/daemon/libvirtd.8.in
/daemon/libvirtd.init
/daemon/libvirtd.pod
+/daemon/libvirtd.policy
/daemon/libvirtd.service
/daemon/test_libvirtd.aug
/docs/apibuild.py.stamp
libvirtd.conf \
libvirtd.init.in \
libvirtd.upstart \
- libvirtd.policy-0 \
- libvirtd.policy-1 \
+ libvirtd.policy.in \
libvirtd.sasl \
libvirtd.sysconf \
libvirtd.sysctl \
if HAVE_POLKIT
if HAVE_POLKIT0
policydir = $(datadir)/PolicyKit/policy
-policyfile = libvirtd.policy-0
+policyauth = auth_admin_keep_session
else
policydir = $(datadir)/polkit-1/actions
-policyfile = libvirtd.policy-1
+policyauth = auth_admin_keep
endif
endif
+libvirtd.policy: libvirtd.policy.in $(top_builddir)/config.status
+ $(AM_V_GEN) sed \
+ -e 's![@]authaction[@]!$(policyauth)!g' \
+ < $< > $@-t && \
+ mv $@-t $@
+BUILT_SOURCES += libvirtd.policy
+
install-data-local: install-init-redhat install-init-systemd install-init-upstart \
install-data-sasl install-data-polkit \
install-logrotate install-sysctl
if HAVE_POLKIT
install-data-polkit::
$(MKDIR_P) $(DESTDIR)$(policydir)
- $(INSTALL_DATA) $(srcdir)/$(policyfile) $(DESTDIR)$(policydir)/org.libvirt.unix.policy
+ $(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
uninstall-data-polkit::
rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
rmdir $(DESTDIR)$(policydir) || :
+++ /dev/null
-<!DOCTYPE policyconfig PUBLIC
- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-
-<!--
-Policy definitions for libvirt daemon
-
-Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
-
-libvirt is licensed to you under the GNU Lesser General Public License
-version 2. See COPYING for details.
-
-NOTE: If you make changes to this file, make sure to validate the file
-using the polkit-policy-file-validate(1) tool. Changes made to this
-file are instantly applied.
--->
-
-<policyconfig>
- <action id="org.libvirt.unix.monitor">
- <description>Monitor local virtualized systems</description>
- <message>System policy prevents monitoring of local virtualized systems</message>
- <defaults>
- <!-- Any program can use libvirt in read-only mode for monitoring,
- even if not part of a session -->
- <allow_any>yes</allow_any>
- <allow_inactive>yes</allow_inactive>
- <allow_active>yes</allow_active>
- </defaults>
- </action>
-
- <action id="org.libvirt.unix.manage">
- <description>Manage local virtualized systems</description>
- <message>System policy prevents management of local virtualized systems</message>
- <defaults>
- <!-- Only a program in the active host session can use libvirt in
- read-write mode for management, and we require user password -->
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep_session</allow_active>
- </defaults>
- </action>
-</policyconfig>
+++ /dev/null
-<!DOCTYPE policyconfig PUBLIC
- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-
-<!--
-Policy definitions for libvirt daemon
-
-Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
-
-libvirt is licensed to you under the GNU Lesser General Public License
-version 2. See COPYING for details.
-
-NOTE: If you make changes to this file, make sure to validate the file
-using the polkit-policy-file-validate(1) tool. Changes made to this
-file are instantly applied.
--->
-
-<policyconfig>
- <action id="org.libvirt.unix.monitor">
- <description>Monitor local virtualized systems</description>
- <message>System policy prevents monitoring of local virtualized systems</message>
- <defaults>
- <!-- Any program can use libvirt in read-only mode for monitoring,
- even if not part of a session -->
- <allow_any>yes</allow_any>
- <allow_inactive>yes</allow_inactive>
- <allow_active>yes</allow_active>
- </defaults>
- </action>
-
- <action id="org.libvirt.unix.manage">
- <description>Manage local virtualized systems</description>
- <message>System policy prevents management of local virtualized systems</message>
- <defaults>
- <!-- Only a program in the active host session can use libvirt in
- read-write mode for management, and we require user password -->
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
- </defaults>
- </action>
-</policyconfig>
--- /dev/null
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
+
+<!--
+Policy definitions for libvirt daemon
+
+Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
+
+libvirt is licensed to you under the GNU Lesser General Public License
+version 2. See COPYING for details.
+
+NOTE: If you make changes to this file, make sure to validate the file
+using the polkit-policy-file-validate(1) tool. Changes made to this
+file are instantly applied.
+-->
+
+<policyconfig>
+ <action id="org.libvirt.unix.monitor">
+ <description>Monitor local virtualized systems</description>
+ <message>System policy prevents monitoring of local virtualized systems</message>
+ <defaults>
+ <!-- Any program can use libvirt in read-only mode for monitoring,
+ even if not part of a session -->
+ <allow_any>yes</allow_any>
+ <allow_inactive>yes</allow_inactive>
+ <allow_active>yes</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.libvirt.unix.manage">
+ <description>Manage local virtualized systems</description>
+ <message>System policy prevents management of local virtualized systems</message>
+ <defaults>
+ <!-- Only a program in the active host session can use libvirt in
+ read-write mode for management, and we require user password -->
+ <allow_any>auth_admin</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>@authaction@</allow_active>
+ </defaults>
+ </action>
+</policyconfig>
projects / libvirt.git / commitdiff