Web lists-archives.com

Re: Running GParted and Synaptic without entering password

Hash: SHA1

On Sun, May 13, 2018 at 02:51:49PM -0500, Richard Owlett wrote:
> On 05/13/2018 09:26 AM, bw wrote:
> >
> >
> >On Sun, 13 May 2018, Richard Owlett wrote:
> >
> >><snip>
> >>The result I wish to achieve is to click on the icon for either GParted or
> >>Synaptic *WITHOUT* being asked for a password (either root's or user's).
> >>
> >>I've found vague hints that adding a line to my local /etc/sudoers file
> >>such as
> >>   richard     ALL = /usr/sbin/gparted , /usr/sbin/synaptic
> >>would accomplish my goal.
> >>Is that correct?
> >><snip>
> >
> >I think that might work if clicking each icon actually runs those
> >commands from each .desktop file.
> I believe it does:
>   1. if logged in as root, entering "/use/sbin/gparted" runs.
>   2. if *NOT* logged in as root, entering "/usr/sbin/gparted" asks
> for password.

Yes, perhaps that's what sudo is for then (you'd have to run
"sudo /usr/sbin/gparted" instead: make it more convenient by
some wrapper [1]).

Of course the recommendation is still "don't do it", but the
good thing is: it's just that, a recommendation. FWIW, I went
through that phase and am back now to my "custom commands" 
asking for a password when doing something sudo-ish. It's a
kind of "are you awake there, at the controls?" which I've
come to appreciate. But to each her own and all that :-)


[1] There are many solutions to that: I have a /home/tomas/bin
which I add to my PATH where I put all those little scripts
which are too small or too unstable to go to /usr/local/bin.
If I need a sudo in there, I just code it in. In my default
setting, I then get asked for a password. By relaxing sudoers
(e.g. with NOPASSWD: or !authenticate) you can fine tune that
to skip the authentication at a very fine-grained level (by
command, by user or by host (on which the command is running)).

- -- tomas
Version: GnuPG v1.4.12 (GNU/Linux)