altlinux
diff --git a/‎BaseALT.admx‎
Lines changed: 7 additions & 1 deletion b/‎BaseALT.admx‎
Lines changed: 7 additions & 1 deletion
diff --git a/‎BaseALTPackageKit.admx‎
Lines changed: 297 additions & 21 deletions b/‎BaseALTPackageKit.admx‎
Lines changed: 297 additions & 21 deletions
diff --git a/‎BaseALTPolkit.admx‎
Lines changed: 10 additions & 9 deletions b/‎BaseALTPolkit.admx‎
Lines changed: 10 additions & 9 deletions
diff --git a/‎en-US/basealt.adml‎
Lines changed: 6 additions & 2 deletions b/‎en-US/basealt.adml‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎en-US/basealtpackagekit.adml‎
Lines changed: 163 additions & 14 deletions b/‎en-US/basealtpackagekit.adml‎
Lines changed: 163 additions & 14 deletions
@@ -134,7 +134,13 @@
       <parentCategory ref="ALT_Windows_Manager_Marco" />
     </category>
     <category name="ALT_Polkit" displayName="$(string.ALT_Polkit)" explainText="$(string.ALT_Polkit_Help)">
-      <parentCategory ref="ALT_System" />
+      <parentCategory ref="ALT_Services" />
+    </category>
+    <category name="ALT_Udisks2" displayName="$(string.ALT_Udisks2)" explainText="$(string.ALT_Udisks2_Help)">
+      <parentCategory ref="ALT_Polkit" />
+    </category>
+    <category name="ALT_PackageKit" displayName="$(string.ALT_PackageKit)" explainText="$(string.ALT_PackageKit_Help)">
+      <parentCategory ref="ALT_Polkit" />
     </category>
   </categories>
 </policyDefinitions>
@@ -2,7 +2,8 @@
 <!--  (c) 2022 BaseALT, Ltd.  -->
 <policyDefinitions xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" revision="1.0" schemaVersion="1.0" xmlns="http://schemas.microsoft.com/GroupPolicy/2006/07/PolicyDefinitions">
   <policyNamespaces>
-    <target prefix="polkit" namespace="BaseALT.Policies.Polkit" />
+    <target prefix="udisks2" namespace="BaseALT.Policies.Udisks2" />
+    <using prefix="polkit" namespace="BaseALT.Policies.Polkit" />
     <using prefix="system" namespace="BaseALT.Policies.System" />
   </policyNamespaces>
   <resources minRequiredRevision="1.0" />
@@ -13,7 +14,7 @@
         name="org.freedesktop.udisks2.filesystem-mount"
         valuename="org.freedesktop.udisks2.filesystem-mount"
         presentation="$(presentation.OrgFreedesktopUdisks2FileSystemMount-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
       <elements>
         <enum id="OrgFreedesktopUdisks2FileSystemMount_setter" valueName="org.freedesktop.udisks2.filesystem-mount" required="true">
@@ -64,7 +65,7 @@
         name="org.freedesktop.udisks2.filesystem-mount-user"
         valuename="org.freedesktop.udisks2.filesystem-mount"
         presentation="$(presentation.OrgFreedesktopUdisks2FileSystemMountUser-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
       <elements>
         <enum id="OrgFreedesktopUdisks2FileSystemMount_setter" valueName="org.freedesktop.udisks2.filesystem-mount" required="true">
@@ -107,7 +108,7 @@
         name="org.freedesktop.udisks2.filesystem-mount-other-seat"
         valuename="org.freedesktop.udisks2.filesystem-mount-other-seat"
         presentation="$(presentation.OrgFreedesktopUdisks2FileSystemMount-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
       <elements>
         <enum id="OrgFreedesktopUdisks2FileSystemMount_setter" valueName="org.freedesktop.udisks2.filesystem-mount-other-seat" required="true">
@@ -158,7 +159,7 @@
         name="org.freedesktop.udisks2.filesystem-mount-other-seat-user"
         valuename="org.freedesktop.udisks2.filesystem-mount-other-seat"
         presentation="$(presentation.OrgFreedesktopUdisks2FileSystemMountUser-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
       <elements>
         <enum id="OrgFreedesktopUdisks2FileSystemMount_setter" valueName="org.freedesktop.udisks2.filesystem-mount-other-seat" required="true">
@@ -201,7 +202,7 @@
         name="org.freedesktop.udisks2.filesystem-mount-system"
         valuename="org.freedesktop.udisks2.filesystem-mount-system"
         presentation="$(presentation.OrgFreedesktopUdisks2FileSystemMount-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
       <elements>
         <enum id="OrgFreedesktopUdisks2FileSystemMount_setter" valueName="org.freedesktop.udisks2.filesystem-mount-system" required="true">
@@ -252,7 +253,7 @@
         name="org.freedesktop.udisks2.filesystem-mount-system-user"
         valuename="org.freedesktop.udisks2.filesystem-mount-system"
         presentation="$(presentation.OrgFreedesktopUdisks2FileSystemMountUser-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
       <elements>
         <enum id="OrgFreedesktopUdisks2FileSystemMount_setter" valueName="org.freedesktop.udisks2.filesystem-mount-system" required="true">
@@ -294,7 +295,7 @@
         key="Software\BaseALT\Policies\Polkit"
         name="org-freedesktop-udisks2-filesystem-mount-all"
         presentation="$(presentation.org-freedesktop-udisks2-filesystem-mount-all-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
          <enabledList defaultKey="Software\BaseALT\Policies\Polkit">
           <item valueName="org.freedesktop.udisks2.filesystem-mount">
@@ -458,7 +459,7 @@
         key="Software\BaseALT\Policies\Polkit"
         name="org-freedesktop-udisks2-filesystem-mount-all-user"
         presentation="$(presentation.org-freedesktop-udisks2-filesystem-mount-all-user-pr)">
-      <parentCategory ref="system:ALT_Polkit" />
+      <parentCategory ref="system:ALT_Udisks2" />
       <supportedOn ref="system:SUPPORTED_AltP10" />
          <enabledList defaultKey="Software\BaseALT\Policies\Polkit">
           <item valueName="org.freedesktop.udisks2.filesystem-mount">
 
