| Documentation / Chapter 9. PolicyKit | ||||
|---|---|---|---|---|
 | 8.7. Miscellaneous Settings | 9.2. Authorization Types |  | |
| Documentation / Chapter 9. PolicyKit | ||||
|---|---|---|---|---|
| 8.7. Miscellaneous Settings | 9.2. Authorization Types | | |
Contents
Abstract
PolicyKit is an application framework that acts as a negotiator between the
unprivileged user session and the privileged system context. Whenever a
process from the user session tries to carry out an action in the system
context, PolicyKit is queried. Based on its configuration—specified in a
so-called “policy”—the answer could be
“yes”, “no”, or needs
authentication. Unlike classical privilege authorization
programs such as sudo, PolicyKit does not grant root permissions to an
entire process, following the “least privilege” concept.
At the moment, not all applications requiring privileges make use of PolicyKit. In the following the most important policies available on openSUSE® are listed.
| Set scheduling priorities for the PulseAudio daemon |
| Add, remove, edit, enable or disable printers |
| Modify system and mandatory values with GConf |
| Change the system time |
| Read and change privileges for other users |
| Modify defaults |
| Wake on LAN |
| Mount or unmount fixed, hotplugable and encrypted devices |
| Enable or disable WLAN |
| Enable or disable Bluetooth |
| Device access |
| Stop and restart the system |
