Not being asked for password

I just installed Garuda and have it completely setup to my liking and loving the stability, smoothness, and speed of it. I noticed when I moved my mounts I was not asked for a password to prove I authorized the action. I just ignored it as a nice feature since on everything else I've done that should popup a password prompt does. Today however I launched Timeshift and was not prompted to enter my password to authorize the action. Is this by design, and if so how do I go about making the OS ask for authorization for things like launching Timeshift or moving mounts? Thanks

1 Like

Nope.
Please post in and output from terminal

inxi -Fza
whoami

as text!

1 Like
╭─[email protected] in ~  
╰─λ inxi -Fza
whoami
System:    Kernel: 5.12.10-zen1-1-zen x86_64 bits: 64 compiler: gcc v: 11.1.0  
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen root=UUID=78688345-46c9-46e1-9ff4-63d70dd964a1  
rw ro[email protected] quiet splash rd.udev.log_priority=3 vt.global_cursor_default=0
systemd.unified_cgroup_hierarchy=1 loglevel=3
Desktop: KDE Plasma 5.22.0 tk: Qt 5.15.2 wm: kwin_x11 vt: 1 dm: SDDM Distro: Garuda Linux  
base: Arch Linux  
Machine:   Type: Desktop System: ASUS product: N/A v: N/A serial: <filter>  
Mobo: ASUSTeK model: ROG STRIX B550-F GAMING v: Rev X.0x serial: <filter>  
UEFI: American Megatrends v: 2006 date: 03/19/2021  
Battery:   Device-1: hidpp_battery_0 model: Logitech Wireless Mouse M325 serial: <filter>  
charge: 55% (should be ignored) rechargeable: yes status: Discharging  
Device-2: hidpp_battery_1 model: Logitech Wireless Keyboard K360 serial: <filter>  
charge: 100% (should be ignored) rechargeable: yes status: Discharging  
CPU:       Info: 6-Core model: AMD Ryzen 5 3600 bits: 64 type: MT MCP arch: Zen 2 family: 17 (23)  
model-id: 71 (113) stepping: 0 microcode: 8701021 cache: L2: 3 MiB  
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 86235  
Speed: 3593 MHz min/max: 2200/3600 MHz boost: enabled Core speeds (MHz): 1: 3593 2: 3852  
3: 3593 4: 3592 5: 3415 6: 3615 7: 3593 8: 3594 9: 3593 10: 3585 11: 3590 12: 3592  
Vulnerabilities: Type: itlb_multihit status: Not affected  
Type: l1tf status: Not affected  
Type: mds status: Not affected  
Type: meltdown status: Not affected  
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl and seccomp  
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization  
Type: spectre_v2  
mitigation: Full AMD retpoline, IBPB: conditional, STIBP: conditional, RSB filling  
Type: srbds status: Not affected  
Type: tsx_async_abort status: Not affected  
Graphics:  Device-1: NVIDIA TU116 [GeForce GTX 1650 SUPER] vendor: eVga.com. driver: nvidia v: 465.31  
alternate: nouveau,nvidia_drm bus-ID: 08:00.0 chip-ID: 10de:2187 class-ID: 0300  
Display: x11 server: X.Org 1.20.11 compositor: kwin_x11 driver: loaded: nvidia display-ID: :0  
screens: 1  
Screen-1: 0 s-res: 2560x1080 s-dpi: 97 s-size: 670x283mm (26.4x11.1") s-diag: 727mm (28.6")  
Monitor-1: HDMI-0 res: 2560x1080 hz: 60 dpi: 97 size: 673x284mm (26.5x11.2")  
diag: 730mm (28.8")  
OpenGL: renderer: NVIDIA GeForce GTX 1650 SUPER/PCIe/SSE2 v: 4.6.0 NVIDIA 465.31  
direct render: Yes  
Audio:     Device-1: NVIDIA TU116 High Definition Audio vendor: eVga.com. driver: snd_hda_intel v: kernel  
bus-ID: 08:00.1 chip-ID: 10de:1aeb class-ID: 0403  
Device-2: AMD Starship/Matisse HD Audio vendor: ASUSTeK driver: snd_hda_intel v: kernel  
bus-ID: 0a:00.4 chip-ID: 1022:1487 class-ID: 0403  
Sound Server-1: ALSA v: k5.12.10-zen1-1-zen running: yes  
Sound Server-2: JACK v: 0.125.0 running: no  
Sound Server-3: PulseAudio v: 14.2 running: yes  
Sound Server-4: PipeWire v: 0.3.30 running: yes  
Network:   Device-1: Intel Ethernet I225-V vendor: ASUSTeK driver: igc v: kernel port: N/A bus-ID: 07:00.0  
chip-ID: 8086:15f3 class-ID: 0200  
IF: enp7s0 state: up speed: 1000 Mbps duplex: full mac: <filter>  
Drives:    Local Storage: total: 20.82 TiB used: 9.34 TiB (44.8%)  
SMART Message: Unable to run smartctl. Root privileges required.  
ID-1: /dev/nvme0n1 maj-min: 259:3 vendor: Seagate model: XPG GAMMIX S11 Pro size: 476.94 GiB  
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD  
serial: <filter> rev: 32B3T8EB scheme: GPT  
ID-2: /dev/nvme1n1 maj-min: 259:0 vendor: Patriot model: Viper M.2 VPN100 size: 238.47 GiB  
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD  
serial: <filter> rev: ECFM22.6 scheme: GPT  
ID-3: /dev/sda maj-min: 8:0 type: USB vendor: Seagate model: Expansion HDD size: 7.28 TiB  
block-size: physical: 4096 B logical: 512 B serial: <filter> rev: 1801 scheme: GPT  
ID-4: /dev/sdb maj-min: 8:16 type: USB vendor: Seagate model: ST8000AS0002-1NA17Z  
size: 7.28 TiB block-size: physical: 4096 B logical: 512 B rotation: 5980 rpm serial: <filter>  
scheme: GPT  
ID-5: /dev/sdc maj-min: 8:32 type: USB vendor: Seagate model: ST330006 51NS size: 2.73 TiB  
block-size: physical: 4096 B logical: 512 B serial: <filter> rev: 7101 scheme: GPT  
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?  
ID-6: /dev/sdd maj-min: 8:48 type: USB vendor: Seagate model: ST3000DM 001-1E6166  
size: 2.73 TiB block-size: physical: 4096 B logical: 512 B serial: <filter> rev: 7101  
scheme: GPT  
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?  
ID-7: /dev/sde maj-min: 8:64 type: USB vendor: PNY model: USB 3.0 FD size: 115.38 GiB  
block-size: physical: 512 B logical: 512 B serial: <filter> rev: PMAP scheme: MBR  
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?  
Partition: ID-1: / raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs  
dev: /dev/nvme0n1p2 maj-min: 259:5  
ID-2: /boot/efi raw-size: 256 MiB size: 252 MiB (98.46%) used: 546 KiB (0.2%) fs: vfat  
dev: /dev/nvme0n1p1 maj-min: 259:4  
ID-3: /home raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs  
dev: /dev/nvme0n1p2 maj-min: 259:5  
ID-4: /var/log raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs  
dev: /dev/nvme0n1p2 maj-min: 259:5
ID-5: /var/tmp raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs
dev: /dev/nvme0n1p2 maj-min: 259:5
Swap:      Kernel: swappiness: 10 (default 60) cache-pressure: 75 (default 100)
ID-1: swap-1 type: zram size: 1.3 GiB used: 261.3 MiB (19.6%) priority: 32767 dev: /dev/zram0
ID-2: swap-2 type: zram size: 1.3 GiB used: 255.1 MiB (19.2%) priority: 32767 dev: /dev/zram1
ID-3: swap-3 type: zram size: 1.3 GiB used: 262.2 MiB (19.7%) priority: 32767 dev: /dev/zram2
ID-4: swap-4 type: zram size: 1.3 GiB used: 264.6 MiB (19.9%) priority: 32767 dev: /dev/zram3
ID-5: swap-5 type: zram size: 1.3 GiB used: 265.4 MiB (19.9%) priority: 32767 dev: /dev/zram4
ID-6: swap-6 type: zram size: 1.3 GiB used: 260 MiB (19.5%) priority: 32767 dev: /dev/zram5
ID-7: swap-7 type: zram size: 1.3 GiB used: 262.2 MiB (19.7%) priority: 32767 dev: /dev/zram6
ID-8: swap-8 type: zram size: 1.3 GiB used: 273 MiB (20.5%) priority: 32767 dev: /dev/zram7
ID-9: swap-9 type: zram size: 1.3 GiB used: 243.6 MiB (18.3%) priority: 32767 dev: /dev/zram8
ID-10: swap-10 type: zram size: 1.3 GiB used: 247 MiB (18.6%) priority: 32767 dev: /dev/zram9
ID-11: swap-11 type: zram size: 1.3 GiB used: 256.4 MiB (19.3%) priority: 32767
dev: /dev/zram10
ID-12: swap-12 type: zram size: 1.3 GiB used: 251.7 MiB (18.9%) priority: 32767
dev: /dev/zram11
Sensors:   System Temperatures: cpu: 43.4 C mobo: 0 C gpu: nvidia temp: 49 C
Fan Speeds (RPM): N/A gpu: nvidia fan: 0%
Info:      Processes: 431 Uptime: 1d 2h 24m wakeups: 415 Memory: 15.6 GiB used: 7.48 GiB (47.9%)
Init: systemd v: 248 tool: systemctl Compilers: gcc: 11.1.0 clang: 12.0.0 Packages: 1928
pacman: 1903 lib: 549 flatpak: 19 snap: 6 Shell: fish v: 3.2.2 default: Zsh v: 5.8
running-in: konsole inxi: 3.3.04
jigsaw

