From 750859bdc877087cfcc7cb66eeac2c3476e36de2 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Wed, 6 Feb 2013 03:44:26 +0100
Subject: [PATCH] vm: move polkit configs from qubes-gui-vm package

---
 misc/polkit-1-qubes-allow-all.pkla  | 6 ++++++
 misc/polkit-1-qubes-allow-all.rules | 2 ++
 rpm_spec/core-vm.spec               | 4 ++++
 3 files changed, 12 insertions(+)
 create mode 100644 misc/polkit-1-qubes-allow-all.pkla
 create mode 100644 misc/polkit-1-qubes-allow-all.rules

diff --git a/misc/polkit-1-qubes-allow-all.pkla b/misc/polkit-1-qubes-allow-all.pkla
new file mode 100644
index 0000000..1ff7ded
--- /dev/null
+++ b/misc/polkit-1-qubes-allow-all.pkla
@@ -0,0 +1,6 @@
+[Qubes allow all]
+Identity=*
+Action=*
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes
diff --git a/misc/polkit-1-qubes-allow-all.rules b/misc/polkit-1-qubes-allow-all.rules
new file mode 100644
index 0000000..723d6d6
--- /dev/null
+++ b/misc/polkit-1-qubes-allow-all.rules
@@ -0,0 +1,2 @@
+//allow any action, detailed reasoning in sudoers.d/qubes
+polkit.addRule(function(action,subject) { return polkit.Result.YES; });
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index 6875237..e778e88 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -130,6 +130,8 @@ install misc/{usb_add_change,usb_remove} $RPM_BUILD_ROOT/usr/lib/qubes/
 install misc/vusb-ctl.py $RPM_BUILD_ROOT/usr/lib/qubes/
 install misc/qubes_trigger_sync_appmenus.sh $RPM_BUILD_ROOT/usr/lib/qubes/
 install -D -m 0644 misc/qubes_trigger_sync_appmenus.action $RPM_BUILD_ROOT/etc/yum/post-actions/qubes_trigger_sync_appmenus.action
+install -D misc/polkit-1-qubes-allow-all.pkla $RPM_BUILD_ROOT/etc/polkit-1/localauthority/50-local.d/qubes-allow-all.pkla
+install -D misc/polkit-1-qubes-allow-all.rules $RPM_BUILD_ROOT/etc/polkit-1/rules.d/00-qubes-allow-all.rules
 mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes
 
 if [ -r misc/dispvm-dotfiles.%{dist}.tbz ]; then
@@ -382,6 +384,8 @@ rm -f %{name}-%{version}
 /etc/dhclient.d/qubes_setup_dnat_to_ns.sh
 /etc/fstab
 /etc/pki/rpm-gpg/RPM-GPG-KEY-qubes*
+/etc/polkit-1/localauthority/50-local.d/qubes-allow-all.pkla
+/etc/polkit-1/rules.d/00-qubes-allow-all.rules
 %dir /etc/qubes_rpc
 /etc/qubes_rpc/qubes.Filecopy
 /etc/qubes_rpc/qubes.OpenInVM