search for: auth_admin

As in the example code below. static void do_auth (guestfs_h *g, void *opaque, uint64_t event, int event_handle, int flags, const char *buf, size_t buf_len, const uint64_t *array, size_t array_len) { char **creds; size_t i; char *prompt; char *reply; size_t replylen; // buf will be the libvirt URI. It is always \0-terminated so

Dear Experts, "this is system from the hell!" Than was my first reaction when I realized that logged in with GUI (X11) user can turn off (and on) network interfaces. Without being in sudoers file. Wow, this is scary to see on workstations I manage centrally. Even though I did consider local user to be able to execute the command "shutdown" (which distinguished RedHat and

...reated the file /etc/polkit-1/rules.d/20-networkmanager.rules with the following content /* require authentication to modify network settings */ polkit.addRule(function(action, subject) { if (action.id.indexOf("org.freedesktop.NetworkManager." ) == 0 ) { return polkit.Result.AUTH_ADMIN; } }); That will require someone with admin privileges to authenticate for NetworkManager actions to succeed. regards, Thomas

I have two before_filters for a few of my controllers. They are running my own methods authorize and admin_authorize. authorize is called on just about every action to make sure that a user is logged in. admin_authorize is called on about 80% of the actions and is used to make sure that a user is an administrator. If a user tries to access an admin_authorize protected action without being