1
0
Fork 0
mirror of synced 2024-12-22 16:18:59 -05:00

add polkit rules to not ask password for certain apps

This commit is contained in:
librewish 2021-02-04 13:19:38 +05:30
parent cad61f79ca
commit de69ff074d
2 changed files with 71 additions and 1 deletions

View file

@ -0,0 +1,70 @@
polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.freedesktop.udisks2.") == 0 && subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
// Allow udisks2 to mount devices without authentication
// for users in the "wheel" group.
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
action.id == "org.freedesktop.udisks2.filesystem-mount" ||
action id == "org.freedesktop.udisks2.filesystem-mount-other-seat" ||
action.id == "org.freedesktop.udisks.filesystem-fstab") &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.login1.power-off" ||
action.id == "org.freedesktop.login1.power-off-multiple-sessions" ||
action.id == "org.freedesktop.login1.reboot" ||
action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
action.id == "org.freedesktop.login1.hibernate" ||
action.id == "org.freedesktop.login1.hibernate-multiple-sessions" ||
action.id == "org.freedesktop.login1.suspend" ||
action.id == "org.freedesktop.login1.suspend-multiple-sessions") {
return polkit.Result.YES;
}
});
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.upower.hibernate" ||
action.id == "org.freedesktop.upower.suspend") {
return polkit.Result.YES;
}
});
/* Allow users of network group to use blueman feature requiring root without authentication */
polkit.addRule(function(action, subject) {
if ((action.id == "org.blueman.network.setup" ||
action.id == "org.blueman.dhcp.client" ||
action.id == "org.blueman.rfkill.setstate" ||
action.id == "org.blueman.pppd.pppconnect") &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
/* Allow members of the wheel group to execute the defined actions
* without password authentication, similar to "sudo NOPASSWD:"
*/
polkit.addRule(function(action, subject) {
if ((action.id == "org.archlinux.pkexec.gparted" ||
action.id == "org.libvirt.unix.manage") &&
subject.isInGroup("wheel"))
{
return polkit.Result.YES;
}
});
polkit.addRule(function(action, subject) {
if ((action.id == "org.corectrl.helper.init" ||
action.id == "org.corectrl.helperkiller.init") &&
subject.local == true &&
subject.active == true &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});

View file

@ -1,7 +1,7 @@
[Desktop Entry]
Categories=System;Monitor;
Comment=Does the initial user setup
Exec=systemctl --user enable --now psd pulseaudio-bluetooth-autoconnect precached-trigger;libinput-gestures-setup autostart;libinput-gestures-setup start;setup_dxvk install;rm ~/.config/autostart/initial-user-setup.desktop
Exec=systemctl --user enable --now psd;systemctl --user enable --now pulseaudio-bluetooth-autoconnect;systemctl --user enable --now gamemoded;libinput-gestures-setup autostart;libinput-gestures-setup start;setup_dxvk install;rm ~/.config/autostart/initial-user-setup.desktop
Icon=setup
Name=Initial user setup
StartupNotify=false