Celeb Glow
general | April 02, 2026

Ubuntu 18.04 tigervnc: Authentication is required to create a color profile

Trying to connect to tigervnc server running on Ubuntu 18.04 (using TigerVNC viewer windows client). After the initial authentication, I get an additional authentication prompt that reads "Authentication is required to create a color pr...". This happens only for the first login following a tigervnc server restart. Is there anyway I can bypass this?

2 Answers

I fixed this by creating this file and setting perms to 644, and owner root:root:

Filename: /etc/polkit-1/localauthority.conf.d/02-allow-colord.conf

Contents:

polkit.addRule(function(action, subject) { if ((action.id == "org.freedesktop.color-manager.create-device" || action.id == "org.freedesktop.color-manager.create-profile" || action.id == "org.freedesktop.color-manager.delete-device" || action.id == "org.freedesktop.color-manager.delete-profile" || action.id == "org.freedesktop.color-manager.modify-device" || action.id == "org.freedesktop.color-manager.modify-profile" ) && ( subject.isInGroup("{nogroup}") ) ) { return polkit.Result.YES; }
});
3

Let me just extract the concrete fix for 18.04 only from the sequel to this excellent blog post. The latter drills down to the root cause of this issue; the former fixes it properly — while avoiding a crash caused by the return polkit.Result.YES; solution already posted here and elsewhere.

cat << EOF | sudo tee /etc/polkit-1/localauthority/50-local.d/45-allow-colord.pkla
[Allow Colord all Users]
Identity=unix-user:*
Action=org.freedesktop.color-manager.create-device;org.freedesktop.color-manager.create-profile;org.freedesktop.color-manager.delete-device;org.freedesktop.color-manager.delete-profile;org.freedesktop.color-manager.modify-device;org.freedesktop.color-manager.modify-profile
ResultAny=no
ResultInactive=no
ResultActive=yes
EOF

This is relevant only for PolKit < 0.106 (pkaction --version).

For PolKit 0.106+ (Ubuntu 18.10+) this authorization is granted differently, via the javascript .conf file:

cat << EOF | sudo tee /etc/polkit-1/localauthority.conf.d/02-allow-colord.conf
polkit.addRule(function(action, subject) { if ((action.id == "org.freedesktop.color-manager.create-device" || action.id == "org.freedesktop.color-manager.create-profile" || action.id == "org.freedesktop.color-manager.delete-device" || action.id == "org.freedesktop.color-manager.delete-profile" || action.id == "org.freedesktop.color-manager.modify-device" || action.id == "org.freedesktop.color-manager.modify-profile" //-- no group restriction; allow any user to manipulate color profiles! //-- uncomment and substitude adm with the group you need, if needed. // ) && ( // subject.isInGroup("{adm}") )) { return polkit.Result.YES; }
});
EOF

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like

What is the significance of II.9 in a Kingdom Hearts 3 scene?

Is there a way to craft Podzol in Minecraft?

Is there a hard limit to the number of trees able to exist in your town smaller than what is geometrically possible by the rules of tree growth?