summaryrefslogtreecommitdiff
path: root/src/machine/org.freedesktop.machine1.policy.in
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-02-18 11:41:28 +0100
committerLennart Poettering <lennart@poettering.net>2015-02-18 11:43:18 +0100
commit70244d1d25eb80b57e160ea004d0e6bf793d4caf (patch)
tree426754a172acd4d9fadf46e120afc9e26e653e08 /src/machine/org.freedesktop.machine1.policy.in
parentc0765ddb74f20046c406a3ac99f34719d767f151 (diff)
machined: open up most of machined's commands to unprivileged clients via PolicyKit
Diffstat (limited to 'src/machine/org.freedesktop.machine1.policy.in')
-rw-r--r--src/machine/org.freedesktop.machine1.policy.in22
1 files changed, 21 insertions, 1 deletions
diff --git a/src/machine/org.freedesktop.machine1.policy.in b/src/machine/org.freedesktop.machine1.policy.in
index 43478a84d6..02714e83ae 100644
--- a/src/machine/org.freedesktop.machine1.policy.in
+++ b/src/machine/org.freedesktop.machine1.policy.in
@@ -18,7 +18,27 @@
<action id="org.freedesktop.machine1.login">
<_description>Log into a local container</_description>
- <_message>Authentication is required to log into a local container</_message>
+ <_message>Authentication is required to log into a local container.</_message>
+ <defaults>
+ <allow_any>auth_admin</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.freedesktop.machine1.manage-machines">
+ <_description>Manage local virtual machines and containers</_description>
+ <_message>Authentication is required to manage local virtual machines and containers.</_message>
+ <defaults>
+ <allow_any>auth_admin</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin_keep</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.freedesktop.machine1.manage-images">
+ <_description>Manage local virtual machine and container images</_description>
+ <_message>Authentication is required to manage local virtual machine and container images.</_message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>