with polkit 0.113 I find that if I try to open the drakconf gui from the menu icon the "Authentication is required" dialog does not accept the valid password. It keeps rejecting it and then exits after 3 attempts Rebooting fixes the problem for a while, but then it recurs. Doing a systemctl restart polkit does not help. It does not fix it. I can get to drakconf via the console either by opening a root console or doing a "kdesu drakconf" from the console. If I do "gksu drakconf" then I have the same problem. My installed packages are: polkit-kde-agent-1-0.99.0-6.mga4 mate-polkit-1.6.1-2.mga4 gksu-polkit-0.0.3-0.git20131130.9.mga4 lib64polkit-gir1.0-0.113-1.mga4 lib64polkit1_0-0.113-1.mga4 lib64mate-polkit1_0-1.6.1-2.mga4 polkit-desktop-policy-0.113-1.mga4 lib64gksu-polkit0-0.0.3-0.git20131130.9.mga4 lib64polkit-qt-core-1_1-0.112.0-1.mga4 lib64polkit-qt-agent-1_1-0.112.0-1.mga4 polkit-0.113-1.mga4 I have repeated this behavior twice now after rebooting.
Which Desktop environment do you use? Do you use a non-US keyboard?
CC: (none) => marja11, tarakbumba
I have both kde and gnome installed but use KDE as the primary environment with a US Keyboard. Installed kde packages are: kdepasswd-4.12.5-1.2.mga4 telepathy-kde-filetransfer-handler-0.7.0-1.mga4 libkdegames-corebindings-4.12.5-1.mga4 polkit-kde-agent-1-0.99.0-6.mga4 lib64kdevplatformdocumentation7-1.6.0-2.mga4 kdevelop4-php-1.6.0-0.1.mga4 lockdev-1.0.4-0.120111007git.8.mga4 lib64akonadi-kde4-4.12.5-1.mga4 kdegraphics-thumbnailers-4.12.5-1.mga4 lib64kdevplatformshell7-1.6.0-2.mga4 kdevelop4-4.6.0-1.mga4 libkdeui5-4.12.5-1.1.mga4 kdenetwork-filesharing-4.12.5-1.mga4 Default-kde4-config-4-0.20140914.1.mga4 kdelibs4-handbooks-4.12.5-1.1.mga4 lib64kdevplatformproject7-1.6.0-2.mga4 lib64kdepim4-4.12.5-1.mga4 lib64kdevplatformshell6-1.4.1-2.mga3 cairo-dock-kde-integration-3.2.1-2.mga4 telepathy-kde-common-internals-core-0.7.0-1.mga4 lib64kdevplatforminterfaces7-1.6.0-2.mga4 telepathy-kde-text-ui-0.7.0-1.mga4 lib64kdevplatformvcs6-1.4.1-2.mga3 kde-l10n-handbooks-en_GB-4.12.5-1.mga4 kdebase4-runtime-handbook-4.12.5-1.4.mga4 lib64kdegamesprivate1-4.12.5-1.mga4 libobasis4.4-kde-integration-4.4.4.3-3 task-kde4-minimal-4.12.5-1.mga4 mageia-theme-kde-background-1.5.0.37-2.mga4 kdebase4-common-4.12.5-1.2.mga4 lib64kdevplatformlanguage7-1.6.0-2.mga4 kdevplatform4-1.6.0-2.mga4 mageia-kde-translation-1-4.mga4 lib64kdevplatformoutputview6-1.4.1-2.mga3 kdebase4-workspace-handbooks-4.11.14-1.mga4 lib64kdefakes5-4.12.5-1.1.mga4 kdegraphics-strigi-analyzer-4.12.5-1.mga4 kdeartwork4-kscreensaver-4.12.5-1.mga4 akonadi-kde-4.12.5-1.mga4 lib64kdevplatformutil6-1.4.1-2.mga3 lib64kdepim-copy4-4.12.5-1.mga4 lib64kdevplatformvcs7-1.6.0-2.mga4 lib64lockdev1-1.0.4-0.120111007git.8.mga4 kdenlive-0.9.6-3.mga4 telepathy-kde-integration-module-0.7.0-1.mga4 lib64kdevplatformdebugger7-1.6.0-2.mga4 python-kde4-4.12.5-1.mga4 libkdecore5-4.12.5-1.1.mga4 kdebase4-workspace-plasma-config-4.11.14-1.mga4 lib64kdesu5-4.12.5-1.1.mga4 kdepim4-core-4.12.5-1.mga4 lib64kdevplatformproject6-1.4.1-2.mga3 kdelibs4-core-4.12.5-1.1.mga4 kdebase4-workspace-4.11.14-1.mga4 telepathy-kde-contact-list-0.7.0-1.mga4 lib64kdevplatformutil7-1.6.0-2.mga4 kdepasswd-handbook-4.12.5-1.2.mga4 lib64kdevplatforminterfaces6-1.4.1-2.mga3 lib64kdeui5-4.12.5-1.1.mga4 lib64kdecore5-4.12.5-1.1.mga4 kdepimlibs4-handbooks-4.12.5-1.mga4 lib64kdevplatformoutputview7-1.6.0-2.mga4 kde4-audiocd-4.12.5-1.mga4 libkdegames-common-4.12.5-1.mga4 kde4-audiocd-handbook-4.12.5-1.mga4 telepathy-kde-auth-handler-0.7.0-1.mga4 mlt-kdenlive-0.9.0-2.mga4 lib64kdewebkit5-4.12.5-1.1.mga4 xsettings-kde-0.12.3-3.mga4 telepathy-kde-approver-0.7.0-1.mga4 lib64kdevplatformdocumentation6-1.4.1-2.mga3 telepathy-kde-desktop-applets-0.7.0-1.mga4 kdesdk-strigi-analyzers-4.12.5-1.mga4 lib64kdegames6-4.12.5-1.mga4 telepathy-kde-send-file-0.7.0-1.mga4 kdepim4-kresources-4.12.5-1.mga4 kde4-nsplugins-4.12.5-1.2.mga4 kdepimlibs4-core-4.12.5-1.mga4 lib64kdevplatformdebugger6-1.4.1-2.mga3 kde-odf-thumbnail-1.0.0-6.mga4 kdegraphics-mobipocket-4.12.5-1.mga4 kde-l10n-en_GB-4.12.5-1.mga4 lib64kdepimdbusinterfaces4-4.12.5-1.mga4 kde-l10n-en_US-4.12.5-1.mga4 lib64kdeclarative5-4.12.5-1.1.mga4 kdebase4-runtime-4.12.5-1.4.mga4 lib64kdecorations4-4.11.14-1.mga4 telepathy-kde-accounts-kcm-0.7.0-1.mga4 lib64kde3support4-4.12.5-1.1.mga4 kdevelop4-php-docs-1.6.0-1.mga4 mageia-kde4-config-common-4-0.20140914.1.mga4 lib64kdevplatformlanguage6-1.4.1-2.mga3
Thx for the feedback. The "Rebooting fixes the problem for a while, but then it recurs" is very puzzling. Do you see anything funny in the systemlogs? To see the log from since you booted, run (as root) systemctl -b to follow what gets added to the log, run (as root): journalctl -f Or just attach the output to this report, and tell * at what time in the log you noticed it still worked well and * at what time you noticed the bug occurs again
CC: (none) => mageia
(In reply to Marja van Waes from comment #3) > Thx for the feedback. > > The "Rebooting fixes the problem for a while, but then it recurs" is very > puzzling. > > Do you see anything funny in the systemlogs? > To see the log from since you booted, run (as root) > > systemctl -b Oops , that should be journalctl -b > > to follow what gets added to the log, run (as root): > > journalctl -f > > Or just attach the output to this report, and tell > * at what time in the log you noticed it still worked well and > * at what time you noticed the bug occurs again
Here goes. I last booted July 8 at 14:43. From the boot log getting to drakconf gui was working with polkit with the following messages: Jul 09 17:55:28 localhost.localdomain pkexec[14006]: pam_tcb(polkit-1:session): Session opened for root by (uid=500) Jul 09 17:55:28 localhost.localdomain pkexec[14006]: leon: Executing command [USER=root] [TTY=unknown] [CWD=/] [COMMAND=/usr/libexec/urpmi.update Core 32bit Backports] It starts to fail on July 9 at 19:39 with the following messages: Jul 09 19:39:33 localhost.localdomain polkit-agent-helper-1[19258]: pam_tcb(polkit-1:auth): Authentication failed for leon from (uid=500) Jul 09 19:39:40 localhost.localdomain polkit-agent-helper-1[19262]: pam_tcb(polkit-1:auth): Authentication failed for leon from (uid=500) Jul 09 19:39:45 localhost.localdomain polkitd[27249]: Operator of unix-session:c1 FAILED to authenticate to gain authorization for action org.mageia.drakconf.pkexec.run for unix-process:19253:10387479 [/usr/bin/perl /usr/bin/drakconf] (owned by unix-user:leon) Jul 09 19:39:45 localhost.localdomain pkexec[19256]: leon: Error executing command as another user: Not authorized [USER=root] [TTY=unknown] [CWD=/home/leon] [COMMAND=/usr/libexec/drakconf] Jul 09 19:39:57 localhost.localdomain su[19321]: pam_tcb(su:auth): Authentication passed for root from leon(uid=500) Jul 09 19:39:57 localhost.localdomain su[19321]: (to root) leon on pts/1 Jul 09 19:39:57 localhost.localdomain su[19321]: pam_tcb(su:session): Session opened for root by leon(uid=500) Jul 09 19:40:06 localhost.localdomain systemd[1]: Stopping Authorization Manager... Jul 09 19:40:06 localhost.localdomain systemd[1]: Starting Authorization Manager... Jul 09 19:40:06 localhost.localdomain polkitd[19371]: Started polkitd version 0.113 Jul 09 19:40:06 localhost.localdomain polkitd[19371]: Loading rules from directory /etc/polkit-1/rules.d Jul 09 19:40:06 localhost.localdomain polkitd[19371]: Loading rules from directory /usr/share/polkit-1/rules.d Jul 09 19:40:06 localhost.localdomain polkitd[19371]: Finished loading, compiling and executing 4 rules Jul 09 19:40:06 localhost.localdomain polkitd[19371]: Acquired the name org.freedesktop.PolicyKit1 on the system bus Jul 09 19:40:06 localhost.localdomain polkitd[19371]: Registered Authentication Agent for unix-session:c1 (system bus name :1.97 [/usr/lib64/kde4/libexec/polkit-kde-authentication-agent-1], object path /org/kde/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) Jul 09 19:40:06 localhost.localdomain systemd[1]: Started Authorization Manager. Jul 09 19:40:21 localhost.localdomain polkit-agent-helper-1[19391]: pam_tcb(polkit-1:auth): Authentication failed for leon from (uid=500) Jul 09 19:40:25 localhost.localdomain polkitd[19371]: Operator of unix-session:c1 FAILED to authenticate to gain authorization for action org.mageia.drakconf.pkexec.run for unix-process:19386:10392172 [/usr/bin/perl /usr/bin/drakconf] (owned by unix-user:leon) Jul 09 19:40:25 localhost.localdomain pkexec[19389]: leon: Error executing command as another user: Not authorized [USER=root] [TTY=unknown] [CWD=/home/leon] [COMMAND=/usr/libexec/drakconf] and the log messages between last working and first failure were: Jul 09 17:55:32 localhost.localdomain mgaapplet[29644]: Packages are up to date Jul 09 18:01:01 localhost.localdomain crond[14292]: pam_tcb(crond:session): Session opened for root by (uid=0) Jul 09 18:01:01 localhost.localdomain CROND[14293]: (root) CMD (nice -n 19 run-parts --report /etc/cron.hourly) Jul 09 18:01:01 localhost.localdomain CROND[14292]: pam_tcb(crond:session): Session closed for root Jul 09 18:16:37 localhost.localdomain kernel: usb 4-6: reset high-speed USB device number 2 using ehci-pci Jul 09 18:19:01 localhost.localdomain kernel: ip_set: protocol 6 Jul 09 18:46:01 localhost.localdomain crond[16832]: pam_tcb(crond:session): Session opened for leon by (uid=0) Jul 09 18:46:01 localhost.localdomain CROND[16833]: (leon) CMD (/opt/f-prot/fpupdate > /dev/null) Jul 09 18:46:09 localhost.localdomain fpupdate[16834]: Error: Update - IO error Jul 09 18:46:09 localhost.localdomain sendmail[16840]: t69Mk9QN016840: from=leon, size=402, class=-60, nrcpts=1, msgid=<201507092246.t69Mk9QN016840@localhost.localdomain>, relay=leon@localhost Jul 09 18:46:09 localhost.localdomain sendmail[16843]: t69Mk9JH016843: from=<leon@localhost.localdomain>, size=679, class=-60, nrcpts=1, msgid=<201507092246.t69Mk9QN016840@localhost.localdomain>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1] Jul 09 18:46:09 localhost.localdomain sendmail[16840]: t69Mk9QN016840: to=root, ctladdr=leon (500/500), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=138402, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (t69Mk9JH016843 Message accepted for delivery) Jul 09 18:46:09 localhost.localdomain CROND[16832]: pam_tcb(crond:session): Session closed for leon Jul 09 18:46:09 localhost.localdomain sendmail[16844]: t69Mk9JH016843: to=<root@localhost.localdomain>, ctladdr=<leon@localhost.localdomain> (500/500), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=138902, dsn=2.0.0, stat=Sent Jul 09 19:01:01 localhost.localdomain crond[17526]: pam_tcb(crond:session): Session opened for root by (uid=0) Jul 09 19:01:01 localhost.localdomain CROND[17527]: (root) CMD (nice -n 19 run-parts --report /etc/cron.hourly) Jul 09 19:01:01 localhost.localdomain CROND[17526]: pam_tcb(crond:session): Session closed for root I hope this is helpful
