| Summary: | kdesu do not let launch "kate" from some months ago | ||
|---|---|---|---|
| Product: | [I don't know] kde | Reporter: | Rafael Linux User <rafael.linux.user> |
| Component: | general | Assignee: | Unassigned bugs mailing-list <unassigned-bugs> |
| Status: | RESOLVED DOWNSTREAM | ||
| Severity: | normal | CC: | fabian, nate, rafael.linux.user |
| Priority: | NOR | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Platform: | openSUSE | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
| Sentry Crash Report: | |||
|
Description
Rafael Linux User
2023-11-14 11:58:53 UTC
Normally what you're doing shouldn't be necessary; Kate includes Polkit support, so you can just open the file normally, edit it, save it, and enter your password when prompted to save your changes to disk. However the openSUSE packagers have patched out PolKit support in Kate, causing you to need to turn to this workaround. As a result I'm afraid you're using Kate in a configuration unsupported by the developers, and I would encourage you to contact the openSUSE folks for support. Thanks for understanding! You can use EDITOR="kate -b" sudoedit /etc/fstab instead. (In reply to Nate Graham from comment #1) > Normally what you're doing shouldn't be necessary; Kate includes Polkit > support, so you can just open the file normally, edit it, save it, and enter > your password when prompted to save your changes to disk. > > However the openSUSE packagers have patched out PolKit support in Kate, > causing you to need to turn to this workaround. Well, *had* to... Please file a bug report downstream and compain to the security team. > As a result I'm afraid > you're using Kate in a configuration unsupported by the developers, and I > would encourage you to contact the openSUSE folks for support. > > Thanks for understanding! (In reply to Fabian Vogt from comment #2) > > However the openSUSE packagers have patched out PolKit support in Kate, > > causing you to need to turn to this workaround. > > Well, *had* to... Please file a bug report downstream and compain to the > security team. I've talked to them in the past about this, and while I understand their perspective regarding potential security vulnerabilities in Polkit and Kate's implementation of it, what I don't understand is removing the feature in favor of re-adding the ability to open a GUI app as root that had been deliberately disabled before. That just re-opens a bigger vulnerability. It feels a bit like saying, "the door to your house is insecure, so we welded the door shut and removed a window so you can enter that way instead". Anyway, this is a conversation for elsewhere. :) (In reply to Nate Graham from comment #3) > (In reply to Fabian Vogt from comment #2) > > > However the openSUSE packagers have patched out PolKit support in Kate, > > > causing you to need to turn to this workaround. > > > > Well, *had* to... Please file a bug report downstream and compain to the > > security team. > > I've talked to them in the past about this, and while I understand their > perspective regarding potential security vulnerabilities in Polkit and > Kate's implementation of it, what I don't understand is removing the feature > in favor of re-adding the ability to open a GUI app as root that had been > deliberately disabled before. That just re-opens a bigger vulnerability. It > feels a bit like saying, "the door to your house is insecure, so we welded > the door shut and removed a window so you can enter that way instead". I asked for that explicitly to show how their policy and decision backfires and ultimately makes it worse - but it led nowhere... > Anyway, this is a conversation for elsewhere. :) Yep. (In reply to Fabian Vogt from comment #2) > You can use EDITOR="kate -b" sudoedit /etc/fstab instead. That's not working for me from "Alt+F2" (krunner). Nothing happens after pressing "Enter". Thank you for your information in this regard. I didn't know if the change was a result of KDE or openSUSE updates. I will tell them about it and see if they come to their senses ... (In reply to Rafael Linux User from comment #6) > Thank you for your information in this regard. I didn't know if the change > was a result of KDE or openSUSE updates. I will tell them about it and see > if they come to their senses ... Note that this is nothing new, it's been this way for several years. It's not clear what actually broke running kate from within kdesu. Maybe the daemonization. I don't know if this can help, but when I launch from CLI the usual "kdesu kate /etc/fstab", journald show this error after entering root password: 16/11/23 9:13 kate qt.qpa.plugin: Could not load the Qt platform plugin "xcb" in "" even though it was found. 16/11/23 9:13 kate This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem. Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, wayland-egl, wayland, wayland-xcomposite-egl, wayland-xcomposite-glx, xcb. 16/11/23 9:13 akonadiserver org.kde.pim.akonadiserver: ItemRetrievalJob for request 12469 finished I'm sorry cause I can't find a toolbar here to give format to my text > Note that this is nothing new, it's been this way for several years.
I'm not sure what do you mean. If it's about "kdesu kate whatever" working, I can confirm it worked until 3 o 4 months ago, before some openSUSE uptdate.
Yeah, it's the feature that kate opens in the background. This makes kdesu quit and the X11 access is revoked. (In reply to Rafael Linux User from comment #9) > > Note that this is nothing new, it's been this way for several years. > > I'm not sure what do you mean. If it's about "kdesu kate whatever" working, > I can confirm it worked until 3 o 4 months ago, before some openSUSE uptdate. Exactly. What Nate is talking about has been the case for way longer than that. Thank you again for all your prompt attention. I will try to find out what security issues openSUSE considers to exist now after being able to use it for years. |