On my 2 OpenSUSE Leap machines with XFCE, my main local user cannot shutdown
the machine without invoking shutdown as root ("sudo systemctl shutdown").

My goal was to change this to shutdown using "systemctl poweroff" without need
sudo (to what seems to be the standard freedesktop.org behavior
https://wiki.archlinux.org/index.php/allow_users_to_shutdown#Using_systemd-logind).

Upon trying to investigate the polkit config, log messages from
/etc/polkit-1/rules.d/90-default-privs.rules (with debug set to true) show
wrong values for subject.local and subject.active after running the command
"systemctl poweroff" in a terminal without sudo ("journalctl -b -u polkit"):

Sep 25 19:42:05 susedev polkitd[726]: Registered Authentication Agent for
unix-process:17272:8291653 (system bus name :1.240 [<unknown>], object path
/org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Sep 25 19:42:05 susedev polkitd[726]:
/etc/polkit-1/rules.d/90-default-privs.rules:977: [Subject pid=17272
user='myuser' groups=wheel,users seat='' session='' local=false active=false]
Sep 25 19:42:05 susedev polkitd[726]:
/etc/polkit-1/rules.d/90-default-privs.rules:981:
org.freedesktop.login1.power-off => auth_admin_keep
Sep 25 19:42:05 susedev polkitd[726]:
/etc/polkit-1/rules.d/90-default-privs.rules:977: [Subject pid=17272
user='myuser' groups=wheel,users seat='' session='' local=false active=false]
Sep 25 19:42:05 susedev polkitd[726]:
/etc/polkit-1/rules.d/90-default-privs.rules:981:
org.freedesktop.login1.power-off-ignore-inhibit => auth_admin_keep
Sep 25 19:42:05 susedev polkitd[726]:
/etc/polkit-1/rules.d/90-default-privs.rules:977: [Subject pid=17272
user='myuser' groups=wheel,users seat='' session='' local=false active=false]
Sep 25 19:42:05 susedev polkitd[726]:
/etc/polkit-1/rules.d/90-default-privs.rules:981:
org.freedesktop.login1.power-off-multiple-sessions => auth_admin_keep

you see Subject.local and active is false. for this reason the action used is
"auth_admin_keep" instead of "yes" (as configured in
/etc/polkit-default-privs.standard) and cant shutdown without sudo.

but the session doesn't seem bad - running "loginctl show-session
$XDG_SESSION_ID" in same terminal give:

Id=1
Name=myuser
Timestamp=Sat 2016-09-24 20:40:32 EDT
TimestampMonotonic=23382953
VTNr=7
Display=:0
Remote=no
Service=lightdm-autologin
Desktop=xfce
Scope=session-1.scope
Leader=1453
Audit=1
Type=x11
Class=user
Active=yes
State=active
IdleHint=no
IdleSinceHint=0
IdleSinceHintMonotonic=0

At this point I am lost as to why subject flags are wrong.