How to run a Gtk application as a user with root privs?
From my research it isn't possible to use suid for Gtk applications. There seems to be possible to execute Gtk applications as a user with root privileges using "PAM". I'd like to know what you think is the best way to achieve it. This is to run gnome-ppp. Please let me know how you would do. Thanks.
|
"gksu" is probably the command you're looking for. "sudo" should also work.
|
But they both ask for my root password :(
|
If you set up sudo properly, it should be asking for your password, not roots.
|
Yes, sorry, this is what I meant. But I don't want to have to type any password... How could I do it?
|
You set up sudo to not ask for a password. If you look in the sudoers file, you should see examples of how to use the NOPASSWD directive. If that is set up properly, the user is allowed to use that command without supplying a password. For example, if you set up the shutdown command like this:
usename = NOPASSWD: /sbin/shutdown It would allow the user to shut down the computer with sudo shutdown and not have to enter a password. Have a look in the sudoers man page for more examples. |
Thanks. Since that day, I've tried to add myself in the sudoers using this man page: http://www.gratisoft.us/sudo/man/sudoers.html but I don't understand very well, it's a little complicated to me!
I added this to /etc/sudoers: Code:
werner gnome-ppp = NOPASSWD: /usr/sbin/gnome-ppp Code:
sudo /usr/sbin/gnome-ppp Code:
sudo /usr/sbin/gnome-ppp Thanks. |
Quote:
Part of the problem might be that first gnome-ppp. That is in the position of an alias, which means that you had to have defined it earlier in the sudoers file. You might be able to get by with: werner NOPASSWD: /usr/sbin/gnome-ppp |
Thanks, when I do this, I get this error message while saving the file:
Quote:
Thanks. |
That rhythmic banging sound you hear is me banging my head on the keyboard. Sudo syntax always drives me nuts. I think the problem is that I forgot to define a machine where the command was legit to use.
So this might work: werner ALL = NOPASSWD: /usr/sbin/gnome-ppp In this case, the ALL refers to all machines on your network, but that is probably OK for a personal machine. An alternative would be to define a specific machine and then use that name: Host_Alias MYMACHINE = 127.0.0.1 werner MYMACHINE = NOPASSWD: /usr/sbin/gnome-ppp In this case, you would only have the rights on this particular machine. Again, if this is a standalone machine, using this instead of ALL is probably a distinction without a difference. You might have to use the actual IP address of your machine (or a range if you're using DHCP) if the 127.0.0.1 doesn't work. |
Thank you. I tried it and now when I do "sudo gnome-ppp" as a user, I get "Gtk-Wraning **: Cannot open display:"
Any idea? :( Thanks. |
Yeah, that is X security kicking in. Basically, X is telling you that root doesn't have the authority/privilege to put something on your X display. There are two ways to allow this, xhost and xauth.
Xhost is the cheap and sleazy way of doing it as it controls X access on a per-host basis. So if you first run xhost localhost on the command line before you run your sudo gnome-ppp, it should allow root to display it. Now the warning: xhost localhost allows anyone on localhost to use your X display. On a single user machine, this probably isn't a real big deal. In a multiuser environment, it is a big breach of security and you don't want to do it. The alternative is xauth, which allows you to authorize specific users with a cookie. It is kind of complicated (which is why most people use xhost on single user machines) but there is a good explanation here. |
Quote:
Code:
## allows me to run an X program as root |
Quote:
|
Quote:
|
All times are GMT -5. The time now is 02:41 AM. |