commit a4995b6f0a9817e74a95005feba10c1f225ffc13 · pyrox.dev/nixpkgs

nixos/modules/security/polkit.nix

···

       14
        
       

     

       15
        
           security.polkit.enable = mkEnableOption (lib.mdDoc "polkit");

     

       16
        
       

     

       0
        
       
     

       0
        
       
     

       17
        
           security.polkit.extraConfig = mkOption {

     

       18
        
             type = types.lines;

     

       19
        
             default = "";

     
···

       21
        
               ''

     

       22
        
                 /* Log authorization checks. */

     

       23
        
                 polkit.addRule(function(action, subject) {

     

       0
        
       
     

       24
        
                   polkit.log("user " +  subject.user + " is attempting action " + action.id + " from PID " + subject.pid);

     

       25
        
                 });

     

       26
        
       

     
···

       57
        
           environment.systemPackages = [ pkgs.polkit.bin pkgs.polkit.out ];

     

       58
        
       

     

       59
        
           systemd.packages = [ pkgs.polkit.out ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       60
        
       

     

       61
        
           systemd.services.polkit.restartTriggers = [ config.system.path ];

     

       62
        
           systemd.services.polkit.stopIfChanged = false;

···

       14
        
       

     

       15
        
           security.polkit.enable = mkEnableOption (lib.mdDoc "polkit");

     

       16
        
       

     

       17
       +
           security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions.");

     

       18
       +
       

     

       19
        
           security.polkit.extraConfig = mkOption {

     

       20
        
             type = types.lines;

     

       21
        
             default = "";

     
···

       23
        
               ''

     

       24
        
                 /* Log authorization checks. */

     

       25
        
                 polkit.addRule(function(action, subject) {

     

       26
       +
                   // Make sure to set { security.polkit.debug = true; } in configuration.nix

     

       27
        
                   polkit.log("user " +  subject.user + " is attempting action " + action.id + " from PID " + subject.pid);

     

       28
        
                 });

     

       29
        
       

     
···

       60
        
           environment.systemPackages = [ pkgs.polkit.bin pkgs.polkit.out ];

     

       61
        
       

     

       62
        
           systemd.packages = [ pkgs.polkit.out ];

     

       63
       +
       

     

       64
       +
           systemd.services.polkit.serviceConfig.ExecStart = [

     

       65
       +
             ""

     

       66
       +
             "${pkgs.polkit.out}/lib/polkit-1/polkitd ${optionalString (!cfg.debug) "--no-debug"}"

     

       67
       +
           ];

     

       68
        
       

     

       69
        
           systemd.services.polkit.restartTriggers = [ config.system.path ];

     

       70
        
           systemd.services.polkit.stopIfChanged = false;