Bug ID | 1225932 |
---|---|
Summary | Authentication failure for non-privileged user in "Software updates" |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Cockpit |
Assignee | Cockpit-bugs@suse.de |
Reporter | robert.simai@suse.com |
QA Contact | qa-bugs@suse.de |
Target Milestone | --- |
Found By | --- |
Blocker | --- |
Created attachment 875298 [details]
Cockpit message
Logged into Cockpit (309) on Tumbleweed as non-privileged user "robert",
clicked the "Software updates" and got the attached message on screen and the
following in the journal:
sudo[5258]: robert : 3 incorrect password attempts ; PWD=/ ; USER=root ;
COMMAND=/usr/bin/cockpit-bridge --privileged
Something similar happens when I click the "Check for updates" from the
Software updates module, the journal message then is
sudo[5856]: pam_unix(sudo:auth): authentication failure; logname=robert
uid=1000 euid=0 tty= ruser=robert rhost= user=root
sudo[5856]: robert : 3 incorrect password attempts ; PWD=/ ; USER=root ;
COMMAND=/usr/bin/cockpit-bridge --privileged
I'm not sure why refreshing the updates requires sudo as a regular user could
successfully run "zypper lu" as well. But if it does, we could at least come up
with a clearer message "switch to administrative access first" or such.