mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-02-01 17:35:17 +00:00
Only keep one polkit rules file
Just tweak it at build time depending on what polkit version we are building for.
This commit is contained in:
parent
0801c14908
commit
e1019e9e84
1
.gitignore
vendored
1
.gitignore
vendored
@ -54,6 +54,7 @@
|
||||
/daemon/libvirtd.8.in
|
||||
/daemon/libvirtd.init
|
||||
/daemon/libvirtd.pod
|
||||
/daemon/libvirtd.policy
|
||||
/daemon/libvirtd.service
|
||||
/daemon/test_libvirtd.aug
|
||||
/docs/apibuild.py.stamp
|
||||
|
@ -35,8 +35,7 @@ EXTRA_DIST = \
|
||||
libvirtd.conf \
|
||||
libvirtd.init.in \
|
||||
libvirtd.upstart \
|
||||
libvirtd.policy-0 \
|
||||
libvirtd.policy-1 \
|
||||
libvirtd.policy.in \
|
||||
libvirtd.sasl \
|
||||
libvirtd.sysconf \
|
||||
libvirtd.sysctl \
|
||||
@ -173,13 +172,20 @@ libvirtd_LDADD += ../src/libvirt.la
|
||||
if HAVE_POLKIT
|
||||
if HAVE_POLKIT0
|
||||
policydir = $(datadir)/PolicyKit/policy
|
||||
policyfile = libvirtd.policy-0
|
||||
policyauth = auth_admin_keep_session
|
||||
else
|
||||
policydir = $(datadir)/polkit-1/actions
|
||||
policyfile = libvirtd.policy-1
|
||||
policyauth = auth_admin_keep
|
||||
endif
|
||||
endif
|
||||
|
||||
libvirtd.policy: libvirtd.policy.in $(top_builddir)/config.status
|
||||
$(AM_V_GEN) sed \
|
||||
-e 's![@]authaction[@]!$(policyauth)!g' \
|
||||
< $< > $@-t && \
|
||||
mv $@-t $@
|
||||
BUILT_SOURCES += libvirtd.policy
|
||||
|
||||
install-data-local: install-init-redhat install-init-systemd install-init-upstart \
|
||||
install-data-sasl install-data-polkit \
|
||||
install-logrotate install-sysctl
|
||||
@ -197,7 +203,7 @@ uninstall-local:: uninstall-init-redhat uninstall-init-systemd uninstall-init-up
|
||||
if HAVE_POLKIT
|
||||
install-data-polkit::
|
||||
$(MKDIR_P) $(DESTDIR)$(policydir)
|
||||
$(INSTALL_DATA) $(srcdir)/$(policyfile) $(DESTDIR)$(policydir)/org.libvirt.unix.policy
|
||||
$(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
|
||||
uninstall-data-polkit::
|
||||
rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
|
||||
rmdir $(DESTDIR)$(policydir) || :
|
||||
|
@ -1,42 +0,0 @@
|
||||
<!DOCTYPE policyconfig PUBLIC
|
||||
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
|
||||
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
|
||||
|
||||
<!--
|
||||
Policy definitions for libvirt daemon
|
||||
|
||||
Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
|
||||
|
||||
libvirt is licensed to you under the GNU Lesser General Public License
|
||||
version 2. See COPYING for details.
|
||||
|
||||
NOTE: If you make changes to this file, make sure to validate the file
|
||||
using the polkit-policy-file-validate(1) tool. Changes made to this
|
||||
file are instantly applied.
|
||||
-->
|
||||
|
||||
<policyconfig>
|
||||
<action id="org.libvirt.unix.monitor">
|
||||
<description>Monitor local virtualized systems</description>
|
||||
<message>System policy prevents monitoring of local virtualized systems</message>
|
||||
<defaults>
|
||||
<!-- Any program can use libvirt in read-only mode for monitoring,
|
||||
even if not part of a session -->
|
||||
<allow_any>yes</allow_any>
|
||||
<allow_inactive>yes</allow_inactive>
|
||||
<allow_active>yes</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
|
||||
<action id="org.libvirt.unix.manage">
|
||||
<description>Manage local virtualized systems</description>
|
||||
<message>System policy prevents management of local virtualized systems</message>
|
||||
<defaults>
|
||||
<!-- Only a program in the active host session can use libvirt in
|
||||
read-write mode for management, and we require user password -->
|
||||
<allow_any>auth_admin</allow_any>
|
||||
<allow_inactive>auth_admin</allow_inactive>
|
||||
<allow_active>auth_admin_keep_session</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
</policyconfig>
|
@ -36,7 +36,7 @@ file are instantly applied.
|
||||
read-write mode for management, and we require user password -->
|
||||
<allow_any>auth_admin</allow_any>
|
||||
<allow_inactive>auth_admin</allow_inactive>
|
||||
<allow_active>auth_admin_keep</allow_active>
|
||||
<allow_active>@authaction@</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
</policyconfig>
|
Loading…
x
Reference in New Issue
Block a user