You are not logged in.
- Topics: Active | Unanswered
#1 2018-08-27 21:24:52
- johnywhy
- Member
- Registered: 2011-10-09
- Posts: 288
Will `pkexec thunar` Break the Local User Environment?
i've read that running GUI apps as root can break the app, because configs written to local user home during the execution will be owned by root. Later, local-user won't be able to run the app, since now root owns it's config files.
the given workaround is:
pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY SomeGuiAppwhich (i think) causes config writes to be done in root home, instead of local-user home. (is that correct?)
is this workaround necessary with thunar?
i'm doing [c]pkexec thunar[/c], and not noticing any errors.
arch xfce x86_64
Offline
#2 2018-08-27 22:26:51
- ToZ
- Administrator
- From: Canada
- Registered: 2011-06-02
- Posts: 11,492
Re: Will `pkexec thunar` Break the Local User Environment?
is this workaround necessary with thunar?
Depends on the policykit definition. Look for a file called org.xfce.thunar.policy on you computer. If it specifies:
<annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>...then those two environment variables are passed. From https://www.freedesktop.org/software/po … xec.1.html:
As a result, pkexec will not by default allow you to run X11 applications as another user since the $DISPLAY and $XAUTHORITY environment variables are not set. These two variables will be retained if the org.freedesktop.policykit.exec.allow_gui annotation on an action is set to a nonempty value
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
#3 2018-08-27 22:35:27
- johnywhy
- Member
- Registered: 2011-10-09
- Posts: 288
Re: Will `pkexec thunar` Break the Local User Environment?
environment variables are passed...variables will be retained
language confuses me. Makes it sound like yes, i have to pass the env variables with pkexec either way, but they may be ignored depending on polkit config. If ignore, then even if you pass them, you could still break the app for the local user.
Correct?
arch xfce x86_64
Offline
#4 2018-08-27 23:33:12
- ToZ
- Administrator
- From: Canada
- Registered: 2011-06-02
- Posts: 11,492
Re: Will `pkexec thunar` Break the Local User Environment?
These variables already exist in your session. "allow_gui=true" will pass them over to the elevated session. This is how gksudo kind of worked. In this case all will be good. Nothing will be broken. This is the "new" way of elevating privileges.
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
#5 2018-08-28 00:50:46
- johnywhy
- Member
- Registered: 2011-10-09
- Posts: 288
Re: Will `pkexec thunar` Break the Local User Environment?
ok, so
env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY
is only needed for GUI apps which don't already have "allow_gui=true" in their polkit policy.
Correct?
arch xfce x86_64
Offline
#6 2018-08-28 01:28:51
- ToZ
- Administrator
- From: Canada
- Registered: 2011-06-02
- Posts: 11,492
Re: Will `pkexec thunar` Break the Local User Environment?
This is my understanding, yes. But a test will let you know for sure.
Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki | Community | Contribute ---
Offline
- Registered users online in this topic: 0, guests: 1
- [Bot] ClaudeBot
[ Generated in 0.007 seconds, 8 queries executed - Memory usage: 536.54 KiB (Peak: 537.38 KiB) ]