diff options
| author | Jonathan Wright | 2020-11-11 21:17:38 +0000 |
|---|---|---|
| committer | Jonathan Wright | 2020-11-11 21:17:38 +0000 |
| commit | 390bdc563021296f86e91b2b896150823b9742fe (patch) | |
| tree | 6698402372fcf80c7d4f9f63c6d50a80559cdcb5 | |
| parent | 272a0ff11abdc574b9b5b96a71dc36793a0b7c6e (diff) | |
| download | aur-390bdc563021296f86e91b2b896150823b9742fe.tar.gz | |
Add polkit rule file to restore OpenVPN access
Add a polkit rule file to allow the OpenVPN user to retain access to the
systemd-resolved service to manage DNS and domain search configuration.
| -rw-r--r-- | .SRCINFO | 7 | ||||
| -rw-r--r-- | PKGBUILD | 13 | ||||
| -rw-r--r-- | openvpn-update-systemd-resolved.rules | 12 |
3 files changed, 26 insertions, 6 deletions
@@ -1,7 +1,7 @@ pkgbase = openvpn-update-systemd-resolved pkgdesc = OpenVPN systemd-resolved Updater pkgver = 1.3.0 - pkgrel = 1 + pkgrel = 2 url = https://github.com/jonathanio/update-systemd-resolved install = openvpn-update-systemd-resolved.install arch = any @@ -11,8 +11,11 @@ pkgbase = openvpn-update-systemd-resolved depends = iproute2 depends = systemd>229 source = https://github.com/jonathanio/update-systemd-resolved/archive/v1.3.0.tar.gz + source = openvpn-update-systemd-resolved.install + source = openvpn-update-systemd-resolved.rules sha256sums = ee88c1862cb7d197adfcb0e088530993e092f7035fdd95693827d6526f2817af - sha512sums = 75b904502a084e8e8b72098772943ac4b7c0e7bd5dc20e8e9cb23f9372bd0a6ad8cc7ed50066e8599d18ce466ff7b4c48e7ab9e47b74d192caa33aba759c357f + sha256sums = 4905c25c753bd7d3c9323baf67ffdf4d1dca5109df92fec1e853a7a2e7e0ab2b + sha256sums = b8a4d95c950a0efd12a3270a5f14077710adeff1a82cad74df8bd254a00c1169 pkgname = openvpn-update-systemd-resolved @@ -1,17 +1,22 @@ pkgname=openvpn-update-systemd-resolved pkgver=1.3.0 -pkgrel=1 +pkgrel=2 pkgdesc="OpenVPN systemd-resolved Updater" arch=("any") url="https://github.com/jonathanio/update-systemd-resolved" license=("GPL") depends=("openvpn" "bash" "iproute2" "systemd>229") -source=("https://github.com/jonathanio/update-systemd-resolved/archive/v${pkgver}.tar.gz") +source=("https://github.com/jonathanio/update-systemd-resolved/archive/v${pkgver}.tar.gz" + 'openvpn-update-systemd-resolved.install' + 'openvpn-update-systemd-resolved.rules') install=$pkgname.install -sha256sums=('ee88c1862cb7d197adfcb0e088530993e092f7035fdd95693827d6526f2817af') -sha512sums=('75b904502a084e8e8b72098772943ac4b7c0e7bd5dc20e8e9cb23f9372bd0a6ad8cc7ed50066e8599d18ce466ff7b4c48e7ab9e47b74d192caa33aba759c357f') +sha256sums=('ee88c1862cb7d197adfcb0e088530993e092f7035fdd95693827d6526f2817af' + '4905c25c753bd7d3c9323baf67ffdf4d1dca5109df92fec1e853a7a2e7e0ab2b' + 'b8a4d95c950a0efd12a3270a5f14077710adeff1a82cad74df8bd254a00c1169') package() { + install -D -m644 openvpn-update-systemd-resolved.rules "${pkgdir}/etc/polkit-1/rules.d/00-openvpn-systemd-resolved.rules" + cd $srcdir/update-systemd-resolved-${pkgver} install -D -m755 update-systemd-resolved "${pkgdir}/etc/openvpn/scripts/update-systemd-resolved" install -D -m644 update-systemd-resolved.conf "${pkgdir}/etc/openvpn/scripts/update-systemd-resolved.conf" diff --git a/openvpn-update-systemd-resolved.rules b/openvpn-update-systemd-resolved.rules new file mode 100644 index 000000000000..7dacf0133032 --- /dev/null +++ b/openvpn-update-systemd-resolved.rules @@ -0,0 +1,12 @@ +// Allow the OpenVPN user to manage DNS via systemd-resolved +// as part of the openvpn-update-systemd-resolved package +polkit.addRule(function(action, subject) { + if (action.id == 'org.freedesktop.resolve1.set-dns-servers' || + action.id == 'org.freedesktop.resolve1.set-domains' || + // action.id == 'org.freedesktop.resolve1.set-default-route' || + action.id == 'org.freedesktop.resolve1.set-dnssec') { + if (subject.user == 'openvpn') { + return polkit.Result.YES; + } + } +}); |