You are not logged in.

Pages: 1 2

#26 2024-07-15 08:09:29

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 72,429

Re: Overriding polkit actions

To verify that this principally works (in this case for pkexec) and store the authentication across instances, configuring the pkexec policy would not be expected to impact run0 but it proves that the issue isn't on your side.

why bother configuring sudoers if run0 is enough for someone's use case

Because you then have to bother configuring polkit tongue
You do understand that systemd-run does WAY more than just the privilege escalation?
(compare "dbus-monitor --system" for pkexec and run0)

I'd also not be surprised if the context isolation provided by systemd-run systematically prevents the use of polkit cookies to re-use previous authentication.

https://www.osnews.com/story/139490/run … -for-sudo/
File a bug, asking "where is the documentation for this?" - lennart said run0 is much easier than sudo because sudoers is complicated and run0 uses polkit. Which seems an odd experience.

Tbf, he also said run0 is more like a local ssh and not like sudo at all (not a very coherent position, but hey)

For the moment I'd not waste any time in trying to understand run0 - I doubt lennart knows what it's supposed to be and systemd is preparing an unconditional local ssh socket if you've openssh installed, what makes it incredibly likely that all of this is still in flux.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Online

#27 2024-07-16 07:56:14

Cvlc
Member
Registered: 2020-03-26
Posts: 295

Re: Overriding polkit actions

Ok thanks, I'll report back here when I figure something out.

Have a good day !

[edit]
Just found that a similar bug report now exists :
https://github.com/systemd/systemd/issues/33366

Last edited by Cvlc (2024-07-16 07:57:02)

Offline

Pages: 1 2

Board footer

Powered by FluxBB