Join Log in
Score:2
ov7a avatar Ubuntu

How to force policy-kit agent to show full information about command line arguments

id flag
ov7a

I am using Ubuntu Mate 20.04 and pkexec to launch apps with admin privileges if needed.

However, when policy agent kit asking to authorize request, there is no enough information to make a decision. For example, if I run

pkexec sh -c 'echo hello'

I'll see this promt:

policy-kit-agent

Note that there is no information about the command I'm trying to execute. So, it would look like the same for dangerous

pkexec sh -c 'rm -rf /'

How can I tweak my setup by configuring or changing agent so I can see more information (e.g. full command line) about action I'm asked to authorize?

182
1 + 0
Score:1
ov7a avatar Ubuntu
id flag
ov7a

The variable responsible for full command line with arguments is command_line. To change it, one can create a custom policy as man pkexec page suggests.

However, I've ended up editing LC_MESSAGES. My locale is en_US, so I've done these steps:

  1. copied /usr/share/locale-langpack/en_GB/LC_MESSAGES/polkit-1.mo
  2. unpacked it with msgunfmt polkit-1.mo -o polkit-1.po
  3. edited polkit-1.po
msgid "Authentication is needed to run `$(program)' as the super user"
msgstr "Authentication is needed to run '$(program)' as the super user"

to

msgid "Authentication is needed to run `$(program)' as the super user"
msgstr "Authentication is needed to run '$(program)' ('$(command_line)') as the super user"

and several similar lines too.

  1. packed it back with msgfmt polkit-1.po -o polkit-1.mo
  2. put it into /usr/share/locale/en_US/LC_MESSAGES/polkit-1.mo
  3. restarted polkit daemon systemctl restart polkit

And now I can get the full command enter image description here

0 + 5
ov7a avatar
id flag
ov7a
One minor issue is quotes, but I think it's ok
0
Reply
N0rbert avatar
zw flag
N0rbert
You have to report your idea upstream as bug-report or pull-request. Otherwise it will be implemented only on your machine and rest of the world can't use it.
0
Reply
ov7a avatar
id flag
ov7a
@N0rbert, that's a nice idea, thanks. However, my solution is just a quick hack, not a proper solution. Changing the original message could break language packs (because msgid contains template itself). I think a better place for full command line would be `Details` block.
0
Reply
ov7a avatar
id flag
ov7a
As for the creating an issue, I've tried to register to freedesktop gitlab with 3 different types of login, and got 500 from each of them. Guess I'll try again later :(
0
Reply
ov7a avatar
id flag
ov7a
https://gitlab.freedesktop.org/polkit/polkit/-/issues/147
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.