[arch-general] [pam/consolekit] Help needed for desktop permission handling
seblu at seblu.net
Mon Jan 31 02:40:37 EST 2011
On Mon, Nov 22, 2010 at 2:01 PM, Ionuț Bîru <ibiru at archlinux.org> wrote:
> On 11/21/2010 04:55 PM, Andreas Radke wrote:
>> Recent display managers (gdm, kdm and lxdm) can handle their own
>> polkit/consolekit session through pam access. The gnome/xfce4-session
>> packages only have basic access to consolekit and since the consolekit
>> 0.4.2 in testing they can't deal with it anymore.
> indeed in consolekit 0.4.2 the default behavior is to not trust anyone
> unless is specified by a third party like gdm/kdm/etc. For other we need to
> authorized them using pam
>> As a workaround I have plans to ship files in xfce4-session as proto
>> files where the admin can add users or groups to allow certain actions:
>> /etc/polkit-1/localauthority/50-local.d/org.freedesktop.upower.pkla and
>> and maybe one for udisk
>> something like https://aur.archlinux.org/packages.php?ID=42669 .
>> This could also be done each in the consolekit/upower/udisks packages.
> the last one we rejected https://bugs.archlinux.org/task/21029 couples of
> weeks ago.
>> But all this is crap working around some nasty bugs in our
>> pam pkg not allowing direct access to consolekit. Please have a look at
> first one is a must for easy management in the future
Hello, I dug up this old thread to know if someone find a suitable
solution to use slim (or startx) + window manager working correctly
with consolekit > 0.4.1 ?
Slim was recently updated with a patch which remove "Host" setting
from PAM and Ionut updated shadow package to add pam_ck_connector to
I make some test tonight and i don't find a right way to have active =
TRUE and is-local = TRUE in ck-list-session with slim login or from a
startx from a console shell.
My best solution is with is-local=TRUE and active = FALSE (with this,
networkmanger is not working!).
More information about the arch-general