Hello,
I'm not aware of anything apparent that should affect that. AFAIK mozjs
changed IIRC twice between those versions and then there was a
vulnerability mitigation.
Can you please provide outputs from journal?
Also, do you happen to have an option to downgrade to 0.118 or lower to
determine the version to blame?
In case of further questions, don't hesitate to reach out to me.
Thanks.
Jan Rybar
On Tue, Jun 7, 2022 at 12:07 PM Piotr Łobacz <piotr.lob...@vm.pl> wrote:
> Hi all,
> I am facing an issue with polkit rules for pkexec. Currently when i try to
> run an application with pkexec command I'm facing an error:
>
> Jun 07 09:46:06 eg pkexec[59699]: test: Error executing command as another
> user: Not authorized [USER=root] [TTY=/dev/pts/0] [CWD=/home/root]
> [COMMAND=/usr/sbin/nft]
>
> the rule for this to be run, looks like this:
>
> polkit.addRule(function(action, subject) {
> user_app = [
> '/bin/chmod',
> '/bin/chown',
> '/bin/rm',
> '/sbin/ifconfig',
> '/sbin/route',
> '/usr/sbin/update-ca-certificates',
> '/usr/bin/hostnamectl',
> '/usr/bin/iotedge',
> '/usr/bin/swupdate',
> '/usr/bin/timedatectl',
> '/usr/sbin/dmidecode',
> '/usr/sbin/eg_reboot',
> '/usr/sbin/factory_reset',
> '/usr/sbin/grub_console',
> '/usr/sbin/nft',
> '/usr/sbin/read_admin_keys',
> '/usr/sbin/useradd',
> '/usr/sbin/userdel'
> ];
> if (action.id == "org.freedesktop.policykit.exec" && subject.user ==
> "tes" && user_app.includes(action.lookup("program"))) {
> return polkit.Result.YES;
> }
> });
>
> and is stored in /etc/polkit-1/rules.d/30-sbin-test.rules. This was all
> working before, with polkit 0.116, but now we have switched to newer yocto
> 4.0 and there is polkit 0.119, with which it stopped working for us. Does
> something has changed in the polkitd service and I'm missing it?
>
> BR
> Piotr
>
>
>
