Bug 4791

Summary: Root password request for "PolicyKit1-KDE" appears suddenly
Product: [ROSA-based products] ROSA Fresh Reporter: Konstantin Vlasov <konstantin.vlasov>
Component: Packages from MainAssignee: Evgenii Shatokhin <eugene.shatokhin>
Status: RESOLVED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: darrencleaver, eugene.shatokhin, stanislav.fomin
Version: Fresh   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: baloo ISO-related:
Bad POT generating: Upstream:

Description Konstantin Vlasov 2014-12-13 14:30:41 MSK 
Without any explicit action from my side, a dialog suddenly apeared requesting root password for "PolicyKit1-KDE"; additional details showed that the required action was "Folder Watch Limit".

By googling I found out that it may happen when desktop search engine exceeds inotify limits and requests for increase. It conforms with the fact that the dialog appeared shortly after I unpacked a large archive (Qt 5.4.0 sources with 146872 files/folders in it).

I think, such "unprovoked" request would look scary to users. As far as I could find, the suggested solution is to manually increase the fs.inotify.max_user_watches sysctl parameter (currently it is set to 8192) by writing to /proc/sys/fs/inotify/max_user_watches or (to keep it persistent across reboots) by creating additional conf file in /etc/sysctl.d/. Probably we should set it in our disribution to 16384 or even higher by default. Opinions?
Comment 1 Evgenii Shatokhin 2014-12-15 11:27:58 MSK 
+1 to increase the limit.
I've hit this problem too yesterday.
Comment 2 Konstantin Vlasov 2014-12-16 13:41:11 MSK 
Additional information: 16384 is still too low, with this value I've got another request for increasing the value. So, 32768 is probably a preferred default.
Comment 3 Stanislav Fomin 2015-01-14 17:40:38 MSK 
Временное решение — воткнуть генерацию этого файла в генерацию образа.
— Отстойно.

Лучше засунуть в дефолтный параметр ядра.
Сделает Женя.

(Отдельно найти, кто генерит этот конфиг).
Comment 4 Stanislav Fomin 2015-01-14 17:43:03 MSK 
На ТК решили — 32768.
Comment 5 Evgenii Shatokhin 2015-01-31 17:55:06 MSK 
BTW, /etc/sysctl.d/97-kde-baloo-filewatch-inotify.conf is present on my system and does exactly that: sets fs.inotify.max_user_watches = 32768.
Comment 6 Konstantin Vlasov 2015-01-31 18:52:49 MSK 
That's exactly what this "PolicyKit1-KDE" does: creates this file with new value.
Comment 7 Evgenii Shatokhin 2015-02-01 16:15:26 MSK 
(In reply to comment #6)
> That's exactly what this "PolicyKit1-KDE" does: creates this file with new
> value.

I see. On another system, this file sets the limit to 65536, by the way, I cannot say why.

I added the patch to the kernel 3.14.31 I am currently testing. However, I am not sure if it is needed now that PolicyKit1-KDE or, Baloo, or whatever seems to handle the issue.

What do you think?
Comment 8 Konstantin Vlasov 2015-02-01 16:26:25 MSK 
The way it handles the issue is unintuitive and scary. Average user won't understand why root permission request suddenly appeared, what it intends to do, what program displayed it, and, generally, what the hell is going on. I suggest that we set this value in the kernel, so that much less users found themselves facing this situation.
Comment 9 Evgenii Shatokhin 2015-02-02 12:19:49 MSK 
Ah, I thought, someone has figured out how to handle this automagically. I see. 

Anyway, I have already added the kernel patch to increase the default limit. Will appear in kernel 3.14.31.

Still, I don't think this is a good solution. Better to do it in userspace. Perhaps, to provide that file in /etc/sysctl.d with Polkit packages, or Baloo, or whatever.
Comment 10 Evgenii Shatokhin 2015-03-11 11:54:31 MSK 
Increased the limit in the kernel. Kernel 3.14.33 has the appropriate patch.

Again, my opinion is, it should be rather fixed in PolicyKit or whatever is involved.
Comment 11 daz 2016-12-21 02:34:37 MSK 
Please see http://bugs.rosalinux.ru/show_bug.cgi?id=7608

I AM WORRIED