Summary: | KIO needs PolicyKit-kde integration | ||
---|---|---|---|
Product: | [Frameworks and Libraries] frameworks-kio | Reporter: | Adam Williamson <adamw> |
Component: | general | Assignee: | KIO Bugs <kio-bugs-null> |
Status: | CONFIRMED --- | ||
Severity: | wishlist | CC: | 4wy78uwh, aaronw, alfaflo, arthur, b0, ben, benjamin, blueball, bobsmith432, bugseforuns, Buo.Ren.Lin, chriswilde, dashonwwIII, david.cortes.rivera, diego.ml, dragan.legic, elvis.angelaccio, eric1, fincer89, funkybomber, gigastarcraft2, guido.iodice, henningstone, hoperidesalone, johndemicco, Jonwsb, jplx256, karaluh, kde, kdelibs-bugs, krinpaus, mail, matejm98mthw, miranda, mk.mateng, nate, nickbryda, noein93, notuxius, pawelcislo, pbhj, pepko94, picander78, pier_andreit, polarathene-signup, postix, r2b2x3+kdebug, ricardo, ricky.tigg, shevegen, simonandric5, ssol, sven.burmeister, thor27, torre_cremata, voidpointertonull+bugskdeorg, xenoidaltu, yarik |
Priority: | VHI | Keywords: | usability |
Version: | 5.29.0 | ||
Target Milestone: | --- | ||
Platform: | Compiled Sources | ||
OS: | Linux | ||
See Also: | https://bugs.kde.org/show_bug.cgi?id=479955 | ||
Latest Commit: | https://invent.kde.org/frameworks/kio/-/merge_requests/143 | Version Fixed In: | 5.90 |
Sentry Crash Report: | |||
Bug Depends on: | |||
Bug Blocks: | 324254 | ||
Attachments: |
Screen Shot
Security Report on the Functions of the KDE Desktop attachment-20868-0.html |
Description
Adam Williamson
2009-01-05 03:07:59 UTC
Resetting assignee to default as per bug #305719 *** Bug 320811 has been marked as a duplicate of this bug. *** Just for the record, I'm not sure how helpful PolicyKit integration for Dolphin would be. Most of the interesting stuff (copying/moving files, for example) is handled by KIO, so PolicyKit integration for KIO might actually be more useful. Moving to kio, where this belongs. *** Bug 376624 has been marked as a duplicate of this bug. *** I would like to have the possibility to use dolphin as superuser whenever I want please No it's not a bug in plasma 5, developers of various distribution changing program source code, compiled program and prevent the program will start as root. Find the Iternet older version of the program, install and lock update. Explanation written by Elvis Angelaccio consider rude, Elvis would like to abolish the GUI. With 17.04 Kate is broken for root-usage wich makes it really hart to deal with root-owned files, when using kate. Another reason kio should simply support polkit so we can get rid of that sudoedit. @ FabiB You say that the program Kate guilty and therefore Dolphin can not work in root mode. I visited https://kate-editor.org/get-it/ page and on that page there is no version 17.04 I conclude that it is in line with the philosophy of open source KDE-Neon developer revised program, the problem is pushed under the carpet. (In reply to lega99 from comment #9) > @ FabiB > You say that the program Kate guilty and therefore Dolphin can not work in > root mode. No. I say kate developers (but also dolphin developers) have deactivated root-mode for the apps. wich is a bad idea without providing any good replacement (like Polkit support in KIO). > I visited https://kate-editor.org/get-it/ page and on that page > there is no version 17.04 KDE Apps 17.04 was released April 20, 2017. https://www.kde.org/announcements/announce-applications-17.04.0.php > of open source KDE-Neon developer revised program I dont talk about the kubuntu neon project. This is a KDE thing, not a distro specific thing. Truth is: they now deactivatet root mode for dolphin and Kate, there is no replacementment, so distros start to patch out this change https://forums.opensuse.org/showthread.php/524150-Executing-Dolphin-as-root-is-not-possible?p=2820568#post2820568 https://forum.antergos.com/post/42159 But that leads to a off-topic direction. I just wanted to show off that this feature (polkit support for KIO) would be very important right now. I'm very disappointed when I tried to modify a system file via running Dolphin as root and failed. IMO developer shouldn't disable an function simply because "it can be dangerous in certain circumstances". When something can be useful when running as root, it should be allowed to do so. I agree that the PolicyKit is the way to go, but it's not right to shut previous working method off before a proper alternative is available. `sudoedit` is not enough as it's not GUI. Also "is not possible" is a wrong term, it should be "is not allowed(explicitly by us developers)" It shouldn't be outputted in STDOUT as users who run `kdesudo dolphin` will not even notice a thing, it should be in some sort of GUI error dialog. Also it's preferable if you can lead users to this bug from the error message, so they can find workaround and stuff like running `sudo rm` and `sudoedit` in Konsole *** Bug 379590 has been marked as a duplicate of this bug. *** And here it comes :) https://rpchinmoy.blogspot.de/2017/05/kio-will-get-polkit-support-this-summer.html Hello, Now arch has no framework-kio in the repos. Therefore, it does not work. Did you possibly take the second step before the first? (In reply to 1212 from comment #15) > Hello, > > Now arch has no framework-kio in the repos. > Therefore, it does not work. > Did you possibly take the second step before the first? Distribution is arch *** Bug 379927 has been marked as a duplicate of this bug. *** Polkit is triggered when I accidentally tried to save a root-owned file in Kate in neon 5.10 user edition, is this feature implemented? (In reply to 林博仁 from comment #18) > Polkit is triggered when I accidentally tried to save a root-owned file in > Kate in neon 5.10 user edition, is this feature implemented? Not yet, only in ktexteditor for now. This is terrible news. I used to complain about the Gnome devs treating users as being stupid, but now this has leaked into KDE. Just now I write this on my laptop where I run KDE Plasma. I broke ncurses so nano does not work, so I need an editor. I was thinking "hey, I can use kate". Ok installing kate worked. Then I try to open it and kate REFUSES to obey, boring me with an extremely irrelevant message aka "Executing Kate as root is not possible. To edit files as root use: SUDO_EDITOR=kate sudoedit <file>" Now this is interesting. Firstly, I have to say that I tried the above AND IT DOES NOT WORK, so great job by those KDE devs who changed behaviour and did not provide a work around. Yes, I know a "work around" - I can change permission as superuser anyway, edit it with kate, then change the permission again. I can also use other editors too. I have tons of workaround BUT THE ISSUE IS THAT SOME RANDOM KDE DEV SIMPLY CRIPPLED KATE HERE. So firstly, please fire that dude. Second, please stop dumbing down KDE everywhere. There is absolutely nothing wrong with the superuser account. I am aware that you transitioned into a "we work for average joe - and for red hat" but you used to be cool in the past, so what happened with KDE? There is some propaganda here: https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/ None of this applies or is relevant but the problem is that some random dude dictated onto everyone else. BAD decision. This Martin dude does not run software on MY machine. Why can he decide how I should run it? I can probably find the faulty code and remove it but that means I have to invest time... which Martin doesn't pay me for. I have to find out if he works for Red Hat, then this explains why he crippled kate. It's not a big deal anyway since other editors will work fine or I can find thousand other ways to modify text files, including via scripts - but seriously KDE people, what happened to you? Did Microsoft buy you in? KDE Plasma looks like a Win10 clone. You used to be cool. At first, keep calm... There is no need to talk this way because it will not change anything. (In reply to shevegen from comment #20) > Then I try to open it and kate REFUSES to obey, boring me with an > extremely irrelevant message aka > > "Executing Kate as root is not possible. To edit files as root use: > SUDO_EDITOR=kate sudoedit <file>" It's true. This message is of no use anymore. Just start kate, edit you files. It will ask for the Password by itself if you try to save. No sudo/kdesu/gksu required. But Frameworks 5.34 or newer (I think it was) > > Now this is interesting. > > Firstly, I have to say that I tried the above AND IT DOES NOT WORK, > so great job by those KDE devs who changed behaviour and did not > provide a work around. It was a working workaround and it was there for a good reason. > > Yes, I know a "work around" - I can change permission as superuser > anyway, edit it with kate, then change the permission again. I can > also use other editors too. I have tons of workaround BUT THE ISSUE > IS THAT SOME RANDOM KDE DEV SIMPLY CRIPPLED KATE HERE. You can also just start kate, edit you files. It will ask for the Password by itself if you try to save. > > So firstly, please fire that dude. Second, please stop dumbing down > KDE everywhere. There is absolutely nothing wrong with the superuser > account. Everythings wrong with the sudo "account" but even if not. Sudo(and alike) will NOT work on wayland. So There was, even for the "I dont care about security"-party, a reason that this change was made. > I am aware that you transitioned into a "we work for average > joe - and for red hat" but you used to be cool in the past, so what > happened with KDE? KDE is still independent, but they need to work on real-world applications, so in order to make software compatible to future beheviors (like that No-sudo-on-wayland stuff), users need to learn it too... > > There is some propaganda here: > > https://blog.martin-graesslin.com/blog/2017/02/editing-files-as-root/ And just a few comments above is the solution... Just dont use sudo anymore for kate. http://blog.chinmoyrp.com/ we have polkit integration now. > > None of this applies or is relevant but the problem is that some random > dude dictated onto everyone else. BAD decision. > > This Martin dude does not run software on MY machine. Why can he decide > how I should run it? Because opensource is no democracy. It's made by people for themself. Of course you can ask for new features and many devs are nice persons who respect other needs (just like Martin with this change). > > I can probably find the faulty code and remove it but that means I have > to invest time... which Martin doesn't pay me for. or you just invest time and read the full bugreport, so that you know that polkit is now used and kate will ask for you password if you want to save a root owned file. :D (in case you have a new-enough framework5 release) > > I have to find out if he works for Red Hat If nothing has changed, he works for BlueSystems - a 100% KDE supporter https://en.wikipedia.org/wiki/Blue_Systems And there is nothing wrong with working for RedHat. (except for the KDE Plasma respin of fedora, that one really sucks :P *hides*) People at Red Hat are just normal guys who do some work and share it with everyone for free and thats something so damn good, I hope they will keep this path forever. >, then this explains why he > crippled kate. It's because of security reasons... BTW not only in kate, but also dolphin. And i Hope all the others will follow. > It's not a big deal anyway since other editors will work > fine or I can find thousand other ways to modify text files, including > via scripts - but seriously KDE people, what happened to you? They dont try to stand still and implement new features that are required for the future. > Did Microsoft buy you in? KDE Plasma looks like a Win10 clone. Or is it Windows 10 that looks like KDE Plasma ;)? > > You used to be cool. *** Bug 179289 has been marked as a duplicate of this bug. *** *** Bug 386503 has been marked as a duplicate of this bug. *** In many ways I'm an "average Joe", although the REAL Joe doesn't use Linux distributions (they're still too quirky and buggy and too many things need to be done manually for things to work, I've had over 10 years to arrive at this conclusion, and it's not likely to change). But I'm a user who likes to tweak things and likes the freedom open source software gives, without the need to master advanced commands and coding. I think KDE/Plasma 5 is GREAT software, offering most of the features of a Windows 10 or MacOS without the bloat, the privacy issues, but with wonderful custamizability instead. But I agree with the frustration of Shevegen. Dumbing down is the domain of Gnome. People who turn to KDE want the full suite of options and the full freedom. Forget the Average Joe - he's lost (maybe forever). Cater to people who are into technology, into tweaking, without the need to code or master the terminal. Don't take away options, don't confuse. Sorry for the rant, but I just needed to share my two cents. Nobody is dumbing anything down. Basic security involves running with the lowest permissions possible. That's why you selectively use sudo when you need to edit something as root, rather than using into the root account 100% of the time. This is simply a further extension of the principle: run with normal permissions until the software requests an action demanding elevated permissions, and only then do we ask for those permissions. If some part of the new system doesn't work properly, that's a bug, and we should--and will--fix it. But note that this particular bug report concerns KIO, not Kate. Anyone who's having an issue with Kate should file a new bug against the Kate product. And FWIW, Kate's PolKit support has been working just fine for me. You can open a root-owned file and then only when you save it are you prompted for credentials. Works like a charm, no "dumbing down" involved. (In reply to Nate Graham from comment #25) Thanks for the reply. The problem is that I've been directed here after I filed a bug with Nautilus. Because it's apparently connected with KIO etc. Dolphin has a Root Actions menu, where I should be able to open a location as root. But that doesn't work - I type the password and nothing happens. I've been told it's not connected with Nautilus but with PolicyKit, or whatever - a deeper issue that's beyond me. So my question is where should I file that bug? Because it is a bug - there is an option in the Nautilus menu but it doesn't work. Nautilus isn't a KDE product; it's made by the GNOME people. Nautilus doesn't use KIO. If you're having a problem with Nautilus, you should file a bug on the GNOME bugzilla. If you're having a problem with Dolphin, you should file a bug here on the KDE Bugzilla, against the Dolphin product. Please make sure to include detailed Steps To Reproduce and possibly screenshots too. *** Bug 387042 has been marked as a duplicate of this bug. *** I found your bug: https://bugs.kde.org/show_bug.cgi?id=387042. That concerns a 3rd-party extension that we don't support. The bottom line is that once this bug is closed (and we're really close, see https://phabricator.kde.org/T6561), then everything will work and you won't even need the 3rd-party Root Actions extension in the first place. (In reply to Nate Graham from comment #27) > Nautilus isn't a KDE product; it's made by the GNOME people. Nautilus > doesn't use KIO. If you're having a problem with Nautilus, you should file a > bug on the GNOME bugzilla. > > If you're having a problem with Dolphin, you should file a bug here on the > KDE Bugzilla, against the Dolphin product. Please make sure to include > detailed Steps To Reproduce and possibly screenshots too. I'm sorry, I meant DOLPHIN. OK, thanks a lot. It's just confusing because this extension is installed by default (at least in Manjaro) so you have menu items in Dolphin that don't work. Anyway, I'm glad that things are supposed to work soon. Definitely! I would recommend filing a bug on Manjaro asking them to not include that extension by default, since it doesn't even work and will imminently be replaced by built-in functionality. (In reply to Nate Graham from comment #25) > Nobody is dumbing anything down. Yes you are. I know when I am in root I know the dangers. I don't need you killing applications to make me safe. Did you all forget the meaning of "root" in Linux? Actually you are screwing with access to something out of your control. Root is a system function not a desktop function. > Basic security involves running with the > lowest permissions possible. That's why you selectively use sudo when you > need to edit something as root, rather than using into the root account 100% > of the time. This is simply a further extension of the principle: run with > normal permissions until the software requests an action demanding elevated > permissions, and only then do we ask for those permissions. Actually there are Use Cases that a user must run under root 100% such as Pen Testing. When pen testing you need full access to your OS. OK you say use sudo yet "sudo kate" doesn't work. Yet when in root Gedit, nano, LeafPad Vi and Emacs all run under root so explain how have you so called "protected" file access?? > > If some part of the new system doesn't work properly, that's a bug, and we > should--and will--fix it. Well it broken SO fix it! > But note that this particular bug report concerns > KIO, not Kate. Anyone who's having an issue with Kate should file a new bug > against the Kate product. And FWIW, Kate's PolKit support has been working > just fine for me. You can open a root-owned file and then only when you save > it are you prompted for credentials. Works like a charm, no "dumbing down" > involved. Well it seems that you all screwing with KIO broke kate so why report it to the kate team? BTW what you said about opening a root owned file is wrong. Kate will not open AT ALL under root. you said I can see the file how?? Kate won't even open. It doesn't "work like a charm" it doesn't work AT ALL. Bo, you're not really arguing against a decision made here, but rather against the whole direction that our industry is going in. As has been mentioned, Wayland disallows running GUI apps as root. As a penetration tester, this may make your life more difficult, but you're not the user that the Wayland folks are targeting. They are trying to make computers more secure for ordinary users (who have difficulty with the concepts we're discussing), not more convenient for security researchers. I would recommend you take your case to the Wayland folks, though I doubt you'll get very far because this is an architectural design decision that doesn't really seem open for debate.
Instead, you're in the same boat we are: given that currently (or in the near future), we won't be able to open GUI apps as root, how can we avoid losing existing functionality? So far the answer seems to be PolKit adoption, which lets you open apps using normal user permissions and only request elevated permissions when necessary. Again this isn't really our decision; the world evolves and we need to evolve along with it or else our software will stop working.
> Well it seems that you all screwing with KIO broke kate so why report it to the
> kate team? BTW what you said about opening a root owned file is wrong. Kate
> will not open AT ALL under root. you said I can see the file how?? Kate won't
> even open. It doesn't "work like a charm" it doesn't work AT ALL.
You don't open Kate as root anymore. You open it with normal permissions and edit your root-owned file, either by opening it with the File > Open dialog, or via `kate /path/to/root/owned/file.txt`. When you save, you should get prompted for credentials to complete the save operation.
Both of those use cases work for me with KDE Frameworks 5.40 and Kate 17.12, and they have worked for quite a while. If either of those use cases do not work for you, please let us know.
(In reply to Nate Graham from comment #34) Thanks for the reply Nate. Your reply does answer some questions and your reply is more open to discussion instead of just WONTFIX. thank you. > Bo, you're not really arguing against a decision made here, but rather > against the whole direction that our industry is going in. As has been > mentioned, Wayland disallows running GUI apps as root. As a penetration > tester, this may make your life more difficult, but you're not the user that > the Wayland folks are targeting. I didn't know that about Wayland. True I don't stay on top of desktop coding I'm a pen tester I just "use" the desktop. You are right for pen testing I guess this means going back to 1970 and not even install a desktop. Yes the way the industry it appears is everything will be a phone one day. What about those of us that need a REAL computing system? We're not all lusers. I don't even own a smart phone for this reason. > They are trying to make computers more > secure for ordinary users (who have difficulty with the concepts we're > discussing), not more convenient for security researchers. I would recommend > you take your case to the Wayland folks, though I doubt you'll get very far > because this is an architectural design decision that doesn't really seem > open for debate. I know that is the party line about ordinary users, but this isn't the case I have seen in the "real world". I have a lot of friends that now use Linux because of me. Normal people truck drivers, Ironworkers, 83 year old Grandmothers. People you have no clue on how it all works and they don't care they use want it to work and it works fine for them. They never need to go into root. Lately most distros the root account is locked its there but locked and can be easily unlocked if needed. This works fine and is secure. When sometime breaks they call me and I do the root work. I know what you are saying about the Wayland team is true from what I have followed about Wayland on the net they do have their head up their a_s and it is their way of the highway. Much like systemd got crammed down our throats. At least they didn't cut out root access to systemd. This is the real problem here developers are always trying to fix non-problems and think they know better than the actual users. Gnome totally destroyed their desktop with thinking like this. I wonder how any developers on this team use Macs or other systems to write code everyday? Does everyone use KDE for their day to day computing? I do. Question here: Gnome runs on Wayland yet their file manager and text editor work just fine with the desktop running under root. Kali's default desktop is Gnome and Kali is set up to run under root. So why not KDE? > > Instead, you're in the same boat we are: given that currently (or in the > near future), we won't be able to open GUI apps as root, how can we avoid > losing existing functionality? So far the answer seems to be PolKit > adoption, which lets you open apps using normal user permissions and only > request elevated permissions when necessary. Again this isn't really our > decision; the world evolves and we need to evolve along with it or else our > software will stop working. > > > Well it seems that you all screwing with KIO broke kate so why report it to the > > kate team? BTW what you said about opening a root owned file is wrong. Kate > > will not open AT ALL under root. you said I can see the file how?? Kate won't > > even open. It doesn't "work like a charm" it doesn't work AT ALL. > > You don't open Kate as root anymore. You open it with normal permissions and > edit your root-owned file, either by opening it with the File > Open dialog, > or via `kate /path/to/root/owned/file.txt`. When you save, you should get > prompted for credentials to complete the save operation. I'm running IN root. 3 days ago Kate worked just fine under root after an update 2 days ago it will not open at all. I'm not attempting a sudo action. I am root. > > Both of those use cases work for me with KDE Frameworks 5.40 and Kate 17.12, > and they have worked for quite a while. If either of those use cases do not > work for you, please let us know. No this doesn't work and this does breaks the consecpt of root access. Root is to have FULL access to everything. This means a file manager or a text editor or any other application or process. In engineering we have a saying "If it ain't broke don't f_ck with it". I think you developers should take heed to that. A security note here. as someone who hacks Linux system regularly. This is a security non-issue. I've hacked 1000's of machines and have yet to use an X11 exploit to gain root access their are too many other and easier ways to gain this access. Most Linux machines I have pwned don't even have a GUI. So all this chaos and breaking access to a file manager and a text editor for "security" is just plain wrong. You have "fixed" nothing and broken access. Nate I really hate coming down on you all I've used KDE since the 90's and thank you for a wonderful desktop for all those years. It will really make me cry to leave but I have to have a usable desktop to make a living. KDE has always been great because it catered to the more advanced user like me. Please understand there is a lot of gratitude behind these words also for your desktop. I just begging please don't f_ck it up. When I'm logged in as root give me FULL access to everything and if I do bork my machine because I did something stupid I will blame myself and not you guys. Thanks again for your reply. Let me make sure I understand: - With GNOME, you log in as the root user with a Wayland session OR an X session and in both cases you can run Gedit and Dolphin as the root user - With KDE Plasma, you log in as the root user with a Wayland session OR an X session and in both cases you can't run Kate or Dolphin If that is the case, then I think we have found the actual bug and I agree that it should be fixed. This ticket just tracks general Polkit adoption, so we should track that issue with a new bug report. (In reply to Nate Graham from comment #36) > Let me make sure I understand: > > - With GNOME, you log in as the root user with a Wayland session OR an X > session and in both cases you can run Gedit and Dolphin as the root user Yep with Gnome running a X session Gedit and their File Manager (Natulius) (Spelled wrong) work just fine when logged in as root. By default Kali is set up with only a root account. > > - With KDE Plasma, you log in as the root user with a Wayland session OR an > X session and in both cases you can't run Kate or Dolphin Yep they just "don't work" no error no nothing. Since I am an advance user I did know to run the executable from the command line and then got the error can't run as root. Breaks your heart when you click on Dolphin like you have 10,000 times and after an update nothing happens. Even in KDE when logged in as root LeafPad and Gedit will open an run and change files just fine. This is my point you haven't stopped editing files you've only stopped me from using Kate. Midnight Commander also works just fine. I just don't like going back to 1980. Yep just checked Gnome on both Wayland and Xorg the default text editors and file manager work fine when logged in as root. This is a KDE problem. > > If that is the case, then I think we have found the actual bug and I agree > that it should be fixed. This ticket just tracks general Polkit adoption, so > we should track that issue with a new bug report. Thank you! yes this is a bug. When logged in as root there should be no restrictions on anything. That's the reason for the root account. Now days this account is locked and rightly so. Really Polkit from what I have read is for system changes from a normal user account like of like sudo to elevate privileges for a single action (good thing) Such as changing a configuration file. I'm all for this. What I am saying is when an advanced user enables the root account and logs in there should be no restrictions on anything. You guys are in control of the desktop not the underlying OS. The PolicyKit should have no control when logged in as root. Your root. If you want to restrict Kate and Dolphin from a normal user account go right ahead but leave the root account alone. (In reply to Bo Weaver from comment #37) > (In reply to Nate Graham from comment #36) > > Let me make sure I understand: > > > > - With GNOME, you log in as the root user with a Wayland session OR an X > > session and in both cases you can run Gedit and Dolphin as the root user > > Yep with Gnome running a X session Gedit and their File Manager (Natulius) > (Spelled wrong) work just fine when logged in as root. By default Kali is > set up with only a root account. > > > > > - With KDE Plasma, you log in as the root user with a Wayland session OR an > > X session and in both cases you can't run Kate or Dolphin > > Yep they just "don't work" no error no nothing. Since I am an advance user > I did know to run the executable from the command line and then got the > error can't run as root. Breaks your heart when you click on Dolphin like > you have 10,000 times and after an update nothing happens. > > Even in KDE when logged in as root LeafPad and Gedit will open an run and > change files just fine. This is my point you haven't stopped editing files > you've only stopped me from using Kate. Midnight Commander also works just > fine. I just don't like going back to 1980. > > Yep just checked Gnome on both Wayland and Xorg the default text editors and > file manager work fine when logged in as root. This is a KDE problem. > > > > > If that is the case, then I think we have found the actual bug and I agree > > that it should be fixed. This ticket just tracks general Polkit adoption, so > > we should track that issue with a new bug report. > > Thank you! yes this is a bug. When logged in as root there should be no > restrictions on anything. That's the reason for the root account. Now days > this account is locked and rightly so. Really Polkit from what I have read > is for system changes from a normal user account like of like sudo to > elevate privileges for a single action (good thing) Such as changing a > configuration file. I'm all for this. What I am saying is when an advanced > user enables the root account and logs in there should be no restrictions on > anything. You guys are in control of the desktop not the underlying OS. > The PolicyKit should have no control when logged in as root. Your root. > > If you want to restrict Kate and Dolphin from a normal user account go right > ahead but leave the root account alone. BTW I just tried Kate and Dolphin from a normal user account on a Kali machine. When I went to edit a system file it did give me a proper password prompt. Kate worked just fine in this manner. It appears this problem is when only logged in as root. This is fine from the normal user account. Kate won't fire at all from root. Thanks for working with me and digging deep here. In the end, this was all just a big misunderstanding, not some kind of conspiracy. :) Bugs for Dolphin and Kate: - https://bugs.kde.org/show_bug.cgi?id=387974 - https://bugs.kde.org/show_bug.cgi?id=387973 Are there any other apps that gained PolKit support but stopped launching when you're logged in as the root user? I'm following this issue keenly, would be greatly interested in seeing this solved. By the way Bo, you don't have to go back as far as Midnight Commander; Krusader works just fine in root mode. (In reply to Nate Graham from comment #39) > Thanks for working with me and digging deep here. In the end, this was all > just a big misunderstanding, not some kind of conspiracy. :) > > Bugs for Dolphin and Kate: > - https://bugs.kde.org/show_bug.cgi?id=387974 > - https://bugs.kde.org/show_bug.cgi?id=387973 > > Are there any other apps that gained PolKit support but stopped launching > when you're logged in as the root user? I just tried some more applications. All "custom" applications for Kali appear to be working fine. The PIM interface did load. I don't use it under root so it wasn't fully configured but did properly go into the set up. The only applications I have found that don't work is Dolphin, Kate and Kwrite. From the command line these all fail with the can't run under root error. From the desktop when the icon is clicked they just fail no errors. This is only happening when logged in the desktop as root. When I am in a normal user account Kate runs and when saving a system file I get a proper password prompt. This also happens when copying a file to a system directory. Please don't get me wrong guys this is the "right way" for normal users the root account locked out and a password protected way to change files from a user account. I just really miss Kate for me it is the finest text editor ever made. Thanks for your