diff options
| author | Martin Pitt <martin.pitt@ubuntu.com> | 2016-11-22 08:05:18 +0100 |
|---|---|---|
| committer | Martin Pitt <martin.pitt@ubuntu.com> | 2016-11-23 16:32:06 +0100 |
| commit | 2c99aba7260a402e8f81d85aab12ce25d3d8786a (patch) | |
| tree | 16caebc4f668f07ee986db11a418520168ef5f24 /src/network/systemd-networkd.rules | |
| parent | networkd: move setting hostname and timezone to Manager (diff) | |
| download | systemd-2c99aba7260a402e8f81d85aab12ce25d3d8786a.tar.xz systemd-2c99aba7260a402e8f81d85aab12ce25d3d8786a.zip | |
networkd: allow networkd to set the timezone in timedated
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the timezone acquired from DHCP:
systemd-networkd[4167]: test_eth42: Could not set timezone: Interactive authentication required.
Similarly to commit e8c0de912, add a polkit rule to grant
org.freedesktop.timedate1.set-timezone to the "systemd-network" system user.
Move the polkit rules from src/hostname/ to src/network/ to avoid too many
small distributed policy snippets (there might be more in the future), as it's
easier to specify the privileges for a particular subject in this case.
Add NetworkdClientTest.test_dhcp_timezone() test case to verify this (for
all people except those in Pacific/Honolulu, there the test doesn't prove
anything -- sorry ☺ ).
Diffstat (limited to 'src/network/systemd-networkd.rules')
| -rw-r--r-- | src/network/systemd-networkd.rules | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/network/systemd-networkd.rules b/src/network/systemd-networkd.rules new file mode 100644 index 0000000000..2e4bc42bfb --- /dev/null +++ b/src/network/systemd-networkd.rules @@ -0,0 +1,8 @@ +// Allow systemd-networkd to set timezone and transient hostname +polkit.addRule(function(action, subject) { + if ((action.id == "org.freedesktop.hostname1.set-hostname" || + action.id == "org.freedesktop.timedate1.set-timezone") && + subject.user == "systemd-network") { + return polkit.Result.YES; + } +}); |