Aug 23 08:54:44 rpi polkit-agent-helper-1[19494]: pam_sss(polkit-1:auth): authentication failure; logname= uid=558 euid=0 tty= ruser=support rhost= user=support
Aug 23 08:54:44 rpi polkit-agent-helper-1[19494]: pam_sss(polkit-1:auth): received for user support: 10 (User not known to the underlying authentication module)
It would seem pamac uses polkit-1 to authenticate, but it passes the account name of support which is the account originally created during the install. I would think it should pass the current userid.
How does this first account differ from other accounts? How is it special?
I am unable to authenticate authorize against polikit-1, as my current user id. I would think any account that is a member of the wheel group should be able to authenticate authorize to run pamac.
I have no issue running the sudo command, the issue is pamac-manager will only authorize when the password for userid 1000 is entered when prompted, my user account should work, at least in my opinion.
The Arch wiki has this to say: Your user needs to be listed as a member of the group in /etc/group . Merely having it as your primary group does not work with polkit.
This may be where the issue resides… network authentication does not use local files.
I edited the local group file with vigr, and yes, this is exactly the issue. Polkit accesses the local /etc/group file, not by checking groups via pam.d.
I do not believe this issue is properly resolvable in a network authentication environment without a code change to polkit.