diff options
author | Lennart Poettering <lennart@poettering.net> | 2018-04-16 21:41:40 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2018-05-24 17:01:57 +0200 |
commit | 61d0578b07b97cbffebfd350bac481274e310d39 (patch) | |
tree | daa8b07cf96b942ba7be0eab3ce86c1fa9cf029e /src/portable/org.freedesktop.portable1.policy | |
parent | 19017acb9f3e5e7edad18f59acb872bfb8dda949 (diff) | |
download | systemd-61d0578b07b97cbffebfd350bac481274e310d39.tar.gz |
add new portable service framework
This adds a small service "systemd-portabled" and a matching client
"portablectl", which implement the "portable service" concept.
The daemon implements the actual operations, is PolicyKit-enabled and is
activated on demand with exit-on-idle.
Both the daemon and the client are an optional build artifact, enabled
by default rhough.
Diffstat (limited to 'src/portable/org.freedesktop.portable1.policy')
-rw-r--r-- | src/portable/org.freedesktop.portable1.policy | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/src/portable/org.freedesktop.portable1.policy b/src/portable/org.freedesktop.portable1.policy new file mode 100644 index 0000000000..17fd0a7a20 --- /dev/null +++ b/src/portable/org.freedesktop.portable1.policy @@ -0,0 +1,43 @@ +<?xml version="1.0" encoding="UTF-8"?> <!--*-nxml-*--> +<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" + "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> + +<!-- SPDX-License-Identifier: LGPL-2.1+ --> + +<policyconfig> + + <vendor>The systemd Project</vendor> + <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> + + <action id="org.freedesktop.portable1.inspect-images"> + <description gettext-domain="systemd">Inspect a portable service</description> + <message gettext-domain="systemd">Authentication is required to inspect a portable service.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.portable1.attach-images"> + <description gettext-domain="systemd">Attach or detach a portable service</description> + <message gettext-domain="systemd">Authentication is required to attach or detach a portable service.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.imply">org.freedesktop.systemd1.reload-daemon</annotate> + </action> + + <action id="org.freedesktop.portable1.manage-images"> + <description gettext-domain="systemd">Delete or modify portable service image</description> + <message gettext-domain="systemd">Authentication is required to delete or modify a portable service image.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> + +</policyconfig> |