[blfs-support] Polkit Actions
krejzi at email.com
Wed Dec 11 10:20:26 PST 2013
On 12/11/2013 06:45 PM, Dan McGhee wrote:
> Now that I've learned (?) how to deal with polkit--as documented in
> another thread--I'd like to get a few more things under my belt. In
> particular, I'd like to call gparted from the menus in my desktop
> system. The way it works in Ubuntu is that a message pops up and asks
> for my password before GParted runs. Right now I get only the message
> that I need to be root to run it. I found this at the Arch wiki:
Ubuntu used gksu/gksudo which called respective utilities for
authentication as superuser. PolicyKit is somehow different mechanism.
>> <?xml version="1.0" encoding="UTF-8"?>
>> <!DOCTYPE policyconfig PUBLIC
>> "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
>> <action id="org.archlinux.pkexec.gparted">
>> <message>Authentication is required to run the GParted Partition Editor</message>
>> <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/gparted</annotate>
>> <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
> This is a polkit action file to be put in /usr/share/polkit-1/actions
> directory. As written, it would go in that directory with the name
> What I haven't been able to find is the answer to the following
> question. Does it matter that part of the name would be "org.archlinux"
> or is this just a name and doesn't refer to anything else on my system.
> There are only two "org's" in the actions I have now: freedesktop and
> xorg. Both of those have things installed on my system. If it's just a
> name, then I don't have to consider anything else.
This matters little. You could use any valid domain name or no at all.
See https://bbs.archlinux.org/viewtopic.php?pid=999328#p999328, for
nearly the same rule they used org.freedesktop...
> In addition to GParted, I would like to employ this method for the
> Catalyst Control Center for my ATI-Radeon chip.
You have to edit both .desktop files and add "pkexec /path/to/program"
to the Exec= line. Do note that using pkexec requires an authentication
agent to be running, such as polkit-gnome or lxpolkit.
The file you mentioned is necessarry because pkexec won't allow running
gui programs by default.
Note: My last name is not Krejzi.
More information about the blfs-support