Application attempting to perform privileged action?

Questions about applications and software
Forum rules
Before you post please read how to get help
Post Reply
eddie3000
Level 2
Level 2
Posts: 96
Joined: Mon Jun 24, 2013 2:11 pm

Application attempting to perform privileged action?

Post by eddie3000 » Fri Oct 18, 2019 2:51 am

Image

This is what I am getting for the past two days when I start the computer.

I just cancel it and nothing seems to happen.

I have not installed anything new, apart from linux mint updates.

I've googled around and found nothing specific to this on linux mint. Found lots of dropbox related stuff, and a couple other things but not exactly the same. The only google result that matches pretty exactly my search gives me a page not found 404 error.

Any clues on why this is happening? How can I figure what application is trying to do whatever it is it's trying to do? What should my course of action be?

Thank you very much.

gm10
Level 19
Level 19
Posts: 9827
Joined: Thu Jun 21, 2018 5:11 pm

Re: Application attempting to perform privileged action?

Post by gm10 » Fri Oct 18, 2019 2:59 am

See if this terminal command finds anything:

Code: Select all

grep pkexec ~/.config/autostart /etc/xdg/autostart -R
Also the authentication attempt plus the command that was initiating it will have been logged to /var/log/auth.log.
Tune up your LM 19.x: ppa:gm10/linuxmint-tools

eddie3000
Level 2
Level 2
Posts: 96
Joined: Mon Jun 24, 2013 2:11 pm

Re: Application attempting to perform privileged action?

Post by eddie3000 » Fri Oct 18, 2019 3:40 am

The portion of auth.log when I started my computer today shows this:

Code: Select all

Oct 18 07:04:21 frederic systemd-logind[1283]: New seat seat0.
Oct 18 07:04:22 frederic sshd[1635]: Server listening on 0.0.0.0 port 22.
Oct 18 07:04:22 frederic sshd[1635]: Server listening on :: port 22.
Oct 18 07:04:29 frederic mdm[1743]: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Oct 18 07:04:29 frederic mdm[1743]: PAM adding faulty module: pam_kwallet.so
Oct 18 07:08:10 frederic mdm[1743]: pam_succeed_if(mdm:auth): requirement "user ingroup nopasswdlogin" not met by user "frederic"
Oct 18 07:08:13 frederic mdm[1743]: pam_unix(mdm:session): session opened for user frederic by (uid=0)
Oct 18 07:08:13 frederic systemd-logind[1283]: New session c1 of user frederic.
Oct 18 07:08:13 frederic systemd: pam_unix(systemd-user:session): session opened for user frederic by (uid=0)
Oct 18 07:08:13 frederic mdm[1743]: pam_ck_connector(mdm:session): nox11 mode, ignoring PAM_TTY :0
Oct 18 07:08:15 frederic polkitd(authority=local): Registered Authentication Agent for unix-session:c1 (system bus name :1.35 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Oct 18 07:08:40 frederic sshd[1635]: Received SIGHUP; restarting.
Oct 18 07:08:40 frederic sshd[1635]: Server listening on 0.0.0.0 port 22.
Oct 18 07:08:40 frederic sshd[1635]: Server listening on :: port 22.
Oct 18 07:08:40 frederic sshd[1635]: Received SIGHUP; restarting.
Oct 18 07:08:40 frederic sshd[1635]: Server listening on 0.0.0.0 port 22.
Oct 18 07:08:40 frederic sshd[1635]: Server listening on :: port 22.
Oct 18 07:17:01 frederic CRON[4795]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 18 07:17:01 frederic CRON[4795]: pam_unix(cron:session): session closed for user root
Oct 18 07:18:36 frederic sudo:    frederic : TTY=unknown ; PWD=/home/frederic ; USER=root ; COMMAND=/usr/lib/linuxmint/mintUpdate/checkAPT.py
Oct 18 07:18:36 frederic sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 18 07:18:43 frederic sudo: pam_unix(sudo:session): session closed for user root
Oct 18 07:30:01 frederic CRON[5372]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 18 07:30:01 frederic CRON[5372]: pam_unix(cron:session): session closed for user root
On monday it showed this:

Code: Select all

Oct 14 07:17:01 frederic CRON[2063]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 14 07:17:01 frederic CRON[2063]: pam_unix(cron:session): session closed for user root
Oct 14 07:30:01 frederic CRON[2134]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 14 07:30:01 frederic CRON[2134]: pam_unix(cron:session): session closed for user root
Oct 14 07:31:56 frederic mdm[1696]: pam_succeed_if(mdm:auth): requirement "user ingroup nopasswdlogin" not met by user "frederic"
Oct 14 07:32:01 frederic mdm[1696]: pam_unix(mdm:session): session opened for user frederic by (uid=0)
Oct 14 07:32:01 frederic systemd-logind[1262]: New session c1 of user frederic.
Oct 14 07:32:01 frederic systemd: pam_unix(systemd-user:session): session opened for user frederic by (uid=0)
Oct 14 07:32:01 frederic mdm[1696]: pam_ck_connector(mdm:session): nox11 mode, ignoring PAM_TTY :0
Oct 14 07:32:02 frederic polkitd(authority=local): Registered Authentication Agent for unix-session:c1 (system bus name :1.38 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Oct 14 07:32:44 frederic sshd[1571]: Received SIGHUP; restarting.
Oct 14 07:32:44 frederic sshd[1571]: Server listening on 0.0.0.0 port 22.
Oct 14 07:32:44 frederic sshd[1571]: Server listening on :: port 22.
Oct 14 07:32:45 frederic sshd[1571]: Received SIGHUP; restarting.
Oct 14 07:32:45 frederic sshd[1571]: Server listening on 0.0.0.0 port 22.
Oct 14 07:32:45 frederic sshd[1571]: Server listening on :: port 22.
Oct 14 07:32:47 frederic sudo:    frederic : TTY=unknown ; PWD=/home/frederic ; USER=root ; COMMAND=/usr/lib/linuxmint/mintUpdate/checkAPT.py --use-synaptic 48234578
Oct 14 07:32:47 frederic sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 14 07:32:48 frederic sudo:     root : TTY=unknown ; PWD=/home/frederic ; USER=root ; COMMAND=/usr/sbin/synaptic --hide-main-window --update-at-startup --non-interactive --parent-window-id 48234578
Oct 14 07:32:48 frederic sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 14 07:33:12 frederic sudo: pam_unix(sudo:session): session closed for user root
Oct 14 07:33:12 frederic sudo: pam_unix(sudo:session): session closed for user root
Oct 14 07:33:53 frederic sudo:    frederic : TTY=unknown ; PWD=/home/frederic ; USER=root ; COMMAND=/usr/lib/linuxmint/mintSources/mintSources.py
Oct 14 07:33:53 frederic sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 14 07:34:05 frederic sudo: pam_unix(sudo:session): session closed for user root
Oct 14 07:34:14 frederic polkit-agent-helper-1[4034]: pam_ecryptfs: pam_sm_authenticate: /home/frederic is already mounted
Oct 14 07:34:14 frederic polkitd(authority=local): Operator of unix-session:c1 successfully authenticated as unix-user:frederic to gain ONE-SHOT authorization for action com.ubuntu.pkexec.synaptic for unix-process:4030:172563 [/bin/sh -c pkexec /usr/sbin/synaptic --hide-main-window --non-interactive --parent-window-id 48234578 -o Synaptic::closeZvt=true --progress-str "Please wait, this can take some time" --finish-str "Update is complete" --set-selections-file /tmp/tmpnkpy4sj8] (owned by unix-user:frederic)
Oct 14 07:34:14 frederic pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1000)
Oct 14 07:34:14 frederic pkexec: pam_systemd(polkit-1:session): Cannot create session: Already running in a session
Oct 14 07:34:14 frederic pkexec: pam_ck_connector(polkit-1:session): cannot determine display-device
Oct 14 07:34:14 frederic pkexec[4031]: frederic: Executing command [USER=root] [TTY=unknown] [CWD=/home/frederic] [COMMAND=/usr/sbin/synaptic --hide-main-window --non-interactive --parent-window-id 48234578 -o Synaptic::closeZvt=true --progress-str Please wait, this can take some time --finish-str Update is complete --set-selections-file /tmp/tmpnkpy4sj8]
"grep pkexec ~/.config/autostart /etc/xdg/autostart -R" returned nothing.

Code: Select all

frederic@frederic ~ $ grep pkexec ~/.config/autostart /etc/xdg/autostart -R
frederic@frederic ~ $ 



I guess it could be, but I ain't got the foggiest:

Code: Select all

Oct 18 07:04:29 frederic mdm[1743]: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Oct 18 07:04:29 frederic mdm[1743]: PAM adding faulty module: pam_kwallet.so
Oct 18 07:08:10 frederic mdm[1743]: pam_succeed_if(mdm:auth): requirement "user ingroup nopasswdlogin" not met by user "frederic"
Last edited by eddie3000 on Fri Oct 18, 2019 3:50 am, edited 1 time in total.

gm10
Level 19
Level 19
Posts: 9827
Joined: Thu Jun 21, 2018 5:11 pm

Re: Application attempting to perform privileged action?

Post by gm10 » Fri Oct 18, 2019 3:48 am

eddie3000 wrote:
Fri Oct 18, 2019 3:40 am
The portion of auth.log when I started my computer shows this:
There is no indication of that popup being shown in that part of the log. You need to cancel the popup window first and then check the log.
Tune up your LM 19.x: ppa:gm10/linuxmint-tools

eddie3000
Level 2
Level 2
Posts: 96
Joined: Mon Jun 24, 2013 2:11 pm

Re: Application attempting to perform privileged action?

Post by eddie3000 » Fri Oct 18, 2019 3:54 am

Just restarted and this is what there is after cancelling the poppup.

