[arch-general] hal has lost its mind again.

bardo ilbardo at gmail.com
Wed May 20 05:00:48 EDT 2009

2009/5/20 David C. Rankin, J.D.,P.E. <drankinatty at suddenlinkmail.com>:
> On or about Tuesday 19 May 2009 at approximately 03:33:03 bardo composed:
>> 2009/5/18 David C. Rankin, J.D.,P.E. <drankinatty at suddenlinkmail.com>:
>> >                <match group="users">
>> >                        <return result="yes"/>
>> >                </match>
>> I think this may be your problem. I searched some time ago and found
>> out PolicyKit didn't support group matches. A quick look to the
>> PolicyKit.conf(5) man page seems to confirm this is still the case.
>> Now, I don't know if an invalid entry could invalidate the whole
>> config, but it's worth a try.
>> Corrado
> Corrado,
>   You and I may be saying the same thing for two different circumstances.
> Admin_auth certainly allows both user and group auths for actions (man 5
> PolicyKit.conf):
> define_admin_auth

I wasn't saying you can't use "group" as an attribute for
"define_admin_auth", I was saying you can't use it as an attribute for
"match". So at least that rule won't work, I tried it before. Now, I
don't know how PolicyKit deals with wrong parameters, but in the worst
case it could treat the whole file as invalid, and that could be why
your *other* rules don't work.

I hope I made myself clearer this time :)


More information about the arch-general mailing list