Polkit 规则 `systemctl enable`

Polkit 规则 `systemctl enable`

如何编写规则,使非特权用户有权执行该命令systemctl enable my.service,并且只能用于my.service

我能够授予以下权利systemctl start/stop my.servicesystemctl enable到目前为止,事实证明只允许所有服务

  var allowedActions = [
          "org.freedesktop.systemd1.manage-unit-files"
  ];

  polkit.addRule(function(action, subject) {
          polkit.log("action=" + action);
          polkit.log("subject=" + subject);

          if (allowedActions.includes(action.id) &&
          subject.user == "myUser")
          {
                  polkit.log("!!!!!!");
                  return polkit.Result.YES;
          }
  });

Fororg.freedesktop.systemd1.manage-units有值unit,而 for org.freedesktop.systemd1.manage-unit-files- 无值

相关内容