From ff86b518167bb87fc68b96f6d760a606ec237c09 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <pngwjpgh@users.noreply.github.com>
Date: Mon, 31 Oct 2016 17:05:58 +0100
Subject: allow systemctl operations to admins without auth

---
 hel.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/hel.nix b/hel.nix
index e04a06e1..59285cda 100644
--- a/hel.nix
+++ b/hel.nix
@@ -310,6 +310,19 @@
                        source = ''${pkgs.callPackage ./custom/notify-user.nix { inherit (pkgs.haskellPackages) ghcWithPackages; }}/bin/notify-gkleen'';
                      }
                    ];
+
+    polkit = {
+      enable = true;
+      extraConfig = ''
+        polkit.addRule(function(action, subject) {
+          if (    action.id == "org.freedesktop.systemd1.manage-units"
+               && subject.isInGroup("admin")
+             ) {
+              return polkit.Result.YES;
+          }
+        });
+      '';
+    };
   };
 
   time.timeZone = "Europe/Berlin";
-- 
cgit v1.2.3