all's help getting this fixed up (In reply to Pawel from comment #40) > I'm following this issue keenly, would be greatly interested in seeing this > solved. By the way Bo, you don't have to go back as far as Midnight > Commander; Krusader works just fine in root mode. Thanks again guys for getting this fixed. Some people like me have to work under root. I never tell an average user that and only when I'm testing do I run under root. I right now I am typing this from a locked down luser account. Like I said earlier you all are going the right direction with security for the average Joe. I have two machines also here (yes they run KDE) that root have never been unlocked and never will be. They're just puters. From earlier replies I thought you all were going to fix this problem but after updating my system it seems you all just have made the problem worse. The problem was Kate and Dolpin not working when logged IN as root. Now Konqueror has now stopped working when logged IN as root. AGAIN some people must work with a full root login. I know you all say Wayland will not support root logins but it is up to you the developer to deal with them and explain this is a stupid idea. Some people must work under root. Again guys you are breaking the operating system and it is not up to you or the Wayland guys to screw with the underlying OS. Root is root and root has full access to EVERYTHING. What part of everything do you not understand. Again you are screwing with how I make my living by screwing with something you have no right to mess with. Root access. Think about this Suse and others are pushing out patches to remove your work. Doesn't this tell you this isn't what the customer wants? I know you say you are trying to make Linux idiot proof but take a good look most users of KDE are advanced user which know and assume responsibility of running root. Guys like I said I have used KDE since the 90's and sure I've had quirks but I have never seen you all mess with parts of the OS you weren't suppose to. I really hate to have to rebuild my work machine to use MATE or something and trashing KDE. PLEASE REMOVE this blocking of UID=0 from your applications. (In reply to Bo Weaver from comment #41) > (In reply to Nate Graham from comment #39) > > Thanks for working with me and digging deep here. In the end, this was all > > just a big misunderstanding, not some kind of conspiracy. :) > > > > Bugs for Dolphin and Kate: > > - https://bugs.kde.org/show_bug.cgi?id=387974 > > - https://bugs.kde.org/show_bug.cgi?id=387973 > > > > Are there any other apps that gained PolKit support but stopped launching > > when you're logged in as the root user? I don't know if you saw my last email but after the last round of updates now Konqueror fails to work when logged in under root. Question is Krusader next to stop working??? Everything I have tested using a normal account and modifying files or changing configurations the KIO and policy-kit are working fine. You get a proper password box before the file is saved. When logged in under the root account more is dying we are going in the wrong direction. Again killing access to Kate and other tools accomplishes nothing since other applications that preform the same task work fine and will continue to work since they are not your tools and you can't modify their code. Kate may not work but Leafpad, Nano, Vi, and Emacs just to name a few work fine. Wayland was blamed for part of this and I was told Wayland is planning on killing GUI logins under the root account. I could find anything on this in the Wayland forums. You said this is not some kind of conspiracy but killing Konqueror in the last round of updates does make it appear that something is going on that isn't right. I sill haven't gotten an answer to why Gmone, MATE, and other DEs aren't following this path it is only KDE killing root. Why? Especially when the biggest disto that uses you desktop by default fixes your builtin bug. If I am talking to the wind here please just tell me to just f_ck off and die and this 20 year user of your desktop will sadly change to MATE. I need to know something this killing applications without reason is screwing with the me making a living. Its no fun to sit down ready to work and find out that the tools you used yesterday no longer work because you updated the system. This is especially maddening when you work in security and you know for a fact this all fixes nothing and secures nothing within the DE or the OS. It just makes the DE useless for some use cases. > > I just tried some more applications. All "custom" applications for Kali > appear to be working fine. The PIM interface did load. I don't use it > under root so it wasn't fully configured but did properly go into the set > up. The only applications I have found that don't work is Dolphin, Kate and > Kwrite. From the command line these all fail with the can't run under root > error. From the desktop when the icon is clicked they just fail no errors. > This is only happening when logged in the desktop as root. When I am in a > normal user account Kate runs and when saving a system file I get a proper > password prompt. This also happens when copying a file to a system > directory. > > Please don't get me wrong guys this is the "right way" for normal users the > root account locked out and a password protected way to change files from a > user account. > > I just really miss Kate for me it is the finest text editor ever made. > > Thanks for your all's help getting this fixed up Is this going to be fixed soon? At one time I did find a configuration file the the line "if uid=0 fail" I didn't write down the location or file name and now I can't find it I am wondering if I jack up the uid number will uid 0 stop failing. Just PLEASE!!! tell a way I can fix it back BTW as someone that hacks systems of a living even when running under a normal account you have a lot of kworker process running as root if a Kate or Dolphin process running as root can be hijacked then the kworker process is also most likely vulnerable. Again breaking kate and dolphin has secured nothing. Again you have only created a problem not fixed one. Again by design root is to have full access to everything. Root is NOT a restricted account. This is a UNIX/Linux thing not a desktop thing. (In reply to Bo Weaver from comment #45) > Is this going to be fixed soon? At one time I did find a configuration file > the the line "if uid=0 fail" I didn't write down the location or file name > and now I can't find it I am wondering if I jack up the uid number will uid > 0 stop failing. > > Just PLEASE!!! tell a way I can fix it back > > BTW as someone that hacks systems of a living even when running under a > normal account you have a lot of kworker process running as root if a Kate > or Dolphin process running as root can be hijacked then the kworker process > is also most likely vulnerable. Again breaking kate and dolphin has secured > nothing. > > Again you have only created a problem not fixed one. > > Again by design root is to have full access to everything. Root is NOT a > restricted account. This is a UNIX/Linux thing not a desktop thing. I read this infinite story in which some people assure us that we are all blind and brainless. All other file managers work in root mode only Dolphin can and should not. Hey, to make me blind and crazy and others who use and make such file managers. I think that someone will not intentionally fix the program or write it out from the beginning, it's easier to change a couple of lines of code. It's a shame and great nonsense that in Kali KDE is used dolphin that does not work in root mode. *** Bug 392280 has been marked as a duplicate of this bug. *** *** Bug 142638 has been marked as a duplicate of this bug. *** *** Bug 161548 has been marked as a duplicate of this bug. *** Created attachment 112015 [details]
Screen Shot
When using kate from the CL you get this in the error.
"Executing Kate as root is not possible. To edit files as root use:
SUDO_EDITOR=kate sudoedit <file>"
In many of the blogs it says to use this method. The method doesn't work. Please see attached screen shot as evidence.
(In reply to Bo Weaver from comment #50) > Created attachment 112015 [details] > Screen Shot > > When using kate from the CL you get this in the error. > > "Executing Kate as root is not possible. To edit files as root use: > SUDO_EDITOR=kate sudoedit <file>" > > In many of the blogs it says to use this method. The method doesn't work. > Please see attached screen shot as evidence. You are *still* trying to run it as root. You're supposed to do that as a regular user. But in any case, that is obsolete, with a recent enough ktexteditor you can edit root owned files by running kate as a regular user. (In reply to Antonio Rojas from comment #51) > (In reply to Bo Weaver from comment #50) > > Created attachment 112015 [details] > > Screen Shot > > > > When using kate from the CL you get this in the error. > > > > "Executing Kate as root is not possible. To edit files as root use: > > SUDO_EDITOR=kate sudoedit <file>" > > > > In many of the blogs it says to use this method. The method doesn't work. > > Please see attached screen shot as evidence. > > You are *still* trying to run it as root. You're supposed to do that as a > regular user. But in any case, that is obsolete, with a recent enough > ktexteditor you can edit root owned files by running kate as a regular user. As far as I see, you are persistently trying to replace the thesis and crushing evidence. If Bo Weaver uses Kali that works in root mode, you are asking him to create an ordinary user account and to do the job he needs to do as a root user. It does not have any logic, I think you just need to say adio KDE and plasma. (In reply to Antonio Rojas from comment #51) > (In reply to Bo Weaver from comment #50) > > Created attachment 112015 [details] > > Screen Shot > > > > When using kate from the CL you get this in the error. > > > > "Executing Kate as root is not possible. To edit files as root use: > > SUDO_EDITOR=kate sudoedit <file>" > > > > In many of the blogs it says to use this method. The method doesn't work. > > Please see attached screen shot as evidence. > > You are *still* trying to run it as root. You're supposed to do that as a > regular user. But in any case, that is obsolete, with a recent enough > ktexteditor you can edit root owned files by running kate as a regular user. Dear Antonio Rojas Clearly you didn't *read* my other posts. You also didn't read my posts on the kate flaw thread either. Of course I am *still* looged in as root. There are use cases where you *must* be logged in as root to preform your work properly. Pen Testing is one of these cases. As a security researcher, pen tester, Assessor, and Security Analyst for almost 30 years. I must ask "How do you test your code???" Do you only use autmomated testing. Clearly you do use the defacto industry standard disto (Kali) for pen testing to do manual testing of your code or you would understand the need for root access to applications. If you are not manually testing your code with the manual tools used on a daily basis by hackers then this is a greater security risk than having Kate of Dolphin running as root. This is an EPIC FAIL on your part. Please remember Mr. Coder I do this for a living. You have failed your assessment. Your reply has just shown KDE developers are not properly manually auditing their code. Let's talk about the attachment I sent in. The error says use SUDO_EDITOR. Well what if sudo is set up to be run with NO PASSWORD if an attacker gains access to the system under a normal user with sudo rights then this command can be ran and root access gained through the embeded Konsole without the use of a PASSWORD! AWS systems the ubuntu account is set up in this manner. So your work around is more dangerous than what you are attempting to fix. So you have "fixed" nothing only broken the application from normal use. I hate to repost but since you didn't read my reply on the other thread here it is again. Here's a BIG technical reason for this to be changed back. Root is a "system level" account not a user account under control of the OS and not the desktop. Root is to have full access to every process and application. This has been a UNIX standard since the 1970's. KDE is NOT a system level process. KDE is a desktop which runs in the Presentation and Application of the OSI model (You guys have heard of the 7 layers of the OSI model?) The root account is part of the System layer of this model. When developing and application the developer is not to screw with the system functions. These embedded flaws do just that by breaking root access to these bineries. Here's a suggestion... Why don't developers take some courses in Linux Systems Engineering and learn the rules and standards