@@ -58,8 +58,12 @@
       <string id="ALT_Windows_Manager_Marco_Help">Windows manager Marco settings</string>
       <string id="ALT_Windows_Manager_Marco_Keyboard">Keyboard settings</string>
       <string id="ALT_Windows_Manager_Marco_Keyboard_Help">Keyboard settings</string>
-      <string id="ALT_Polkit">Polkit rules</string>
-      <string id="ALT_Polkit_Help">Polkit rules</string>
+      <string id="ALT_Polkit">Polkit Policies</string>
+      <string id="ALT_Polkit_Help">Polkit Policies</string>
+      <string id="ALT_PackageKit">PackageKit permissions</string>
+      <string id="ALT_PackageKit_Help">PackageKit permissions</string>
+      <string id="ALT_Udisks2">Udisks2 permissions</string>
+      <string id="ALT_Udisks2_Help">Udisks2 permissions</string>
     </stringTable>
   </resources>
 </policyDefinitionResources>
@@ -14,7 +14,7 @@
 
 This policy grants or restricts users the right to install packages through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -41,7 +41,7 @@ Action example: pkcon install "package_name"
 
 This policy grants or restricts users the right to install packages through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -68,7 +68,7 @@ Action example: pkcon install "package_name"
 
 This policy grants or restricts users the right to uninstall packages through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -95,7 +95,7 @@ Action example: pkcon remove "package_name"
 
 This policy grants or restricts users the right to uninstall packages through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -122,7 +122,7 @@ Action example: pkcon remove "package_name"
 
 This policy grants or restricts users the right to update packages installed on the system through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -147,7 +147,7 @@ Action example: pkcon update
       <string id="org-freedesktop-packagekit-system-update-user">Permission to update packages</string>
       <string id="org-freedesktop-packagekit-system-update-user_help">Permission to update packages
 
-This policy grants or restricts users the right to update packages installed on the system through the PackageKit package management interface.
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
 
@@ -176,7 +176,7 @@ Action example: pkcon update
 
 This policy grants or restricts users the right to update system package sources using the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -203,7 +203,7 @@ Action example: pkcon refresh
 
 This policy grants or restricts users the right to update system package sources using the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -230,7 +230,7 @@ Action example: pkcon refresh
 
 This policy grants or restricts users the right to restore the package system if it has problems, such as missing dependencies, through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -257,7 +257,7 @@ Action example: pkcon repair
 
 This policy grants or restricts users the right to restore the package system if it has problems, such as missing dependencies, through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -284,7 +284,7 @@ Action example: pkcon repair
 
 This policy grants or restricts users to edit package sources on the system through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -309,7 +309,7 @@ Possible values:
 
 This policy grants or restricts users to edit package sources on the system through the PackageKit package management interface.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -334,7 +334,7 @@ Possible values:
 
 This policy grants or restricts user rights to install untrusted or unverified packages for external PackageKit package management.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;
 
@@ -359,7 +359,156 @@ Possible values:
 
 This policy grants or restricts user rights to install untrusted or unverified packages for external PackageKit package management.
 
