b5c98ec4f1
This fixes `rpm-ostree reload` as root, and supports configuring it to be enabled for other users as well. This was overlooked in the polkit work originally. Closes: https://github.com/projectatomic/rpm-ostree/issues/976 Closes: #977 Approved by: jlebon
142 lines
5.2 KiB
XML
142 lines
5.2 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE policyconfig PUBLIC
|
|
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
|
|
<policyconfig>
|
|
|
|
<vendor>Project Atomic</vendor>
|
|
<vendor_url>https://www.projectatomic.io/</vendor_url>
|
|
<icon_name>package-x-generic</icon_name>
|
|
|
|
<action id="org.projectatomic.rpmostree1.install-uninstall-packages">
|
|
<description>Install and remove packages</description>
|
|
<message>Authentication is required to install and remove software</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.install-local-packages">
|
|
<description>Install local packages</description>
|
|
<message>Authentication is required to install software</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.override">
|
|
<description>Override packages</description>
|
|
<message>Authentication is required to override base OS software</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.deploy">
|
|
<description>Update base OS</description>
|
|
<message>Authentication is required to update software</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.upgrade">
|
|
<description>Update base OS</description>
|
|
<message>Authentication is required to update software</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.rebase">
|
|
<description>Switch to a different base OS</description>
|
|
<message>Authentication is required to switch to a different base OS</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.rollback">
|
|
<description>Rollback OS updates</description>
|
|
<message>Authentication is required to roll back software updates</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.bootconfig">
|
|
<description>Change boot configuration</description>
|
|
<message>Authentication is required to change boot configuration</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.reload-daemon">
|
|
<description>Reload the daemon state</description>
|
|
<message>Authentication is required to reload the rpmostree daemon state</message>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.cleanup">
|
|
<description>Clear cache</description>
|
|
<message>Authentication is required to clear cache / pending data</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.repo-refresh">
|
|
<description>Refresh repository metadata</description>
|
|
<message>Authentication is required to check available updates</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin</allow_any>
|
|
<allow_inactive>auth_admin</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.projectatomic.rpmostree1.client-management">
|
|
<description>Register and unregister as a sysroot client</description>
|
|
<message>Authentication is required to register as a sysroot client</message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>auth_admin_keep</allow_any>
|
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
</policyconfig>
|