polkit/pkexec's user list

Kernels, Network, and Services configuration
Post Reply
Message
Author
CwF
Posts: 1115
Joined: 2018-06-20 15:16
Has thanked: 1 time
Been thanked: 4 times

polkit/pkexec's user list

#1 Post by CwF »

The question is how to rearrange pkexec's user list?

This is an academic exercise!

Note, nothing is broke, I have not dug in deep yet to answer this question, and this 'issue' would likely never be visible in typical usage. This installation is clean, though nowhere near virgin. It has lived multiple lives and been many things. It was born in a VM as Jessie and is now Bullseye. EVERYTHING has been changed more than once, derivatives are in service. Everything includes machine-id, all uuid's, disk, partition schemes, etc,etc.

Likely of relevance is that the user's have been rearranged. Going to disk and bare metal usage, I added a new user as 1000, moved the former to 1007. There are other users configured. It all works and was done when I moved this image to bullseye and unique-ified the image almost a year ago. It is current Bullseye now

I was looking at pkecxec's treatment of the mount command. Not really helpful or a step forward if the result is simply substituting 'sudo' for 'pkexec' on the command line. It doesn't look to me pkexec can replace sudo yet, a tangent to this issue, but where I was going.

Code: Select all

~/Desktop$  pkexec mount /dev/disk/by-label/tree ~/Public/tree
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/bin/mount' as the super user
Multiple identities can be used for authentication:
 1.  original,,, (original)
 2.  hosted user environment,2nd Floor,,,vm (hue)
 3.  ,,, (altadmin)
Choose identity to authenticate as (1-3): ^C
The above is not friendly to script automation! Anyway, (original) is not the new user 1000 but 1007. User 1001 and 1002 are correct. As it turns out, users are flat out missing. I looked at 'man pklocalauthority' and others and nothing mentions anything about this list choice. Note that everything works that has a policy file and whatever to not suffer this particular ambiguity.

It looks to me pkexec's user list is a snapshot upon install and any tools to add/change users or their uid's never propagates back to polkits user list. Any ideas?

CwF
Posts: 1115
Joined: 2018-06-20 15:16
Has thanked: 1 time
Been thanked: 4 times

Re: polkit/pkexec's user list

#2 Post by CwF »

Well, I found some postings years old about the irritation of having users listed to begin with...Not an issue really, like showing the asterisk on passwords...and apparently I know how to obscure the list, just not update the list.

when I get back in there, maybe package re-config or reinstall. maybe I'll ignore it.

Post Reply