[blfs-support] Polkit Actions
krejzi at email.com
Wed Dec 11 15:01:33 PST 2013
On 12/11/2013 11:53 PM, Dan McGhee wrote:
> On 12/11/2013 03:56 PM, Armin K. wrote:
>> On 12/11/2013 10:06 PM, Dan McGhee wrote:
>>> On 12/11/2013 12:20 PM, Armin K. wrote:
>>>> On 12/11/2013 06:45 PM, Dan McGhee wrote:
>>>>> In addition to GParted, I would like to employ this method for the
>>>>> Catalyst Control Center for my ATI-Radeon chip.
>>>> You have to edit both .desktop files and add "pkexec /path/to/program"
>>>> to the Exec= line. Do note that using pkexec requires an authentication
>>>> agent to be running, such as polkit-gnome or lxpolkit.
>>>> The file you mentioned is necessarry because pkexec won't allow running
>>>> gui programs by default.
>>> When I first read this, I didn't do anything because I have polkit-gnome
>>> installed. When I made the changes for pkexec in the gparted.desktop
>>> file and tried to run it, nothing happened. I didn't even get the
>>> message that I needed to be root. I guess that's progress.
>> You don't need to be root. As I said, pkexec *won't* allow you to run
>> gui programs when using "pkexec guiprogram" unless you *create* a policy
>> file in /usr/share/polkit-1/actions (which is the file you posted and I
>> linked to in the arch forums).
> I was unclear in my statement. I created the policy file containing the
> action. I edited the gparted.desktop file to include pkexec. When I
> selected "GParted" in my Applications Menu, nothing happened. I did not
> even get a message.
> For clarity's sake, I'll include the files. I kept from doing this to
> keep the posts shorter. But maybe there is something in them that
> prevents what I'm trying to do.
> Here is
>> <?xml version="1.0" encoding="UTF-8"?>
>> <!DOCTYPE policyconfig PUBLIC
>> "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
>> <action id="org.freedesktop.policykit.pkexec.run-gparted">
>> <description>Run GParted</description>
>> <message>Authentication is required to run GParted</message>
>> <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
I've created /usr/share/polkit-1/actions/org.gnome.gparted.policy file
with the same contents (name shouldn't matter), and restarted polkitd
> Here is /usr/share/applications/gparted.desktop:
>> GenericName=Partition Editor
>> Comment=Create, reorganize, and delete partitions
>> Exec=pkexec /usr/sbin/gparted %f
I've edited the desktop file and made it same as yours.
> And finally, the
>> [Desktop Entry]
>> Name=PolicyKit Authentication Agent
>> Comment=PolicyKit Authentication Agent
>> AutostartCondition=GNOME3 unless-session gnome
I have the same desktop file here. However, you do need to verify if
authentication agent is started. Run "ps aux | grep polkit". You should
get something like:
armin 726 0.0 0.2 565160 15636 ? Sl 17:48 0:00
in the output.
> From everything I've read, I don't think I need a rule in
> /etc/polkit-1/rules.d. There is no rule there.
No, you don't need any.
> Like I said, when I try to run Gparted from the desktop, absolutely
> nothing happens. It's got to be something quite simple now, but I can't
> see it.
You should see polkit authentication dialog, asking for an administrator
password. Do note that an gui authentication agent *must* be running
(polkit-gnome in this case).
That said, with the same configuration, everything works fine here. I
do, however, use polkit-0.10whatever with Linux PAM support. Not sure if
that should matter.
> Also, Armin, thanks for explaining the autostart file options for me,
> and also for you other help so far.
Note: My last name is not Krejzi.
More information about the blfs-support