From f5228ceeb9149b8b9d807dbc3cd4403015bb149b Mon Sep 17 00:00:00 2001
From: ver4a <ver4a@uncontrol.me>
Date: Sun, 10 Nov 2024 15:56:53 +0100
Subject: [PATCH] Reduce password prompts for "wheel" group members

Removes password prompts for managing libvirt and rpm-ostree
---
 etc/polkit-1/rules.d/80-libvirt-manage.rules |  7 ++++++
 etc/polkit-1/rules.d/80-rpm-ostree.rules     | 25 ++++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 etc/polkit-1/rules.d/80-libvirt-manage.rules
 create mode 100644 etc/polkit-1/rules.d/80-rpm-ostree.rules

diff --git a/etc/polkit-1/rules.d/80-libvirt-manage.rules b/etc/polkit-1/rules.d/80-libvirt-manage.rules
new file mode 100644
index 0000000..73f9469
--- /dev/null
+++ b/etc/polkit-1/rules.d/80-libvirt-manage.rules
@@ -0,0 +1,7 @@
+// https://goldmann.pl/blog/2012/12/03/configuring-polkit-in-fedora-18-to-access-virt-manager/
+
+polkit.addRule(function(action, subject) {
+  if (action.id == "org.libvirt.unix.manage" && subject.local && subject.active && subject.isInGroup("wheel")) {
+      return polkit.Result.YES;
+  }
+});
diff --git a/etc/polkit-1/rules.d/80-rpm-ostree.rules b/etc/polkit-1/rules.d/80-rpm-ostree.rules
new file mode 100644
index 0000000..d803292
--- /dev/null
+++ b/etc/polkit-1/rules.d/80-rpm-ostree.rules
@@ -0,0 +1,25 @@
+polkit.addRule(function(action, subject) {
+    if (action.id == "org.projectatomic.rpmostree1.repo-refresh" &&
+        subject.active == true && subject.local == true) {
+            return polkit.Result.YES;
+    }
+
+    if ((action.id == "org.projectatomic.rpmostree1.install-uninstall-packages" ||
+         action.id == "org.projectatomic.rpmostree1.install-local-packages" ||
+         action.id == "org.projectatomic.rpmostree1.override" ||
+         action.id == "org.projectatomic.rpmostree1.deploy" ||
+         action.id == "org.projectatomic.rpmostree1.upgrade" ||
+         action.id == "org.projectatomic.rpmostree1.rebase" ||
+         action.id == "org.projectatomic.rpmostree1.rollback" ||
+         action.id == "org.projectatomic.rpmostree1.bootconfig" ||
+         action.id == "org.projectatomic.rpmostree1.reload-daemon" ||
+         action.id == "org.projectatomic.rpmostree1.cancel" ||
+         action.id == "org.projectatomic.rpmostree1.cleanup" ||
+         action.id == "org.projectatomic.rpmostree1.client-management") &&
+        subject.active == true &&
+        subject.local == true &&
+        subject.isInGroup("wheel")) {
+            return polkit.Result.YES;
+    }
+});
+