Hi just got off phone with friend about her system. She has just told me that Policykit has been coming up for days saying an action that requires root privilages needs a password and she has been just cancelling it. I had her try to open yast which should have asked for her root password and her root password didn’t work showing only media check and update under software management and a message YAST running with non-root privileges.
To my knowledge we were never using policykit as I heard it is nothing but trouble especially with root passwords. how can I get rid of policykit and reset her password for her. Her sign-on Mary has a password which gives her root ability when needed. Any ideal what to do, can’t upgrade to 42.1/.2/.3 if we can’t get back root privilege.
PolKit authentication only comes up when an application running with user privileges requests (via polkitd) an action that will require root privileges. What is your friend trying to do specifically?
I had her try to open yast which should have asked for her root password and her root password didn’t work showing only media check and update under software management and a message YAST running with non-root privileges.
That’s unrelated to PolKit though.
To my knowledge we were never using policykit as I heard it is nothing but trouble especially with root passwords.
How had you actively inhibited it then? (It’s been an active authentication framework for years.)
There are security implications with trying to circumvent PolKit, but it is possible to make a system more permissive if you understand the risks involved.
I never tried to circumvent polkit. when I set our systems up, I designated autosign-in of a single main user and items like YAST prompt for the root password. Policykit shows in the launch menu under system but I never click it as it has always been unclear how to use it. An internet search brought up tons of horror stories of losing root privilage after using it. I suspect she may have clicked it by accident and not knowing how to use linux may have changed things.
1.Originally, she was having trouble with her modem and was trying to get back her internet access. She had multiple settings in her kwallet where there should only have been one setting. We cleared the invalid and unrecognized settings and she got back internet and wifi-printer access then she told me that on the next start-up she kept getting Polacykit box asking for password and kwallet asking for password continuously.
She seems to have only guest privilages on her main account which use to have superuser rights. Using YAST won’t let her login using her root password saying it is wrong. Using superuser terminal says access denied when she uses her root password and policykit pops up asking for root password which then says the password is wrong.
Up to now we were just trying to recover and sort files from her previous dead systems into an NTFS partition on the working system. Tonight I was going to walk her through upgrading 13.2 to Leap 42.1 and then do a 42.1 to 42.3 upgrade tomorrow. And that’s when she told me policykit won’t let her open YAST to check her repos.
what do you mean her account had super user rights did you edit the sudoers file or was the root password the same as the user account (that does not make her account an administrator account it’'s an ordinary user who happens to have the same password as root)
from what you are describing it would seam kdewallet is asking for her password I don’t use kdewallet but it might be asking for a master password not necessarily her account password most definitely not the root password
did she do a graphical logon with the root account? that could messed things beyond recognition
unless that’s a custom config with an encrypted lvm just to what arvidjaar suggested
during boot press the ‘e’ key and add
init=/bin/sh
to the boot parameters then reset the root password after you boot into shell mount the root partition and change the root password
# mount -o remount,rw /dev/sda1 /mnt
# cd /mnt
# chroot /mnt
# passwd
replace sda1 with the root partition you might need to run fdisk to list your partitions
if her /home partition is fine just do a clean install of 42.3 there is little to be gained doing an upgrade from 13.x to LEAP as kde4 has been killed off years ago and afaik kdewallet in LEAP is a kf5 app and does not use the old kde4 database of passwords (I might be wrong)
Looked over both of these, I have a live 13.2 USB as does she. I recall boot suse 13.2 live, install suse 13.2, and memtest but don’t recall a recovery mode??
going to init=/bin/sh is something I have no knowledge on how to do. Because it appears she is somehow changed to guest instead of privileged user I am not sure we can get to a super-console even with sudo or su.
Sounds like you’ve been reading myths and legends rather than the actual documentation.
1.Originally, she was having trouble with her modem and was trying to get back her internet access. She had multiple settings in her kwallet where there should only have been one setting. We cleared the invalid and unrecognized settings and she got back internet and wifi-printer access then she told me that on the next start-up she kept getting Polacykit box asking for password and kwallet asking for password continuously.
She seems to have only guest privilages on her main account which use to have superuser rights. Using YAST won’t let her login using her root password saying it is wrong. Using superuser terminal says access denied when she uses her root password and policykit pops up asking for root password which then says the password is wrong.
This doesn’t read like a PolKit issue though. Resetting the root password does take some technical proficiency as well. Like arvidjaar already mentioned, the easiest way is to edit grub2, so that it boot in single-user mode with ‘init=/bin/sh’. Then the root password can be changed with the ‘passwd’ command.
Up to now we were just trying to recover and sort files from her previous dead systems into an NTFS partition on the working system. Tonight I was going to walk her through upgrading 13.2 to Leap 42.1 and then do a 42.1 to 42.3 upgrade tomorrow. And that’s when she told me policykit won’t let her open YAST to check her repos.
Sound like there’s a bit of confusion here. PolKit is not involved with this. YaST uses sudo privileges to gain the required root access.
Get to the grub screen and press ‘e’ to edit. Arrow down to the ‘linux’ line and cursor to the end of the entries thre. Remove “quiet splash” and add ‘single’ and ‘init=/bin/sh’. Then press F10 to boot.
When you get a ‘#’ prompt, run the passwd command and enter the desired root password. When done reboot. Hopefully, that’s all that’s required.
You are right. When I set her system up I made one main user with shared root password with root. At login she is auto-logged in and if she logs-out she gets her account as the only one showing and enters her password to log back in.
Her home is not on a separate partition. The whole 13.2 tree is on sda1, swap sda2, NTFS on sda3 virtualbox-windows is in home and home has a link to the ntfs such that both virtual windows and linux can share the ntfs partition with all her stuff.
Her usb 13.2 flashdrive is 16GB. I am wondering just how sucessful we will be putting leap 42.3 onto the flashdrive if this mess has cost her her internet and being able to do root functions.