Public bug reported:
Allowed users and groups as admins for pkexec are defined in:
/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin;unix-group:localadmin
As you can see, I added unix-group:localadmin
My user is localadmin-user1 who is in the local group localadmin. It does not
matter if I create a new configuration file
/etc/polkit-1/localauthority.conf.d/99-myadmins.conf or expand the original
51-ubuntu-admin.conf
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin;unix-group:localadmin
If I add the user himself instead of his group localadmin the user is listed
the allowed list for pkexec.
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin;unix-user:localadmin-user1
How to reproduce:
- create local user and group (here: localadmin)
- add unix-group:localadmin to
/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
- pkexec mount
-> the local user in group localadmin is not listed
- add unix-user:localadmin-user1 to
/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
- pkexec mount
-> the local user localadmin-user1 is listed
----
Kubuntu 19.10
policykit-1 0.105-26ubuntu1
SSSD for system authorization including domain
** Affects: policykit-1 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/1853115
Title:
localauthority.conf - AdminIdentities: unix-group is ignored
Status in policykit-1 package in Ubuntu:
New
Bug description:
Allowed users and groups as admins for pkexec are defined in:
/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin;unix-group:localadmin
As you can see, I added unix-group:localadmin
My user is localadmin-user1 who is in the local group localadmin. It does not
matter if I create a new configuration file
/etc/polkit-1/localauthority.conf.d/99-myadmins.conf or expand the original
51-ubuntu-admin.conf
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin;unix-group:localadmin
If I add the user himself instead of his group localadmin the user is listed
the allowed list for pkexec.
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin;unix-user:localadmin-user1
How to reproduce:
- create local user and group (here: localadmin)
- add unix-group:localadmin to
/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
- pkexec mount
-> the local user in group localadmin is not listed
- add unix-user:localadmin-user1 to
/etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
- pkexec mount
-> the local user localadmin-user1 is listed
----
Kubuntu 19.10
policykit-1 0.105-26ubuntu1
SSSD for system authorization including domain
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1853115/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
