2 files changed, 16 insertions, 2 deletions

diff --git a/perl-install/standalone/polkit/Makefile b/perl-install/standalone/polkit/Makefile
index a8b5a51da..6cd42c013 100644
--- a/perl-install/standalone/polkit/Makefile
+++ b/perl-install/standalone/polkit/Makefile
@@ -1,8 +1,10 @@
 BINDIR = /usr/bin
 LIBEXECDIR = /usr/libexec
 BINDEST = $(PREFIX)$(BINDIR)
+POLKITRULESDEST = $(PREFIX)/usr/share/polkit-1/rules.d
 POLKITPOLICYDEST = $(PREFIX)/usr/share/polkit-1/actions
 
+RULES := $(wildcard *.rules)
 POLICY_IN := $(wildcard *.policy.in)
 POLICY = $(POLICY_IN:.policy.in=.policy)
 WRAPPERS = $(patsubst org.mageia.%.policy,%,$(POLICY))
@@ -13,12 +15,13 @@ clean:
 	rm -f  $(WRAPPERS) $(POLICY)
 
 %: org.mageia.%.policy.in
-	@echo -e "#!/bin/sh\nexec $(BINDIR)/pkexec $(LIBEXECDIR)/$@ $$""*" > $@
+	@echo -e '#!/bin/sh\nif  [[ "$$UID" != "0" ]] ; then\n    exec $(BINDIR)/pkexec $(LIBEXECDIR)/$@ "$$''@"\nelse\n    exec $(LIBEXECDIR)/$@ "$$''@"\nfi\n' > $@
 
 %.policy: %.policy.in
 	intltool-merge --utf8 ../po $< $@ -x -u -c ../po/.intltool-merge-cache
 
 install: all
-	install -d $(BINDEST) $(POLKITPOLICYDEST)
+	install -d $(BINDEST) $(POLKITRULESDEST) $(POLKITPOLICYDEST)
 	install -m755 $(WRAPPERS) $(BINDEST)
 	install -m644 $(POLICY) $(POLKITPOLICYDEST)
+	install -m644 $(RULES) $(POLKITRULESDEST)
diff --git a/perl-install/standalone/polkit/org.mageia.draksec.rules b/perl-install/standalone/polkit/org.mageia.draksec.rules
new file mode 100644
index 000000000..45a7f0efe
--- /dev/null
+++ b/perl-install/standalone/polkit/org.mageia.draksec.rules
@@ -0,0 +1,11 @@
+polkit.addRule(function(action, subject) {
+  if (typeof drakToolAuth != "function" || action.id.indexOf("org.mageia.") != 0)
+    return polkit.Result.NOT_HANDLED;
+
+  var tool = action.id.split(".")[2];
+  var rv = drakToolAuth(tool);
+  if (rv != polkit.Result.NOT_HANDLED)
+    polkit.log("draksec security policy for '" + tool + "' is overriden to '" + rv + "'");
+  return rv;
+});
+