diff options
-rw-r--r-- | daemon/meson.build | 11 | ||||
-rw-r--r-- | daemon/org.gtk.vfs.file-operations.rules.in (renamed from daemon/org.gtk.vfs.file-operations.rules) | 4 | ||||
-rw-r--r-- | meson.build | 4 | ||||
-rw-r--r-- | meson_options.txt | 1 |
4 files changed, 15 insertions, 5 deletions
diff --git a/daemon/meson.build b/daemon/meson.build index dffeef3e..c89ef407 100644 --- a/daemon/meson.build +++ b/daemon/meson.build @@ -374,8 +374,15 @@ if enable_admin install_dir: gvfs_datadir / 'polkit-1/actions', ) - install_data( - gvfs_namespace + '.file-operations.rules', + rules = gvfs_namespace + '.file-operations.rules' + + rules_conf = configuration_data() + rules_conf.set('PRIVILEGED_GROUP', privileged_group) + + configure_file( + input: rules + '.in', + output: rules, + configuration: rules_conf, install_dir: gvfs_datadir / 'polkit-1/rules.d', ) endif diff --git a/daemon/org.gtk.vfs.file-operations.rules b/daemon/org.gtk.vfs.file-operations.rules.in index fb137327..a3a2f643 100644 --- a/daemon/org.gtk.vfs.file-operations.rules +++ b/daemon/org.gtk.vfs.file-operations.rules.in @@ -1,4 +1,4 @@ -// Allows users belonging to wheel group to start gvfsd-admin without +// Allows users belonging to privileged group to start gvfsd-admin without // authorization. This prevents redundant password prompt when starting // gvfsd-admin. The gvfsd-admin causes another password prompt to be shown // for each client process using the different action id and for the subject @@ -7,7 +7,7 @@ polkit.addRule(function(action, subject) { if ((action.id == "org.gtk.vfs.file-operations-helper") && subject.local && subject.active && - subject.isInGroup ("wheel")) { + subject.isInGroup ("@PRIVILEGED_GROUP@")) { return polkit.Result.YES; } }); diff --git a/meson.build b/meson.build index b881ebe3..4e5e021b 100644 --- a/meson.build +++ b/meson.build @@ -299,6 +299,7 @@ endif config_h.set('HAVE_GCR', enable_gcr) # *** Check if we should build with admin backend *** +privileged_group = get_option('privileged_group') enable_admin = get_option('admin') if enable_admin libcap_dep = dependency('libcap') @@ -493,7 +494,8 @@ meson.add_install_script( summary({ 'systemduserunitdir': systemd_systemduserunitdir, 'tmpfilesdir': systemd_tmpfilesdir, -}, section: 'Directories') + 'privileged_group': privileged_group, +}, section: 'Configuration') summary({ 'admin': enable_admin, diff --git a/meson_options.txt b/meson_options.txt index 32f10d42..5059161b 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -1,5 +1,6 @@ option('systemduserunitdir', type: 'string', value: '', description: 'custom directory for systemd user units, or \'no\' to disable') option('tmpfilesdir', type: 'string', value: '', description: 'custom directory for tmpfiles.d config files, or \'no\' to disable') +option('privileged_group', type: 'string', value: 'wheel', description: 'custom name for group that has elevated permissions') option('admin', type: 'boolean', value: true, description: 'build with admin backend') option('afc', type: 'boolean', value: true, description: 'build with afc backend and volume monitor') |