diff options
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/polkit-1/rules.d/50-networkd-wheel.rules | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/etc/polkit-1/rules.d/50-networkd-wheel.rules b/etc/polkit-1/rules.d/50-networkd-wheel.rules new file mode 100644 index 0000000..089616a --- /dev/null +++ b/etc/polkit-1/rules.d/50-networkd-wheel.rules @@ -0,0 +1,13 @@ +// Allow members of the `wheel` group to manage systemd-networkd links +// (e.g. `networkctl up/down <iface>`) without a polkit password prompt. +// This single-user system already trusts wheel for administrative work +// via sudo-rs; networkd's polkit gate is a separate path that does not +// honour sudoers, so a polkit rule is the idiomatic fix. +polkit.addRule(function (action, subject) { + if ( + action.id.indexOf("org.freedesktop.network1.") === 0 && + subject.isInGroup("wheel") + ) { + return polkit.Result.YES; + } +}); |