Hello Simon, Jonathan, On 30/06/2023 21:05, Simon McVittie wrote: ...
I think it would be better to solve this in live-config rather than in Calamares
... Ah, I see now.I agree, that the fix should not be in the Calamares package, because it would allow users of the sudo group access to Calamares without a prmompt in scenarios that a not live images.
I have been considering to add a fix to live-build, but the proper location would indeed be live-config, which ensures that all live-specific tweaks will disappear after installation of the live image.
Digging deeper:policykit-1 is a transitional packages for Bookworm, so I guess it will be removed in Trixie. I've found the virtual package 'polkit-1-auth-agent' which shows several packages that would probably need to migrate first (e.g. lxpolkit, ukui-polkit and possibly phosh, gnome-flashback, gnome-shell and lxqt-policykit) Also the script '1080-policykit' in 'live-config' generates a folder '/etc/PolicyKit', which is old-style.
Which leaves:* calamares should depend on 'pkexec' (which is explicitly called in the .desktop entry, and pulls in 'polkitd')
* No specific tweaking for polkit rules in calamares is required* The script '1080-policykit' in 'live-config' needs to be updated and live-config be re-released -> MR at [1] * For the live images in Bookworm, the 'live-config' packages needs to be updated there as well.
* A test shows whether the update is working: - Go to https://openqa.debian.net/group_overview/14 - Select the latest BuildXXXX_sid_kde image- If 'gnome_live-build-apps_startstop' shows 'kparted' as a failed test, the fix is not working/active
With kind regards, Roland Clobus [1] https://salsa.debian.org/live-team/live-config/-/merge_requests/13
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature