package/polkit: add polkitd user and appropriate permissions

The polkit daemon requires a polkitd user with permission to access the
following directories:
  - /etc/polkit-1
  - /usr/share/polkit-1

The /usr/bin/pkexec file must be owned by owned by root with the
permissions 4755 or else the error "pkexec must be setuid root" is
thrown when it's ran.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

diff --git a/package/polkit/polkit.mk b/package/polkit/polkit.mk
index a98c13835646e387e3d165676eb9e852ac901949..bc9e3580ab4e0c72ab3b53708fac1ddb204d4972 100644 (file)
--- a/package/polkit/polkit.mk
+++ b/package/polkit/polkit.mk
@@ -29,4 +29,14 @@ else
 POLKIT_CONF_OPTS += --with-authfw=shadow
 endif
 
+define POLKIT_USERS
+       polkitd -1 polkitd -1 * - - - Polkit Daemon
+endef
+
+define POLKIT_PERMISSIONS
+       /etc/polkit-1 r 750 root polkitd - - - - -
+       /usr/share/polkit-1 r 750 root polkitd - - - - -
+       /usr/bin/pkexec f 4755 root root - - - - -
+endef
+
 $(eval $(autotools-package))