Can't open root tools using xfce

freak · February 18, 2026, 1:38pm

Hello,

i just installed fresh Slowroll Iso Build 46.2 with xfce desktop due to a drive change.
My old Slowroll was up to date and working fine (except scanner).

Repos are default plus packman.

Now i can’t open tools in root mode like “myrlyn”, “lightdm-gtk” or “gsmartcontrol”.
When clicking the menu entry nothing happens. Opening via terminal works.

I also noted a change to my old Slowroll install when calling sudo in terminal
now the password request pops up in a graphical window which i don’t like.

Any ideas?

gogalthorp · February 18, 2026, 2:00pm

Selinux maybe???

freak · February 18, 2026, 2:59pm

I didn’t make any changes to Selinux while installing and don’t have any experience with it.

sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 35

conram · February 18, 2026, 3:58pm

Can you check if you are in wayland session

xfce4-about

lightdm still doesn’t open in wayland session as root here, but I’m using SDDM.
Myrlyn should work in wayland if you didn’t modify the command to open it. (myrlyn-sudo)
gsmartcontrol I have no clue, I have not use it.

conram · February 18, 2026, 4:14pm

In an effort to help I installed gsmartcontrol. It doesn’t open in wayland session using sudo.
Here is the warning:

Gtk-WARNING **: 11:11:22.878: cannot open display:

Though it opens using
su -c gsmartcontrol

freak · February 18, 2026, 4:17pm

Running X11 on AMD graphic card here.

shundhammer · February 18, 2026, 4:48pm

Does myrlyn-sudo work for you? It really should.

It takes care of preserving a number of environment variables across the sudo call:

github.com/shundhammer/myrlyn

src/myrlyn-sudo

master

#!/bin/bash
#
# Wrapper around 'sudo' for Myrlyn that can open a graphical password prompt
# and that can keep the connection to the display (X11 or Wayland) alive
# as well as some well-defined environment variables.
#
# Author:  Stefan Hundhammer <Stefan.Hundhammer@gmx.de>
# License: GPL V2

MYRLYN_ARGS=$*
MYRLYN_SUDO_CONF=$HOME/.config/openSUSE/myrlyn-sudo.conf

if [ -f $MYRLYN_SUDO_CONF ]; then
    # echo "Reading variables from $MYRLYN_SUDO_CONF"
    source $MYRLYN_SUDO_CONF
fi

# Environment variables to keep for the 'sudo' call
ENV_KEEP="DISPLAY WAYLAND_DISPLAY XAUTHORITY XDG_RUNTIME_DIR \
QT_QPA_PLATFORMTHEME QT_ENABLE_HIGHDPI_SCALING QT_SCALE_FACTOR \

This file has been truncated. show original

If you don’t like the graphical password prompt, copy it and change the last line to

sudo /usr/bin/env $ENV /usr/bin/myrlyn $MYRLYN_ARGS

This might also help to understand the problem and what’s going on:

github.com/shundhammer/myrlyn

[Doc] Myrlyn Root Authentication Without Root Password

opened 05:08PM - 16 Jun 25 UTC

closed 06:01PM - 16 Jun 25 UTC

shundhammer

doc

## Problem For installing / updating / removing packages or patterns, or for ad…ding / modifying / removing repos, you need to start Myrlyn with _root_ privileges. But since it's a GUI program, you need to keep the connection to the display alive. The first versions of Myrlyn used `xdg-su` for this which is just a fancy script around KDE Plasma's `kdesu`, GNOME `gnomesu` or an `xterm` running `su -c` in a shell to ask for the password. But they all ask for the **root** password. But beginning with Leap 16.0 (or SLES-16), setting a root password is no longer required during installation; the first user account created during the installation is automatically added to the _wheel_ user group which is traditionally meant to grant its members system administration (i.e. root) privileges. That can lead to the situation where you install without setting a root password, but trying to start the shiny new sysadmin tools like Myrlyn asks you for a root password, effectively locking you out of their use. While you can still use `sudo zypper ...` commands, that is a frustrating situation. ## Related Bugs and Media - [bsc#1243813](https://bugzilla.suse.com/show_bug.cgi?id=1243813) _Need root password to start GUI admin tools like Myrlyn_ - [bsc#1243764](https://bugzilla.suse.com/show_bug.cgi?id=1243764) _Myrlyn (and other tools) do not work because installer allows installing without root password_ - YouTube: Low Tech Linux: [OpenSUSE Leap 16 revisited. Checking out Myrlyn...](https://www.youtube.com/watch?v=Bn52eB-MhTg&t=676s) - YouTube: Nicht der Weisheit letzter Schluß: [openSUSE Leap 16 Beta ohne yast](https://youtu.be/Zaw0yAK4Rcc?si=uSBX4O28z9K8jKji&t=999) (German)

conram · February 18, 2026, 4:49pm

Could be a bug

freak · February 18, 2026, 4:52pm

myrlyn-sudo via terminal is opening. myrlyn via xfce menu and nothing happens. same with other tools that require root priviliges.

yes looks like a bug.

shundhammer · February 18, 2026, 4:56pm

Check if you have the sudo-policy-wheel-auth-self package installed. This sets up sudo to give the members of the wheel user group root privileges, and - important - it asks for your user password, not the root password.

If you are not already, add your user account to the wheel user group:

sudo usermod -aG wheel $USER

freak · February 18, 2026, 5:01pm

Conflicting packages. This is a fresh install.

