[SOLVED] Blueman - the future releases will require PolicyKit authentication: which group is preferable?

yars · 05-12-2016, 05:25 PM

Hello,
As explained here, new releases will require PolicyKit authentication to do some actions. I built the current git snapshot to test it, and seems it works. But asking for the privilege escalation every time on startup is tediously, so needs to have the rule that will allow the users who is a members of the some group to operate without authentication. I prefer the 'plugdev' group. My question is what group we shoud use for that? Thanks.
P.S. For Slackware, we can use this rule:

Code:

$ cat /etc/polkit-1/localauthority/50-local.d/10-org.blueman.pkla 
[blueman-applet]
Identity=unix-group:plugdev
Action=org.blueman.*
ResultAny=yes
ResultInactive=no
ResultActive=yes

rworkman · 05-25-2016, 01:10 AM

Disclaimer: I've not had time to even consider looking at the work toward 2.1.x (I don't think I've even updated my git tree in a while), but I can say for sure that we'll needthe polkit rules to be in the new javascript-like syntax similar to what you find in -current's polkit package Something along these lines:

Code:

polkit.addRule(function(action, subject) {
  if (action.id.indexOf("org.blueman.") == 0 && 
      subject.isInGroup("plugdev")) {
      return polkit.Result.YES;
  }
});

That said, the bluez source uses "lp" group (and I have absolutely no idea why), so I think we probably need to either change that in our builds *or* use "lp" group for the blueman permissions too. I'm not certain of that, however...

EDIT: hrm, this looks better: https://github.com/blueman-project/b...wiki/PolicyKit