255 lines
10 KiB
XML
255 lines
10 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE policyconfig PUBLIC
|
|
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
|
|
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
|
|
<policyconfig>
|
|
|
|
<!--
|
|
Policy definitions for PackageKit system actions.
|
|
Copyright (c) 2007-2009 Richard Hughes <richard@hughsie.com>
|
|
-->
|
|
|
|
<vendor>The PackageKit Project</vendor>
|
|
<vendor_url>http://www.packagekit.org/</vendor_url>
|
|
<icon_name>package-x-generic</icon_name>
|
|
|
|
<action id="org.freedesktop.packagekit.cancel-foreign">
|
|
<!-- SECURITY:
|
|
- Normal users are allowed to cancel their own task without
|
|
authentication, but a different user id needs the admin password
|
|
to cancel another users task.
|
|
-->
|
|
<_description>Cancel foreign task</_description>
|
|
<_message>Authentication is required to cancel a task that was not started by yourself</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.package-install">
|
|
<!-- SECURITY:
|
|
- Normal users do not need authentication to install signed packages
|
|
from signed repositories, as this cannot exploit a system.
|
|
- Paranoid users (or parents!) can change this to 'auth_admin' or
|
|
'auth_admin_keep'.
|
|
-->
|
|
<_description>Install signed package</_description>
|
|
<_message>Authentication is required to install software</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.package-install-untrusted">
|
|
<!-- SECURITY:
|
|
- Normal users require admin authentication to install untrusted or
|
|
unrecognised packages, as allowing users to do this without a
|
|
password would be a massive security hole.
|
|
- This is not retained as each package should be authenticated.
|
|
-->
|
|
<_description>Install untrusted local file</_description>
|
|
<_message>Authentication is required to install untrusted software</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin</allow_active>
|
|
</defaults>
|
|
<annotate key="org.freedesktop.policykit.imply">org.freedesktop.packagekit.package-install</annotate>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.system-trust-signing-key">
|
|
<!-- SECURITY:
|
|
- Normal users require admin authentication to add signing keys.
|
|
- This implies adding an explicit trust, and should not be granted
|
|
without a secure authentication.
|
|
- This is not kept as each package should be authenticated.
|
|
-->
|
|
<_description>Trust a key used for signing software</_description>
|
|
<_message>Authentication is required to consider a key used for signing software as trusted</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.package-eula-accept">
|
|
<!-- SECURITY:
|
|
- Normal users do not require admin authentication to accept new
|
|
licence agreements.
|
|
- Change this to 'auth_admin' for environments where users should not
|
|
be given the option to make legal decisions.
|
|
-->
|
|
<_description>Accept EULA</_description>
|
|
<_message>Authentication is required to accept a EULA</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.package-remove">
|
|
<!-- SECURITY:
|
|
- Normal users require admin authentication to remove packages as
|
|
this can make the system unbootable or stop other applications from
|
|
working.
|
|
- Be sure to close the tool used to remove the packages after the
|
|
admin authentication has been obtained, otherwise packages can still
|
|
be removed. If this is not possible, change this authentication to
|
|
'auth_admin'.
|
|
-->
|
|
<_description>Remove package</_description>
|
|
<_message>Authentication is required to remove software</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
<annotate key="org.freedesktop.policykit.imply">org.freedesktop.packagekit.package-install</annotate>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.system-update">
|
|
<!-- SECURITY:
|
|
- Normal users do not require admin authentication to update the
|
|
system as the packages will be signed, and the action is required
|
|
to update the system when unattended.
|
|
- Changing this to anything other than 'yes' will break unattended
|
|
updates.
|
|
-->
|
|
<_description>Update software</_description>
|
|
<_message>Authentication is required to update software</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.system-sources-configure">
|
|
<!-- SECURITY:
|
|
- Normal users require admin authentication to enable or disable
|
|
software sources as this can be used to enable new updates or
|
|
install different versions of software.
|
|
-->
|
|
<_description>Change software source parameters</_description>
|
|
<_message>Authentication is required to change software source parameters</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin_keep</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.system-sources-refresh">
|
|
<!-- SECURITY:
|
|
- Normal users do not require admin authentication to refresh the
|
|
cache, as this doesn't actually install or remove software.
|
|
-->
|
|
<_description>Refresh system sources</_description>
|
|
<_message>Authentication is required to refresh the system sources</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.system-network-proxy-configure">
|
|
<!-- SECURITY:
|
|
- Normal users do not require admin authentication to set the proxy
|
|
used for downloading packages.
|
|
-->
|
|
<_description>Set network proxy</_description>
|
|
<_message>Authentication is required to set the network proxy used for downloading software</_message>
|
|
<icon_name>preferences-system-network-proxy</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.device-rebind">
|
|
<!-- SECURITY:
|
|
- Normal users require admin authentication to rebind a driver
|
|
so that it works after we install firmware.
|
|
- This should not be set to 'yes' as unprivileged users could then
|
|
try to rebind drivers in use, for instance security authentication
|
|
devices.
|
|
-->
|
|
<_description>Reload a device</_description>
|
|
<_message>Authentication is required to reload the device with a new driver</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
<annotate key="org.freedesktop.policykit.exec.path">/usr/sbin/pk-device-rebind</annotate>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.repair-system">
|
|
<!-- SECURITY:
|
|
- Normal users require admin authentication to repair the system
|
|
since this can make the system unbootable or stop other
|
|
applications from working.
|
|
-->
|
|
<_description>Repair System</_description>
|
|
<_message>Authentication is required to repair the installed software</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>auth_admin</allow_active>
|
|
</defaults>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.trigger-offline-update">
|
|
<!-- SECURITY:
|
|
- Normal users are able to ask updates to be installed at
|
|
early boot time without a password.
|
|
-->
|
|
<_description>Trigger offline updates</_description>
|
|
<_message>Authentication is required to trigger offline updates</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
<annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/pk-trigger-offline-update</annotate>
|
|
</action>
|
|
|
|
<action id="org.freedesktop.packagekit.clear-offline-update">
|
|
<!-- SECURITY:
|
|
- Normal users are able to clear the updates message that is
|
|
shown after an updates are applied at boot time.
|
|
-->
|
|
<_description>Clear offline update message</_description>
|
|
<_message>Authentication is required to clear the offline updates message</_message>
|
|
<icon_name>package-x-generic</icon_name>
|
|
<defaults>
|
|
<allow_any>no</allow_any>
|
|
<allow_inactive>no</allow_inactive>
|
|
<allow_active>yes</allow_active>
|
|
</defaults>
|
|
<annotate key="org.freedesktop.policykit.exec.path">/usr/libexec/pk-clear-offline-update</annotate>
|
|
</action>
|
|
|
|
</policyconfig>
|
|
|