My GUI will started as an user. There is an update-mechanism in the program, which calls a wrapper-script with root rights. For that i used gksudo, until i realized, that it is replaced by pkexec.
If i just replaced gksudo by pkexec it works quite fine. But i want to have an own message to the user. Therefore i have to modify or generate a xml-policy file in /usr/share/polkit-1/actions
My problem is, when i call
I'll get this prompt, which refers in Details-->Action to org.freedesktop.policykit.exec.
Do i have to place an action id-entry to this xml-file (org.freedesktop.policykit.exec) or do i have to create my own .policy file named com.myStuff.updater.policy into /usr/share/polkit-1/actions?
Or should i call my whole application in my .desktop-file with pkexec?
I strongly suggest creating your own
.policy file and leave
org.freedesktop.policykit.exec alone, for several reasons:
pkexec does not work as expected under certain circunstances, in Terminal, in
.desktop files, etc. This is actually a Gnome bug about double-fork.
With your own
.policy file you edit it at will and even configure it for password-less root privileges for your script! And that's a very interesting feature!
You could invoke your script simply using its name, as any other command, no need to prepend it with
sudo or anything so it would work anywhere.
You may use
gparted's policy file as a template.