Code: Select all

Oct 18 09:51:59 frederic systemd-logind[1347]: New seat seat0.
Oct 18 09:52:00 frederic sshd[1638]: Server listening on 0.0.0.0 port 22.
Oct 18 09:52:00 frederic sshd[1638]: Server listening on :: port 22.
Oct 18 09:52:01 frederic sshd[1638]: Received SIGHUP; restarting.
Oct 18 09:52:01 frederic sshd[1638]: Server listening on 0.0.0.0 port 22.
Oct 18 09:52:01 frederic sshd[1638]: Server listening on :: port 22.
Oct 18 09:52:01 frederic sshd[1638]: Received SIGHUP; restarting.
Oct 18 09:52:01 frederic sshd[1638]: Server listening on 0.0.0.0 port 22.
Oct 18 09:52:01 frederic sshd[1638]: Server listening on :: port 22.
Oct 18 09:52:07 frederic mdm[1923]: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Oct 18 09:52:07 frederic mdm[1923]: PAM adding faulty module: pam_kwallet.so
Oct 18 09:52:09 frederic mdm[1923]: pam_succeed_if(mdm:auth): requirement "user ingroup nopasswdlogin" not met by user "frederic"
Oct 18 09:52:13 frederic mdm[1923]: pam_unix(mdm:session): session opened for user frederic by (uid=0)
Oct 18 09:52:13 frederic systemd-logind[1347]: New session c1 of user frederic.
Oct 18 09:52:13 frederic systemd: pam_unix(systemd-user:session): session opened for user frederic by (uid=0)
Oct 18 09:52:13 frederic mdm[1923]: pam_ck_connector(mdm:session): nox11 mode, ignoring PAM_TTY :0
Oct 18 09:52:14 frederic polkitd(authority=local): Registered Authentication Agent for unix-session:c1 (system bus name :1.37 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Oct 18 09:52:21 frederic polkitd(authority=local): Operator of unix-session:c1 FAILED to authenticate to gain authorization for action org.freedesktop.policykit.exec for unix-process:2362:2647 [/home/frederic/.dropbox-dist/dropbox-lnx.x86_64-83.4.152/dropbox] (owned by unix-user:frederic)
Oct 18 09:52:21 frederic pkexec[2664]: frederic: Error executing command as another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/frederic] [COMMAND=/bin/sh /tmp/tmpzo_dl_um]
Oct 18 09:52:22 frederic polkitd(authority=local): Operator of unix-session:c1 FAILED to authenticate to gain authorization for action org.freedesktop.policykit.exec for unix-process:2362:2647 [/home/frederic/.dropbox-dist/dropbox-lnx.x86_64-83.4.152/dropbox] (owned by unix-user:frederic)
Oct 18 09:52:22 frederic pkexec[2968]: frederic: Error executing command as another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/frederic] [COMMAND=/bin/sh /tmp/tmppbl1pgji]
Last edited by eddie3000 on Fri Oct 18, 2019 4:13 am, edited 1 time in total.

eddie3000
Level 2
Level 2
Posts: 96
Joined: Mon Jun 24, 2013 2:11 pm

Re: Application attempting to perform privileged action?

Post by eddie3000 » Fri Oct 18, 2019 3:56 am

Yes. It seems to be dropbox related!!

gm10
Level 19
Level 19
Posts: 9827
Joined: Thu Jun 21, 2018 5:11 pm

Re: Application attempting to perform privileged action?

Post by gm10 » Fri Oct 18, 2019 4:03 am

Indeed. I cannot tell you if that is legit but seems like a weird way of going about things if it is.
Tune up your LM 19.x: ppa:gm10/linuxmint-tools

eddie3000
Level 2
Level 2
Posts: 96
Joined: Mon Jun 24, 2013 2:11 pm

Re: Application attempting to perform privileged action?

Post by eddie3000 » Fri Oct 18, 2019 4:10 am

Thank you for helping look for the issue. I have very basic knowledge and I wouldn't have looked into auth.log without your help.

I use dropbox for personal use, but it quite often asks to update through it's own channel, not through mint update. I guess it's up to me to trust it or not. I guess it might be time to ditch it, just like I did with microsoft windows over a decade ago, and try and create my own personal cloud using some opensource solution like seacloud perhaps? Dunnow. I'll take a look at the options out there.

Thanks.

gm10
Level 19
Level 19
Posts: 9827
Joined: Thu Jun 21, 2018 5:11 pm

Re: Application attempting to perform privileged action?

Post by gm10 » Fri Oct 18, 2019 4:14 am

Happy to help. I'm not using dropbox so I'm not sure if that's the usual behaviour but I would guess you did not install dropbox from Software Manager? Software you installed from outside sources often is not configured to be updated through the regular channels.

If you're looking for suggestions about open-source cloud storage best create a new thread about that.
Tune up your LM 19.x: ppa:gm10/linuxmint-tools

eddie3000
Level 2
Level 2
Posts: 96
Joined: Mon Jun 24, 2013 2:11 pm

Re: Application attempting to perform privileged action?

Post by eddie3000 » Fri Oct 18, 2019 4:22 am

Thanks again.

Post Reply

Return to “Software & Applications”