Allow clients to request a relocatable root, but only with admin authority

author: Richard Hughes <richard@hughsie.com> 2010-04-28 16:38:55 +0100
committer: Richard Hughes <richard@hughsie.com> 2010-04-28 16:39:42 +0100
commit: b5d70ba0c4b77e1e181edb5d185de84b5cda396d (patch)
tree: fdbaa6b1e6db5c0a2a5bc3bf36314281ce92f200 /policy
parent: 59d5111dd620a3978cd02946a94ecc7d9bc6e3cf (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/policy/org.freedesktop.packagekit.policy.in b/policy/org.freedesktop.packagekit.policy.in
index b514a7189..7d59fb386 100644
--- a/policy/org.freedesktop.packagekit.policy.in
+++ b/policy/org.freedesktop.packagekit.policy.in
@@ -197,6 +197,23 @@
     </defaults>
   </action>
 
+  <action id="org.freedesktop.packagekit.system-change-install-root">
+    <!-- SECURITY:
+          - This is used when users want to install to a different prefix, for
+            instance to a LTSP image or a virtual machine.
+          - This could be used to overwrite files not owned by the user using
+            a carefully created package file.
+     -->
+    <_description>Change location that packages are installed</_description>
+    <_message>Authentication is required to change the location used to decompress packages</_message>
+    <icon_name>security-high</icon_name>
+    <defaults>
+      <allow_any>no</allow_any>
+      <allow_inactive>no</allow_inactive>
+      <allow_active>auth_admin_keep</allow_active>
+    </defaults>
+  </action>
+
   <action id="org.freedesktop.packagekit.device-rebind">
     <!-- SECURITY:
           - Normal users require admin authentication to rebind a driver
author	Richard Hughes <richard@hughsie.com>	2010-04-28 16:38:55 +0100
committer	Richard Hughes <richard@hughsie.com>	2010-04-28 16:39:42 +0100
commit	b5d70ba0c4b77e1e181edb5d185de84b5cda396d (patch)
tree	fdbaa6b1e6db5c0a2a5bc3bf36314281ce92f200 /policy
parent	59d5111dd620a3978cd02946a94ecc7d9bc6e3cf (diff)