pkexec asks for user-password, should be root-password [solved]
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
pkexec asks for user-password, should be root-password [solved]
I installed LMDE5 (32-bit, Gui is now XFCE) and unlocked root. Changed /etc/sudoers to ask for root-password and now sudo works as expected by me: sudo asks for the root-password.
But: pkexec asks for the user-password and I want pkexec to ask for the root-password as well. I searched the web and this machine the whole day, compared it even with another laptop with Mint-Ubuntu, where pkexec wants the root-password. The rules are the same, the files in /etc/polkit are the same.
I can not find the reason for this behaviour, can anyone give me a hint or point me to a solution?
Spielmops
But: pkexec asks for the user-password and I want pkexec to ask for the root-password as well. I searched the web and this machine the whole day, compared it even with another laptop with Mint-Ubuntu, where pkexec wants the root-password. The rules are the same, the files in /etc/polkit are the same.
I can not find the reason for this behaviour, can anyone give me a hint or point me to a solution?
Spielmops
Last edited by LockBot on Sat Jul 29, 2023 10:00 pm, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: pkexec asks for user-password, should be root-password
Answer:
If in /etc/polkit exists a file with the entry,
then you have to delete it. From then on the system asks for the root password.
Spielmops
If in /etc/polkit exists a file with the entry
Code: Select all
AdminIdentities=unix-group:sudo
then you have to delete it. From then on the system asks for the root password.
Spielmops
Re: pkexec asks for user-password, should be root-password [solved]
I would like to point out to any newbies reading the thread, pkexec should ask for the user/sudo password. That's how the operating system is designed. Indeed, by default, the root password isn't even enabled.
The OP wants to do it differently, and that's his prerogative, but it's not standard practice and shouldn't be imitated without good reason.
The OP wants to do it differently, and that's his prerogative, but it's not standard practice and shouldn't be imitated without good reason.
Re: pkexec asks for user-password, should be root-password [solved]
For newbies also:
The way of not having an administrator and letting the ordinary user do everything was eventually adopted by Windows Home. I grew up with versions of Linux that stayed on the safe side and strictly separated root and user. I've been working with Linux for 25 years and strangely enough there has never been a break-in to my computers. But I can imagine that nowadays the alternative facts count more...
Spielmops
The way of not having an administrator and letting the ordinary user do everything was eventually adopted by Windows Home. I grew up with versions of Linux that stayed on the safe side and strictly separated root and user. I've been working with Linux for 25 years and strangely enough there has never been a break-in to my computers. But I can imagine that nowadays the alternative facts count more...
Spielmops
Re: pkexec asks for user-password, should be root-password [solved]
Wish I had a nickel for every newbie who showed up on a user forum having broken their system because they followed confident-sounding advice from an experienced user. Your preference is not the design philosophy of this operating system. The implication of the thread title is plain wrong. And if someone modifies their polkit file as you suggest without also enabling the root account they will be unable to open GUI apps with elevated privileges. Meanwhile, not all users get sudo privileges. Giving those who do two hats doesn't make them any more careful, which is what really counts.
Re: pkexec asks for user-password, should be root-password [solved]
I did not modify my polkit-fileAnd if someone modifies their polkit file as you suggest
That is the reason, why I mentioned unlocking root first.they will be unable to open GUI apps with elevated privileges
Yes, you got that and I did too. That does not mean, that the philosophy of this OS is the best.Your preference is not the design philosophy of this operating system
The strict separating of /user/root was the philosophy 25 years ago, when I started with Linux. And at that time, setting up a separate home partition was always advised. And everywhere in the GUI it was just a simple click - just like in the browser. But all of that is now seen as wrong. So that Linux feels better for those switching from Windows?
Spielmops
Re: pkexec asks for user-password, should be root-password [solved]
Yes, I get it. You're smarter than the developers. You know how Linux should be done. Your way is the RIGHT way. Let's bear in mind, sudo has been around since approximately the Late Bronze Age. That you don't like it doesn't make it a bad thing. You are free, of course, to set up your system however you like. Doesn't mean anyone else should copy you. At least, now they have been warned. What they do from here is their choice also.
Apparently you need to have the last word. Knock yourself out. I've said what I have to say.
Apparently you need to have the last word. Knock yourself out. I've said what I have to say.
Re: pkexec asks for user-password, should be root-password [solved]
Alexa: play Laid Back with Bakerman.
Playing ....
Spielmops
Playing ....
If you would please read my post once again and carefully. I never said, that I know it better! I mentioned a different philosophy that was in place when Linux was introduced 25 years ago, and that's what developers came up with, not me.You′ve got to cool down
Take it easy
You've got to cool down
Relax take it easy
Slow down relax
Spielmops
Re: pkexec asks for user-password, should be root-password [solved]
I generally avoid posting when topic has been closed, but the previous debate has no real sense.
If pkexec asks for user password, it's because the creator of the polkit asked for it with a line similar to :
If he wanted root password, he'd have asked for it with, for example :
He probably chose the user_password to allow any user to perform the task managed by the polkit (e.g. open nemo with privileges or backup/restore a timeshift snap) and not only the superuser.
If pkexec asks for user password, it's because the creator of the polkit asked for it with a line similar to :
Code: Select all
<allow_active>auth_user_keep</allow_active>
Code: Select all
<allow_active>auth_admin_keep</allow_active>
Re: pkexec asks for user-password, should be root-password [solved]
Sorry, wrong! Within the polkit-rules in every rule only admins are allowed. It's the entry in /etc/polkit with sudo as described.