diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-04-12 22:52:28 -0400 |
---|---|---|
committer | Sven Eden <yamakuzure@gmx.net> | 2017-06-16 10:12:57 +0200 |
commit | ac74a6464227c4f4b0f277046a8837c75012d401 (patch) | |
tree | 3fdf56f04e04f4a8e8952a4db2b6dff1be1db33e /src | |
parent | 9fbf2df9b782217c2c4f117734d77556d5df1d33 (diff) |
logind: allow any user to request lingering
We enable lingering for anyone who wants this. It is still disabled by
default to avoid keeping long-running processes accidentally.
Admins might want to customize this policy on multi-user sites.
Diffstat (limited to 'src')
-rw-r--r-- | src/login/logind-dbus.c | 8 | ||||
-rw-r--r-- | src/login/org.freedesktop.login1.policy.in | 8 |
2 files changed, 13 insertions, 3 deletions
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index 10432b2d3..dba4c728f 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -1083,11 +1083,11 @@ static int method_terminate_seat(sd_bus_message *message, void *userdata, sd_bus static int method_set_user_linger(sd_bus_message *message, void *userdata, sd_bus_error *error) { _cleanup_free_ char *cc = NULL; Manager *m = userdata; - int b, r; + int r, b, interactive; struct passwd *pw; const char *path; uint32_t uid; - int interactive; + bool self = false; assert(message); assert(m); @@ -1108,6 +1108,8 @@ static int method_set_user_linger(sd_bus_message *message, void *userdata, sd_bu if (r < 0) return r; + self = true; + } else if (!uid_is_valid(uid)) return -EINVAL; @@ -1119,7 +1121,7 @@ static int method_set_user_linger(sd_bus_message *message, void *userdata, sd_bu r = bus_verify_polkit_async( message, CAP_SYS_ADMIN, - "org.freedesktop.login1.set-user-linger", + self ? "org.freedesktop.login1.set-self-linger" : "org.freedesktop.login1.set-user-linger", NULL, interactive, UID_INVALID, diff --git a/src/login/org.freedesktop.login1.policy.in b/src/login/org.freedesktop.login1.policy.in index 23326bb79..1fa644162 100644 --- a/src/login/org.freedesktop.login1.policy.in +++ b/src/login/org.freedesktop.login1.policy.in @@ -111,6 +111,14 @@ </defaults> </action> + <action id="org.freedesktop.login1.set-self-linger"> + <_description>Allow non-logged-in user to run programs</_description> + <_message>Explicit request is required to run programs as a non-logged-in user.</_message> + <defaults> + <allow_any>yes</allow_any> + </defaults> + </action> + <action id="org.freedesktop.login1.set-user-linger"> <_description>Allow non-logged-in users to run programs</_description> <_message>Authentication is required to run programs as a non-logged-in user.</_message> |