chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
core: Verify systemd1 DBus method callers via polkit
[elogind.git] / src / core / org.freedesktop.systemd1.policy.in.in
diff --git a/src/core/org.freedesktop.systemd1.policy.in.in b/src/core/org.freedesktop.systemd1.policy.in.in
index 51bdafac45dbe80e601231be8b3710f55b34e3ba..387677d39697b6c1a5c71e7654d625b771f9eef8 100644 (file)
--- a/src/core/org.freedesktop.systemd1.policy.in.in
+++ b/src/core/org.freedesktop.systemd1.policy.in.in
@@ -38,4 +38,34 @@
                 <annotate key="org.freedesktop.policykit.exec.path">@bindir@/systemd-stdio-bridge</annotate>
         </action>
 
+        <action id="org.freedesktop.systemd1.manage-units">
+                <_description>Manage system services or units</_description>
+                <_message>Authentication is required to manage system services or units.</_message>
+                <defaults>
+                        <allow_any>auth_admin</allow_any>
+                        <allow_inactive>auth_admin</allow_inactive>
+                        <allow_active>auth_admin_keep</allow_active>
+                </defaults>
+        </action>
+
+        <action id="org.freedesktop.systemd1.manage-unit-files">
+                <_description>Manage system service or unit files</_description>
+                <_message>Authentication is required to manage system service or unit files.</_message>
+                <defaults>
+                        <allow_any>auth_admin</allow_any>
+                        <allow_inactive>auth_admin</allow_inactive>
+                        <allow_active>auth_admin_keep</allow_active>
+                </defaults>
+        </action>
+
+        <action id="org.freedesktop.systemd1.reload-daemon">
+                <_description>Reload the systemd state</_description>
+                <_message>Authentication is required to reload the systemd state.</_message>
+                <defaults>
+                        <allow_any>auth_admin</allow_any>
+                        <allow_inactive>auth_admin</allow_inactive>
+                        <allow_active>auth_admin_keep</allow_active>
+                </defaults>
+        </action>
+
 </policyconfig>
Unnamed repository; edit this file 'description' to name the repository.