polkit

Check action authorization

$ pkcheck --action-id [action] --process [pid]

$ pkaction

$ pkexec [command]

polkit [options]

polkit (PolicyKit) is an authorization framework that allows non-privileged processes to communicate with privileged ones. It provides fine-grained control over system-wide privileges, enabling desktop applications to perform administrative tasks with proper user authorization.
Unlike sudo which grants full root access, polkit defines specific actions (like mounting disks or changing network settings) and policies controlling who can perform them. The framework consists of pkexec (execute privileged commands), pkaction (list actions), and pkcheck (check authorization).

pkcheck

Check authorization.

List actions.

Execute privileged command.

/usr/share/polkit-1/actions/

System-wide policy action definition files in XML format.

Local authorization rules in JavaScript format (polkit >= 0.106).

Legacy .pkla authorization files for older polkit versions.

Desktop integration. Requires polkitd daemon. See individual commands.

PolicyKit was created by Red Hat for fine-grained authorization control.

pkexec(1), pkaction(1), polkitd(8)