Hardened rpm-ostree polkit rule. Is anything missing?


The current polkit rule is very broken

So this obviously has to change.

Could you look at the new file and tell if anything is missing? I am unsure if even less is really needed.


  • unprivileged users can use automatic updates and don’t even need to see them. This has to work everywhere also when remote logged in, or on a running system with no logged in user.
  • if you change the system, you need a password.
  • without a password nobody should be able to rebase, deploy, stop updates (fixing possible security vulnerabilities) etc.

This may break software stores without polkit password prompt. But I am honestly very much against encouraging layering RPMs in GUI software stores, as this is not even officially supported.

Do you find any loopholes that should also be behind a password? Or things that should be allowed?