[systemd-devel] selinux policy updates for logind
Matthias Clasen
matthias.clasen at gmail.com
Fri Dec 23 18:16:47 PST 2011
I've spent some time playing with the ConsoleKit-replacement
functionality in logind, and noticed
that I couldn't test the PolicyKit integration for the poweroff/reboot
methods in logind, since selinux
doesn't let my method calls reach their destination.
Matthias
diff -up systemd-37/src/org.freedesktop.login1.conf.selinux
systemd-37/src/org.freedesktop.login1.conf
--- systemd-37/src/org.freedesktop.login1.conf.selinux▸‧2011-12-23
21:09:32.795513513 -0500
+++ systemd-37/src/org.freedesktop.login1.conf▸‧2011-12-23
21:10:36.456511229 -0500
@@ -69,6 +69,14 @@
send_member="ActivateSession"/>
<allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="PowerOff"/>
+
+ <allow send_destination="org.freedesktop.login1"
+ send_interface="org.freedesktop.login1.Manager"
+ send_member="Reboot"/>
+
+ <allow send_destination="org.freedesktop.login1"
send_interface="org.freedesktop.login1.Seat"
send_member="ActivateSession"/>
More information about the systemd-devel
mailing list