hooks: enable polkit for unconfined processes #161
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
polkit is needed in some cases for communication between services shipped in the base, for instance when systemd-networkd talks to systemd-hostnamed to set the hostname. Enable to fix these use cases. Note that this does not help yet if we want to use it from a snap.
There was a problem hiding this comment.
Two comments so far.
- xml-core is installed. I do not think it makes sense to keep it. It believe it is only useful for sgml docs. I am guessing it is a dependency of the post install script of some of the packages.
/usr/lib/tmpfiles.d/polkitd.confpoints to/etc/polkit-1/rules.dand/var/lib/polkit-1. We should add those in writable-paths. The first one is probably not needed now. But I am guessing the second should be.
Nevermind for |
so in the future we can add rules provided by snaps.
It is used to generate xml catalog files, which I'm not sure if polkit xml parser will need. I have removed the executables provided by xml-core, as we definitely don't need them after installation of packages has happened.
Goot point, I have added the one under /etc as it would be something we will eventually want for snaps or for workarounds. |
|
@valentindavid thanks for your review, I've addressed your comments now |
valentindavid
approved these changes
Jan 3, 2024
alfonsosanchezbeato
added a commit
to alfonsosanchezbeato/core-base
that referenced
this pull request
Jan 4, 2024
polkit is needed in some cases for communication between services shipped in the base, for instance when systemd-networkd talks to systemd-hostnamed to set the hostname. Enable to fix these use cases. Note that this does not help yet if we want to use it from a snap. Backported from snapcore#161
alfonsosanchezbeato
added a commit
that referenced
this pull request
Jan 5, 2024
polkit is needed in some cases for communication between services shipped in the base, for instance when systemd-networkd talks to systemd-hostnamed to set the hostname. Enable to fix these use cases. Note that this does not help yet if we want to use it from a snap. Backported from #161
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
polkit is needed in some cases for communication between services shipped in the base, for instance when systemd-networkd talks to systemd-hostnamed to set the hostname. Enable to fix these use cases. Note that this does not help yet if we want to use it from a snap.