Skip to content

Instantly share code, notes, and snippets.

@cvetan
Last active August 5, 2021 14:40
Show Gist options
  • Save cvetan/91dd566b45a816ee91501856e6644df0 to your computer and use it in GitHub Desktop.
Save cvetan/91dd566b45a816ee91501856e6644df0 to your computer and use it in GitHub Desktop.
Using pkexec in XFCE

There instructions were first published in debian forum, here http://forums.debian.net/viewtopic.php?f=16&t=73497 but I added them here for easier access

Add policykit file

  • Add XML file on the path /usr/share/polkit-1/actions/org.freedesktop.policykit.pkexec.policy with the following content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
<policyconfig>
    <action id="org.freedesktop.policykit.pkexec.run-synaptic">
        <description>Run Synaptic</description>
        <message>Authentication is required to run Synaptic as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/sbin/synaptic</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-thunar">
        <description>Run Thunar</description>
        <message>Authentication is required to run Thunar as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/thunar</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-mousepad">
        <description>Run Mousepad</description>
        <message>Authentication is required to run Mousepad as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/mousepad</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-xfce4-taskmanager">
        <description>Run Xfce4 Task Manager</description>
        <message>Authentication is required to run Xfce4 Task Manager as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/xfce4-taskmanager</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-gparted">
        <description>Run Gparted</description>
        <message>Authentication is required to run Gparted as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/sbin/gparted</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-bleachbit">
        <description>Run BleachBit</description>
        <message>Authentication is required to run BleachBit as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/bleachbit</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-dbus-launch">
        <description>Run Dbus Launch</description>
        <message>Authentication is required to run Dbus-launch as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/dbus-launch</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remsu">
        <description>Run REMSU</description>
        <message>Authentication is required to run REMSU as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remsu</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remastersys">
        <description>Run Remastersys</description>
        <message>Authentication is required to run Remastersys as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remastersys</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remastersys-gui">
        <description>Run Remastersys-GUI</description>
        <message>Authentication is required to run Remastersys-Backup as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remastersys-gui</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remastersys-installer">
        <description>Run Remastersys-Installer-GUI</description>
        <message>Authentication is required to run Remastersys-Installer-GUI as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remastersys-installer</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remastersys-usb-key-copy-tool">
        <description>Run Remastersys-USB-Key-Copy-Tool</description>
        <message>Authentication is required to run Remastersys-USB-Key-Copy-Tool as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remastersys-usb-key-copy-tool</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remastersys-grub-restore">
        <description>Run Remastersys-GRUB-Restore</description>
        <message>Authentication is required to run Remastersys-GRUB-Restore as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remastersys-grub-restore</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
    <action id="org.freedesktop.policykit.pkexec.run-remastersys-grubconfig">
        <description>Run Remastersys-GRUB-Config</description>
        <message>Authentication is required to run Remastersys-GRUB-Config as Root</message>
        <defaults>
            <allow_any>no</allow_any>
            <allow_inactive>no</allow_inactive>
            <allow_active>auth_admin_keep</allow_active>
        </defaults>
        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/remastersys-grubconfig</annotate>
        <annotate key="org.freedesktop.policykit.exec.allow_gui">TRUE</annotate>
    </action>
</policyconfig>
  • This file above give you policykit authentication for:
    • Bleachbit
    • Gparted
    • Mousepad
    • Remastersys
    • Thunar
    • Task manager
    • Synaptic

Add Thunar custom actions for the wanted applications

  • Open folder in Thunar as Root
Name: Open Thunar As Root
Description: Open current directory as root super user
Command: pkexec dbus-launch /usr/bin/thunar %f
Tickbox: 'Use Startup Notification'
Appearance Conditions:-
File Pattern: *
Tickbox: Directories
  • Open Mousepad as Root
Name: Open Mousepad As Root
Description: Edit text files as root super user
Command: pkexec dbus-launch /usr/bin/mousepad %f
Appearance Conditions:-
File Pattern: *
Tickbox: Text Files, Other Files
  • Add other apps if neccessary
@cvetan
Copy link
Author

cvetan commented May 6, 2020

just use apt-xapian-index and policykit-1-gnome much simpler

What the apt-xapian index has to do with admin actions in Thunar? apt-xapian-index is used for indexing apt packages and used indexed results in cli search or for instance synaptic search for packages. It does not have anything to do with topic covered here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment