diff options
author | Martin Pitt <martin.pitt@ubuntu.com> | 2016-11-18 16:17:01 +0100 |
---|---|---|
committer | Martin Pitt <martin.pitt@ubuntu.com> | 2016-11-20 12:19:21 +0100 |
commit | e8c0de91271331ddbae872de63d0a267d4f71e12 (patch) | |
tree | 766e05a6536acd6c0cb3dc82a18fbbd261680d3d /src | |
parent | 9e0c296a168a7c6aca0c877eb6758ff244325e61 (diff) |
hostnamed: allow networkd to set the transient hostname
systemd-networkd runs as user "systemd-network" and thus is not privileged to
set the transient hostname:
systemd-networkd[516]: ens3: Could not set hostname: Interactive authentication required.
Standard polkit *.policy files do not have a syntax for granting privileges to
a user, so ship a pklocalauthority (for polkit < 106) and a JavaScript rules
file (for polkit >= 106) that grants the "systemd-network" system user that
privilege.
Add DnsmasqClientTest.test_transient_hostname() test to networkd-test.py to
cover this. Make do_test() a bit more flexible by interpreting "coldplug==None"
as "test sets up the interface by itself". Change DnsmasqClientTest to set up
test_eth42 with a fixed MAC address so that we can configure dnsmasq to send a
special host name for that.
Fixes #4646
Diffstat (limited to 'src')
-rw-r--r-- | src/hostname/systemd-networkd-hostname.pkla | 4 | ||||
-rw-r--r-- | src/hostname/systemd-networkd-hostname.rules | 5 |
2 files changed, 9 insertions, 0 deletions
diff --git a/src/hostname/systemd-networkd-hostname.pkla b/src/hostname/systemd-networkd-hostname.pkla new file mode 100644 index 0000000000..345ce617c6 --- /dev/null +++ b/src/hostname/systemd-networkd-hostname.pkla @@ -0,0 +1,4 @@ +[Allow systemd-networkd to set transient hostname] +Identity=unix-user:systemd-network +Action=org.freedesktop.hostname1.set-hostname +ResultAny=yes diff --git a/src/hostname/systemd-networkd-hostname.rules b/src/hostname/systemd-networkd-hostname.rules new file mode 100644 index 0000000000..b7b780da9e --- /dev/null +++ b/src/hostname/systemd-networkd-hostname.rules @@ -0,0 +1,5 @@ +polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.hostname1.set-hostname" && subject.user == "systemd-network") { + return polkit.Result.YES; + } +}); |