Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The simple work-around is not even possible on Fedora CoreOS:

   $ sudo chmod 0755 /usr/bin/pkexec
   chmod: changing permissions of '/usr/bin/pkexec': Read-only file system
Security preventing security I guess...


You can `ostree admin unlock --hotfix` to allow editing the current deployment, designed with this use case in mind: https://www.mankier.com/1/ostree-admin-unlock#--hotfix


One trick to temporarily 'modify' read-only filesystems is to bind-mount something over it:

  sudo mount --bind /bin/false /usr/bin/pkexec
This will be gone over reboot, however.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: