Polkit and local serial consoles

Are serial consoles considered local by polkit? Could that be configured e.g. via /etc/securetty?

Asked By: kirjosieppo


As far as I’ve understood, a session is considered as local by polkit if it is associated with a local seat. By default, seat0 is the only existing seat.

You can view the devices associated with a seat by e.g.:

loginctl seat-status seat0

To associate a device with a seat, it should have a udev tag seat added to it in udev rules.

You can view the udev tags of a device with e.g.:

udevadm info -q property --property=TAGS,CURRENT_TAGS -n /dev/ttyS0 

By default, TTY devices (and thus serial consoles) don’t seem to be associated with any seats, so a serial console login will be no different from a remote SSH login, as far as polkit is concerned.

Answered By: telcoM
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.