroot|noroot)
LIVE_CONFIG_NOROOT="true"
;;
live-config.username=*|username=*)
LIVE_USERNAME="${_PARAMETER#*username=}"
;;
esac
done
}
Init ()
{
# Disable root access, no matter what mechanism
case "${LIVE_CONFIG_NOROOT}" in
true)
exit 0
;;
esac
# Checking if package is installed
if [ ! -e /var/lib/dpkg/info/policykit-1.list ] || \
[ -e /var/lib/live/config/policykit ]
then
exit 0
fi
echo -n " policykit"
}
Config ()
{
# Grant administrative PolicyKit pivilieges to default user
# Configure PolicyKit in live session
mkdir -p /etc/PolicyKit
cat > /etc/PolicyKit/PolicyKit.conf << EOF
<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
<!-- See the manual page PolicyKit.conf(5) for file format -->
<config version="0.1">
<match user="root">
<return result="yes"/>
</match>
EOF
if [ -n "${LIVE_USERNAME}" ]
then
cat >> /etc/PolicyKit/PolicyKit.conf << EOF
<!-- don't ask password for user in live session -->
<match user="${LIVE_USERNAME}">
<return result="yes"/>
</match>
EOF
fi
cat >> /etc/PolicyKit/PolicyKit.conf << EOF
<define_admin_auth group="adm"/>
</config>
EOF
mkdir -p /var/lib/polkit-1/localauthority/10-vendor.d
cat > /var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla << EOF
# Policy to allow the livecd user to bypass policykit
[Live CD user permissions]
Identity=unix-user:${LIVE_USERNAME}
Action=*
ResultAny=no
ResultInactive=no
ResultActive=yes
EOF
# Creating state file
touch /var/lib/live/config/policykit
}
Cmdline
Init
Config
|
