sys-auth/polkit is used to authorize a user to do a privileged operations like system shutdown or mounting a file system. polkit defines directories to drops configuration files into: pklocalauthority(8): /etc/polkit-1/localauthority /var/lib/polkit-1/localauthority polkit(8): /usr/share/polkit-1/actions Notice: There can be other paths, I do not guarantee I found all of them. E.g. sys-auth/polkit-0.104-r1 allows ordinary user to do a shutdown by default. I got bitten by polkit update which rewritten my tightened configuration on my terminal server. I propose putting sys-auth/polkit configuration directories into CONFIG_PROTECT profile variable in order to ensure such sensitive configuration will not change without notice.
Users are only supposed to override polkit configuration in /etc/polkit-1 and surely files in /etc go under the default config protection? Users are not supposed to edit anything in /usr/share/polkit-1 directly as everything can be done in /etc So I don't see a bug anywhere
Everything seems to be in order here: # emerge --info|grep CONFIG_PROT CONFIG_PROTECT="/etc
*** Bug 438790 has been marked as a duplicate of this bug. ***
man 8 polkit even draws 'a map' for it: +------------------+ | polkitd(8) | +------------------+ | org.freedesktop. | | PolicyKit1 |<---------+ +------------------+ | ^ | | +--------------------------------------+ | | /usr/share/polkit-1/actions/*.policy | | +--------------------------------------+ | +--------------------------------------+ | /etc/polkit-1/rules.d/*.rules | | /usr/share/polkit-1/rules.d/*.rules | +--------------------------------------+