Update polkit policy

This commit is contained in:
Bernd Schoolmann 2023-09-19 22:29:21 +02:00
parent 5e3f33c076
commit c7bb21a63a
No known key found for this signature in database
2 changed files with 61 additions and 77 deletions

View File

@ -9,36 +9,37 @@ import (
const POLICY = `<?xml version="1.0" encoding="UTF-8"?> const POLICY = `<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC <!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> "http://www.freedesktop.org/software/polkit/policyconfig-1.dtd">
<policyconfig> <policyconfig>
<action id="com.quexten.goldwarden.accessvault">
<description>Allow access to the vault</description> <action id="com.quexten.goldwarden.accessvault">
<message>Allows access to the vault entries</message> <description>Allow access to the vault</description>
<defaults> <message>Allows access to the vault</message>
<allow_any>auth_self</allow_any> <defaults>
<allow_inactive>auth_self</allow_inactive> <allow_any>auth_self</allow_any>
<allow_active>auth_self</allow_active> <allow_inactive>auth_self</allow_inactive>
</defaults> <allow_active>auth_self</allow_active>
</action> </defaults>
<action id="com.quexten.goldwarden.usesshkey"> </action>
<description>Use SSH Key</description> <action id="com.quexten.goldwarden.usesshkey">
<message>Authenticate to use an SSH Key from your vault</message> <description>Use SSH Key</description>
<defaults> <message>Authenticate to use an SSH Key from your vault</message>
<allow_any>auth_self</allow_any> <defaults>
<allow_inactive>auth_self</allow_inactive> <allow_any>auth_self</allow_any>
<allow_active>auth_self</allow_active> <allow_inactive>auth_self</allow_inactive>
</defaults> <allow_active>auth_self</allow_active>
</action> </defaults>
<action id="com.quexten.goldwarden.browserbiometrics"> </action>
<description>Browser Biometrics</description> <action id="com.quexten.goldwarden.browserbiometrics">
<message>Authenticate to allow Goldwarden to unlock your browser.</message> <description>Browser Biometrics</description>
<defaults> <message>Authenticate to allow Goldwarden to unlock your browser</message>
<allow_any>auth_self</allow_any> <defaults>
<allow_inactive>auth_self</allow_inactive> <allow_any>auth_self</allow_any>
<allow_active>auth_self</allow_active> <allow_inactive>auth_self</allow_inactive>
</defaults> <allow_active>auth_self</allow_active>
</action> </defaults>
</action>
</policyconfig>` </policyconfig>`
func CheckBiometrics(approvalType Approval) bool { func CheckBiometrics(approvalType Approval) bool {

View File

@ -1,52 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC <!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> "http://www.freedesktop.org/software/polkit/policyconfig-1.dtd">
<policyconfig> <policyconfig>
<action id="com.quexten.goldwarden.accesscredential">
<description>Allow Credential Access</description> <action id="com.quexten.goldwarden.accessvault">
<message>Authenticate to allow access to a single credential</message> <description>Allow access to the vault</description>
<defaults> <message>Allows access to the vault</message>
<allow_any>auth_self</allow_any> <defaults>
<allow_inactive>auth_self</allow_inactive> <allow_any>auth_self</allow_any>
<allow_active>auth_self</allow_active> <allow_inactive>auth_self</allow_inactive>
</defaults> <allow_active>auth_self</allow_active>
</action> </defaults>
<action id="com.quexten.goldwarden.changepin"> </action>
<description>Approve Pin Change</description> <action id="com.quexten.goldwarden.usesshkey">
<message>Authenticate to change your Goldwarden PIN.</message> <description>Use SSH Key</description>
<defaults> <message>Authenticate to use an SSH Key from your vault</message>
<allow_any>auth_self</allow_any> <defaults>
<allow_inactive>auth_self</allow_inactive> <allow_any>auth_self</allow_any>
<allow_active>auth_self</allow_active> <allow_inactive>auth_self</allow_inactive>
</defaults> <allow_active>auth_self</allow_active>
</action> </defaults>
<action id="com.quexten.goldwarden.usesshkey"> </action>
<description>Use Bitwarden SSH Key</description> <action id="com.quexten.goldwarden.browserbiometrics">
<message>Authenticate to use an SSH Key from your vault</message> <description>Browser Biometrics</description>
<defaults> <message>Authenticate to allow Goldwarden to unlock your browser</message>
<allow_any>auth_self</allow_any> <defaults>
<allow_inactive>auth_self</allow_inactive> <allow_any>auth_self</allow_any>
<allow_active>auth_self</allow_active> <allow_inactive>auth_self</allow_inactive>
</defaults> <allow_active>auth_self</allow_active>
</action> </defaults>
<action id="com.quexten.goldwarden.modifyvault"> </action>
<description>Modify Bitwarden Vault</description>
<message>Authenticate to allow modification of your Bitvarden vault in Goldwarden</message>
<defaults>
<allow_any>auth_self</allow_any>
<allow_inactive>auth_self</allow_inactive>
<allow_active>auth_self</allow_active>
</defaults>
</action>
<action id="com.quexten.goldwarden.browserbiometrics">
<description>Browser Biometrics</description>
<message>Authenticate to allow Goldwarden to unlock your browser.</message>
<defaults>
<allow_any>auth_self</allow_any>
<allow_inactive>auth_self</allow_inactive>
<allow_active>auth_self</allow_active>
</defaults>
</action>
</policyconfig> </policyconfig>