Merge branch 'feature/53348_more_polkit_policy_shutdown_variability' into 'master'

Marcus Funch · Marcus Funch · commit 695fa749a4e2 · 2022-12-14T13:58:02.000+01:00
Modify polkit policy shutdown for more variability via input parameters

See merge request os2borgerpc/os2borgerpc-scripts!165
diff --git a/os2borgerpc/desktop/polkit_policy_shutdown.sh b/os2borgerpc/desktop/polkit_policy_shutdown.sh
@@ -7,18 +7,25 @@
 #+    polkit_policy_shutdown.sh [ENFORCE]
 #%
 #% DESCRIPTION
-#%    This script installs a mandatory PolicyKit policy that prevents the
-#%    "user" or "lightdm" users from sleeping, hibernating, restarting or
-#%    shutting down the system.
+#%    This script installs a mandatory PolicyKit policy that either prevents
+#%    the "user" or "lightdm" users from suspending the system,
+#%    prevents the "user" or "lightdm" users from restarting/shutting down
+#%    the system or prevents both.
 #%
-#%    It takes one optional parameter: whether or not to enforce this policy.
-#%    Use a boolean to decide whether to enforce the policy or not. A checked box
-#%    enforces the policy and an unchecked removes it
+#%    It takes two optional parameters: whether to prevent suspending the system
+#%    and whether to prevent restart/shutdown.
+#%    1. Use a boolean to decide whether or not to prevent the "user" from
+#%       suspending the system. A checked box prevents suspend and an
+#%       unchecked box allows it
+#%    2. Use a boolean to decide whether or not to prevent the "user" from
+#%       restarting/shutting down the system. A checked box prevents
+#%       restart/shutdown and an unchecked box allows it
 #%
 #================================================================
 #- IMPLEMENTATION
 #-    version         polkit_policy_shutdown.sh (magenta.dk) 1.0.0
 #-    author          Alexander Faithfull
+#-    modified by     Andreas Poulsen
 #-    copyright       Copyright 2019, 2020 Magenta ApS
 #-    license         GNU General Public License
 #-    email           af@magenta.dk
@@ -27,6 +34,9 @@
 #  HISTORY
 #     2019/09/25 : af : dconf_policy_shutdown.sh created
 #     2020/01/27 : af : This script created based on dconf_policy_shutdown.sh
+#     2022/11/01 : ap : This script modified to always disable hibernating/sleeping
+#     2022/12/12 : ap : This script modified to allow separately
+#                       disabling restart/shutdown or hibernating/sleeping
 #
 #================================================================
 # END_OF_HEADER
@@ -36,14 +46,32 @@ set -x
 
 POLICY="/etc/polkit-1/localauthority/90-mandatory.d/10-os2borgerpc-no-user-shutdown.pkla"
 
-if [ "$1" = "False" ]; then
-    rm -f "$POLICY"
-else
-    if [ ! -d "$(dirname "$POLICY")" ]; then
-        mkdir "$(dirname "$POLICY")"
-    fi
+if [ ! -d "$(dirname "$POLICY")" ]; then
+    mkdir "$(dirname "$POLICY")"
+fi
 
-    cat > "$POLICY" <<END
+if [ "$1" = "False" ] && [ "$2" = "False" ]; then
+  rm -f "$POLICY"
+elif [ "$1" = "True" ] && [ "$2" = "False" ]; then
+  cat > "$POLICY" <<END
+[Restrict system shutdown]
+Identity=unix-user:user;unix-user:lightdm
+Action=org.freedesktop.login1.hibernate*;org.freedesktop.login1.suspend*;org.freedesktop.login1.lock-sessions
+ResultAny=no
+ResultActive=no
+ResultInactive=no
+END
+elif [ "$1" = "False" ] && [ "$2" = "True" ]; then
+  cat > "$POLICY" <<END
+[Restrict system shutdown]
+Identity=unix-user:user;unix-user:lightdm
+Action=org.freedesktop.login1.power-off*;org.freedesktop.login1.reboot*;org.freedesktop.login1.lock-sessions;org.freedesktop.login1.set-reboot*
+ResultAny=no
+ResultActive=no
+ResultInactive=no
+END
+else
+  cat > "$POLICY" <<END
 [Restrict system shutdown]
 Identity=unix-user:user;unix-user:lightdm
 Action=org.freedesktop.login1.hibernate*;org.freedesktop.login1.power-off*;org.freedesktop.login1.reboot*;org.freedesktop.login1.suspend*;org.freedesktop.login1.lock-sessions;org.freedesktop.login1.set-reboot*
