jsw/NiksOS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updated permissions

Browse source
This commit is contained in:
Jurn Wubben 2025-09-30 16:49:52 +00:00
parent 05948d31c2
commit a0638fdff3
1 changed files with 12 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

19
system/server/derek-bot.nix
View file

@ -80,13 +80,18 @@ in {
home = "/home/${userGroup}";
};
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "${userGroup}.service" &&
subject.user == "${userGroup}") {
return polkit.Result.YES;
}
});
polkit.addRule(function(action, subject) {
polkit.log("Rule triggered. Action: " + action.id + " Unit: " + action.lookup("unit") + " User: " + subject.user);
// For journalctl access
if ((action.id == "org.freedesktop.systemd1.manage-units" ||
action.id == "org.freedesktop.systemd1.unit-journal") &&
action.lookup("unit") == "${userGroup}.service" &&
subject.user == "${userGroup}") {
polkit.log("ALLOWING access for " + subject.user);
return polkit.Result.YES;
}
});
polkit.addRule(function(action, subject) {
if (
subject.user == "${userGroup}" &&