GUI should not run as root, instead should use polkit

Hi,
Gufw was using polity kit and I don't desire to return to it, it was crazy for debugging.
A hug.

Hi,

I'm sure there are alternatives to polkit. However, support for XWayland with root seems like it will never be supported.

Also, I'm sure you must also agree that running a UI as root is not a great idea in general.

Hugs received, hugs given. ;)

Hi,

polkit or not, some solution will have to be found eventually as Wayland will phase out X. Developers have made it clear they don't think running GUI apps as root is a good idea, so they won't support it any longer. See https://bugzilla.redhat.com/show_bug.cgi?id=1274451#c62

For now, it seems the easiest, yet somewhat insecure, workaround is using "xhost si:localuser:root" before running gufw, gparted or any other GUI app that still relies on direct root access, and then using "xhost -si:localuser:root" (notice the "-") to revoke root's right to access your local user's X session.

Better check whether wayland is really running before granting apps to run as root

if [ $XDG_SESSION_TYPE = "wayland" ]; then
 xhost +si:localuser:root
fi

Interesting this was marked as "opinion" almost 2 years ago and is still an issue today. Makes this app completely fail to open in Wayland without the hack listed in these comments.

I used this "solution" and added the removal of root access after the call to gufw-pkexec in /bin/gufw:

#!/bin/sh
c_user=$(whoami)

if [ $XDG_SESSION_TYPE = "wayland" ]; then
 xhost +si:localuser:root
fi

pkexec gufw-pkexec $c_user

if [ $XDG_SESSION_TYPE = "wayland" ]; then
 xhost -si:localuser:root
fi