Comment 33 for bug 1512002

mterry, charlesk, I took the liberty of subscribing you because I think it involves this commit:
https://code.launchpad.net/~mterry/indicator-messages/tell-accounts-services/+merge/93290

The issue is happening to me as well, on Ubuntu 16.04 gnome-flashback, in 2 cases:
1) sometimes when I try to unlock the screensaver,
2) sometimes when I login via ltsp thin/fat clients.

I think the problem is the one mentioned by khadgaray in https://bugs.launchpad.net/ubuntu/+source/indicator-messages/+bug/1192300.

I.e. that the system is trying to notify us if we have new mails etc, and that for some reason(s) it's considering us an "inactive user" (inactive means not in the active screen of the pc, either remote or in a screensaver etc) and thus we need authentication.

The necessary rights are defined in this file:
/usr/share/polkit-1/actions/org.freedesktop.accounts.policy

  <action id="org.freedesktop.accounts.change-own-user-data">
...
    <defaults>
      <allow_any>auth_self</allow_any>
      <allow_inactive>auth_self</allow_inactive>
      <allow_active>yes</allow_active>
    </defaults>
...

I think that if we change "<allow_inactive>auth_self</allow_inactive>"
to "<allow_inactive>yes</allow_inactive>",
we'll have a temporary workaround to the problem.

But the real issue is, should the system consider us "inactive" in the screen saver?
Should it consider us inactive in ltsp thin clients that are remote sessions?
Should it consider us inactive in ltsp fat clients where accountsservice doesn't have information about the remote user account? (similar with ldap)

If the answer to the above is yes, then maybe the workaround that I mentioned above should be committed to accountsservice?