diff options
Diffstat (limited to 'dracut/polkit.sh')
-rw-r--r-- | dracut/polkit.sh | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/dracut/polkit.sh b/dracut/polkit.sh new file mode 100644 index 0000000..c6dfd7f --- /dev/null +++ b/dracut/polkit.sh @@ -0,0 +1,46 @@ +#!/bin/sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +type getarg >/dev/null 2>&1 || . /lib/dracut-lib.sh + +USERNAME=$(getarg live.user) +[ -z "$USERNAME" ] && USERNAME=anon + +# Check that polkit is installed. +if [ ! -x ${NEWROOT}/usr/libexec/polkitd ]; then + exit 0 +fi + +# configure PolicyKit in live session +mkdir -m0755 -p ${NEWROOT}/etc/PolicyKit +cat << EOF > ${NEWROOT}/etc/PolicyKit/PolicyKit.conf +<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- --> + +<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN" +"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd"> + +<!-- See the manual page PolicyKit.conf(5) for file format --> + +<config version="0.1"> + <match user="root"> + <return result="yes"/> + </match> + <!-- don't ask password for user in live session --> + <match user="$USERNAME"> + <return result="yes"/> + </match> + <define_admin_auth group="admin"/> +</config> +EOF + +mkdir -m0750 -p ${NEWROOT}/var/lib/polkit-1/localauthority/10-vendor.d +cat << EOF > ${NEWROOT}/var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla +# Policy to allow the livecd user to bypass policykit +[Live CD user permissions] +Identity=unix-user:$USERNAME +Action=* +ResultAny=no +ResultInactive=no +ResultActive=yes +EOF |