summaryrefslogtreecommitdiff
path: root/src/import/org.freedesktop.import1.policy.in
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-01-22 03:57:15 +0100
committerLennart Poettering <lennart@poettering.net>2015-01-22 04:02:07 +0100
commit3d7415f43f0fe6a821d7bc4a341ba371e8a30ef3 (patch)
treed79e54dec69645a894a4ec12d6abf765515d245f /src/import/org.freedesktop.import1.policy.in
parentf4c135bf2f0abcf79c89efbeae51f03bacba5f2f (diff)
import: introduce new mini-daemon systemd-importd, and make machinectl a client to it
The old "systemd-import" binary is now an internal tool. We still use it as asynchronous backend for systemd-importd. Since the import tool might require some IO and CPU resources (due to qcow2 explosion, and decompression), and because we might want to run it with more minimal priviliges we still keep it around as the worker binary to execute as child process of importd. machinectl now has verbs for pulling down images, cancelling them and listing them.
Diffstat (limited to 'src/import/org.freedesktop.import1.policy.in')
-rw-r--r--src/import/org.freedesktop.import1.policy.in29
1 files changed, 29 insertions, 0 deletions
diff --git a/src/import/org.freedesktop.import1.policy.in b/src/import/org.freedesktop.import1.policy.in
new file mode 100644
index 0000000000..1003f46447
--- /dev/null
+++ b/src/import/org.freedesktop.import1.policy.in
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?> <!--*-nxml-*-->
+<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+
+<!--
+ This file is part of systemd.
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+-->
+
+<policyconfig>
+
+ <vendor>The systemd Project</vendor>
+ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url>
+
+ <action id="org.freedesktop.import1.pull">
+ <_description>Download a VM or container image</_description>
+ <_message>Authentication is required to download a VM or container image</_message>
+ <defaults>
+ <allow_any>auth_admin</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ </action>
+
+</policyconfig>