unique password for "update" and "synaptic" and "apt-get"
When I want to run update-manager or application center or synaptic or apt-get, I rely on sudo or gksu or similar for authorization. Q1: Can someone help me administer this differently?
I want two end-user logins on each of several laptops -- one for me as system admin; one for every other end-user (my case makes it ok to share login details). If I'm the logged-in user, I'll use sudo like always. If the other end-user is logged-in, I still want to be able to launch synaptic or whatever, but to use a unique password for authorization.
I know that I can "switch user" to my own login and away from the standard end-user login. Q2: Is this the better way to accomplish things or can I somehow config a unique password to run the various package install applications?