[arch-general] hal has lost its mind again.
bardo
ilbardo at gmail.com
Wed May 20 05:00:48 EDT 2009
2009/5/20 David C. Rankin, J.D.,P.E. <drankinatty at suddenlinkmail.com>:
> On or about Tuesday 19 May 2009 at approximately 03:33:03 bardo composed:
>> 2009/5/18 David C. Rankin, J.D.,P.E. <drankinatty at suddenlinkmail.com>:
>> > <match group="users">
>> > <return result="yes"/>
>> > </match>
>>
>> I think this may be your problem. I searched some time ago and found
>> out PolicyKit didn't support group matches. A quick look to the
>> PolicyKit.conf(5) man page seems to confirm this is still the case.
>> Now, I don't know if an invalid entry could invalidate the whole
>> config, but it's worth a try.
>>
>> Corrado
>
> Corrado,
>
> You and I may be saying the same thing for two different circumstances.
> Admin_auth certainly allows both user and group auths for actions (man 5
> PolicyKit.conf):
>
> define_admin_auth
I wasn't saying you can't use "group" as an attribute for
"define_admin_auth", I was saying you can't use it as an attribute for
"match". So at least that rule won't work, I tried it before. Now, I
don't know how PolicyKit deals with wrong parameters, but in the worst
case it could treat the whole file as invalid, and that could be why
your *other* rules don't work.
I hope I made myself clearer this time :)
Corrado
More information about the arch-general
mailing list