Comment 6 for bug 1828663

I've found that there appears to be a fundamental bug in policykit and have added the upstream bug report covering it, which has been around for several years but the developers don't seem able to come up with a fix for.

Tests done using the Lubuntu 19.10 Live ISO (June 24th 2019 build) where an additional user "test" is created with the same supplementary group memberships as the "lubuntu" user. Both have passwords set so that these tests can be done over SSH as well as at the console, or in the GUI.

The fact that "pkexec" itself is broken proves that lxqt nor the qt-policykit code is at fault here.

test@lubuntu:~$ groups
test adm cdrom sudo dip plugdev lpadmin

$ sudo ls -l /root/
[sudo] password for test:
total 0
-rw-r--r-- 1 root root 0 Jun 26 23:35 file

test@lubuntu:~$ pkexec ls -l /root/

==== AUTHENTICATING FOR org.freedesktop.policykit.exec ===
Authentication is needed to run `/usr/bin/ls' as the super user
Multiple identities can be used for authentication:
 1. Lubuntu2,,, (lubuntu)
 2. Test3,,, (test)
Choose identity to authenticate as (1-2): 2
Password:
polkit-agent-helper-1: error response to PolicyKit daemon: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie

lubuntu@lubuntu:~$ groups
lubuntu adm cdrom sudo dip plugdev lpadmin sambashare

lubuntu@lubuntu:~$ sudo ls -l /root/
total 0
-rw-r--r-- 1 root root 0 Jun 26 23:35 grep

lubuntu@lubuntu:~$ pkexec ls -l /root/
Error executing command as another user: Not authorized

This incident has been reported.