diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2024-08-16 02:27:46 +0200 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2024-08-19 04:36:32 +0200 |
| commit | cf01bbb7a45fb1eec28cd0a813bd68fde413410f (patch) | |
| tree | 109360fa44ee2bfaa01628fed9cfb59de8bb002a /src/resolve/org.freedesktop.resolve1.policy | |
| parent | sd-varlink: allow to dispatch method again on pending-method-more state (diff) | |
| download | systemd-cf01bbb7a45fb1eec28cd0a813bd68fde413410f.tar.xz systemd-cf01bbb7a45fb1eec28cd0a813bd68fde413410f.zip | |
resolve: support polkit authentication for io.systemd.Resolve.Monitor
Then, non-privilege user can call e.g. 'resolvectl monitor' with
authentication.
Diffstat (limited to 'src/resolve/org.freedesktop.resolve1.policy')
| -rw-r--r-- | src/resolve/org.freedesktop.resolve1.policy | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/resolve/org.freedesktop.resolve1.policy b/src/resolve/org.freedesktop.resolve1.policy index 502b975647..0470cb70c1 100644 --- a/src/resolve/org.freedesktop.resolve1.policy +++ b/src/resolve/org.freedesktop.resolve1.policy @@ -139,4 +139,59 @@ <annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate> </action> + <action id="org.freedesktop.resolve1.subscribe-query-results"> + <description gettext-domain="systemd">Subscribe query results</description> + <message gettext-domain="systemd">Authentication is required to subscribe query results.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate> + </action> + + <action id="org.freedesktop.resolve1.dump-cache"> + <description gettext-domain="systemd">Dump cache</description> + <message gettext-domain="systemd">Authentication is required to dump cache.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate> + </action> + + <action id="org.freedesktop.resolve1.dump-server-state"> + <description gettext-domain="systemd">Dump server state</description> + <message gettext-domain="systemd">Authentication is required to dump server state.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate> + </action> + + <action id="org.freedesktop.resolve1.dump-statistics"> + <description gettext-domain="systemd">Dump statistics</description> + <message gettext-domain="systemd">Authentication is required to dump statistics.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate> + </action> + + <action id="org.freedesktop.resolve1.reset-statistics"> + <description gettext-domain="systemd">Reset statistics</description> + <message gettext-domain="systemd">Authentication is required to reset statistics.</message> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.owner">unix-user:systemd-resolve</annotate> + </action> + </policyconfig> |