blob: a2118804881fe717618c2dfbc82e1b5798789727 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
#!/bin/sh
#set -e
# initramfs-tools header
PREREQ=""
prereqs()
{
echo "${PREREQ}"
}
case "${1}" in
prereqs)
prereqs
exit 0
;;
esac
# live-initramfs header
. /scripts/live-functions
log_begin_msg "Grant administrative PolicyKit pivilieges to default user"
# live-initramfs script
# configure PolicyKit in live session
mkdir -p /root/etc/PolicyKit
cat << EOF > /root/etc/PolicyKit/PolicyKit.conf
<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
"http://hal.freedesktop.org/releases/PolicyKit/1.0/config.dtd">
<!-- See the manual page PolicyKit.conf(5) for file format -->
<config version="0.1">
<match user="root">
<return result="yes"/>
</match>
EOF
if [ -n "${USERNAME}" ]
then
cat << EOF >> /root/etc/PolicyKit/PolicyKit.conf
<!-- don't ask password for user in live session -->
<match user="$USERNAME">
<return result="yes"/>
</match>
EOF
fi
cat << EOF >> /root/etc/PolicyKit/PolicyKit.conf
<define_admin_auth group="admin"/>
</config>
EOF
mkdir -p /root/var/lib/polkit-1/localauthority/10-vendor.d
cat << EOF > /root/var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla
# Policy to allow the livecd user to bypass policykit
[Live CD user permissions]
Identity=unix-user:$USERNAME
Action=*
ResultAny=no
ResultInactive=no
ResultActive=yes
EOF
log_end_msg
|
