aboutsummaryrefslogtreecommitdiff
path: root/roles/xrdp/files/xrdp_polkit.rules
diff options
context:
space:
mode:
Diffstat (limited to 'roles/xrdp/files/xrdp_polkit.rules')
-rw-r--r--roles/xrdp/files/xrdp_polkit.rules31
1 files changed, 31 insertions, 0 deletions
diff --git a/roles/xrdp/files/xrdp_polkit.rules b/roles/xrdp/files/xrdp_polkit.rules
new file mode 100644
index 0000000..c1fecde
--- /dev/null
+++ b/roles/xrdp/files/xrdp_polkit.rules
@@ -0,0 +1,31 @@
+polkit.addRule(function(action, subject) {
+ if (subject.user && subject.user !== "root" &&
+ (action.id == "org.freedesktop.color-manager.create-device" ||
+ action.id == "org.freedesktop.color-manager.create-profile" ||
+ action.id == "org.freedesktop.color-manager.delete-device" ||
+ action.id == "org.freedesktop.color-manager.delete-profile" ||
+ action.id == "org.freedesktop.color-manager.modify-device" ||
+ action.id == "org.freedesktop.color-manager.modify-profile" ||
+ action.id == "org.debian.apt.update-cache")) {
+ return polkit.Result.YES;
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (subject.user && subject.user !== "root" &&
+ (action.id == "org.freedesktop.NetworkManager.settings.modify.system" ||
+ action.id == "org.freedesktop.NetworkManager.network-control")) {
+ return polkit.Result.YES;
+ }
+});
+
+polkit.addRule(function(action, subject) {
+ if (subject.user && subject.user !== "root" &&
+ action.id.match(/^org\.freedesktop\.login1\.(reboot|power-off|suspend)/)) {
+ if (subject.active) {
+ return polkit.Result.YES;
+ } else {
+ return polkit.Result.NO;
+ }
+ }
+});
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-01 11:50:39 +0000