You are not logged in.

#1 2025-09-15 07:50:57

patkoscsaba
Member
Registered: 2024-07-16
Posts: 23

[Solved] Password not accepted for battery charge limits change in KDE

Hi everyone,

I am trying to set the "Start charging once below" value in KDE's settings Power Management -> Advanced Power Settings. It asks for my password, but then it does not accept it. I am sure I typed the password correctly.

I am sure in the past I could set this value, and I am sure it was set to 60%, but after some update in the past few months it reset to 100%. I observed it accidentally and now I cannot change the value.

Any idea why the password is not accepted? My password works just fine in any context (login, unlock, terminal, etc.).


Operating System: Arch Linux
KDE Plasma Version: 6.4.5
KDE Frameworks Version: 6.18.0
Qt Version: 6.9.2
Kernel Version: 6.16.7-arch1-1 (64-bit)
Graphics Platform: Wayland
Processors: 8 × Intel® Core™ Ultra 7 258V
Memory: 32 GiB of RAM (30.8 GiB usable)
Graphics Processor: Intel® Graphics
Manufacturer: LENOVO
Product Name: 21NS004QRI
System Version: ThinkPad X1 Carbon Gen 13

Last edited by patkoscsaba (2025-09-16 07:12:35)


Gigabyte Z890 Aorus Master Motherboard | Intel Core Ultra 9 285K | Corsair 128 GB RAM | Seagate 1TB M.2 | Seagate 2TB M.2 | Corsair 2TB M.2 | Intel Battlemage G21 [Arc B580]

Offline

#2 2025-09-15 14:24:15

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,177

Re: [Solved] Password not accepted for battery charge limits change in KDE

usr/share/polkit-1/actions/org.kde.powerdevil.chargethresholdhelper.policy

         <allow_inactive>no</allow_inactive>
         <allow_active>auth_admin_keep</allow_active>

How do you start plasma?

loginctl session-status
echo $DBUS_SESSION_BUS_ADDRESS

Offline

#3 2025-09-15 14:40:10

Scimmia
Fellow
Registered: 2012-09-01
Posts: 13,084

Re: [Solved] Password not accepted for battery charge limits change in KDE

Are you sure it's asking for *your* password? It should be asking for the root password AFAIK.

Offline

#4 2025-09-15 14:55:25

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,177

Re: [Solved] Password not accepted for battery charge limits change in KDE

It asks for an admin authorization, by default members of the wheel group.
https://wiki.archlinux.org/title/Polkit … identities

Speaking of which…

groups

Offline

#5 2025-09-15 15:55:23

Scimmia
Fellow
Registered: 2012-09-01
Posts: 13,084

Re: [Solved] Password not accepted for battery charge limits change in KDE

Right, root only by default but can be others. I just tried it, it specifically tells you the user it's asking to authenticate as.

Offline

#6 2025-09-15 17:05:11

patkoscsaba
Member
Registered: 2024-07-16
Posts: 23

Re: [Solved] Password not accepted for battery charge limits change in KDE

Wow. Thank you all for the many replies. I will answer all of you in a single message:
1. /usr/share/polkit-1/actions/org.kde.powerdevil.chargethresholdhelper.policy has the content as in your example
2. I start plasma with sddm systemd service
3.

[csaba@csaba-laptop ~]$ loginctl session-status
echo $DBUS_SESSION_BUS_ADDRESS
2 - csaba (1000)
  Since: Mon 2025-09-15 19:03:18 EEST; 52min ago
  State: active
 Leader: 722 (sddm-helper)
   Seat: seat0; vc1
    TTY: tty1
 Remote: no
Service: sddm
   Type: wayland
  Class: user
Desktop: KDE
   Idle: no
   Unit: session-2.scopeh
         ├─722 /usr/lib/sddm/sddm-helper --socket /tmp/sddm-auth-343e253e-5406-4c5a-8201-e2cccb4b7bed --id 1 --start "/usr/lib/plasma-dbus-run-session-if-ne>
         ├─767 /usr/bin/ksecretd --pam-login 12 13
         └─768 /usr/bin/startplasma-wayland

