[Question/Feature Request] Use a custom PAM authentication service with Polkit
Problem
It looks like there is a hardcoded PAM service - polkit-1
- that polkit uses for authentication:
rc = pam_start ("polkit-1", // <--- here
user_to_auth,
...
It means that I cannot specify my own way of authentication (without changing global polkit-1
, which would affect everyone else in the system). So, I cannot create my own action that would use my own PAM service for authentication that would authenticate users based, for example, on (1) password and/or (2) Yubikey (there is pam_u2f.so
that I could potentially use).
Questions
- Is that true? Am I right?
- Are there some known workarounds? Maybe I can do something tricky in the polkit rules?