This is Gentoo's testing wiki. It is a non-operational environment and its textual content is outdated.
Please visit our production wiki at https://wiki.gentoo.org
Talk:Polkit
subject.user
The second example in the section rules seems to be wrong. I think it should be
/etc/polkit-1/rules.d/99-udisks.rules
polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.udisks.filesystem-mount-system-internal" && subject.user == "larry" { return "yes"; } });
I tried to add a rule on my system and it didn't work with subject == "myusername", but subject.user == "myusername" did work.
- Fixed. Thanks.
Rules ordering
From what I understand from the polkit man page, functions registered through addRule() and addAdminRule() in files from /etc/polkit-1/rules.d/ are run in the order in which the files are sourced, and the first valid return value is used. Thus adding 99-admin.rules as suggested in the wiki shouldn't have any effect since there seems to be a 50-default.rules file already stating that admin is UID 0 only (or at least, there is such a file as per polkit-0.107-r1).
Furthermore, being the fussy kind, shouldn't the let-wheel-group-be-an-admin function's return value be along the lines of ["unix-user:0","unix-group:wheel"] (table with 2 single-statement elements instead of a single 2-statements element)? That's what the man page seems to state.
Please correct me if I'm wrong, I need to get this sudo-only policy thing working myself. ;-)
LaomaiWeng 11:04, 7 December 2012 (UTC)
- Ad 1) You're right. I was coping it from old PolicyKit, which was different. Please change it.
- Ad 2) Don't know. Try it. But we can also drop "unix-user:0", because root is part of the wheel group. Please change is also.
- Thanks. Astaecker 13:36, 7 December 2012 (UTC)