polkit: disable all users except those in group wheel?
Posted
by
John Nash
on Ask Ubuntu
See other posts from Ask Ubuntu
or by John Nash
Published on 2012-09-04T18:52:29Z
Indexed on
2012/09/04
21:50 UTC
Read the original article
Hit count: 988
Is it possible to do the following using 1 polkit .pkla file?
- Disable all users except those in the wheel group from using polkit.
- The users in the wheel group will need to provide the root password when using polkit.
/etc/polkit-1/localauthority/50-local.d/wheel-only.pkla
[disable all users except the wheel group] Identity=unix-group:wheel Action=* ResultAny=??? ResultInactive=??? ResultActive=???
The following file works but you need to provide all the users in /etc/group:
[disable all users except those in the wheel group: root and myuser] Identity=unix-user:daemon;unix-user:bin;unix-user:sys;unix-user:adm;unix-user:tty;unix-user:disk;unix-user:lp;unix-user:mail;unix-user:news;unix-user:uucp;unix-user:man;unix-user:proxy;unix-user:kmem;unix-user:dialout;unix-user:fax;unix-user:voice;unix-user:cdrom;unix-user:floppy;unix-user:tape;unix-user:sudo;unix-user:audio;unix-user:dip;unix-user:www-data;unix-user:backup;unix-user:operator;unix-user:list;unix-user:irc;unix-user:src;unix-user:gnats;unix-user:shadow;unix-user:utmp;unix-user:video;unix-user:sasl;unix-user:plugdev;unix-user:staff;unix-user:games;unix-user:users;unix-user:nogroup;unix-user:libuuid;unix-user:crontab;unix-user:messagebus;unix-user:Debian-exim;unix-user:mlocate;unix-user:avahi;unix-user:netdev;unix-user:bluetooth;unix-user:lpadmin;unix-user:ssl-cert;unix-user:fuse;unix-user:utempter;unix-user:Debian-gdm;unix-user:scanner;unix-user:saned;unix-user:i2c;unix-user:haldaemon;unix-user:powerdev Action=* ResultAny=no ResultInactive=no ResultActive=no
© Ask Ubuntu or respective owner