freenx-team team mailing list archive

Thread
Date
[Bug 221363] Re: Policy Kit Unlock Buttons Greyed Out when using NX / VNC / LTSP

To: freenx-team@xxxxxxxxxxxxxxxxxxx
From: houstonbofh <leesharp@xxxxxxxxxx>
Date: Tue, 02 Mar 2010 23:15:06 -0000
Reply-to: Bug 221363 <221363@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
You forgot to add "ssh -X" to the title.  Yes, it is a bad decision, in
my opinion.

-- 
Policy Kit Unlock Buttons Greyed Out when using NX / VNC / LTSP
https://bugs.launchpad.net/bugs/221363
You received this bug notification because you are a member of FreeNX
Team, which is the registrant for FreeNX Server.

Status in FreeNX open source NX Server: Fix Released
Status in PolicyKit: Invalid
Status in “policykit” package in Ubuntu: Confirmed
Status in “policykit-1” package in Ubuntu: Confirmed

Bug description:
I installed 8.04 LTS server on a system.  Then installed ubuntu-desktop using apt.  Installed Nomachine's NX server and connected to it.

The unlock buttons on Users and Groups or Network are greyed out and un-accessible.  Tried running from a term 'sudo users-admin' with the same results.

Works fine with VNC and NX "Shadow" session however this is not really acceptable as it means a session has to be running on console first.

I have tried to enable every option in Authorizations to allow the remote session to have privileges to no avail.

output of dpkg relevant packages:

ii  gnome-system-t 2.22.0-0ubuntu Cross-platform configuration utilities for G
ii  liboobs-1-4    2.22.0-0ubuntu GObject based interface to system-tools-back
ii  policykit      0.7-2ubuntu7   framework for managing administrative polici
ii  system-tools-b 2.6.0-0ubuntu7 System Tools to manage computer configuratio

================
== Workarounds  ==
================

1) *Jaunty or older*

>From https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/238799/comments/16 (the packages from comment 24 are broken links now):

I was able to get access via VNC tunneled through SSH by changing the following settings in policykit. You can do it locally via Authorizations, or you can do it remotely using "sudo ck-launch-session polkit-gnome-authorization" in a terminal window in your tunneled VNC session. This worked on Ubuntu 9.04 Server RC running xubuntu-desktop, so as always YMMV.

For system configuration, change all implicit authorizations under org -> freedesktop -> systemtoolsbackends -> Manage System Configuration (org.freedesktop.systemtoolsbackends.set) to "Admin Authentication."

For user management, change all implicit authorizations under org -> freedesktop -> systemtoolsbackends -> self -> Change User Configuration (org.freedesktop.systemtoolsbackends.self.set) to "Authentication."

Reset gdm by rebooting or running "sudo /etc/init.d/gdm restart" from a terminal window, and you should be able to unlock the user settings control panel and other similarly useful things through your tunneled VNC session.

2) *Karmic or newer*

Apply this patch: http://launchpadlibrarian.net/39471473/polkit-systemtools-remote-allow.patch
# sudo cp -a /usr/share/polkit-1/actions/org.freedesktop.SystemToolsBackends.policy /usr/share/polkit-1/actions/org.freedesktop.SystemToolsBackends.policy.ori
# sudo patch /usr/share/polkit-1/actions/org.freedesktop.SystemToolsBackends.policy polkit-systemtools-remote-allow.patch

Then kill polkitd, it will be restarted automatically:
# sudo pkill polkitd