Jason White wrote:
Yes, exactly. Probably the closest analogue in (non-Android) Linux installations is PolicyKit under Gnome, and I'm not sure how that works in this regard.
It is easiest to think of polkit as basically sudo, except instead of a setuid binary, it's a setuid daemon, and you request privilege escalation with wacky dbus XML IPC, and it's configured with wacky XML instead of wacky LDAP objects. Makes you pine for chiark-really, doesn't it? My favourite part so far is /usr/share/polkit-1/actions# grep '<vendor>' * this> com.ubuntu.systemservice.policy: <vendor>SystemService</vendor> this> org.freedesktop.RealtimeKit1.policy: <vendor>Lennart Poettering</vendor> org.freedesktop.policykit.policy: <vendor>The PolicyKit Project</vendor> org.freedesktop.udisks.policy: <vendor>The udisks Project</vendor> org.gnome.clockapplet.mechanism.policy: <vendor>The GNOME Project</vendor> org.gnome.cpufreqselector.policy: <vendor>The GNOME Project</vendor> this> screenresolution-mechanism.policy: <vendor>Screen Resolution Extra</vendor>