Re: Polkit-based authorization in OpenLMI providers

On 07/17/2014 10:55 AM, Radek Novacek wrote: > Hi, > > this is really great job. > > I have one question that came to my mind: > > What happens when there is already a polkit agent running in the system? > > Let's say I'm connecting to pegasus on my desktop computer where > polkit-kde- authentication-agent-1 is already running as part of desktop > session. Is it possible to have multiple agents running? Which one will > be used to authenticate the request? That's why our lmipolkitagent starts a new PAM session for a provider process. Each polkit agent is bound to a PAM session, therefore our polkit agent is used only for descendants of our CIM provider process and does not interfere with existing desktop or console polkit agents. Jan