Bug 385525 - Entering root password doesn't grant root privs, when launched from kicker
Summary: Entering root password doesn't grant root privs, when launched from kicker
Status: RESOLVED DUPLICATE of bug 259678
Alias: None
Product: partitionmanager
Classification: Applications
Component: general (show other bugs)
Version: 3.1
Platform: Fedora RPMs Linux
: NOR crash
Target Milestone: ---
Assignee: Andrius Štikonas
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-09 17:46 UTC by Jonathan Wakely
Modified: 2017-12-15 15:14 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Jonathan Wakely 2017-10-09 17:46:23 UTC 
kde-partitionmanager-3.1.2-1.fc26.x86_64

If I run KPM from the kicker menu as a normal user and enter the root password when prompted, it doesn't get root privs.

I start paritionmanager form the kicker menu, which creates a prompt:

  The action you requested needs root privileges. Please enter root's password
  below, or click Ignore to continue with your current privileges.

  Command: KDE_FULL_SESSION=true XDG_RUNTIME_DIR=/run/user/1001
  DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus partitionmanager
  --dontsu

After entering the root password (and clicking OK, or pressing Enter) I get another prompt, saying "Warning: You do not have adminstrative privileges. It is possible to run KDE Partition Manager without these privileges. You will, however, ..."

i.e. it makes no difference whether I enter the root password or choose "Ignore", it always proceeds without root privs. If I choose to continue then I get a crash that drkonqi tells me is a dup of Bug 383636. But I don't really want to continue without root privs, I want entering the password to work.

If I run partitionmanager from the terminal, as a normal user, I get prompted for the root password and it works properly, starting the application with root privs. So the problem is only when run from the kicker menu.

When the prompt for the root password appears, the journal shows:


Oct 09 18:43:41 wraith.home kdesu[7938]: No X authentication info set for display ":0"
Oct 09 18:43:42 wraith.home kdesu[7938]: No X authentication info set for display ":0"


After I enter the root password I see:

Oct 09 18:43:51 wraith.home audit[7948]: USER_AUTH pid=7948 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home audit[7948]: USER_ACCT pid=7948 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home audit[7948]: CRED_ACQ pid=7948 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home su[7948]: (to root) jwakely on pts/13
Oct 09 18:43:51 wraith.home su[7948]: pam_systemd(su:session): Cannot create session: Already running in a session
Oct 09 18:43:51 wraith.home su[7948]: pam_unix(su:session): session opened for user root by (uid=1000)
Oct 09 18:43:51 wraith.home audit[7948]: USER_START pid=7948 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home su[7948]: pam_unix(su:session): session closed for user root
Oct 09 18:43:51 wraith.home audit[7948]: USER_END pid=7948 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home audit[7948]: CRED_DISP pid=7948 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home kwin_x11[2011]: QXcbConnection: XCB error: 3 (BadWindow), sequence: 7871, resource id: 104857615, major code: 18 (ChangeProperty), minor code: 0
Oct 09 18:43:51 wraith.home kdesu[7938]: No X authentication info set for display ":0"
Oct 09 18:43:51 wraith.home audit[7955]: USER_AUTH pid=7955 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home audit[7955]: USER_ACCT pid=7955 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home su[7955]: (to root) jwakely on pts/13
Oct 09 18:43:51 wraith.home audit[7955]: CRED_ACQ pid=7955 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home su[7955]: pam_systemd(su:session): Cannot create session: Already running in a session
Oct 09 18:43:51 wraith.home su[7955]: pam_unix(su:session): session opened for user root by (uid=1000)
Oct 09 18:43:51 wraith.home audit[7955]: USER_START pid=7955 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home audit[7961]: ANOM_ABEND auid=1000 uid=0 gid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=7961 comm="partitionmanage" exe="/usr/bin/partitionmanager" sig=6 res=1
Oct 09 18:43:51 wraith.home partitionmanager[7961]: QXcbConnection: Could not connect to display :0
Oct 09 18:43:51 wraith.home systemd[1]: Started Process Core Dump (PID 7962/UID 0).
Oct 09 18:43:51 wraith.home audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-coredump@36-7962-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 09 18:43:51 wraith.home audit[7955]: USER_END pid=7955 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:51 wraith.home audit[7955]: CRED_DISP pid=7955 uid=1000 auid=1000 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=wraith.home addr=? terminal=pts/13 res=success'
Oct 09 18:43:52 wraith.home audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-coredump@36-7962-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 09 18:43:51 wraith.home systemd-coredump[7965]: Resource limits disable core dumping for process 7961 (partitionmanage).
Oct 09 18:43:51 wraith.home su[7955]: pam_unix(su:session): session closed for user root
Oct 09 18:43:51 wraith.home systemd-coredump[7965]: Process 7961 (partitionmanage) of user 0 dumped core.
Oct 09 18:43:51 wraith.home kwin_x11[2011]: QXcbConnection: XCB error: 3 (BadWindow), sequence: 9709, resource id: 104857616, major code: 18 (ChangeProperty), minor code: 0
Oct 09 18:43:52 wraith.home abrt-dump-journal-core[1461]: Failed to obtain all required information from journald
Oct 09 18:43:52 wraith.home abrt-dump-journal-core[1461]: Failed to save detect problem data in abrt database

So this might not be a problem with partitionmanager, but with kdesu(?) instead.
Comment 1 Andrius Štikonas 2017-10-09 17:55:50 UTC 
Hmm, not sure what is hapenning. Is your kdesu configured to use su or sudo?

In principle we want to move away from running KPM as root. kdesu is obsolete. But porting to KAuth/Polkit will take time, as quite a lot of refactoring is needed (e.g. need to port away from libparted). Once KPM runs rootless, this should resolve anyway...
Comment 2 Jonathan Wakely 2017-10-09 18:01:39 UTC 
(In reply to Andrius Štikonas from comment #1)
> Hmm, not sure what is hapenning. Is your kdesu configured to use su or sudo?

I have no idea.

I have no ~/.config/kdesurc file. I used kwriteconfig5 to tell it to use sudo, and tried to start partitionmanager from kicker again. This time when I entered my root password and pressed enter the dialog froze, and I had to kill it! (Close the window, then confirm I wanted to terminate the non-responsive application).

If I change back to using 'su' I get the original behaviour. So it looks like using 'sudo' doesn't work either, but fails differently (I guess I need to edit sudoers to allow it? but it shouldn't just hang).
Comment 3 Andrius Štikonas 2017-10-09 18:04:32 UTC 
Yeah, something is strange. It shouldn't just hang. Maybe try getting some help from Fedora users. This might be configuration issue, so they might be able to help more.
Comment 4 Jonathan Wakely 2017-10-09 18:05:22 UTC 
OK thanks
Comment 5 Andrius Štikonas 2017-12-15 15:14:50 UTC 
Well, KAuth support is improving (even though it is not released yet), so I'll mark this as a dublicate of KAuth bug.

Once KAuth support lands in, kdesu or sudo will no longer be used.

*** This bug has been marked as a duplicate of bug 259678 ***