For security reasons, I want to use a separate user for admin purposes.
This user is in the wheel
group and confined with SELinux.
Setup of the users
For creation, I roughly followed this guide
run0 sh -c '
adduser -Z sysadm_u sysadm
passwd sysadm
usermod -aG wheel sysadm
'
When logging in to the user works…
run0 -u sysadm
the current user can be removed from the wheel
group
echo $USER
run0 gpasswd -d wheel $USER
What works
- kde kio-admin (entering
admin:/
in Dolphin to access files as admin) - KDE Partitionmanager
- rpm-ostree
- more stuff using polkit
What doesn’t work
Flatpak when using the -y flag. This is a small usability issue.
When leaving out the -y flag, it works normally, I can authenticate with the confined sysadm user and do systemwide changes.