[Nix-dev] Polkit action files installed via nix-env don't appear to be recognised by Polkit/Pkexec/Pkaction
Bjørn Forsman
bjorn.forsman at gmail.com
Wed May 31 08:34:02 CEST 2017
On 31 May 2017 at 07:44, Roger Qiu <roger.qiu at matrix.ai> wrote:
> Hi all,
>
> Normally a polkit action file on a non-NixOS system would be installed in
> /usr/share/polkit-1/actions. On NixOS this location is instead at
> /run/current-system/sw/share/polkit-1/actions. The action files stored here
> are recognised by polkit, which can be demonstrated by running `pkaction`,
> this results in showing the titles of each action id.
>
> However some packages may supply action files, and are installed via
> nix-env. The action files in this case are instead stored in
> ~/.nix-profile/share/polkit-1/actions. My tests show that these action files
> are not being recognised by polkit. Running pkaction does not show any
> package the action files that are inside ~/.nix-profile/...
>
> Is there a work around here?
>
> Browsing the polkit docs doesn't mention anything about looking up
> user-specific action files, they all just say action files are to be at
> /usr/share/polkit-1/actions. If polkit only looks up 1 location, then should
> nix-env be symlinking action files into
> /run/current/system/sw/share/polkit-1/actions?
Wouldn't that mean unprivileged users are allowed to raise their own
permissions? (That doesn't sound like a good idea.)
Best regards,
Bjørn Forsman
More information about the nix-dev
mailing list