pkttyagent

pkttyagent [OPTIONS]

--version
    Display version information and exit.

--help
    Display a help message and exit.

pkttyagent is a Polkit authentication agent designed for text-based environments (TTY/console). It registers itself with the system's D-Bus message bus to handle authorization requests from applications that use Polkit.

When a program requires administrative privileges or a specific authorization from the user (e.g., installing software, changing system settings, or performing actions requiring root access), and no graphical authentication agent is running, pkttyagent steps in. It provides a simple password prompt in the terminal where the user can enter their credentials to authorize the requested action. This allows Polkit-managed operations to be performed securely in environments without a graphical user interface, such as SSH sessions or virtual consoles.

Caveats and Limitations:
Requires a D-Bus session to be active for communication.
Only prompts on the TTY from which it was launched or the one associated with the process requesting authorization.
If a graphical Polkit agent is running (e.g., from a desktop environment), pkttyagent might not be used, as graphical agents typically take precedence.

pkttyagent relies heavily on D-Bus for communication. It registers itself as an authentication agent on the system bus. When a D-Bus client requests an action that requires authorization, the polkitd daemon checks if an agent is registered. If pkttyagent is the active agent, it receives the request and displays a password prompt to the user in the terminal.

Typically, pkttyagent is started as part of a user's session (e.g., by a display manager or shell startup script) to handle authorizations within that specific session. It runs in the background, waiting for authorization requests and acting only when needed.

Polkit (formerly PolicyKit) was developed by David Zeuthen at Red Hat. pkttyagent is an integral part of the Polkit framework, providing a necessary text-based authentication mechanism. Its development tracks with Polkit's evolution, becoming a standard component for privilege escalation and system policy management in Linux distributions, especially for server and command-line environments where graphical agents are not present. It fills the critical role of allowing privileged operations to be performed securely and with user consent in non-graphical environments.

polkit(8), pkexec(1), polkitd(8), dbus-daemon(1)