diff options
author | Leo Prikler <leo.prikler@student.tugraz.at> | 2019-11-23 19:51:15 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2019-11-30 23:50:40 +0100 |
commit | 7f25ff10e1c821da84c641e7f6c01c34a2ebe12e (patch) | |
tree | e6e1a7ff707c8873fff90a9961456a67eb36fa72 | |
parent | 99c45877a984dd0148151b2e304afef6fb04f1a5 (diff) | |
download | patches-7f25ff10e1c821da84c641e7f6c01c34a2ebe12e.tar patches-7f25ff10e1c821da84c641e7f6c01c34a2ebe12e.tar.gz |
services: Add polkit-wheel-service.
* gnu/services/desktop.scm: (polkit-wheel): New variable.
(polkit-wheel-service): New service.
* doc/guix.texi: Document polkit-wheel-service.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
-rw-r--r-- | doc/guix.texi | 7 | ||||
-rw-r--r-- | gnu/services/desktop.scm | 21 |
2 files changed, 28 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 661aa41785..0a7713e7ac 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -15591,6 +15591,13 @@ capabilities to ordinary users. For example, an ordinary user can be granted the capability to suspend the system if the user is logged in locally. @end deffn +@defvr {Scheme Variable} polkit-wheel-service +Service that adds the @code{wheel} group as admins to the Polkit +service. This makes it so that users in the @code{wheel} group are queried +for their own passwords when performing administrative actions instead of +@code{root}'s, similar to the behaviour used by @code{sudo}. +@end defvr + @defvr {Scheme Variable} upower-service-type Service that runs @uref{https://upower.freedesktop.org/, @command{upowerd}}, a system-wide monitor for power consumption and battery levels, with the given diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 0152e86e8a..9eee2fa485 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -135,6 +135,8 @@ inputattach-configuration? inputattach-service-type + polkit-wheel-service + %desktop-services)) ;;; Commentary: @@ -1066,6 +1068,25 @@ dispatches events from it."))) ;;; +;;; polkit-wheel-service -- Allow wheel group to perform admin actions +;;; + +(define polkit-wheel + (file-union + "polkit-wheel" + `(("share/polkit-1/rules.d/wheel.rules" + ,(plain-file + "wheel.rules" + "polkit.addAdminRule(function(action, subject) { + return [\"unix-group:wheel\"]; +}); +"))))) + +(define polkit-wheel-service + (simple-service 'polkit-wheel polkit-service-type (list polkit-wheel))) + + +;;; ;;; The default set of desktop services. ;;; |