Skip to content

Commit

Permalink
Fix Polkit authorization
Browse files Browse the repository at this point in the history 
There were two problems with the old implementation:

1. .pkla files are deprecated, I *think* (there is a compatibility
   mechanism shipped by upstream, however).
2. We cannot modify /var/lib, and must use /etc instead. (You can also
   apparently put .pkla files in /etc, but why use the deprecated
   thing?)
  • Loading branch information
@strugee
strugee committed Oct 13, 2024
1 parent bacbd7f commit 0cced51
Showing 1 changed file with 7 additions and 9 deletions.
16 changes: 7 additions & 9 deletions build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,13 @@ cat > /etc/sudoers.d/10-unconditionally-grant-sudoers <<EOF
ALL ALL = (ALL) NOPASSWD: ALL
EOF

# https://askubuntu.com/a/123260/49090
cat > /var/lib/polkit-1/localauthority/50-local.d/disable-passwords.pkla <<EOF
[Do anything you want]
# Don't bother laptop users with needing to know passwords:
# rooms with laptops are physically secured by UW staff when
# unattended at the venue.
Identity=unix-group:admin
Action=*
ResultActive=yes
cat > /etc/polkit-1/rules.d/00-allow-everything.rules <<EOF
// Don't bother laptop users with needing to know passwords:
// rooms with laptops are physically secured by UW staff when
// unattended at the venue.
polkit.addRule(function(action, subject) {
return polkit.Result.YES;
});
EOF

# https://askubuntu.com/q/1037553/49090, https://askubuntu.com/q/1014965/49090, dconf(7)
Expand Down

0 comments on commit 0cced51

Please sign in to comment.