semantics of POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION
Nikos Mavrogiannopoulos
nmav at redhat.com
Tue Dec 17 02:29:19 PST 2013
Hello,
I'm trying to add support for polkit on a server that controls hardware
resources and communicates with its clients using unix domain sockets,
and I use the SO_PEERCRED to obtain the uid and pid to provide to
polkit_unix_process_new_for_owner().
So far I've been able to make that work on the server side. However I am
very confused with the polkit_authority_check_authorization flag.
The API reference mentions "Note that
POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION SHOULD be passed
ONLY if the event that triggered the authorization check is stemming
from an user action, e.g. the user pressing a button or attaching a
device.".
However, that feels a bit confusing. A server like the one I describe
can never know that. What do I do in that case, do I set the flag or
not? What are the implications of setting the flag when a
non-interactive application is accessing the server?
regards,
Nikos
More information about the polkit-devel
mailing list