File 0001-instead-of-auth-admin-disallow-colord-management-for.patch of Package polkit-default-privs.843

From 731a5cf343f8397120313c7f2a2b202956401f5c Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.de>
Date: Fri, 22 May 2015 11:41:38 +0200
Subject: [PATCH] instead of auth-admin, disallow colord management for
 inactive and other users, so they do not get root password popups bsc#918594

---
 polkit-default-privs.restrictive |  9 +++++----
 polkit-default-privs.standard    | 10 +++++-----
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/polkit-default-privs.restrictive b/polkit-default-privs.restrictive
index b00a9ad..79a0999 100644
--- a/polkit-default-privs.restrictive
+++ b/polkit-default-privs.restrictive
@@ -40,11 +40,12 @@ org.gnome.settings-daemon.plugins.wacom.wacom-led-helper        auth_admin
 # bnc#822405
 org.gnome.settings-daemon.plugins.wacom.wacom-oled-helper       auth_admin
 #
-# colord (bnc#698250, bnc#887511)
+# colord (bnc#698250, bnc#887511) (bsc#918594)
 #
-org.freedesktop.color-manager.create-device                     auth_admin:auth_admin:yes
-org.freedesktop.color-manager.create-profile                    auth_admin:auth_admin:yes
-org.freedesktop.color-manager.delete-device                     auth_admin:auth_admin:yes
+org.freedesktop.color-manager.create-device                     no:no:yes
+org.freedesktop.color-manager.create-profile                    no:no:yes
+org.freedesktop.color-manager.delete-device                     no:no:yes
+org.freedesktop.color-manager.delete-profile                    no:no:yes
 org.freedesktop.color-manager.delete-profile                    auth_admin
 org.freedesktop.color-manager.modify-device                     auth_admin
 org.freedesktop.color-manager.modify-profile                    auth_admin
diff --git a/polkit-default-privs.standard b/polkit-default-privs.standard
index cb44fe8..5af15a1 100644
--- a/polkit-default-privs.standard
+++ b/polkit-default-privs.standard
@@ -41,12 +41,12 @@ org.gnome.settings-daemon.plugins.wacom.wacom-led-helper        no:no:yes
 # bnc#822405
 org.gnome.settings-daemon.plugins.wacom.wacom-oled-helper       no:no:yes
 #
-# colord (bnc#698250)
+# colord (bnc#698250) (bsc#918594)
 #
-org.freedesktop.color-manager.create-device                     auth_admin:auth_admin:yes
-org.freedesktop.color-manager.create-profile                    auth_admin:auth_admin:yes
-org.freedesktop.color-manager.delete-device                     auth_admin:auth_admin:yes
-org.freedesktop.color-manager.delete-profile                    auth_admin:auth_admin:yes
+org.freedesktop.color-manager.create-device                     no:no:yes
+org.freedesktop.color-manager.create-profile                    no:no:yes
+org.freedesktop.color-manager.delete-device                     no:no:yes
+org.freedesktop.color-manager.delete-profile                    no:no:yes
 org.freedesktop.color-manager.modify-device                     auth_admin:auth_admin:yes
 org.freedesktop.color-manager.modify-profile                    auth_admin:auth_admin:yes
 org.freedesktop.color-manager.install-system-wide               auth_admin:auth_admin:auth_admin_keep
-- 
2.1.4