Sep 15 19:03:19 csaba-laptop systemd[1]: Started Session 2 of User csaba.
Sep 15 19:03:19 csaba-laptop sddm-helper[766]: pam_kwallet5: final socket path: /run/user/1000/kwallet5.socket
Sep 15 19:03:19 csaba-laptop sddm-helper[768]: Jumping to VT 1
Sep 15 19:03:19 csaba-laptop sddm-helper[768]: VT mode didn't need to be fixed
Sep 15 19:03:21 csaba-laptop ksecretd[767]: kf.wallet.ksecretd: Wallet failed to get opened by PAM, error code is -9

unix:path=/run/user/1000/bus

4.

[csaba@csaba-laptop ~]$ echo $DBUS_SESSION_BUS_ADDRESS
unix:path=/run/user/1000/bus 

5.

[csaba@csaba-laptop ~]$ groups
csaba wheel

6. When I click apply, it explicitly asks for my user's password

Some additional info. I didn't see this problem in other places where my password is asked.
I a also set sudoers to not ask for a password when I do sudo in terminal.

[csaba@csaba-laptop ~]$ cat /etc/passwd | grep csaba
csaba:x:1000:1000:Patkós Csaba:/home/csaba:/usr/bin/bash
[csaba@csaba-laptop ~]$ cat /etc/group | grep csaba
wheel:x:998:csaba
csaba:x:1000:
[csaba@csaba-laptop ~]$ cat /etc/sddm.conf
EnablePAM=true
[csaba@csaba-laptop ~]$ find /etc/pam.d/* | xargs -n 1 cat
#%PAM-1.0
auth            sufficient      pam_rootok.so
auth            required        pam_unix.so
account         required        pam_unix.so
session         required        pam_unix.so
password        required        pam_permit.so
#%PAM-1.0
auth            sufficient      pam_rootok.so
account         required        pam_permit.so
password        include         system-auth
#%PAM-1.0
auth            sufficient      pam_rootok.so
auth            required        pam_unix.so
account         required        pam_unix.so
session         required        pam_unix.so
password        required        pam_permit.so
auth            required        pam_unix.so
account         required        pam_unix.so
session         required        pam_unix.so
#%PAM-1.0
auth            sufficient      pam_rootok.so
account         required        pam_permit.so
password        include         system-auth
#%PAM-1.0

auth       include                     system-local-login

account    include                     system-local-login

password   include                     system-local-login

session    include                     system-local-login
#%PAM-1.0

auth       required                    pam_shells.so
auth       requisite                   pam_nologin.so
auth       requisite                   pam_faillock.so      preauth
-auth      required                    pam_fprintd.so       max-tries=10
auth       optional                    pam_permit.so
auth       required                    pam_env.so

account    include                     system-local-login

password   required                    pam_deny.so

session    include                     system-local-login
#%PAM-1.0

auth       requisite                   pam_nologin.so
auth       requisite                   pam_faillock.so      preauth
-auth      required                    pam_pkcs11.so        wait_for_card card_only
auth       required                    pam_shells.so
auth       optional                    pam_permit.so
auth       required                    pam_env.so

account    include                     system-local-login

password   required                    pam_deny.so

session    include                     system-local-login
#%PAM-1.0

auth       requisite    pam_nologin.so
auth       include      system-local-login
account    include      system-local-login
session    include      system-local-login
password   include      system-local-login
#%PAM-1.0
auth            sufficient      pam_rootok.so
account         required        pam_permit.so
password        include         system-auth
#%PAM-1.0
auth      required   pam_deny.so
auth      required   pam_warn.so
account   required   pam_deny.so
account   required   pam_warn.so
password  required   pam_deny.so
password  required   pam_warn.so
session   required   pam_deny.so
session   required   pam_warn.so
#%PAM-1.0
auth            include         system-auth
account         include         system-auth
password        include         system-auth
#%PAM-1.0

auth       required     pam_securetty.so
auth       requisite    pam_nologin.so
auth       include      system-remote-login
account    include      system-remote-login
session    include      system-remote-login
password   include      system-remote-login
#%PAM-1.0

auth    sufficient      pam_rootok.so
session include         system-login
#%PAM-1.0

auth    sufficient      pam_rootok.so
session include         system-login
#%PAM-1.0

