Use polkit with Tails Server
Originally created by @segfault on #12255 (Redmine)
Tails Server does a lot of things that require higher privileges. Currently, the backend is executed as root. We should consider running it as its own user, and write polkit actions and policies to allow privileged actions.
Actions that require higher privileges:
- apt update, apt install
- systemctl start/stop
- write to service config files (e.g. sshd_config)
- rw access to /var/lib/tor and /var/lib/tails
- copy to persistent volume
- mount —bind, umount
Parent Task: #5688
To upload designs, you'll need to enable LFS. More information