From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Prikler Subject: Re: Wheel group as polkit admins Date: Sat, 23 Nov 2019 20:08:39 +0100 Message-ID: <3b18f59a286f79cbf648f35143bdec9ffd8717fe.camel@student.tugraz.at> References: <17ea661e09a034c36151b72ca1ab508a3fc52d1c.camel@student.tugraz.at> <87mucuo3hh.fsf@gnu.org> <329f03fbb1df8c78deaef37c06c5041b3504c15e.camel@student.tugraz.at> <87imna4im0.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-iSItEerZD9hGbyXm7hQD" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:46642) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iYam4-0000Ga-Dp for guix-devel@gnu.org; Sat, 23 Nov 2019 14:08:53 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iYam2-0004EY-It for guix-devel@gnu.org; Sat, 23 Nov 2019 14:08:51 -0500 In-Reply-To: <87imna4im0.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ludovic =?ISO-8859-1?Q?Court=E8s?= Cc: guix-devel@gnu.org --=-iSItEerZD9hGbyXm7hQD Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Ludo, Am Samstag, den 23.11.2019, 18:17 +0100 schrieb Ludovic Court=C3=A8s: > Hi Leo, >=20 > Leo Prikler skribis: >=20 > > Thanks for the hint. Since it's all just static text, I don't > > really > > need the whole Guile power of computed-file, so I've shortened it > > to: > >=20 > > (define polkit-wheel > > (file-union > > "polkit-wheel" > > `(("share/polkit-1/rules.d/wheel.rules" > > ,(plain-file > > "wheel.rules" > > "polkit.addAdminRule(function(action, subject) { > > return [\"unix-group:wheel\"]; > > }); > > "))))) >=20 > Neat. >=20 > > > Should we make that the default, BTW? It would seem to make > > > sense as > > > that=E2=80=99s the whole point of the =E2=80=9Cwheel=E2=80=9D group= . > > >=20 > > > What do people think? > >=20 > > I'm probably biased as the author of this service, but I think it > > would > > probably make sense to include it in %desktop-services. Perhaps we > > could even add wheel.rules to polkit-service-type itself, although > > I'm > > somewhat conflicted on that, as one could not opt out. >=20 > Yeah, let=E2=80=99s make it a separate service like you did. >=20 > Could you send a patch that does that? >=20 > Thanks! >=20 > Ludo=E2=80=99. Sure. I've split it up into two patches =E2=80=93 one for the service it= self, and one to add it to %desktop-services. Also I'm using a simple- service instead of a service type, but it still serves the same purpose. Regards, Leo --=-iSItEerZD9hGbyXm7hQD Content-Disposition: attachment; filename="0001-services-Add-polkit-wheel-service.patch" Content-Type: text/x-patch; name="0001-services-Add-polkit-wheel-service.patch"; charset="UTF-8" Content-Transfer-Encoding: base64 RnJvbSA0MmVlZGQ0ZDlkNjRhODQzMmY3ODdlNjhkNjQ0NzZjNTkyMDBjMWI2IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBMZW8gUHJpa2xlciA8bGVvLnByaWtsZXJAc3R1ZGVudC50dWdy YXouYXQ+CkRhdGU6IFNhdCwgMjMgTm92IDIwMTkgMTk6NTE6MTUgKzAxMDAKU3ViamVjdDogW1BB VENIIDEvMl0gc2VydmljZXM6IEFkZCBwb2xraXQtd2hlZWwtc2VydmljZS4KCiogZ251L3NlcnZp Y2VzL2Rlc2t0b3Auc2NtOiAocG9sa2l0LXdoZWVsKTogTmV3IHZhcmlhYmxlLgoocG9sa2l0LXdo ZWVsLXNlcnZpY2UpOiBOZXcgc2VydmljZS4KLS0tCiBnbnUvc2VydmljZXMvZGVza3RvcC5zY20g