# These two lines enable both password and fingerprint authentication for login
auth [success=1 new_authtok_reqd=1 default=ignore] pam_unix.so try_first_pass likeauth nullok nodelay
auth sufficient pam_fprintd.so nodelay max-tries=10

auth        include     system-login nodelay
-auth       optional    pam_gnome_keyring.so
-auth       optional    pam_kwallet5.so

account     include     system-login

password    include     system-login
-password   optional    pam_gnome_keyring.so    use_authtok

session     optional    pam_keyinit.so          force revoke
session     include     system-login
-session    optional    pam_gnome_keyring.so    auto_start
-session    optional    pam_kwallet5.so         auto_start
#%PAM-1.0
auth        required    pam_env.so
auth        required    pam_faillock.so preauth
auth        required    pam_shells.so
auth        required    pam_nologin.so
auth        required    pam_permit.so
-auth       optional    pam_gnome_keyring.so
-auth       optional    pam_kwallet5.so
account     include     system-local-login
password    include     system-local-login
session     include     system-local-login
-session    optional    pam_gnome_keyring.so auto_start
-session    optional    pam_kwallet5.so auto_start
#%PAM-1.0

# Load environment from /etc/environment and ~/.pam_environment
auth            required pam_env.so

# Always let the greeter start without authentication
auth            required pam_permit.so

# No action required for account management
account         required pam_permit.so

# Can't change password
password        required pam_deny.so

# Setup session
session         required pam_unix.so
session         optional pam_systemd.so
#%PAM-1.0

auth      include   system-remote-login
account   include   system-remote-login
password  include   system-remote-login
session   include   system-remote-login
#%PAM-1.0
auth            sufficient      pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth           sufficient      pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth           required        pam_wheel.so use_uid
auth            required        pam_unix.so
account         required        pam_unix.so
session         required        pam_unix.so
password        include         system-auth
#%PAM-1.0
auth            include         system-auth
account         include         system-auth
session         include         system-auth
#%PAM-1.0
auth            sufficient      pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth           sufficient      pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth           required        pam_wheel.so use_uid
auth            required        pam_unix.so
account         required        pam_unix.so
session         required        pam_unix.so
password        include         system-auth
#%PAM-1.0

#auth       required                    pam_faillock.so      preauth
# Optionally use requisite above if you do not want to prompt for the password
# on locked accounts.
-auth      [success=2 default=ignore]  pam_systemd_home.so
auth       [success=1 default=bad]     pam_unix.so          try_first_pass nullok nodelay
#auth       [default=die]               pam_faillock.so      authfail nodelay
auth       optional                    pam_permit.so
auth       required                    pam_env.so
#auth       required                    pam_faillock.so      authsucc
# If you drop the above call to pam_faillock.so the lock will be done also
# on non-consecutive authentication failures.

-account   [success=1 default=ignore]  pam_systemd_home.so
account    required                    pam_unix.so
account    optional                    pam_permit.so
account    required                    pam_time.so

-password  [success=1 default=ignore]  pam_systemd_home.so
password   required                    pam_unix.so          try_first_pass nullok shadow
password   optional                    pam_permit.so

-session   optional                    pam_systemd_home.so
session    required                    pam_limits.so
session    required                    pam_unix.so
session    optional                    pam_permit.so
#%PAM-1.0

auth      include   system-login
account   include   system-login
password  include   system-login
session   include   system-login
#%PAM-1.0

auth       required   pam_shells.so
auth       requisite  pam_nologin.so
auth       include    system-auth

account    required   pam_access.so
account    required   pam_nologin.so
account    include    system-auth

password   include    system-auth

session    optional   pam_loginuid.so
session    optional   pam_keyinit.so       force revoke
session    include    system-auth
session    optional   pam_lastlog2.so      silent
session    optional   pam_motd.so
session    optional   pam_mail.so          dir=/var/spool/mail standard quiet
session    optional   pam_umask.so
-session   optional   pam_systemd.so
session    required   pam_env.so
#%PAM-1.0

auth      include   system-login
account   include   system-login
password  include   system-login
session   include   system-login
#%PAM-1.0

auth      sufficient  pam_permit.so

account   include     system-auth

session   optional    pam_loginuid.so
session   required    pam_limits.so
session   required    pam_unix.so
session   optional    pam_permit.so
session   required    pam_env.so
#%PAM-1.0
auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so

