Bug 15124

I seem to recall something different is written when root password is asked.
Anyway this is an upstream implementation of KDE polkit agent.

CC: (none) => anaselli

Yes, when the password should the root's one, the question is explicit.
But in this case, the password to provide is the user's one.
Perhaps a translation issue? 
I refer to the French language.

The "problem" is in polkit; it is not a translation problem. The original string is "An application is attempting to perform an action that requires privileges. 
Authentication is required to perform this action."

A French translator propose to use workaround to make clearer the French translation but the "issue" should be the same in all languages.
So, the request should be done upstream on https://bugs.kde.org
Papoteur, if you want to open a bug report there, please do it :D

CC: (none) => olivier.delaune

The bug is already reported since 2011 :(
https://bugs.kde.org/show_bug.cgi?id=271147
I have no KDE account. Someone to reactivate it ?

done

Mageia 4 changed to end-of-life (EOL) status on 2015-09-19. It is is no longer 
maintained, which means that it will not receive any further security or bug 
fix updates.

Package Maintainer: If you wish for this bug to remain open because you plan to 
fix it in a currently maintained version, simply change the 'version' to a later 
Mageia version.

Bug Reporter: Thank you for reporting this issue and we are sorry that we weren't 
able to fix it before Mageia 4's end of life. If you are able to reproduce it 
against a later version of Mageia, you are encouraged to click on "Version" and 
change it against that version of Mageia. If it's valid in several versions, 
select the highest and add MGAxTOO in whiteboard for each other valid release.
Example: it's valid in cauldron and Mageia 5, set to cauldron and add MGA5TOO.

Although we aim to fix as many bugs as possible during every release's lifetime, 
sometimes those efforts are overtaken by events. Often a more recent Mageia 
release includes newer upstream software that fixes bugs or makes them obsolete.

If you would like to help fixing bugs in the future, don't hesitate to join the
packager team via our mentoring program [1] or join the teams that fit you 
most [2].

[1] https://wiki.mageia.org/en/Becoming_a_Mageia_Packager
[2] http://www.mageia.org/contribute/

Nothing new in KDE report.

Whiteboard: (none) => MGA5TOO

IMHO this is not really a Mageia issue, but an upstream issue as the presentation will be different for each polkit agent that we package currently. But I totally agree, those authorisation dialogs are horrible, and most times they don't even explain if they want the user or root password, might might be a security issue to others (think phishing for root password).


Would be a good idea if someone could provide some GOOD examples of polkit dialogs asking for authorisation (making clear, which program is asking which permission to runs as what user, and hence which password should be provided) and then we can discuss how to fix this. Maybe we need to drop some polkit agents or prefer some that do a better job at this then others. 

Also the details section on those dialogs should not hide essential information, like which user is affected and what program asks for authorisation.

Some good examples:
http://www.freedesktop.org/software/polkit/docs/0.105/pkexec-frobnicate.png
http://www.freedesktop.org/software/polkit/docs/0.105/polkit-authentication-agent-example-wheel.png
http://i.stack.imgur.com/IQCQb.jpg
http://i.stack.imgur.com/hjwkP.png

Some not-so-good examples IMHO:
http://www.freedesktop.org/software/polkit/docs/latest/polkit-authentication-agent-example.png
http://www.mupuf.org/images/auth-ui/linux-polkit-2.png

Most can be found at https://commons.wikimedia.org/wiki/Category:Polkit

FWIW, e.g. if you run "drakconf" the KDE polkit agent dialog that will be displayed shows up all that information, that Mageia Control Center will be run, and that it needs the root password for that.

Whiteboard: MGA5TOO => (none)
Version: 4 => 5
CC: (none) => doktor5000

Hello,
I don't think that problem is upstream.
For mgaupdate, the message comes from our repository, for what I understand:
http://gitweb.mageia.org/software/mgaonline/tree/polkit/org.mageia.mgaupdate.policy.in
Thus, we have just to change the sentence here:
from
    <_description>Run Mageia Updater</_description>
    <_message>Authentication is required to run Mageia Updater</_message>
to 
    <_description>Run Mageia Updater</_description>
    <_message>Authentication as user is required to run Mageia Updater</_message>

I will commit this change on git.
There is a need to update translations too.

Created attachment 7091 [details]
Add indication of user as password owner for polkit agent

What if it's configured to require root user? Will the message be different?

(In reply to Samuel VERSCHELDE from comment #11)
> What if it's configured to require root user? Will the message be different?

Where can it be configured to ask for root's password?
I found anything in msec.

(In reply to papoteur from comment #12)
> Where can it be configured to ask for root's password?
> I found anything in msec.

In draksec: http://doc.mageia.org/mcc/5/en/content/draksec.html

Thanks Florian,
The window will be the same for each case :/
But I think it is better that the message is related to the default behaviour.
Furthermore, when the password is false, we get a new window which ask:
- for the root password in case of root privileges needed, explicitly,
- for the password in case of user privileges, with any other information.

Hello,

Maybe the following patch might display the requested username from the kde polkit agent.

source used for the creating the AuthDialog.cpp patch 
https://invent.kde.org/plasma/polkit-kde-agent-1/-/archive/Plasma/5.15/polkit-kde-agent-1-Plasma-5.15.zip

CC: (none) => joe_c_moi

Created attachment 11752 [details]
Patch AuthDialog.cpp for Kde Polkit agent

Should be fixed with upcoming polkit-kde-agent-1-5.19.4-2.mga8 for Cauldron and upcoming polkit-kde-agent-1-5.15.4-1.1.mga7 for mga7 in Core/Updates_testing repo!

Please test both if possible, thanks in advance.

CC: (none) => geiger.david68210

SRPM: polkit-kde-agent-1-5.15.4-1.1.mga7

Advisory:

The polkit-kde-agent packaged has been patched to have it show which user's
password (the logged in user, or root) that it is asking for when PolicyKit
is being used to allow the user to perform a privileged action.

Assignee: mageiatools => qa-bugs
Source RPM: mgaonline => polkit-kde-agent-1-5.15.4-1.mga7.src.rpm
Whiteboard: MGA7TOO => (none)
Version: Cauldron => 7

Ran MageiaUpdate, polkit dialog popped up asking for a password but didn't say whose.  Installed this update candidate, logged out and back in (to restart polkit agent), ran MageiaUpdate, and now it asked for "Password for david:" which is the intended result.  Validating.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update
Whiteboard: (none) => MGA7-64-OK

List of packages:

Packages in 7/core/updates_testing:
========================
polkit-kde-agent-1-5.15.4-1.1.mga7.i586.rpm
polkit-kde-agent-1-5.15.4-1.1.mga7.x86_64.rpm

Source RPM: 
========================
polkit-kde-agent-1-5.15.4-1.1.mga7.src.rpm

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2020-0197.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED