some other distros use a Polkit rule, that makes the local admin group
("wheel" on Guix) Polkit admins.  Yet others easily allow writing your
own files to /etc, so that such a rule can be added.  Guix lacks such a
rule by default and adding it in the way you're supposed to in other
distros is not very guixy.

Since our polkit service expects a list of packages as extension, I
currently use the following in my /etc/config.scm:

--8<---------------cut here---------------start------------->8---
(define polkit-wheel
   (name "polkit-wheel")
   (version "0")
   (source #f)
   (build-system trivial-build-system)
    `(#:modules ((guix build utils))
        (use-modules ((guix build utils)))
        (let ((rules.d (string-append %output "/share/polkit-
          (mkdir-p rules.d)
          (with-output-to-file (string-append rules.d "/wheel.rules")
            (lambda ()
              (display "polkit.addAdminRule(function(action, subject) {
    return [\"unix-group:wheel\"];
   (home-page #f)
   (synopsis "Make wheel adminstrate")
   (description #f)
   (license #f)))

(define polkit-wheel-service-type
  (service-type (name 'polkit-wheel)
                 (list (service-extension polkit-service-type
                                          (const (list polkit-
                (default-value '())))
--8<---------------cut here---------------end--------------->8---

The problems with this apporach should be clear.  "polkit-wheel" is by
no stretch of the imagination an actual package.  It is so trivial,
that it might as well just be a file.  Is there a simpler way of
extending polkit, perhaps with just a g-expression?



Reply via email to