Add support for run0 as an alternative to pkexec

run0 allows escalating privileges through polkit without SUID binaries,
if pkexec is not available try it as a fallback method

https://www.freedesktop.org/software/systemd/man/latest/run0.htm

Author: bluca

files/usr/bin/cinnamon-settings-users

@@ -4,5 +4,35 @@
 """
 
 import os
+import shutil
+import sys
 
-os.system("pkexec /usr/share/cinnamon/cinnamon-settings-users/cinnamon-settings-users.py")
+TARGET = "/usr/share/cinnamon/cinnamon-settings-users/cinnamon-settings-users.py"
+
+# Display-related environment variables that need to be forwarded to the
+# privileged process when launching via run0 (which, unlike pkexec, does not
+# inherit the caller's environment).
+RUN0_FORWARDED_ENV_VARS = (
+    "DISPLAY",
+    "WAYLAND_DISPLAY",
+    "XAUTHORITY",
+    "XDG_RUNTIME_DIR",
+    "DBUS_SESSION_BUS_ADDRESS",
+)
+
+# Prefer pkexec, fall back to run0.
+if shutil.which("pkexec"):
+    os.execvp("pkexec", ["pkexec", TARGET])
+elif shutil.which("run0"):
+    argv = ["run0"]
+    for var in RUN0_FORWARDED_ENV_VARS:
+        value = os.environ.get(var)
+        if value is not None:
+            argv.append(f"--setenv={var}={value}")
+    argv.append("--")
+    argv.append(TARGET)
+    os.execvp("run0", argv)
+
+print("cinnamon-settings-users: neither 'pkexec' nor 'run0' was found in PATH",
+      file=sys.stderr)
+sys.exit(1)

files/usr/share/cinnamon/cinnamon-settings/bin/SettingsWidgets.py

@@ -19,6 +19,39 @@
 
 CAN_BACKEND = ["SoundFileChooser", "DateChooser", "TimeChooser", "Keybinding"]
 
+# Display-related environment variables that need to be forwarded to the
+# privileged process when launching via run0 (which, unlike pkexec, does not
+# inherit the caller's environment).
+_RUN0_FORWARDED_ENV_VARS = (
+    "DISPLAY",
+    "WAYLAND_DISPLAY",
+    "XAUTHORITY",
+    "XDG_RUNTIME_DIR",
+    "DBUS_SESSION_BUS_ADDRESS",
+)
+
+# Prefer pkexec, fall back to run0.
+def get_privilege_escalation_command():
+    for cmd in ("pkexec", "run0"):
+        if GLib.find_program_in_path(cmd) is not None:
+            return cmd
+    return None
+
+def build_privileged_argv(command_argv):
+    escalation = get_privilege_escalation_command()
+    if escalation is None:
+        return None
+    if escalation == "run0":
+        argv = [escalation]
+        for var in _RUN0_FORWARDED_ENV_VARS:
+            value = GLib.getenv(var)
+            if value is not None:
+                argv.append(f"--setenv={var}={value}")
+        argv.append("--")
+        argv.extend(command_argv)
+        return argv
+    return [escalation, *command_argv]
+
 class BinFileMonitor(GObject.GObject):
     __gsignals__ = {
         'changed': (GObject.SignalFlags.RUN_LAST, None, ()),
@@ -218,7 +251,12 @@ def build(self):
             self.module.loaded = True
 
         if self.is_standalone:
-            subprocess.Popen(self.exec_name.split())
+            argv = self.exec_name.split()
+            if argv and argv[0] == "pkexec":
+                privileged = build_privileged_argv(argv[1:])
+                if privileged is not None:
+                    argv = privileged
+            subprocess.Popen(argv)
             return
 
         # Add our own widgets
@@ -297,7 +335,12 @@ def __init__(self, label, mod_id, icon, category, keywords, content_box):
         self.category = category
 
     def process (self):
-        name = self.name.replace("pkexec ", "")
+        name = self.name
+        if name.startswith("pkexec "):
+            # Require some privilege-escalation tool to exist (pkexec or run0).
+            if get_privilege_escalation_command() is None:
+                return False
+            name = name[len("pkexec "):]
         name = name.split()[0]
 
         return GLib.find_program_in_path(name) is not None