Adam Williamson wrote:
Anyway, my point is not really pkexec vs. sudo for interactive use,
but
whether pkexec is actually needed by default on all of our editions for
non-interactive use. It's not an easy question to answer since our
packaging doesn't distinguish between something needing *polkit* and
something needing *pkexec*. Though from what we've found in this
thread, it seems like at least GNOME and KDE definitely do still need
it. I'm not enough of a domain expert to know if it's realistic to
rewrite everything in GNOME and KDE that relies on pkexec to use a
different mechanism.
Where have you seen KDE needing it? See my reply: KDE stuff should be using
kdesu, not pkexec.
The journal scan posted to the kde list by Garry T. Williams actually does
not contain a single invocation of pkexec. Those are all KAuth actions in
the org.kde.kcontrol.kcmsddm.* namespace. pkexec uses the
org.freedesktop.policykit.exec action. And none of the hits in Adrian
Sevcenco's ag scan are KDE software. (I don't know if any of those are on
the current KDE Spin, but they should not be.)
Kevin Kofler