╭─[email protected] in ~ took 1s
╰─λ

please.
There are two individual commands in the terminal

1 Like

I think the output to whoami was jigsaw

2 Likes

This is default behavior set after an update. Not only Timeshift, but also KDE's Discover does the same — does not ask for password to install an app. I think it is by design... :thinking:

@SGS sorry about that. yes "jigsaw" is the output for the second command. @SameExpert Discover isn't installed in this version of Garuda, and is fine by me that the devs didn't include it. I honestly don't know if the behavior with Timeshift and Disk are deliberate or not. If deliberate I'm sure the devs had their reasons for it. It's just that I would prefer the programs to ask for my password since once in awhile someone else is on my system, but not often enough to warrant creating them their own user account.

I suspect your new mountpoint(s) have root privileges. This is unexpected behavior in Garuda or Arch. Try assigning new UUIDs? (Guessing--never experienced this myself.)

4 Likes

I think you've got it as far as having root permission. I normally create a parent folder and subfolders for my mounts, then mount to them, then take ownership of them. This time I took ownership of the parent folder and it's subfolders before changing the mount points.

I agree with the question. Mounting drives without a password is not an issue at all, but timeshift without password may lead to vulnerabilities.

Also, try opening gparted, and see if it is only issue with timeshift.

2 Likes

Launching Gparted was one of the first things I attempted after noticing Timeshift and I get prompted for my password.

1 Like

This (no-password for root actions) behavior comes from polkit rules defined from garuda-common-settings package.
You may read how to customize this at Archwiki.

In the man page there is an explanation of the order rules are parsed (if you want to create a custom rule to override an existing one).

8 Likes

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.