polkit: Translate pkla into (java script like) rule file
c.buhtz at posteo.jp
c.buhtz at posteo.jp
Wed Dec 25 15:40:13 UTC 2024
Hello,
I struggle to "translate" an old fashioned pkla file into the "new"
java script like rule format.
My solution works half. The creation of a color device now is allowed
in an XRDP session, as expected, but some other features now are
disabled. I am not able to shutdown the machine nor mount an usb device.
This is the old pkla
[Color Manager All Users]
Identity=unix-user:*
Action=org.freedesktop.color-manager.settings.modify.system;org.freedesktop.color-manager.create-device
ResultAny=no
ResultInactive=no
ResultActive=yes
This is the new rule
/* org.freedesktop.color-manager.create-device */
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.color-manager.create-device") {
return polkit.Result.YES;
}
return polkit.Result.NO;
});
I do understand that the reason for my problematic behavior is that the
else branch does return NO. But I don't know how to treat the else
branch the other way. I don't understand the big picture and how the
polkit systems does use that rule file.
Thanks in advance.
Christian Buhtz
More information about the freedesktop
mailing list