Add polkit permissions for monasca-agent user

On SLES12 monasca-agent user cannot execute libvirt plugin.
The problems lies in lack of permissions over 'org.libvirt.unix.monitor'
in polkit. Commits adds necessary file that enables,
on behalf of user who runs monasca-agent, executing commands from libvirt
plugin.

Change-Id: I6ab8c28dd4c913f1d21931c064de0b50435593d4

openstack/monasca-agent/monasca-agent.spec.j2

@@ -27,7 +27,8 @@ Url:            https://wiki.openstack.org/wiki/Monasca
 Source0:        https://pypi.io/packages/source/m/%{sname}/%{sname}-%{version}.tar.gz
 Source1:        %{name}-sudoers
 Source2:        %{name}.service
-Source3:        openstack-monasca-agent.tmpfiles
+Source3:        %{name}.tmpfiles
+Source4:        %{name}.polkit
 BuildRequires:  openstack-macros
 BuildRequires:  {{ py2pkg('PyYAML') }}
 BuildRequires:  {{ py2pkg('devel') }}
@@ -132,7 +133,10 @@ ln -sr %{buildroot}%{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
 %endif
 
 # systemd tmpfile
-install -D -m 644 %{SOURCE3} %{buildroot}/%{_tmpfilesdir}/openstack-monasca-agent.conf
+install -D -m 644 %{SOURCE3} %{buildroot}%{_tmpfilesdir}/openstack-monasca-agent.conf
+
+# polkit permissions
+install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/polkit-1/rules.d/49-monasca-agent.rules
 
 %pre
 # create user and groups
@@ -166,6 +170,9 @@ PYTHONPATH=. NOSE_EXCLUDE=test_override_values nosetests tests -v
 %if 0%{?suse_version}
 %{_sbindir}/rc%{name}
 %endif
+%{_sysconfdir}/polkit-1/
+%{_sysconfdir}/polkit-1/rules.d/
+%{_sysconfdir}/polkit-1/rules.d/49-monasca-agent.rules
 
 %files -n python-%{sname}
 %doc README.md

openstack/monasca-agent/openstack-monasca-agent.polkit

@@ -0,0 +1,6 @@
+/* This rule let's monasca-agent's libvirt check monitor libvirt */
+polkit.addRule(function(action, subject) {
+    if ((action.id == "org.libvirt.unix.monitor") && (subject.user == "monasca-agent")) {
+        return polkit.Result.YES;
+    }
+});