One dilemma I’m in is should I need permissions to say for example, modify a config file that rests under /etc, would there be less window of opportunity for disaster if I ran only the command with sudo or use pkexec (policykit) to obtain one time permissions? This is KDE related, because I want to use scripting languages with KDE, and sometimes might need root permissions to do something.
By right if you open the file and make changes that require root permission if you click to close the file itself and not the program it’s open in you should be prompted as if you would like to save the changes or be told you need root permission and be given a password box for your root password.
from my notes:
## SUPERUSER NOPASSWD ##
# to run commands that require root without having to enter a password
# the commands must be added to the sudoers file (man sudoers for more info)
sudo visudo
# place new entries at the very end of the file
# to allow foo to run systemctl without a password
foo ma=(ALL:ALL) NOPASSWD: /usr/bin/ls, /usr/bin/systemctl, /usr/sbin/update-grub
# where 'foo' is the user name, 'ma' is the machine name, (ALL) are the users foo can impersonate.
# and NOPASSWD: is the trick to avoid the password prompt.
# the trick is limited to the command(s) listed by their fully qualified path
# and limited to the user and machine combination listed
#to see the changes have taken effect use
sudo -ll
And what if I do a command line modification? Say run sed(1) on a file to make a quick change? That I believe would happen if I used any GUI text editor, but I am not sure if it would happen if I did so scripted wise.
unless you included /usr/bin/sed in the list of commands, it would still ask you for a password.
i would not recommend doing this for something as easily fat fingered as running sed on a file owned by root.
1 Like
I want to clarify, that I absolutely want a password to prompt before I do anything outside of $HOME. Is this powered by a certain KDE library or does the kde polkit agent do this?
if you go this route then you will be able to use the command anywhere without a password prompt.
my example shows ls because if you try to ls /root it will tell you to begger off, but if you do sudo ls /root it will ask you for a password
so i gave myself blanket permission to be able to do sudo ls /root without it asking me for a password.
this comes in handy for scripts where you don’t want to hard code the password into a plain text document.
I never add words to that list and I don’t recommend it for security reasons.
what is the security concern?
can you elaborate?
There’s been a bit of confusion with what I’m aiming to do. This is not about a security concern, but rather what is the recommended way in say python or bash get permissions to do something like update a package or modify a system wide config file. I want to make a graphical frontend to do some administration tasks. For things like that, I could use sudo, but I was wondering if there was a more reliable way. Sort of trying to avoid shoving a square into a triangle hole sort of situation.
I went to Linux for the added security without having to add security software on top of the OS so I’m not deliberately open various aspects of the OS up to just anyone who walks by to be able to changes things.
Both sudo and pkexec are fine. I’d go with pkexec just because it makes for a fine UI and because when it cannot create a window (like in a TTY) it falls back to asking like sudo, but sudo does have more options.
The bad practice you should avoid is running a whole script as sudo. A good practice you may want to consider is to check in this and any following script whether the user is trying to run the script as root or not, usually you don’t want that even when there are root actions in the script.
Since you want to make a graphical frontend, you could try kdialog too.
In the end, though, this isn’t really related to KDE.
1 Like