In JS-based polkit rules, the action usually comes with 'unit' and 'verb'
polkit variables -- according to src/core/dbus-unit.c:

    if (action.id == "org.freedesktop.systemd1.manage-unit" &&
action.lookup("unit") == "foo.service") { return polkit.Result.YES; }

In older polkit versions which use .pkla rules, variables are not available
at all.

On Thu, Sep 26, 2019 at 6:15 PM Ian Pilcher <arequip...@gmail.com> wrote:

> I am writing a PolicyKit rule to allow a non-root user to restart a
> service (via D-bus).  It looks like this will be the
> org.freedesktop.systemd1.manage-units "action", but I can't see a way to
> determine *which* unit is being managed (or what the action is - start/
> stop/restart/reload).
>
> Are there any variables associated with this action that my rule can
> use?  If not, is there any way to give a particular user permission to
> perform only some actions on only some units?
>
> Thanks!
>
> --
> ========================================================================
> Ian Pilcher                                         arequip...@gmail.com
> -------- "I grew up before Mark Zuckerberg invented friendship" --------
> ========================================================================
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel



-- 
Mantas Mikulėnas
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to