나는 현재 다음 작업을 하고 있습니다.아치리눅스시스템에서 다음을 사용하여 규칙을 구성하려고 합니다.폴킷그래서 내부의 사용자는회로망그룹은 nmcli 명령을 실행할 수 있습니다.
다음과 같이 polkit 규칙을 만들었습니다.
polkit.addRule(function(action, subject) {
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {
return polkit.Result.YES;
}
});
다음과 같은 명령을 실행할 때:
nmcli connection shownmcli connection up enp11s0f0
모든 것이 정상입니다아름다운.
그런데 이상한 이유로실패하다다음 명령을 사용하십시오.
nmcli connection reloadnmcli connection load enp11s0f0
규칙에 일부 로그를 추가했습니다.새로고침이 명령은 로그를 생성하지 않습니다.
이것짐이 명령은 다음 로그를 표시합니다.
10:04:38.658: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-network']
10:04:38.659: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.661: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.sleep-wake']
10:04:38.662: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.665: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-wifi']
10:04:38.665: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.668: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-wwan']
10:04:38.668: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.671: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.enable-disable-wimax']
10:04:38.671: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.674: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.network-control']
10:04:38.674: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
10:04:38.677: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:2: action=[Action id='org.freedesktop.NetworkManager.wifi.share.protected']
10:04:38.677: /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules:3: subject=[Subject pid=15410 user='test' groups=test,network seat=null session='3' local=false active=true]
하지만 실패했다Error: failed to load connection: access denied.
nmcli 권한을 확인하는 경우:
$ nmcli general permissions
PERMISSION VALUE
org.freedesktop.NetworkManager.enable-disable-network yes
org.freedesktop.NetworkManager.enable-disable-wifi yes
org.freedesktop.NetworkManager.enable-disable-wwan yes
org.freedesktop.NetworkManager.enable-disable-wimax yes
org.freedesktop.NetworkManager.sleep-wake yes
org.freedesktop.NetworkManager.network-control yes
org.freedesktop.NetworkManager.wifi.share.protected yes
org.freedesktop.NetworkManager.wifi.share.open yes
org.freedesktop.NetworkManager.settings.modify.system yes
org.freedesktop.NetworkManager.settings.modify.own yes
org.freedesktop.NetworkManager.settings.modify.hostname yes
org.freedesktop.NetworkManager.settings.modify.global-dns yes
org.freedesktop.NetworkManager.reload yes
org.freedesktop.NetworkManager.checkpoint-rollback yes
org.freedesktop.NetworkManager.enable-disable-statistics yes
org.freedesktop.NetworkManager.enable-disable-connectivity-check yes
org.freedesktop.NetworkManager.wifi.scan unknown
문제를 해결하는 방법에 대한 단서가 있습니까?
답변1
이는 정책적으로 불가능합니다.
바라보다https://bugzilla.redhat.com/show_bug.cgi?id=1921082, 오류가 아닌 것으로 종료됩니다.