Novell LINUX ENTERPRISE SERVER 11 - SECURITY Manual page 142

auth_admin_keep_always
user needs to authenticate with root password once, privilege is granted for the
current and for future sessions
Run set_polkit_default_privs to activate your settings.
Modifying Configuration Files for Explicit Privileges
Explicit privileges can be set in /etc/PolicyKit/PolicyKit.conf. This con-
figuration file is written in XML using the PolicyKit DTD. The file that is shipped with
SUSE Linux Enterprise Server already contains the necessary headers and the root ele-
ment <config>. Place your edits inside the <config> tags.
match
Specify an action or a user. match knows two attributes, user and action, but
only a single attribute is allowed. Use nested match statements to combine at-
tributes. POSIX Extended Regular Expressions are allowed as attribute values.
user=USER
action=policy
return
Specify the answer PolicyKit will return. Takes a single attribute, result=value
with one of the values listed under
Implicit Privileges"
define_admin_auth
Specify users or groups allowed to authorize with their own password where nor-
mally the root password would be required. Takes the attributes user=USER
or group=GROUP, but only one may be used at a time. Multiple attribute values
must be separated by "|", Extended POSIX Regular Expressions are not supported.
Applies to all policies when used at the top level, or to specific policies when used
within <match> statements.
128 Security Guide
Specify one or more login names. Separate multiple names by the "|" symbol.
Specify a policy by it's unique identifier. To get a list of all available policy
identifiers use the command polkit-action.
(page 126).
Section "Modifying Configuration Files for