Web lists-archives.com

Re: Running GParted and Synaptic without entering password




On 05/15/2018 12:48 AM, John Crawley (johnraff) wrote:
On 2018-05-14 16:56, Joe wrote:
On Sun, 13 May 2018 14:43:55 -0500
If your micro-installation contains them, gksu and gksudo are graphical
equivalents of su and sudo. I start Synaptic from a menu entry, which
uses gksudo.

gksu is now deprecated as insecure,
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892768
and will not be available in Debian Buster as far as I can see.
https://packages.debian.org/search?keywords=gksu&searchon=names&suite=all&section=all

Even on Stretch and (I think) Wheezy, Gparted and Synaptic both shipped .desktop files which caused them to be launched by the policykit alternative, pkexec instead of gksu.

Policykit brings its own complications, but I think it should be possible to create a .pkla file in /var/lib/polkit-1/localauthority to allow a certain user, or group member, to perform an action defined in /usr/share/polkit-1/actions/* without a password. You could even add a new action if necessary.

Through a chain of references I discovered
  /usr/share/polkit-1/actions/com.ubuntu.pkexec.gparted.policy

The initial lines read:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
 "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd";>
<policyconfig>

However
  [http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd]
gives a 404 File not found message.

Where would I find its syntax?

By a convoluted path I found:
[https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html]

Its last example strongly suggests I can do just what I want without messing up other users &/or apps.

Is there an equivalent of that content in Backus–Naur form?