From 45fd53de4dd083dd48577b9141e1daa28272482b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rodolphe=20Br=C3=A9ard?= <rodolphe@what.tf>
Date: Fri, 30 Apr 2021 19:20:03 +0200
Subject: [PATCH] Add a polkit policy that enables ACMEd to restart services

---
 contrib/10-acmed.rules | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 contrib/10-acmed.rules

diff --git a/contrib/10-acmed.rules b/contrib/10-acmed.rules
new file mode 100644
index 0000000..47458ad
--- /dev/null
+++ b/contrib/10-acmed.rules
@@ -0,0 +1,19 @@
+/*
+ * Polkit authorization rules file
+ *
+ * This file defines a Polkit rule allowing the user acmed to restart
+ * systemd services.
+ *
+ * For more information, see the polkit documentation:
+ * https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html
+ */
+
+polkit.addRule(function(action, subject) {
+    if (action.id == "org.freedesktop.systemd1.manage-units") {
+        if (subject.user == "acmed") {
+            if (action.lookup("verb") == "restart") {
+                return polkit.Result.YES;
+            }
+        }
+    }
+});