I just installed Garuda and have it completely setup to my liking and loving the stability, smoothness, and speed of it. I noticed when I moved my mounts I was not asked for a password to prove I authorized the action. I just ignored it as a nice feature since on everything else I've done that should popup a password prompt does. Today however I launched Timeshift and was not prompted to enter my password to authorize the action. Is this by design, and if so how do I go about making the OS ask for authorization for things like launching Timeshift or moving mounts? Thanks
1 Like
Nope.
Please post in and output from terminal
inxi -Fza
whoami
as text!
1 Like
╭─jigsaw@NSAFieldStation in ~
╰─λ inxi -Fza
whoami
System: Kernel: 5.12.10-zen1-1-zen x86_64 bits: 64 compiler: gcc v: 11.1.0
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen root=UUID=78688345-46c9-46e1-9ff4-63d70dd964a1
rw rootflags=subvol=@ quiet splash rd.udev.log_priority=3 vt.global_cursor_default=0
systemd.unified_cgroup_hierarchy=1 loglevel=3
Desktop: KDE Plasma 5.22.0 tk: Qt 5.15.2 wm: kwin_x11 vt: 1 dm: SDDM Distro: Garuda Linux
base: Arch Linux
Machine: Type: Desktop System: ASUS product: N/A v: N/A serial: <filter>
Mobo: ASUSTeK model: ROG STRIX B550-F GAMING v: Rev X.0x serial: <filter>
UEFI: American Megatrends v: 2006 date: 03/19/2021
Battery: Device-1: hidpp_battery_0 model: Logitech Wireless Mouse M325 serial: <filter>
charge: 55% (should be ignored) rechargeable: yes status: Discharging
Device-2: hidpp_battery_1 model: Logitech Wireless Keyboard K360 serial: <filter>
charge: 100% (should be ignored) rechargeable: yes status: Discharging
CPU: Info: 6-Core model: AMD Ryzen 5 3600 bits: 64 type: MT MCP arch: Zen 2 family: 17 (23)
model-id: 71 (113) stepping: 0 microcode: 8701021 cache: L2: 3 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 86235
Speed: 3593 MHz min/max: 2200/3600 MHz boost: enabled Core speeds (MHz): 1: 3593 2: 3852
3: 3593 4: 3592 5: 3415 6: 3615 7: 3593 8: 3594 9: 3593 10: 3585 11: 3590 12: 3592
Vulnerabilities: Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl and seccomp
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2
mitigation: Full AMD retpoline, IBPB: conditional, STIBP: conditional, RSB filling
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: NVIDIA TU116 [GeForce GTX 1650 SUPER] vendor: eVga.com. driver: nvidia v: 465.31
alternate: nouveau,nvidia_drm bus-ID: 08:00.0 chip-ID: 10de:2187 class-ID: 0300
Display: x11 server: X.Org 1.20.11 compositor: kwin_x11 driver: loaded: nvidia display-ID: :0
screens: 1
Screen-1: 0 s-res: 2560x1080 s-dpi: 97 s-size: 670x283mm (26.4x11.1") s-diag: 727mm (28.6")
Monitor-1: HDMI-0 res: 2560x1080 hz: 60 dpi: 97 size: 673x284mm (26.5x11.2")
diag: 730mm (28.8")
OpenGL: renderer: NVIDIA GeForce GTX 1650 SUPER/PCIe/SSE2 v: 4.6.0 NVIDIA 465.31
direct render: Yes
Audio: Device-1: NVIDIA TU116 High Definition Audio vendor: eVga.com. driver: snd_hda_intel v: kernel
bus-ID: 08:00.1 chip-ID: 10de:1aeb class-ID: 0403
Device-2: AMD Starship/Matisse HD Audio vendor: ASUSTeK driver: snd_hda_intel v: kernel
bus-ID: 0a:00.4 chip-ID: 1022:1487 class-ID: 0403
Sound Server-1: ALSA v: k5.12.10-zen1-1-zen running: yes
Sound Server-2: JACK v: 0.125.0 running: no
Sound Server-3: PulseAudio v: 14.2 running: yes
Sound Server-4: PipeWire v: 0.3.30 running: yes
Network: Device-1: Intel Ethernet I225-V vendor: ASUSTeK driver: igc v: kernel port: N/A bus-ID: 07:00.0
chip-ID: 8086:15f3 class-ID: 0200
IF: enp7s0 state: up speed: 1000 Mbps duplex: full mac: <filter>
Drives: Local Storage: total: 20.82 TiB used: 9.34 TiB (44.8%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/nvme0n1 maj-min: 259:3 vendor: Seagate model: XPG GAMMIX S11 Pro size: 476.94 GiB
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD
serial: <filter> rev: 32B3T8EB scheme: GPT
ID-2: /dev/nvme1n1 maj-min: 259:0 vendor: Patriot model: Viper M.2 VPN100 size: 238.47 GiB
block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 rotation: SSD
serial: <filter> rev: ECFM22.6 scheme: GPT
ID-3: /dev/sda maj-min: 8:0 type: USB vendor: Seagate model: Expansion HDD size: 7.28 TiB
block-size: physical: 4096 B logical: 512 B serial: <filter> rev: 1801 scheme: GPT
ID-4: /dev/sdb maj-min: 8:16 type: USB vendor: Seagate model: ST8000AS0002-1NA17Z
size: 7.28 TiB block-size: physical: 4096 B logical: 512 B rotation: 5980 rpm serial: <filter>
scheme: GPT
ID-5: /dev/sdc maj-min: 8:32 type: USB vendor: Seagate model: ST330006 51NS size: 2.73 TiB
block-size: physical: 4096 B logical: 512 B serial: <filter> rev: 7101 scheme: GPT
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?