fCAyMSArKysrKysrKysrKysrKysrKysrKysKIDEgZmlsZSBjaGFuZ2VkLCAyMSBpbnNlcnRpb25z KCspCgpkaWZmIC0tZ2l0IGEvZ251L3NlcnZpY2VzL2Rlc2t0b3Auc2NtIGIvZ251L3NlcnZpY2Vz L2Rlc2t0b3Auc2NtCmluZGV4IDAxNTJlODZlOGEuLmU1OGEwOGUwNjggMTAwNjQ0Ci0tLSBhL2du dS9zZXJ2aWNlcy9kZXNrdG9wLnNjbQorKysgYi9nbnUvc2VydmljZXMvZGVza3RvcC5zY20KQEAg LTEzNSw2ICsxMzUsOCBAQAogICAgICAgICAgICAgaW5wdXRhdHRhY2gtY29uZmlndXJhdGlvbj8K ICAgICAgICAgICAgIGlucHV0YXR0YWNoLXNlcnZpY2UtdHlwZQogCisgICAgICAgICAgICBwb2xr aXQtd2hlZWwtc2VydmljZQorCiAgICAgICAgICAgICAlZGVza3RvcC1zZXJ2aWNlcykpCiAKIDs7 OyBDb21tZW50YXJ5OgpAQCAtMTA2NCw2ICsxMDY2LDI1IEBAIGFzIGV4cGVjdGVkLiIpKSkKICAg IChkZXNjcmlwdGlvbiAiUmV0dXJuIGEgc2VydmljZSB0aGF0IHJ1bnMgaW5wdXRhdHRhY2ggb24g YSBkZXZpY2UgYW5kCiBkaXNwYXRjaGVzIGV2ZW50cyBmcm9tIGl0LiIpKSkKIAorDAorOzs7Cis7 OzsgcG9sa2l0LXdoZWVsLXNlcnZpY2UKKzs7OworCisoZGVmaW5lIHBvbGtpdC13aGVlbAorICAo ZmlsZS11bmlvbgorICAgInBvbGtpdC13aGVlbCIKKyAgIGAoKCJzaGFyZS9wb2xraXQtMS9ydWxl cy5kL3doZWVsLnJ1bGVzIgorICAgICAgLChwbGFpbi1maWxlCisgICAgICAgICJ3aGVlbC5ydWxl cyIKKyAgICAgICAgInBvbGtpdC5hZGRBZG1pblJ1bGUoZnVuY3Rpb24oYWN0aW9uLCBzdWJqZWN0 KSB7CisgICAgcmV0dXJuIFtcInVuaXgtZ3JvdXA6d2hlZWxcIl07Cit9KTsKKyIpKSkpKQorCiso ZGVmaW5lIHBvbGtpdC13aGVlbC1zZXJ2aWNlCisgIChzaW1wbGUtc2VydmljZSAncG9sa2l0LXdo ZWVsIHBvbGtpdC1zZXJ2aWNlLXR5cGUgKGxpc3QgcG9sa2l0LXdoZWVsKSkpCisKIAwKIDs7Owog Ozs7IFRoZSBkZWZhdWx0IHNldCBvZiBkZXNrdG9wIHNlcnZpY2VzLgotLSAKMi4yNC4wCgo= --=-iSItEerZD9hGbyXm7hQD Content-Disposition: attachment; filename*0=0002-services-Add-polkit-wheel-service-to-desktop-service.pat; filename*1=ch Content-Type: text/x-patch; name="0002-services-Add-polkit-wheel-service-to-desktop-service.patch"; charset="UTF-8" Content-Transfer-Encoding: base64 RnJvbSAxNTg1NTEzY2M2ZDk2ZTJmMzJhNTY4NTBjOWMyNjU1MWEyOWQ5ZjBmIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBMZW8gUHJpa2xlciA8bGVvLnByaWtsZXJAc3R1ZGVudC50dWdy YXouYXQ+CkRhdGU6IFNhdCwgMjMgTm92IDIwMTkgMTk6NTg6MTEgKzAxMDAKU3ViamVjdDogW1BB VENIIDIvMl0gc2VydmljZXM6IEFkZCBwb2xraXQtd2hlZWwtc2VydmljZSB0byAlZGVza3RvcC1z ZXJ2aWNlcy4KCiogZ251L3NlcnZpY2VzL2Rlc2t0b3Auc2NtOiAoJWRlc2t0b3Atc2VydmljZXMp OiBBZGQgcG9sa2l0LXdoZWVsLXNlcnZpY2UuCi0tLQogZ251L3NlcnZpY2VzL2Rlc2t0b3Auc2Nt IHwgMyArKysKIDEgZmlsZSBjaGFuZ2VkLCAzIGluc2VydGlvbnMoKykKCmRpZmYgLS1naXQgYS9n bnUvc2VydmljZXMvZGVza3RvcC5zY20gYi9nbnUvc2VydmljZXMvZGVza3RvcC5zY20KaW5kZXgg ZTU4YTA4ZTA2OC4uOWI4ZDViZTkwNSAxMDA2NDQKLS0tIGEvZ251L3NlcnZpY2VzL2Rlc2t0b3Au c2NtCisrKyBiL2dudS9zZXJ2aWNlcy9kZXNrdG9wLnNjbQpAQCAtMTEwMSw2ICsxMTAxLDkgQEAg ZGlzcGF0Y2hlcyBldmVudHMgZnJvbSBpdC4iKSkpCiAgICAgICAgICA7OyBBZGQgdWRldiBydWxl cyBmb3IgTVRQIGRldmljZXMgc28gdGhhdCBub24tcm9vdCB1c2VycyBjYW4gYWNjZXNzCiAgICAg ICAgICA7OyB0aGVtLgogICAgICAgICAgKHNpbXBsZS1zZXJ2aWNlICdtdHAgdWRldi1zZXJ2aWNl LXR5cGUgKGxpc3QgbGlibXRwKSkKKyAgICAgICAgIDs7IEFkZCBwb2xraXQgcnVsZXMsIHNvIHRo YXQgbm9uLXJvb3QgdXNlcnMgaW4gdGhlIHdoZWVsIGdyb3VwIGNhbgorICAgICAgICAgOzsgcGVy Zm9ybSBhZG1pbmlzdHJhdGl2ZSB0YXNrcyAoc2ltaWxhciB0byAic3VkbyIpLgorICAgICAgICAg cG9sa2l0LXdoZWVsLXNlcnZpY2UKIAogICAgICAgICAgOzsgTmV0d29ya01hbmFnZXIgYW5kIGl0 cyBhcHBsZXQuCiAgICAgICAgICAoc2VydmljZSBuZXR3b3JrLW1hbmFnZXItc2VydmljZS10eXBl KQotLSAKMi4yNC4wCgo= --=-iSItEerZD9hGbyXm7hQD--