Re: [systemd-devel] systemctl edit via polkit results in access denied

2015-10-16 Thread Mantas Mikulėnas
On Fri, Oct 16, 2015 at 5:44 PM, Chris Bell  wrote:

> Hello,
>
> I have configured polkit to allow my user to manage basically everything
> in systemd without requiring sudo or root. Enabling, disabling, reloading,
> etc all work as expected. However, 'systemctl edit' does not. It does not
> deny permission for me to use the function, but it fails when trying to
> copy the file to a temporary directory:
>
> $ systemctl edit rngd.service
> Failed to create directories for
> "/etc/systemd/system/rngd.service.d/override.conf": Permission denied
>
>
> Is there a way for polkit to correct or temporarily override these
> permissions? Or should I use ACLs to grant write permission to my user for
> those directories?
>

The problem is that `systemctl edit` only uses D-Bus calls for reloading
systemd; it still manages the unit files directly. For now, use directory
ACLs.

(Wonder if this could somehow make use of GNOME's new admin:/// vfs...)

-- 
Mantas Mikulėnas 
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] systemctl edit via polkit results in access denied

2015-10-16 Thread Chris Bell

Hello,

I have configured polkit to allow my user to manage basically everything 
in systemd without requiring sudo or root. Enabling, disabling, 
reloading, etc all work as expected. However, 'systemctl edit' does not. 
It does not deny permission for me to use the function, but it fails 
when trying to copy the file to a temporary directory:


$ systemctl edit rngd.service
Failed to create directories for 
"/etc/systemd/system/rngd.service.d/override.conf": Permission denied



Is there a way for polkit to correct or temporarily override these 
permissions? Or should I use ACLs to grant write permission to my user 
for those directories?


Thanks!

Chris
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] systemctl edit via polkit results in access denied

2015-10-16 Thread Chris Bell

On 2015-10-16 15:41, Mantas Mikulėnas wrote:

On Fri, Oct 16, 2015 at 5:44 PM, Chris Bell  wrote:

Is there a way for polkit to correct or temporarily override these
permissions? Or should I use ACLs to grant write permission to my
user for those directories?


The problem is that `systemctl edit` only uses D-Bus calls for
reloading systemd; it still manages the unit files directly. For now,
use directory ACLs.


Thanks, that's what I ended up doing. I created a new group, 
sd-managers, and gave the group rwX access to the systemd directories 
via ACLs. Now it works as expected, thanks!


--Chris
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel