Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm heartily sick of sudo nanoblah blah blah, and I'd really rather not be bothered with sudo (insert editor name here) when I want to edit, for example, .bash_aliases.
In my LinuxMint, there is a "clone" of Krusader installed "as root user." I know from personal experience that other items, unless installed from scratch with the 'make install' file directing them to another place in the hierarchy, cannot be installed for anyone but the user profile I'm in without losing the original non-root install of the app. Is there a way to go from "downloaded .deb archive" to "same app but only for use as root" with apps other than Krusader?
Something has gone wrong if you have root-owned files in your directory. Perhaps you need to run chown over your directory to fix that.
In general, if you have sudo, then you need to use sudoedit instead when editing file. It can be configured to point to your favorite editor. Because it runs the designated editor as an unprivileged user, you don't end up with root-owned files scattered all over making a mess. See the -e option in the manual page:
First of all, you shouldn't be using sudo to run GUI applications as root. If you're running KDE, as your sidebar entry indicates, you should be using e.g. kdesudo nano (the equivalent command for Gnome-related desktop environments is gksudo nano).
Secondly you shouldn't, as TC points out, need root privilege to access files in your home directory. To regain ownership of all these, you can use (as long as you are currently logged in as your normal user):
Code:
sudo chown -R $USER:$USER $HOME
Lastly, you might like to create desktop shortcuts for applications that you want to run as root, using kdesudo/gksudo in the shortcut's command. Of course you will still have to enter the sudo password, so I hope that you're not also heartily sick of doing that.
If you want to run as root for a while (but, as always, be careful what you do), you can enter sudo su in a terminal - anything you do in that terminal from then on, until you close the terminal or enter exit, will be as root).
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by L_Carver
I know from personal experience that other items, unless installed from scratch with the 'make install' file directing them to another place in the hierarchy, cannot be installed for anyone but the user profile I'm in without losing the original non-root install of the app.
I'm sorry but this does not make any sense at all. Applications, and other programs, are generally installed so that every user can acces them and the settings for them are, if necessary, stored in the home directory of the user running them.
If you want to create a shortcut to run something as root then the answers are given above regarding gksu etc.
If you want to create a shortcut to run something as root then the answers are given above regarding gksu etc.
Some discretion is needed about what to run as root and what not to run as root. Editors are one class of application that should only be used via an unprivileged account. If you do need to edit a file owned by root, then there is always sudoedit mentioned above.
From the manual page:
Code:
-e, --edit Edit one or more files instead of running a command. In lieu
of a path name, the string "sudoedit" is used when consulting
the security policy. If the user is authorized by the pol‐
icy, the following steps are taken:
1. Temporary copies are made of the files to be edited with
the owner set to the invoking user.
2. The editor specified by the policy is run to edit the
temporary files. The sudoers policy uses the
SUDO_EDITOR, VISUAL and EDITOR environment variables (in
that order). If none of SUDO_EDITOR, VISUAL or EDITOR
are set, the first program listed in the editor
sudoers(5) option is used.
3. If they have been modified, the temporary files are
copied back to their original location and the temporary
versions are removed.
To help prevent the editing of unauthorized files, the fol‐
lowing restrictions are enforced unless explicitly allowed by
the security policy:
· Symbolic links may not be edited (version 1.8.15 and
higher).
· Symbolic links along the path to be edited are not fol‐
lowed when the parent directory is writable by the invok‐
ing user unless that user is root (version 1.8.16 and
higher).
· Files located in a directory that is writable by the
invoking user may not be edited unless that user is root
(version 1.8.16 and higher).
Users are never allowed to edit device special files.
If the specified file does not exist, it will be created.
Note that unlike most commands run by sudo, the editor is run
with the invoking user's environment unmodified. If, for
some reason, sudo is unable to update a file with its edited
version, the user will receive a warning and the edited copy
will remain in a temporary file.
gksu will still cause the graphical program to run with root privileges, which depending on the situation makes for more trouble. Graphical programs with a lot of parsing of untrusted data are another category that should be avoided as root. wireshark is one such example.
I'm heartily sick of sudo nanoblah blah blah, and I'd really rather not be bothered with sudo (insert editor name here) when I want to edit, for example, .bash_aliases.
In my LinuxMint, there is a "clone" of Krusader installed "as root user." I know from personal experience that other items, unless installed from scratch with the 'make install' file directing them to another place in the hierarchy, cannot be installed for anyone but the user profile I'm in without losing the original non-root install of the app. Is there a way to go from "downloaded .deb archive" to "same app but only for use as root" with apps other than Krusader?
and a high-level overview of one person's recommendation on the use of sudo in the context of Security.
Sudo: you're doing it wrong - PDF @ 171 pages.
Sudo: you're doing it wrong - YouTubeVid @ 1h:11m
sudo, being an interactive prompted utility,
I avoid in scripts and once the script or user has privs,
there's little use for repeatedly using it.
Who's bash_aliases are you editing?
do those aliases have sudo in them or their named components?
First of all, you shouldn't be using sudo to run GUI applications as root. If you're running KDE, as your sidebar entry indicates, you should be using e.g. kdesudo nano (the equivalent command for Gnome-related desktop environments is gksudo nano).
When you make statements like that, wouldn't it be more helpful to say why sudo nano is wrong and gksudo nano is right? I suspect the OP would like to know. For that matter, I'd like to know (very slightly), as I've never used sudo and don't have gksudo installed!
When you make statements like that, wouldn't it be more helpful to say why sudo nano is wrong and gksudo nano is right? I suspect the OP would like to know. For that matter, I'd like to know (very slightly), as I've never used sudo and don't have gksudo installed!
As I understand it, the problem with sudo is that it gives the root user access to your personal environmental variables. That doesn't matter on the command line or in a simple desktop like fluxbox, but complex DEs are held together by a slew of XDG environmental variables, some of which could cause you to lose access to your files. It happened to me once; I couldn't get into X any more because the ownership of my .Xauthority file had somehow got transferred to root. I had to delete it as root so that X would create a new one in my name.
gksudo and kdesudo aren't just pretty graphical front ends. They actually protect your environment from root while they run.
When you make statements like that, wouldn't it be more helpful to say why sudo nano is wrong and gksudo nano is right? I suspect the OP would like to know. For that matter, I'd like to know (very slightly), as I've never used sudo and don't have gksudo installed!
No, because it would be taking the discussion off at a tangent from the OP's original request, and there's too much of that goes on anyway.
The OP is more than capable of searching on the web for the reasons why, or ask a further question, if they see fit to do so. A search for sudo gksudo, for example, produces the following as the first result:
When you make statements like that, wouldn't it be more helpful to say why sudo nano is wrong and gksudo nano is right? I suspect the OP would like to know. For that matter, I'd like to know (very slightly), as I've never used sudo and don't have gksudo installed!
In the case of editors, the answer is neither. See post #5 above.
For other graphical programs, you might use -H with sudo so that the program uses the root (or any other target) home directory.
i just found out that sudoedit can also be used with a graphical editor.
i wouldn't make the change permanent, because i think some command line applications expect EDITOR to be set to a command line editor.
but this is possible:
Lastly, you might like to create desktop shortcuts for applications that you want to run as root, using kdesudo/gksudo in the shortcut's command. Of course you will still have to enter the sudo password, so I hope that you're not also heartily sick of doing that.
I'm the only user on this machine, and I've already (and a little sloppily) tweaked my sudoers file to accept my ordinary bash login as root, So kdesudo (editor name here) or as Turbocapitalist suggested, sudoedit seem to be the way to go.
you can define alias like this: alias suedit=sudo <your-editor>
and next you can type suedit filename and file will be edited by root.
(although I do not really suggest you to do that)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.