lmn-client/roles/lmn_security/templates/polkit_rules.j2 at e52c01615cd291e39c1c2277f8d366e652e3d5bb - it-team/lmn-client - Forgejo - FvS Reutlingen: Beyond coding. We Forge.

it-team/lmn-client

Finn Hercke c4e35584bc Remove role lmn_teacherlaptop and extend role lmn_security

- Add variable to configure sudo-program permissions (`sudo_permissions`)
- Add variable to configure polkit-rules (`polkit_rules`)
- Migrate sudo and polkit permissions from lmn_teacherlaptop role to inventory

2025-03-24 12:14:48 +01:00

12 lines

322 B

Django/Jinja

Raw Blame History

 // /etc/polkit-1/rules.d/lmn-security.rules
 polkit.addRule(function(action, subject) {
 {% for group, privlist in polkit_rules.items() %}
     if (subject.isInGroup("{{ group }}")){
     {% for priv in privlist %}
         if (action.id == "{{ priv }}") { return polkit.Result.YES; }
     {% endfor %}
     }
 {% endfor %}
 });