P.S. the log from when I run drakconf via kdesu shows: Jul 12 14:43:34 localhost.localdomain su[2377]: (to root) leon on pts/4 Jul 12 14:43:34 localhost.localdomain su[2377]: pam_tcb(su:session): Session opened for root by (uid=500) Jul 12 14:43:34 localhost.localdomain pkexec[2386]: pam_tcb(polkit-1:session): Session opened for root by (uid=0) Jul 12 14:43:34 localhost.localdomain pkexec[2386]: root: Executing command [USER=root] [TTY=/dev/pts/4] [CWD=/home/l...conf] Jul 12 14:43:34 localhost.localdomain drakconf[2386]: ### Program is starting ###
I seem to have resolved the issue. Somewhere along the line, I had added myself as a user to the group wheel. I don't remember when, but it had to be after the last reboot. I also don't remember why (I may have been playing around). Just now I removed myself as a user from the group "wheel" and that has resolved the issue. Thank you for your time and effort.
Status: NEW => RESOLVEDResolution: (none) => FIXED
(In reply to Leon Goldman from comment #7) > I seem to have resolved the issue. > > Somewhere along the line, I had added myself as a user to the group wheel. I > don't remember when, but it had to be after the last reboot. I also don't > remember why (I may have been playing around). > > Just now I removed myself as a user from the group "wheel" and that has > resolved the issue. > > Thank you for your time and effort. Ahh, this makes sense. Polkit will prompt you for *your* (i.e. your user, not the root user's) password if you are in the wheel group. The popup you see should make that clear (under GNOME it asks me for the password for "Colin Guthrie" and shows me my login photo, so it's really obvious what password it wants). For other desktops the Polkit UI might not be as clearly defined and may just as for the "Administrator" password (which could easily be misinterpreted - both the root user and a user in the wheel group could be considered "Administrators"). So this behaviour (which is NOT new in polkit 0.113) is expected, even if it's not made super clear in some frontends to the password auth UI?
s/\?$// (I didn't mean that last questionmark!)
Yep, that was it. I put myself back into wheel and was able to sign in with my password. Too bad it wasn't clearer; could have saved you all trouble. Thanks again.
In KDE the preambles in the pop-up are identical. The only difference is that when a root password is required the password box asks for the "root password", when the user password is required it asks just for "password".
Created attachment 6841 [details] root password required polkit dialogue asking for root password
Created attachment 6842 [details] user password required polkit dialogue asking for user password
Created attachment 6843 [details] user password required (GNOME) (In reply to James Kerr from comment #13) > Created attachment 6842 [details] > user password required > > polkit dialogue asking for user password Yeah asking "Password for $USER" would at least help here. This gui is kinda ugly... the GNOME one is much nicer. Not sure if this is an upstream KDE problem or our integration. I hope Plasma5 does better here.