1
00:00:00,000 --> 00:00:10,000
In this video, you will learn about PolicyKit and PKXHack.

2
00:00:10,000 --> 00:00:11,000
So what is PolicyKit?

3
00:00:11,000 --> 00:00:16,959
Well, policy is for application, what sudo is for users, and it allows graphical applications

4
00:00:16,959 --> 00:00:19,840
to prompt for an administrator password.

5
00:00:19,840 --> 00:00:23,920
And that is convenient if you start a graphical application from a graphical environment as

6
00:00:23,920 --> 00:00:29,000
an ordinary user, but the graphical application needs sudo privileges.

7
00:00:29,000 --> 00:00:32,880
Well, PolicyKit can have it prompt for a password.

8
00:00:32,880 --> 00:00:38,320
So PolicyKit offers a framework that provides an authentication API, which is used by privileged

9
00:00:38,320 --> 00:00:42,639
programs to offer services to unprivileged programs.

10
00:00:42,639 --> 00:00:50,439
And it works with rules, and these rules are stored in the file etcpolkit1-rules.d.

11
00:00:50,439 --> 00:00:56,680
Check for instance the etcpolkit1-rules.d-50-default-rules file, which allows members of the wheel group

12
00:00:56,680 --> 00:01:00,799
to run commands with escalated privileges.

13
00:01:00,799 --> 00:01:06,040
The PKXHack command can be used as an alternative to sudo, and that allows you to run tasks

14
00:01:06,040 --> 00:01:08,760
with escalated privileges.

15
00:01:08,760 --> 00:01:14,519
PKXHack can be very convenient, because if ever you mess up by accident the etcsudoers

16
00:01:14,519 --> 00:01:19,239
file, you can always use PKXHack etcsudoers to repair it.

17
00:01:19,239 --> 00:01:25,120
Be careful not to make any typos, because PKXHack is not doing a consistency check.

18
00:01:25,120 --> 00:01:27,080
Let's check it out.

19
00:01:27,080 --> 00:01:29,720
So PolicyKit is a little bit more obscure.

20
00:01:29,720 --> 00:01:34,639
It's mainly working in the background, but it is very convenient for configuring access

21
00:01:34,639 --> 00:01:36,239
to graphical applications.