If I execute print os.environ without pkexec I get lots of useful system environment variables, however, once I execute with, most of them are gone. How can I get them back with using pkexec? I understand there’s a workaround using sudo but haven’t found one yet for pkexec
Advertisement
Answer
In short, you can’t. From the pkexec man page:
The environment that PROGRAM will run in will be set to a minimal known and safe environment in order to avoid injecting code through LD_LIBRARY_PATH or similar mechanisms. In addition the PKEXEC_UID environment variable is set to the user id of the process invoking pkexec.
You can cause pkexec to retain some environmental variables (i.e. to allow X11 programs to work by retaining $DISPLAY and $XAUTHORITY) using the org.freedesktop.policykit.exec.allow_gui annotation. However, retaining all of the environmental variables appears to be a deliberate rejected decision.