| |
@@ -1,14 +1,13 @@
|
| |
polkit.addRule(function(action, subject) {
|
| |
- if (action.id == "org.projectatomic.rpmostree1.repo-refresh" &&
|
| |
- subject.active == true && subject.local == true) {
|
| |
+ if (action.id == "org.projectatomic.rpmostree1.repo-refresh" ||
|
| |
+ action.id == "org.projectatomic.rpmostree1.upgrade") {
|
| |
return polkit.Result.YES;
|
| |
}
|
| |
-
|
| |
+
|
| |
if ((action.id == "org.projectatomic.rpmostree1.install-uninstall-packages" ||
|
| |
action.id == "org.projectatomic.rpmostree1.install-local-packages" ||
|
| |
action.id == "org.projectatomic.rpmostree1.override" ||
|
| |
action.id == "org.projectatomic.rpmostree1.deploy" ||
|
| |
- action.id == "org.projectatomic.rpmostree1.upgrade" ||
|
| |
action.id == "org.projectatomic.rpmostree1.rebase" ||
|
| |
action.id == "org.projectatomic.rpmostree1.rollback" ||
|
| |
action.id == "org.projectatomic.rpmostree1.bootconfig" ||
|
| |
@@ -21,4 +20,4 @@
|
| |
subject.isInGroup("wheel")) {
|
| |
return polkit.Result.YES;
|
| |
}
|
| |
- });
|
| |
+ });
|
| |
\ No newline at end of file
|
| |
There is no need for wheel users to change their system without a password confirmation.
On the other hand, nonwheel users cannot perform any upgrades currently, which is a bad state.
Regular Fedora requires a password for performing such elevated actions, there is no reason to allow this. I use my system with this rule and it works fine.