[Xfce4-commits] [xfce/thunar] 01/01: Add pkexec policy (Bug #11122)
noreply at xfce.org
noreply at xfce.org
Sat Nov 1 20:23:27 CET 2014
This is an automated email from the git hooks/post-receive script.
ochosi pushed a commit to branch master
in repository xfce/thunar.
commit 8eeed6ba6ed0b1efa2b2b05c0b108da816763069
Author: Eric Koegel <eric.koegel at gmail.com>
Date: Sat Nov 1 22:13:18 2014 +0300
Add pkexec policy (Bug #11122)
This adds a pkexec policy file to Thunar. This way if the user
of a desktop system wants to use thunar to modify files as root
and has the proper credentials they can.
pkexec comes from polkit which does about the same thing as
sudo/gksu except also supports authentication methods like
fingerprint or smart card readers.
Signed-off-by: Simon Steinbeiss <simon.steinbeiss at elfenbeinturm.at>
---
Makefile.am | 16 ++++++++++++++--
org.xfce.thunar.policy.in.in | 37 +++++++++++++++++++++++++++++++++++++
po/POTFILES.in | 1 +
3 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 0cb69b4..13b991e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -82,6 +82,15 @@ service_DATA = $(service_in_files:.service.in=.service)
$(AM_V_GEN) $(SED) -e "s,\@bindir\@,$(bindir),g" < $< > $@
endif
+polkit_policydir = $(datadir)/polkit-1/actions
+polkit_in_in_files = \
+ org.xfce.thunar.policy.in.in
+polkit_in_files = $(polkit_in_in_files:.policy.in.in=.policy.in)
+%.policy.in: %.policy.in.in
+ sed -e "s,\@bindir\@,$(bindir),g" < $< > $@
+polkit_policy_DATA = $(polkit_in_files:.policy.in=.policy)
+ at INTLTOOL_POLICY_RULE@
+
EXTRA_DIST = \
FAQ \
HACKING \
@@ -91,7 +100,8 @@ EXTRA_DIST = \
intltool-update.in \
$(desktop_in_in_files) \
$(service_in_files) \
- $(appdata_in_files)
+ $(appdata_in_files) \
+ $(polkit_in_in_files)
CLEANFILES = $(appdata_DATA)
@@ -102,7 +112,9 @@ DISTCLEANFILES = \
intltool-update \
$(desktop_in_files) \
$(desktop_DATA) \
- $(service_DATA)
+ $(service_DATA) \
+ $(polkit_in_files) \
+ $(polkit_policy_DATA)
DISTCHECK_CONFIGURE_FLAGS = \
--enable-gtk-doc \
diff --git a/org.xfce.thunar.policy.in.in b/org.xfce.thunar.policy.in.in
new file mode 100644
index 0000000..d64113e
--- /dev/null
+++ b/org.xfce.thunar.policy.in.in
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+ <!--
+ Policy definitions for Thunar.
+ Copyright (c) 2014 Benedikt Meurer <benny at xfce.org>
+ Jannis Pohlmann <jannis at xfce.org>
+ Jeffs Franks <jcfranks at xfce.org>
+ Nick Schermer <nick at xfce.org>
+ -->
+
+ <vendor>Thunar</vendor>
+ <vendor_url>http://xfce.org/</vendor_url>
+ <icon_name>system-file-manager</icon_name>
+
+
+ <action id="org.xfce.thunar">
+ <!-- SECURITY:
+ - A normal active user can run thunar without elevated rights. They
+ may wish to modify files they normally do not have read/write access
+ to. This isn't a good idea, but is common on single user systems.
+ -->
+ <_description>Run Thunar as root</_description>
+ <_message>Authentication is required to run Thunar as root.</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">@bindir@/thunar</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+
+</policyconfig>
diff --git a/po/POTFILES.in b/po/POTFILES.in
index c47182a..1c487a9 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -130,3 +130,4 @@ Thunar-bulk-rename.desktop.in.in
Thunar-folder-handler.desktop.in.in
thunar/thunar-settings.desktop.in
thunar.appdata.xml.in
+org.xfce.thunar.policy.in.in
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Xfce4-commits
mailing list