Root tasks using dbus and policykit

Solution 1:

There's a fundamental concept you need to grasp first: PolicyKit only handles authorisation, not privilege escalation. PolicyKit will answer the question: "is the user authorised to do this task?", but it will not give you root privileges.

The commonly-used model is to create a DBus system service, which runs with root privileges. It will take requests from non-root processes, use PolicyKit to determine whether that process is authorised to make that request, and then do the task requested.

I wrote a tutorial on PolicyKit and DBus with Python on ubuntuforums.org a few years back. The principles are the same, although it might need some updating. I need to go to bed now, so have a look and let me know if it needs updating.