-Disable/Not configured - permissions are determined by system settings - default settings for polkit actions;
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
+
+Enable - permission to mount with set rights;
+
+Possible values:
+
+«No» - Not authorized;
+
+«Yes» - Authorized;
+
+«Auth_self» - Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended;
+
+«Auth_admin» - Authentication by an administrative user is required;
+
+«Auth_self_keep» - Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise;
+
+«Auth_admin_keep» - Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).
+
+      </string>
+
+      <string id="org-freedesktop-packagekit-package-reinstall">Permission to install unverified packages</string>
+      <string id="org-freedesktop-packagekit-package-reinstall_help">Permission to install unverified packages
+
+This policy grants or restricts users the right to reinstall packages through the PackageKit package management interface.
+
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
+
+Enable - permission to mount with set rights;
+
+Possible values:
+
+«No» - Not authorized;
+
+«Yes» - Authorized;
+
+«Auth_self» - Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended;
+
+«Auth_admin» - Authentication by an administrative user is required;
+
+«Auth_self_keep» - Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise;
+
+«Auth_admin_keep» - Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).
+
+      </string>
+
+      <string id="org-freedesktop-packagekit-package-reinstall-user">Permission to install unverified packages</string>
+      <string id="org-freedesktop-packagekit-package-reinstall-user_help">Permission to install unverified packages
+
+This policy grants or restricts users the right to reinstall packages through the PackageKit package management interface.
+
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
+
+Enable - permission to mount with set rights;
+
+Possible values:
+
+«No» - Not authorized;
+
+«Yes» - Authorized;
+
+«Auth_self» - Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended;
+
+«Auth_admin» - Authentication by an administrative user is required;
+
+«Auth_self_keep» - Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise;
+
+«Auth_admin_keep» - Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).
+
+      </string>
+
+      <string id="org-freedesktop-packagekit-package-eula-accept">Permission to accept the license agreement</string>
+      <string id="org-freedesktop-packagekit-package-eula-accept_help">Permission to accept the license agreement
+
+This policy grants or restricts the right to accept the software user agreement through the PackageKit package management interface.
+
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
+
+Enable - permission to mount with set rights;
+
+Possible values:
+
+«No» - Not authorized;
+
+«Yes» - Authorized;
+
+«Auth_self» - Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended;
+
+«Auth_admin» - Authentication by an administrative user is required;
+
+«Auth_self_keep» - Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise;
+
+«Auth_admin_keep» - Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).
+
+      </string>
+
+      <string id="org-freedesktop-packagekit-package-eula-accept-user">Permission to accept the license agreement</string>
+      <string id="org-freedesktop-packagekit-package-eula-accept-user_help">Permission to accept the license agreement
+
+This policy grants or restricts the right to accept the software user agreement through the PackageKit package management interface.
+
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
+
+Enable - permission to mount with set rights;
+
+Possible values:
+
+«No» - Not authorized;
+
+«Yes» - Authorized;
+
+«Auth_self» - Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended;
+
+«Auth_admin» - Authentication by an administrative user is required;
+
+«Auth_self_keep» - Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise;
+
+«Auth_admin_keep» - Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).
+
+      </string>
+
+      <string id="org-freedesktop-packagekit-system-trust-signing-key">Разрешение на добавление ключа электронной подписи</string>
+      <string id="org-freedesktop-packagekit-system-trust-signing-key_help">Разрешение на добавление ключа электронной подписи
+
+This policy grants or restricts users the right to add the signing key to the list of trusted keys in the system through the PackageKit package management interface.
+
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
+
+Enable - permission to mount with set rights;
+
+Possible values:
+
+«No» - Not authorized;
+
+«Yes» - Authorized;
+
+«Auth_self» - Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended;
+
+«Auth_admin» - Authentication by an administrative user is required;
+
+«Auth_self_keep» - Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise;
+
+«Auth_admin_keep» - Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).
+      </string>
+
+      <string id="org-freedesktop-packagekit-system-trust-signing-key-user">Разрешение на добавление ключа электронной подписи</string>
+      <string id="org-freedesktop-packagekit-system-trust-signing-key-user_help">Разрешение на добавление ключа электронной подписи
+
+This policy grants or restricts users the right to add the signing key to the list of trusted keys in the system through the PackageKit package management interface.
+
+Disable/Not configured - Permissions are determined by system settings. Default is «Auth_admin»
 
 Enable - permission to mount with set rights;