diff options
| author |  Christian Hesse <mail@eworm.de> | 2024-09-11 09:47:57 +0200 |
|---|---|---|
| committer | Christian Hesse <mail@eworm.de> | 2024-09-11 10:15:27 +0200 |
| commit | 532e746da530781dbe8073021156f4f1dd8e2cda (patch) | |
| tree | 891728f84dd5c3865632c38f1c6fdb063e6f2721 | |
| parent | 3d2aaec9a604282bf0e561df6e676277dd079c7f (diff) | |
| download | pacman-offline-532e746da530781dbe8073021156f4f1dd8e2cda.tar.gz pacman-offline-532e746da530781dbe8073021156f4f1dd8e2cda.tar.zst | |
ship a polkit rule...
... to allow running `pacman-offline` without authentication
for users of group `wheel`.
| -rw-r--r-- | Makefile | 1 | ||||
| -rw-r--r-- | README.md | 10 | ||||
| -rw-r--r-- | polkit/pacman-offline.rules | 11 |
3 files changed, 22 insertions, 0 deletions
@@ -21,6 +21,7 @@ install-bin: $(INSTALL) -D -m0755 bin/pacman-offline $(DESTDIR)/usr/bin/pacman-offline $(INSTALL) -D -m0644 config/offline.conf $(DESTDIR)/etc/pacman.d/offline.conf $(INSTALL) -D -m0644 hook/99-pacman-offline.hook $(DESTDIR)/usr/share/libalpm/hooks/99-pacman-offline.hook + $(INSTALL) -D -m0644 polkit/pacman-offline.rules $(DESTDIR)/usr/share/polkit-1/rules.d/pacman-offline.rules $(INSTALL) -D -m0644 systemd/pacman-offline.service $(DESTDIR)/usr/lib/systemd/system/pacman-offline.service $(INSTALL) -D -m0755 systemd/pacman-offline $(DESTDIR)/usr/lib/systemd/scripts/pacman-offline $(INSTALL) -D -m0644 systemd/pacman-offline-prepare.service $(DESTDIR)/usr/lib/systemd/system/pacman-offline-prepare.service @@ -38,6 +38,16 @@ It accepts some arguments: * *-t*: start timer for nightly reboot * *-y*: update sync databases +### Elevating privileges + +The privileges are elevated automatically if `polkit` is installed. This works +with no authentication if your user is member of the group `wheel`. To add your +user to that group run: + + usermod --append --groups wheel user + +If your user is not member of that group you will be asked for a password. + ### Timer for preparation You can enable a timer to prepare the offline update automatically. diff --git a/polkit/pacman-offline.rules b/polkit/pacman-offline.rules new file mode 100644 index 0000000..82cc5c2 --- /dev/null +++ b/polkit/pacman-offline.rules @@ -0,0 +1,11 @@ +/* Allow members of the wheel group to run pacman-offline */ + +polkit.addRule( + function(action, subject) { + if (action.id == "org.freedesktop.policykit.exec" && + action.lookup("program") == "/usr/bin/pacman-offline" && + subject.isInGroup("wheel")) { + return polkit.Result.YES; + } + } +); |