Ubuntu's new policy dictates that updates to already installed applications don't require password when doing it from Update Manager (Synaptic and apt-get still require password). Also, I would like to prevent the Update Manager to pop-up, it should only run when I invoke it. Thanks.
Asked
Active
Viewed 3,397 times
2 Answers
3
To remove the 'update packages without admin auth'
gksudo gedit /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla
The section in question is this
[Update already installed software]
Identity=unix-group:admin
Action=org.debian.apt.upgrade-packages
ResultActive=yes
Probably the easiest & maybe best solution is to just remove the whole section.
If desired you could leave & try setting the ResultActive=yes to this
ResultActive=auth_admin_keep
If I wanted this I'd just remove the section, then the action should fallback to the default in /usr/share/polkit-1/actions/org.debian.apt.policy which is to require auth per use.
doug
- 17,212
0
In my case adding my id to the sudo group solved the problem.
My /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla has admin and sudo as authorized groups, but sudo had only an user defined during installation, and admin group was not defined. I would bet on adm there. Perhaps the name admin has gotten into the polkit file because someone has overlooked some configuration changes in the history of Ubuntu (see What is the difference between the groups "adm" and "admin")?
An original section of the file from my LTS 20.04.4:
[Update already installed software]
Identity=unix-group:admin;unix-group:sudo
Action=org.debian.apt.upgrade-packages
ResultActive=auth_admin_keep
