10

I need to check if I have an usable polkit agent in a desktop-environment agnostic way.

Right now, what I'm doing is to check if a polkit agent is running, using a code like this:

ps aux | grep some-polkit-agent

where some-polkit-agent may be:

  • polkit-gnome-authentication-agent-1 (for gnome2 and gnome3-fallback)
  • polkit-kde-authentication-agent-1 (for kde)
  • polkit-mate-authentication-agent-1 (for mate)
  • lxpolkit (for lxde)

The "no-fallback" gnome3 (gnome-shell) has its own polkit agent within the gnome-shell process itself, so I can't ps-grep it. What I assume is that if gnome-shell is running then the polkit agent is in place.

The problem comes when a system has hidepid enabled (see http://www.linux-dev.org/2012/09/hide-process-information-for-other-users/). This security measure makes that a ps doesn't show me any polkit agent running even if there is one.

Is there any better way that I can check for an usable polkit agent?

ivanalejandro0
  • 201
  • 1
  • 2
  • 4

3 Answers3

1

"I need to check if I have an usable polkit agent"

Presumably you want it to be usable for a specific process, either a process pid or since you cannot see pids, a system bus name?

In that case you could use "pkcheck" for the specific process and check its return value because the manual page for pkcheck says

   If the specificied process is not authorized because **no suitable**
   **authentication agent is available** or if the --allow-user-interaction
   wasn't passed, pkcheck exits with a return value of 2 and a diagnostic
   message is printed on standard error. Details are printed on standard
   output.
Polkit Blues
  • 11
  • 1
0

Agents register themselves to the polkit authority over dbus. If you could intercept their dbus traffic you would know exactly what agent is registered.

Umut
  • 412
  • 5
  • 9
-2

Based on this forum post, you need to install the policykit-desktop-privileges package.

Michael Mrozek
  • 91,316
  • 38
  • 238
  • 232
aryos
  • 9
  • 3