On Wednesday, February 16, 2022 6:01:48 PM EST Adam Williamson wrote:
I just tried this, actually, for giggles. Two reasons it's a
non-
starter: it prompts for the root password, not for my user password
(my user is an 'admin' so far as sudo etc. are concerned, but
apparently not an 'admin' so far as interactive pkexec is
concerned).
That is odd. I am never prompted for the root password for anything.
Maybe this is a policy difference between GNOME and KDE.
My supplemental groups:
wheel mock systemd-journal wireshark
I do not know the root password, it is intentionally a
24-character random string I would have to look up. And it prompts
with one of those goddamn 'secure' GNOME popovers which prevents you
accessing your password manager, so every time you hit one, you have
to cancel it, go to your password manager, copy the password it
wants, then trigger it again.
No way on earth I'm using that.
Again, in KDE, there is a prompt for MY password and it is only modal
as far as the pkexec command is concerned. I can open my password
manager before responding to the prompt (not that I need to, since it
wants my password -- not root's).
Anyway, until this discussion, I never knew there was a pkexec. I
note that pkexec will not operate correctly outside of my KDE session.
It prompts for my password from a terminal session and then fails with
$ pkexec ls
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ====
Authentication is needed to run `/usr/bin/ls' as the super user
Authenticating as: Garry T. Williams (garry)
Password:
polkit-agent-helper-1: error response to PolicyKit daemon:
GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
==== AUTHENTICATION FAILED ====
Error executing command as another user: Not authorized
This incident has been reported.
$
Of course, sudo will operate correctly without a desktop session. I
don't think I will be eager to use pkexec instead of sudo.
--
Garry T. Williams