that the operating systems are built by? Clearly you all are not engineers or this would not be a problem and I would not be writing all this. Take time to learn the OSI model that operating systems are designed by. One reason I was told for this change was Wayland now runs in the user space. Yes this is the case when logged in under a normal user account the compositor runs under that account. When logged in under a root account this is not the case the compositor then runs under the root account just fine. Download a copy of Kali the the Gnome DE and you'll see Wayland does run under root when you are root. So this reason is flawed. I have yet to get a reply on any of this from you all. Again I am the guy you are attempting to "keep out" of your processes and again I will say this. If I have hacked a box and have a normal users access I am not going to attempt to hack a running kate of dolphin process running under root because THIS PROCESS CAN BE KILLED AT ANYTIME BY THE PERSON RUNNING THE PROCESS! I will attempt to hijack a running SYSTEM PROCESS not a user application. And again I write this below. sorry to keep repeating myself but you all don't seem to be listening. People like myself that must be logged in as root for work understand the risk and are careful and parinod while in root. They also understand the risk and if anything bad happens they assume the risk. As people like myself only work under the root account to only do the work needed and then change to a normal user account for normal use. I don't need you to hold my hand and keep me safe. Also I don't need someone who is not a qualified pen tester trying to "educate" me in my job or my work flow. Your a coder NOT a security person. Please quit peeing in my pond and I will not pee in yours. Yes I know I am being *rude* again well Mr. Rojas don't be rude and *read* what I have written and *don't* talk down to me like I am a noobie fool. It is strange I keep getting noob replies on how to work but I have yet to get techinical responses to the techinical issues I have raised here. (In reply to Bo Weaver from comment #53) > (In reply to Antonio Rojas from comment #51) > > (In reply to Bo Weaver from comment #50) > > > Created attachment 112015 [details] > > > Screen Shot > > > > > > When using kate from the CL you get this in the error. > > > > > > "Executing Kate as root is not possible. To edit files as root use: > > > SUDO_EDITOR=kate sudoedit <file>" > > > > > > In many of the blogs it says to use this method. The method doesn't work. > > > Please see attached screen shot as evidence. > > > > You are *still* trying to run it as root. You're supposed to do that as a > > regular user. But in any case, that is obsolete, with a recent enough > > ktexteditor you can edit root owned files by running kate as a regular user. > > Dear Antonio Rojas > > Clearly you didn't *read* my other posts. You also didn't read my posts on > the kate flaw thread either. Of course I am *still* looged in as root. > There are use cases where you *must* be logged in as root to preform your > work properly. Pen Testing is one of these cases. As a security > researcher, pen tester, Assessor, and Security Analyst for almost 30 years. > I must ask "How do you test your code???" Do you only use autmomated > testing. Clearly you do use the defacto industry standard disto (Kali) for > pen testing to do manual testing of your code or you would understand the > need for root access to applications. If you are not manually testing your > code with the manual tools used on a daily basis by hackers then this is a > greater security risk than having Kate of Dolphin running as root. This is > an EPIC FAIL on your part. Please remember Mr. Coder I do this for a > living. You have failed your assessment. Your reply has just shown KDE > developers are not properly manually auditing their code. > > Let's talk about the attachment I sent in. The error says use SUDO_EDITOR. > Well what if sudo is set up to be run with NO PASSWORD if an attacker gains > access to the system under a normal user with sudo rights then this command > can be ran and root access gained through the embeded Konsole without the > use of a PASSWORD! AWS systems the ubuntu account is set up in this manner. > So your work around is more dangerous than what you are attempting to fix. > So you have "fixed" nothing only broken the application from normal use. > > I hate to repost but since you didn't read my reply on the other thread here > it is again. > > Here's a BIG technical reason for this to be changed back. > > Root is a "system level" account not a user account under control of the OS > and not the desktop. Root is to have full access to every process and > application. This has been a UNIX standard since the 1970's. KDE is NOT a > system level process. KDE is a desktop which runs in the Presentation and > Application of the OSI model (You guys have heard of the 7 layers of the OSI > model?) The root account is part of the System layer of this model. When > developing and application the developer is not to screw with the system > functions. These embedded flaws do just that by breaking root access to > these bineries. > > Here's a suggestion... Why don't developers take some courses in Linux > Systems Engineering and learn the rules and standards that the operating > systems are built by? Clearly you all are not engineers or this would not > be a problem and I would not be writing all this. Take time to learn the > OSI model that operating systems are designed by. > > One reason I was told for this change was Wayland now runs in the user > space. Yes this is the case when logged in under a normal user account the > compositor runs under that account. When logged in under a root account > this is not the case the compositor then runs under the root account just > fine. Download a copy of Kali the the Gnome DE and you'll see Wayland does > run under root when you are root. So this reason is flawed. > > I have yet to get a reply on any of this from you all. > > Again I am the guy you are attempting to "keep out" of your processes and > again I will say this. If I have hacked a box and have a normal users > access I am not going to attempt to hack a running kate of dolphin process > running under root because THIS PROCESS CAN BE KILLED AT ANYTIME BY THE > PERSON RUNNING THE PROCESS! I will attempt to hijack a running SYSTEM > PROCESS not a user application. > > And again I write this below. sorry to keep repeating myself but you all > don't seem to be listening. > > People like myself that must be logged in as root for work understand the > risk and are careful and parinod while in root. They also understand the > risk and if anything bad happens they assume the risk. As people like > myself only work under the root account to only do the work needed and then > change to a normal user account for normal use. I don't need you to hold my > hand and keep me safe. > > Also I don't need someone who is not a qualified pen tester trying to > "educate" me in my job or my work flow. Your a coder NOT a security person. > Please quit peeing in my pond and I will not pee in yours. > > Yes I know I am being *rude* again well Mr. Rojas don't be rude and *read* > what I have written and *don't* talk down to me like I am a noobie fool. > > It is strange I keep getting noob replies on how to work but I have yet to > get techinical responses to the techinical issues I have raised here. I'd like to correct a typo. I wrote: "Clearly you do use the defacto industry standard disto (Kali) for pen testing to do manual testing of your code or you would understand the need for root access to applications. " It should read "you don't use". I'd also like to point out that on the Bug Report sites for SuSE, Kali and Kubuntu this is listed as a *Bug* not a feature. It is only listed here as a good idea. SuSE has fixed this flaw in their repos. Kubuntu is hoping you will correct this and since KDE is not the default DE their answer is "use a different DE". Please load up a version of Kali with KDE as the DE and tell me your fix is correct. *** Bug 116921 has been marked as a duplicate of this bug. *** Somehow this bug about PolicyKit integration in KIO got sidetracked into a discussion about whether you should be able to use Dolphin and Kate while logged in as the root user. I'm happy to report that a patch I submitted to let you do just that was accepted, and the functionality has been restored. See Bug 387974 and Bug 387973. Dolphin and Kate should once again be fully functional in Kali et al. Hopefully now this ticket can return to tracking PolicyKit integration for KIO. That will be implemented once https://phabricator.kde.org/D7571 lands, which is currently blocked by outstanding security issues that were discovered in an audit: https://phabricator.kde.org/T8075. We're getting really close! (In reply to Nate Graham from comment #56) > Somehow this bug about PolicyKit integration in KIO got sidetracked into a > discussion about whether you should be able to use Dolphin and Kate while > logged in as the root user. I'm happy to report that a patch I submitted to > let you do just that was accepted, and the functionality has been restored. > See Bug 387974 and Bug 387973. Dolphin and Kate should once again be fully > functional in Kali et al. > > Hopefully now this ticket can return to tracking PolicyKit integration for > KIO. That will be implemented once https://phabricator.kde.org/D7571 lands, > which is currently blocked by outstanding security issues that were > discovered in an audit: https://phabricator.kde.org/T8075. > > We're getting really close! Dear Nate, I want to thank you for getting this fixed. I this has renewed by faith in KDE. The patch hasn't made it to Kali yet but I'm sure it will be soon. I really didn't want to change desktops after 25 years of use. Bo Weaver Nate I was wondering when this might be pushed out. I have seen that kate and dolphin have both updated twice on Kali but the function has not returned to the applications. I'm working on a book about Kali and I'm kinda stuck on the KDE section until this is fixed. I would like to include the normal functions of kate and dolphin and not include the workarounds to get around this bug. I really want to give KDE the best review possible. Thanks Bo (In reply to Nate Graham from comment #56) > Somehow this bug about PolicyKit integration in KIO got sidetracked into a > discussion about whether you should be able to use Dolphin and Kate while > logged in as the root user. I'm happy to report that a patch I submitted to > let you do just that was accepted, and the functionality has been restored. > See Bug 387974 and Bug 387973. Dolphin and Kate should once again be fully > functional in Kali et al. > > Hopefully now this ticket can return to tracking PolicyKit integration for > KIO. That will be implemented once https://phabricator.kde.org/D7571 lands, > which is currently blocked by outstanding security issues that were > discovered in an audit: https://phabricator.kde.org/T8075. > > We're getting really close! Bo, See the "Version Fixed In" fields on Bug 387974 and Bug 387973. The fix will be in the versions of Dolphin and Kate from KDE Applications 18.08.0, which hasn't been released yet. You can always ask the Dolphin and Kate Packagers for Kali to backport the change (which is small and low-risk) to the currently-released version if you want it now. *** Bug 397016 has been marked as a duplicate of this bug. *** Currently getting messages when launching from root in terminal - both in X11 and Wayland: Executing Kate with sudo is not possible due to unfixable security vulnerabilities. Executing Dolphin with sudo is not possible due to unfixable security vulnerabilities. sudoedit: editing files in a writable directory is not permitted Distribution: KDE neon Developer Edition Kernel: 4.15.0-29-generic Plasma: 5.13.80 Apps: 18.11.70 Qt: 5.11.1 Frameworks: 5.48.0 (In reply to Alexander Mentyu from comment #61) > Currently getting messages when launching from root in terminal - both in > X11 and Wayland: > Executing Kate with sudo is not possible due to unfixable security > vulnerabilities. > Executing Dolphin with sudo is not possible due to unfixable security > vulnerabilities. > sudoedit: editing files in a writable directory is not permitted You need to actually *log in* using the root user. You can't elevate your privileges in a terminal. Regardless, that's unrelated to this bug, which tracks PolicyKit integration (which I think really is coming along quite soon...) (In reply to Nate Graham from comment #62) > (In reply to Alexander Mentyu from comment #61) > > Currently getting messages when launching from root in terminal - both in > > X11 and Wayland: > > Executing Kate with sudo is not possible due to unfixable security > > vulnerabilities. > > Executing Dolphin with sudo is not possible due to unfixable security > > vulnerabilities. > > sudoedit: editing files in a writable directory is not permitted > > You need to actually *log in* using the root user. You can't elevate your > privileges in a terminal. > > Regardless, that's unrelated to this bug, which tracks PolicyKit integration > (which I think really is coming along quite soon...) This is not a solution to the problem. How much do I know logging as a root is allowed only in the terminal in many distributions. This is the only solution for Kali. Why should I use this solution and adjust my distribution to work in GUI mode as root. Simply more serious is the use of Krusederr, Nemo, Nautilus program in normal user mode with sudo or kdesu. Continue writing tips do not use GUI as a root user if enabled. I'm disappointed with this solution. The solution to being able to edit root-owned files as your user is for this bug to be resolved. :) (In reply to Nate Graham from comment #64) > The solution to being able to edit root-owned files as your user is for this > bug to be resolved. :) How to run Dolphin as root with command. I do not understand if I really need to log in as a root in the GUI mode that distributions do not allow, except Kali (In reply to lega99 from comment #65) > (In reply to Nate Graham from comment #64) > > The solution to being able to edit root-owned files as your user is for this > > bug to be resolved. :) > > How to run Dolphin as root with command. I do not understand if I really > need to log in as a root in the GUI mode that distributions do not allow, > except Kali The point is, once this bug is resolved, there will never be a circumstance in which you ever need to run `sudo dolphin` because you will be able to modify root-owned files from within Dolphin when run normally; it will simply ask for your password and then make the change. Nate, I'd like to point out again. This has nothing really to do with "sudo" access. It is that KDE has crippled "root" access. I know you have said that this will be fixed in the next version BUT it has been over 8 months now and not fixed. I did notify Kali but it appears they are not going to backport kate and dolphin. This is just a couple of lines of code you all included so PLEASE!! just take it out and you all do the backporting. After all this is KDE's mistake in the first place. It would seem you all would do the "right thing" and get this fixed now not later. Please understand some of us make our living using your tools we aren't playing we have real work to do and this cripples our jobs. I bet you wouldn't like working with a broken IDE for 8 months. (In reply to Bo Weaver from comment #67) > Nate, > > I'd like to point out again. This has nothing really to do with "sudo" > access. It is that KDE has crippled "root" access. I know you have said > that this will be fixed in the next version The current version, in fact. The fix was released with KDE Applications 18.08 a few days ago. > now and not fixed. I did notify Kali but it appears they are not going to > backport kate and dolphin. This is just a couple of lines of code you all > included so PLEASE!! just take it out and you all do the backporting. That's not how anything works. KDE guarantees three bugfix releases for the previous version (e.g. Dolphin 18.04.3). Those three versions have already been released; there will not be a 18.04.4 release. If there was, I could backport the fix to that, but there won't be, so I can't. As a result, there is no way for me to backport the fix to the Applications 18.04 release. Distros are responsible for backporting fixes beyond what KDE provides via the above release schedule. If they don't care, that's their issue, not ours. I understand that you're frustrated but we can't go back in time and make this never have happened. It's fixed in the present and the future, and that's the best we can do. For the meantime, you're going to have to be patient and wait for Kali to update to Applications 18.08, or be more persuasive in asking them to backport the fix to 18.04. There's nothing more that KDE can do here, I'm afraid. --- Please everyone: this ticket tracks PolicyKit support in KIO. It is not a place for complaining about the inability to do `sudo dolphin` or open Dolphin as the root user in releases prior to 18.08. We cannot help with those here. (In reply to Nate Graham from comment #66) > (In reply to lega99 from comment #65) > > (In reply to Nate Graham from comment #64) > > > The solution to being able to edit root-owned files as your user is for this > > > bug to be resolved. :) > > > > How to run Dolphin as root with command. I do not understand if I really > > need to log in as a root in the GUI mode that distributions do not allow, > > except Kali > > The point is, once this bug is resolved, there will never be a circumstance > in which you ever need to run `sudo dolphin` because you will be able to > modify root-owned files from within Dolphin when run normally; it will > simply ask for your password and then make the change. I am shocked, file manager is not an editor, that´s all I can say. You behaviour and replies are unacceptable, if you continue this way very soon your programs will disappear, and Mint has already begun and abandoned KDE distribution. KDE authors are Neon and Kubuntu, and that´s going so poorly that Neon isn´t capable after all these months to make a switch to Ubuntu 18.04 which is its base. First I'd like to point out that this was submitted as a single bug report. YOU GUYS merged it into the bug so sorry Nate if you don't like us writing to this bug. You all put it here. I did update my system and no joy on the update to these applications. I do know that since you all broke root I can't even see what version of dolphin or kate is running they error out "can't run as root". So finding out exactly what version is now running is impossible --version is broken. You say there is only 3 bug fixes a version well explain this. There were some major updates happened to KDE during the update. I always see something on KDE get updated on every update which I do a lot. So if there are only 3 then where do all the "other" updates come from if not from you all? The update fairy??? Also note from Alexander's comment: Plasma: 5.13.80 Apps: 18.11.70 I know developer's don't know math very well but .8 and .7 is GREATER THAN .3 Yes engineers can do math. So your comment about only 3 changes per release is either an out right lie or you guys don't know anything about versioning. Even with that this is more than a simple bug. You went way beyond your bounds as DE developers and BROKE root access to applications. You broke OS access. There are rules to OS development and you all broke them knowingly and willingly. What really makes me mad is you all have yet to admit this was a serious mistake made by you all and reply to us like we don't know what we are talking about and refuse to quickly fix your screw up. It is especially bad when the fix is just upload the old binaries to the repos. At the very least you could give us some links to where the old binaries are at so we could download them and manually install them. Bo, the version of all KDE apps should be the same. So for example if you're using Gwenview 18.08, then you're also using Dolphin 18.08. So you can check your Gwenview version to find out what version of Dolphin you have, even if Dolphin won't run when you're logged in as the root user. Alexander was trying to use sudo, not log in as root. Logging in as the root user should be fixed now in 18.08. If you can confirm that you're running Dolphin 18.08 and it still doesn't work when you *log in as the root user* (not using sudo), then there's still a bug and I'll try my best to fix it. We are all trying our best to fix the issue here. Please be respectful. Insults and abuse don't make friends or fix problems. (In reply to Nate Graham from comment #71) > Bo, the version of all KDE apps should be the same. So for example if you're > using Gwenview 18.08, then you're also using Dolphin 18.08. So you can check > your Gwenview version to find out what version of Dolphin you have, even if > Dolphin won't run when you're logged in as the root user. Gwenview says 18.04 so Kali hasn't upgraded to .08 yet. > > Alexander was trying to use sudo, not log in as root. Logging in as the root > user should be fixed now in 18.08. If you can confirm that you're running > Dolphin 18.08 and it still doesn't work when you *log in as the root user* > (not using sudo), then there's still a bug and I'll try my best to fix it. > > We are all trying our best to fix the issue here. Please be respectful. > Insults and abuse don't make friends or fix problems. Nate as I have said before I would rather have a respectful conversation but when told one thing and my eyes see another I do call BS. As I have said respect has to work *both ways*. > We are all trying our best to fix the issue here. We're talking about removing less than two lines of code that should not have been there in the first place. We're not talking some complex application that has to be completely taken apart to fix. Really you don't have to remove any code just roll it back to the original that worked. I'm not sure what versioning software you use but all of them have them ability to do a roll back. About respect, I asked you a direct question that you did not address. Where are the links I ask for on where to find the older binaries? Can't I just copy them over to my machine? It's respectful to give an answer when asked a question. I am not sure what you want from me. The fix has been made in 18.08. I cannot backport the fix to 18.04 in KDE-land because there aren't any more planned releases for the 18.04 version. I don't know where you can find the older binaries, or even if they would work (Linux apps are not self-contained and are mostly a collection of shared libraries). Please direct your complaints at the Kali people and ask them to backport the fix to 18.04. It's up to them at this point. They could also upgrade to 18.08. This bugzilla ticket is about PolicyKit support in KIO, not root user usage of Dolphin. If you are desperate for this fix RIGHT NOW, probably building Dolphin from source would be the easiest way to do it. You could check out git master to have the latest version that incorporates the fix, or you could check out the Applications/18.04 branch and then remove the offending code from main.cpp before compiling: https://cgit.kde.org/dolphin.git/tree/src/main.cpp?id=bebcf035d264410c943e7bad861628c1b14dd1f2&h=Applications%2F18.04#n47 (In reply to Nate Graham from comment #71) > Bo, the version of all KDE apps should be the same. So for example if you're > using Gwenview 18.08, then you're also using Dolphin 18.08. So you can check > your Gwenview version to find out what version of Dolphin you have, even if > Dolphin won't run when you're logged in as the root user. Maybe maybe not exactly. Copy 18.18 Dophin, dolphin-plugin, kate kwrite from Neon and paste to Kali application version 18.04. Dolphin, kate, kwrite work ok > > Alexander was trying to use sudo, not log in as root. Logging in as the root > user should be fixed now in 18.08. If you can confirm that you're running > Dolphin 18.08 and it still doesn't work when you *log in as the root user* > (not using sudo), then there's still a bug and I'll try my best to fix it. > In order for the system to work as root, especially Ubuntu-based Neon, must be corrected in the system, minimum UIDs or changes to the /etc/pam.d/sddm file. #auth required pam_succeed_if.so user! = root quiet_success correction: In order for the system to work as GUI root, especially Ubuntu-based Neon, must be corrected in the system, minimum UIDs or changes to the /etc/pam.d/sddm file. #auth required pam_succeed_if.so user! = root quiet_success root must have the assigned password Any changes to the UID or the specified line of code can be done without raising the root in the GUI but it remains a secret User an root Dolphin 18.08 in user account https://s33.postimg.cc/f209uta73/010.png *** Bug 355662 has been marked as a duplicate of this bug. *** *** Bug 400569 has been marked as a duplicate of this bug. *** (In reply to lega99 from comment #77) > https://s33.postimg.cc/f209uta73/010.png instead of waiting, just undo the misguided patch and go back to how things were in the good old days: https://forum.kde.org/viewtopic.php?f=224&t=141836&start=30#p408074 (In reply to Nate Graham from comment #74) > If you are desperate for this fix RIGHT NOW, probably building Dolphin from > source would be the easiest way to do it. You could check out git master to > have the latest version that incorporates the fix, or you could check out > the Applications/18.04 branch and then remove the offending code from > main.cpp before compiling: compiling latest sources is much more tedious than sticking with the version that one's distro is shipping at the time. see: https://forum.kde.org/viewtopic.php?f=224&t=141836&start=30#p408074 (In reply to Bo Weaver from comment #72) > We're talking about removing less than two lines of code that should not > have been there in the first place. I absolutely concur. It seems though that the "contributor" is actually proud of his "deed" according to the tenor of his blog. see also: https://forum.kde.org/viewtopic.php?f=224&t=141836&start=30#p408072 were he objects to publishing useful code for reasons so many are taking issue with. (In reply to pier andre from comment #6) > I would like to have the possibility to use dolphin as superuser whenever I > want please Exactly! You and millions of other users rely on this feature for their workflow that used to be perfectly fine for decades! *** Bug 413360 has been marked as a duplicate of this bug. *** (In reply to Nate Graham from comment #84) > *** Bug 413360 has been marked as a duplicate of this bug. *** Well Nate here we are a year later having the same discussion. I had a feeling after updating my system when my root login failed it would lead back to this exact same cause but I did have faith you all learned from last years mistake and was hoping this wasn't going to be the exact same problem but here we are. In security after something breached we have what is called a "Lessons Learned" meeting to figure out what went wrong fix the problem and NEVER make the same mistake twice. Clearly this is not the case with developers. You did last year after about 9 months fix dolphin and kate to work as normal and I thank you for that. You even included a nice warning message on dolphin to be careful you are in root. That was all that was needed. A warning not a lock out. Again I to point out this work does NOTHING to secure the system a simple CTL ATL F1 and you can get a tty and you can log in as root. The only thing you have accomplish is keeping me from getting any work done. I want to point out something you could do to actually secure the system. These days it is hard to find a login screen that doesn't have bubbleheads with the user names and photos on it or a login box that doesn't keep the last user name in the login box. Having all the users listed on the login screen gives an attacked half the puzzle when brute forcing a password. Plus it is real ugly in an office where there are 15 users on a machine. All them bubbleheads. One thing that helps secure Linux in a brute force password attack is you have to know the user account name to run an attack. Having the name and photo of the user on the login screen gives you this information. Even Windows gives you a login screen with blank fields. So when can I have my desktop back??? I understand that you're frustrated. I'm frustrated too. If you have the appropriate technical skills, you could help to review https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783? That's the path forward here. (In reply to Nate Graham from comment #86) > I understand that you're frustrated. I'm frustrated too. If you have the > appropriate technical skills, you could help to review > https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783? > That's the path forward here. I did look over the links. I didn't see any discussion on locking root out of logins or why this should be done. I admit I'm not a coder I'm a security guy. I don't write applications or systems I break into them. Last year I pointed out many reasons that actions like this do nothing to secure the system. Again this does nothing to secure the system only break the DE. Again CTL ATL F1 defeats your patch and will give you a root login. Think about it hacks are normally done remotely through a system level service or process. A DE isn't the point of entry. Crippling the DE does nothing to keep an attacker out. Even a local hack doesn't secure the system if an account is compromised with sudo access so locking the root login does not to secure the system. Really you all are spending time and resources to fix a problem that doesn't exist. Really if you want to do something to really secure your DE then remove the bubbleheads on the login screen with the user names and photos and blank all the login fields. Really this IS a security problem. As I said before on with local access to the machine you have given me half the problem of brute forcing an account, the user name. Even more so with the photo. Let's say John has an account on a machine I could "guess" his user name is john but what if his user name is "frogger" I could brute force john unitl the end of time and get no where. If I walk my his machine and see his photo then I know his login is frogger so now I know what user name to brute force. Nate you said "That's the path forward here." do I need to login in there to fight this battle? PLEASE!!!! could I have my desktop back! If I remember correctly, this is a Dolphin file manager. I read big players plan to leave support for Plasma and KDE. In Kali update program plasma product dont work, synaptic work. I am no longer interested in constantly updating and constantly adding actions that I do not need, every new version uploads 200-300 files initially, and this is repeated all the time on verzion x,x 01 to x. x.5 . After that a new plsma version, new round of the same (In reply to lega99 from comment #88) > If I remember correctly, this is a Dolphin file manager. Actually the Dolphin issue has been fixed. The problem now is root login though the GUI has been completely broken. You cannot login as root with the Plasma desktop. If you install the MATE desktop Dolphin and Kate now still work. I read big players > plan to leave support for Plasma and KDE. In Kali update program plasma > product dont work, synaptic work. I am no longer interested in constantly > updating and constantly adding actions that I do not need, every new version > uploads 200-300 files initially, and this is repeated all the time on > verzion x,x 01 to x. x.5 . Yes I can see Kali dropping support for KDE and SuSE is also not happy with these changes since both distros depend on root logins. > After that a new plsma version, new round of the same To say this is to *secure* the system holds no value since a simple <CTL> <ALT> F1 gives you a tty which is root enabled. Bo Weaver from comment #89) We didn't understand each other, when I listed the number of files I meant Neon Plasma (not testing), every update with e.g. 5.16.5 to 5.17.0 is a minumum of> 200 files to update, following an update that will release 5.17.1 again at least> 200 files. This goes into the cycle to 5.17.5 and then leaps to the new version 5.18.0. Does anyone keep a gun on their developers that they have to throw out an update that they repair afterwards? As for Kali he is an RR distribution and there is an understandable number of files to update. All of this reminds me of some of the medicines I have been drinking for over 10 years and have now been withdrawn from sale because they cause cancer, the 10 years it took finds out that dolphin is not ok, what is the purpose of such a file manager in relation to other file managers? Created attachment 123528 [details] Security Report on the Functions of the KDE Desktop (In reply to Nate Graham from comment #86) > I understand that you're frustrated. I'm frustrated too. If you have the > appropriate technical skills, you could help to review > https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783? > That's the path forward here. My technical skills are in internet security. I have reviewed the two supplied links and attached a report of my findings on the found security flaws. Please respect the fact I have done this for free in order to help the development team in their security processes. Normally I get paid for a report such as this but in the spirit of open source this is free for anyone to use. One question I have that needs to be urgently answered is when will access to the root login be returned? I am a retired person, but I have spent my entire life leading a large computer center and at the end of my career leading and modernizing the municipal administration. All that linux and win I had was on the mainframe many years ago. Now purely from the hobby I use linux, with me every plasma linux can be rooted in GUI mode. I did not intervene in the code, but I do. Neon user edition, Manjaro, Calculate (gentoo with installer, without systemd), Kali RR and log in wit gui and work in GUI environment. I have the first three listed distros on ex4 and on the btfrs file system. It is devastating that someone is forcing the btrfs file system, and just because they say it for free, we realized that it was wrong. We are not in kindergarten so we develop toys, I do not want to play with something that is not for play, for these reasons I have cited an example of a drug that now, after so many years, is found to cause cancer, a cure for the stomach that I have used all the time . While I used windows a little, I never had as many problems with as many re-installations as in linux. I need linux to do the same thing as windows and not to study and look for glitches that someone makes in a strong desire to prove something and I don't know what they want. (In reply to Nate Graham from comment #86) > I understand that you're frustrated. I'm frustrated too. If you have the > appropriate technical skills, you could help to review > https://phabricator.kde.org/D21795 and https://phabricator.kde.org/D21783? > That's the path forward here. I have checked both the links and I don't see any movement to fix this problem and no discussion on my report. When can I have my desktop back??? PLEASE! give me an ETA. *** Bug 417190 has been marked as a duplicate of this bug. *** So, this bug is pestering KDE users for a decade already. Is David Faure still alive or does he has other hobbies nowadays? Isn't this a sign on the wall to NOT use KIO at all and revert back to the state that it just worked? (In reply to blueball from comment #95) > So, this bug is pestering KDE users for a decade already. > > Is David Faure still alive or does he has other hobbies nowadays? > > Isn't this a sign on the wall to NOT use KIO at all and revert back to the > state that it just worked? My best advice is change to XFCE and stop putting up with fools that think they are Gods. I did. XFCE has come a long way and it is a stable secure DE and the developers listen to their users. XFCE is now the default DE for Kali for this reason. The Kali developers got tired of fixing there developers screw ups and went to XFCE. Another good reason to change is these developers don't do proper security testing of their code using the common tools of the industry. Please read my attached report in PDF from several months ago. I confirm that I'm still alive (to the best of my knowledge). I'm however not knowledgeable with polkit/kauth stuff, others are working on that, as shown on the linked phabricator tasks in comment 86. Since me being the default assignee for all KIO issues leads to personal attacks (for what's apparently a change in dolphin, completely out of my hands!!), I'll change the bugzilla setup, so that only issues I'm actually working on are marked as assigned to me. A possibly relevant merge request was started @ https://invent.kde.org/frameworks/kio/-/merge_requests/143 *** Bug 429066 has been marked as a duplicate of this bug. *** Seeing as this has been in the backlog for over a decade already, would be helpful to allow launching dolphin in 'su' or 'sudo' sessions in the meantime. It is reasonable to assume after all these years that the fix will not arrive "soon", and would save a lot of headaches for end users by not having to temporarily move to other file managers which have no such restrictions. For that, see https://invent.kde.org/system/dolphin/-/merge_requests/43. That revert was stuck for a year. I don't see it going anywhere with dissatisfied users being called "vocal minority". I'm not speaking for myself, as I don't mind doing stuff via terminal. However, KDE lately was aiming more towards new users. Why would they be forced to learn their way around console, or to keep different file manager just to edit some files in restricted areas? (In reply to petrk from comment #102) > That revert was stuck for a year. I don't see it going anywhere with > dissatisfied users being called "vocal minority". > > I'm not speaking for myself, as I don't mind doing stuff via terminal. > However, KDE lately was aiming more towards new users. Why would they be > forced to learn their way around console, or to keep different file manager > just to edit some files in restricted areas? I wrote about this back in 