debian下普通用戶操做systemd服務

問題描述：
使用普通帳號test經過systemctl啓動系統服務提示須要輸入root密碼：

解決方案：
根據上面提示得知權限由polkit進行管理，對應的是org.freedesktop.systemd1.policy這個配置文件下的manae-units動做

進入/usr/share/polkit-1/actions/org.freedesktop.systemd1.policy，

將對應manae-units的defaults中的受權所有改成yes，而後執行systemctl restart polkit重啓polkit

<defaults>
        <allow_any>yes</allow_any>
        <allow_inactive>yes</allow_inactive>
        <allow_active>yes</allow_active>
</defaults>

下圖爲權限可選的配置參數 

defaults

This element is used to specify implicit authorizations for clients. Elements that can be used inside defaults include: allow_any Implicit authorizations that apply to any client. Optional. allow_inactive Implicit authorizations that apply to clients in inactive sessions on local consoles. Optional. allow_active Implicit authorizations that apply to clients in active sessions on local consoles. Optional. Each of the allow_any, allow_inactive and allow_active elements can contain the following values: no Not authorized. yes Authorized. auth_self Authentication by the owner of the session that the client originates from is required. Note that this is not restrictive enough for most uses on multi-user systems; auth_admin* is generally recommended. auth_admin Authentication by an administrative user is required. auth_self_keep Like auth_self but the authorization is kept for a brief period (e.g. five minutes). The warning about auth_self above applies likewise. auth_admin_keep Like auth_admin but the authorization is kept for a brief period (e.g. five minutes).