logind: open up most bus calls for unpriviliged processes, using PolicyKit

[elogind.git] / src / login / org.freedesktop.login1.policy.in

diff --git a/src/login/org.freedesktop.login1.policy.in b/src/login/org.freedesktop.login1.policy.in
index 49094eeddb3d8bee629399b8d180bd8e8ee626f5..35bb3907c657c0918b99fa24f5efbed31bf872d0 100644 (file)
--- a/src/login/org.freedesktop.login1.policy.in
+++ b/src/login/org.freedesktop.login1.policy.in
@@ -270,4 +270,24 @@
                 <annotate key="org.freedesktop.policykit.imply">org.freedesktop.login1.hibernate</annotate>
         </action>
 
+        <action id="org.freedesktop.login1.manage">
+                <_description>Manager active sessions, users and seats</_description>
+                <_message>Authentication is required for managing active sessions, users and seats.</_message>
+                <defaults>
+                        <allow_any>auth_admin_keep</allow_any>
+                        <allow_inactive>auth_admin_keep</allow_inactive>
+                        <allow_active>auth_admin_keep</allow_active>
+                </defaults>
+        </action>
+
+        <action id="org.freedesktop.login1.lock-sessions">
+                <_description>Lock or unlock active sessions</_description>
+                <_message>Authentication is required for locking or unlocking active sessions.</_message>
+                <defaults>
+                        <allow_any>auth_admin_keep</allow_any>
+                        <allow_inactive>auth_admin_keep</allow_inactive>
+                        <allow_active>auth_admin_keep</allow_active>
+                </defaults>
+        </action>
+
 </policyconfig>