diff options
author | Matthias Clasen <mclasen@redhat.com> | 2011-05-19 20:23:36 -0400 |
---|---|---|
committer | Matthias Clasen <mclasen@redhat.com> | 2012-06-09 15:53:56 -0400 |
commit | 44f78332af01a00995e8aa5cdde27ad788ba8428 (patch) | |
tree | 8c88e634ced201d96291c273d150a78bcc124021 | |
parent | 5547f561c7c3ae4de73ddb86e353d025beb4fca2 (diff) | |
download | gdm-44f78332af01a00995e8aa5cdde27ad788ba8428.tar.gz |
Add policy for the setup session
-rw-r--r-- | data/20-gnome-initial-setup.pkla | 13 | ||||
-rw-r--r-- | data/Makefile.am | 8 | ||||
-rw-r--r-- | data/org.gnome.initial-setup.policy | 20 |
3 files changed, 41 insertions, 0 deletions
diff --git a/data/20-gnome-initial-setup.pkla b/data/20-gnome-initial-setup.pkla new file mode 100644 index 00000000..c305ca11 --- /dev/null +++ b/data/20-gnome-initial-setup.pkla @@ -0,0 +1,13 @@ +# Authorizations/policy for the wheel group. +# +# DO NOT EDIT THIS FILE, it will be overwritten on update. +# +# Allow the gdm-initial-setup user to do certain actions without being +# interrupted by password dialogs +# +[Initial Setup Permissions] +Identity=unix-user:gnome-initial-setup +Action=org.freedesktop.accounts.*;org.freedesktop.timedate1.*;org.freedesktop.udisks2.filesystem-mount-system;org.freedesktop.RealtimeKit1.*;org.gnome.initial-setup.pkexec.install; +ResultAny=auth_admin +ResultInactive=auth_admin +ResultActive=yes diff --git a/data/Makefile.am b/data/Makefile.am index f0d00bf1..fc6242a5 100644 --- a/data/Makefile.am +++ b/data/Makefile.am @@ -97,11 +97,19 @@ gdm-smartcard: gdm-smartcard.pam pamdir = $(PAM_PREFIX)/pam.d pam_DATA = gdm-fingerprint gdm-smartcard +policydir = $(datadir)/gdm +policy_DATA = 20-gnome-initial-setup.pkla + +polkitdir = $(datadir)/polkit-1/actions +polkit_DATA = org.gnome.initial-setup.policy + EXTRA_DIST = \ $(schemas_in_files) \ $(schemas_DATA) \ $(dbusconf_in_files) \ $(localealias_DATA) \ + $(policy_DATA) \ + $(polkit_DATA) \ gdm.schemas.in.in \ gdm.conf-custom.in \ Xsession.in \ diff --git a/data/org.gnome.initial-setup.policy b/data/org.gnome.initial-setup.policy new file mode 100644 index 00000000..31d6981b --- /dev/null +++ b/data/org.gnome.initial-setup.policy @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC +"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" +"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>GNOME</vendor> + <vendor_url>http://www.gnome.org</vendor_url> + + <action id="org.gnome.initial-setup.pkexec.install"> + <description>Copy account data</description> + <message>Authentication is required to copy account data</message> + <defaults> + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/install</annotate> + </action> +</policyconfig> |