Cockpit currently uses accountsservice to modify user accounts. This doesn't work for when logged in as an admin-non-root user, even though accountsservice uses polkit for privilege escalation. The polkit policy is desktop centric and requires that the caller is logged in via an active monitor+keyboard seat.
Created attachment 98449 [details] [review] data: Fix desktop-centric polkit policy Change the polkit policy so accountsservice allows use of the DBus API by admin users that are not logged in via a monitor+keyboard. This includes users logged in via ssh or Cockpit.
Looks scary at first. But makes sense, I think.
Attachment 98449 [details] pushed as 74aa92e - data: Fix desktop-centric polkit policy Updated the patch to use 'auth_self' for changing own info, when not logged in on an active local session.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.