Add pkexec policy (Bug #11122)

This adds a pkexec policy file to Thunar. This way if the user
of a desktop system wants to use thunar to modify files as root
and has the proper credentials they can.
pkexec comes from polkit which does about the same thing as
sudo/gksu except also supports authentication methods like
fingerprint or smart card readers.

Signed-off-by: Simon Steinbeiss <simon.steinbeiss@elfenbeinturm.at>

1 files changed, 37 insertions, 0 deletions

diff --git a/org.xfce.thunar.policy.in.in b/org.xfce.thunar.policy.in.in
new file mode 100644
index 00000000..d64113e9
--- /dev/null
+++ b/org.xfce.thunar.policy.in.in
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+
+  <!--
+ Policy definitions for Thunar.
+ Copyright (c) 2014 Benedikt Meurer <benny@xfce.org>
+                    Jannis Pohlmann <jannis@xfce.org>
+                    Jeffs Franks    <jcfranks@xfce.org>
+                    Nick Schermer   <nick@xfce.org>
+ -->
+
+ <vendor>Thunar</vendor>
+ <vendor_url>http://xfce.org/</vendor_url>
+ <icon_name>system-file-manager</icon_name>
+
+
+ <action id="org.xfce.thunar">
+ <!-- SECURITY:
+ - A normal active user can run thunar without elevated rights. They
+   may wish to modify files they normally do not have read/write access
+   to. This isn't a good idea, but is common on single user systems.
+ -->
+ <_description>Run Thunar as root</_description>
+ <_message>Authentication is required to run Thunar as root.</_message>
+ <defaults>
+ <allow_any>no</allow_any>
+ <allow_inactive>auth_admin</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">@bindir@/thunar</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+ </action>
+
+</policyconfig>