Code review comment for lp:~zyga/checkbox/fix-1299201

This looks OK in principle, but rather than just assuming polkit over ssh does not work at all, did we consider fixing the policy file? see comment in the bug, we can make everything auth_admin_keep:

<defaults>
      <allow_any>auth_admin_keep</allow_any>
      <allow_inactive>auth_admin_keep</allow_inactive>
      <allow_active>auth_admin_keep</allow_active>
</defaults>

This may require clearing with the security team, as the secure policy is the one we ship in Ubuntu, but barring their disapproval I think that's also a possible solution.

Still, it's good for the controller to not try doing something it can't, but I wonder if instead of blanket assuming we don't work over SSH, we could use pkcheck to actively verify this.