2019 and they aren't going to listen. The developers here seem to know better than you and me and are protecting us from ourselves. My best fix found is XFCE. It is a great DE and the developers don't mess with root access. BTW I was a KDE user since the 90's and finally gave up. (In reply to Bo Weaver from comment #103) > (In reply to petrk from comment #102) > > That revert was stuck for a year. I don't see it going anywhere with > > dissatisfied users being called "vocal minority". > > > > I'm not speaking for myself, as I don't mind doing stuff via terminal. > > However, KDE lately was aiming more towards new users. Why would they be > > forced to learn their way around console, or to keep different file manager > > just to edit some files in restricted areas? > > I wrote about this back in 2019 and they aren't going to listen. The > developers here seem to know better than you and me and are protecting us > from ourselves. My best fix found is XFCE. It is a great DE and the > developers don't mess with root access. BTW I was a KDE user since the 90's > and finally gave up. Never finished the story, happiness there is a Krusader, so it is possible to start this file manager in root mode with sudo. Sometimes a great program Dolphin is nothing now. Discover the same hour works or doesn't work or need an eternity to load update. Every update of the plasme happens, I am interfering, I have the impression that something changes and there is no purpose. I advertised on the forum Thermal Monitor KJI works in all other Linuxima and only the update plasms from 5.21 to 5.22 it was raiding, Instal Xysguard does not help me. Developers are more and more like Windows developers, they know what we need and think of us and protect us from ourselves. Created attachment 143028 [details] attachment-20868-0.html > It is a great DE and the developers don't mess with root access. I myself use icewm but I use some great KDE applications such as konsole. Okular is also fine. I don't use KDE5 myself, largely because it became too much of a hassle to compile it from source. I can compile most of it but then "startx" no longer works; it crashes soon after it tries to load. KDE3 worked fine; I have no idea why the quality decreased so much. For the record I can compile from source and use startx for icewm, fluxbox, mate-desktop, xfce, lxqt. Somehow the big DEs moved towards Average Joe - which is ok in itself, but they also dumbed things down for the power users immensely. No idea why the KDE devs joined that - perhaps economic reasons. See GNOME. The issue in regards to pestering the superuser is deeper, though and not solely confined to kio or any individual component. I could not use kate as the superuser. I read the code and in the CPP source code there are a few lines #define - so the whole application is deliberately and maliciously crippled via ~5 lines. You remove it, then recompile and it works fine. Other editors don't have this crippling aspect. I have no idea why the kate devs went that route. I tried to explain to them that it is utterly stupid to cripple functionality that works perfectly well. The proper use may be to show a warning but continue to use rather than this "I won't start at all because YOU ARE A BAD BOY". I decide for my own anyway and other editors work fine so why is some random average joe KDE dev thinking he knows it all better? To the point of crippling functionality? The usual "argument" used is "because YOU COULD KILL PEOPLE" aka "damage your system". I could not care any less about it. I care about devs crippling my system randomly and arbitrarily - that part is annoying. THAT is the big problem with both KDE and GNOME - individual devs who think they are right and then subject and subjugate the downstream users. This point is made even worse by the fact that it's just a few crappy #defines. I mean IF you really want to restrict the super user because you hate the super user then at the least write beautiful code that restricts this RATHER THAN THIS CRAP FEW #define STATEMENTS that are an insult to any 8 years old that can use an editor as-is. There used to be a work around for kate via an ENV variable. I tried it - and it did not work. That was years ago. I then complained about it. At first it seemed to effect change, but then, whoever is calling the shots, decided that KDE is now going for the Average Joe and Average Joe is never ever allowed to be super user. Ever. For whatever the reason (again, I don't understand it, but these devs cater to the average joe, and they have a point too - we power users are in the minority now. Everything has been dumbed down and the restrictions to cripple functionality in regards to the superuser is PRECISELY one example of this dumb-down trend. And it will continue, we all know that. The bigger the DE, the more and more dumbed down it will be - just look at GNOME for where KDE is headed. Note: I have nothing against simplifications or usability improvements. What I have something against is the attempt to restrict and cripple users deliberately rather than assume that they know better and can decide for their own - and yes, we can decide, but not when topdown developers want to coerce others into their world view. And THAT is the fundamental problem.) On Wed, Oct 27, 2021 at 10:44 AM lega99 <bugzilla_noreply@kde.org> wrote: > https://bugs.kde.org/show_bug.cgi?id=179678 > > --- Comment #104 from lega99 <dragan.legic@mail.ru> --- > (In reply to Bo Weaver from comment #103) > > (In reply to petrk from comment #102) > > > That revert was stuck for a year. I don't see it going anywhere with > > > dissatisfied users being called "vocal minority". > > > > > > I'm not speaking for myself, as I don't mind doing stuff via terminal. > > > However, KDE lately was aiming more towards new users. Why would they > be > > > forced to learn their way around console, or to keep different file > manager > > > just to edit some files in restricted areas? > > > > I wrote about this back in 2019 and they aren't going to listen. The > > developers here seem to know better than you and me and are protecting us > > from ourselves. My best fix found is XFCE. It is a great DE and the > > developers don't mess with root access. BTW I was a KDE user since the > 90's > > and finally gave up. > > Never finished the story, happiness there is a Krusader, so it is possible > to > start this file manager in root mode with sudo. Sometimes a great program > Dolphin is nothing now. Discover the same hour works or doesn't work or > need an > eternity to load update. Every update of the plasme happens, I am > interfering, > I have the impression that something changes and there is no purpose. I > advertised on the forum Thermal Monitor KJI works in all other Linuxima and > only the update plasms from 5.21 to 5.22 it was raiding, Instal Xysguard > does > not help me. Developers are more and more like Windows developers, they > know > what we need and think of us and protect us from ourselves. > > -- > You are receiving this mail because: > You are on the CC list for the bug. This imho silly decision to disable sudo access to Dolphin just created negative publicity outside our GNU/Linux echo chamber. This is from a quite famous Youtuber doing a "Linux challenge": https://www.youtube.com/watch?v=5MAlgKdsdvg&t=2886s It is a reality check and a wake-up call if we ever needed one. As a longtime KDE user and donor I can only hope that with this new exposure of KDE to the general public thanks to (among other things) Valve's Steam Deck, this bug and other major ones such as https://bugs.kde.org/show_bug.cgi?id=360478 are finally going to see some love... Maybe even Valve should be approached and encouraged to invest some manpower for the bug squashing? Hi. Please delete this comment if you think that it brings nothing of value here. I'm not intending to disobey any rules or anything.
> This imho silly decision to disable sudo access to Dolphin just created
> negative publicity outside our GNU/Linux echo chamber. This is from a quite
> famous Youtuber doing a "Linux challenge":
> https://www.youtube.com/watch?v=5MAlgKdsdvg&t=2886s
>
> It is a reality check and a wake-up call if we ever needed one.
I am an example of a person who found out about this issue via this video. And it won't be an exaggeration to say that I'm just astonishingly shocked after reading the history of this issue and comments here. I've never used KDE much, but I've always assumed that it is a software made by professional people that works in the interest of its user. Oh boy, how wrong have I been. I would've expected this kind of hostile behavior toward users and ignoring their needs from Microsoft, or maybe Adobe. Somehow, you the KDE authors have managed to be even worse here.
I've decided that I will never use KDE in the future, regardless of whether this particular issue gets fixed or not, and I will promote the same message to other people. I sincerely believe that there should be no place in the software industry for this kind of anti-user behaviour.
(In reply to Yaroslavik from comment #107) > Hi. Please delete this comment if you think that it brings nothing of value > here. I'm not intending to disobey any rules or anything. > > > This imho silly decision to disable sudo access to Dolphin just created > > negative publicity outside our GNU/Linux echo chamber. This is from a quite > > famous Youtuber doing a "Linux challenge": > > https://www.youtube.com/watch?v=5MAlgKdsdvg&t=2886s > > > > It is a reality check and a wake-up call if we ever needed one. > I am an example of a person who found out about this issue via this video. > And it won't be an exaggeration to say that I'm just astonishingly shocked > after reading the history of this issue and comments here. I've never used > KDE much, but I've always assumed that it is a software made by professional > people that works in the interest of its user. Oh boy, how wrong have I > been. I would've expected this kind of hostile behavior toward users and > ignoring their needs from Microsoft, or maybe Adobe. Somehow, you the KDE > authors have managed to be even worse here. > I've decided that I will never use KDE in the future, regardless of whether > this particular issue gets fixed or not, and I will promote the same message > to other people. I sincerely believe that there should be no place in the > software industry for this kind of anti-user behaviour. This issue is a major frustration for me as well. I still use KDE because it gives me a lot of flexibility in other areas, and is not as dumbed down as Gnome, or as archaic as XFCE. Actually, when I think about it, the fact that you can no longer customize things graphically to any serious extent in e.g. Gnome is almost as painful. Still, I agree that denying root priveleges is a major violation of a fundamental concept in Linux. You can get round it by e.g. using Krusader, but why should you? I've recently tried MX Linux and I was amazed to find that Dolphin does work there as it should. No problem going into root mode. So they must have "hacked" it for their distro. I would definitely use MX Linux, then, if it weren't for the fact that they've got their own limitations which affect me: I've got an optimus laptop (Intel + Nvidia GFX card) and I can't run the whole system on Nvidia, I can only start individual apps in "Nvidia mode", which can work as long as you don't need to use HDMI output (which is routed from the Nvidia card) - so no other monitors, no projectors.... Also, Cuda doesn't work on MX Linux, so no wasy to use GPU rendering in Blender. But for those who don't need these features, MX Linux KDE might be the distro. This has been merged with the commits in https://invent.kde.org/frameworks/kio/-/merge_requests/143 for KIO 5.90! Thanks to Jan blackquill and Chinmoy Ranjan Pradhan! *** Bug 173385 has been marked as a duplicate of this bug. *** *** Bug 392662 has been marked as a duplicate of this bug. *** Hi, so kio now supports policykit but I can't copy files to the root locations. I also tried installing dolphin version 22.03.90, but nothing changes. What should I do? I'm on Manjaro *** Bug 453306 has been marked as a duplicate of this bug. *** Reopening as this was reverted It's in progress again with https://invent.kde.org/frameworks/kio/-/merge_requests/731. Currently approved by David Edmundson, so it's likely (yet again) close to the finish line. *** Bug 463324 has been marked as a duplicate of this bug. *** *** Bug 465813 has been marked as a duplicate of this bug. *** *** Bug 467359 has been marked as a duplicate of this bug. *** *** Bug 470037 has been marked as a duplicate of this bug. *** This is still broken as of version 23.08.04. I get no dialog in kate to run as sudo when editing system files, nor does kdesu work with kate. This is quite frustrating. |