ID-6: /dev/sdd maj-min: 8:48 type: USB vendor: Seagate model: ST3000DM 001-1E6166
size: 2.73 TiB block-size: physical: 4096 B logical: 512 B serial: <filter> rev: 7101
scheme: GPT
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?
ID-7: /dev/sde maj-min: 8:64 type: USB vendor: PNY model: USB 3.0 FD size: 115.38 GiB
block-size: physical: 512 B logical: 512 B serial: <filter> rev: PMAP scheme: MBR
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?
Partition: ID-1: / raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs
dev: /dev/nvme0n1p2 maj-min: 259:5
ID-2: /boot/efi raw-size: 256 MiB size: 252 MiB (98.46%) used: 546 KiB (0.2%) fs: vfat
dev: /dev/nvme0n1p1 maj-min: 259:4
ID-3: /home raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs
dev: /dev/nvme0n1p2 maj-min: 259:5
ID-4: /var/log raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs
dev: /dev/nvme0n1p2 maj-min: 259:5
ID-5: /var/tmp raw-size: 476.68 GiB size: 476.68 GiB (100.00%) used: 39.88 GiB (8.4%) fs: btrfs
dev: /dev/nvme0n1p2 maj-min: 259:5
Swap: Kernel: swappiness: 10 (default 60) cache-pressure: 75 (default 100)
ID-1: swap-1 type: zram size: 1.3 GiB used: 261.3 MiB (19.6%) priority: 32767 dev: /dev/zram0
ID-2: swap-2 type: zram size: 1.3 GiB used: 255.1 MiB (19.2%) priority: 32767 dev: /dev/zram1
ID-3: swap-3 type: zram size: 1.3 GiB used: 262.2 MiB (19.7%) priority: 32767 dev: /dev/zram2
ID-4: swap-4 type: zram size: 1.3 GiB used: 264.6 MiB (19.9%) priority: 32767 dev: /dev/zram3
ID-5: swap-5 type: zram size: 1.3 GiB used: 265.4 MiB (19.9%) priority: 32767 dev: /dev/zram4
ID-6: swap-6 type: zram size: 1.3 GiB used: 260 MiB (19.5%) priority: 32767 dev: /dev/zram5
ID-7: swap-7 type: zram size: 1.3 GiB used: 262.2 MiB (19.7%) priority: 32767 dev: /dev/zram6
ID-8: swap-8 type: zram size: 1.3 GiB used: 273 MiB (20.5%) priority: 32767 dev: /dev/zram7
ID-9: swap-9 type: zram size: 1.3 GiB used: 243.6 MiB (18.3%) priority: 32767 dev: /dev/zram8
ID-10: swap-10 type: zram size: 1.3 GiB used: 247 MiB (18.6%) priority: 32767 dev: /dev/zram9
ID-11: swap-11 type: zram size: 1.3 GiB used: 256.4 MiB (19.3%) priority: 32767
dev: /dev/zram10
ID-12: swap-12 type: zram size: 1.3 GiB used: 251.7 MiB (18.9%) priority: 32767
dev: /dev/zram11
Sensors: System Temperatures: cpu: 43.4 C mobo: 0 C gpu: nvidia temp: 49 C
Fan Speeds (RPM): N/A gpu: nvidia fan: 0%
Info: Processes: 431 Uptime: 1d 2h 24m wakeups: 415 Memory: 15.6 GiB used: 7.48 GiB (47.9%)
Init: systemd v: 248 tool: systemctl Compilers: gcc: 11.1.0 clang: 12.0.0 Packages: 1928
pacman: 1903 lib: 549 flatpak: 19 snap: 6 Shell: fish v: 3.2.2 default: Zsh v: 5.8
running-in: konsole inxi: 3.3.04
jigsaw
╭─jigsaw@NSAFieldStation in ~ took 1s
╰─λ
please.
There are two individual commands in the terminal
1 Like
I think the output to whoami was jigsaw
2 Likes
This is default behavior set after an update. Not only Timeshift, but also KDE's Discover does the same — does not ask for password to install an app. I think it is by design... 
@SGS sorry about that. yes "jigsaw" is the output for the second command. @SameExpert Discover isn't installed in this version of Garuda, and is fine by me that the devs didn't include it. I honestly don't know if the behavior with Timeshift and Disk are deliberate or not. If deliberate I'm sure the devs had their reasons for it. It's just that I would prefer the programs to ask for my password since once in awhile someone else is on my system, but not often enough to warrant creating them their own user account.
I suspect your new mountpoint(s) have root privileges. This is unexpected behavior in Garuda or Arch. Try assigning new UUIDs? (Guessing--never experienced this myself.)
4 Likes
I think you've got it as far as having root permission. I normally create a parent folder and subfolders for my mounts, then mount to them, then take ownership of them. This time I took ownership of the parent folder and it's subfolders before changing the mount points.
I agree with the question. Mounting drives without a password is not an issue at all, but timeshift without password may lead to vulnerabilities.
Also, try opening gparted, and see if it is only issue with timeshift.
2 Likes
Launching Gparted was one of the first things I attempted after noticing Timeshift and I get prompted for my password.
1 Like
This (no-password for root actions) behavior comes from polkit rules defined from garuda-common-settings package.
You may read how to customize this at Archwiki.
In the man page there is an explanation of the order rules are parsed (if you want to create a custom rule to override an existing one).
8 Likes
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.