- pklocalauthority is deprecated
- You need systemd with logind and polkit.
Available actions
pkaction # or /usr/share/polkit-1/actions/
You should look at /usr/share/polkit-1/actions/org.freedesktop.login1.policy
Add rule
First start monitoring system messages, so we can see if our new rule works:
journalctl -f
Then create file /etc/polkit-1/rules.d/60-noreboot_norestart.rules
(in javascript).
In this file we add logic to check for actions and allow users
in power
group or require su
authorization:
polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.login1.reboot" || action.id == "org.freedesktop.login1.reboot-multiple-sessions" || action.id == "org.freedesktop.login1.power-off" || action.id == "org.freedesktop.login1.power-off-multiple-sessions") { if (subject.isInGroup("power")) { return polkit.Result.YES; } else { return polkit.Result.AUTH_ADMIN; } } });
Rule should be loaded and it should work. References below.