From 1d22e9068c52c1cf935bcdff70b9b9654e3c939e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 18 Feb 2015 17:40:57 +0100 Subject: core: rework policykit hookup - Always issue selinux access check as early as possible, and PK check as late as possible. - Introduce a new policykit action for altering environment - Open most remaining bus calls to unprivileged clients via PK --- src/core/org.freedesktop.systemd1.policy.in.in | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'src/core/org.freedesktop.systemd1.policy.in.in') diff --git a/src/core/org.freedesktop.systemd1.policy.in.in b/src/core/org.freedesktop.systemd1.policy.in.in index fd771b4b26..cc39a9e1c3 100644 --- a/src/core/org.freedesktop.systemd1.policy.in.in +++ b/src/core/org.freedesktop.systemd1.policy.in.in @@ -28,8 +28,8 @@ - <_description>Manage system services or units - <_message>Authentication is required to manage system services or units. + <_description>Manage system services or other units + <_message>Authentication is required to manage system services or other units. auth_admin auth_admin @@ -47,6 +47,16 @@ + + <_description>Set or unset system and service manager environment variables + <_message>Authentication is required to set or unset system and service manager environment variables. + + auth_admin + auth_admin + auth_admin_keep + + + <_description>Reload the systemd state <_message>Authentication is required to reload the systemd state. -- cgit v1.2.3-54-g00ecf