polkit: add docs

author: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-02-16 19:49:26 -0500
committer: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-02-16 19:49:26 -0500
commit: c0cf8a88f87aecbc1ea35d94b09fa4406038499b (patch)
tree: 48e55bcd5f73f26ee190db63b5c0f9872c0a4978 /roles/polkit
parent: ac9fa26cadf958798c5b8c9060abc93176533276 (diff)
download: selfhosted-c0cf8a88f87aecbc1ea35d94b09fa4406038499b.tar.gz
selfhosted-c0cf8a88f87aecbc1ea35d94b09fa4406038499b.zip
1 files changed, 36 insertions, 0 deletions
diff --git a/roles/polkit/README.md b/roles/polkit/README.md
new file mode 100644
index 0000000..1d45741
--- /dev/null
+++ b/roles/polkit/README.md
@@ -0,0 +1,36 @@
+Polkit
+======
+
+Description
+-----------
+
+The `polkit` role simply adds a [polkit rule](https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html)
+to allow a given group to perform privleged operations.
+
+The only time `polkit` escalation must be used (rather than `sudo`) seems to be
+when performing privileged operations from the GNOME interface.
+
+
+Variables
+---------
+
+This role **accepts** the following variables:
+
+Variable                         | Default   | Description
+---------------------------------|-----------|------------
+`polkit_admin_group`             | `wheel`   | Group name for system administrators
+
+This role **exports** the following variables:
+
+Usage
+-----
+
+Example playbook:
+
+````yaml
+- hosts: all
+  roles:
+    - role: polkit
+      vars:
+        polkit_admin_group: sysadmins
+````
author	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-02-16 19:49:26 -0500
committer	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-02-16 19:49:26 -0500
commit	c0cf8a88f87aecbc1ea35d94b09fa4406038499b (patch)
tree	48e55bcd5f73f26ee190db63b5c0f9872c0a4978 /roles/polkit
parent	ac9fa26cadf958798c5b8c9060abc93176533276 (diff)
download	selfhosted-c0cf8a88f87aecbc1ea35d94b09fa4406038499b.tar.gz selfhosted-c0cf8a88f87aecbc1ea35d94b09fa4406038499b.zip