on my laptop running leap 15.5 and KDE I locked screen and I tried to perform sleep action but it doesn’t works, so, I tried to hibernate but it doesnt works too, I unlocked my screen and found this advice:
so I suspected that sleep action also didn’t work for the same reason.
first I think it is a bug that this advice doesn’t appear in the locked screen becouse who is locking should know that root password is requested.
second, is it possible to sleep and hibernate with multiple users without root password?
Keep in mind that it will allow every user to suspend/hibernate, even if user is logged in remotely. You may consider auth_admin:yes:yes instead of plain yes to at least restrict it to locally logged in users. See man set_polkit_default_privs and man polkit-default-privs for details.
Well … the request is displayed by polkit authentication agent which runs as part of your user session. But the whole purpose of screen saver is to completely hide your session and show something else. To display this request on locked screen your screen saver needs to effectively implement polkit authentication agent internally (because nothing else can display anything while screensaver is running). So it is not exactly a bug, rather design problem and arguably missing functionality.
You may consider contacting support channels or bug tracker of the screen saver program you are using to at least start discussion.
manythanks, I did what you said me and after a reboot hibernate works with two users (I never used so recently hibernate to remember well, is it correct that when I press the ON button the GRUB appear to me? ) and choosing the correct voice in GRUB the two user sessions come up
but sleep doesn’t work with two users, it remain as if it was only locked, this is my file:
#
# /etc/polkit-default-privs.local
#
# This file is used by the set_polkit_default_privs tool to generate polkit
# rules. It is meant for local overrides of the active profile (defined in
# /etc/sysconfig/security) by the administrator of the system: any definitions
# here take precedence over the distribution defaults in
# /etc/polkit-default-privs.<profile>.
#
# The syntax for this file is defined in polkit-default-privs(5). Note that you
# need to run /sbin/set_polkit_default_privs for changes to take effect.
#2023-12-10dic-aggiunte da pla per permettere sleep e hibernate con multiutenti
org.freedesktop.login1.hibernate-multiple-sessions auth_admin:yes:yes
org.freedesktop.login1.suspend-multiple-sessions auth_admin:yes:yes
I checked if what I did in polkit was good,
I found this command but it seems that the insertion in /etc/polkit-default-privs.local
and the command /sbin/set_polkit_default_privs
didn’t worked.
is this command to check the permission in polkit action correct ?
pla@plaST:~> pkaction -v --action-id org.freedesktop.login1.suspend-multiple-sessions
org.freedesktop.login1.suspend-multiple-sessions:
description: Suspend the system while other users are logged in
message: Authentication is required to suspend the system while other users are logged in.
vendor: The systemd Project
vendor_url: https://systemd.io
icon:
implicit any: auth_admin_keep
implicit inactive: auth_admin_keep
implicit active: yes
annotation: org.freedesktop.policykit.imply -> org.freedesktop.login1.suspend
pla@plaST:~> pkaction -v --action-id org.freedesktop.login1.suspend
org.freedesktop.login1.suspend:
description: Suspend the system
message: Authentication is required to suspend the system.
vendor: The systemd Project
vendor_url: https://systemd.io
icon:
implicit any: auth_admin_keep
implicit inactive: auth_admin_keep
implicit active: yes
pla@plaST:~>
No, it shows you the defaults from the action definition. The rules are JavaScript files so it is simply impossible to show “the current permissions” because they are computed when authorization is requested. You can use pkcheck to display what permissions would be computed for a given subject (usually some process).
