blob: 3962147b78963035345e72e9724969ee293bea7e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
USERNAME=$(getarg live.user)
[ -z "$USERNAME" ] && USERNAME=anon
# Check that polkit is installed.
if [ ! -x ${NEWROOT}/usr/libexec/polkitd ]; then
exit 0
fi
# configure PolicyKit in live session
mkdir -m0755 -p ${NEWROOT}/etc/PolicyKit
cat << EOF > ${NEWROOT}/etc/PolicyKit/PolicyKit.conf
<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
<!-- See the manual page PolicyKit.conf(5) for file format -->
<config version="0.1">
<match user="root">
<return result="yes"/>
</match>
<!-- don't ask password for user in live session -->
<match user="$USERNAME">
<return result="yes"/>
</match>
<define_admin_auth group="admin"/>
</config>
EOF
mkdir -m0750 -p ${NEWROOT}/var/lib/polkit-1/localauthority/10-vendor.d
cat << EOF > ${NEWROOT}/var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla
# Policy to allow the livecd user to bypass policykit
[Live CD user permissions]
Identity=unix-user:$USERNAME
Action=*
ResultAny=no
ResultInactive=no
ResultActive=yes
EOF
|
