To be a bit snarky, polkit is freedesktop dbus centric (and thus over-engineered) reimplementation of sudo for the GUI.
It uses a session tracker (used to be Consolekit, these days it is systemd-logind) to tell if something is running under an active user session and, and checks that against a bunch of rules (stored in XML, natch) to see if what is being attempted is allows (and if not, spawn a password prompt so the user can elevate their privileges).
If you want to do anything "complicated" like powering down your PC by clicking a button in your DE of choice you need polkit (and entourage) to be present these days.
Its one of those CADT things that seems to lead to "year of the (linux) desktop" never happening.
It uses a session tracker (used to be Consolekit, these days it is systemd-logind) to tell if something is running under an active user session and, and checks that against a bunch of rules (stored in XML, natch) to see if what is being attempted is allows (and if not, spawn a password prompt so the user can elevate their privileges).
If you want to do anything "complicated" like powering down your PC by clicking a button in your DE of choice you need polkit (and entourage) to be present these days.
Its one of those CADT things that seems to lead to "year of the (linux) desktop" never happening.