desktop-packages team mailing list archive

Thread
Date
[Bug 221363] Re: Policy Kit Unlock Buttons Greyed Out when using NX / VNC / LTSP

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Ben Shadwick <benshadwick@xxxxxxxxx>
Date: Mon, 12 Sep 2011 22:52:37 -0000
Reply-to: Bug 221363 <221363@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
I'm unsure as well, and given the fact that my gdm bug report is still
listed as "UNCONFIRMED" after 4+ months, so I'm not too
motivated/encouraged at this point to perform the legwork necessary to
report this issue everywhere.

It also doesn't do a single thing to prevent future developers from
making the same mistake.

Like Derek, I also wonder if "allow_active" is *ever* appropriate to be
used in favor of "allow_any" (at least by default). I did a search-and-
replace on all files in that directory at one point, but I'm pretty sure
that my changes have been slowly regressing as updated versions of the
affected components are installed on my system.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to system-tools-backends in Ubuntu.
https://bugs.launchpad.net/bugs/221363

Title:
  Policy Kit Unlock Buttons Greyed Out when using NX / VNC / LTSP

Status in FreeNX open source NX Server:
  Fix Released
Status in GDM: The Gnome Display Manager:
  New
Status in PolicyKit:
  Invalid
Status in system-tools-backends:
  Fix Released
Status in “policykit” package in Ubuntu:
  Invalid
Status in “policykit-1” package in Ubuntu:
  Invalid
Status in “system-tools-backends” package in Ubuntu:
  Triaged

Bug description:
  I installed 8.04 LTS server on a system.  Then installed ubuntu-
  desktop using apt.  Installed Nomachine's NX server and connected to
  it.

  The unlock buttons on Users and Groups or Network are greyed out and
  un-accessible.  Tried running from a term 'sudo users-admin' with the
  same results.

  Works fine with VNC and NX "Shadow" session however this is not really
  acceptable as it means a session has to be running on console first.

  I have tried to enable every option in Authorizations to allow the
  remote session to have privileges to no avail.

  output of dpkg relevant packages:

  ii  gnome-system-t 2.22.0-0ubuntu Cross-platform configuration utilities for G
  ii  liboobs-1-4    2.22.0-0ubuntu GObject based interface to system-tools-back
  ii  policykit      0.7-2ubuntu7   framework for managing administrative polici
  ii  system-tools-b 2.6.0-0ubuntu7 System Tools to manage computer configuratio

  ================
  == Workarounds  ==
  ================

  1) *Jaunty or older*

  From
  https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/238799/comments/16
  (the packages from comment 24 are broken links now):

  I was able to get access via VNC tunneled through SSH by changing the
  following settings in policykit. You can do it locally via
  Authorizations, or you can do it remotely using "sudo ck-launch-
  session polkit-gnome-authorization" in a terminal window in your
  tunneled VNC session. This worked on Ubuntu 9.04 Server RC running
  xubuntu-desktop, so as always YMMV.

  For system configuration, change all implicit authorizations under org
  -> freedesktop -> systemtoolsbackends -> Manage System Configuration
  (org.freedesktop.systemtoolsbackends.set) to "Admin Authentication."

  For user management, change all implicit authorizations under org ->
  freedesktop -> systemtoolsbackends -> self -> Change User
  Configuration (org.freedesktop.systemtoolsbackends.self.set) to
  "Authentication."

  Reset gdm by rebooting or running "sudo /etc/init.d/gdm restart" from
  a terminal window, and you should be able to unlock the user settings
  control panel and other similarly useful things through your tunneled
  VNC session.

  2) *Karmic or newer*

  Apply this patch: http://launchpadlibrarian.net/39471473/polkit-systemtools-remote-allow.patch
  # sudo cp -a /usr/share/polkit-1/actions/org.freedesktop.SystemToolsBackends.policy /usr/share/polkit-1/actions/org.freedesktop.SystemToolsBackends.policy.ori
  # sudo patch /usr/share/polkit-1/actions/org.freedesktop.SystemToolsBackends.policy polkit-systemtools-remote-allow.patch

  Then kill polkitd, it will be restarted automatically:
  # sudo pkill polkitd

To manage notifications about this bug go to:
https://bugs.launchpad.net/freenx-server/+bug/221363/+subscriptions