blob: 276bf47ec98bc551ff54dddc65541cb23504edd8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"https://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
<policyconfig>
<!--
Policy definitions for System Color Manager actions.
Copyright (c) 2010 Richard Hughes <richard@hughsie.com>
-->
<vendor>System Color Manager</vendor>
<vendor_url>https://www.freedesktop.org/projects/system-color-manager/</vendor_url>
<icon_name>application-vnd.iccprofile</icon_name>
<action id="org.freedesktop.color-manager.create-device">
<!-- SECURITY:
- Normal users should not have to authenticate to add devices
-->
<description>Create a color managed device</description>
<message>Authentication is required to create a color managed device</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.create-profile">
<!-- SECURITY:
- Normal users should not have to authenticate to add profiles
-->
<description>Create a color profile</description>
<message>Authentication is required to create a color profile</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.delete-device">
<!-- SECURITY:
- Normal users should not have to authenticate to delete devices
-->
<description>Remove a color managed device</description>
<message>Authentication is required to remove a color managed device</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.delete-profile">
<!-- SECURITY:
- Normal users should not have to authenticate to delete profiles
-->
<description>Remove a color profile</description>
<message>Authentication is required to remove a color profile</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.modify-device">
<!-- SECURITY:
- Normal users should not have to authenticate to modify devices
-->
<description>Modify color settings for a device</description>
<message>Authentication is required to modify the color settings for a device</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.modify-profile">
<!-- SECURITY:
- Normal users should not have to authenticate to modify profiles
-->
<description>Modify a color profile</description>
<message>Authentication is required to modify a color profile</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.install-system-wide">
<!-- SECURITY:
- Normal users require admin authentication to install files system
wide to apply color profiles for sessions that have not explicitly
chosen profiles to apply.
- This should not be set to 'yes' as unprivileged users could then
set a profile set to all-white or all-black and thus make the
other sessions unusable.
-->
<description>Install system color profiles</description>
<message>Authentication is required to install the color profile for all users</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.device-inhibit">
<!-- SECURITY:
- Normal users should not have to authenticate to profile
devices.
-->
<description>Inhibit color profile selection</description>
<message>Authentication is required to disable profile matching for a device</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
<action id="org.freedesktop.color-manager.sensor-lock">
<!-- SECURITY:
- Normal users should not have to authenticate to use the
colorimeter device.
-->
<description>Use color sensor</description>
<message>Authentication is required to use the color sensor</message>
<icon_name>application-vnd.iccprofile</icon_name>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.owner">unix-user:@DAEMON_USER@</annotate>
</action>
</policyconfig>
|
