since there was no answer to this question I did some research and figured out how this works.
- If a GUI application requires "Privileged Access" it talks with polkit
- Plokit stores the configuration in
/etc/polkit-1/localauthority.conf.d/
So I read through the configuration set in the system, and it look pretty reasonable to me
/etc/polkit-1/localauthority.conf.d/50-localauthority.conf tells
[Configuration]
AdminIdentities=unix-user:0
and etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf tells
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin
That's it. So since 51-ubuntu-admin.conf should overwrite 50-localauthority.conf mebers of admin and sudo groups should be ask when "Privileged Access" is needed
But my user joe is member of sudo and I get ask for the root user, like configured in 50-localauthority.conf
So I don't understand why it is not doing as it should.
But OK, I don't care and create my own overwrite 60-local-admin.conf and make it look like:
[Configuration]
AdminIdentities=unix-user:joe
And vola. It works. The system asks for user joes password whenever "Privileged Access" is needed since then.
I have now three files, and the last one is the one that counts.
Maybe some one else can use this as well
Bye