There is a permanent script solution, too. I don’t tested yet.
I had these problems since a few weeks (so maybe 2 or 3 updates on stable)
BUT:
On a longtime, but actual unstable VM with a fresh install of timeshfit, too. (Plamsa X11 and wayland)
On a testing VM not.
So I am not clever enough to understand the the problem in deep. It seem not many user have this problem, but I two times. It is not a big problem, the workaround is very simple. But I want to ask for a advice for a longtime solution. Is there a “*.conf” there I can add this “DISPLAY XAUTHORITY” thing or should I wait for updates and it will disapear ?
Hm, maybe is the problem: I did this a few weeks ago the first time…
[Maybe with all the errors are possible (I think this process is for “not experts” very hard)]
I had this idea on my own, too. But I compared the most files in etc/pam.d with the files in my “working” VM and found no differences. And I have the .pacnew files not anymore …
(no other root-needed application has these problem, its only timeshift. For example Gparted is working [GTK+root])
And KsystemLog says:
|20.08.23 19:21|polkitd|Operator of unix-session:2 successfully authenticated as unix-user:zero to gain ONE-SHOT authorization for action org.freedesktop.policykit.exec for unix-process:47816:3770732 [bash /bin/timeshift-launcher] (owned by unix-user:zero)|
|---|---|---|
|20.08.23 19:21|polkit-kde-authentication-agent-1|Finish obtain authorization: true|
|20.08.23 19:21|pkexec|pam_unix(polkit-1:session): session opened for user root(uid=0) by zero(uid=1000)|
|20.08.23 19:21|pkexec|zero: Executing command [USER=root] [TTY=unknown] [CWD=/home/zero] [COMMAND=/bin/timeshift-gtk]|
|20.08.23 19:21|user@1000.service|cannot open display: |
So for my little understanding polkit and root are OK, but systemd error “cannot open display”.
But Display seems OK for me:
I have new details: polkit use the “wrong” policy.
On system timeshift-gtk starts, shows the details-button on the password-login
“in.teejeetech.pkexec.timeshift-gtk”
For systems with no start it shows:
“org.freedesktop.policykit.exec”
I compared this files and I found this missing in freedesktop:
the “in.teejeetech.pkexec.timeshift-gtk” is already there on not working systems.
Copy the working file to not working system nothing change.
So now is my question: How or where is the decision done: Which policy ?
Not in the timeshift-launcher.
I have this file. And the content looks like a on a working system.
And a copy from the s file from a working system to a problem system nothing changes…
There are many policy files in “actions”.
So how works the assignment?
I thought the launcher would do that (because there is the pkexec thing.
But I found nothing there ,
And the “timeshift-launcher” files on working/problem systems are equal…
You are not supposed to run directdly timeshift-gtk but through timeshift-launcher which sets up the environment.
$ cat /usr/bin/timeshift-launcher
#!/usr/bin/env bash
app_command='timeshift-gtk'
if [ "$(id -u)" -eq 0 ]; then
# user is admin
${app_command}
else
# user is not admin
if echo $- | grep "i" >/dev/null 2>&1; then
# script is running in interactive mode
su - -c "${app_command}"
else
# script is running in non-interactive mode
if [ "$XDG_SESSION_TYPE" = "wayland" ] ; then
xhost +SI:localuser:root
pkexec ${app_command}
xhost -SI:localuser:root
xhost
elif command -v pkexec >/dev/null 2>&1; then
pkexec ${app_command}
elif command -v sudo >/dev/null 2>&1; then
x-terminal-emulator -e "sudo ${app_command}"
elif command -v su >/dev/null 2>&1; then
x-terminal-emulator -e "su - -c '${app_command}'"
else
x-terminal-emulator -e "echo 'Command must be run as root user: ${app_command}'"
fi
fi
fi
Yes. I watched this file few times now…
But where is the hint for which policy?
And I think the call of “pkexec” here is doing the “thing” with the policy!
