You are not logged in.
I'm trying to do this via Polkit.
pkaction doesn't show anything netctl-related.
When I try to run netctl start <profile-name> as a regular user, I get:
$ netctl start ethernet-dhcp
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ====
Authentication is required to start 'netctl@ethernet\x2ddhcp.service'.
Authenticating as: username
Password: I created /etc/polkit-1-rules.d/30-netctl.rules:
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units") {
if (action.lookup("unit") == "netctl.service") {
var verb = action.lookup("verb");
if (verb == "start" || verb == "stop" || verb == "restart") {
return polkit.Result.YES;
}
}
}
});It didn't change anything, with this in the journal:
Aug 11 20:43:29 arch polkitd[820]: Registered Authentication Agent for unix-process:7421:901640 (system bus name :1.557 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_GB.UTF-8)
Aug 11 20:43:29 arch polkitd[820]: /etc/polkit-1/rules.d/00-polkit-logging.rules:2: action=[Action id='org.freedesktop.systemd1.manage-units' polkit.gettext_domain='systemd' unit='netctl@ethernet\x2ddhcp.service' polkit.message='Authentication is required to start '$(unit)'.' verb='start']
Aug 11 20:43:29 arch polkitd[820]: /etc/polkit-1/rules.d/00-polkit-logging.rules:3: subject=[Subject pid=7421 user='username' groups=users,wheel,uucp,video,audio,storage,vboxusers,libvirt,kvm seat='seat0' session='c1' local=true active=true]
Aug 11 20:43:29 arch polkitd[820]: /etc/polkit-1/rules.d/00-polkit-logging.rules:2: action=[Action id='org.freedesktop.systemd1.manage-unit-files' polkit.gettext_domain='systemd' unit='netctl@ethernet\x2ddhcp.service' polkit.message='Authentication is required to start '$(unit)'.' verb='start']
Aug 11 20:43:29 arch polkitd[820]: /etc/polkit-1/rules.d/00-polkit-logging.rules:3: subject=[Subject pid=7421 user='username' groups=users,wheel,uucp,video,audio,storage,vboxusers,libvirt,kvm seat='seat0' session='c1' local=true active=true]
Aug 11 20:43:30 arch polkitd[820]: Unregistered Authentication Agent for unix-process:7421:901640 (system bus name :1.557, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_GB.UTF-8) (disconnected from bus)
Aug 11 20:43:30 arch polkitd[820]: Operator of unix-process:7421:901640 FAILED to authenticate to gain authorization for action org.freedesktop.systemd1.manage-units for system-bus-name::1.558 [<unknown>] (owned by unix-user:username)The "Unregistered" part appears after I Ctrl-C at the password prompt. I tried putting "netctl@ethernet\x2ddhcp.service" and "netctl@ethernet-dhcp.service" values instead of just "netctl.service" in .rules file, didn't work either.
Last edited by nesk (2018-08-12 06:03:15)
Offline
Given
Aug 11 20:43:29 arch polkitd[820]: /etc/polkit-1/rules.d/00-polkit-logging.rules:2: action=[Action id='org.freedesktop.systemd1.manage-units' polkit.gettext_domain='systemd' unit='netctl@ethernet\x2ddhcp.service' polkit.message='Authentication is required to start '$(unit)'.' verb='start']
it seems clear what "unit" should be. You say you tried this too, but did you remember to escape the backslash in your JavaScript string?
Offline
escape the backslash in your JavaScript string?
That was it, thanks.
I generalized it with a regex to cover all netctl@***.service instances:
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units") {
var netctlInstanceMatcher = /netctl@[a-z,\\,\d]+\.service/i.test(action.lookup("unit"));
if (netctlInstanceMatcher && subject.isInGroup("wheel")) {
var verb = action.lookup("verb");
if (verb == "start" || verb == "stop" || verb == "restart") {
return polkit.Result.YES;
}
}
}
});Last edited by nesk (2018-08-12 06:06:31)
Offline