maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Log all polkit actions to find action.id for nixos-rebuild

Browse source 
I would like to setup a polkit rule to allow `buildkite-agent` (i.e. a
forthcoming user) to call `nixos-rebuild`. I need to know the `action.id` before
I can write a reliable rule.
This commit is contained in:
William Carroll 2020-08-16 19:06:42 +01:00
parent 9a6d2c3343
commit 2bf3c6c926
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/socrates/configuration.nix
View file

@ -163,6 +163,12 @@ in {
# lid. # lid.
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
polkit.log("subject.user: " + subject.user + " is attempting action.id: " + action.id);
});
'';
# Provision SSL certificates to support HTTPS connections. # Provision SSL certificates to support HTTPS connections.
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.email = "wpcarro@gmail.com"; security.acme.email = "wpcarro@gmail.com";