about summary refs log tree commit diff
path: root/nixos/socrates/configuration.nix
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2020-08-16T18·06+0100
committerWilliam Carroll <wpcarro@gmail.com>2020-08-20T10·26+0100
commit2bf3c6c9269b36f3078529a2f075645d59ddc56e (patch)
tree46e9d121496e51422ebf5df2eca7f571cbc52320 /nixos/socrates/configuration.nix
parent9a6d2c3343984103723990a574dbe651c992c06e (diff)
Log all polkit actions to find action.id for nixos-rebuild
I would like to setup a polkit rule to allow `buildkite-agent` (i.e. a
forthcoming user) to call `nixos-rebuild`. I need to know the `action.id` before
I can write a reliable rule.
Diffstat (limited to 'nixos/socrates/configuration.nix')
-rw-r--r--nixos/socrates/configuration.nix6
1 files changed, 6 insertions, 0 deletions
diff --git a/nixos/socrates/configuration.nix b/nixos/socrates/configuration.nix
index b9d2b23485bb..469e2f45dccc 100644
--- a/nixos/socrates/configuration.nix
+++ b/nixos/socrates/configuration.nix
@@ -163,6 +163,12 @@ in {
   # lid.
   services.logind.lidSwitch = "ignore";
 
+  security.polkit.extraConfig = ''
+    polkit.addRule(function(action, subject) {
+      polkit.log("subject.user: " + subject.user + " is attempting action.id: " + action.id);
+    });
+  '';
+
   # Provision SSL certificates to support HTTPS connections.
   security.acme.acceptTerms = true;
   security.acme.email = "wpcarro@gmail.com";
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-03T05·05+0000