polkit-auth

Langue: en

Autres versions - même langue

Version: August 2007 (mandriva - 01/05/08)

Section: 1 (Commandes utilisateur)

Sommaire

NAME

polkit-auth - Manage authorizations

SYNOPSIS

polkit-auth [--obtain action] [--show-obtainable] [[--user user] --explicit] [[--user user] --explicit-detail] [[--user user] --grant action [--constraint constraint]*] [[--user user] --block action [--constraint constraint]*] [[--user user] --revoke action] [--version] [--help]

DESCRIPTION

polkit-auth is used to inspect, obtain, grant and revoke PolicyKit authorizations. If invoked without any options, the authorizations of the calling process will be printed.

OPTIONS

--obtain action

Attempt to obtain an authorization through authentication for the given action. This is only useful for implicit authorizations requiring authentication; e.g. when an appropriate stanza in the defaults section of the .policy file for the action specifies auth_*.
If an Authentication Agent (such as the one from PolicyKit-gnome) is available in the session, it will used for authentication unless the environment variable POLKIT_AUTH_FORCE_TEXT is set. If the environment variable POLKIT_AUTH_GRANT_TO_PID is set, the authorization will be granted to that process id instead of the invoking process (e.g. the shell from which polkit-auth is launched).

--show-obtainable

Prints all actions that can be obtained via authentication and for which an authorization does not exist.

[--user user] --explicit

Show explicit authorizations. Duplicates are not printed. If used with the --user option, the authorization org.freedesktop.policykit.read is required.

[--user user] --explicit-detail

Show detailed information about explicit authorizations. In contrast to the --explicit, duplicates are printed as several authorizations with different scope and constraints may exist.

[--user user] --grant action [--constraint constraint]*

Grant an authorization for an action. This is different than --obtain insofar that the defaults stanza of the .policy file is not consulted. Optionally, one or more constraints on the granted authorization can be specified; allowed values are: local, active. The authorization needed to grant authorizations is org.freedesktop.policykit.grant.

[--user user] --block action [--constraint constraint]*

Grant an negative authorization for an action. Negative authorizations are normally used to block users that would normally be authorized due to implicit authorizations. Optionally, one or more constraints on the granted negative authorization can be specified; allowed values are: local, active. The authorization needed to grant negative authorizations is org.freedesktop.policykit.grant if the "beneficiary" is another user.

[--user user] --revoke action

Revoke all authorizations for an action. If the user is not specified the calling user is used. The authorization org.freedesktop.policykit.revoke is needed to revoke authorizations from other users.

--version

Show version and exit.

--help

Show this information.

COMPLETION

PolicyKit ships with a collection of shell functions such that completion on users and actions works when using the bash(1) shell. For completion to properly work for polkit-auth, arguments should be entered in the order specified in this manual page; for example. --user should be specified before --revoke to complete only on the authorizations the given user has. Note that if the calling user lacks the org.freedesktop.policykit.read authorization, the completion function will fall back to completing on all registered actions.

BUGS

Please send bug reports to either the distribution or the hal mailing list, see http://lists.freedesktop.org/mailman/listinfo/hal. to subscribe.

SEE ALSO

PolicyKit(8), PolicyKit.conf(5), polkit-action(1)