diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2023-11-29 09:46:50 +0000 |
|---|---|---|
| committer | Jan Rybar <jrybar@redhat.com> | 2023-11-29 09:46:50 +0000 |
| commit | 24f1e0af3f7bd17e220cb96201f3c654e737ad34 (patch) | |
| tree | ead452a40f89f339a056ef454376f841d248df12 | |
| parent | 4a441db99d5c4bee13b3a86a4ae78c12c023cf50 (diff) | |
Add sysusers file
| -rw-r--r-- | data/meson.build | 14 | ||||
| -rw-r--r-- | data/polkit.conf.in | 1 | ||||
| -rw-r--r-- | data/polkit.service.in | 1 | ||||
| -rw-r--r-- | meson.build | 8 | ||||
| -rw-r--r-- | meson_options.txt | 1 |
5 files changed, 23 insertions, 2 deletions
diff --git a/data/meson.build b/data/meson.build index 651d2cf..74d2454 100644 --- a/data/meson.build +++ b/data/meson.build @@ -1,4 +1,8 @@ -service_conf = {'libprivdir': pk_prefix / pk_libprivdir, 'polkitd_user': polkitd_user} +service_conf = { + 'libprivdir': pk_prefix / pk_libprivdir, + 'polkitd_user': polkitd_user, + 'polkitd_uid': polkitd_uid, +} configure_file( input: 'org.freedesktop.PolicyKit1.service.in', @@ -34,6 +38,14 @@ if session_tracking == 'libsystemd-login' install: true, install_dir: systemd_systemdsystemunitdir, ) + + configure_file( + input: 'polkit.conf.in', + output: '@BASENAME@', + configuration: service_conf, + install: true, + install_dir: systemd_sysusers_dir, + ) endif install_data( diff --git a/data/polkit.conf.in b/data/polkit.conf.in new file mode 100644 index 0000000..20535ac --- /dev/null +++ b/data/polkit.conf.in @@ -0,0 +1 @@ +u @polkitd_user@ @polkitd_uid@ "User for polkitd" diff --git a/data/polkit.service.in b/data/polkit.service.in index 539a25d..e6db351 100644 --- a/data/polkit.service.in +++ b/data/polkit.service.in @@ -10,7 +10,6 @@ DeviceAllow=/dev/null rw DevicePolicy=strict ExecStart=@libprivdir@/polkitd --no-debug User=@polkitd_user@ -Group=@polkitd_user@ LimitMEMLOCK=0 LockPersonality=yes MemoryDenyWriteExecute=yes diff --git a/meson.build b/meson.build index e86f87e..23d5f28 100644 --- a/meson.build +++ b/meson.build @@ -218,6 +218,8 @@ if enable_logind # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir') endif + + systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d') endif config_h.set('HAVE_LIBSYSTEMD', enable_logind) @@ -227,6 +229,9 @@ config_h.set('HAVE_PIDFD_OPEN', cc.get_define('SYS_pidfd_open', prefix: '#includ polkitd_user = get_option('polkitd_user') config_h.set_quoted('POLKITD_USER', polkitd_user) +polkitd_uid = get_option('polkitd_uid') +config_h.set('POLKITD_UID', polkitd_uid) + # Select which authentication framework to use auth_deps = [] @@ -403,6 +408,9 @@ if enable_logind output += ' systemdsystemunitdir: ' + systemd_systemdsystemunitdir + '\n' endif output += ' polkitd user: ' + polkitd_user + ' \n' +if polkitd_uid != '-' + output += ' polkitd UID: ' + polkitd_uid + ' \n' +endif output += ' Javascript engine: ' + js_engine + '\n' output += ' PAM support: ' + enable_pam.to_string() + '\n\n' if libs_only diff --git a/meson_options.txt b/meson_options.txt index 9066bb2..71588ba 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -3,6 +3,7 @@ option('systemdsystemunitdir', type: 'string', value: '', description: 'custom d option('libs-only', type: 'boolean', value: false, description: 'Only build libraries (skips building polkitd)') option('polkitd_user', type: 'string', value: 'polkitd', description: 'User for running polkitd (polkitd)') +option('polkitd_uid', type: 'string', value: '-', description: 'Fixed UID for user running polkitd (polkitd)') option('authfw', type: 'combo', choices: ['pam', 'shadow', 'bsdauth'], value: 'pam', description: 'Authentication framework (pam/shadow)') option('os_type', type: 'combo', choices: ['redhat', 'suse', 'gentoo', 'pardus', 'solaris', 'netbsd', 'lfs', ''], value: '', description: 'distribution or OS') |