Comment 38 for bug 1824874

I know this is Ubuntu bug reporting tool, but I have the same problem on Fedora. I didn't find this bug reported on Fedora (I'll report it), but I'd like to add some observations for you, so maybe someone will be able to solve this annoying issue.
I use Yubikey to login to my Gnome desktop. Everything works fine until I run any program as root (e.g. virt-manager, disks). Then I'm asked to touch my Yubikey to authorize and to run the program as root. So far good.
But then I lock the screen (or it locks itself after 5 minutes). When I unlock the screen by touching the Yubikey I see the annoyuing dialog with message "System policy prevents management of the local virtualized systems".
I've checked /etc/pam.d/polkit-1 if it uses Yubikey for authentication

#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
session include system-auth

and /etc/pam.d/system-auth contains

auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth sufficient pam_fprintd.so
auth sufficient pam_u2f.so debug=1
auth sufficient pam_yubico.so id=1 debug=1
...

Login and other PAM modules use system-auth config as well. So I'd expect that polkit should work with this. But it doesn't. Maybe it need more configuration in other pam sections (account, password, session). I'm not PAM expert.

I hope this will help someone to find a fix.