Currently I'm testing systemd enabled builds of several (mostly gnome) packages. Now my system is in a state, that nearly everything is using systemd. Now when trying to use pkexec, it silently fails. In /var/log/auth.log I find the following:
pkexec: pam_ck_connector(polkit-1:session): cannot determine display-device
Is pkexec compiled with --enable-systemd=yes still relying on information from ConsoleKit? (Please note: removing pam_ck_connector from pam files causes pkexec to fail silently.)
I forgot to mention: this is polkit 0.105 and systemd 182.
Not sure how this can be a polkit bug; looks more like your polkit-1 PAM configuration is busted? Have you checked that pkexec is in fact setuid root? Anyway, this works fine on Fedora, never heard of any problems there and we switched to systemd a while ago....
Created attachment 60597 [details]
Polkit pam configuration
The binary is setuid root. Concerning the pam configuration (see attachment), it is including the common modules loaded on a debian system.
After some fiddling around with different pam configurations, I've found a working one. Seems like pkexec does not like configs where pam_systemd and pam_ck_connector are both present and both are marked optional. On a debian system this means that instead of including pam config "common-session" you'll have to include "common-session-noninteractive" where pam_ck_connector is not getting loaded at all.