Add detection of pkexec root privilege escalation program (#776437)

Many of the distributions (confirmed for Arch Linux, Debian, Fedora,
OpenSUSE, RedHat/CentOS and Ubuntu but likely many others too) are now
using polkit as the mechanism to authorise privileged actions, including
using it to authorise GParted to run as root in their packages of
GParted.  Therefore make the GParted configure script check for the
pkexec command.

Use pkexec with the --disable-internal-agent option when available,
preventing pkexec using it's own textual authentication agent.  When
running GParted from a desktop icon or menu there is no terminal with
which to interact with the textual authentication agent to it can't be
used.  The desktop's graphical agent must be running.  This matches how
some distributions already use polkit in their own packages of GParted.

Required actions file will be added in the next commit.

    polkit(8)
    https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html

    pkexec(1)
    https://www.freedesktop.org/software/polkit/docs/latest/pkexec.1.html

Bug 776437 - GParted fails to run as root under Wayland
This commit is contained in:
Mike Fleetwood 2017-06-20 16:15:12 +01:00 committed by Curtis Gedak
parent 778e21e94c
commit b47528b6f9
2 changed files with 16 additions and 5 deletions

9
README
View File

@ -270,15 +270,18 @@ system. These commands include:
{filemanager} - used in attempt data rescue to display discovered {filemanager} - used in attempt data rescue to display discovered
file systems. (e.g., nautilus, pcmanfm) file systems. (e.g., nautilus, pcmanfm)
hal-lock - used to prevent automounting of file systems hal-lock - used to prevent automounting of file systems
gksudo - used to acquire root privileges in gparted shell pkexec - used to acquire root privileges in gparted shell
script wrapper, but only if available when gparted script wrapper, but only if available when gparted
source is configured source is configured
gksu - alternatively used to acquire root privileges in gksudo - alternatively used to acquire root privileges in
gparted shell script wrapper, second choice if gparted shell script wrapper, second choice if
available when gparted source is configured available when gparted source is configured
kdesudo - alternatively used to acquire root privileges in gksu - alternatively used to acquire root privileges in
gparted shell script wrapper, third choice if gparted shell script wrapper, third choice if
available when gparted source is configured available when gparted source is configured
kdesudo - alternatively used to acquire root privileges in
gparted shell script wrapper, fourth choice if
available when gparted source is configured
xdg-su - alternatively used to acquire root privileges in xdg-su - alternatively used to acquire root privileges in
gparted shell script wrapper, last choice if gparted shell script wrapper, last choice if
available when gparted source is configured available when gparted source is configured

View File

@ -21,9 +21,17 @@ PKG_CHECK_EXISTS
dnl====================== dnl======================
dnl checks for other programs dnl Find graphical privilege escalation program
dnl====================== dnl======================
AC_CHECK_PROGS([GKSUPROG], [gksudo gksu kdesudo "xdg-su -c"], []) AC_CHECK_PROGS([GKSUPROG], [pkexec gksudo gksu kdesudo "xdg-su -c"], [])
if test "x$GKSUPROG" = 'xpkexec'; then
AC_MSG_CHECKING([how to run pkexec])
if pkexec --help 2>&1 | grep -q -- --disable-internal-agent; then
GKSUPROG="$GKSUPROG --disable-internal-agent"
fi
AC_MSG_RESULT([$GKSUPROG])
fi
dnl====================== dnl======================