Ubuntu 18.04 tigervnc:需要身份验证才能创建颜色配置文件

tag-icon tag-icon 18.04 tightvncserver gnome-color-manager
Ubuntu 18.04 tigervnc:需要身份验证才能创建颜色配置文件

尝试连接到在 Ubuntu 18.04 上运行的 tigervnc 服务器(使用 TigerVNC viewer Windows 客户端)。初始身份验证后,我收到一个额外的身份验证提示,上面写着“需要身份验证才能创建颜色项目...”。这种情况仅在 tigervnc 服务器重启后首次登录时发生。有什么办法可以绕过这个问题吗?

答案1

我通过创建此文件并将权限设置为 644 并将所有者设置为 root:root: 来解决这个问题。

文件名:/etc/polkit-1/localauthority.conf.d/02-allow-colord.conf

内容:

polkit.addRule(function(action, subject) {
  if ((action.id == "org.freedesktop.color-manager.create-device"  ||
       action.id == "org.freedesktop.color-manager.create-profile" ||
       action.id == "org.freedesktop.color-manager.delete-device"  ||
       action.id == "org.freedesktop.color-manager.delete-profile" ||
       action.id == "org.freedesktop.color-manager.modify-device"  ||
       action.id == "org.freedesktop.color-manager.modify-profile"
      ) && (
       subject.isInGroup("{nogroup}")
      )
     )
  {
    return polkit.Result.YES;
  }
});

答案2

让我提取具体的修复方法仅适用于 18.04续集这篇优秀的博客文章后者深入挖掘了该问题的根本原因;前者正确地修复了该问题 — 同时避免了由return polkit.Result.YES;此处和其他地方已发布的解决方案引起的崩溃。

cat << EOF | sudo tee /etc/polkit-1/localauthority/50-local.d/45-allow-colord.pkla
[Allow Colord all Users]
Identity=unix-user:*
Action=org.freedesktop.color-manager.create-device;org.freedesktop.color-manager.create-profile;org.freedesktop.color-manager.delete-device;org.freedesktop.color-manager.delete-profile;org.freedesktop.color-manager.modify-device;org.freedesktop.color-manager.modify-profile
ResultAny=no
ResultInactive=no
ResultActive=yes
EOF

这是相关的仅适用于 PolKit < 0.106pkaction --version)。

对于 PolKit 0.106+ (Ubuntu18.10+)此授权以不同的方式通过 javascript .conf 文件授予:

cat << EOF | sudo tee /etc/polkit-1/localauthority.conf.d/02-allow-colord.conf
polkit.addRule(function(action, subject) {
  if ((action.id == "org.freedesktop.color-manager.create-device"  ||
       action.id == "org.freedesktop.color-manager.create-profile" ||
       action.id == "org.freedesktop.color-manager.delete-device"  ||
       action.id == "org.freedesktop.color-manager.delete-profile" ||
       action.id == "org.freedesktop.color-manager.modify-device"  ||
       action.id == "org.freedesktop.color-manager.modify-profile"
       //-- no group restriction; allow any user to manipulate color profiles!
       //-- uncomment and substitude adm with the group you need, if needed.
       // ) && (
       //  subject.isInGroup("{adm}")
     ))
  {
    return polkit.Result.YES;
  }
});
EOF

相关内容