mirror of
https://git.proxmox.com/git/fwupd
synced 2025-08-03 13:27:59 +00:00
Allow any admin users to install system firmware without a password
From a security point of view, this is no more scary than allowing admin users to install a new kernel or glibc package.
This commit is contained in:
parent
d7022b50e6
commit
d08dca72f6
@ -47,6 +47,7 @@ make install DESTDIR=$RPM_BUILD_ROOT
|
||||
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.fwupd.conf
|
||||
%{_datadir}/dbus-1/interfaces/org.freedesktop.fwupd.xml
|
||||
%{_datadir}/polkit-1/actions/org.freedesktop.fwupd.policy
|
||||
%{_datadir}/polkit-1/rules.d/org.freedesktop.fwupd.rules
|
||||
%{_datadir}/dbus-1/system-services/org.freedesktop.fwupd.service
|
||||
%{_datadir}/man/man1/fwupdmgr.1.gz
|
||||
%dir %{_localstatedir}/lib/fwupd
|
||||
|
@ -1,3 +1,8 @@
|
||||
|
||||
polkit_rulesdir = $(datadir)/polkit-1/rules.d
|
||||
dist_polkit_rules_DATA = \
|
||||
org.freedesktop.fwupd.rules
|
||||
|
||||
@INTLTOOL_POLICY_RULE@
|
||||
polkit_policydir = $(datadir)/polkit-1/actions
|
||||
polkit_policy_in_files = org.freedesktop.fwupd.policy.in
|
||||
|
7
policy/org.freedesktop.fwupd.rules
Normal file
7
policy/org.freedesktop.fwupd.rules
Normal file
@ -0,0 +1,7 @@
|
||||
polkit.addRule(function(action, subject) {
|
||||
if (action.id == "org.freedesktop.fwupd.update-internal" &&
|
||||
subject.active == true && subject.local == true &&
|
||||
subject.isInGroup("wheel")) {
|
||||
return polkit.Result.YES;
|
||||
}
|
||||
});
|
Loading…
Reference in New Issue
Block a user