Gigabyte Z890 Aorus Master Motherboard | Intel Core Ultra 9 285K | Corsair 128 GB RAM | Seagate 1TB M.2 | Seagate 2TB M.2 | Corsair 2TB M.2 | Intel Battlemage G21 [Arc B580]

Offline

#7 2025-09-15 18:34:44

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,177

Re: [Solved] Password not accepted for battery charge limits change in KDE

Keyboard yet?
https://wiki.archlinux.org/title/KDE#Pl … e_settings

In doubt try to change your password to sth. qwerty-safe like
Spaceballs-12345.jpg

Offline

#8 2025-09-16 06:26:16

patkoscsaba
Member
Registered: 2024-07-16
Posts: 23

Re: [Solved] Password not accepted for battery charge limits change in KDE

I tried to delete, log out, log in, reverify the file. The contents of the file is the same as before deletion. With my original password it is still not working.

[csaba@csaba-laptop ~]$ cat ~/.config/plasma-localerc 
[Formats]
LANG=en_US.UTF-8

Then I tried to change my password ... and that asks for the old password, and in that pop-up in KDE user settings, my current password is also not accepted. So, it seems like this issue appears in multiple places after all, not just the battery/charging settings.


Gigabyte Z890 Aorus Master Motherboard | Intel Core Ultra 9 285K | Corsair 128 GB RAM | Seagate 1TB M.2 | Seagate 2TB M.2 | Corsair 2TB M.2 | Intel Battlemage G21 [Arc B580]

Offline

#9 2025-09-16 06:35:58

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,177

Re: [Solved] Password not accepted for battery charge limits change in KDE

and that asks for the old password, and in that pop-up in KDE user settings

https://man.archlinux.org/man/passwd.1

Offline

#10 2025-09-16 06:45:52

patkoscsaba
Member
Registered: 2024-07-16
Posts: 23

Re: [Solved] Password not accepted for battery charge limits change in KDE

And then I changed my password with `passwd` from the CLI. I've set it to only letters and one space character, and I avoided any "y" or "z" in the password. It is still not working in popups on the battery page or on the change password page. The new password works in CLI or to log in on the SDDM login page without any issues.


Gigabyte Z890 Aorus Master Motherboard | Intel Core Ultra 9 285K | Corsair 128 GB RAM | Seagate 1TB M.2 | Seagate 2TB M.2 | Corsair 2TB M.2 | Intel Battlemage G21 [Arc B580]

Offline

#11 2025-09-16 06:58:17

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,177

Re: [Solved] Password not accepted for battery charge limits change in KDE

pkexec date

Offline

#12 2025-09-16 07:11:33

patkoscsaba
Member
Registered: 2024-07-16
Posts: 23

Re: [Solved] Password not accepted for battery charge limits change in KDE

I fixed the issue with Gemini AI. It seems like I was missing polkit-1 file for some reason.

[csaba@csaba-laptop ~]$ sudo tee /etc/pam.d/polkit-1 > /dev/null <<'EOF'
#%PAM-1.0
auth      include     system-login
account   include     system-login
password  include     system-login
session   include     system-login
EOF

Gigabyte Z890 Aorus Master Motherboard | Intel Core Ultra 9 285K | Corsair 128 GB RAM | Seagate 1TB M.2 | Seagate 2TB M.2 | Corsair 2TB M.2 | Intel Battlemage G21 [Arc B580]

Offline

#13 2025-09-16 07:14:57

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,177

Re: [Solved] Password not accepted for battery charge limits change in KDE

pacman -Qikk polkit
sudo LC_ALL=C pacman -Qkk | grep -v ', 0 altered files' | grep -v backup

Offline

Board footer

Powered by FluxBB