In JS-based polkit rules, the action usually comes with 'unit' and 'verb' polkit variables -- according to src/core/dbus-unit.c:
if (action.id == "org.freedesktop.systemd1.manage-unit" && action.lookup("unit") == "foo.service") { return polkit.Result.YES; }
In older polkit versions which use .pkla rules, variables are not available at all.
On Thu, Sep 26, 2019 at 6:15 PM Ian Pilcher <arequipeno@xxxxxxxxx> wrote:
I am writing a PolicyKit rule to allow a non-root user to restart a
service (via D-bus). It looks like this will be the
org.freedesktop.systemd1.manage-units "action", but I can't see a way to
determine *which* unit is being managed (or what the action is - start/
stop/restart/reload).
Are there any variables associated with this action that my rule can
use? If not, is there any way to give a particular user permission to
perform only some actions on only some units?
Thanks!
--
========================================================================
Ian Pilcher arequipeno@xxxxxxxxx
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
Mantas Mikulėnas
_______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
