42 lines
1.7 KiB
Text
42 lines
1.7 KiB
Text
|
/*
|
||
|
|
* These rules try to match OpenBSD default behavior.
|
||
|
|
* We enforce "local" and "active" because the same actions can be done with
|
||
|
|
* regular UNIX commands, so we assume this is for Desktop users only.
|
||
|
|
*/
|
||
|
|
|
||
|
|
/*
|
||
|
|
* Allow members of the _shutdown group to shutdown and reboot without
|
||
|
|
* password authentication"
|
||
|
|
*/
|
||
|
|
polkit.addRule(function(action, subject) {
|
||
|
|
if (action.id == "org.freedesktop.consolekit.system.stop" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.stop-multiple-users" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.restart" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.restart-multiple-users") {
|
||
|
|
if (subject.local && subject.active && subject.isInGroup("_shutdown")) {
|
||
|
|
return polkit.Result.YES;
|
||
|
|
} else {
|
||
|
|
return polkit.Result.AUTH_ADMIN;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
});
|
||
|
|
|
||
|
|
/*
|
||
|
|
* Allow members of the wheel group to suspend and hibernate without
|
||
|
|
* password authentication"
|
||
|
|
*/
|
||
|
|
polkit.addRule(function(action, subject) {
|
||
|
|
if (action.id == "org.freedesktop.consolekit.system.hibernate" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.hibernate-multiple-users" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.hybridsleep" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.hybridsleep-multiple-users" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.suspend" ||
|
||
|
|
action.id == "org.freedesktop.consolekit.system.suspend-multiple-users") {
|
||
|
|
if (subject.local && subject.active && subject.isInGroup("wheel")) {
|
||
|
|
return polkit.Result.YES;
|
||
|
|
} else {
|
||
|
|
return polkit.Result.AUTH_ADMIN_KEEP;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
});
|