Problem: 1: das installierte run0-wrappers-0.4+git20260109.43967c3-1.1.x86_64 steht im Konflikt mit ‘sudo-policy-wheel-auth-self’, das von dem zu installierenden sudo-policy-wheel-auth-self-1.9.17p2-1.1.noarch bereitgestellt wird
Lösung 1: Deinstallation von run0-wrappers-0.4+git20260109.43967c3-1.1.x86_64
Lösung 2: sudo-policy-wheel-auth-self-1.9.17p2-1.1.noarch nicht installieren

shundhammer · February 18, 2026, 5:08pm

If you are not actively and intentionally using run0-wrappers, you might want to choose solution (1) to remove it in favor of sudo-policy-wheel-auth-self.

You can still use the plain run0 without that package if you really want to. I found the good old sudo much better, but that’s just my opinion.

freak · February 18, 2026, 5:14pm

I don’t even know about run0-wrappers and already was wondering why i couldn’t find the sudo config file in /etc.

I downloaded Slowroll Build 44.6 Iso. Maybe i try a fresh install instead.

shundhammer · February 18, 2026, 5:24pm

Like many other configurations, the system configuration is now in /usr/etc/sudoers (usr because it’s from the system - don’t ask) and /usr/etc/sudoers.d/.

A file in /etc/sudoers.d or /etc/sudoers will override values from /usr/etc.

If that sounds more complicated, that’s because it is. But it’s also much more flexible.

A fresh installation won’t improve anything; you’ll be right back where you are right now. Some things have simply changed (don’t they always).

freak · February 18, 2026, 5:32pm

I see and think it has something to do with usr merge. Those things don’t happen in FreeBSD or Slackware.

run0-wrapper seems like it’s a systemd component…

I had a fresh Slowroll installation end of last year and no problems with sudo and graphical polkit popup windows.

shundhammer · February 18, 2026, 5:44pm

The usr-merge was about moving everything from /bin → /usr/bin and /sbin → /usr/sbin.

This configuration split is actually intended to make life easier for admins: All packages come with a default configuration, and that is now in /usr/etc, and in many cases split up into small pieces so several system components / packages can bring their own specific configuration snippet. If a package is updated, there is no more conflict between the system default and whatever the admin might have configured personally, because those custom configs now live separately in /etc or /etc/mysubsystem.d/50-my-snippet.conf.

A package update on Debian / Ubuntu would ask in such a case if you’d want to keep your own custom config or overwrite it with the package’s default config; an RPM package OTOH would create a .rpmsave file, and you never knew if that was your lost opportunity to get a much better new default for that thing, or if they’d renamed and thus ignored your own holy config.

Now a new package can change the default config, and if you didn’t touch it, you get some new additional parameters with it, but your personal config is still there, and it still overrides any values from the system config.

It does make sense, and it is an improvement, but it makes everything a bit more complicated:

You have to know that /usr/etc/mysubsystem.d and /usr/etc/mysubsystem exist and copy some values from there
You need to create a new /etc/mysubsystem.d/50-my-holy.conf with those values - and only those - that you want to change.

But you now can also backup those snippets for archiving and to distribute to your other machines, and that’s really cool.

It takes some getting used to, but you might like it over time. I do.

shundhammer · February 18, 2026, 5:50pm

Yes, of course; another small step from the Poettering universe to take over world domination.

run0 (“run as user #0”, i.e. root) is the systemd universe version of sudo. I learned about it from a pull request against Myrlyn:

And I modified it to have a stand-alone version for fans of run0, but without making myrlyn-sudo a lot more complex. It now lives as myrlyn-run0 here:

github.com/shundhammer/myrlyn

src/attic/myrlyn-run0

master

#!/bin/bash
#
# Wrapper around systemd 'run0' for Myrlyn that can open a graphical password
# prompt and that can keep the connection to the display (X11 or Wayland) alive
# as well as some well-defined environment variables.
#
# EXPERIMENTAL - use at your own risk!
#
# Inspired by pull request #122 by @zeusgoose
#
# Author:  Stefan Hundhammer <Stefan.Hundhammer@gmx.de>
# License: GPL V2

MYRLYN_ARGS=$*

# Environment variables to keep for the 'run0' call,
# taken from 'myrlyn-sudo'
ENV_KEEP="DISPLAY WAYLAND_DISPLAY XAUTHORITY XDG_RUNTIME_DIR \
QT_QPA_PLATFORMTHEME QT_ENABLE_HIGHDPI_SCALING QT_SCALE_FACTOR \
LANG LC_MESSAGES LC_COLLATE LC_NUMERIC LC_TIME LC_ALL LANGUAGE"

This file has been truncated. show original

freak · February 18, 2026, 6:05pm

Thanks for the illustration.

I prefer the KISS principle and my main reason i’m trying Slowroll is because of the rolling release/up to date system and i don’t like being an Arch beta tester.

Seems to me like openSUSE changed something in sudo calls within the last months.

shundhammer · February 18, 2026, 6:09pm

Yes, sudo on openSUSE now behaves like it always did on Debian and Ubuntu; if you install that package sudo-policy-wheel-auth-self.

That means that you can now give some privileges to do some minor admin tasks (enable / diable printer etc.) to a user without telling the root password.

freak · February 18, 2026, 7:31pm

I reinstalled Slowroll with an older Iso hoping it would fix the issue under xfce but still tools with root priviliges wouldn’t open.

Tried replacing run0-wrappers with sudo-policy-wheel-auth-self package fixed it.
You were right. Now i have the old behaviour and everything is working.

Thank you.