Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Add polkit rules to allow sigul user to access smartcard/yubikey for autosign binding.

Browse source
This commit is contained in:
Kevin Fenzi 2016-09-24 17:54:28 +00:00
parent 62e200fa61
commit b704d6b898
2 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
roles/sigul/server/files/00-sigul.rules Normal file
View file

@ -0,0 +1,12 @@
polkit.addRule(function(action, subject) {
if (action.id == "org.debian.pcsc-lite.access_pcsc" &&
subject.user == "sigul") {
return polkit.Result.YES;
}
});
polkit.addRule(function(action, subject) {
if (action.id == "org.debian.pcsc-lite.access_card" &&
subject.user == "sigul") {
return polkit.Result.YES; }
});

5
roles/sigul/server/tasks/main.yml
View file

@ -50,3 +50,8 @@
- name: Setup gpg link on rhel7 - name: Setup gpg link on rhel7
file: state=link src=/usr/bin/gpg1 dest=/usr/bin/gpg file: state=link src=/usr/bin/gpg1 dest=/usr/bin/gpg
when: ansible_distribution_major_version|int == 7 when: ansible_distribution_major_version|int == 7
- name: add polkit rules to allow sigul user to access the smartcard/yubikey
file: src=00-sigul.rules dest=/etc/polkit-1/rules.d/00-sigul.rules
tags:
- config