It is some time ago it was fighting with polkit, but as far is I remember you have to
make a .policy file to get pkexec to work right
Like this one I use in yumex.
It should be installed in /usr/share/polkit-1/actions/
When you can make a rule to bypass the polkit password prompt
Tim
PS.
You can use cat /var/log/secure | grep polkit to look for errors
On Fri, Oct 25, 2013 at 11:22 AM, Peter Lemenkov <lemenkov@xxxxxxxxx> wrote:
Hello All!
I 'm trying to write a polkit rule which allows every member of a
particular group ("ejabberd") to run a specific script
("/sbin/ejabberdctl" or "/usr/sbin/ejabberdctl"). Other users should
not be even able to run it. This sounds simple, so I quickly wrote
this:
http://peter.fedorapeople.org/stuff/ejabberdctl.polkit.rules
I installed it to %{_datadir}/polkit-1/rules.d/51-ejabberdctl.rules,
and added /usr/bin/ejabberdctl which contains just the following:
=======
#!/bin/sh
/usr/bin/pkexec /usr/sbin/ejabberdctl "$@"
=======
So when user types ejabberdctl it actually runs /usr/sbin/ejabberdctl
under the polkit supervision. Unfortunately people started reporting
about the issues with the other apps:
* https://bugzilla.redhat.com/show_bug.cgi?id=1009408
I can't find what's wrong with the rule above so I'm calling you for
help. Could please someone help me fixing this mess?
--
With best regards, Peter Lemenkov.
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
